Malware Analysis Report

2025-03-14 21:46

Sample ID 250205-sr38sstpaq
Target http://duckduckgo.com
Tags
google microsoft defense_evasion discovery execution persistence phishing privilege_escalation spyware stealer trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file http://duckduckgo.com was found to be: Likely malicious.

Malicious Activity Summary

google microsoft defense_evasion discovery execution persistence phishing privilege_escalation spyware stealer trojan

Drops file in Drivers directory

Creates new service(s)

Downloads MZ/PE file

Loads dropped DLL

Reads user/profile data of web browsers

Event Triggered Execution: Component Object Model Hijacking

Executes dropped EXE

Blocklisted process makes network request

Checks whether UAC is enabled

Adds Run key to start application

Checks installed software on the system

Enumerates connected drives

Drops file in System32 directory

Detected potential entity reuse from brand GOOGLE.

Detected potential entity reuse from brand MICROSOFT.

Subvert Trust Controls: Mark-of-the-Web Bypass

Drops file in Windows directory

Drops file in Program Files directory

Launches sc.exe

Browser Information Discovery

Enumerates physical storage devices

Command and Scripting Interpreter: PowerShell

Event Triggered Execution: Netsh Helper DLL

System Location Discovery: System Language Discovery

Modifies system certificate store

Suspicious use of SetWindowsHookEx

Checks processor information in registry

Uses Task Scheduler COM API

Suspicious use of WriteProcessMemory

Suspicious behavior: EnumeratesProcesses

NTFS ADS

Suspicious behavior: GetForegroundWindowSpam

Suspicious behavior: LoadsDriver

System policy modification

Modifies data under HKEY_USERS

Modifies registry key

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Modifies registry class

Uses Volume Shadow Copy service COM API

Uses Volume Shadow Copy WMI provider

Modifies Internet Explorer settings

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2025-02-05 15:22

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2025-02-05 15:22

Reported

2025-02-05 15:40

Platform

win7-20241023-en

Max time kernel

600s

Max time network

899s

Command Line

"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "http://duckduckgo.com"

Signatures

Creates new service(s)

persistence execution

Drops file in Drivers directory

Description Indicator Process Target
File created C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A

Event Triggered Execution: Component Object Model Hijacking

persistence privilege_escalation

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\Yandex.exe N/A
N/A N/A C:\Users\Admin\Downloads\Yandex.exe N/A
N/A N/A C:\Users\Admin\Downloads\OperaSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS09880ED8\setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Yandex.exe N/A
N/A N/A C:\Users\Admin\Downloads\Yandex.exe N/A
N/A N/A C:\Users\Admin\Downloads\Yandex.exe N/A
N/A N/A C:\Users\Admin\Downloads\Yandex.exe N/A
N/A N/A C:\Users\Admin\Downloads\Yandex.exe N/A
N/A N/A C:\Users\Admin\Downloads\Yandex.exe N/A
N/A N/A C:\Users\Admin\Downloads\TelamonCleaner_id67a383f35fbe1sp.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-0VOO7.tmp\TelamonCleaner_id67a383f35fbe1sp.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-3TD1U.tmp\tt-installer-helper.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-3TD1U.tmp\tt-installer-helper.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-GN1OF.tmp\is-78S6R.tmp N/A
N/A N/A C:\Users\Admin\Downloads\Setup_ASTER2600.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\D24D6AB0\T0002_mutewizard.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\D24D6AB0\T0001_VC_redist.x64.exe N/A
N/A N/A C:\Windows\Temp\{3147B5F3-10C2-499A-A9B9-072344498796}\.cr\T0001_VC_redist.x64.exe N/A
N/A N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\ashampoo_music_studio_11_11.0.3_sm.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-5KLOB.tmp\ashampoo_music_studio_11_11.0.3_sm.tmp N/A
N/A N/A C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
N/A N/A C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe N/A
N/A N/A C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\Yandex.exe N/A
N/A N/A C:\Users\Admin\Downloads\Yandex.exe N/A
N/A N/A C:\Users\Admin\Downloads\AlephNote_1.6.33\AlephNote.exe N/A
N/A N/A C:\Users\Admin\Downloads\Yandex.exe N/A
N/A N/A C:\Users\Admin\Downloads\Yandex.exe N/A
N/A N/A C:\Users\Admin\Downloads\TelamonCleaner_id67a383f35fbe1sp.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-0VOO7.tmp\TelamonCleaner_id67a383f35fbe1sp.tmp N/A
N/A N/A C:\Windows\SysWOW64\cmd.exe N/A
N/A N/A C:\Windows\SysWOW64\cmd.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_log-analyzer-release-1.0.1.83.zip\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-GN1OF.tmp\is-78S6R.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-GN1OF.tmp\is-78S6R.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-GN1OF.tmp\is-78S6R.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-GN1OF.tmp\is-78S6R.tmp N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A C:\Users\Admin\Downloads\Setup_ASTER2600.exe N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A C:\Users\Admin\Downloads\Setup_ASTER2600.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup_ASTER2600.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup_ASTER2600.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\D24D6AB0\T0001_VC_redist.x64.exe N/A
N/A N/A C:\Windows\Temp\{3147B5F3-10C2-499A-A9B9-072344498796}\.cr\T0001_VC_redist.x64.exe N/A
N/A N/A C:\Windows\Temp\{3147B5F3-10C2-499A-A9B9-072344498796}\.cr\T0001_VC_redist.x64.exe N/A
N/A N/A C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\ashampoo_music_studio_11_11.0.3_sm.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-5KLOB.tmp\ashampoo_music_studio_11_11.0.3_sm.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-5KLOB.tmp\ashampoo_music_studio_11_11.0.3_sm.tmp N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Windows\System32\regsvr32.exe N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
N/A N/A C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
N/A N/A C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
N/A N/A C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Reads user/profile data of web browsers

spyware stealer

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce\{77169412-f642-45e7-b533-0c6f48de12f9} = "\"C:\\ProgramData\\Package Cache\\{77169412-f642-45e7-b533-0c6f48de12f9}\\VC_redist.x64.exe\" /burn.runonce" C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A

Blocklisted process makes network request

Description Indicator Process Target
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

defense_evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\E: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\O: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\R: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\V: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\W: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\B: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\G: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\J: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\M: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\U: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\S: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\X: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\A: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\I: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\N: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\P: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Q: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Z: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\H: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\K: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\L: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\T: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Y: C:\Windows\system32\msiexec.exe N/A

Detected potential entity reuse from brand GOOGLE.

phishing google
Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Detected potential entity reuse from brand MICROSOFT.

phishing microsoft
Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\system32\concrt140.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\vcamp140.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\vcruntime140.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3130B1871A126520A8C47861EFE3ED4D C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015 C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\698460A0B6E60F2F602361424D832905_8BB23D43DE574E82F2BEE0DF0EC47EEB C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6DB145CFEEC544B1582FED1ADA3370DD C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3E3E9689537B6B136ECF210088069D55_E93D4349D1D2AF4AE2F3CBFF382A5C9D C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File created C:\Windows\system32\msvcp140_atomic_wait.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\mfc140rus.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\mfc140esn.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B2238AACCEDC3F1FFE8E7EB5F575EC9 C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\37C951188967C8EB88D99893D9D191FE C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9CB4373A4252DE8D2212929836304EC5_1AB74AA2E3A56E1B8AD8D3FEC287554E C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\mfc140kor.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\mfc140u.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\mfcm140u.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\66AE3BFDF94A732B262342AD2154B86E_0D0888CE7AC1F2D5AD77780722B1FE14 C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\vcruntime140_1.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\42B9A473B4DAF01285A36B4D3C7B1662_178C086B699FD6C56B804AF3EF759CB5 C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E534EE129F27D55460CE17FD628216_56DB209C155B5A05FCBF555DF7E6D1BB C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\37C951188967C8EB88D99893D9D191FE C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C8E534EE129F27D55460CE17FD628216_1130D9B25898B0DB0D4F04DC5B93F141 C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\msvcp140_1.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\mfc140deu.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357 C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5080DC7A65DB6A5960ECD874088F3328_79CFD3DF2894C4BFDA2ADFD6675FA18B C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\msvcp140.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B8CC409ACDBF2A2FE04C56F2875B1FD6 C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\572BF21E454637C9F000BE1AF9B1E1A9 C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5080DC7A65DB6A5960ECD874088F3328_79CFD3DF2894C4BFDA2ADFD6675FA18B C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F90F18257CBB4D84216AC1E1F3BB2C76 C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3130B1871A126520A8C47861EFE3ED4D C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\vcamp140.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\vcomp140.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\mfc140.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3E3E9689537B6B136ECF210088069D55_A925FAB5FFC3CEDB8E62B2DCCBBBB4F2 C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2F23D0F5E4D72862517E1CB26A329742_59C6B5742244136A08A70F9396A5A57A C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File created C:\Windows\system32\vcruntime140_threads.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\mfc140enu.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2F23D0F5E4D72862517E1CB26A329742_59C6B5742244136A08A70F9396A5A57A C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\572BF21E454637C9F000BE1AF9B1E1A9 C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\mfc140esn.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\mfc140.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\66AE3BFDF94A732B262342AD2154B86E_0D0888CE7AC1F2D5AD77780722B1FE14 C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3E3E9689537B6B136ECF210088069D55_E93D4349D1D2AF4AE2F3CBFF382A5C9D C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\mfc140u.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\696F3DE637E6DE85B458996D49D759AD C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\698460A0B6E60F2F602361424D832905_8BB23D43DE574E82F2BEE0DF0EC47EEB C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C0018BB1B5834735BFA60CD063B31956 C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\msvcp140_codecvt_ids.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\system32\mfcm140.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7396C420A8E1BC1DA97F1AF0D10BAD21 C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C8E534EE129F27D55460CE17FD628216_56DB209C155B5A05FCBF555DF7E6D1BB C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C0018BB1B5834735BFA60CD063B31956 C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9CB4373A4252DE8D2212929836304EC5_1AB74AA2E3A56E1B8AD8D3FEC287554E C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\357F04AD41BCF5FE18FCB69F60C6680F_302C92F9A4A70ED9959CE3EA32202076 C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File created C:\Windows\system32\mfc140jpn.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\42B9A473B4DAF01285A36B4D3C7B1662_178C086B699FD6C56B804AF3EF759CB5 C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_50385F8EB1F713E33924A830D7A2A41C C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7D11549FC90445E1CE90F96A21958A17_7122C10800ABD7B440413489C6913A51 C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File created C:\Windows\system32\msvcp140.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\system32\mfcm140.dll C:\Windows\system32\msiexec.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File opened for modification C:\Program Files\EnigmaSoft\SpyHunter\Data\ScanHistory.dat-journal C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Data\Notifications.dat C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File created C:\Program Files (x86)\RU-Software\Log-Analyzer\is-RFQ0M.tmp C:\Users\Admin\AppData\Local\Temp\is-GN1OF.tmp\is-78S6R.tmp N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Native.exe C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\7z.dll C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\eula.hash C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Logs\20250205_153442.krn.log C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Defs\Opt\full.dat C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files (x86)\RU-Software\Log-Analyzer\unins000.dat C:\Users\Admin\AppData\Local\Temp\is-GN1OF.tmp\is-78S6R.tmp N/A
File created C:\Program Files (x86)\RU-Software\Log-Analyzer\is-F361Q.tmp C:\Users\Admin\AppData\Local\Temp\is-GN1OF.tmp\is-78S6R.tmp N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\purl.dat C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\Dutch.lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\Romanian.lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\Ukrainian.lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File opened for modification C:\Program Files (x86)\RU-Software\Log-Analyzer\unins000.dat C:\Users\Admin\AppData\Local\Temp\is-GN1OF.tmp\is-78S6R.tmp N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\Chinese (Traditional).lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\Korean.lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\Turkish.lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Data\CrCache.dat C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\Japanese.lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\Portuguese (Portugal).lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\ShShellExt.dll C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\Albanian.lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\Croatian.lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\Italian.lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\Swedish.lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Data\TrIgnore.dat C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\Norwegian.lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\Portuguese (Brazil).lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\Slovene.lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files (x86)\RU-Software\Log-Analyzer\is-BD3PR.tmp C:\Users\Admin\AppData\Local\Temp\is-GN1OF.tmp\is-78S6R.tmp N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\license.txt C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\English.lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Defs\full.def C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Temp\Opt\2023101901.ecf C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\Czech.lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\Danish.lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\Lithuanian.lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Logs\20250205_153443.sh5.log C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe N/A
File created C:\Program Files (x86)\RU-Software\Log-Analyzer\is-8O5PR.tmp C:\Users\Admin\AppData\Local\Temp\is-GN1OF.tmp\is-78S6R.tmp N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\German.lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\Serbian.lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Data\s3cfg C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\Chinese (Simplified).lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\French.lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\Hungarian.lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\Indonesian.lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\WebSecurityNative.exe C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\Russian.lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\data\acpwl.dat C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\Finnish.lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File opened for modification C:\Program Files\EnigmaSoft\SpyHunter\Data\ScanHistory.dat C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Logs\ShMonitor.log C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe N/A
File created C:\Program Files (x86)\RU-Software\Log-Analyzer\is-3NH53.tmp C:\Users\Admin\AppData\Local\Temp\is-GN1OF.tmp\is-78S6R.tmp N/A
File created C:\Program Files (x86)\RU-Software\Log-Analyzer\Language\is-B7GLM.tmp C:\Users\Admin\AppData\Local\Temp\is-GN1OF.tmp\is-78S6R.tmp N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\Bulgarian.lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\Spanish.lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\Greek.lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\data\acpdata.dat C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File opened for modification C:\Program Files\EnigmaSoft\SpyHunter\Temp\Opt\2023101901.ecf C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
File created C:\Program Files\EnigmaSoft\SpyHunter\Languages\Polish.lng C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\Installer\f7e5a1d.msi C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Tasks\EsgInstallerTask87.job C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File opened for modification C:\Windows\Installer\f7e59f3.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\ C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\f7e5a07.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\f7e5a07.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification \??\c:\windows\installer\{ac76ba86-7ad7-1033-7b44-a90000000001}\pdffile_8.ico C:\Program Files\Mozilla Firefox\firefox.exe N/A
File opened for modification C:\Windows\Installer\MSI5E7B.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Tasks\EsgInstallerTask87.job C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
File opened for modification C:\Windows\Installer\f7e5a0a.ipi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\WindowsUpdate.log C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe N/A
File created C:\Windows\Installer\f7e59f6.ipi C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\f7e5a0a.ipi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI616E.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI61AE.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\f7e59f6.ipi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\WindowsUpdate.log C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
File created C:\Windows\Installer\f7e59f3.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI5DDD.tmp C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\f7e5a06.msi C:\Windows\system32\msiexec.exe N/A

Subvert Trust Controls: Mark-of-the-Web Bypass

defense_evasion
Description Indicator Process Target
File created C:\Users\Admin\Downloads\TelamonCleaner_id67a383f35fbe1sp.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\TelamonCleaner_id67a3842933962sp.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\Setup_ASTER2600.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\Yandex.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\TelamonCleaner_id67a383f719b5asp.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\ZonaSetup64[6mP1u]-3.0.0.1.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\ashampoo_music_studio_11_11.0.3_sm.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\OperaSetup.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A

Browser Information Discovery

discovery

Command and Scripting Interpreter: PowerShell

execution
Description Indicator Process Target
N/A N/A C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe N/A

Enumerates physical storage devices

Event Triggered Execution: Netsh Helper DLL

persistence privilege_escalation
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key value enumerated \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\NetSh C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key value enumerated \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\NetSh C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\TelamonCleaner_id67a383f35fbe1sp.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\Yandex.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\Temp\{3147B5F3-10C2-499A-A9B9-072344498796}\.cr\T0001_VC_redist.x64.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\is-5KLOB.tmp\ashampoo_music_studio_11_11.0.3_sm.tmp N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\cmd.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\Yandex.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\Yandex.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\is-3TD1U.tmp\tt-installer-helper.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\Yandex.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\cmd.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\Yandex.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\is-0VOO7.tmp\TelamonCleaner_id67a383f35fbe1sp.tmp N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\is-3TD1U.tmp\tt-installer-helper.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\is-GN1OF.tmp\is-78S6R.tmp N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\D24D6AB0\T0001_VC_redist.x64.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\Yandex.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\Yandex.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\AlephNote_1.6.33\AlephNote.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\OperaSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\Temp1_log-analyzer-release-1.0.1.83.zip\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\ashampoo_music_studio_11_11.0.3_sm.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\Yandex.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Identifier C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Identifier C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000024b0827b07a16b48bc9b44b4c41b980b000000000200000000001066000000010000200000007ecfb0a0b43f464053cef5427906096d24b4f833d42cbf19417b68b08785c3b7000000000e8000000002000020000000ff99b687db636476169d719e24fc6d723ac1942eea50d8f1cf7fd092bd462eb82000000088f9924bf6e3e1a72c85e4d7f792453189b745262a5619151416afbe8ca28ab84000000057f9eb6f751d130009b685221c20c60fc5ccebcc8f3ac8d9be1637ff3f1ed3c01c06fb119d3c6279291caa9ec8c2a9f4755051cda800c15b9673234ad9d1ac39 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000024b0827b07a16b48bc9b44b4c41b980b000000000200000000001066000000010000200000006ee5f9301c1a8801a293623a431fc2341a38b75a4f36e3f61bf75f08f3d0547f000000000e8000000002000020000000affd8f28bfd9c525135513c34153ba91d6558863679a1c2fb8625707b84bab6d900000005c187f0671b873dc8fc4d41f49c08b4ac994a9acc5aaf98c1d745960a20f27dd131d87294ef9f2c2bcf0b3928ed1b9e722e41173db2958b678cdce3345db568ce6b8fffa3ff50fbd0cb66082ad02dee12e07b82f7dc0be14e8c927982b941aac33bed2249e2934926257476bdc93e9d76d9cd81f594dd3bb1564d2859ebff06e0929b727fdc922b893f595452da7f6ce400000006c609b005536649d7fcc2f20bc07730426e54c034ca2ab0af68455f983adea278fa4466e8b67c9b1ec18ce413988e1e8b7355330798aa7471842e5f69a6c64b1 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{B73637E9-E3D6-11EF-8F62-F2F62FDDD033} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000000000001000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 60176d8de377db01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\My C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\Certificates C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key deleted \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2E C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\ROOT\CTLs C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\CRLs C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPublisher C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPublisher\CRLs C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Set value (data) \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\8D4C4A23BA9EE84EA7348FA98CC6E65FBB69DE7B\Blob = 0300000001000000140000008d4c4a23ba9ee84ea7348fa98cc6e65fbb69de7b140000000100000014000000bbaf7e023dfaa6f13c848eadee3898ecd93232d4040000000100000010000000ab9b109ce8934f11e7cd22ed550680da0f0000000100000030000000a768343c4aeaced5c72f3571938864983a67ed49031c1da2495863caf65fe507011f7f0e70b6cb40e5631c07721be03419000000010000001000000082218ffb91733e64136be5719f57c3a11800000001000000100000002aa1c05e2ae606f198c2c5e937c97aa22000000001000000820500003082057e30820466a003020102021067def43ef17bdae24ff5940606d2c084300d06092a864886f70d01010c0500307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c18414141204365727469666963617465205365727669636573301e170d3034303130313030303030305a170d3238313233313233353935395a308185310b3009060355040613024742311b30190603550408131247726561746572204d616e636865737465723110300e0603550407130753616c666f7264311a3018060355040a1311434f4d4f444f204341204c696d69746564312b302906035504031322434f4d4f444f205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010091e85492d20a56b1ac0d24ddc5cf446774992b37a37d23700071bc53dfc4fa2a128f4b7f1056bd9f7072b7617fc94b0f17a73de3b00461eeff1197c7f4863e0afa3e5cf993e6347ad9146be79cb385a0827a76af7190d7ecfd0dfa9c6cfadfb082f4147ef9bec4a62f4f7f997fb5fc674372bd0c00d689eb6b2cd3ed8f981c14ab7ee5e36efcd8a8e49224da436b62b855fdeac1bc6cb68bf30e8d9ae49b6c6999f878483045d5ade10d3c4560fc32965127bc67c3ca2eb66bea46c7c720a0b11f65de4808baa44ea9f283463784ebe8cc814843674e722a9b5cbd4c1b288a5c227bb4ab98d9eee05183c309464e6d3e99fa9517da7c3357413c8d51ed0bb65caf2c631adf57c83fbce95dc49baf4599e2a35a24b4baa9563dcf6faaff4958bef0a8fff4b8ade937fbbab8f40b3af9e843421e89d884cb13f1d9bbe18960b88c2856ac141d9c0ae771ebcf0edd3da996a148bd3cf7afb50d224cc01181ec563bf6d3a2e25bb7b204225295809369e88e4c65f191032d707402ea8b671529695202bbd7df506a5546bfa0a328617f70d0c3a2aa2c21aa47ce289c064576bf821827b4d5aeb4cb50e66bf44c867130e9a6df1686e0d8ff40ddfbd042887fa3333a2e5c1e41118163ce18716b2beca68ab7315c3a6a47e0c37959d6201aaff26a98aa72bc574ad24b9dbb10fcb04c41e5ed1d3d5e289d9cccbfb351daa747e584530203010001a381f23081ef301f0603551d23041830168014a0110a233e96f107ece2af29ef82a57fd030a4b4301d0603551d0e04160414bbaf7e023dfaa6f13c848eadee3898ecd93232d4300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff30110603551d20040a300830060604551d200030430603551d1f043c303a3038a036a0348632687474703a2f2f63726c2e636f6d6f646f63612e636f6d2f414141436572746966696361746553657276696365732e63726c303406082b0601050507010104283026302406082b060105050730018618687474703a2f2f6f6373702e636f6d6f646f63612e636f6d300d06092a864886f70d01010c050003820101007ff25635b06d954a4e74af3ae26f018b87d33297edf840d2775311d7c7162ec69de64856be80a9f8bc78d2c86317ae8ced1631fa1f18c90ec7ee48799fc7c9b9bccc8815e36861d19f1d4b6181d7560463c2086926f0f0e52fdfc00a2ba905f4025a6a89d7b4844295e3ebf776205e35d9c0cd2508134c71388e87b0338491991e91f1ac9e3fa71d60812c364154a0e246060bac1bc799368c5ea10ba49ed9424624c5c55b81aeada0a0dc9f36b88dc21d15fa88ad8110391f44f02b9fdd10540c0734b136d114fd07023dff7255ab27d62c814171298d41f450571a7e6560afcbc5287698aeb3a853768be621526bea21d0840e494e8853da922ee71d0866d7 C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key deleted \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\ROOT C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPublisher\CTLs C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\ROOT\CRLs C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPublisher\CRLs C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key deleted \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\8D4C4A23BA9EE84EA7348FA98CC6E65FBB69DE7B C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\CTLs C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPublisher C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPublisher\Certificates C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2F C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\CTLs C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPublisher\Certificates C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\30 C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key deleted \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2F C:\Windows\system32\msiexec.exe N/A
Set value (data) \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\31\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000 C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2E C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\CRLs C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\31 C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key deleted \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\30 C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPublisher\CTLs C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\B41940958CF92C44EA84C5F7036A30CE\SourceList C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{D71FC887-4726-44C5-AAE3-A27DE8B8322F}\ = "SHContextMenuExt Class" C:\Windows\System32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{D71FC887-4726-44C5-AAE3-A27DE8B8322F}\InprocServer32 C:\Windows\System32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\{D71FC887-4726-44C5-AAE3-A27DE8B8322F}\ = "SH5 Shell Extension" C:\Windows\System32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\4AD2D065E69086842BA2AD4681DF6EBF\SourceList\Media\1 = ";" C:\Windows\system32\msiexec.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8A567BD6FA501A947AD1F646E53EEC14\SourceList\Media C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\88AAB0B9F51EF1A3CA0C2B609EDD7FC1 C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\4AD2D065E69086842BA2AD4681DF6EBF\Language = "1033" C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\B41940958CF92C44EA84C5F7036A30CE\AdvertiseFlags = "388" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\B41940958CF92C44EA84C5F7036A30CE\SourceList\Net\1 = "C:\\ProgramData\\Package Cache\\{5904914B-9FC8-44C2-AE48-5C7F30A603EC}v14.40.33816\\packages\\vcRuntimeAdditional_amd64\\" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\B41940958CF92C44EA84C5F7036A30CE\SourceList\Media\1 = ";" C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Installer\Dependencies\VC,redist.x64,amd64,14.40,bundle C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8800A266DCF6DD54E97A86760485EA5D\SourceList\Net C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Microsoft.VS.VC_RuntimeMinimumVSU_amd64,v14\DisplayName = "Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33816" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\4AD2D065E69086842BA2AD4681DF6EBF\VC_Runtime_Minimum C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\4AD2D065E69086842BA2AD4681DF6EBF\ProductName = "Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33816" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\4AD2D065E69086842BA2AD4681DF6EBF\PackageCode = "EF1C5BBCEEFD25C458AFD3A70929F953" C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\4AD2D065E69086842BA2AD4681DF6EBF\Version = "237536280" C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Installer\Dependencies\Microsoft.VS.VC_RuntimeAdditionalVSU_amd64,v14 C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\VC,redist.x64,amd64,14.40,bundle\DisplayName = "Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.40.33816" C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\VC,redist.x64,amd64,14.40,bundle\Dependents\{77169412-f642-45e7-b533-0c6f48de12f9} C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\B41940958CF92C44EA84C5F7036A30CE\SourceList\Net C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Installer\Dependencies\Microsoft.VS.VC_RuntimeAdditionalVSU_amd64,v14 C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Microsoft.VS.VC_RuntimeAdditionalVSU_amd64,v14\Dependents\{57A73DF6-4BA9-4C1D-BBBB-517289FF6C13} C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8A567BD6FA501A947AD1F646E53EEC14\SourceList\Net C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\B41940958CF92C44EA84C5F7036A30CE\Assignment = "1" C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\B41940958CF92C44EA84C5F7036A30CE\InstanceType = "0" C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Microsoft.VS.VC_RuntimeAdditionalVSU_amd64,v14\Dependents\{77169412-f642-45e7-b533-0c6f48de12f9} C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\{D71FC887-4726-44C5-AAE3-A27DE8B8322F} C:\Windows\System32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\VC,redist.x64,amd64,14.40,bundle\ = "{77169412-f642-45e7-b533-0c6f48de12f9}" C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\4AD2D065E69086842BA2AD4681DF6EBF\Assignment = "1" C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\4AD2D065E69086842BA2AD4681DF6EBF\SourceList\Net C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{026941B7-ABD1-4F16-ADB7-E811B8BAC354}\1.0 C:\Windows\System32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{026941B7-ABD1-4F16-ADB7-E811B8BAC354}\1.0\0 C:\Windows\System32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{026941B7-ABD1-4F16-ADB7-E811B8BAC354}\1.0\HELPDIR\ = "C:\\Program Files\\EnigmaSoft\\SpyHunter" C:\Windows\System32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\4AD2D065E69086842BA2AD4681DF6EBF\SourceList\LastUsedSource = "n;1;C:\\ProgramData\\Package Cache\\{560D2DA4-096E-4868-B22A-DA6418FDE6FB}v14.40.33816\\packages\\vcRuntimeMinimum_amd64\\" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\B41940958CF92C44EA84C5F7036A30CE\Servicing_Key C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\B41940958CF92C44EA84C5F7036A30CE\PackageCode = "5E78E5602FA7A974088E3902313D8AF2" C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8800A266DCF6DD54E97A86760485EA5D C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\4AD2D065E69086842BA2AD4681DF6EBF\Servicing_Key C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\B41940958CF92C44EA84C5F7036A30CE\Version = "237536280" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\B41940958CF92C44EA84C5F7036A30CE\SourceList\LastUsedSource = "n;1;C:\\ProgramData\\Package Cache\\{5904914B-9FC8-44C2-AE48-5C7F30A603EC}v14.40.33816\\packages\\vcRuntimeAdditional_amd64\\" C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{D71FC887-4726-44C5-AAE3-A27DE8B8322F} C:\Windows\System32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{026941B7-ABD1-4F16-ADB7-E811B8BAC354}\1.0\FLAGS C:\Windows\System32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Microsoft.VS.VC_RuntimeMinimumVSU_amd64,v14\Version = "14.40.33816" C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\4AD2D065E69086842BA2AD4681DF6EBF\SourceList C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\B41940958CF92C44EA84C5F7036A30CE\ProductName = "Microsoft Visual C++ 2022 X64 Additional Runtime - 14.40.33816" C:\Windows\system32\msiexec.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\09A86F63C932FD435BC8463B1035EC53 C:\Windows\system32\msiexec.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8A567BD6FA501A947AD1F646E53EEC14\SourceList C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{D71FC887-4726-44C5-AAE3-A27DE8B8322F}\InprocServer32\ThreadingModel = "Apartment" C:\Windows\System32\regsvr32.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\4AD2D065E69086842BA2AD4681DF6EBF\Clients = 3a0000000000 C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Microsoft.VS.VC_RuntimeMinimumVSU_amd64,v14\Dependents\{77169412-f642-45e7-b533-0c6f48de12f9} C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\B41940958CF92C44EA84C5F7036A30CE\VC_Runtime_Additional C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{026941B7-ABD1-4F16-ADB7-E811B8BAC354}\1.0\0\win64 C:\Windows\System32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Installer\Dependencies\Microsoft.VS.VC_RuntimeMinimumVSU_amd64,v14 C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\4AD2D065E69086842BA2AD4681DF6EBF\Provider C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\4AD2D065E69086842BA2AD4681DF6EBF\SourceList\PackageName = "vc_runtimeMinimum_x64.msi" C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{026941B7-ABD1-4F16-ADB7-E811B8BAC354}\1.0\HELPDIR C:\Windows\System32\regsvr32.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8800A266DCF6DD54E97A86760485EA5D\SourceList\Media C:\Windows\system32\msiexec.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\88AAB0B9F51EF1A3CA0C2B609EDD7FC1 C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\B41940958CF92C44EA84C5F7036A30CE\SourceList\Media C:\Windows\system32\msiexec.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8800A266DCF6DD54E97A86760485EA5D\SourceList C:\Windows\system32\msiexec.exe N/A

Modifies registry key

Description Indicator Process Target
N/A N/A C:\Windows\system32\reg.exe N/A
N/A N/A C:\Windows\system32\reg.exe N/A

Modifies system certificate store

defense_evasion spyware trojan
Description Indicator Process Target
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436\Blob = 1900000001000000100000000f3a0527d242de2dc98e5cfcb1e991ee030000000100000014000000a8985d3a65e5e5c4b2d7d66d40c6dd2fb19c54361d000000010000001000000059779e39e21a2e3dfced6857ed5c5fd90b000000010000001200000044006900670069004300650072007400000014000000010000001400000003de503556d14cbb66f0a3e21b1bc397b23dd155090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b060105050703080f0000000100000014000000b34ddd372ed92e8f2abfbb9e20a9d31f204f194b2000000001000000b3030000308203af30820297a0030201020210083be056904246b1a1756ac95991c74a300d06092a864886f70d01010505003061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100e23be11172dea8a4d3a357aa50a28f0b7790c9a2a5ee12ce965b010920cc0193a74e30b753f743c46900579de28d22dd870640008109cece1b83bfdfcd3b7146e2d666c705b37627168f7b9e1e957deeb748a308dad6af7a0c3906657f4a5d1fbc17f8abbeee28d7747f7a78995985686e5c23324bbf4ec0e85a6de370bf7710bffc01f685d9a844105832a97518d5d1a2be47e2276af49a33f84908608bd45fb43a84bfa1aa4a4c7d3ecf4f5f6c765ea04b37919edc22e66dce141a8e6acbfecdb3146417c75b299e32bff2eefad30b42d4abb74132da0cd4eff881d5bb8d583fb51be84928a270da3104ddf7b216f24c0a4e07a8ed4a3d5eb57fa390c3af270203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041403de503556d14cbb66f0a3e21b1bc397b23dd155301f0603551d2304183016801403de503556d14cbb66f0a3e21b1bc397b23dd155300d06092a864886f70d01010505000382010100cb9c37aa4813120afadd449c4f52b0f4dfae04f5797908a32418fc4b2b84c02db9d5c7fef4c11f58cbb86d9c7a74e79829ab11b5e370a0a1cd4c8899938c9170e2ab0f1cbe93a9ff63d5e40760d3a3bf9d5b09f1d58ee353f48e63fa3fa7dbb466df6266d6d16e418df22db5ea774a9f9d58e22b59c04023ed2d2882453e7954922698e08048a837eff0d6796016deace80ecd6eac4417382f49dae1453e2ab93653cf3a5006f72ee8c457496c612118d504ad783c2c3a806ba7ebaf1514e9d889c1b9386ce2916c8aff64b977255730c01b24a3e1dce9df477cb5b424080530ec2dbd0bbf45bf50b9a9f3eb980112adc888c698345f8d0a3cc6e9d595956dde C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349\Blob = 040000000100000010000000497904b0eb8719ac47b0bc11519b74d00f00000001000000140000003e8e6487f8fd27d322a269a71edaac5d57811286090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030853000000010000002600000030243022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c00b00000001000000180000004300b7004f00b7004d00b7004f00b7004400b7004f000000140000000100000014000000a0110a233e96f107ece2af29ef82a57fd030a4b41d00000001000000100000002e0d6875874a44c820912e85e964cfdb030000000100000014000000d1eb23a46d17d68fd92564c2f1f1601764d8e3491900000001000000100000002aa1c05e2ae606f198c2c5e937c97aa2200000000100000036040000308204323082031aa003020102020101300d06092a864886f70d0101050500307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c18414141204365727469666963617465205365727669636573301e170d3034303130313030303030305a170d3238313233313233353935395a307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c1841414120436572746966696361746520536572766963657330820122300d06092a864886f70d01010105000382010f003082010a0282010100be409df46ee1ea76871c4d45448ebe46c883069dc12afe181f8ee402faf3ab5d508a16310b9a06d0c57022cd492d5463ccb66e68460b53eacb4c24c0bc724eeaf115aef4549a120ac37ab23360e2da8955f32258f3dedccfef8386a28c944f9f68f29890468427c776bfe3cc352c8b5e07646582c048b0a891f9619f762050a891c766b5eb78620356f08a1a13ea31a31ea099fd38f6f62732586f07f56bb8fb142bafb7aaccd6635f738cda0599a838a8cb17783651ace99ef4783a8dcf0fd942e2980cab2f9f0e01deef9f9949f12ddfac744d1b98b547c5e529d1f99018c7629cbe83c7267b3e8a25c7c0dd9de6356810209d8fd8ded2c3849c0d5ee82fc90203010001a381c03081bd301d0603551d0e04160414a0110a233e96f107ece2af29ef82a57fd030a4b4300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff307b0603551d1f047430723038a036a0348632687474703a2f2f63726c2e636f6d6f646f63612e636f6d2f414141436572746966696361746553657276696365732e63726c3036a034a0328630687474703a2f2f63726c2e636f6d6f646f2e6e65742f414141436572746966696361746553657276696365732e63726c300d06092a864886f70d010105050003820101000856fc02f09be8ffa4fad67bc64480ce4fc4c5f60058cca6b6bc1449680476e8e6ee5dec020f60d68d50184f264e01e3e6b0a5eebfbc745441bffdfc12b8c74f5af48960057f60b7054af3f6f1c2bfc4b97486b62d7d6bccd2f346dd2fc6e06ac3c334032c7d96dd5ac20ea70a99c1058bab0c2ff35c3acf6c37550987de53406c58effcb6ab656e04f61bdc3ce05a15c69ed9f15948302165036cece92173ec9b03a1e037ada015188ffaba02cea72ca910132cd4e50826ab229760f8905e74d4a29a53bdf2a968e0a26ec2d76cb1a30f9ebfeb68e756f2aef2e32b383a0981b56b85d7be2ded3f1ab7b263e2f5622c82d46a004150f139839f95e93696986e C:\Users\Admin\Downloads\Yandex.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436\Blob = 0f0000000100000014000000b34ddd372ed92e8f2abfbb9e20a9d31f204f194b090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000003de503556d14cbb66f0a3e21b1bc397b23dd1550b00000001000000120000004400690067006900430065007200740000001d000000010000001000000059779e39e21a2e3dfced6857ed5c5fd9030000000100000014000000a8985d3a65e5e5c4b2d7d66d40c6dd2fb19c54362000000001000000b3030000308203af30820297a0030201020210083be056904246b1a1756ac95991c74a300d06092a864886f70d01010505003061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100e23be11172dea8a4d3a357aa50a28f0b7790c9a2a5ee12ce965b010920cc0193a74e30b753f743c46900579de28d22dd870640008109cece1b83bfdfcd3b7146e2d666c705b37627168f7b9e1e957deeb748a308dad6af7a0c3906657f4a5d1fbc17f8abbeee28d7747f7a78995985686e5c23324bbf4ec0e85a6de370bf7710bffc01f685d9a844105832a97518d5d1a2be47e2276af49a33f84908608bd45fb43a84bfa1aa4a4c7d3ecf4f5f6c765ea04b37919edc22e66dce141a8e6acbfecdb3146417c75b299e32bff2eefad30b42d4abb74132da0cd4eff881d5bb8d583fb51be84928a270da3104ddf7b216f24c0a4e07a8ed4a3d5eb57fa390c3af270203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041403de503556d14cbb66f0a3e21b1bc397b23dd155301f0603551d2304183016801403de503556d14cbb66f0a3e21b1bc397b23dd155300d06092a864886f70d01010505000382010100cb9c37aa4813120afadd449c4f52b0f4dfae04f5797908a32418fc4b2b84c02db9d5c7fef4c11f58cbb86d9c7a74e79829ab11b5e370a0a1cd4c8899938c9170e2ab0f1cbe93a9ff63d5e40760d3a3bf9d5b09f1d58ee353f48e63fa3fa7dbb466df6266d6d16e418df22db5ea774a9f9d58e22b59c04023ed2d2882453e7954922698e08048a837eff0d6796016deace80ecd6eac4417382f49dae1453e2ab93653cf3a5006f72ee8c457496c612118d504ad783c2c3a806ba7ebaf1514e9d889c1b9386ce2916c8aff64b977255730c01b24a3e1dce9df477cb5b424080530ec2dbd0bbf45bf50b9a9f3eb980112adc888c698345f8d0a3cc6e9d595956dde C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 190000000100000010000000749966cecc95c1874194ca7203f9b6200300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d431d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0b000000010000001200000044006900670069004300650072007400000014000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b060105050703080f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa62000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2 C:\Users\Admin\Downloads\Yandex.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\SystemCertificates\CA\Certificates\D89E3BD43D5D909B47A18977AA9D5CE36CEE184C C:\Users\Admin\Downloads\Yandex.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\SystemCertificates\CA\Certificates\D89E3BD43D5D909B47A18977AA9D5CE36CEE184C\Blob = 030000000100000014000000d89e3bd43d5d909b47a18977aa9d5ce36cee184c1400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb040000000100000010000000285ec909c4ab0d2d57f5086b225799aa0f000000010000003000000013baa039635f1c5292a8c2f36aae7e1d25c025202e9092f5b0f53f5f752dfa9c71b3d1b8d9a6358fcee6ec75622fabf9190000000100000010000000ea6089055218053dd01e37e1d806eedf1800000001000000100000002aa1c05e2ae606f198c2c5e937c97aa22000000001000000850500003082058130820469a00302010202103972443af922b751d7d36c10dd313595300d06092a864886f70d01010c0500307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c18414141204365727469666963617465205365727669636573301e170d3139303331323030303030305a170d3238313233313233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a381f23081ef301f0603551d23041830168014a0110a233e96f107ece2af29ef82a57fd030a4b4301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff30110603551d20040a300830060604551d200030430603551d1f043c303a3038a036a0348632687474703a2f2f63726c2e636f6d6f646f63612e636f6d2f414141436572746966696361746553657276696365732e63726c303406082b0601050507010104283026302406082b060105050730018618687474703a2f2f6f6373702e636f6d6f646f63612e636f6d300d06092a864886f70d01010c05000382010100188751dc74213d9c8ae027b733d02eccecf0e6cb5e11de226f9b758e9e72fee4d6feaa1f9c962def034a7eaef48d6f723c433bc03febb8df5caaa9c6aef2fcd8eea37b43f686367c14e0cdf4f73ffedeb8b48af09196fefd43647efdccd201a17d7df81919c9422b13bf588bbaa4a266047688914e0c8914cea24dc932b3bae8141abc71f15bf0410b98000a220310e50cb1f9cd923719ed3bf1e43ab6f945132675afbbaaef3f7b773bd2c402913d1900d3175c39db3f7b180d45cd9385962f5ddf59164f3f51bdd545183fed4a8ee80661742316b50d50732744477f105d892a6b853114c4e8a96a4c80bc6a78cfb87f8e7672990c9dfed7910816a1a35f95 C:\Users\Admin\Downloads\Yandex.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349 C:\Users\Admin\Downloads\Yandex.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436 C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436\Blob = 04000000010000001000000079e4a9840d7d3a96d7c04fe2434c892e0f0000000100000014000000b34ddd372ed92e8f2abfbb9e20a9d31f204f194b090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000003de503556d14cbb66f0a3e21b1bc397b23dd1550b00000001000000120000004400690067006900430065007200740000001d000000010000001000000059779e39e21a2e3dfced6857ed5c5fd9030000000100000014000000a8985d3a65e5e5c4b2d7d66d40c6dd2fb19c54361900000001000000100000000f3a0527d242de2dc98e5cfcb1e991ee2000000001000000b3030000308203af30820297a0030201020210083be056904246b1a1756ac95991c74a300d06092a864886f70d01010505003061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100e23be11172dea8a4d3a357aa50a28f0b7790c9a2a5ee12ce965b010920cc0193a74e30b753f743c46900579de28d22dd870640008109cece1b83bfdfcd3b7146e2d666c705b37627168f7b9e1e957deeb748a308dad6af7a0c3906657f4a5d1fbc17f8abbeee28d7747f7a78995985686e5c23324bbf4ec0e85a6de370bf7710bffc01f685d9a844105832a97518d5d1a2be47e2276af49a33f84908608bd45fb43a84bfa1aa4a4c7d3ecf4f5f6c765ea04b37919edc22e66dce141a8e6acbfecdb3146417c75b299e32bff2eefad30b42d4abb74132da0cd4eff881d5bb8d583fb51be84928a270da3104ddf7b216f24c0a4e07a8ed4a3d5eb57fa390c3af270203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041403de503556d14cbb66f0a3e21b1bc397b23dd155301f0603551d2304183016801403de503556d14cbb66f0a3e21b1bc397b23dd155300d06092a864886f70d01010505000382010100cb9c37aa4813120afadd449c4f52b0f4dfae04f5797908a32418fc4b2b84c02db9d5c7fef4c11f58cbb86d9c7a74e79829ab11b5e370a0a1cd4c8899938c9170e2ab0f1cbe93a9ff63d5e40760d3a3bf9d5b09f1d58ee353f48e63fa3fa7dbb466df6266d6d16e418df22db5ea774a9f9d58e22b59c04023ed2d2882453e7954922698e08048a837eff0d6796016deace80ecd6eac4417382f49dae1453e2ab93653cf3a5006f72ee8c457496c612118d504ad783c2c3a806ba7ebaf1514e9d889c1b9386ce2916c8aff64b977255730c01b24a3e1dce9df477cb5b424080530ec2dbd0bbf45bf50b9a9f3eb980112adc888c698345f8d0a3cc6e9d595956dde C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 C:\Users\Admin\Downloads\Yandex.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 0f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa6090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f0b00000001000000120000004400690067006900430065007200740000001d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d432000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2 C:\Users\Admin\Downloads\Yandex.exe N/A

NTFS ADS

Description Indicator Process Target
File created C:\Users\Admin\Downloads\Yandex.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\OperaSetup.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\AlephNote_1.6.33.zip:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\ZonaSetup64[6mP1u]-3.0.0.1.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\TelamonCleaner_id67a3842933962sp.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\Setup_ASTER2600.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\TelamonCleaner_id67a383f35fbe1sp.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\TelamonCleaner_id67a383f719b5asp.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\log-analyzer-release-1.0.1.83.zip:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\ashampoo_music_studio_11_11.0.3_sm.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe N/A
N/A N/A C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
N/A N/A C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
N/A N/A C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
N/A N/A C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
N/A N/A C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
N/A N/A C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
N/A N/A C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A
N/A N/A C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-0VOO7.tmp\TelamonCleaner_id67a383f35fbe1sp.tmp N/A

Suspicious behavior: LoadsDriver

Description Indicator Process Target
N/A N/A C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Downloads\Yandex.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Downloads\Yandex.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Downloads\AlephNote_1.6.33\AlephNote.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\AppData\Local\Temp\is-0VOO7.tmp\TelamonCleaner_id67a383f35fbe1sp.tmp N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\AppData\Local\Temp\is-0VOO7.tmp\TelamonCleaner_id67a383f35fbe1sp.tmp N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\AppData\Local\Temp\is-0VOO7.tmp\TelamonCleaner_id67a383f35fbe1sp.tmp N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\system32\vssvc.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\system32\vssvc.exe N/A
Token: SeAuditPrivilege N/A C:\Windows\system32\vssvc.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeCreateTokenPrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeAssignPrimaryTokenPrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeLockMemoryPrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeMachineAccountPrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeTcbPrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeSystemtimePrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeCreatePermanentPrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeAuditPrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeChangeNotifyPrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeRemoteShutdownPrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeUndockPrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeSyncAgentPrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeEnableDelegationPrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeManageVolumePrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeImpersonatePrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeCreateGlobalPrivilege N/A C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\system32\msiexec.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1804 wrote to memory of 2052 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1804 wrote to memory of 2052 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1804 wrote to memory of 2052 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1804 wrote to memory of 2052 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1804 wrote to memory of 2052 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1804 wrote to memory of 2052 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1804 wrote to memory of 2052 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1804 wrote to memory of 2052 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1804 wrote to memory of 2052 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1804 wrote to memory of 2052 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1804 wrote to memory of 2052 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1804 wrote to memory of 2052 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 1920 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 1920 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 1920 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2960 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2724 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2724 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2724 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2724 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 2052 wrote to memory of 2724 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

System policy modification

defense_evasion
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe N/A

Uses Task Scheduler COM API

persistence

Uses Volume Shadow Copy WMI provider

ransomware

Uses Volume Shadow Copy service COM API

ransomware

Processes

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "http://duckduckgo.com"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url http://duckduckgo.com

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.0.1403523451\1969392840" -parentBuildID 20221007134813 -prefsHandle 1240 -prefMapHandle 1232 -prefsLen 20847 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f9e07509-307e-43cb-93b8-b89f3c2da079} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 1316 10aeab58 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.1.1246592697\309595935" -parentBuildID 20221007134813 -prefsHandle 1508 -prefMapHandle 1504 -prefsLen 21708 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1d5e36df-59b8-4129-8b2c-344010e7f480} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 1520 d6fe58 socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.2.822300963\1981712072" -childID 1 -isForBrowser -prefsHandle 2100 -prefMapHandle 2096 -prefsLen 21811 -prefMapSize 233444 -jsInitHandle 908 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2f7d7381-e6b4-402a-b5b6-cf70527b01b7} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 2112 1aacf558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.3.768879931\203673410" -childID 2 -isForBrowser -prefsHandle 2944 -prefMapHandle 2940 -prefsLen 26216 -prefMapSize 233444 -jsInitHandle 908 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a326a842-4d6f-4066-be7b-a2dab72878b7} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 2956 d61c58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.4.510501036\1531609120" -childID 3 -isForBrowser -prefsHandle 3500 -prefMapHandle 3600 -prefsLen 26275 -prefMapSize 233444 -jsInitHandle 908 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {de328859-289d-4182-9557-4dece7d3abed} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 3636 19634858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.5.819374828\1145717624" -childID 4 -isForBrowser -prefsHandle 3748 -prefMapHandle 3672 -prefsLen 26275 -prefMapSize 233444 -jsInitHandle 908 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8af93956-0a3f-4a56-a90f-50b7b53d1ef3} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 3736 1e7afd58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.6.513307749\1957619163" -childID 5 -isForBrowser -prefsHandle 3860 -prefMapHandle 3864 -prefsLen 26275 -prefMapSize 233444 -jsInitHandle 908 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0f5b96a4-5a52-4287-91be-82fa6e29dff6} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 3756 19636c58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.7.1170312994\1563592608" -childID 6 -isForBrowser -prefsHandle 4056 -prefMapHandle 4060 -prefsLen 26275 -prefMapSize 233444 -jsInitHandle 908 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6501d522-7520-4d35-a24f-96a977af3e0d} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 4044 1fc34d58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.8.890839503\523900906" -childID 7 -isForBrowser -prefsHandle 2172 -prefMapHandle 2408 -prefsLen 26531 -prefMapSize 233444 -jsInitHandle 908 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {30068351-e5e8-47ea-9e4e-903cd1da962c} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 3772 1b61e758 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.9.193811029\131400804" -childID 8 -isForBrowser -prefsHandle 1856 -prefMapHandle 3732 -prefsLen 26531 -prefMapSize 233444 -jsInitHandle 908 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {94578000-fc83-484a-8308-ade2951d563f} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 1964 175e0258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.10.1425931813\627969325" -childID 9 -isForBrowser -prefsHandle 4384 -prefMapHandle 4388 -prefsLen 26531 -prefMapSize 233444 -jsInitHandle 908 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c45d49db-9b39-4899-a000-163e3aeb759e} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 4372 1abc9c58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.11.687581338\520721189" -childID 10 -isForBrowser -prefsHandle 3952 -prefMapHandle 3828 -prefsLen 26531 -prefMapSize 233444 -jsInitHandle 908 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a0356753-e9ac-4794-b233-3333665c4d3e} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 3848 1e7ae558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.12.746108251\394233678" -childID 11 -isForBrowser -prefsHandle 3984 -prefMapHandle 4168 -prefsLen 26531 -prefMapSize 233444 -jsInitHandle 908 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {638a7486-a6bd-4fe3-b019-cea3c6697440} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 4160 2245a258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.13.1173620373\2007469962" -childID 12 -isForBrowser -prefsHandle 1944 -prefMapHandle 1876 -prefsLen 26796 -prefMapSize 233444 -jsInitHandle 908 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8549e103-9559-45d5-a5f2-41efb9a4fccf} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 3776 17575158 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.14.1364564755\1732343083" -childID 13 -isForBrowser -prefsHandle 1860 -prefMapHandle 1864 -prefsLen 26796 -prefMapSize 233444 -jsInitHandle 908 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2e28fef3-30e0-4da2-b90a-72194f56796b} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 1092 19634b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.0.737145632\884029792" -parentBuildID 20221007134813 -prefsHandle 1156 -prefMapHandle 1136 -prefsLen 21236 -prefMapSize 233496 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1ed3b3d0-adbb-4bc5-b3c3-ce23516fb60e} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 1304 14208858 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.1.1565295853\216413980" -parentBuildID 20221007134813 -prefsHandle 1460 -prefMapHandle 1456 -prefsLen 21317 -prefMapSize 233496 -appDir "C:\Program Files\Mozilla Firefox\browser" - {78c29326-8bde-4578-8d93-df2a815d5aec} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 1472 e71058 socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.2.2065647844\1835031236" -childID 1 -isForBrowser -prefsHandle 1988 -prefMapHandle 1984 -prefsLen 21420 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9647ffcb-580f-482d-8263-644c5f05e9c1} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 2000 825e858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.3.1613484904\1842564284" -childID 2 -isForBrowser -prefsHandle 2444 -prefMapHandle 2424 -prefsLen 26605 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0683387b-1a39-4d4e-80bb-3a5b79fa2163} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 2320 135da258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.4.196263426\1705360918" -childID 3 -isForBrowser -prefsHandle 2636 -prefMapHandle 2632 -prefsLen 26605 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3a8044ea-f128-4c65-ba51-438fe00a4184} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 2652 e61f58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.5.1362973817\1680968236" -childID 4 -isForBrowser -prefsHandle 3368 -prefMapHandle 3376 -prefsLen 26605 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c252e7f7-5f92-47f3-833b-1cc33ad2dfae} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 3400 1ea19258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.6.2086009356\2047832876" -childID 5 -isForBrowser -prefsHandle 3508 -prefMapHandle 3512 -prefsLen 26605 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f81c9e38-27b9-41fa-badb-dd6cc8341d68} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 3496 1ea19b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.7.410906339\1029019283" -childID 6 -isForBrowser -prefsHandle 3684 -prefMapHandle 3688 -prefsLen 26605 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e6480f75-67d7-4d3f-9c1f-b427c459dacb} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 3672 1ea16e58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.8.673655065\1524710588" -childID 7 -isForBrowser -prefsHandle 3732 -prefMapHandle 3736 -prefsLen 26605 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {622cfef9-46d5-43d3-87dc-68e2d4710378} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 3512 1ef25b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.9.1367020572\1400081824" -childID 8 -isForBrowser -prefsHandle 3424 -prefMapHandle 3412 -prefsLen 26798 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {fd4ab3a7-a683-40ee-bcd9-d776afda4cd5} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 3472 1ea17758 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.10.819640271\1333293018" -childID 9 -isForBrowser -prefsHandle 4492 -prefMapHandle 2508 -prefsLen 26879 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {73ec3223-4b36-44b9-8f9b-93793ac98269} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 4456 1f1f5058 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.11.1790855856\1290980274" -childID 10 -isForBrowser -prefsHandle 1656 -prefMapHandle 4308 -prefsLen 26879 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bb861dd4-d932-47bb-9c1f-f775bd409dec} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 4772 1ed47f58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.12.795863420\1792162312" -childID 11 -isForBrowser -prefsHandle 4928 -prefMapHandle 4936 -prefsLen 26879 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a3906b8a-dd18-420b-9c45-6258323ea7e5} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 4916 2145f858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.13.797533673\1317104635" -childID 12 -isForBrowser -prefsHandle 1836 -prefMapHandle 1864 -prefsLen 26888 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {182ec78a-c3b5-4d74-9050-482b7699d5e0} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 1660 1f151258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.14.1261645246\2079934414" -parentBuildID 20221007134813 -prefsHandle 5068 -prefMapHandle 5080 -prefsLen 26888 -prefMapSize 233496 -appDir "C:\Program Files\Mozilla Firefox\browser" - {979d26ae-4eec-44f5-beb8-5d6c7e63b21e} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 1836 22887758 rdd

C:\Users\Admin\Downloads\Yandex.exe

"C:\Users\Admin\Downloads\Yandex.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.15.504090044\1511217854" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 4304 -prefMapHandle 3472 -prefsLen 26928 -prefMapSize 233496 -appDir "C:\Program Files\Mozilla Firefox\browser" - {39b92062-8867-454a-b4dc-82b71358f200} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 3452 237db758 utility

C:\Users\Admin\Downloads\Yandex.exe

C:\Users\Admin\Downloads\Yandex.exe --stat dwnldr/p=225007/fail=1

C:\Users\Admin\Downloads\OperaSetup.exe

"C:\Users\Admin\Downloads\OperaSetup.exe"

C:\Users\Admin\AppData\Local\Temp\7zS09880ED8\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zS09880ED8\setup.exe --server-tracking-blob=ZjZjMzI4MGU5ZTQ1YjNhZTlhYjkxOGY1ZTEzNzA4MDdlYWIyNDlmM2M4MjQxNGEyMTIxNjUyNGYwYmNiZTRjNjp7ImNvdW50cnkiOiJHQiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL2ZyZWVzb2Z0LnJ1LyIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFTZXR1cC5leGUiLCJwcm9kdWN0Ijoib3BlcmEiLCJxdWVyeSI6Ii9vcGVyYS9zdGFibGUvd2luZG93cz91dG1fc291cmNlPWZyZWVzb2Z0JnV0bV9tZWRpdW09cGImdXRtX2NhbXBhaWduPWZyZWVuZXQiLCJ0aW1lc3RhbXAiOiIxNzM4NzY5MjU5LjE4NzkiLCJ1c2VyYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCA2LjE7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwidXRtIjp7ImNhbXBhaWduIjoiZnJlZW5ldCIsIm1lZGl1bSI6InBiIiwic291cmNlIjoiZnJlZXNvZnQifSwidXVpZCI6IjAwNmE5NzE0LTRjZjQtNDlmOS05MDQ4LTdjNjBlMWJkMjA1OCJ9

C:\Users\Admin\Downloads\Yandex.exe

"C:\Users\Admin\Downloads\Yandex.exe"

C:\Users\Admin\Downloads\Yandex.exe

"C:\Users\Admin\Downloads\Yandex.exe"

C:\Users\Admin\Downloads\Yandex.exe

"C:\Users\Admin\Downloads\Yandex.exe"

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x590

C:\Users\Admin\Downloads\Yandex.exe

C:\Users\Admin\Downloads\Yandex.exe --stat dwnldr/p=225007/fail=1

C:\Users\Admin\Downloads\AlephNote_1.6.33\AlephNote.exe

"C:\Users\Admin\Downloads\AlephNote_1.6.33\AlephNote.exe"

C:\Users\Admin\Downloads\Yandex.exe

C:\Users\Admin\Downloads\Yandex.exe --stat dwnldr/p=225007/fail=1

C:\Users\Admin\Downloads\Yandex.exe

C:\Users\Admin\Downloads\Yandex.exe --stat dwnldr/p=225007/fail=1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.16.1790067970\910024383" -childID 13 -isForBrowser -prefsHandle 2400 -prefMapHandle 2264 -prefsLen 26984 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a42d8eb3-9dc7-4b69-acb1-7aeced6802a0} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 2312 1f14fd58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.17.1523100694\1322053440" -childID 14 -isForBrowser -prefsHandle 3972 -prefMapHandle 3960 -prefsLen 26984 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {81275e09-2ece-499a-a1f3-c8d3d1256b5d} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 3976 21d52c58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.18.1966282447\675101861" -childID 15 -isForBrowser -prefsHandle 3628 -prefMapHandle 3492 -prefsLen 26984 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {075519f2-29dc-4fc1-a049-7fde2ae18e93} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 3616 228f0958 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.19.695988876\1110953933" -childID 16 -isForBrowser -prefsHandle 2408 -prefMapHandle 4444 -prefsLen 26984 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {37d338cd-c144-434e-9a16-031ac1c1a9b9} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 5872 1a0dac58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.20.1271721424\1580030081" -childID 17 -isForBrowser -prefsHandle 4836 -prefMapHandle 4832 -prefsLen 26984 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e7fc9242-9ca6-4e3e-a071-f0bf4e8c4c38} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 4412 2028d858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.21.1267257702\1997298756" -childID 18 -isForBrowser -prefsHandle 4076 -prefMapHandle 4080 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9a002e87-d956-42fb-881b-39860b55011e} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 5128 1f220158 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.22.1401467829\168519032" -childID 19 -isForBrowser -prefsHandle 9668 -prefMapHandle 4208 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {23aef134-cc7f-4872-a831-10c959740520} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9656 256f2a58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.23.1028828245\523727669" -childID 20 -isForBrowser -prefsHandle 9540 -prefMapHandle 9536 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a8b19d0c-5d45-4e49-a886-ee30c621be48} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9552 256f2158 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.24.2145016734\1266724735" -childID 21 -isForBrowser -prefsHandle 9536 -prefMapHandle 9568 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a5439388-a2b8-4ef0-9dc1-bdbf1affb01d} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 4208 ff24158 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.25.579562808\1040610923" -childID 22 -isForBrowser -prefsHandle 9252 -prefMapHandle 9248 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {24680e8c-a81e-4b32-98a9-039d3fef6d59} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9264 ff25958 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.26.2092781219\1514668794" -childID 23 -isForBrowser -prefsHandle 3208 -prefMapHandle 9288 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9f5d18bc-7200-4605-a95b-f936473826aa} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9196 257e1858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.27.725943101\1523863165" -childID 24 -isForBrowser -prefsHandle 8820 -prefMapHandle 8824 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e6c63409-8c6f-43dc-be27-d65e6c3e79e0} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8840 18c54958 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.28.862348831\743118107" -childID 25 -isForBrowser -prefsHandle 8716 -prefMapHandle 8820 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4ff72bbc-57e7-403f-b10c-5be32309ef3f} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8864 25e1df58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.29.1282929971\522963666" -childID 26 -isForBrowser -prefsHandle 8716 -prefMapHandle 3688 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {33d2a823-5415-4da1-a772-cb8f6f01bccf} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8664 2adbbd58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.30.1109038000\997062363" -childID 27 -isForBrowser -prefsHandle 8976 -prefMapHandle 8936 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a9eba1a5-ec84-4422-908a-73a88037ceb1} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9224 1cb3c958 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.31.861661442\128812784" -childID 28 -isForBrowser -prefsHandle 8936 -prefMapHandle 9164 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {94da7e7d-6f65-4dd1-9e06-c7f8637940e6} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8272 18c58358 tab

C:\Users\Admin\Downloads\TelamonCleaner_id67a383f35fbe1sp.exe

"C:\Users\Admin\Downloads\TelamonCleaner_id67a383f35fbe1sp.exe"

C:\Users\Admin\AppData\Local\Temp\is-0VOO7.tmp\TelamonCleaner_id67a383f35fbe1sp.tmp

"C:\Users\Admin\AppData\Local\Temp\is-0VOO7.tmp\TelamonCleaner_id67a383f35fbe1sp.tmp" /SL5="$901CE,1801708,918016,C:\Users\Admin\Downloads\TelamonCleaner_id67a383f35fbe1sp.exe"

C:\Windows\SysWOW64\cmd.exe

"C:\Windows\system32\cmd.exe" "C:\Windows\system32\cmd.exe" /S /C ""C:\Users\Admin\AppData\Local\Temp\is-3TD1U.tmp\tt-installer-helper.exe" --getyaoffer --filename="TelamonCleaner_id67a383f35fbe1sp.exe" > "C:\Users\Admin\AppData\Local\Temp\is-3TD1U.tmp\~execwithresult.txt""

C:\Users\Admin\AppData\Local\Temp\is-3TD1U.tmp\tt-installer-helper.exe

"C:\Users\Admin\AppData\Local\Temp\is-3TD1U.tmp\tt-installer-helper.exe" --getyaoffer --filename="TelamonCleaner_id67a383f35fbe1sp.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.32.28835350\1572303747" -childID 29 -isForBrowser -prefsHandle 8644 -prefMapHandle 8604 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {26f015d1-b433-433f-b011-c6f6fe13f83e} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 796 1848cb58 tab

C:\Windows\SysWOW64\cmd.exe

"C:\Windows\system32\cmd.exe" "C:\Windows\system32\cmd.exe" /S /C ""C:\Users\Admin\AppData\Local\Temp\is-3TD1U.tmp\tt-installer-helper.exe" --getuid > "C:\Users\Admin\AppData\Local\Temp\is-3TD1U.tmp\~execwithresult.txt""

C:\Users\Admin\AppData\Local\Temp\is-3TD1U.tmp\tt-installer-helper.exe

"C:\Users\Admin\AppData\Local\Temp\is-3TD1U.tmp\tt-installer-helper.exe" --getuid

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.33.543352327\727975666" -childID 30 -isForBrowser -prefsHandle 4084 -prefMapHandle 8676 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f3e0abc8-a2d3-4db1-b522-ef6e0e9deb23} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8388 1cd51258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.34.1884245226\1867275388" -childID 31 -isForBrowser -prefsHandle 8324 -prefMapHandle 8424 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {143f5621-5516-46e5-9bc4-a4b906d2eb9e} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8692 24404d58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.35.201538773\479582246" -childID 32 -isForBrowser -prefsHandle 8352 -prefMapHandle 8416 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6ed6b13a-d66d-4a96-911c-2b016a614c5a} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 4016 24403e58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.36.1823315702\1154171130" -childID 33 -isForBrowser -prefsHandle 8184 -prefMapHandle 8188 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6f36e950-5715-43cd-ab15-07f87f84e065} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8208 25374858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.37.686338724\481434401" -childID 34 -isForBrowser -prefsHandle 4320 -prefMapHandle 4696 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c98b9360-12b4-47a1-99fe-6760c39f94b3} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8092 256d3358 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.38.1154113115\1750171717" -childID 35 -isForBrowser -prefsHandle 9032 -prefMapHandle 4296 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0d6c822d-9f5d-4b66-99e3-ab13d6f54994} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 3152 25353858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.39.416488268\1015123407" -childID 36 -isForBrowser -prefsHandle 5800 -prefMapHandle 5760 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ba618016-758c-4578-980d-241ca612ec0c} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 5816 25354158 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.40.1680938576\1451480487" -childID 37 -isForBrowser -prefsHandle 8348 -prefMapHandle 9208 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {49459f81-dd21-42bf-9737-02079496a40c} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8448 2cf46458 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.41.607486322\796807988" -childID 38 -isForBrowser -prefsHandle 8164 -prefMapHandle 8748 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4590ab81-caf2-4234-b7f1-822fc11b1a67} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8640 24464b58 tab

C:\Users\Admin\AppData\Local\Temp\Temp1_log-analyzer-release-1.0.1.83.zip\setup.exe

"C:\Users\Admin\AppData\Local\Temp\Temp1_log-analyzer-release-1.0.1.83.zip\setup.exe"

C:\Users\Admin\AppData\Local\Temp\is-GN1OF.tmp\is-78S6R.tmp

"C:\Users\Admin\AppData\Local\Temp\is-GN1OF.tmp\is-78S6R.tmp" /SL4 $202C6 "C:\Users\Admin\AppData\Local\Temp\Temp1_log-analyzer-release-1.0.1.83.zip\setup.exe" 519312 52224

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.42.1887830934\195318272" -childID 39 -isForBrowser -prefsHandle 5252 -prefMapHandle 8308 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {30978618-d7e1-4995-b26b-e990962c8227} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8248 18903e58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.43.641296330\1379409096" -childID 40 -isForBrowser -prefsHandle 9408 -prefMapHandle 8020 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bc481ea4-a3c6-484d-b5ea-8284d01d0b87} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 2264 18904458 tab

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\Temp1_log-analyzer-release-1.0.1.83.zip\readme.txt

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.44.433520429\845253947" -childID 41 -isForBrowser -prefsHandle 2376 -prefMapHandle 4496 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {11a511c0-8bfc-418c-bf08-36a9ee92d13c} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8472 1848da58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.45.1209432844\1147235815" -childID 42 -isForBrowser -prefsHandle 8148 -prefMapHandle 8136 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e04304d8-ec3e-42f6-9779-dc693373aba1} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8132 e2f658 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.46.1478360449\1267450740" -childID 43 -isForBrowser -prefsHandle 8152 -prefMapHandle 8536 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d0e6c4b8-35d3-44f6-b796-c87b5b28fa68} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8440 1cebc858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.47.461436455\556405675" -childID 44 -isForBrowser -prefsHandle 8312 -prefMapHandle 8748 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {95f38951-66d8-4c59-bed5-9c99d8aae724} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 4024 1cbf3958 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.48.132744431\389252804" -childID 45 -isForBrowser -prefsHandle 8040 -prefMapHandle 8532 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d07e55e0-99ff-4acb-9117-49dc11429315} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8236 1cceab58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.49.283917356\817662947" -childID 46 -isForBrowser -prefsHandle 8416 -prefMapHandle 4760 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {efd98b94-8f21-42a8-843a-1874f7a3f260} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8712 2012e058 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.50.378108168\26824629" -childID 47 -isForBrowser -prefsHandle 8196 -prefMapHandle 9376 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6d9dd808-fd7b-4aad-b45a-a5752e74912d} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9372 2012da58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.51.252568429\1616093059" -childID 48 -isForBrowser -prefsHandle 8424 -prefMapHandle 8356 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {20a4e65d-ad42-4dfb-9165-3716dbcaeb3d} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9396 22813258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.52.1942711990\508301870" -childID 49 -isForBrowser -prefsHandle 7988 -prefMapHandle 1656 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9e2ca132-a21a-4fc1-b4bb-5f1414d53cc6} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8136 23716858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.53.1469488074\2108141927" -childID 50 -isForBrowser -prefsHandle 8312 -prefMapHandle 4732 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {412faedd-560b-49bd-99b6-f13506e01d38} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8404 18ecf858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.54.2105973070\1874981572" -childID 51 -isForBrowser -prefsHandle 8532 -prefMapHandle 8504 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b68777e8-f1dc-4d0b-9e14-84d8e5990bba} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 3724 1848d458 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.55.560049018\669503542" -childID 52 -isForBrowser -prefsHandle 8004 -prefMapHandle 9444 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d8714f0c-fcc6-4b54-a417-4ee033a15dfb} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8132 1c9b3358 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.56.1932369057\1912025475" -childID 53 -isForBrowser -prefsHandle 4728 -prefMapHandle 4324 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7e5c3849-c5a3-4d27-97dd-cac034b708ae} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 4348 e5f858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.57.674655637\1532381716" -childID 54 -isForBrowser -prefsHandle 3596 -prefMapHandle 3984 -prefsLen 27011 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {63f3803f-ea4b-4e9a-94de-9861c6b46a92} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8068 e6ca58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.58.1351896400\342658725" -childID 55 -isForBrowser -prefsHandle 5868 -prefMapHandle 5996 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {67c2aa52-b363-426b-9ca9-74f4ee51d293} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 6016 18c58058 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.59.129952847\886392666" -childID 56 -isForBrowser -prefsHandle 8704 -prefMapHandle 8280 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6b5450a6-5db2-4180-a17c-bae46deb07cb} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9272 1cc10d58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.60.1322118886\1603152500" -childID 57 -isForBrowser -prefsHandle 9340 -prefMapHandle 9000 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {da5da294-9e82-4b71-9408-3bf03b94757d} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9072 1cc11058 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.61.2107083024\1350381487" -childID 58 -isForBrowser -prefsHandle 9592 -prefMapHandle 5796 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {630f7774-f874-4083-936c-1c2ee7d0cfcf} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8448 1cd54e58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.62.562946443\246441683" -childID 59 -isForBrowser -prefsHandle 9468 -prefMapHandle 8368 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2f2e3e61-209e-4f48-a343-53dfae9fe7da} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9652 1eaaa758 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.63.896514402\1410385203" -childID 60 -isForBrowser -prefsHandle 8784 -prefMapHandle 8428 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {13316afa-3dd2-450b-912c-2c2e834b3f56} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8848 1f29b658 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.64.2041036598\158190928" -childID 61 -isForBrowser -prefsHandle 4776 -prefMapHandle 8436 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a3e02e8d-2aef-4851-9286-042ad6878b29} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8164 1f29b058 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.65.1288591650\1811566931" -childID 62 -isForBrowser -prefsHandle 3784 -prefMapHandle 9372 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8ffd56f4-0832-496b-9708-0fcc26500f53} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9292 1ea16258 tab

C:\Users\Admin\Downloads\Setup_ASTER2600.exe

"C:\Users\Admin\Downloads\Setup_ASTER2600.exe"

C:\Windows\system32\cmd.exe

"C:\Windows\system32\cmd.exe" /c "C:\Users\Admin\AppData\Local\Temp\D24D6AB0\_tin0D5E.bat"

C:\Windows\system32\sc.exe

sc query MUTESV_SERVICE

C:\Windows\system32\find.exe

find "RUNNING"

C:\Users\Admin\AppData\Local\Temp\D24D6AB0\T0002_mutewizard.exe

"C:\Users\Admin\AppData\Local\Temp\D24D6AB0\T0002_mutewizard.exe"

C:\Users\Admin\AppData\Local\Temp\D24D6AB0\T0001_VC_redist.x64.exe

"C:\Users\Admin\AppData\Local\Temp\D24D6AB0\T0001_VC_redist.x64.exe" /install /quiet /norestart

C:\Windows\Temp\{3147B5F3-10C2-499A-A9B9-072344498796}\.cr\T0001_VC_redist.x64.exe

"C:\Windows\Temp\{3147B5F3-10C2-499A-A9B9-072344498796}\.cr\T0001_VC_redist.x64.exe" -burn.clean.room="C:\Users\Admin\AppData\Local\Temp\D24D6AB0\T0001_VC_redist.x64.exe" -burn.filehandle.attached=288 -burn.filehandle.self=292 /install /quiet /norestart

C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe

"C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe" -q -burn.elevated BurnPipe.{4D4F4189-99ED-49C5-8421-E44FE733C373} {EF6471CF-A9A6-4316-AF58-AE4AA741440C} 4144

C:\Windows\system32\vssvc.exe

C:\Windows\system32\vssvc.exe

C:\Windows\system32\msiexec.exe

C:\Windows\system32\msiexec.exe /V

C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe

"C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe" -uninstall -quiet -burn.related.upgrade -burn.ancestors={77169412-f642-45e7-b533-0c6f48de12f9} -burn.filehandle.self=500 -burn.embedded BurnPipe.{F83C8C17-9ED4-4B23-9A52-403BFFF379C5} {5A91E21E-D037-4FE3-9502-6DE318EC1EB9} 5020

C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe

"C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe" -burn.clean.room="C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe" -burn.filehandle.attached=180 -burn.filehandle.self=188 -uninstall -quiet -burn.related.upgrade -burn.ancestors={77169412-f642-45e7-b533-0c6f48de12f9} -burn.filehandle.self=500 -burn.embedded BurnPipe.{F83C8C17-9ED4-4B23-9A52-403BFFF379C5} {5A91E21E-D037-4FE3-9502-6DE318EC1EB9} 5020

C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe

"C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe" -q -burn.elevated BurnPipe.{19979A1A-446A-414E-B21C-0B883EA98B8C} {4CD1FEDA-7193-4884-9DEB-4FCB028F75D1} 2880

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.66.1680369851\1616898589" -childID 63 -isForBrowser -prefsHandle 9052 -prefMapHandle 9560 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {93ae7f95-1408-4681-9e80-29713f1007a7} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9524 1897eb58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.67.962435794\814203857" -childID 64 -isForBrowser -prefsHandle 5096 -prefMapHandle 8276 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {16ad281c-e569-4aa7-8a3b-e2dfaf8eeb2c} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 2248 21d04158 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.68.1149898632\1506636956" -childID 65 -isForBrowser -prefsHandle 9596 -prefMapHandle 9456 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ba658b1a-c885-4395-857d-e6b324506fa3} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 5712 e5ee58 tab

C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe

"C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.69.1803590245\1398099932" -childID 66 -isForBrowser -prefsHandle 4784 -prefMapHandle 9160 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {28add6e4-a2ff-469c-bb05-1089e0746ba2} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9376 1a042258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.70.213923607\1619077152" -childID 67 -isForBrowser -prefsHandle 8032 -prefMapHandle 2792 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8c10d54b-2be3-4917-b5a2-a87b9d635b39} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 4784 24d78c58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.71.35557177\983644557" -childID 68 -isForBrowser -prefsHandle 5844 -prefMapHandle 8736 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b26d269c-e330-4d57-8afb-c6b777d0ab2a} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9200 25372a58 tab

C:\Users\Admin\Downloads\ashampoo_music_studio_11_11.0.3_sm.exe

"C:\Users\Admin\Downloads\ashampoo_music_studio_11_11.0.3_sm.exe"

C:\Users\Admin\AppData\Local\Temp\is-5KLOB.tmp\ashampoo_music_studio_11_11.0.3_sm.tmp

"C:\Users\Admin\AppData\Local\Temp\is-5KLOB.tmp\ashampoo_music_studio_11_11.0.3_sm.tmp" /SL5="$60298,62889911,1073664,C:\Users\Admin\Downloads\ashampoo_music_studio_11_11.0.3_sm.exe"

C:\Windows\System32\sc.exe

C:\Windows\System32\sc.exe create EsgShKernel start= demand binPath= "\"C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe\"" DisplayName= "SpyHunter 5 Kernel"

C:\Windows\System32\sc.exe

C:\Windows\System32\sc.exe description EsgShKernel "SpyHunter 5 Kernel"

C:\Windows\System32\sc.exe

C:\Windows\System32\sc.exe create ShMonitor start= demand binPath= "\"C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe\"" DisplayName= "SpyHunter 5 Kernel Monitor"

C:\Windows\System32\sc.exe

C:\Windows\System32\sc.exe description ShMonitor "SpyHunter 5 Kernel Monitor"

C:\Windows\system32\taskeng.exe

taskeng.exe {4D4A0BE6-12F7-464B-A244-D8D5B62C9781} S-1-5-21-1163522206-1469769407-485553996-1000:PJCSDMRP\Admin:Interactive:[1]

C:\Windows\system32\rundll32.exe

C:\Windows\system32\rundll32.exe url.dll,FileProtocolHandler https://www.enigmasoftware.com/congratulations-spyhunter-installed/?hwx=936a63337e4887d2ca70732170bdd70e&lang=EN&sid=tapf%2Daa%2Dyjy3nzg

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.enigmasoftware.com/congratulations-spyhunter-installed/?hwx=936a63337e4887d2ca70732170bdd70e&lang=EN&sid=tapf%2Daa%2Dyjy3nzg

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5012 CREDAT:275457 /prefetch:2

C:\Windows\System32\sc.exe

C:\Windows\System32\sc.exe config ShMonitor start= auto

C:\Windows\System32\sc.exe

C:\Windows\System32\sc.exe config EsgShKernel start= auto

C:\Windows\System32\regsvr32.exe

C:\Windows\System32\regsvr32.exe /s "C:\Program Files\EnigmaSoft\SpyHunter\ShShellExt.dll"

C:\Windows\System32\sc.exe

C:\Windows\System32\sc.exe start EsgShKernel -tt_on

C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe

"C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe"

C:\Windows\System32\sc.exe

C:\Windows\System32\sc.exe start ShMonitor

C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe

"C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe"

C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe

"C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe" /hide

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.72.131757850\471510868" -childID 69 -isForBrowser -prefsHandle 9568 -prefMapHandle 8024 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a2571609-48a1-4eb5-a9b1-3d9d68484250} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9632 ff23e58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.73.1604863252\1137792747" -childID 70 -isForBrowser -prefsHandle 8492 -prefMapHandle 1080 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2a9fb265-fab7-4bb9-a7c4-b7efed94b671} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8792 18f47c58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.74.76968778\87562509" -childID 71 -isForBrowser -prefsHandle 9496 -prefMapHandle 9480 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {47528cda-d4e9-4dd1-b881-d95eb9227838} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8020 e6f558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.75.710071438\1260486649" -childID 72 -isForBrowser -prefsHandle 1080 -prefMapHandle 3484 -prefsLen 27555 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6abe38f0-3a8c-4cc5-b393-452c14bc39c1} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 4168 1cce8758 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.76.484088273\1793394965" -childID 73 -isForBrowser -prefsHandle 4680 -prefMapHandle 9380 -prefsLen 27555 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6e5bfb39-b44c-47d0-a004-2cd3ecf1f18d} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 3596 1848e058 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.77.428419597\1555485743" -childID 74 -isForBrowser -prefsHandle 9556 -prefMapHandle 8892 -prefsLen 27555 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {109a6b19-e888-4ed1-a4b6-221f80b69d40} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 5872 18eb7b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.78.393952602\1653869623" -childID 75 -isForBrowser -prefsHandle 9412 -prefMapHandle 9388 -prefsLen 27555 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {32d26f9b-a5a2-4f65-8948-2ba41b56b63c} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8024 1c0a6b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.79.1215797427\559339152" -childID 76 -isForBrowser -prefsHandle 4808 -prefMapHandle 3976 -prefsLen 27555 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a81b9031-942c-4ce7-b1b7-afee7416f394} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 4936 1cb26b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.80.1730271394\1296306433" -childID 77 -isForBrowser -prefsHandle 8068 -prefMapHandle 3692 -prefsLen 27763 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {001e7020-7e64-4e4a-a952-6e74184cdef7} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 3596 ff25658 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.81.1706215068\855145825" -childID 78 -isForBrowser -prefsHandle 8648 -prefMapHandle 3620 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {cfdf62c1-9bc3-471e-966d-52df66ad83ae} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 2664 1cce7b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.82.1976915920\1548502760" -childID 79 -isForBrowser -prefsHandle 9180 -prefMapHandle 6020 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f47d467d-303b-4eae-ac8c-3b9638d27ecf} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8076 1de5b058 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.83.768869321\1321339035" -childID 80 -isForBrowser -prefsHandle 8748 -prefMapHandle 5352 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e647d498-989d-476d-bb00-f088b1600426} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8268 1f222e58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.84.1222827340\1632607080" -childID 81 -isForBrowser -prefsHandle 8808 -prefMapHandle 8740 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {011f4d24-fa53-438d-b3ed-33ac9b3c9d7c} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9096 2028d558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.85.404024039\610960676" -childID 82 -isForBrowser -prefsHandle 9068 -prefMapHandle 1764 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bae2ff8e-1720-4a5c-804f-f9c9b02e8665} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8748 228ee858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.86.272059998\2007236922" -childID 83 -isForBrowser -prefsHandle 9404 -prefMapHandle 8284 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0d37ff0e-559c-44d2-aa27-7060b9c815d0} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8336 1cce7258 tab

C:\Users\Admin\Downloads\Setup.exe

"C:\Users\Admin\Downloads\Setup.exe"

C:\Windows\SysWOW64\cmd.exe

"C:\Windows\System32\cmd.exe" /C netsh http add urlacl url=http://+:9007/ user=Everyone

C:\Windows\SysWOW64\netsh.exe

netsh http add urlacl url=http://+:9007/ user=Everyone

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.87.1283952426\186945422" -childID 84 -isForBrowser -prefsHandle 5784 -prefMapHandle 8044 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {27dee556-eaff-49f7-8801-f7be9d6f847f} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 4680 2026a358 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.88.83341185\248620756" -childID 85 -isForBrowser -prefsHandle 3692 -prefMapHandle 4688 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1b257843-9394-4283-a406-6c811539ca47} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8180 21436f58 tab

C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe

"C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe" --install --geo=

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.89.522647982\327737288" -childID 86 -isForBrowser -prefsHandle 4168 -prefMapHandle 8940 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {14dc4758-74e5-467e-a2a5-c534eb437611} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8800 1cceab58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.90.1387333132\41930835" -childID 87 -isForBrowser -prefsHandle 8768 -prefMapHandle 9128 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {96ea5ce2-101c-4c84-a7ec-65324f6e301a} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 4480 21d53858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.91.534295857\1517707732" -childID 88 -isForBrowser -prefsHandle 5740 -prefMapHandle 9248 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {20c7b088-d169-47e5-a41a-6ade58e0ce93} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9500 229d5b58 tab

C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe

"C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe" --afterinstall

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.92.1817661949\826111138" -childID 89 -isForBrowser -prefsHandle 9636 -prefMapHandle 8784 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8f82b72e-6b55-46cc-a32e-4dbb2f110a6c} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9280 228eeb58 tab

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x534

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://webcompanion.com/en/install.php?partner=IN250101&campaign=18264794070&

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" https://webcompanion.com/en/install.php?partner=IN250101&campaign=18264794070&

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.93.781130921\1536554469" -childID 90 -isForBrowser -prefsHandle 9104 -prefMapHandle 3788 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a686cdd0-e7f5-481d-8198-1dad99ea952e} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 3836 1cee6b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.94.2126351425\1654225757" -childID 91 -isForBrowser -prefsHandle 8732 -prefMapHandle 8388 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {63cbc1ae-3542-4119-8103-0e53eee44d03} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8672 24461558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.95.1252132044\1126186967" -childID 92 -isForBrowser -prefsHandle 8376 -prefMapHandle 2956 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5671d004-0c07-4d71-b566-cab2952b627d} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 988 24463c58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.96.786073384\409259969" -childID 93 -isForBrowser -prefsHandle 8228 -prefMapHandle 9220 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bd4d6ecf-8570-4f5c-bf68-18c006a16f39} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8664 18ee4458 tab

C:\Windows\system32\wbem\WmiApSrv.exe

C:\Windows\system32\wbem\WmiApSrv.exe

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /4

C:\Windows\system32\wscript.exe

"C:\Windows\system32\wscript.exe" /nologo "C:\Users\Admin\AppData\Local\Temp\D24D6AB0\_tin6613.vbs"

C:\Windows\system32\vssvc.exe

C:\Windows\system32\vssvc.exe

C:\Users\Admin\AppData\Local\Temp\D24D6AB0\T0006_checkver.exe

"C:\Users\Admin\AppData\Local\Temp\D24D6AB0\T0006_checkver.exe"

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoLogo -Command -

C:\Windows\system32\reg.exe

"C:\Windows\system32\reg.exe" add HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard /v EnableVirtualizationBasedSecurity /t REG_DWORD /d 0 /f

C:\Windows\system32\reg.exe

"C:\Windows\system32\reg.exe" add HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity /v Enabled /t REG_DWORD /d 0 /f

C:\ProgramData\Uninstall\{BFEB483E-1D6F-4A10-9D35-AA73EB950523}\x64\regsvr32.exe

"C:\ProgramData\Uninstall\{BFEB483E-1D6F-4A10-9D35-AA73EB950523}\x64\regsvr32.exe" "C:\Program Files\ASTER\mutesv.dll" /r

C:\Program Files\ASTER\mutesv.exe

"C:\Program Files\ASTER\mutesv.exe" POSTINSTALL

C:\Program Files\ASTER\mutewizard.exe

"C:\Program Files\ASTER\mutewizard.exe" 2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7279758,0x7fef7279768,0x7fef7279778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1152 --field-trial-handle=1284,i,9775447407482136768,16228845025813056686,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1516 --field-trial-handle=1284,i,9775447407482136768,16228845025813056686,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1644 --field-trial-handle=1284,i,9775447407482136768,16228845025813056686,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2304 --field-trial-handle=1284,i,9775447407482136768,16228845025813056686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2460 --field-trial-handle=1284,i,9775447407482136768,16228845025813056686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1332 --field-trial-handle=1284,i,9775447407482136768,16228845025813056686,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3300 --field-trial-handle=1284,i,9775447407482136768,16228845025813056686,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.0.1666862248\1294887837" -parentBuildID 20221007134813 -prefsHandle 1128 -prefMapHandle 1120 -prefsLen 22129 -prefMapSize 234008 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3ad9d927-1c70-4c08-890b-e042d12c3c2f} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 1192 44e6e58 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.1.328595825\67112298" -parentBuildID 20221007134813 -prefsHandle 1348 -prefMapHandle 1344 -prefsLen 22174 -prefMapSize 234008 -appDir "C:\Program Files\Mozilla Firefox\browser" - {814587a9-ea65-4205-8cfd-a520f9d3d295} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 1360 ee6b58 socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.2.50401181\51210273" -childID 1 -isForBrowser -prefsHandle 1852 -prefMapHandle 1776 -prefsLen 22637 -prefMapSize 234008 -jsInitHandle 724 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7ebc7da0-8450-41f0-9d69-8970830f0371} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 1840 4569158 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.3.273763473\312119042" -childID 2 -isForBrowser -prefsHandle 2448 -prefMapHandle 2444 -prefsLen 27673 -prefMapSize 234008 -jsInitHandle 724 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5fd4b4c8-f24c-4860-ac24-2e77b1439aea} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 2460 e61c58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.4.1085069713\391576159" -childID 3 -isForBrowser -prefsHandle 3104 -prefMapHandle 3092 -prefsLen 27750 -prefMapSize 234008 -jsInitHandle 724 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {91156d61-4c85-4dfe-bbf6-f6df0df2c453} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 3116 1e147e58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.5.727108137\1864658958" -childID 4 -isForBrowser -prefsHandle 3476 -prefMapHandle 3496 -prefsLen 27789 -prefMapSize 234008 -jsInitHandle 724 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {45739daf-8fab-4123-9cb8-60dd02a10696} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 3492 20603b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.6.579655255\1365340928" -childID 5 -isForBrowser -prefsHandle 3788 -prefMapHandle 3784 -prefsLen 27712 -prefMapSize 234008 -jsInitHandle 724 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c7c69411-5f25-4e5d-a4ed-f04b18016658} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 3800 20297c58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.7.586028892\796676241" -childID 6 -isForBrowser -prefsHandle 3172 -prefMapHandle 3184 -prefsLen 27712 -prefMapSize 234008 -jsInitHandle 724 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9079c539-2d63-49a0-b0d8-24702035b1aa} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 3168 1ef81258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.8.460602398\1103671109" -childID 7 -isForBrowser -prefsHandle 4016 -prefMapHandle 3828 -prefsLen 27712 -prefMapSize 234008 -jsInitHandle 724 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5a3a9a1f-6992-4f52-b64e-b5c5f0e6233f} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 3756 1f284e58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.9.985359857\2111512037" -childID 8 -isForBrowser -prefsHandle 3180 -prefMapHandle 3172 -prefsLen 27712 -prefMapSize 234008 -jsInitHandle 724 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5f289eb2-f8f9-4188-bdd0-3aa56ae7c465} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 4112 207bc358 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.10.1874101781\346484273" -childID 9 -isForBrowser -prefsHandle 4100 -prefMapHandle 4092 -prefsLen 27712 -prefMapSize 234008 -jsInitHandle 724 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {eaadb9b4-5e6d-4bd6-b58a-7cd1f0e1a466} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 4004 207bde58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.11.1777240635\825651068" -childID 10 -isForBrowser -prefsHandle 3200 -prefMapHandle 3824 -prefsLen 27712 -prefMapSize 234008 -jsInitHandle 724 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a6ca1dd0-55dd-4053-adaf-878577148ab0} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 4112 1f287558 tab

Network

Country Destination Domain Proto
US 8.8.8.8:53 duckduckgo.com udp
N/A 127.0.0.1:49187 tcp
N/A 127.0.0.1:49195 tcp
US 8.8.8.8:53 spocs.getpocket.com udp
US 8.8.8.8:53 getpocket.cdn.mozilla.net udp
IE 52.142.124.215:80 duckduckgo.com tcp
IE 52.142.124.215:80 duckduckgo.com tcp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 prod.ads.prod.webservices.mozgcp.net udp
US 34.120.5.221:443 getpocket.cdn.mozilla.net tcp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 prod.ads.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.pocket.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.pocket.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
IE 52.142.124.215:443 duckduckgo.com tcp
US 8.8.8.8:53 firefox-settings-attachments.cdn.mozilla.net udp
US 8.8.8.8:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 attachments.prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 improving.duckduckgo.com udp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
US 8.8.8.8:53 links.duckduckgo.com udp
US 8.8.8.8:53 links.duckduckgo.com udp
IE 20.223.54.233:443 links.duckduckgo.com tcp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
US 8.8.8.8:53 links.duckduckgo.com udp
US 8.8.8.8:53 external-content.duckduckgo.com udp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
US 8.8.8.8:53 external-content.duckduckgo.com udp
US 8.8.8.8:53 external-content.duckduckgo.com udp
US 8.8.8.8:53 limewire.com udp
US 104.22.36.240:443 limewire.com tcp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 js.stripe.com udp
US 151.101.64.176:443 js.stripe.com tcp
US 8.8.8.8:53 stripecdn.map.fastly.net udp
US 8.8.8.8:53 stripecdn.map.fastly.net udp
US 8.8.8.8:53 api.limewire.com udp
US 151.101.64.176:443 stripecdn.map.fastly.net udp
US 104.22.36.240:443 api.limewire.com tcp
US 8.8.8.8:53 api.limewire.com udp
US 8.8.8.8:53 api.limewire.com udp
US 8.8.8.8:53 api.limewire.com udp
US 8.8.8.8:53 api.limewire.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
US 216.239.32.36:443 region1.analytics.google.com tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
DE 172.217.18.99:443 www.google.co.uk tcp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
US 216.239.32.36:443 region1.analytics.google.com udp
DE 172.217.18.99:443 www.google.co.uk udp
BE 142.251.168.155:443 stats.g.doubleclick.net tcp
BE 142.251.168.155:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 m.stripe.network udp
US 151.101.192.176:443 m.stripe.network tcp
US 8.8.8.8:53 m.stripe.com udp
US 44.239.106.85:443 m.stripe.com tcp
US 8.8.8.8:53 m.stripe.com udp
US 8.8.8.8:53 m.stripe.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 m.stripe.com udp
US 8.8.8.8:53 m.stripe.com udp
US 8.8.8.8:53 external-content.duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
IE 52.142.124.215:443 duckduckgo.com tcp
US 8.8.8.8:53 limewire.fyi udp
US 8.8.8.8:53 limewire.fyi udp
SE 185.130.46.37:443 limewire.fyi tcp
US 8.8.8.8:53 limewire.fyi udp
US 8.8.8.8:53 cdn.usefathom.com udp
SE 185.130.46.37:443 limewire.fyi tcp
SE 185.130.46.37:443 limewire.fyi tcp
SE 185.130.46.37:443 limewire.fyi tcp
SE 185.130.46.37:443 limewire.fyi tcp
US 8.8.8.8:53 code.jquery.com udp
US 8.8.8.8:53 limewire.pro udp
GB 79.127.237.132:443 cdn.usefathom.com tcp
US 8.8.8.8:53 fathom-cdn.b-cdn.net udp
US 151.101.194.137:443 code.jquery.com tcp
US 8.8.8.8:53 code.jquery.com udp
SE 185.130.46.37:443 limewire.pro tcp
US 8.8.8.8:53 limewire.pro udp
US 8.8.8.8:53 fathom-cdn.b-cdn.net udp
US 8.8.8.8:53 code.jquery.com udp
US 8.8.8.8:53 limewire.pro udp
SE 185.130.46.37:443 limewire.pro tcp
US 8.8.8.8:53 web.archive.org udp
SG 207.241.237.3:80 web.archive.org tcp
US 8.8.8.8:53 web.archive.org udp
US 8.8.8.8:53 web.archive.org udp
US 8.8.8.8:53 web.archive.org udp
SG 207.241.237.3:80 web.archive.org tcp
US 8.8.8.8:53 web.archive.org udp
US 8.8.8.8:53 www.google.com udp
DE 142.250.185.228:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
DE 142.250.185.228:443 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
N/A 127.0.0.1:50331 tcp
N/A 127.0.0.1:50354 tcp
US 8.8.8.8:53 limewire.com udp
US 172.67.26.165:443 limewire.com tcp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 js.stripe.com udp
US 8.8.8.8:53 limewire.com udp
US 151.101.0.176:443 js.stripe.com tcp
US 8.8.8.8:53 stripecdn.map.fastly.net udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 api.limewire.com udp
US 8.8.8.8:53 limewire.com udp
US 151.101.0.176:443 stripecdn.map.fastly.net udp
US 172.67.26.165:443 limewire.com tcp
US 8.8.8.8:53 api.limewire.com udp
US 8.8.8.8:53 o4505008135340032.ingest.sentry.io udp
US 8.8.8.8:53 limewire.com udp
US 34.120.195.249:443 o4505008135340032.ingest.sentry.io tcp
US 8.8.8.8:53 o4505008135340032.ingest.sentry.io udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 o4505008135340032.ingest.sentry.io udp
US 34.120.195.249:443 o4505008135340032.ingest.sentry.io udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 api.limewire.com udp
DE 172.217.18.99:443 www.google.co.uk tcp
US 8.8.8.8:53 www.google.co.uk udp
US 216.239.34.36:443 region1.analytics.google.com tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 api.limewire.com udp
US 8.8.8.8:53 limewire.com udp
US 216.239.34.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 limewire.com udp
DE 172.217.18.99:443 www.google.co.uk udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 api.limewire.com udp
US 8.8.8.8:53 api.limewire.com udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 api.limewire.com udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 o4505008135340032.ingest.sentry.io udp
US 8.8.8.8:53 api.limewire.com udp
US 8.8.8.8:53 limewire.com udp
US 34.120.195.249:443 o4505008135340032.ingest.sentry.io udp
US 8.8.8.8:53 o4505008135340032.ingest.sentry.io udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 api.limewire.com udp
US 8.8.8.8:53 api.limewire.com udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 support.mozilla.org udp
US 8.8.8.8:53 www.mozilla.org udp
US 8.8.8.8:53 wiki.mozilla.org udp
US 8.8.8.8:53 us-west1.prod.sumo.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 www-mozilla.fastly-edge.com udp
US 8.8.8.8:53 prod.wikimo.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 us-west1.prod.sumo.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 www-mozilla.fastly-edge.com udp
US 8.8.8.8:53 prod.wikimo.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 api.limewire.com udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 api.limewire.com udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 limewire.com udp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 external-content.duckduckgo.com udp
IE 52.142.124.215:443 duckduckgo.com tcp
US 8.8.8.8:53 external-content.duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 links.duckduckgo.com udp
IE 20.223.54.233:443 links.duckduckgo.com tcp
US 8.8.8.8:53 links.duckduckgo.com udp
US 8.8.8.8:53 external-content.duckduckgo.com udp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
US 8.8.8.8:53 external-content.duckduckgo.com udp
US 8.8.8.8:53 improving.duckduckgo.com udp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
US 8.8.8.8:53 external-content.duckduckgo.com udp
US 8.8.8.8:53 external-content.duckduckgo.com udp
US 8.8.8.8:53 freesoft.ru udp
US 104.21.1.148:443 freesoft.ru tcp
US 8.8.8.8:53 freesoft.ru udp
US 8.8.8.8:53 freesoft.ru udp
US 104.21.1.148:443 freesoft.ru udp
US 8.8.8.8:53 counter.yadro.ru udp
US 8.8.8.8:53 counter.yadro.ru udp
US 8.8.8.8:53 counter.yadro.ru udp
US 8.8.8.8:53 onesignal.com udp
US 8.8.8.8:53 onesignal.com udp
US 8.8.8.8:53 onesignal.com udp
RU 88.212.202.52:443 counter.yadro.ru tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
RU 88.212.202.52:443 counter.yadro.ru tcp
US 216.239.34.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
RU 88.212.202.52:443 counter.yadro.ru tcp
RU 88.212.202.52:443 counter.yadro.ru tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 freesoft.ru udp
US 8.8.8.8:53 freesoft.ru udp
RU 88.212.202.52:443 counter.yadro.ru tcp
RU 88.212.202.52:443 counter.yadro.ru tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
RU 88.212.202.52:443 counter.yadro.ru tcp
RU 88.212.202.52:443 counter.yadro.ru tcp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 151.101.193.229:443 cdn.jsdelivr.net tcp
US 8.8.8.8:53 jsdelivr.map.fastly.net udp
US 8.8.8.8:53 jsdelivr.map.fastly.net udp
US 151.101.193.229:443 jsdelivr.map.fastly.net tcp
US 151.101.193.229:443 jsdelivr.map.fastly.net udp
RU 88.212.201.204:443 counter.yadro.ru tcp
RU 88.212.201.204:443 counter.yadro.ru tcp
US 8.8.8.8:53 mc.yandex.ru udp
RU 87.250.251.119:443 mc.yandex.ru tcp
RU 87.250.251.119:443 mc.yandex.ru tcp
US 8.8.8.8:53 mc.yandex.ru udp
RU 87.250.251.119:443 mc.yandex.ru tcp
RU 87.250.251.119:443 mc.yandex.ru tcp
RU 87.250.251.119:443 mc.yandex.ru tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 dl.freesoftru.net udp
FR 92.204.40.173:443 dl.freesoftru.net tcp
US 8.8.8.8:53 dl.freesoftru.net udp
US 8.8.8.8:53 dl.freesoftru.net udp
US 8.8.8.8:53 downloader.yandex.net udp
RU 5.45.205.243:80 downloader.yandex.net tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 cachev2-rad-01.cdn.yandex.net udp
FI 5.45.192.4:80 cachev2-rad-01.cdn.yandex.net tcp
US 8.8.8.8:53 net.geo.opera.com udp
NL 185.26.182.112:443 net.geo.opera.com tcp
US 8.8.8.8:53 eu.net.opera.com udp
US 8.8.8.8:53 eu.net.opera.com udp
US 8.8.8.8:53 cachev2-kiv-01.cdn.yandex.net udp
FI 5.45.192.133:80 cachev2-kiv-01.cdn.yandex.net tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
RU 88.212.201.204:443 counter.yadro.ru tcp
RU 88.212.201.204:443 counter.yadro.ru tcp
US 8.8.8.8:53 cachev2-ams21.cdn.yandex.net udp
NL 5.45.247.25:80 cachev2-ams21.cdn.yandex.net tcp
US 8.8.8.8:53 clck.yandex.ru udp
RU 87.250.251.14:80 clck.yandex.ru tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
RU 88.212.201.204:443 counter.yadro.ru tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
RU 5.45.205.243:80 downloader.yandex.net tcp
US 8.8.8.8:53 cachev2-rad-03.cdn.yandex.net udp
FI 5.45.192.8:80 cachev2-rad-03.cdn.yandex.net tcp
US 8.8.8.8:53 cachev2-rad-05.cdn.yandex.net udp
FI 5.45.192.12:80 cachev2-rad-05.cdn.yandex.net tcp
RU 5.45.205.243:80 downloader.yandex.net tcp
RU 5.45.205.243:80 downloader.yandex.net tcp
US 8.8.8.8:53 cachev2-ams22.cdn.yandex.net udp
NL 5.45.247.27:80 cachev2-ams22.cdn.yandex.net tcp
US 8.8.8.8:53 cachev2-fra-02.cdn.yandex.net udp
DE 5.45.200.105:80 cachev2-fra-02.cdn.yandex.net tcp
DE 5.45.200.105:80 cachev2-fra-02.cdn.yandex.net tcp
RU 87.250.251.14:80 clck.yandex.ru tcp
US 8.8.8.8:53 cachev2-kiv-05.cdn.yandex.net udp
FI 5.45.192.144:80 cachev2-kiv-05.cdn.yandex.net tcp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
RU 87.250.251.14:80 clck.yandex.ru tcp
US 8.8.8.8:53 mikescher.com udp
DE 202.61.238.14:443 mikescher.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
RU 5.45.205.243:80 downloader.yandex.net tcp
RU 87.250.251.14:80 clck.yandex.ru tcp
US 104.21.1.148:443 freesoft.ru udp
RU 88.212.201.198:443 counter.yadro.ru tcp
RU 88.212.201.198:443 counter.yadro.ru tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com udp
RU 88.212.201.198:443 counter.yadro.ru tcp
RU 88.212.201.198:443 counter.yadro.ru tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
RU 88.212.201.198:443 counter.yadro.ru tcp
RU 88.212.201.198:443 counter.yadro.ru tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 ipatovsoft.ucoz.ru udp
RU 195.216.243.102:80 ipatovsoft.ucoz.ru tcp
RU 195.216.243.102:80 ipatovsoft.ucoz.ru tcp
US 8.8.8.8:53 ipatovsoft.ucoz.ru udp
US 8.8.8.8:53 ipatovsoft.ucoz.ru udp
US 8.8.8.8:53 ipatovsoft.ucoz.ru udp
RU 195.216.243.102:443 ipatovsoft.ucoz.ru tcp
US 8.8.8.8:53 ipatovsoft.ucoz.ru udp
US 8.8.8.8:53 ajax.googleapis.com udp
DE 172.217.16.202:443 ajax.googleapis.com tcp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
DE 172.217.16.202:443 ajax.googleapis.com udp
US 8.8.8.8:53 mc.yandex.ru udp
US 8.8.8.8:53 mc.yandex.ru udp
RU 93.158.134.119:443 mc.yandex.ru tcp
US 8.8.8.8:53 mc.yandex.com udp
RU 87.250.250.119:443 mc.yandex.com tcp
RU 87.250.250.119:443 mc.yandex.com tcp
US 8.8.8.8:53 adfstat.yandex.ru udp
RU 87.250.250.145:443 adfstat.yandex.ru tcp
US 8.8.8.8:53 adfstat.yandex.ru udp
US 8.8.8.8:53 adfstat.yandex.ru udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
IE 52.142.124.215:443 duckduckgo.com tcp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
GB 88.221.135.33:443 www.bing.com tcp
US 8.8.8.8:53 e86303.dscx.akamaiedge.net udp
US 8.8.8.8:53 e86303.dscx.akamaiedge.net udp
GB 88.221.135.33:443 e86303.dscx.akamaiedge.net udp
US 8.8.8.8:53 www.360totalsecurity.com udp
CN 106.63.24.72:443 www.360totalsecurity.com tcp
US 8.8.8.8:53 www.360totalsecurity.com udp
CN 106.63.24.72:443 www.360totalsecurity.com tcp
US 8.8.8.8:53 www.360totalsecurity.com udp
US 8.8.8.8:53 auth.simperium.com udp
US 192.0.84.247:443 auth.simperium.com tcp
CN 106.63.24.72:443 www.360totalsecurity.com tcp
CN 106.63.24.72:443 www.360totalsecurity.com tcp
US 8.8.8.8:53 www.softportal.com udp
US 172.67.70.92:443 www.softportal.com tcp
US 8.8.8.8:53 www.softportal.com udp
US 8.8.8.8:53 www.softportal.com udp
US 172.67.70.92:443 www.softportal.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 spload.site udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
DE 142.250.186.46:443 apis.google.com tcp
US 8.8.8.8:53 plus.l.google.com udp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 8.8.8.8:53 plus.l.google.com udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 199.59.243.228:443 spload.site tcp
US 8.8.8.8:53 77980.bodis.com udp
US 8.8.8.8:53 77980.bodis.com udp
DE 142.250.186.46:443 plus.l.google.com udp
US 8.8.8.8:53 counter.yadro.ru udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 counter.yadro.ru udp
US 151.101.65.229:443 cdn.jsdelivr.net tcp
US 8.8.8.8:53 jsdelivr.map.fastly.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 jsdelivr.map.fastly.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 151.101.65.229:443 jsdelivr.map.fastly.net udp
RU 88.212.202.52:443 counter.yadro.ru tcp
FR 163.70.128.23:443 scontent.xx.fbcdn.net tcp
RU 88.212.202.52:443 counter.yadro.ru tcp
FR 163.70.128.23:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 mc.yandex.ru udp
FR 163.70.128.23:443 scontent.xx.fbcdn.net tcp
RU 77.88.21.119:443 mc.yandex.ru tcp
US 8.8.8.8:53 mc.yandex.ru udp
RU 77.88.21.119:443 mc.yandex.ru tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
DE 172.217.18.99:443 www.google.co.uk tcp
US 8.8.8.8:53 www.google.co.uk udp
US 216.239.34.36:443 region1.analytics.google.com tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
US 216.239.34.36:443 region1.analytics.google.com udp
DE 142.250.186.46:443 fundingchoicesmessages.google.com tcp
US 8.8.8.8:53 www3.l.google.com udp
DE 172.217.18.99:443 www.google.co.uk udp
US 8.8.8.8:53 www3.l.google.com udp
DE 142.250.186.46:443 www3.l.google.com udp
BE 142.251.168.156:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 lh3.googleusercontent.com udp
DE 142.250.186.97:443 lh3.googleusercontent.com tcp
US 8.8.8.8:53 googlehosted.l.googleusercontent.com udp
BE 142.251.168.156:443 stats.g.doubleclick.net udp
DE 142.250.186.97:443 googlehosted.l.googleusercontent.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
DE 142.250.186.162:443 googleads.g.doubleclick.net tcp
DE 142.250.186.162:443 googleads.g.doubleclick.net tcp
DE 142.250.186.162:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
DE 142.250.186.162:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
DE 142.250.185.161:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
DE 142.250.185.161:443 tpc.googlesyndication.com udp
US 199.59.243.228:443 77980.bodis.com tcp
US 8.8.8.8:53 googleads4.g.doubleclick.net udp
US 8.8.8.8:53 s0.2mdn.net udp
US 8.8.8.8:53 googleads4.g.doubleclick.net udp
DE 172.217.16.134:443 s0.2mdn.net tcp
US 8.8.8.8:53 s0.2mdn.net udp
US 8.8.8.8:53 googleads4.g.doubleclick.net udp
US 8.8.8.8:53 s0.2mdn.net udp
DE 172.217.16.134:443 s0.2mdn.net udp
US 8.8.8.8:53 www.googletagservices.com udp
US 8.8.8.8:53 www.googletagservices.com udp
US 8.8.8.8:53 www.googletagservices.com udp
RU 88.212.202.52:443 counter.yadro.ru tcp
DE 142.250.186.98:443 www.googletagservices.com tcp
DE 142.250.186.98:443 www.googletagservices.com udp
RU 88.212.202.52:443 counter.yadro.ru tcp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
DE 142.250.186.34:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 www.softportal.com udp
US 8.8.8.8:53 www.softportal.com udp
DE 142.250.186.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 www.google.com udp
DE 142.250.185.228:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
DE 142.250.185.228:443 www.google.com udp
US 8.8.8.8:53 adclick.g.doubleclick.net udp
US 8.8.8.8:53 easyprint.app udp
US 8.8.8.8:53 adclick.g.doubleclick.net udp
GB 18.165.227.56:443 easyprint.app tcp
US 8.8.8.8:53 easyprint.app udp
US 8.8.8.8:53 adclick.g.doubleclick.net udp
US 8.8.8.8:53 easyprint.app udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 cdn.easyprint.app udp
US 8.8.8.8:53 containers.easyprint.app udp
GB 18.245.143.4:443 containers.easyprint.app tcp
US 8.8.8.8:53 d1bhiuzzocuycl.cloudfront.net udp
IE 3.162.140.80:443 cdn.easyprint.app tcp
US 8.8.8.8:53 d113e6q5xjybrb.cloudfront.net udp
US 8.8.8.8:53 d1bhiuzzocuycl.cloudfront.net udp
US 8.8.8.8:53 d113e6q5xjybrb.cloudfront.net udp
US 199.59.243.228:443 77980.bodis.com tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 cloudfront.easyprint.app udp
IE 13.224.68.107:443 cloudfront.easyprint.app tcp
US 8.8.8.8:53 ds4zyig8wqbvu.cloudfront.net udp
US 8.8.8.8:53 ds4zyig8wqbvu.cloudfront.net udp
RU 88.212.202.52:443 counter.yadro.ru tcp
RU 88.212.202.52:443 counter.yadro.ru tcp
US 8.8.8.8:53 app.termly.io udp
US 104.18.31.234:443 app.termly.io tcp
US 8.8.8.8:53 p.easyprint.app udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 app.termly.io udp
US 8.8.8.8:53 p.easyprint.app udp
US 8.8.8.8:53 app.termly.io udp
US 8.8.8.8:53 www.softportal.com udp
DE 142.250.185.228:443 www.google.com tcp
US 172.67.128.139:443 p.easyprint.app tcp
US 8.8.8.8:53 p.easyprint.app udp
US 104.18.31.234:443 app.termly.io udp
DE 142.250.185.228:443 www.google.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
DE 142.250.185.226:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
US 172.67.128.139:443 p.easyprint.app udp
US 216.239.32.36:443 region1.analytics.google.com tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
DE 172.217.18.99:443 www.google.co.uk tcp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 app.termly.io udp
US 8.8.8.8:53 app.termly.io udp
US 104.18.31.234:443 app.termly.io udp
DE 142.250.185.226:443 googleads.g.doubleclick.net udp
DE 172.217.18.99:443 www.google.co.uk tcp
US 8.8.8.8:53 app.termly.io udp
US 8.8.8.8:53 app.termly.io udp
US 104.18.31.234:443 app.termly.io tcp
US 216.239.32.36:443 region1.analytics.google.com udp
DE 172.217.18.99:443 www.google.co.uk udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
BE 142.251.168.156:443 stats.g.doubleclick.net tcp
BE 142.251.168.156:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 app.termly.io udp
US 8.8.8.8:53 app.termly.io udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 app.termly.io udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 app.termly.io udp
US 8.8.8.8:53 api.easyprint-api.app udp
US 216.239.32.36:443 region1.google-analytics.com udp
US 35.169.127.81:443 api.easyprint-api.app tcp
US 35.169.127.81:443 api.easyprint-api.app tcp
US 8.8.8.8:53 ext-services-9-1895588158.us-east-1.elb.amazonaws.com udp
US 8.8.8.8:53 ext-services-9-1895588158.us-east-1.elb.amazonaws.com udp
US 8.8.8.8:53 cdn.easyprint-cdn.app udp
GB 108.138.233.121:443 cdn.easyprint-cdn.app tcp
GB 108.138.233.121:443 cdn.easyprint-cdn.app tcp
US 8.8.8.8:53 ade.googlesyndication.com udp
US 8.8.8.8:53 ade.googlesyndication.com udp
DE 142.250.186.66:443 ade.googlesyndication.com tcp
US 8.8.8.8:53 ade.googlesyndication.com udp
DE 142.250.186.66:443 ade.googlesyndication.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com udp
RU 88.212.201.198:443 counter.yadro.ru tcp
RU 88.212.201.198:443 counter.yadro.ru tcp
US 8.8.8.8:53 msoft.sbs udp
NL 45.82.68.79:443 msoft.sbs tcp
US 8.8.8.8:53 msoft.sbs udp
US 8.8.8.8:53 msoft.sbs udp
US 8.8.8.8:53 t1mnsft.com udp
US 172.67.194.176:443 t1mnsft.com tcp
US 8.8.8.8:53 t1mnsft.com udp
US 8.8.8.8:53 t1mnsft.com udp
US 172.67.194.176:443 t1mnsft.com udp
US 8.8.8.8:53 dwnld5.t1mnsft.com udp
US 8.8.8.8:53 dwnld5.t1mnsft.com udp
US 104.21.34.11:443 dwnld5.t1mnsft.com tcp
US 8.8.8.8:53 dwnld5.t1mnsft.com udp
US 104.21.34.11:443 dwnld5.t1mnsft.com udp
US 8.8.8.8:53 quickspeedtest.net udp
US 104.26.12.19:443 quickspeedtest.net tcp
US 8.8.8.8:53 quickspeedtest.net udp
US 8.8.8.8:53 quickspeedtest.net udp
US 8.8.8.8:53 drda.quickspeedtest.net udp
US 104.26.13.19:443 drda.quickspeedtest.net tcp
US 8.8.8.8:53 drda.quickspeedtest.net udp
US 8.8.8.8:53 drda.quickspeedtest.net udp
US 8.8.8.8:53 code.jquery.com udp
US 8.8.8.8:53 containers.quickspeedtest.net udp
US 8.8.8.8:53 script.crazyegg.com udp
US 8.8.8.8:53 cdn.quickspeedtest-cdn.net udp
US 151.101.66.137:443 code.jquery.com tcp
US 8.8.8.8:53 code.jquery.com udp
IE 18.66.171.15:443 containers.quickspeedtest.net tcp
US 8.8.8.8:53 code.jquery.com udp
US 8.8.8.8:53 cloudfront.quickspeedtest.net udp
IE 13.224.68.76:443 cloudfront.quickspeedtest.net tcp
RU 88.212.201.198:443 counter.yadro.ru tcp
US 8.8.8.8:53 script.crazyegg.com.cdn.cloudflare.net udp
IE 3.162.140.101:443 cdn.quickspeedtest-cdn.net tcp
RU 88.212.201.198:443 counter.yadro.ru tcp
IE 3.162.140.101:443 cdn.quickspeedtest-cdn.net tcp
US 104.19.147.8:443 script.crazyegg.com.cdn.cloudflare.net tcp
US 8.8.8.8:53 cdn.quickspeedtest.net udp
US 8.8.8.8:53 app.termly.io udp
US 104.19.147.8:443 script.crazyegg.com.cdn.cloudflare.net udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 p.quickspeedtest.net udp
US 104.19.147.8:443 script.crazyegg.com.cdn.cloudflare.net tcp
IE 3.162.140.32:443 cdn.quickspeedtest.net tcp
IE 3.162.140.32:443 cdn.quickspeedtest.net tcp
US 8.8.8.8:53 app.termly.io udp
US 104.18.31.234:443 app.termly.io tcp
DE 142.250.185.228:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 p.quickspeedtest.net udp
US 172.67.69.227:443 p.quickspeedtest.net tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 p.quickspeedtest.net udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 104.18.31.234:443 app.termly.io udp
DE 142.250.185.228:443 www.google.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 216.239.32.36:443 region1.analytics.google.com tcp
DE 172.217.18.99:443 www.google.co.uk tcp
US 8.8.8.8:53 app.termly.io udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
US 104.18.31.234:443 app.termly.io tcp
US 104.18.31.234:443 app.termly.io udp
US 104.18.31.234:443 app.termly.io tcp
US 8.8.8.8:53 app.termly.io udp
US 216.239.32.36:443 region1.analytics.google.com udp
DE 172.217.18.99:443 www.google.co.uk udp
BE 142.251.168.156:443 stats.g.doubleclick.net tcp
BE 142.251.168.156:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 104.21.34.11:443 dwnld5.t1mnsft.com udp
RU 88.212.201.198:443 counter.yadro.ru tcp
RU 88.212.201.198:443 counter.yadro.ru tcp
US 8.8.8.8:53 www.softportal.com udp
US 8.8.8.8:53 www.softportal.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 config.telamoncleaner.com udp
RU 5.189.239.208:443 config.telamoncleaner.com tcp
US 8.8.8.8:53 app.termly.io udp
US 8.8.8.8:53 app.termly.io udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com udp
RU 88.212.201.204:443 counter.yadro.ru tcp
RU 88.212.201.204:443 counter.yadro.ru tcp
US 8.8.8.8:53 www.googletagservices.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 www.googletagservices.com udp
DE 142.250.186.46:443 www3.l.google.com udp
US 199.59.243.228:443 77980.bodis.com tcp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 jsdelivr.map.fastly.net udp
US 8.8.8.8:53 jsdelivr.map.fastly.net udp
DE 142.250.186.98:443 www.googletagservices.com udp
RU 88.212.201.204:443 counter.yadro.ru tcp
DE 142.250.186.34:443 securepubads.g.doubleclick.net udp
DE 142.250.186.46:443 www3.l.google.com udp
RU 88.212.201.204:443 counter.yadro.ru tcp
DE 142.250.186.46:443 www3.l.google.com tcp
DE 142.250.185.161:443 tpc.googlesyndication.com udp
DE 142.250.185.228:443 www.google.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
DE 172.217.18.99:443 www.google.co.uk udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 199.59.243.228:443 77980.bodis.com tcp
US 151.101.65.229:443 jsdelivr.map.fastly.net udp
RU 88.212.202.52:443 counter.yadro.ru tcp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
US 8.8.8.8:53 www.softportal.com udp
RU 88.212.201.204:443 counter.yadro.ru tcp
US 8.8.8.8:53 www.softportal.com udp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
RU 88.212.202.52:443 counter.yadro.ru tcp
US 8.8.8.8:53 ep2.adtrafficquality.google udp
RU 88.212.202.52:443 counter.yadro.ru tcp
RU 88.212.202.52:443 counter.yadro.ru tcp
DE 142.250.184.225:443 ep2.adtrafficquality.google tcp
US 8.8.8.8:53 ep2.adtrafficquality.google udp
US 8.8.8.8:53 ep2.adtrafficquality.google udp
RU 88.212.202.52:443 counter.yadro.ru tcp
DE 142.250.184.225:443 ep2.adtrafficquality.google udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 geteasyshare.app udp
GB 99.86.114.103:443 geteasyshare.app tcp
US 8.8.8.8:53 geteasyshare.app udp
US 8.8.8.8:53 geteasyshare.app udp
US 8.8.8.8:53 cdn.geteasyshare.app udp
US 8.8.8.8:53 containers.geteasyshare.app udp
IE 18.66.171.15:443 containers.geteasyshare.app tcp
US 8.8.8.8:53 d1bhiuzzocuycl.cloudfront.net udp
GB 108.138.233.86:443 cdn.geteasyshare.app tcp
US 8.8.8.8:53 d113e6q5xjybrb.cloudfront.net udp
US 8.8.8.8:53 d113e6q5xjybrb.cloudfront.net udp
US 8.8.8.8:53 cloudfront.geteasyshare.app udp
GB 108.138.217.13:443 cloudfront.geteasyshare.app tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 csi.gstatic.com udp
US 199.59.243.228:443 77980.bodis.com tcp
BR 172.217.28.163:443 csi.gstatic.com tcp
US 8.8.8.8:53 csi.gstatic.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
RU 88.212.202.52:443 counter.yadro.ru tcp
BR 172.217.28.163:443 csi.gstatic.com tcp
RU 88.212.202.52:443 counter.yadro.ru tcp
BR 172.217.28.163:443 csi.gstatic.com udp
US 8.8.8.8:53 app.termly.io udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 p.geteasyshare.app udp
DE 142.250.185.228:443 www.google.com tcp
US 104.18.30.234:443 app.termly.io tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 app.termly.io udp
US 104.21.12.42:443 p.geteasyshare.app tcp
US 8.8.8.8:53 p.geteasyshare.app udp
US 8.8.8.8:53 p.geteasyshare.app udp
DE 142.250.185.228:443 www.google.com udp
US 8.8.8.8:53 www.softportal.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 www.softportal.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 104.18.30.234:443 app.termly.io udp
US 8.8.8.8:53 app.termly.io udp
US 8.8.8.8:53 app.termly.io udp
US 104.18.30.234:443 app.termly.io udp
US 104.21.12.42:443 p.geteasyshare.app udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 app.termly.io udp
US 8.8.8.8:53 app.termly.io udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 172.67.194.176:443 dwnld5.t1mnsft.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 104.21.34.11:443 dwnld5.t1mnsft.com udp
RU 88.212.201.198:443 counter.yadro.ru tcp
RU 88.212.201.198:443 counter.yadro.ru tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
RU 88.212.201.198:443 counter.yadro.ru tcp
RU 88.212.201.198:443 counter.yadro.ru tcp
RU 88.212.201.198:443 counter.yadro.ru tcp
RU 88.212.201.198:443 counter.yadro.ru tcp
US 8.8.8.8:53 www.softportal.com udp
US 8.8.8.8:53 www.softportal.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 www.bestfree.ru udp
RU 45.130.41.22:443 www.bestfree.ru tcp
US 8.8.8.8:53 www.bestfree.ru udp
US 8.8.8.8:53 www.bestfree.ru udp
US 8.8.8.8:53 yandex.ru udp
US 8.8.8.8:53 translate.google.com udp
US 8.8.8.8:53 counter.yadro.ru udp
DE 142.250.186.46:443 translate.google.com tcp
RU 77.88.44.55:443 yandex.ru tcp
US 8.8.8.8:53 yandex.ru udp
US 8.8.8.8:53 counter.yadro.ru udp
DE 142.250.186.46:443 translate.google.com tcp
US 8.8.8.8:53 yandex.ru udp
DE 142.250.186.46:443 translate.google.com udp
DE 142.250.186.46:443 translate.google.com udp
US 8.8.8.8:53 vk.com udp
US 8.8.8.8:53 vk.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 vk.com udp
US 8.8.8.8:53 translate.googleapis.com udp
RU 87.240.132.72:443 vk.com tcp
DE 142.250.185.110:443 www.youtube.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 mc.yandex.ru udp
US 8.8.8.8:53 translate.googleapis.com udp
DE 172.217.18.106:443 translate.googleapis.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 mc.yandex.ru udp
US 8.8.8.8:53 translate.googleapis.com udp
US 8.8.8.8:53 accounts.google.com udp
DE 142.250.185.110:443 youtube-ui.l.google.com udp
BE 64.233.184.84:443 accounts.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 yastatic.net udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 yastatic.net udp
RU 178.154.131.215:443 yastatic.net tcp
RU 178.154.131.215:443 yastatic.net tcp
RU 178.154.131.215:443 yastatic.net tcp
RU 178.154.131.215:443 yastatic.net tcp
RU 178.154.131.215:443 yastatic.net tcp
RU 178.154.131.215:443 yastatic.net tcp
DE 172.217.18.106:443 translate.googleapis.com udp
US 8.8.8.8:53 yastatic.net udp
RU 87.240.132.72:443 vk.com tcp
BE 64.233.184.84:443 accounts.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 ssl.gstatic.com udp
DE 142.250.185.228:443 www.google.com tcp
US 8.8.8.8:53 translate-pa.googleapis.com udp
US 8.8.8.8:53 www.google.com udp
DE 142.250.186.163:443 ssl.gstatic.com tcp
US 8.8.8.8:53 ssl.gstatic.com udp
US 8.8.8.8:53 ssl.gstatic.com udp
DE 142.250.181.234:443 translate-pa.googleapis.com tcp
US 8.8.8.8:53 translate-pa.googleapis.com udp
US 8.8.8.8:53 translate-pa.googleapis.com udp
DE 142.250.186.163:443 ssl.gstatic.com udp
DE 142.250.181.234:443 translate-pa.googleapis.com udp
DE 142.250.185.228:443 www.google.com udp
RU 88.212.201.204:80 counter.yadro.ru tcp
RU 87.240.132.72:443 vk.com tcp
RU 88.212.201.204:80 counter.yadro.ru tcp
RU 77.88.21.119:443 mc.yandex.ru tcp
US 8.8.8.8:53 an.yandex.ru udp
US 8.8.8.8:53 favicon.yandex.net udp
RU 213.180.193.90:443 an.yandex.ru tcp
US 8.8.8.8:53 an.yandex.ru udp
RU 87.250.247.181:443 avatars.mds.yandex.net tcp
RU 77.88.21.36:443 favicon.yandex.net tcp
US 8.8.8.8:53 avatars.mds.yandex.net udp
US 8.8.8.8:53 favicon.yandex.net udp
US 8.8.8.8:53 an.yandex.ru udp
US 8.8.8.8:53 avatars.mds.yandex.net udp
US 8.8.8.8:53 favicon.yandex.net udp
RU 88.212.201.204:80 counter.yadro.ru tcp
RU 88.212.201.204:80 counter.yadro.ru tcp
RU 87.240.132.72:443 vk.com tcp
US 8.8.8.8:53 an.yandex.ru udp
RU 93.158.134.90:443 an.yandex.ru tcp
US 8.8.8.8:53 an.yandex.ru udp
RU 213.180.193.90:443 an.yandex.ru tcp
RU 77.88.21.36:443 favicon.yandex.net tcp
US 8.8.8.8:53 an.yandex.ru udp
US 8.8.8.8:53 mc.yandex.com udp
US 8.8.8.8:53 an.yandex.ru udp
RU 87.250.251.119:443 mc.yandex.com tcp
US 8.8.8.8:53 an.yandex.ru udp
US 8.8.8.8:53 an.yandex.ru udp
US 8.8.8.8:53 an.yandex.ru udp
US 8.8.8.8:53 yastatic.net udp
US 8.8.8.8:53 yastatic.net udp
US 8.8.8.8:53 yastatic.net udp
US 8.8.8.8:53 ru-software.com udp
CZ 176.74.219.29:80 ru-software.com tcp
CZ 176.74.219.29:80 ru-software.com tcp
US 8.8.8.8:53 ru-software.com udp
CZ 176.74.219.29:80 ru-software.com tcp
CZ 176.74.219.29:80 ru-software.com tcp
CZ 176.74.219.29:80 ru-software.com tcp
CZ 176.74.219.29:80 ru-software.com tcp
US 8.8.8.8:53 ru-software.com udp
DE 142.250.184.225:443 ep2.adtrafficquality.google udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.softportal.com udp
US 8.8.8.8:53 www.softportal.com udp
US 8.8.8.8:53 www.ferra.ru udp
US 8.8.8.8:53 ferra.ru udp
RU 81.19.72.53:443 ferra.ru tcp
RU 81.19.72.53:443 ferra.ru tcp
US 8.8.8.8:53 ferra.ru udp
US 8.8.8.8:53 ssp.rambler.ru udp
US 8.8.8.8:53 quiz.rambler.ru udp
RU 91.192.149.12:443 ssp.rambler.ru tcp
US 8.8.8.8:53 ssp.rambler.ru udp
US 8.8.8.8:53 quiz.rambler.ru udp
US 8.8.8.8:53 quiz.rambler.ru udp
US 8.8.8.8:53 st.top100.ru udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 www.tns-counter.ru udp
US 8.8.8.8:53 counter.yadro.ru udp
US 8.8.8.8:53 rcmjs.rambler.ru udp
US 8.8.8.8:53 top-fwz1.mail.ru udp
US 151.101.65.229:443 cdn.jsdelivr.net tcp
US 8.8.8.8:53 jsdelivr.map.fastly.net udp
US 8.8.8.8:53 www.tns-counter.ru udp
US 8.8.8.8:53 jsdelivr.map.fastly.net udp
DE 151.236.71.248:443 st.top100.ru tcp
US 8.8.8.8:53 www.tns-counter.ru udp
US 8.8.8.8:53 counter.yadro.ru udp
US 8.8.8.8:53 rcmjs.rambler.ru udp
RU 91.192.149.12:443 ssp.rambler.ru tcp
US 8.8.8.8:53 top-fwz1.mail.ru udp
US 8.8.8.8:53 2e2qdr4l9f.a.trbcdn.net udp
US 8.8.8.8:53 rcmjs.rambler.ru udp
US 8.8.8.8:53 top-fwz1.mail.ru udp
US 151.101.65.229:443 jsdelivr.map.fastly.net udp
US 8.8.8.8:53 2e2qdr4l9f.a.trbcdn.net udp
US 8.8.8.8:53 mc.yandex.ru udp
US 8.8.8.8:53 mc.yandex.ru udp
US 8.8.8.8:53 kraken.rambler.ru udp
RU 81.19.89.16:443 kraken.rambler.ru tcp
US 8.8.8.8:53 kraken.rambler.ru udp
US 8.8.8.8:53 kraken.rambler.ru udp
RU 81.19.89.16:443 kraken.rambler.ru tcp
US 8.8.8.8:53 developers.rambler.ru udp
US 8.8.8.8:53 id.rambler.ru udp
US 8.8.8.8:53 comments.rambler.ru udp
RU 81.19.82.49:443 comments.rambler.ru tcp
RU 81.19.82.49:443 comments.rambler.ru tcp
US 8.8.8.8:53 developers.rambler.ru udp
US 8.8.8.8:53 comments.rambler.ru udp
US 8.8.8.8:53 developers.rambler.ru udp
US 8.8.8.8:53 id.rambler.ru udp
RU 81.19.82.49:443 comments.rambler.ru tcp
RU 81.19.82.49:443 comments.rambler.ru tcp
RU 81.19.82.54:443 quiz.rambler.ru tcp
RU 194.226.130.228:443 www.tns-counter.ru tcp
RU 194.226.130.228:443 www.tns-counter.ru tcp
RU 194.226.130.228:443 www.tns-counter.ru tcp
RU 88.212.201.204:443 counter.yadro.ru tcp
RU 88.212.201.204:443 counter.yadro.ru tcp
RU 95.163.52.67:443 top-fwz1.mail.ru tcp
RU 81.19.82.57:443 rcmjs.rambler.ru tcp
RU 93.158.134.119:443 mc.yandex.ru tcp
RU 81.19.82.9:443 developers.rambler.ru tcp
RU 81.19.78.77:443 id.rambler.ru tcp
RU 93.158.134.119:443 mc.yandex.ru tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
RU 81.19.78.77:443 id.rambler.ru tcp
RU 81.19.82.54:443 quiz.rambler.ru tcp
RU 194.226.130.228:443 www.tns-counter.ru tcp
RU 194.226.130.228:443 www.tns-counter.ru tcp
RU 81.19.82.57:443 rcmjs.rambler.ru tcp
RU 81.19.82.9:443 developers.rambler.ru tcp
RU 88.212.201.204:443 counter.yadro.ru tcp
RU 88.212.201.204:443 counter.yadro.ru tcp
RU 95.163.52.67:443 top-fwz1.mail.ru tcp
RU 194.226.130.228:443 www.tns-counter.ru tcp
BE 142.251.168.157:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
BE 142.251.168.157:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 privacy-cs.mail.ru udp
US 8.8.8.8:53 krf.r.mail.ru udp
US 8.8.8.8:53 krf.r.mail.ru udp
RU 91.192.149.12:443 ssp.rambler.ru tcp
US 8.8.8.8:53 kraken.rambler.ru udp
RU 91.192.149.12:443 ssp.rambler.ru tcp
RU 81.19.89.16:443 kraken.rambler.ru tcp
US 8.8.8.8:53 kraken.rambler.ru udp
RU 81.19.89.16:443 kraken.rambler.ru tcp
RU 194.226.130.228:443 www.tns-counter.ru tcp
RU 194.226.130.228:443 www.tns-counter.ru tcp
RU 194.226.130.228:443 www.tns-counter.ru tcp
RU 88.212.201.204:443 counter.yadro.ru tcp
RU 88.212.201.204:443 counter.yadro.ru tcp
RU 81.19.82.57:443 rcmjs.rambler.ru tcp
RU 81.19.78.77:443 id.rambler.ru tcp
RU 91.192.149.12:443 ssp.rambler.ru tcp
US 8.8.8.8:53 kraken.rambler.ru udp
RU 81.19.89.16:443 kraken.rambler.ru tcp
US 8.8.8.8:53 kraken.rambler.ru udp
RU 91.192.149.12:443 ssp.rambler.ru tcp
RU 81.19.89.16:443 kraken.rambler.ru tcp
RU 194.226.130.228:443 www.tns-counter.ru tcp
RU 194.226.130.228:443 www.tns-counter.ru tcp
RU 194.226.130.228:443 www.tns-counter.ru tcp
RU 88.212.201.204:443 counter.yadro.ru tcp
RU 88.212.201.204:443 counter.yadro.ru tcp
RU 81.19.82.57:443 rcmjs.rambler.ru tcp
RU 81.19.78.77:443 id.rambler.ru tcp
US 8.8.8.8:53 improving.duckduckgo.com udp
US 8.8.8.8:53 improving.duckduckgo.com udp
US 8.8.8.8:53 improving.duckduckgo.com udp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 ipatovsoft.ucoz.ru udp
RU 195.216.243.102:443 ipatovsoft.ucoz.ru tcp
US 8.8.8.8:53 ipatovsoft.ucoz.ru udp
US 8.8.8.8:53 ipatovsoft.ucoz.ru udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 ipatovsoft.ucoz.ru udp
DE 216.58.212.138:443 ajax.googleapis.com tcp
US 8.8.8.8:53 ajax.googleapis.com udp
DE 216.58.212.138:443 ajax.googleapis.com udp
US 8.8.8.8:53 links.duckduckgo.com udp
US 8.8.8.8:53 links.duckduckgo.com udp
IE 20.223.54.233:443 links.duckduckgo.com tcp
US 8.8.8.8:53 links.duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 ipatovsoft.ucoz.ru udp
US 8.8.8.8:53 ipatovsoft.ucoz.ru udp
US 8.8.8.8:53 external-content.duckduckgo.com udp
US 8.8.8.8:53 external-content.duckduckgo.com udp
US 8.8.8.8:53 external-content.duckduckgo.com udp
US 8.8.8.8:53 external-content.duckduckgo.com udp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
US 8.8.8.8:53 ibiksoft.com udp
AE 20.203.123.248:443 ibiksoft.com tcp
US 8.8.8.8:53 ibiksoft.com udp
DE 142.250.185.110:443 youtube-ui.l.google.com tcp
DE 142.250.185.110:443 youtube-ui.l.google.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
DE 172.217.18.2:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 static.doubleclick.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 static.doubleclick.net udp
US 142.250.186.106:443 jnn-pa.googleapis.com tcp
US 142.250.186.106:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 yt3.ggpht.com udp
DE 142.250.185.228:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
DE 142.250.74.214:443 i.ytimg.com tcp
DE 172.217.16.193:443 yt3.ggpht.com tcp
DE 172.217.18.2:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 photos-ugc.l.googleusercontent.com udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 photos-ugc.l.googleusercontent.com udp
US 142.250.186.106:443 jnn-pa.googleapis.com udp
DE 142.250.185.228:443 www.google.com udp
DE 142.250.74.214:443 i.ytimg.com udp
DE 172.217.16.193:443 photos-ugc.l.googleusercontent.com udp
DE 142.250.181.230:443 static.doubleclick.net tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 play.google.com udp
DE 142.250.181.230:443 static.doubleclick.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 142.250.186.106:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 play.google.com udp
DE 142.250.185.142:443 play.google.com tcp
DE 142.250.185.142:443 play.google.com tcp
DE 142.250.185.142:443 play.google.com tcp
DE 142.250.185.142:443 play.google.com tcp
DE 142.250.185.142:443 play.google.com tcp
DE 142.250.185.142:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
DE 142.250.185.142:443 play.google.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
AE 20.203.123.248:443 ibiksoft.com tcp
US 8.8.8.8:53 russoft.org udp
RU 158.160.3.4:443 russoft.org tcp
US 8.8.8.8:53 russoft.org udp
US 8.8.8.8:53 russoft.org udp
RU 158.160.3.4:443 russoft.org tcp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 external-content.duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 external-content.duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 links.duckduckgo.com udp
US 8.8.8.8:53 links.duckduckgo.com udp
US 8.8.8.8:53 www.tazkranet.com udp
US 104.26.5.124:443 www.tazkranet.com tcp
US 8.8.8.8:53 www.tazkranet.com udp
US 8.8.8.8:53 www.tazkranet.com udp
US 104.26.5.124:443 www.tazkranet.com udp
US 104.26.13.42:443 tdns5.gtranslate.net tcp
US 8.8.8.8:53 tdns5.gtranslate.net udp
US 8.8.8.8:53 tdns5.gtranslate.net udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 104.18.94.41:443 challenges.cloudflare.com tcp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 104.18.94.41:443 challenges.cloudflare.com udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 8.8.8.8:53 www.softodrom.ru udp
US 8.8.8.8:53 www.softodrom.ru udp
RU 88.212.207.73:443 www.softodrom.ru tcp
US 8.8.8.8:53 www.softodrom.ru udp
RU 88.212.207.73:443 www.softodrom.ru tcp
US 8.8.8.8:53 update.telamoncleaner.com udp
RU 5.189.239.208:80 update.telamoncleaner.com tcp
IE 20.223.54.233:443 links.duckduckgo.com tcp
IE 20.223.54.233:443 links.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.124.215:443 duckduckgo.com tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 www.guru99.com udp
US 104.16.151.108:443 www.guru99.com tcp
US 8.8.8.8:53 pz3sdmtkaj.onrocket.site udp
US 8.8.8.8:53 pz3sdmtkaj.onrocket.site udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
DE 172.217.23.110:443 youtube-ui.l.google.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
RU 5.189.239.208:80 update.telamoncleaner.com tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 104.16.151.108:443 pz3sdmtkaj.onrocket.site udp
US 8.8.8.8:53 tdns5.gtranslate.net udp
US 104.26.12.42:443 tdns5.gtranslate.net tcp
US 8.8.8.8:53 tdns5.gtranslate.net udp
US 104.26.12.42:443 tdns5.gtranslate.net tcp
DE 172.217.23.110:443 redirector.gvt1.com udp
US 8.8.8.8:53 r4---sn-aigzrnsz.gvt1.com udp
US 8.8.8.8:53 r4.sn-aigzrnsz.gvt1.com udp
GB 74.125.175.169:443 r4.sn-aigzrnsz.gvt1.com tcp
US 8.8.8.8:53 r4.sn-aigzrnsz.gvt1.com udp
US 8.8.8.8:53 www.clarity.ms udp
US 8.8.8.8:53 cdn.convertbox.com udp
US 8.8.8.8:53 s-part-0036.t-0009.t-msedge.net udp
BE 207.211.214.145:443 cdn.convertbox.com tcp
GB 74.125.175.169:443 r4.sn-aigzrnsz.gvt1.com udp
US 8.8.8.8:53 s-part-0036.t-0009.t-msedge.net udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 convertbox.b-cdn.net udp
US 216.239.34.36:443 region1.analytics.google.com tcp
DE 172.217.18.99:443 www.google.co.uk tcp
US 8.8.8.8:53 convertbox.b-cdn.net udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 app.convertbox.com udp
US 35.172.95.254:443 app.convertbox.com tcp
US 8.8.8.8:53 app.convertbox.com udp
US 216.239.34.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 app.convertbox.com udp
DE 172.217.18.99:443 www.google.co.uk udp
US 13.107.246.64:443 s-part-0036.t-0009.t-msedge.net tcp
BE 142.251.168.154:443 stats.g.doubleclick.net tcp
US 13.107.246.64:443 s-part-0036.t-0009.t-msedge.net tcp
BE 142.251.168.154:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 c.clarity.ms udp
US 8.8.8.8:53 c-msn-pme.trafficmanager.net udp
IE 13.74.129.1:443 c-msn-pme.trafficmanager.net tcp
US 8.8.8.8:53 c-msn-pme.trafficmanager.net udp
US 8.8.8.8:53 c.bing.com udp
US 150.171.28.10:443 c.bing.com tcp
US 8.8.8.8:53 ax-0001.ax-msedge.net udp
US 8.8.8.8:53 ax-0001.ax-msedge.net udp
US 8.8.8.8:53 u.clarity.ms udp
US 4.227.249.197:443 u.clarity.ms tcp
US 8.8.8.8:53 clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com udp
US 8.8.8.8:53 polyfill-fastly.io udp
US 151.101.129.91:443 polyfill-fastly.io tcp
US 8.8.8.8:53 polyfill-fastly.io udp
US 8.8.8.8:53 polyfill-fastly.io udp
US 8.8.8.8:53 app.convertbox.com udp
US 8.8.8.8:53 app.convertbox.com udp
US 8.8.8.8:53 fonts.bunny.net udp
US 8.8.8.8:53 bunnyfonts.b-cdn.net udp
GB 79.127.237.132:443 fonts.bunny.net tcp
US 8.8.8.8:53 bunnyfonts.b-cdn.net udp
GB 79.127.237.132:443 fonts.bunny.net udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 guru99.click udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 guru99.click udp
US 52.72.49.79:443 guru99.click tcp
US 8.8.8.8:53 guru99.click udp
US 8.8.8.8:53 www.anrdoezrs.net udp
NL 89.207.16.75:443 www.anrdoezrs.net tcp
US 8.8.8.8:53 track.cj.akadns.net udp
US 8.8.8.8:53 track.cj.akadns.net udp
US 8.8.8.8:53 cj.dotomi.com udp
NL 89.207.16.75:443 cj.dotomi.com tcp
US 8.8.8.8:53 www.emjcd.com udp
NL 89.207.16.75:443 www.emjcd.com tcp
US 8.8.8.8:53 ashampoo.com udp
US 8.8.8.8:53 ashampoo.com udp
DE 18.197.209.74:443 ashampoo.com tcp
US 8.8.8.8:53 ashampoo.com udp
US 8.8.8.8:53 www.ashampoo.com udp
US 8.8.8.8:53 www.ashampoo.com udp
DE 18.197.209.74:443 www.ashampoo.com tcp
DE 18.197.209.74:443 www.ashampoo.com tcp
US 8.8.8.8:53 app.usercentrics.eu udp
US 8.8.8.8:53 img.ashampoo.com udp
US 8.8.8.8:53 static.zdassets.com udp
US 8.8.8.8:53 sih.ashampoo.com udp
US 35.190.14.188:443 app.usercentrics.eu tcp
US 8.8.8.8:53 app.usercentrics.eu udp
US 216.198.53.3:443 static.zdassets.com tcp
US 8.8.8.8:53 static.zdassets.com udp
GB 108.138.233.8:443 img.ashampoo.com tcp
GB 108.138.233.8:443 img.ashampoo.com tcp
GB 108.138.233.8:443 img.ashampoo.com tcp
GB 108.138.233.8:443 img.ashampoo.com tcp
GB 108.138.233.8:443 img.ashampoo.com tcp
GB 108.138.233.8:443 img.ashampoo.com tcp
GB 108.138.233.8:443 img.ashampoo.com tcp
GB 108.138.233.8:443 img.ashampoo.com tcp
US 8.8.8.8:53 widget.trustpilot.com udp
GB 108.138.233.8:443 img.ashampoo.com tcp
US 8.8.8.8:53 app.usercentrics.eu udp
US 8.8.8.8:53 static.zdassets.com udp
US 8.8.8.8:53 img.ashampoo.com udp
GB 54.192.137.49:443 widget.trustpilot.com tcp
US 8.8.8.8:53 sih.ashampoo.com udp
US 8.8.8.8:53 widget.trustpilot.com udp
US 8.8.8.8:53 img.ashampoo.com udp
US 8.8.8.8:53 widget.trustpilot.com udp
US 35.190.14.188:443 app.usercentrics.eu udp
US 8.8.8.8:53 sih.ashampoo.com udp
GB 3.166.49.70:443 sih.ashampoo.com tcp
GB 3.166.49.70:443 sih.ashampoo.com tcp
DE 18.197.209.74:443 www.ashampoo.com tcp
DE 18.197.209.74:443 www.ashampoo.com tcp
DE 18.197.209.74:443 www.ashampoo.com tcp
DE 18.197.209.74:443 www.ashampoo.com tcp
US 35.190.14.188:443 app.usercentrics.eu udp
US 8.8.8.8:53 ekr.zdassets.com udp
US 8.8.8.8:53 u.clarity.ms udp
US 8.8.8.8:53 ekr.zdassets.com udp
US 216.198.53.3:443 ekr.zdassets.com tcp
US 35.190.14.188:443 app.usercentrics.eu tcp
US 8.8.8.8:53 ekr.zdassets.com udp
US 8.8.8.8:53 api.usercentrics.eu udp
US 35.241.3.184:443 api.usercentrics.eu tcp
US 35.241.3.184:443 api.usercentrics.eu tcp
US 8.8.8.8:53 api.usercentrics.eu udp
US 8.8.8.8:53 api.usercentrics.eu udp
US 35.241.3.184:443 api.usercentrics.eu udp
US 35.241.3.184:443 api.usercentrics.eu udp
US 8.8.8.8:53 ashampoo.zendesk.com udp
US 216.198.53.1:443 ashampoo.zendesk.com tcp
US 8.8.8.8:53 ashampoo.zendesk.com udp
US 8.8.8.8:53 ashampoo.zendesk.com udp
US 8.8.8.8:53 consent-api.service.consent.usercentrics.eu udp
US 8.8.8.8:53 static.cleverpush.com udp
US 8.8.8.8:53 dynamic.criteo.com udp
US 8.8.8.8:53 ashampoo.slgnt.eu udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 www.redditstatic.com udp
US 35.201.111.240:443 consent-api.service.consent.usercentrics.eu tcp
US 35.201.111.240:443 consent-api.service.consent.usercentrics.eu tcp
US 104.26.15.31:443 static.cleverpush.com tcp
US 8.8.8.8:53 targetemsecure.blob.core.windows.net udp
DE 142.250.185.228:443 www.google.com tcp
US 8.8.8.8:53 www.mczbf.com udp
US 104.17.122.18:443 ashampoo.slgnt.eu tcp
US 8.8.8.8:53 pixel.byspotify.com udp
US 8.8.8.8:53 consent-api.service.consent.usercentrics.eu udp
US 8.8.8.8:53 static.cleverpush.com udp
US 150.171.27.10:443 bat.bing.com tcp
US 8.8.8.8:53 www.google.com udp
US 151.101.65.140:443 www.redditstatic.com tcp
NL 20.150.9.132:443 targetemsecure.blob.core.windows.net tcp
US 8.8.8.8:53 consent-api.service.consent.usercentrics.eu udp
US 34.117.162.98:443 pixel.byspotify.com tcp
GB 108.156.39.54:443 www.mczbf.com tcp
US 8.8.8.8:53 static.cleverpush.com udp
US 8.8.8.8:53 ashampoo.slgnt.eu.cdn.cloudflare.net udp
US 8.8.8.8:53 in-ftd-109.nl3.vip.prod.criteo.com udp
US 8.8.8.8:53 ashampoo.slgnt.eu.cdn.cloudflare.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 in-ftd-109.nl3.vip.prod.criteo.com udp
US 35.201.111.240:443 consent-api.service.consent.usercentrics.eu udp
US 8.8.8.8:53 dualstack.reddit.map.fastly.net udp
US 8.8.8.8:53 blob.ams21prdstr01a.store.core.windows.net udp
US 8.8.8.8:53 dualstack.reddit.map.fastly.net udp
US 8.8.8.8:53 pixel.byspotify.com udp
US 8.8.8.8:53 blob.ams21prdstr01a.store.core.windows.net udp
DE 142.250.185.228:443 www.google.com udp
US 34.117.162.98:443 pixel.byspotify.com udp
US 8.8.8.8:53 dcjdc5qmbbux7.cloudfront.net udp
US 8.8.8.8:53 pixel.byspotify.com udp
US 8.8.8.8:53 e10883.g.akamaiedge.net udp
NL 178.250.1.8:443 in-ftd-109.nl3.vip.prod.criteo.com tcp
FR 163.70.128.23:443 scontent.xx.fbcdn.net tcp
GB 2.18.109.242:443 e10883.g.akamaiedge.net tcp
US 8.8.8.8:53 dcjdc5qmbbux7.cloudfront.net udp
US 8.8.8.8:53 e10883.g.akamaiedge.net udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
US 216.239.34.36:443 region1.analytics.google.com tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 www.google.co.uk udp
DE 172.217.18.99:443 www.google.co.uk tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 gtm.ashampoo.com udp
FR 163.70.128.23:443 scontent.xx.fbcdn.net udp
US 216.239.32.21:443 gtm.ashampoo.com tcp
US 216.239.32.21:443 gtm.ashampoo.com tcp
US 8.8.8.8:53 gtm.ashampoo.com udp
US 216.239.34.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 wave.outbrain.com udp
US 8.8.8.8:53 tr.outbrain.com udp
US 8.8.8.8:53 gtm.ashampoo.com udp
DE 172.217.18.99:443 www.google.co.uk udp
US 8.8.8.8:53 chidc2.outbrain.org udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 chidc2.outbrain.org udp
DE 142.250.185.174:443 google.com tcp
DE 142.250.185.174:443 google.com tcp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 gum.criteo.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 google.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 gum.nl3.vip.prod.criteo.com udp
US 8.8.8.8:53 gum.nl3.vip.prod.criteo.com udp
DE 142.250.185.174:443 google.com udp
BE 142.251.168.157:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 ag.gbc.criteo.com udp
US 8.8.8.8:53 dnacdn.net udp
US 8.8.8.8:53 gem.gbc.criteo.com udp
US 8.8.8.8:53 gbc4.nl3.eu.criteo.com udp
NL 178.250.1.11:443 dnacdn.net tcp
US 8.8.8.8:53 dnacdn.net udp
US 8.8.8.8:53 gbc4.nl3.eu.criteo.com udp
US 8.8.8.8:53 gbc2.fr3.eu.criteo.com udp
FR 185.235.86.64:443 ag.gbc.criteo.com tcp
NL 185.235.87.131:443 gbc4.nl3.eu.criteo.com tcp
GB 2.18.109.242:443 wave.outbrain.com tcp
US 50.31.142.63:443 tr.outbrain.com tcp
US 8.8.8.8:53 dnacdn.net udp
US 50.31.142.63:443 tr.outbrain.com tcp
BE 142.251.168.157:443 stats.g.doubleclick.net udp
DE 18.197.209.74:443 www.ashampoo.com tcp
US 35.201.111.240:443 consent-api.service.consent.usercentrics.eu udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 gtm.ashampoo.com udp
US 8.8.8.8:53 gtm.ashampoo.com udp
DE 18.197.209.74:443 www.ashampoo.com tcp
US 8.8.8.8:53 cdn1.ashampoo.net udp
GB 18.245.162.126:443 cdn1.ashampoo.net tcp
US 8.8.8.8:53 d3q43xio2dych4.cloudfront.net udp
US 8.8.8.8:53 d3q43xio2dych4.cloudfront.net udp
US 8.8.8.8:53 graphql.usercentrics.eu udp
US 34.120.238.166:443 graphql.usercentrics.eu tcp
US 34.120.238.166:443 graphql.usercentrics.eu tcp
US 8.8.8.8:53 graphql.usercentrics.eu udp
US 8.8.8.8:53 graphql.usercentrics.eu udp
US 34.120.238.166:443 graphql.usercentrics.eu udp
US 8.8.8.8:53 crl.microsoft.com udp
GB 88.221.134.83:80 crl.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
GB 95.100.245.144:80 www.microsoft.com tcp
IE 52.142.124.215:443 duckduckgo.com tcp
US 8.8.8.8:53 www.bugsfighter.com udp
US 170.130.40.14:443 www.bugsfighter.com tcp
US 8.8.8.8:53 www.bugsfighter.com udp
US 8.8.8.8:53 www.bugsfighter.com udp
US 8.8.8.8:53 c0.wp.com udp
US 8.8.8.8:53 ad.admitad.com udp
US 8.8.8.8:53 bugsfighter.com udp
US 8.8.8.8:53 tdns4.gtranslate.net udp
US 8.8.8.8:53 i0.wp.com udp
US 192.0.77.37:443 c0.wp.com tcp
US 8.8.8.8:53 c0.wp.com udp
US 192.0.77.37:443 c0.wp.com tcp
US 192.0.77.37:443 c0.wp.com tcp
US 192.0.77.37:443 c0.wp.com tcp
US 192.0.77.37:443 c0.wp.com tcp
US 192.0.77.37:443 c0.wp.com tcp
US 192.0.76.3:443 stats.wp.com tcp
US 8.8.8.8:53 stats.wp.com udp
US 172.67.68.204:443 tdns4.gtranslate.net tcp
US 8.8.8.8:53 c0.wp.com udp
US 8.8.8.8:53 stats.wp.com udp
US 8.8.8.8:53 i0.wp.com udp
US 8.8.8.8:53 ad.admitad.com udp
US 8.8.8.8:53 i0.wp.com udp
US 8.8.8.8:53 ad.admitad.com udp
US 192.0.77.37:443 c0.wp.com udp
US 192.0.76.3:443 stats.wp.com udp
US 8.8.8.8:53 tdns4.gtranslate.net udp
US 8.8.8.8:53 bugsfighter.com udp
US 8.8.8.8:53 tdns4.gtranslate.net udp
US 8.8.8.8:53 bugsfighter.com udp
DE 185.26.99.247:443 ad.admitad.com tcp
US 170.130.40.14:443 bugsfighter.com tcp
US 192.0.77.2:443 i0.wp.com tcp
US 192.0.77.2:443 i0.wp.com tcp
US 192.0.77.2:443 i0.wp.com tcp
US 192.0.77.2:443 i0.wp.com tcp
US 192.0.77.2:443 i0.wp.com tcp
US 192.0.77.2:443 i0.wp.com tcp
US 192.0.77.2:443 i0.wp.com udp
US 8.8.8.8:53 csm.nl3.eu.criteo.net udp
US 8.8.8.8:53 cdn.admitad-connect.com udp
US 104.26.5.175:443 cdn.admitad-connect.com tcp
US 8.8.8.8:53 cdn.admitad-connect.com udp
US 8.8.8.8:53 cdn.admitad-connect.com udp
US 8.8.8.8:53 mc.yandex.ru udp
US 8.8.8.8:53 mc.yandex.ru udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 mc.yandex.ru udp
US 216.239.34.36:443 region1.analytics.google.com tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
DE 172.217.18.99:443 www.google.co.uk tcp
US 8.8.8.8:53 www.google.co.uk udp
US 216.239.34.36:443 region1.analytics.google.com udp
DE 172.217.18.99:443 www.google.co.uk udp
RU 93.158.134.119:443 mc.yandex.ru tcp
BE 142.251.168.156:443 stats.g.doubleclick.net tcp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
US 8.8.8.8:53 csm.nl3.vip.prod.criteo.net udp
US 8.8.8.8:53 csm.nl3.vip.prod.criteo.net udp
BE 142.251.168.156:443 stats.g.doubleclick.net tcp
BE 142.251.168.156:443 stats.g.doubleclick.net udp
RU 87.250.251.119:443 mc.yandex.ru tcp
US 8.8.8.8:53 appmaster.io udp
US 172.67.69.86:443 appmaster.io tcp
US 8.8.8.8:53 appmaster.io udp
US 8.8.8.8:53 appmaster.io udp
US 172.67.69.86:443 appmaster.io udp
US 8.8.8.8:53 js.hs-scripts.com udp
US 104.16.138.209:443 js.hs-scripts.com tcp
US 8.8.8.8:53 js.hs-scripts.com udp
US 104.26.14.122:443 appmaster.io tcp
US 8.8.8.8:53 s.appmaster.io udp
US 8.8.8.8:53 s.appmaster.io udp
US 8.8.8.8:53 js.hs-banner.com udp
US 8.8.8.8:53 js.hs-analytics.net udp
US 104.18.40.240:443 js.hs-banner.com tcp
US 8.8.8.8:53 js.hs-banner.com udp
US 8.8.8.8:53 js.hs-analytics.net udp
US 8.8.8.8:53 js.hs-banner.com udp
US 8.8.8.8:53 js.hs-analytics.net udp
US 104.26.14.122:443 s.appmaster.io udp
US 8.8.8.8:53 chat.appmaster.io udp
US 8.8.8.8:53 pixel.wp.com udp
US 172.67.69.86:443 chat.appmaster.io tcp
US 8.8.8.8:53 chat.appmaster.io udp
US 192.0.76.3:443 pixel.wp.com tcp
US 8.8.8.8:53 pixel.wp.com udp
US 8.8.8.8:53 chat.appmaster.io udp
US 8.8.8.8:53 pixel.wp.com udp
US 192.0.76.3:443 pixel.wp.com udp
US 172.67.69.86:443 chat.appmaster.io udp
US 104.17.175.201:443 js.hs-analytics.net tcp
US 8.8.8.8:53 chat.appmaster.io udp
US 8.8.8.8:53 track.hubspot.com udp
US 8.8.8.8:53 js-na1.hs-scripts.com udp
US 104.26.14.122:443 chat.appmaster.io udp
US 8.8.8.8:53 chat.appmaster.io udp
US 172.67.69.86:443 chat.appmaster.io tcp
US 104.16.141.209:443 js-na1.hs-scripts.com tcp
US 8.8.8.8:53 js-na1.hs-scripts.com udp
US 104.16.118.116:443 track.hubspot.com tcp
US 104.16.118.116:443 track.hubspot.com tcp
US 8.8.8.8:53 track.hubspot.com udp
US 8.8.8.8:53 js-na1.hs-scripts.com udp
US 8.8.8.8:53 track.hubspot.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 www.google.co.uk udp
DE 172.217.18.99:443 www.google.co.uk tcp
US 216.239.34.36:443 region1.analytics.google.com tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 216.239.34.36:443 region1.analytics.google.com udp
DE 172.217.18.99:443 www.google.co.uk udp
BE 142.251.168.156:443 stats.g.doubleclick.net tcp
US 172.67.69.86:443 chat.appmaster.io udp
BE 142.251.168.156:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 dl.enigmasoftware.com udp
GB 18.245.143.95:443 dl.enigmasoftware.com tcp
US 8.8.8.8:53 dl.enigmasoftware.com udp
RU 87.250.251.119:443 mc.yandex.ru tcp
US 8.8.8.8:53 d1grahinjz4k7j.cloudfront.net udp
US 8.8.8.8:53 d1grahinjz4k7j.cloudfront.net udp
GB 18.245.158.177:443 d1grahinjz4k7j.cloudfront.net tcp
N/A 127.0.0.1:56975 tcp
US 8.8.8.8:53 geo-ip.enigmasoft.net udp
GB 18.244.164.14:443 geo-ip.enigmasoft.net tcp
N/A 127.0.0.1:56978 tcp
GB 79.127.237.132:80 fonts.bunny.net tcp
N/A 127.0.0.1:56981 tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
GB 18.244.164.14:443 geo-ip.enigmasoft.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
N/A 127.0.0.1:56984 tcp
N/A 127.0.0.1:56987 tcp
N/A 127.0.0.1:56992 tcp
N/A 127.0.0.1:56995 tcp
N/A 127.0.0.1:56998 tcp
N/A 127.0.0.1:57001 tcp
N/A 127.0.0.1:57006 tcp
GB 18.245.143.95:443 dl.enigmasoftware.com tcp
US 8.8.8.8:53 instcfg.enigmasoftware.com udp
GB 18.245.218.128:443 instcfg.enigmasoftware.com tcp
N/A 127.0.0.1:57010 tcp
N/A 127.0.0.1:57013 tcp
N/A 127.0.0.1:57018 tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
N/A 127.0.0.1:57022 tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
N/A 127.0.0.1:57061 tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
N/A 127.0.0.1:57082 tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
N/A 127.0.0.1:57093 tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
N/A 127.0.0.1:57099 tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
N/A 127.0.0.1:57111 tcp
N/A 127.0.0.1:57115 tcp
N/A 127.0.0.1:57120 tcp
N/A 127.0.0.1:57126 tcp
N/A 127.0.0.1:57130 tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
N/A 127.0.0.1:57134 tcp
N/A 127.0.0.1:57138 tcp
N/A 127.0.0.1:57142 tcp
N/A 127.0.0.1:57146 tcp
N/A 127.0.0.1:57150 tcp
N/A 127.0.0.1:57154 tcp
N/A 127.0.0.1:57158 tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
N/A 127.0.0.1:57162 tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
US 8.8.8.8:53 u.clarity.ms udp
US 4.227.249.197:443 u.clarity.ms tcp
US 8.8.8.8:53 clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com udp
GB 79.127.237.132:443 fonts.bunny.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
N/A 127.0.0.1:57166 tcp
N/A 127.0.0.1:57170 tcp
N/A 127.0.0.1:57174 tcp
N/A 127.0.0.1:57179 tcp
N/A 127.0.0.1:57183 tcp
N/A 127.0.0.1:57187 tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
N/A 127.0.0.1:57192 tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
N/A 127.0.0.1:57196 tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
N/A 127.0.0.1:57200 tcp
N/A 127.0.0.1:57204 tcp
N/A 127.0.0.1:57208 tcp
N/A 127.0.0.1:57212 tcp
N/A 127.0.0.1:57216 tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
N/A 127.0.0.1:57220 tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
N/A 127.0.0.1:57224 tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
US 8.8.8.8:53 studio.appmaster.io udp
US 104.26.14.122:443 studio.appmaster.io tcp
US 8.8.8.8:53 studio.appmaster.io udp
GB 79.127.237.132:443 fonts.bunny.net tcp
US 8.8.8.8:53 studio.appmaster.io udp
GB 79.127.237.132:443 fonts.bunny.net tcp
US 104.26.14.122:443 studio.appmaster.io udp
US 8.8.8.8:53 www.google.com udp
US 104.16.138.209:443 js-na1.hs-scripts.com tcp
US 8.8.8.8:53 www.google.com udp
DE 142.250.185.228:443 www.google.com tcp
DE 142.250.185.228:443 www.google.com tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
DE 142.250.185.228:443 www.google.com udp
N/A 127.0.0.1:57228 tcp
N/A 127.0.0.1:57232 tcp
N/A 127.0.0.1:57237 tcp
N/A 127.0.0.1:57241 tcp
N/A 127.0.0.1:57252 tcp
US 104.26.14.122:443 studio.appmaster.io udp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 ax-0001.ax-msedge.net udp
US 104.26.14.122:443 studio.appmaster.io udp
US 8.8.8.8:53 improving.duckduckgo.com udp
US 8.8.8.8:53 improving.duckduckgo.com udp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 u.clarity.ms udp
US 8.8.8.8:53 improving.duckduckgo.com udp
US 8.8.8.8:53 clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
DE 172.217.18.99:443 www.google.co.uk udp
US 8.8.8.8:53 gtm.ashampoo.com udp
US 216.239.34.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 gtm.ashampoo.com udp
US 216.239.34.36:443 region1.analytics.google.com tcp
US 216.239.32.36:443 region1.analytics.google.com tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
US 4.227.249.197:443 clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
US 8.8.8.8:53 gtm.ashampoo.com udp
US 34.120.238.166:443 graphql.usercentrics.eu udp
GB 79.127.237.132:80 fonts.bunny.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 external-content.duckduckgo.com udp
US 8.8.8.8:53 external-content.duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 links.duckduckgo.com udp
US 8.8.8.8:53 links.duckduckgo.com udp
US 8.8.8.8:53 links.duckduckgo.com udp
IE 20.223.54.233:443 links.duckduckgo.com tcp
N/A 127.0.0.1:57363 tcp
N/A 127.0.0.1:57377 tcp
N/A 127.0.0.1:57383 tcp
N/A 127.0.0.1:57393 tcp
N/A 127.0.0.1:57396 tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 gtm.ashampoo.com udp
US 8.8.8.8:53 gtm.ashampoo.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
GB 79.127.237.132:80 fonts.bunny.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
N/A 127.0.0.1:57507 tcp
N/A 127.0.0.1:57510 tcp
N/A 127.0.0.1:57514 tcp
GB 79.127.237.132:80 fonts.bunny.net tcp
N/A 127.0.0.1:57517 tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
N/A 127.0.0.1:57521 tcp
US 8.8.8.8:53 installer.enigmasoftware.com udp
US 8.8.8.8:53 linktarget.ashampoo.com udp
BE 207.211.214.145:80 installer.enigmasoftware.com tcp
BE 207.211.214.145:443 installer.enigmasoftware.com tcp
DE 52.59.70.47:443 et.ashampoo.com tcp
DE 52.59.70.47:443 et.ashampoo.com tcp
N/A 127.0.0.1:57548 tcp
N/A 127.0.0.1:57577 tcp
BE 207.211.214.145:443 installer.enigmasoftware.com tcp
US 8.8.8.8:53 www.enigmasoftware.com udp
GB 52.84.90.76:443 www.enigmasoftware.com tcp
GB 52.84.90.76:443 www.enigmasoftware.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 tt.web.enigmasoftware.com udp
IE 34.252.174.61:443 tt.web.enigmasoftware.com tcp
GB 18.244.164.14:443 geo-ip.enigmasoft.net tcp
GB 52.84.90.76:443 www.enigmasoftware.com tcp
GB 52.84.90.76:443 www.enigmasoftware.com tcp
GB 52.84.90.76:443 www.enigmasoftware.com tcp
GB 52.84.90.76:443 www.enigmasoftware.com tcp
US 8.8.8.8:53 api.enigmasoft.net udp
US 35.169.6.164:443 api.enigmasoft.net tcp
N/A 127.0.0.1:57769 tcp
US 35.169.6.164:443 api.enigmasoft.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
US 35.169.6.164:443 api.enigmasoft.net tcp
IE 34.252.174.61:443 tt.web.enigmasoftware.com tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
US 8.8.8.8:53 rh.downloads.enigmasoft.net udp
GB 18.245.253.95:443 rh.downloads.enigmasoft.net tcp
US 35.169.6.164:443 api.enigmasoft.net tcp
US 35.169.6.164:443 api.enigmasoft.net tcp
N/A 127.0.0.1:57878 tcp
US 35.169.6.164:443 api.enigmasoft.net tcp
US 8.8.8.8:53 crl.microsoft.com udp
US 8.8.8.8:53 crl.microsoft.com udp
GB 88.221.134.83:80 crl.microsoft.com tcp
US 8.8.8.8:53 crl.microsoft.com udp
GB 88.221.134.83:80 crl.microsoft.com tcp
N/A 127.0.0.1:57973 tcp
RU 88.212.207.73:443 www.softodrom.ru tcp
GB 88.221.134.83:80 crl.microsoft.com tcp
RU 88.212.207.73:443 www.softodrom.ru tcp
N/A 127.0.0.1:57998 tcp
N/A 127.0.0.1:58002 tcp
N/A 127.0.0.1:58008 tcp
N/A 127.0.0.1:58010 tcp
N/A 127.0.0.1:58015 tcp
N/A 127.0.0.1:58021 tcp
N/A 127.0.0.1:58024 tcp
N/A 127.0.0.1:58027 tcp
N/A 127.0.0.1:58030 tcp
N/A 127.0.0.1:58037 tcp
N/A 127.0.0.1:58044 tcp
N/A 127.0.0.1:58056 tcp
GB 88.221.134.83:80 crl.microsoft.com tcp
GB 88.221.134.83:80 crl.microsoft.com tcp
N/A 127.0.0.1:58065 tcp
US 8.8.8.8:53 external-content.duckduckgo.com udp
US 8.8.8.8:53 external-content.duckduckgo.com udp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
US 8.8.8.8:53 external-content.duckduckgo.com udp
US 8.8.8.8:53 external-content.duckduckgo.com udp
US 8.8.8.8:53 ul.enigmasoft.net udp
IE 52.49.231.191:80 ul.enigmasoft.net tcp
US 8.8.8.8:53 www.microsoft.com udp
GB 95.100.245.144:80 www.microsoft.com tcp
GB 88.221.134.83:80 crl.microsoft.com tcp
IE 52.49.231.191:80 ul.enigmasoft.net tcp
US 8.8.8.8:53 crl.globalsign.com udp
US 151.101.66.133:80 crl.globalsign.com tcp
IE 52.49.231.191:80 ul.enigmasoft.net tcp
US 151.101.66.133:80 crl.globalsign.com tcp
US 8.8.8.8:53 crl.comodoca.com udp
US 172.64.149.23:80 crl.comodoca.com tcp
US 8.8.8.8:53 znanio.ru udp
RU 95.129.232.2:443 znanio.ru tcp
US 8.8.8.8:53 znanio.ru udp
US 8.8.8.8:53 znanio.ru udp
US 8.8.8.8:53 www.artfut.com udp
US 8.8.8.8:53 fs.znanio.ru udp
RU 212.41.26.40:443 fs.znanio.ru tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
US 8.8.8.8:53 fs.znanio.ru udp
US 104.26.0.109:443 www.artfut.com tcp
US 8.8.8.8:53 www.artfut.com udp
US 8.8.8.8:53 fs.znanio.ru udp
US 8.8.8.8:53 www.artfut.com udp
US 8.8.8.8:53 mc.yandex.ru udp
RU 212.41.26.40:443 fs.znanio.ru tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
US 8.8.8.8:53 yandex.ru udp
US 8.8.8.8:53 top-fwz1.mail.ru udp
RU 77.88.55.88:443 yandex.ru tcp
US 8.8.8.8:53 yandex.ru udp
US 8.8.8.8:53 top-fwz1.mail.ru udp
RU 212.41.26.40:443 fs.znanio.ru tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
US 8.8.8.8:53 yastatic.net udp
GB 95.100.245.144:80 www.microsoft.com tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
US 8.8.8.8:53 yastatic.net udp
US 8.8.8.8:53 yastatic.net udp
US 8.8.8.8:53 matchid.adfox.yandex.ru udp
RU 93.158.134.118:443 matchid.adfox.yandex.ru tcp
US 8.8.8.8:53 matchid-production.adfox.yandex.ru udp
US 8.8.8.8:53 matchid-production.adfox.yandex.ru udp
RU 87.250.250.119:443 mc.yandex.ru tcp
RU 95.163.52.67:443 top-fwz1.mail.ru tcp
RU 95.163.52.67:443 top-fwz1.mail.ru tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
BE 142.251.168.157:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
BE 142.251.168.157:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
DE 172.217.18.99:443 www.google.co.uk tcp
US 216.239.34.36:443 region1.analytics.google.com tcp
US 8.8.8.8:53 region1.analytics.google.com udp
RU 87.250.251.119:443 mc.yandex.ru tcp
US 216.239.34.36:443 region1.analytics.google.com udp
DE 172.217.18.99:443 www.google.co.uk udp
US 8.8.8.8:53 crl.microsoft.com udp
GB 88.221.134.83:80 crl.microsoft.com tcp
GB 79.127.237.132:443 fonts.bunny.net tcp
RU 87.250.251.119:443 mc.yandex.ru tcp
US 8.8.8.8:53 crl.comodoca.com udp
US 172.64.149.23:80 crl.comodoca.com tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
US 8.8.8.8:53 csc3-2010-crl.verisign.com udp
GB 104.78.173.45:80 csc3-2010-crl.verisign.com tcp
US 8.8.8.8:53 ocsp.thawte.com udp
GB 104.78.173.45:80 ocsp.thawte.com tcp
US 8.8.8.8:53 crl.thawte.com udp
GB 104.78.173.45:80 crl.thawte.com tcp
US 8.8.8.8:53 geneweb.tuxfamily.org udp
FR 212.85.158.4:443 geneweb.tuxfamily.org tcp
US 8.8.8.8:53 geneweb.tuxfamily.org udp
RU 212.41.26.40:443 fs.znanio.ru tcp
US 8.8.8.8:53 geneweb.tuxfamily.org udp
RU 212.41.26.40:443 fs.znanio.ru tcp
US 8.8.8.8:53 links.duckduckgo.com udp
IE 20.223.54.233:443 links.duckduckgo.com tcp
US 8.8.8.8:53 links.duckduckgo.com udp
US 8.8.8.8:53 links.duckduckgo.com udp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.124.215:443 duckduckgo.com tcp
IE 52.142.124.215:443 duckduckgo.com tcp
FR 212.85.158.4:443 geneweb.tuxfamily.org tcp
FR 212.85.158.4:443 geneweb.tuxfamily.org tcp
US 8.8.8.8:53 download.tuxfamily.org udp
US 8.8.8.8:53 ielo.downloads.tuxfamily.net udp
US 8.8.8.8:53 ielo.downloads.tuxfamily.net udp
US 8.8.8.8:53 crl.globalsign.com udp
US 151.101.130.133:80 crl.globalsign.com tcp
FR 212.85.158.13:443 ielo.downloads.tuxfamily.net tcp
FR 212.85.158.13:443 ielo.downloads.tuxfamily.net tcp
FR 212.85.158.13:443 ielo.downloads.tuxfamily.net tcp
FR 212.85.158.13:443 ielo.downloads.tuxfamily.net tcp
IE 52.49.231.191:80 ul.enigmasoft.net tcp
US 8.8.8.8:53 CSC3-2004-crl.verisign.com udp
FR 212.85.158.13:443 ielo.downloads.tuxfamily.net tcp
FR 212.85.158.13:443 ielo.downloads.tuxfamily.net tcp
US 8.8.8.8:53 external-content.duckduckgo.com udp
RU 212.41.26.40:443 fs.znanio.ru tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
US 8.8.8.8:53 api.enigmasoft.net udp
US 3.211.54.195:443 api.enigmasoft.net tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
RU 212.41.26.40:443 fs.znanio.ru tcp
IE 52.49.231.191:80 ul.enigmasoft.net tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
N/A 127.0.0.1:58436 tcp
US 8.8.8.8:53 csc3-2004-crl.verisign.com udp
US 8.8.8.8:53 csc3-2010-crl.verisign.com udp
GB 104.78.173.45:80 csc3-2010-crl.verisign.com tcp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 gameforge.com udp
US 172.64.144.70:443 gameforge.com tcp
US 8.8.8.8:53 gameforge.com udp
US 8.8.8.8:53 gameforge.com udp
US 8.8.8.8:53 igroutka.ru udp
RU 77.223.125.52:443 igroutka.ru tcp
US 8.8.8.8:53 igroutka.ru udp
US 8.8.8.8:53 igroutka.ru udp
RU 77.223.125.52:443 igroutka.ru tcp
US 8.8.8.8:53 analytics-live.gameforge.com udp
DE 79.110.87.55:443 analytics-live.gameforge.com tcp
US 8.8.8.8:53 analytics-live.gameforge.com udp
US 8.8.8.8:53 analytics-live.gameforge.com udp
US 8.8.8.8:53 gameforge.com udp
RU 77.223.125.52:443 igroutka.ru tcp
RU 77.223.125.52:443 igroutka.ru tcp
US 8.8.8.8:53 ul.enigmasoft.net udp
IE 52.49.231.191:80 ul.enigmasoft.net tcp
US 8.8.8.8:53 crl.sectigo.com udp
US 172.64.149.23:80 crl.sectigo.com tcp
US 3.211.54.195:443 api.enigmasoft.net tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 support.mozilla.org udp
US 8.8.8.8:53 us-west1.prod.sumo.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 api.enigmasoft.net udp
US 35.169.6.164:443 api.enigmasoft.net tcp
US 35.169.6.164:443 api.enigmasoft.net tcp
N/A 127.0.0.1:58546 tcp
US 8.8.8.8:53 ru.wikihow.com udp
US 151.101.65.91:443 ru.wikihow.com tcp
US 8.8.8.8:53 n.sni.global.fastly.net udp
US 8.8.8.8:53 n.sni.global.fastly.net udp
US 151.101.65.91:443 n.sni.global.fastly.net udp
US 8.8.8.8:53 dn0qt3r0xannq.cloudfront.net udp
US 8.8.8.8:53 www.wikihow.com udp
US 8.8.8.8:53 sb.scorecardresearch.com udp
GB 18.244.140.95:443 dn0qt3r0xannq.cloudfront.net tcp
US 8.8.8.8:53 sb.scorecardresearch.com udp
US 8.8.8.8:53 dn0qt3r0xannq.cloudfront.net udp
US 8.8.8.8:53 sb.scorecardresearch.com udp
US 8.8.8.8:53 lh3.googleusercontent.com udp
IE 52.142.124.215:443 duckduckgo.com tcp
DE 142.250.186.97:443 lh3.googleusercontent.com tcp
DE 142.250.186.97:443 lh3.googleusercontent.com tcp
US 8.8.8.8:53 googlehosted.l.googleusercontent.com udp
DE 142.250.186.97:443 lh3.googleusercontent.com udp
GB 18.244.140.95:443 dn0qt3r0xannq.cloudfront.net udp
US 8.8.8.8:53 edge.aditude.io udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 104.22.61.119:443 edge.aditude.io tcp
US 8.8.8.8:53 raven-edge.aditude.io udp
US 172.67.10.132:443 raven-edge.aditude.io tcp
US 8.8.8.8:53 edge.aditude.io udp
DE 142.250.186.34:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 104.22.34.123:443 static.kueezrtb.com tcp
US 8.8.8.8:53 raven-edge.aditude.io udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 edge.aditude.io udp
US 8.8.8.8:53 static.kueezrtb.com udp
N/A 127.0.0.1:58549 tcp
US 8.8.8.8:53 static.kueezrtb.com udp
US 151.101.193.91:443 www.wikihow.com tcp
US 151.101.193.91:443 www.wikihow.com tcp
US 151.101.193.91:443 www.wikihow.com tcp
US 151.101.193.91:443 www.wikihow.com tcp
DE 142.250.186.34:443 securepubads.g.doubleclick.net udp
US 151.101.193.91:443 www.wikihow.com udp
US 8.8.8.8:53 raven-static.aditude.io udp
US 104.22.61.119:443 raven-static.aditude.io tcp
US 8.8.8.8:53 raven-static.aditude.io udp
US 8.8.8.8:53 raven-static.aditude.io udp
GB 18.154.84.16:443 sb.scorecardresearch.com tcp
US 8.8.8.8:53 links.duckduckgo.com udp
US 8.8.8.8:53 links.duckduckgo.com udp
US 8.8.8.8:53 links.duckduckgo.com udp
IE 20.223.54.233:443 links.duckduckgo.com tcp
US 8.8.8.8:53 links.duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 location.services.mozilla.com udp
US 8.8.8.8:53 duckduckgo.com udp
US 35.190.72.216:443 location.services.mozilla.com tcp
US 8.8.8.8:53 prod.classify-client.prod.webservices.mozgcp.net udp
US 35.169.6.164:443 api.enigmasoft.net tcp
US 8.8.8.8:53 prod.classify-client.prod.webservices.mozgcp.net udp
US 35.190.72.216:443 prod.classify-client.prod.webservices.mozgcp.net udp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
N/A 127.0.0.1:58553 tcp
N/A 127.0.0.1:58556 tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 216.239.34.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 vseigru.net udp
US 172.67.68.56:443 vseigru.net tcp
US 8.8.8.8:53 vseigru.net udp
US 8.8.8.8:53 vseigru.net udp
US 8.8.8.8:53 vseigru.net udp
US 8.8.8.8:53 mc.yandex.ru udp
US 8.8.8.8:53 vseigru.net udp
RU 87.250.250.119:443 mc.yandex.ru tcp
US 8.8.8.8:53 mc.yandex.ru udp
US 8.8.8.8:53 mc.yandex.ru udp
US 8.8.8.8:53 mc.yandex.com udp
RU 93.158.134.119:443 mc.yandex.com tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
DE 142.250.185.161:443 tpc.googlesyndication.com tcp
DE 142.250.185.161:443 tpc.googlesyndication.com tcp
DE 142.250.185.161:443 tpc.googlesyndication.com tcp
DE 142.250.185.161:443 tpc.googlesyndication.com tcp
DE 142.250.185.161:443 tpc.googlesyndication.com tcp
DE 142.250.185.161:443 tpc.googlesyndication.com tcp
DE 142.250.185.161:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
DE 142.250.184.226:443 ep1.adtrafficquality.google tcp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
DE 142.250.184.226:443 ep1.adtrafficquality.google udp
US 8.8.8.8:53 ep2.adtrafficquality.google udp
DE 142.250.184.225:443 ep2.adtrafficquality.google tcp
US 8.8.8.8:53 ep2.adtrafficquality.google udp
US 8.8.8.8:53 ep2.adtrafficquality.google udp
DE 142.250.184.225:443 ep2.adtrafficquality.google udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 free.webcompanion.com udp
US 8.8.8.8:53 free.webcompanion.com udp
US 45.63.66.114:443 free.webcompanion.com tcp
DE 172.217.18.2:443 googleads.g.doubleclick.net tcp
DE 172.217.18.2:443 googleads.g.doubleclick.net udp
US 45.63.66.114:443 free.webcompanion.com tcp
US 45.63.66.114:443 free.webcompanion.com tcp
US 45.63.66.114:443 free.webcompanion.com tcp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 45.63.66.114:443 free.webcompanion.com tcp
US 45.63.66.114:443 free.webcompanion.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 104.18.86.42:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 cdn.cookielaw.org udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 cdn.cookielaw.org udp
US 104.17.25.14:443 cdnjs.cloudflare.com udp
US 8.8.8.8:53 cloud.webcompanion.com udp
US 8.8.8.8:53 www.clarity.ms udp
US 104.18.86.42:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 s-part-0036.t-0009.t-msedge.net udp
CA 20.48.202.165:443 cloud.webcompanion.com tcp
US 8.8.8.8:53 waws-prod-yt1-053-803d.canadacentral.cloudapp.azure.com udp
US 8.8.8.8:53 s-part-0036.t-0009.t-msedge.net udp
US 8.8.8.8:53 waws-prod-yt1-053-803d.canadacentral.cloudapp.azure.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 www.google.com udp
DE 142.250.185.228:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 geolocation.onetrust.com udp
DE 142.250.185.228:443 www.google.com udp
US 104.18.32.137:443 geolocation.onetrust.com tcp
US 8.8.8.8:53 geolocation.onetrust.com udp
US 8.8.8.8:53 geolocation.onetrust.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 13.107.246.64:443 s-part-0036.t-0009.t-msedge.net tcp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 privacyportal-eu.onetrust.com udp
US 172.64.155.119:443 privacyportal-eu.onetrust.com tcp
US 8.8.8.8:53 privacyportal-eu.onetrust.com udp
US 8.8.8.8:53 privacyportal-eu.onetrust.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 13.107.246.64:443 s-part-0036.t-0009.t-msedge.net tcp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 www.google.co.uk udp
DE 172.217.18.99:443 www.google.co.uk tcp
DE 172.217.18.99:443 www.google.co.uk udp
US 8.8.8.8:53 c.clarity.ms udp
N/A 127.0.0.1:58596 tcp
US 8.8.8.8:53 u.clarity.ms udp
US 8.8.8.8:53 download.webc.co udp
US 8.8.8.8:53 c-msn-pme.trafficmanager.net udp
US 4.227.249.197:443 u.clarity.ms tcp
US 104.21.88.13:443 download.webc.co tcp
US 8.8.8.8:53 download.webc.co udp
US 8.8.8.8:53 download.webc.co udp
US 104.21.88.13:443 download.webc.co udp
N/A 127.0.0.1:58665 tcp
N/A 127.0.0.1:58672 tcp
US 8.8.8.8:53 geo.lavasoft.com udp
US 104.16.148.130:80 geo.lavasoft.com tcp
US 8.8.8.8:53 u.clarity.ms udp
US 8.8.8.8:53 clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com udp
US 8.8.8.8:53 featureflags.lavasoft.com udp
US 104.16.149.130:443 featureflags.lavasoft.com tcp
N/A 127.0.0.1:58681 tcp
N/A 127.0.0.1:58684 tcp
N/A 127.0.0.1:58687 tcp
US 8.8.8.8:53 flwadw.com udp
US 104.18.26.149:443 flwadw.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 privacyportal-eu.onetrust.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 privacyportal-eu.onetrust.com udp
US 172.64.155.119:443 privacyportal-eu.onetrust.com tcp
US 172.64.155.119:443 privacyportal-eu.onetrust.com tcp
N/A 127.0.0.1:58690 tcp
N/A 127.0.0.1:58693 tcp
US 8.8.8.8:53 u.clarity.ms udp
US 8.8.8.8:53 u.clarity.ms udp
US 4.227.249.197:443 u.clarity.ms tcp
N/A 127.0.0.1:58704 tcp
US 8.8.8.8:53 wcdownloadercdn.lavasoft.com udp
US 104.16.149.130:443 wcdownloadercdn.lavasoft.com tcp
US 8.8.8.8:53 u.clarity.ms udp
US 8.8.8.8:53 clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com udp
N/A 127.0.0.1:58911 tcp
N/A 127.0.0.1:58936 tcp
N/A 127.0.0.1:58965 tcp
US 8.8.8.8:53 minecraft-inside.ru udp
US 172.67.68.102:443 minecraft-inside.ru tcp
US 8.8.8.8:53 minecraft-inside.ru udp
US 8.8.8.8:53 minecraft-inside.ru udp
IE 20.223.54.233:443 links.duckduckgo.com tcp
US 8.8.8.8:53 links.duckduckgo.com udp
US 8.8.8.8:53 links.duckduckgo.com udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 8.8.8.8:53 links.duckduckgo.com udp
US 104.18.94.41:443 challenges.cloudflare.com tcp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 104.18.94.41:443 challenges.cloudflare.com udp
IE 52.142.124.215:443 duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 improving.duckduckgo.com udp
US 8.8.8.8:53 improving.duckduckgo.com udp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
US 8.8.8.8:53 improving.duckduckgo.com udp
US 8.8.8.8:53 minecraft-inside.ru udp
US 8.8.8.8:53 minecraft-inside.ru udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 cloud.webcompanion.com udp
US 8.8.8.8:53 u.clarity.ms udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com udp
US 8.8.8.8:53 waws-prod-yt1-053-803d.canadacentral.cloudapp.azure.com udp
US 104.16.148.130:80 wcdownloadercdn.lavasoft.com tcp
US 4.227.249.197:443 clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com tcp
US 104.16.149.130:443 wcdownloadercdn.lavasoft.com tcp
US 104.18.26.149:443 flwadw.com tcp
US 8.8.8.8:53 wc-partners.lavasoft.com udp
CA 64.18.87.82:80 wc-partners.lavasoft.com tcp
US 8.8.8.8:53 gamely.pro udp
US 104.26.2.47:443 gamely.pro tcp
US 8.8.8.8:53 gamely.pro udp
US 8.8.8.8:53 gamely.pro udp
US 104.26.2.47:443 gamely.pro udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 104.18.95.41:443 challenges.cloudflare.com tcp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 8.8.8.8:53 gamely.pro udp
US 8.8.8.8:53 gamely.pro udp
US 104.18.95.41:443 challenges.cloudflare.com udp
US 8.8.8.8:53 webcompanion.com udp
US 104.19.159.224:80 webcompanion.com tcp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 8.8.8.8:53 minecraft-inside.ru udp
US 8.8.8.8:53 minecraft-inside.ru udp
US 8.8.8.8:53 challenges.cloudflare.com udp
N/A 127.0.0.1:59298 tcp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 8.8.8.8:53 minecraft-inside.ru udp
US 8.8.8.8:53 yandex.ru udp
US 8.8.8.8:53 minecraft-inside.ru udp
RU 77.88.44.55:443 yandex.ru tcp
US 8.8.8.8:53 top-fwz1.mail.ru udp
US 8.8.8.8:53 yandex.ru udp
US 8.8.8.8:53 yandex.ru udp
US 8.8.8.8:53 top-fwz1.mail.ru udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 8.8.8.8:53 st.top100.ru udp
US 8.8.8.8:53 counter.yadro.ru udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 151.101.129.229:443 cdn.jsdelivr.net tcp
US 8.8.8.8:53 jsdelivr.map.fastly.net udp
US 8.8.8.8:53 2e2qdr4l9f.a.trbcdn.net udp
DE 151.236.71.248:443 2e2qdr4l9f.a.trbcdn.net tcp
US 8.8.8.8:53 jsdelivr.map.fastly.net udp
US 8.8.8.8:53 yastatic.net udp
US 151.101.129.229:443 jsdelivr.map.fastly.net udp
RU 178.154.131.217:443 yastatic.net tcp
US 8.8.8.8:53 yastatic.net udp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
N/A 127.0.0.1:59304 tcp
US 8.8.8.8:53 kraken.rambler.ru udp
RU 81.19.89.17:443 kraken.rambler.ru tcp
US 8.8.8.8:53 kraken.rambler.ru udp
RU 95.163.52.67:443 top-fwz1.mail.ru tcp
RU 88.212.202.52:443 counter.yadro.ru tcp
RU 95.163.52.67:443 top-fwz1.mail.ru tcp
RU 81.19.89.17:443 kraken.rambler.ru tcp
RU 81.19.89.18:443 kraken.rambler.ru tcp
RU 95.163.52.67:443 top-fwz1.mail.ru tcp
RU 88.212.202.52:443 counter.yadro.ru tcp
RU 95.163.52.67:443 top-fwz1.mail.ru tcp
RU 81.19.89.18:443 kraken.rambler.ru tcp
US 104.19.159.224:443 webcompanion.com tcp
US 8.8.8.8:53 webcompanion.com udp
US 8.8.8.8:53 webcompanion.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
DE 142.250.185.138:443 ajax.googleapis.com tcp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 mc.yandex.ru udp
US 8.8.8.8:53 mc.yandex.ru udp
US 8.8.8.8:53 an.yandex.ru udp
DE 142.250.185.138:443 ajax.googleapis.com udp
US 8.8.8.8:53 favicon.yandex.net udp
US 8.8.8.8:53 avatars.mds.yandex.net udp
RU 213.180.193.90:443 an.yandex.ru tcp
RU 213.180.193.90:443 an.yandex.ru tcp
US 8.8.8.8:53 an.yandex.ru udp
RU 87.250.247.183:443 avatars.mds.yandex.net tcp
RU 87.250.247.183:443 avatars.mds.yandex.net tcp
US 8.8.8.8:53 avatars.mds.yandex.net udp
RU 213.180.204.36:443 favicon.yandex.net tcp
RU 213.180.204.36:443 favicon.yandex.net tcp
US 8.8.8.8:53 favicon.yandex.net udp
US 8.8.8.8:53 an.yandex.ru udp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 favicon.yandex.net udp
US 150.171.28.10:443 bat.bing.com tcp
US 8.8.8.8:53 ax-0001.ax-msedge.net udp
RU 87.250.251.119:443 mc.yandex.ru tcp
RU 87.250.251.119:443 mc.yandex.ru tcp
US 8.8.8.8:53 cdn.inspectlet.com udp
US 104.22.56.245:443 cdn.inspectlet.com tcp
US 8.8.8.8:53 cdn.inspectlet.com udp
US 8.8.8.8:53 cdn.inspectlet.com udp
US 8.8.8.8:53 www.clarity.ms udp
US 104.22.56.245:443 cdn.inspectlet.com udp
US 8.8.8.8:53 s-part-0036.t-0009.t-msedge.net udp
US 104.16.149.130:443 wcdownloadercdn.lavasoft.com tcp
N/A 127.0.0.1:59307 tcp
US 104.18.26.149:443 flwadw.com tcp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 8.8.8.8:53 gamely.pro udp
US 8.8.8.8:53 gamely.pro udp
US 8.8.8.8:53 gamely.pro udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 i.imgur.com udp
US 8.8.8.8:53 images.dmca.com udp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 199.232.196.193:443 i.imgur.com tcp
US 8.8.8.8:53 ipv4.imgur.map.fastly.net udp
US 8.8.8.8:53 dmca-images.b-cdn.net udp
US 8.8.8.8:53 ipv4.imgur.map.fastly.net udp
US 8.8.8.8:53 dmca-images.b-cdn.net udp
US 8.8.8.8:53 partners.webcompanion.com udp
GB 79.127.237.132:443 dmca-images.b-cdn.net tcp
US 104.19.159.224:443 partners.webcompanion.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com udp
US 104.17.25.14:443 cdnjs.cloudflare.com udp
US 8.8.8.8:53 portal.supportchat.live udp
US 8.8.8.8:53 unpkg.com udp
US 8.8.8.8:53 code.jquery.com udp
US 151.101.129.229:443 jsdelivr.map.fastly.net tcp
US 104.17.245.203:443 unpkg.com tcp
US 8.8.8.8:53 unpkg.com udp
US 8.8.8.8:53 code.jquery.com udp
US 151.101.2.137:443 code.jquery.com tcp
US 151.101.2.137:443 code.jquery.com tcp
US 104.21.35.158:443 portal.supportchat.live tcp
US 8.8.8.8:53 unpkg.com udp
US 8.8.8.8:53 code.jquery.com udp
US 8.8.8.8:53 portal.supportchat.live udp
US 8.8.8.8:53 portal.supportchat.live udp
US 151.101.129.229:443 jsdelivr.map.fastly.net udp
US 8.8.8.8:53 sg-bitmask.adaware.com udp
US 104.16.212.94:443 sg-bitmask.adaware.com tcp
US 8.8.8.8:53 gamely.pro udp
US 8.8.8.8:53 gamely.pro udp
US 8.8.8.8:53 mc.yandex.ru udp
US 8.8.8.8:53 gamely.pro udp
US 8.8.8.8:53 mc.yandex.ru udp
US 8.8.8.8:53 gamely.pro udp
US 8.8.8.8:53 gamely.pro udp
US 8.8.8.8:53 gamely.pro udp
RU 77.88.21.119:443 mc.yandex.ru tcp
US 8.8.8.8:53 unpkg.com udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 portal.supportchat.live udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 unpkg.com udp
RU 93.158.134.119:443 mc.yandex.ru tcp
US 8.8.8.8:53 gamely.pro udp
US 8.8.8.8:53 gamely.pro udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 8.8.8.8:53 an.yandex.ru udp
US 8.8.8.8:53 an.yandex.ru udp
DE 142.250.185.228:443 www.google.com tcp
DE 142.250.185.228:443 www.google.com udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 code.jquery.com udp
US 8.8.8.8:53 gamely.pro udp
US 8.8.8.8:53 gamely.pro udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 code.jquery.com udp
US 172.67.70.231:443 gamely.pro tcp
US 8.8.8.8:53 gamely.pro udp
US 8.8.8.8:53 gamely.pro udp
US 8.8.8.8:53 minecraft-inside.ru udp
US 172.67.70.231:443 gamely.pro udp
US 172.67.68.102:443 minecraft-inside.ru tcp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 i.imgur.com udp
US 8.8.8.8:53 images.dmca.com udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 ipv4.imgur.map.fastly.net udp
US 199.232.196.193:443 ipv4.imgur.map.fastly.net tcp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
US 8.8.8.8:53 static.cloudflareinsights.com udp
GB 79.127.237.132:443 images.dmca.com tcp
US 8.8.8.8:53 dmca-images.b-cdn.net udp
US 8.8.8.8:53 portal.supportchat.live udp
US 8.8.8.8:53 code.jquery.com udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 unpkg.com udp
US 151.101.129.229:443 cdn.jsdelivr.net tcp
US 104.17.248.203:443 unpkg.com tcp
US 8.8.8.8:53 unpkg.com udp
US 8.8.8.8:53 jsdelivr.map.fastly.net udp
US 8.8.8.8:53 code.jquery.com udp
US 151.101.2.137:443 code.jquery.com tcp
US 151.101.2.137:443 code.jquery.com tcp
US 151.101.2.137:443 code.jquery.com tcp
US 104.21.35.158:443 portal.supportchat.live tcp
US 8.8.8.8:53 portal.supportchat.live udp
US 8.8.8.8:53 jsdelivr.map.fastly.net udp
US 151.101.2.137:443 code.jquery.com tcp
US 8.8.8.8:53 external-content.duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 mc.yandex.ru udp
IE 52.142.124.215:443 duckduckgo.com tcp
US 8.8.8.8:53 external-content.duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 duckduckgo.com udp
US 8.8.8.8:53 gamely.pro udp
US 8.8.8.8:53 mc.yandex.ru udp
US 8.8.8.8:53 gamely.pro udp
RU 93.158.134.119:443 mc.yandex.ru tcp
US 8.8.8.8:53 mc.yandex.ru udp
US 8.8.8.8:53 links.duckduckgo.com udp
RU 93.158.134.119:443 mc.yandex.ru tcp
RU 93.158.134.119:443 mc.yandex.ru tcp
US 8.8.8.8:53 links.duckduckgo.com udp
IE 20.223.54.233:443 links.duckduckgo.com tcp
US 8.8.8.8:53 portal.supportchat.live udp
US 8.8.8.8:53 portal.supportchat.live udp
US 104.21.35.158:443 portal.supportchat.live tcp
US 104.21.35.158:443 portal.supportchat.live tcp
US 104.21.35.158:443 portal.supportchat.live tcp
US 104.21.35.158:443 portal.supportchat.live tcp
US 8.8.8.8:53 gamely.pro udp
US 8.8.8.8:53 gamely.pro udp
US 8.8.8.8:53 external-content.duckduckgo.com udp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
US 8.8.8.8:53 improving.duckduckgo.com udp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
IE 52.142.124.215:443 improving.duckduckgo.com tcp

Files

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\datareporting\glean\db\data.safe.bin

MD5 33be5169d7bb86a2e917bb1c1fd239fd
SHA1 6ce1ba7548266058fa762024844749a03b4a7163
SHA256 bf41a016a430fc0287891d0690278b8ab3f89c55af164f22d97559da571f2857
SHA512 a5bcec7c53089958f46f52f5f329d05be0fb7525285b052553b97e6971e6399322f26afc47b9d471425e70e23dfe3ccbf68e28fdcecb9f13baae4b9ac7d52ed5

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\datareporting\glean\pending_pings\ad31544e-fc3a-4d01-bec6-c0846540de34

MD5 270edb7b3016a89dec20657d47390ecb
SHA1 fede31e59e7e0d9cf22b4828ef41ad6bafd143ec
SHA256 a43e16f76dfeca13aee531b0e28de3b281fad7db4fc233dd40a7ed12804ce40b
SHA512 f9f2a28c8452fd6d61aadb8e2ed5b09c2075374b2796ea67a42106598837a55666343cf7226f77f5dd3f7dbae97019e2c6cd510246db38b79d99efe76f2aa312

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\datareporting\glean\pending_pings\0d2dbac3-a997-4c64-a179-b83fb2a72519

MD5 0c939d15b883c52b676a0c170d2c5e3b
SHA1 2ff4af6b3edfbeac7b1e778b973d50132a316e74
SHA256 67ac3e21bae9251760ba403caa3e62cad52dc09938412e4b7d612632ee312d54
SHA512 ccc4fc1e1e8f5460a465dac77c2d5f3e258cf7c9fd9a436add950e03245341dd1936539a70cb939e8b6e352e40de62ee4800de0dfb6116baa7e3446a3d1dcff4

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\activity-stream.discovery_stream.json.tmp

MD5 66b5e2fe7f55eff12596083a3a858923
SHA1 b30ceff120f2662cac55081c78d38837997a4b9e
SHA256 8b2f094a720db3e7cc32f46bd39eb7b57f25e893b75454388aa7c5504c7e2033
SHA512 f9a8b7904eae8bb29ad342406df8e7cf7faac366c38d571e44a4cad53482e61370b505fa83392e8d784477fc970d1e6bcd090a66d08e9f3517f8bbb84b39dcc5

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\settings\main\ms-language-packs\browser\newtab\asrouter.ftl

MD5 96c542dec016d9ec1ecc4dddfcbaac66
SHA1 6199f7648bb744efa58acf7b96fee85d938389e4
SHA256 7f32769d6bb4e875f58ceb9e2fbfdc9bd6b82397eca7a4c5230b0786e68f1798
SHA512 cda2f159c3565bc636e0523c893b293109de2717142871b1ec78f335c12bad96fc3f62bcf56a1a88abdeed2ac3f3e5e9a008b45e24d713e13c23103acc15e658

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\prefs.js

MD5 cd30596abcb8a2610a5b506b7d991aac
SHA1 c885a2a9dff17b333c2e68264bd394cd1ec86681
SHA256 3403f558281d9a33eacb03468cae795959157b4f4ab58adf83cef6c4250066cd
SHA512 ca32a291adbf1c1a33d6a15d03375821ca0c4e6e637cea1b6e26e4c5f0c1586493f64443ee05310d35952d7bfd4c1cccc6fa1104f985af7273a43f36606396b6

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\prefs.js

MD5 64ec654c527b3cef0937b71eb9b685e2
SHA1 869add35db07d42fe6c954617da64834b5e359fe
SHA256 7c2180efb8d28257a3c3ceb364ee5e3f72f368776ae1827f44d3b265110fbc11
SHA512 1f2f858ad5e49dd3f11712fad652afa70e3035eab730008a4087ba35bab9d2d002766390ed3d88328e0d689dfd907f906f30bb9362e072ba79874dea86a19da5

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 3939352d44ca3a9fbe66ab409e3e1e6e
SHA1 5a0e8fd8a37fc02b7a6cbe90b9ca21affe19164a
SHA256 19f3a6fcac28a0b4cd52d3b51a264d88d385ee7947a8d5ba01e6571e038247b5
SHA512 c0847ca3d4519f05e9fbd8e9a5d2461fa478d2b6f669fe99eb08cf85782ad71f7ec9f24de2b7f0444700a06e343b28db917ea33c520a8da95b59160f6be5dfce

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\storage\default\https+++limewire.com\idb\2593500505lbmdw9r6-0ffibl4e7-fs.sqlite

MD5 67f87521744e754a7ee3cddbc11de40a
SHA1 fb84fd4e78c4d494d978f0ba90dcfc86bad0f3b9
SHA256 67b918002338d492886686c5e6dc7dfb4d2020a76874d9d51b85e688b6494039
SHA512 18163991080647775f9090d0b28aeffe02b434a4fe23d72f136d698f2e6ccce02e4ce734f28b3ba118d3011e0eb129deb917cef2cbe909875e7bb169d2e44b31

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\storage\default\https+++limewire.com\idb\2593500505lbmdw9r6-0ffibl4e7-fs.sqlite

MD5 fc559b4417297077b2f2cef41ca47d3e
SHA1 f458135529b7374a8fff135c9e37ce693676f433
SHA256 8c889c94f8670141aee57bd4713f9a60527f98c7199ad5e03a39386596d4ded0
SHA512 28a89edf330ca02cc615d3a5218afa3ace546946e64a5d85998be3cf42ee33a54774e13f162c968f902363721b185511de93b9f1259b9b6e3e1e084199f74c28

\??\PIPE\samr

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\24061

MD5 5948caa1eb2b9292b2143f4e3caeedda
SHA1 8aa301016b4672f736e128774be6c5c232a7d71a
SHA256 651f2f8aa824fd5e5148f4759dd4904f727a9c2cd9f7cb098dd88fd91ceddf89
SHA512 a487bb6d1c02a0cd4c10fc5ddab261869f55f28de8503fd45eab3d956c9d68e47ebf71252ce0a91d155ec501307c50c9a4754b7a39c4160cc875f9154aab9e89

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\4C18F2016606B43D054C8200B2142B749FA7F8F7

MD5 70e3b4de165632805aca897a622acbf1
SHA1 1d4e035824571bf9f4505aad7887c4906f77f77f
SHA256 500a4454bedac0840b1a7f5b6d3b621b6b68629b169c727060cde77d67f949c4
SHA512 8b8ffd2012e2a2dac5c5bc5c58b3e14fb5f4ccaa2a419816d6fe41c420b0da6632bf0a95326d76fd1fc0d3c0546fb754097bacad32acf6c5fde4a5c2c3a3c520

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\29304

MD5 37a644ef89a54fd7e5f8bb54b0178150
SHA1 9a3abde4f279d6cb3ca99130496ffafbf59654a0
SHA256 52670dd1b3463f10308029efee052ddc052b2336c74e81eb3394be52cd954e72
SHA512 f0d3f579d6f2c115f6a31c668755134b87bd920287dc55527c61f7d3a7ed72938e1244b072dc2226f99437a6d1af288e82814b686f8a9164c0029483ba4d97e5

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\73EAA0767ECF1BFF6C0396D2598362046273B2CE

MD5 54b5bad3e80e87effb21674178cbe859
SHA1 0159cec0594cc4db5c19a7eb2ed2787f538d223f
SHA256 d9fa6f99940f5880aaf9bc77eaec5dc98bd9f0bb3aaaec369283f31b5a0560ce
SHA512 06bd28eb0819e31e68c6624ccd3983c867a5c8cf713a3563d1466c548535809137601fa74d86a81e0b48701b98b6f53cc33b302c1261adcafa0b4e059d07c589

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\17062

MD5 ed616010fdc0bbfc48bc8b129fd16300
SHA1 e2d2da47f3265e3a72132c7e46d2a36a53ff5b7a
SHA256 0a070425b37fdf918ece7ab13f64dc6532ddde3b8514e1f56c4cb6d718627aec
SHA512 9be4fc69d7c6ce5131e5007d5057aa5224b0fd3d093c67bdf7bb6d8850c69fc63cae6d2546f989bed8ffa36f0eff8f4053d7a1ec855367b23de6394e1b5b924e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 ed9db89a4cebcaf4bae158a9bcb26612
SHA1 ec55955e25dc9d4b178b8500196ebeadac34b427
SHA256 802a99e33844e7bc34efeaefe02c1b5c60065dd2baea0f8737c95a4a8b5e0671
SHA512 db59b1ed6d2e4463505c2d8c9b3a7d9a4dd811d5da4c37b10c1777452d290c82753c006417a64685aa8e5f19f288a93c3de4894488c925e9a6e3e4baabf7ee31

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\prefs-1.js

MD5 ec23f5374a9f1184f61c9556933271c1
SHA1 bd35e6d85e2e976b775232d93fb58edaf61f7a7b
SHA256 01211ea98ff3be8cdf216fd4fcdc459de55c50ba74b9b2634a496da407e78db5
SHA512 d08894303693bc7f490364ac93f222f414c9589b52cd71f876316460d1335b7023ba56bcf425fcb8dc8c840228c363201fdf11e9ec1e0fdf5374d3eed5a32319

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 38da3bb9ead0014cc487949290c5d7bc
SHA1 5a29b1f495c69932724d95e0ab493dee8643dbe9
SHA256 37be3791dfe4c46dce7e48fa8a1f58ce7f11d406bd4afe46ca6c2a614e9a97f3
SHA512 eb01761f5e142aa6ba9130d64f96f9957ae3692e46bd5d4ece2d033548f0aa1690eb73461278f320b211c7c4f4363ff95dc44f5039b5afcf977a687018c42c51

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 fc05f09edf81f416dad9f0853e4a1d0c
SHA1 ce888919f1bde07e9293f90f459f7129a79bab6d
SHA256 46ca16f28411b8a53544b4a65395d42cf4885b89876642b9c4a9ea06050a6819
SHA512 05077e9fe808067f600da61b0d2862ccca9b9f708f055c09b3a8f210e2c5e80b887a1f91fef9a723efc9a07202eaa59405f3fdee40369c222401c0539d27a83d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 2e54feddbc02bd2214a2ab7b008e2706
SHA1 868bce96c53f5c17aafb9ae6e35362ed1e82f48e
SHA256 7cef2da48a71a5ca534bdc0ceec9db2548ffcb56b4e6704554d376db80bf1eab
SHA512 728d8b2be0e6fb0b6122d48decc54cbef5240654d59e9017dc390913f0cdade71f1c253d9a3051386acba3177e4bc2dd20fbfd7d8a0850bf662a3d244731be4b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore.jsonlz4

MD5 aaf558f5036eba9e113a0f87b5ea1d26
SHA1 a9b284dd24ce48365ee3acefa6cd5ec27acf6eeb
SHA256 e7dd7d0faa5094e16fcf249b794f4b871f26d7b0c44a332b86833632d46cce2f
SHA512 e1adcfc2652d41bc57668d7a1fc607c5cdb31aa67a165095337d298100d932488283b5b6e72d19460ab4d53d0560b88bdc9ceb4f4c57950f1bfe7a803a06e401

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\prefs.js

MD5 fa7dfb9406309a58632c8330509a36c0
SHA1 c43c565bc08c2df630f1b425356edd32502c31a9
SHA256 b0f072fc28e5fa5322c64b9d0407ec57aa540ffd4465f794008a58dc29979b1b
SHA512 a0c9d32eb7e268c50ab9b0e403e78e2634a29bf71900df1a8705c713e24a83e43220344a00f94aa1a0e74e6be484d847d09cc1e5aa1503b9909941ceec22b0ca

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\startupCache\scriptCache-child.bin

MD5 ba124be5761a8fbe221625fec2d7ee84
SHA1 f8617b00ee3c0d312c28852369da1878d564ad73
SHA256 2f4592abf022de009ea331c95b31ef760e78efa67b20c7d66b054e8914d027dd
SHA512 53ce61703079932f08d881d51daa75f46a808b1ce64c1c0c85d56b6af2e6922294ffb7245ffa6375b8106ffd6e9750612f1ce53b97d955e792a707a2c277cbeb

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\startupCache\scriptCache.bin

MD5 ab341522348e7655dd5b3601cd66c62d
SHA1 f08a3ba4a06456ac8edaf25865b1eb48cc8f9692
SHA256 d4d3b7951d2b963fa48b578d83716f24fae24194d24ea10ef4704a315d3b3487
SHA512 f95ff5e860b9fdc40c87d106598cb092b38f6bc2ca4922fe8c86a675ec352930578e6d6d20c07650fe4a61c2efe10bc66043244fce26679347a72eb413bedf31

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\addonStartup.json.lz4

MD5 af7ae2ab87817728d39cf68b61ba92c0
SHA1 5cd668fd6b357f6bd6bdf321523a2ba5c57e6c23
SHA256 4b2c613fad63709dd284a2d7ac8645b33e13eddea0ce45902953034d7e012518
SHA512 fd3bf105446b3c2047c3e0cead3a4f307423e74aeda2a0b019a8a6786d80ee2c5089e62047e338c0232d2d3c459aa8c3d032ce2ca4bdd5a635cd44fa32b5ff76

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\index

MD5 805c657d56826e99f17d9f83d3a059cc
SHA1 626dd82748e3923a598ff34d6e34c9396856474a
SHA256 8d9dcdef82b7079c046a7efe683633fc57251963c075b9fd0b7c4cec4d558016
SHA512 a151c86e62ef26d16d950505477a82423c9e4a5369df7655f4540f7d427abe1213ec09defb7b79b718698e8cb15d20f5403e3ebb5f454b5720c08f30e752b4f4

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\index.log

MD5 1cfcfc6c898820f009eab625157279c1
SHA1 58e8199696e6d6c52bc449cedc30cddfdac48340
SHA256 d476ae1a9cd5d9d877b5fe94cf0b817d602f3b6c8fbf4e9baa7563234a65b12e
SHA512 b40bc22d81e1e684a13633499f60e0e992c060d67edb15dcd7c2f5ca3ab6e1209f357de706a8e86775d5fa245c64ca26ce444399d8d7003471c5c77d5e836045

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\xulstore.json

MD5 05e1ddb4298be4c948c3ae839859c3e9
SHA1 ea9195602eeed8d06644026809e07b3ad29335e5
SHA256 1c2c5d5211674c3c8473e0589085499471399e53e9a85d7dd3b075fef6cbb6be
SHA512 3177b48cd0c877821419d7e5eb247a4c899bc37258994f22257ceaafefb316e6f5959faae02e380e432d7752f0218d45d56d6878c1e751d201d9fdb3ff98612e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cookies.sqlite

MD5 62b987a3ef46337d45d4f98d0c838b7c
SHA1 4c5aa715a5c46b5f6a6f75d5f7dce0b4eadee0b3
SHA256 941756f43e3164fbddaf2393d6b21d6778d77c99d9e9a37f6487b3f3ef686ae3
SHA512 21821244e177f67db24d2f9a42002ed81cc1f67519a2dd1f8d8c1051d2b6d846d1611c0aff820f40a36dbfdf368b5ad9927e7cf2cbb8625ac1119380f1c9bce0

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\startupCache\urlCache.bin

MD5 3b25a4e1b3881b7c355a06a8689bbaf0
SHA1 9c2acc4a2265b23acc69fd4b9974608c9281f203
SHA256 b53ce53757577d43373ffda11f833e914febffa1294e8135050e13f1271fc04c
SHA512 76f9d4fdca07a84d9fce48c1fe17837a8f4bcad820b51351f7a03c6e4d1e61fca8e0f83a9dc98af5266d32d8535c8651dc64f2aa114d499e66b9907bf5de017f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionCheckpoints.json

MD5 948a7403e323297c6bb8a5c791b42866
SHA1 88a555717e8a4a33eccfb7d47a2a4aa31038f9c0
SHA256 2fca1f29b73dd5b4159fa1eb16e69276482f5224ba7d2219a547039129a51f0e
SHA512 17e2f65c33f47c8bb4beca31db2aff3d4bbb6c2d36924057f9f847e207bdcb85ffcbb32c80dd06862ffc9b7f0bd3f5e2e65b48bb1bc3363732751101d5596b1a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionCheckpoints.json.tmp

MD5 ea8b62857dfdbd3d0be7d7e4a954ec9a
SHA1 b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a
SHA256 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da
SHA512 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\permissions.sqlite

MD5 a2cdb6e0280382d732ce4f105f3032be
SHA1 b1228c96657ab2d0e52cbf20c78d7c8b4d5d3853
SHA256 326ffa27d578600e82aea89922a6f8542986a61ac2bc32ca33fff7093aacffeb
SHA512 1390b7f7c696623c1fcbed8878136d090fabaea78353c2b8ee17172e17211efa38e313aadd1a77c6b2f38a59e94093101b6a440e8c4fe63629688fa0f0883154

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\storage.sqlite

MD5 d45138703a68b00dfc0ee8717e5363f6
SHA1 80a7245a5107e5aec116515dc562950cadda86cf
SHA256 cb29ba720ffc1786961ffb1d941af1a82f0c76f025549d0d4428967510571c98
SHA512 c23a0356d4a7731b843af71e0574e4bd4e06e0ac61db70f75a496e898269ed5567d59bef45aab747eeeaf75f683f3d59a4e492e5d3c38ca3a1115686d031dd23

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cert9.db

MD5 88405c915bbb2fd0ef2fb1f17de4788d
SHA1 f382a8afe951d0fa6c830e9b72dbe8a2ddbb4f38
SHA256 d6d66653244db44d3667d34f32f94e20a9c5b0486c7fcef1f83196dd989b427c
SHA512 0f04750bce265c9294cf631d804078b36e1303f8e62fbcc82f1d4f7785b958f8d71f23345956a480530ab904380801dbd70ca96c4ad82993ae141e3677877220

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\SiteSecurityServiceState.txt

MD5 ef8be35d63ab56eb855f38d87bc6eb2a
SHA1 0e5e3af1f39a947c80a196306df829ae679ec2f7
SHA256 f9cde2ff717540f03c41e70a6c88e8168c544e4eb99a9ab77e9fd95a7ff6b19d
SHA512 f59c3a4cbb6e18305f139fac5b766c679b44c996cefa42f82d255f514bab80a5647013fa988c0f2d3a07141d15b72f330b65168d818df7f2fe424651aade71a4

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionCheckpoints.json.tmp

MD5 c4ab2ee59ca41b6d6a6ea911f35bdc00
SHA1 5942cd6505fc8a9daba403b082067e1cdefdfbc4
SHA256 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2
SHA512 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite

MD5 3a33d761dc802f7fe2607158761d58cf
SHA1 f0d6427fcb35a7528992f1c466fe6ba869c5b047
SHA256 75aaad0a7964568b1f38f3ceee635fcdcfedc30078eb2c9ac8f562d8de79defb
SHA512 6ccf04da1a86339ce307a8e3229d4439e6270a69d142eb7de58f9691c4fb589f25b4513e37c4fc93334d9078fea882330759971994fb19c3bd79f5cbf73d030c

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\6D89348819C8881868053197CA0754F36784BF5F

MD5 08799530e4534c343d8a2b4cefd139f3
SHA1 8353e9e2d5aa5d276c17f40f6bcc8a3de12e8a87
SHA256 0d9ca8f412dad6a4c61ee66b8a2866cf1a8ce2add7ba386e88150123192ef848
SHA512 d96b0378847566130a4749efda9b3526219d3812227ab43b8505776e61b8aad3b0260c3639fe6ef2c3b24cf36a220cd7ecafb74dd43cd9848e66d2083346446c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\AlternateServices.txt

MD5 576eee618a2eb886cc2705f1d34099e4
SHA1 ce0c14e954accb72f08c636c6c09ef69002e303a
SHA256 4c526c2ae1f868c267897dc9a5160fb3a4bc483f3173bc4a221c44c70e3d37ee
SHA512 4b223f0fad5720caddba4675a9fdb7c0d9be6b9fdcb07ce7eedb8bcedf372fdb718a75b14a236651c1d8a3cb228c445574b3c19c57318423ff1cc6d6abb1903c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\favicons.sqlite

MD5 016bdb3fad36fd28c416e89b99319387
SHA1 2e756ad56c6c793bc78500de093a37cddeac8221
SHA256 eb2d62e39968013de24cdc41941202c895967b0175e6b8f76dc195cd1909fc17
SHA512 1a49cf7da3a0898a93f5324e97663fc8845dd220cc16befad7fde3e844b74cebc2cb0deb1fbdd52937fc6bf0fdaabc9d489223b447d1fc9208429e40ed45d087

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\places.sqlite

MD5 06f7c7123db16d48d4e8caa94e533eca
SHA1 53616e84755037a8bf3d7153b11cf9973ff03cac
SHA256 95c7c35b5786406f4289d2c5d43c7f1b138c08798b42f41c51cb3cad2c004588
SHA512 bfd9318e30f42bfc5d59b8ab6d6df18a76f03172d8ce67ad737b673dec79f9d007568bcb20ca53e2baf500d626747fc2705c49ab5a8d88d8ce19cdd87eb82e1a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\datareporting\glean\pending_pings\33a86e65-dc36-46b7-9d02-d0106bbf9e91

MD5 e533354365d3277b2fe2f82f7518ef67
SHA1 d72fb08e5b5d87784bd949512b04b48c69145bcc
SHA256 767fdbb111d892594000bdac601bf15723fd5c46254df948497b5e0ad9f75e04
SHA512 c14b3791eb19073422cbb513cd304185f69b7e5a67a21596ce91fc8f167b9b821e2cfbf306331b39e47a4d9e037211c8f315faf0806ca986dc238d5c5660f0c9

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\datareporting\glean\pending_pings\24ad0ea4-d8d7-449c-9613-8e31fb7e5afe

MD5 44af87b1acae22cca5c450208d7d8d82
SHA1 b2ac9b3c9ce02f8f7086b893e77ecb53275256af
SHA256 91d0d00e8bf5ea891ff08fe989baf3a4c048a285c42289572c926bfdfb76ac70
SHA512 9441fbe50cd6c63900515721342748f80df81cdbbb6d31efbec0a5733ea45c4e0c0dd61fcf070edca8575b026ece563582d1fb994aafcbd71180d5e3fe24a4e4

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\datareporting\glean\db\data.safe.bin

MD5 cbbef5fafe6ba9ff47174e4e59e5db9c
SHA1 41888dd91a4678254235e8a5bf9b8b39cfd4a01d
SHA256 b33711ace5ed62c465bcd569a27a5f5b0827123527df77b5edcfafffb490a516
SHA512 e9ae468ee985e2540355465f6c8b81487ecf4c8a5d6e25a4125cacb8007c957c396de267d8056cd35e2a1a9bb6ad6384637e497e09ab236736514c0025ef39a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\datareporting\glean\events\events

MD5 2c99a5dda62a880cdeb4fa2c2e5c6323
SHA1 da86ecec739f11d5934056d474744c68d9b5fdc6
SHA256 bc5400a0ed6ecd2eb42c02a54e423806679bec99a671d6038358c145a381e6f3
SHA512 9ef2df078f09eeb5ba86cfd7c7e7915803aa7286e9356c08986d8fc1ede59c2c2188efd0f592e9edc0f2467ec8a960537be6c07ff61ecbac31cc0c3971e04099

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\protections.sqlite

MD5 deeced8825e857ead7ba3784966be7be
SHA1 e72a09807d97d0aeb8baedd537f2489306e25490
SHA256 b9f022442a1506e592bf51284091a8a7fe17580b165d07e70c06fd6827343a54
SHA512 01d303232d6481af322137b44fef6c2a584f0643c48bab2836f9fe3193207015da7f7514fe338500ae4469651e3d9618293858ae507e722198a249257677099e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\storage\default\https+++limewire.com\.metadata-v2

MD5 d15b760c87f5d6defe1ca2cc27ffb421
SHA1 875cb19512c6af2213922598ff8b0e120bb853c8
SHA256 c08f33c8868f9bec1d16e3581b7518d55c0654c040f3dc06e0386568fdb01bf1
SHA512 7ad9b308b2098fb2e804040aee4eb4f73089f1dbfd573490b412af1fc0fb41adbe09efd71f934b046763ee1b5ef3c4bc7199f04f04f329029459e55c757c6bce

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\storage\default\https+++www.google.com\ls\usage

MD5 4c428e195a2fad0b912480f1aaa48bf3
SHA1 52a8ec75e9ebe26a80438cfa5b234ccd96f24621
SHA256 330e0baa0683f9a1187cfcee449c80c8d142c70ed58f6ed5bff634f23f399a8d
SHA512 795d309afb1c8bd2bb3ffa40ad5632fca3a1a8926143a1592a051ec8667bddcb21d0540fd33a898e4f28bfd65e13ae96693d96b11c13adcae09ff1f415a13ef2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\storage\default\https+++www.google.com\.metadata-v2

MD5 e1659471acfd5cc5cfada45164467af0
SHA1 e3927c52b418f79678c0b50556a272da0de07ca2
SHA256 72aec4ce611e0c574142368dbd10e0b71c9c57d70a9c4c02817026a0e85d998e
SHA512 cb6aaf299f34fd95a5544d1c1645a66e55ab97ffced9c33776d25c166d34abc9760e86ffd8276c6938f93be0095b8c17af58957a1277fa26dd927e6b68affcd7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\prefs-1.js

MD5 fdd79e6bcafbff7c9863b89479275686
SHA1 65354b584b80200ad90228d799ab2b7d6ffc07e1
SHA256 c56b931fe850f20b9dd82502fd2e0fcdde964ca56e7dc74ee6ad4c52a62683bb
SHA512 644d33347890a0640107047bd0223c551d05d88f239430c16198b9fc8c1ebb1da6a8648d073e13695735b90c63d1cc1523fd192a5abb0baad128c9a35ba6067c

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\thumbnails\e5cc99acaf3dfe519bbf116557da450f.png

MD5 9f8df46bf4ba942bf20ee2b57a5a7467
SHA1 7f7a0082b181c690e1cb5b0bfe9b1d4ffdcf30eb
SHA256 5a8d3b4d11e44c3bce62d62263b9827d6a9022d80270e7935b12d573cce8daa7
SHA512 3a063def210095098966220d0b1f5eaf99747e7998441f3178076dabb2ee9d57587a59196a6855cbfb12ba26b8c48d7fd24004c1b3778e55790e5b3d26f5c6db

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\weave\toFetch\tabs.json.tmp

MD5 f20674a0751f58bbd67ada26a34ad922
SHA1 72a8da9e69d207c3b03adcd315cab704d55d5d5f
SHA256 8f05bafd61f29998ca102b333f853628502d4e45d53cff41148d6dd15f011792
SHA512 2bce112a766304daa2725740622d2afb6fe2221b242e4cb0276a8665d631109fbd498a57ca43f9ca67b14e52402abe900f5bac9502eac819a6617d133c1ba6a3

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4.tmp

MD5 5e87b4c0e4f33612f92ad0fd2a0401f8
SHA1 f10f8d8be02a72ed751126ea8e0e31610c09d55f
SHA256 7db06de8635cb79026112862b373e4d24d036dedde2f54ef715c3cbd1ddb2f80
SHA512 ee2d76746e908a60ce1ddce65b7ca010e656cb68aca0aed86f7c6114305038cb5ec03ab08de7e5b2b5273b7f8ee829d9f9e7aaf0ed333c755940cad0115a6a1d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\datareporting\glean\db\data.safe.bin

MD5 9c45bacf5ee7636352a14df85a4c1353
SHA1 a7f7478c03c2080e0e51e3d4cfe8ea8945978c60
SHA256 c6a0d4dcc642361353554a6ac6ca44c74e5847e94796e68549ab06a15589d2a3
SHA512 c3106b4b3c5c3d057d18936deaf91534cf9d4dff33429fb22c42c5225083d35393ec3b617f9700e75111716f29663692a22a4e1905c1e4131a01515a5c2d852b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\formhistory.sqlite

MD5 fcf6700893cf55f19a9ea5d370258be4
SHA1 1641775098c9a606e9e153fb34d5dec64f21e3b7
SHA256 f89ff34e2b882b07dc359a3f3ea8ccc1a2fad087296f41a23f654207d477e3e9
SHA512 e4663c5a562e86e1f2f76e8d9a01c76204a0b8f9da0d647e5927a2dcbcb03dd5fb71fceca6d557cfa7d97ed1e5f9bbcbe00fe36e8db91866a93fa42361d4b077

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\EB921352F352981E1630D05B67EE4FFCA81B0519

MD5 a587c6c69636be89a92e4a09cbc5520c
SHA1 ee76a3454574cef78d24e1f7b6115e0d44464258
SHA256 f735b64042c1757c419d964ef9eaf22af6af53dd06dc3fa43641e087cf84ecb4
SHA512 771dc0634b69e94a2f8b61b1c0d82c3112680b3841f135a84cebe89ea4444aab6f8dc55f28f485c0cfabdb73c5d83e2d2a23f991132a75d834d06ffdaccfe421

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\C85D51C0F40E8F61591881546FB98A547BAF947E

MD5 35917b34a6909e203938eda3fbd8645a
SHA1 8bcdda3702e5e84e337d4943773d2849ca066b69
SHA256 99db124da34f6963ca1328b6c3f75b1a48e7ea3d9bdc7ed974eb4ecaa7f10656
SHA512 9aaab1c44e474b08f77ffb9de1e88b66d8948dc1e0f0280f086e667451162d99e87056aa6601fd63ec8f280cab75add9770296c855da1d682c8d505347fa3cf2

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\8AE459A0C624B0A26C9FBDB594D4AC73C7EAF156

MD5 269027a3f20a10c903548faef9896943
SHA1 44093e6be63b8ab7a5f68ca4e9b63c5fbd0a7d55
SHA256 97c8a77e4388eb807e833af3b5174b242e6497df89bc1676538cd8a44ee19b63
SHA512 4b1b55cb9a1c3f6340f9d94c0e52200ffb10a3da9f0e0c987b6a2e69898c477a050fc3da47d8ae89ad9754383a67da603049b413e9d13a769f042bef08d9d69c

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\1CF967749DA8AE7ABE25FC8B3578E564AA41DB75

MD5 88074b4dfbd37337ee705409f4bee2cd
SHA1 ad812b7433ebea86f716d3644fc6067527d832d3
SHA256 6ede11d53563e9c56459bef5be2952093f5d68a51a33d21d01d8f9e33f862c31
SHA512 ec25fd7d63ea032e3374086edeafe7e62f2fb1f3ae547be96d511d72e23e3ac1a3e25c44ea27591dda754e7f519ba331b56ea8e215c3b2653f7f3d4a6617930c

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\A5B99B275F90FABE3C93EEBAC4EDED792A9D6854

MD5 7b2a0935a4b4b7831f72f28fafef52a6
SHA1 2ffb8c34f66d9522a72b8d488c057b1ee4e0ae82
SHA256 6c7595c6d369857fc369ac49db562a47f521a5eb5a7959d0b6ae09ed536fb44c
SHA512 3d59799bfd4316eae259d63c68f3b7402a1756372f6df466de63be420e1c5960c49f46293c5b50e5165edef40f6cb15df0a5f3ae7b8316a1036f13860450d417

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\1A4284090372CDD935419D03AF68C9CF3ABAE584

MD5 e54694168810115db64acfe27a2fd5a7
SHA1 11ec2b2c3360680c1dd1592abf013b436a991cdd
SHA256 7437967abc3b2d39bb39a9503a950eb80796417fe419a69a9536ed1222eedeae
SHA512 48f0ac3e0087ac30c6dfa5d0da2bb98bef4cc3bac233c7016ea861788a1c0680946b1819b2a1c963cc2bfdb1c2d7706c71019eca1c9cb3eb522618f4e69bb783

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\047DC33263ADB51399FFD73A80E487AE4A0EBC9A

MD5 5547c955175317a7539f897794398038
SHA1 b1bdb941362a462246d844e9c57cc1e92ebb7dc8
SHA256 73a57372fb7e92b06805b5b95eeaf5bd0c39d40e804d9c50c6aca3eda73f7136
SHA512 7b5effb21145437fce40d921983a4fb6c68da3da50e02747f5bf5d033cc20560e86dfd94fa709e8e2f6c4bacbb2785162ecd515f33794b941d7ba498f7f6944b

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\5FEC31B54D50AA81E863D2FE514B942EE293AA0E

MD5 7779482d332ffa2d69c19f891106cc9a
SHA1 cfdaac8e5aeccdb2e0ff965bf1f7617983e42f9b
SHA256 4990ecd6c1fac68f2017c456de89d23ecaf233bf7ebeb927a2ad1f37cbbe384f
SHA512 8c8fd906e83c0b53653dd325a3a9a3bc6a8d5227fc5ebd14320ad96357a561cf3e8c796e5d69ded1ed6c2df8e464e624e19a3c85b0183a994f10197ea4d41a3a

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\BA30A8866A8313A16394DA2599448520494928BB

MD5 9c2d6c0ed38658f1b1a330c7340b7019
SHA1 4b8354f38f45e70206b68ffe5b0de4c305214de4
SHA256 b1c68616f84036bfcb3f1a70fb68f55b40fcd5c06ebe85e2b3acc5e7279b73e2
SHA512 ebdac9d4c7c7457acfbc419979dfbfa5dbf2d22a8dedab08fdf364633725508f5bafd9c457bbcfa56ac4459e82fc3721a4852e38046005a4696da6524bda058b

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\79147479DDE08DDF6C904A234618A0D013413437

MD5 c908d6d688772acd9ec707c1f733c646
SHA1 0ad508a68f36a0d16794ff6466284eb3497a7577
SHA256 659b16a58ee0484066bf7769cc38b2e9f8a7fceab42830fc8829b5bcf23c991d
SHA512 500c21ff7fc955853398ccd172593da0cfffe460d2627a58bb6e4c7b3cf92c511b48ed54e653e0ee0432911366047174ace6d3b4f81da1632e97fdb6fd4eded6

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\73EAA0767ECF1BFF6C0396D2598362046273B2CE

MD5 b018b045cec22702f5100e47df78920b
SHA1 10dcd2128d2608e03898ac834f6b3ae6dad5037e
SHA256 aa6d4da5041d255d415edd1f3c3c82e447a9d06360f4d8c250a1f4ef7d005b62
SHA512 6437fce55cb9e9bd875955ff7b9deb82b19df5a0be6bced162e1cfdb03c9ce0650047f58c6a3caebd7209722382b435be713181a74ab7b7b35fbc5873b3742d8

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\1FB1BE7AA8AE107A273DDF296642267C9F6180FC

MD5 a9ab349dd9ef437fbdb58996b552ca93
SHA1 1a6b1f94f413dbb1532e65f8d52af08d94f33568
SHA256 783f3fc449379c3fd7f61039f0858967d92b653fc7240a8d99fc923243d7eaa8
SHA512 9912d3deff7842d5c7c42e9d5e55b7135f4ed65dc040852b64753802bcf8adf9741de4fa145982b8212e4de3fa7a4c34c11491b47336381156702c2151010e9c

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\5A9FFC54BDC24F3AB28A542142AB9F3AB0573E75

MD5 40fad502919bfda1b0903ba613dd9462
SHA1 d415e021022d73c4a61d4fd9c8beedad09290bd5
SHA256 c1fea01906abf8ae8495ee350d7c7a056c6f2375b53018990e0cf041ce47a0ce
SHA512 e36d47c67139f556be0b876d1adc33351291ce25e1a38b0654fcad0e7ac09c68bc243443b45c3d20004f07f798da60c4df2d5388f4e61175255a41ecb242a04b

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\C7F27F1B728D8DB7CFCCA0B5822E7997A8F337CE

MD5 7f774bb8e573c2a568d4e96d3c9b725f
SHA1 29bf0e986cf53f620f48e096d4bcab6b5bc414bf
SHA256 f69a5d32b940ec822e5ad71f0e48b179f033fe746ba15ae005679482aa68a0f4
SHA512 e072e1e7ca8e7011b002042e0febb4c57297df10a3ad098ea3744493a8fec45733fc4e09d8e76b6e31658bc7fee2ac97f9449b80aa80bbc865244902fde6c8d2

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\B20AFDAC04D73B29FD4E298364F20FF1026A8956

MD5 625b316f49c3c67c2e972280d54023a8
SHA1 e8aedcffcda952f6c13446b2bba5e5d53f9f739e
SHA256 470c206949aff6a1feb8f2db133bbf806002f24421c5178c401913a04fac0b1a
SHA512 c208b22feffb6a6f1c00556f131840661772bddf64f02f46eae5fc6713ee4bbd7f33ca9ecdba8fe9685aa47e67d5b70a1bbfa9774838fa3ec2caedbcee2cf41d

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\B554FEBDED57E8B700BA72FC63DF0F079EB37B60

MD5 8715fa9063ecfbad28bd47542abc6678
SHA1 b9466797e8859be4ad716e27c98dc88043de7e19
SHA256 d7907697fa4ab61528df5b62ec9dd00be258fb235533bfc45ecd71532591e460
SHA512 71b32ca1da7453365093608fd056318afab9227f86f20b9c7cceaac59c08cc0d55efb340ded90bd25114164ffb5f803525b02511754c40e7e827a7758cff2b0a

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\2C9F7C365345D332755452A43101FE4AECAD3032

MD5 cedcd7b26ed4079fda585ba2fe6fa85d
SHA1 4a74a1626b8cb16f15848a6c8130757db3c094ec
SHA256 3175a19d9058f73b02de6e2b0e6bc993d170a55f1eaf97d7d11ade24119e8862
SHA512 c7b78b9fdc7358539a503481bf4aeef54efb101fdcc4e9ab873b70f7912ba71fed44716a4d529312edd64f59bdee38bc91decd94c2e857c39f62473e70614354

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\A7A216714F2D86AE63E7F54E4906BDBDF2CFCEA4

MD5 105f4c8691ea99db56521a1c69ca5497
SHA1 e9bae01b2e49b74bf6161cd52b8f93e75a32a1d2
SHA256 560785bb26ea75b4ed33e42ab03642a662fcea7abb92c5ebcbc8cb7c7c2b3f0d
SHA512 fe075155b93920e29087c73a1ca76e9cc3011ba655fa472b7f6f908d95aa5dc1fe8c616df1180b472a33525d2b4453408a00b9baa8951e1f66bdac9e0721eac3

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\3361A155F53862EAFECFE104E9F3C429394EA4F2

MD5 8212dcaeb4701d39610edd650c198ab6
SHA1 910efe9fc555454882e7e63af0303b4561175903
SHA256 15c62e96f480970aa39a3add792178d4563d687c407d386a7c9c8b6554220804
SHA512 95908db9ba53b0ea7543ae157ee3510daa1aa3b409837a7acac06ca6c32b66f647e695322108e3d1de0d38413fa1592f37a0d4269247e923521c7812fa919cb6

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\1763C62EC471851BB323C7AF5435CB7171D42421

MD5 078500bb49b9b200af59bbf233cfebc4
SHA1 898b497866278b7a5b1287d20692dfe0ec306cf6
SHA256 08e5e89d0cff61abf8fc9cf4a79e329b123995074e9683d8fc924c0255797e1d
SHA512 ba472fa0bfd21bd3efec5a8dd8f3660ee8b1e1b58a117cf0369c70975bd12e6cf78085dc5388d17569552d29adfaa8b7b5f308b2facd68314f65d85172305493

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\F6B08A32170A2EDC591AA8481B4CB167904E2378

MD5 593823651de199c63fc7f2c7c8d27202
SHA1 1acdb725e0e7e4b6791b5b48345a889aaad44aff
SHA256 8aa0b5ac9417a0be60246c716658a9a8c4f525cc184273b98e0b2f54706b1f97
SHA512 9c75ef4e032dd147bdaff0a185310f471f4009fbf2779aab120e2ea4629c2b7bf8eee3fcb61a8e6d7fbca42cc643643aab44749c570d236b4a782861a24e257d

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\C20E6FAEA650EB528DD52149A6D1B3350DEC6FFB

MD5 8fce8caeed6ea4ccd0b59917100c11dc
SHA1 1c781206ef94b10aee7924a2b35e92e512e56f18
SHA256 ae9ae00481254c7700051289bf02f0c31f0aabc69d95981c627220b9914f1fcd
SHA512 2c765f63d4ae50102f2fc149ccd89a10dd20279c6ed99103ccd98bb4e79f6075fc965908025b3825804727604f2dbe80a37e3036579b3785f394f43998f1b60c

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\2386B5FD2B2EE77EEF07E46EC15D4BEC79022A65

MD5 30b831a8061e0bf656e2519d8c462246
SHA1 0fbf8fbe8bb6090558c02e7ce44fac2425f4d1e8
SHA256 5116461c6c29c6c4bda1f1a20bfdd108cc8702558706eedb1daca7587ca398f0
SHA512 ca8cb2fe3396861c8a33ed0bc39691a216a8cac173efd5b492a6321dd3dfc38be0462490de403fe865b537a77902b0df0fe98301d9d0df39b3fd3a00bf58503e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\7293D5E92123A55BA7D5A819CA76A2995CB4EE79

MD5 d2a2de4cd646c12f2bf033a6e6c51865
SHA1 00c09342f605aeacd6f2b8d5979ae80d2fa00b3f
SHA256 1d4ba6e095b5fe3f9628817ccc18de37beacdacf5010a21bd8ce8d2ef8e1f4af
SHA512 df458664b224e47a3d8f3a2e13383898fea3f0f1f4f0c84758fdb89f50832dd87285ff510af6f9a9e4835b68ffe6014c00c27767151c3f93809c918298525ab3

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\047DC33263ADB51399FFD73A80E487AE4A0EBC9A

MD5 d8b950c090886e68c3319b92c016c438
SHA1 24aa048fd94bee066fe6b8fc43eba2c2505e4c2c
SHA256 d53884f9e0f54c5a941809b938493e39fd8d555be15a2b02d219c84a6fcbdfb7
SHA512 dee07adc67b093b7de7c8eba34291c408bc858d6aa119fbb35b801240b525c17feabc69ac3b15e8f8e0866f890403322db7d7516e1c64b5428188992360f3e61

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\1A4284090372CDD935419D03AF68C9CF3ABAE584

MD5 95931818959b37f6dd6d8fad0204d9ac
SHA1 449d550c9fd9f02acc3b5c7e3cfcc5979db89996
SHA256 a6fd1d277ceffc06b6da5fa78a41376ec055ccfff0b763cd6b572696b3cad0d5
SHA512 0c855756796c3b00733fdca8fef3275c5b01451a4590fe84efdd0ed71d9d2b3e5c17526f58ddbb25c9079625139e0fac0c5dd0522df0a244a439e92bfca9657b

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\5FEC31B54D50AA81E863D2FE514B942EE293AA0E

MD5 51bef9daa8bb1108338042afc0c6a8b2
SHA1 a427938ee54b14409106afb207ffc4d34204dfce
SHA256 896fb30a5bc5b6534163c19bd7e88282ee43b144acfa182d9dcc77acee0248f9
SHA512 393e330b2c12a3693ef9675d4630ae18b24f269b67c3be88e1e6cce1a098393115136dfdd1895ba3948d04de1194e20b855d899e36d7b36a32bd1c1d9e5caf29

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\C7F27F1B728D8DB7CFCCA0B5822E7997A8F337CE

MD5 c89267f63ea635bec65ee4f75efdf747
SHA1 9d69cd6298ecd9a24286edf833bd0ce53c52dc3f
SHA256 cc5a3a5eee351bb7ff4a91632d16d9b3b417228be58550276808058ee7e067c8
SHA512 a8f000980e56c5639e6bcf30721e5611492a9c7cbb551e1b5fdd9c31824eb8a9aa8a13501347de8d6e7adfde75f2ecaf9ee4d6612f974d01137d987d0f4d2a3e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\79147479DDE08DDF6C904A234618A0D013413437

MD5 7a621109893c92f35b177a0b89d8bbd5
SHA1 9c409a433243c5fbb84695c597fc7e7e30c44666
SHA256 648725aac6be0c8cfe36e39a3f67eeb7c6b5502029b06a35303e9f96cb643784
SHA512 574fdc69c300f242e497473cb26aa77f42cea2b19bf0d123293c2c9d5615f26c02d7f6cd3f5ebb8789382a2b8e1e6f7e69bbdf6d823599df1553b0de1085fb87

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\BA30A8866A8313A16394DA2599448520494928BB

MD5 ce016f38a547b7523a360d927dd79dbd
SHA1 80896ab375f244934dee89b389d974154e241c71
SHA256 abab0cc8063931651c2c8ec7ad19a97edb4cf35a91b7de7f00419bf551f22ec7
SHA512 5a791f61b811fd091a55b6c18a9f9cb305c0e0570965729dee65fe50f71fd24b11127977b307b018d8270f4e3f84de4e37f79eab0486f8472afdffd1630ec9a7

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\967

MD5 3e32e73baeed732612925a0475498ee6
SHA1 05b6b166c889db1a1d03399366209eef534ff5ad
SHA256 db5ca0ab9bbf9a166dfeb3a4153711baa3fc64faedb217902b211efeefd40e67
SHA512 51ea002870eadb3ad10a66b990d807574a2ddaaca4d065233362ece5cf215f6e02cfc4f1d26523ea4f0e2eb8e0020824b7b3337d53181c69394869f6a3d0bfe6

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 bb8fceeed17764f381a5701b598eabc6
SHA1 51748a05ba13221be6b4b0607d1c6e2c8699c960
SHA256 945497904fe4aeacefff09f7220217cd44607d45c8b8c16280285a3dfc72cb9d
SHA512 cb3e3bb1c716970058fef1632552e5d2e17e5c21af78c16524749ac859ad208a3c4cb4ef1eb97920fda61edff1232d0bb91d78a604b68b4d4e802f36469eaa7e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\1FB1BE7AA8AE107A273DDF296642267C9F6180FC

MD5 253e34cde4cb49165a3392d93b83ac0d
SHA1 508fcd6078df95189fda1204e1996ae0c21de157
SHA256 3574d4d2ebc8bdb792487fa6332a6f44ff36f4f27b96180d450b1af357928c25
SHA512 343c82b6be9d0179aaca3e5f4c1a729df4b64da804a5999eb477b42930496de6616128cd05a8122bdf6c08ef38cafb832a4bf67a692f916027b193a9d93d8c9d

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\1009

MD5 a40d32bd9809eab135feed11a4b2f33e
SHA1 01d6055eb61c9debac6545255370b9faf345df55
SHA256 910faf652631386dd58db8c684f714e588f6d01ae46075f7f46f4cb0061bfe16
SHA512 da2a0382549e58804e16a24f7a18f38f2d2a478d0cf111d168587ee4790aaed79b4e0410c67dc5ec9f961e2084c7166e52758a09c23567f9b93c38f7935346dd

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\prefs-1.js

MD5 7435084a62cda6e1db772d6890d63c9a
SHA1 e5de788d06e8b4c5e43d56ba8b728deaef223ec5
SHA256 13a4b6762fbf026ca412ec4d8e4afaec7f397bdcb64a871a6efd268ec5f1755b
SHA512 11962adad8b1ebcf2984b5f59c5a5a1063ff423819a85daa6df2603e8614643e0b9710815f69a955bbee4c9835b7a90d22a6428dbfc26da05a55c7fd89b53a73

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 2ecbb4976044312d670064128afe5749
SHA1 596e4c7d3bcd6c3794f242f17a61e9e6171ad5ab
SHA256 8ebfdeca15c4ca1d6a8a3e7e10a52bee5e11a5184ea5d4762da9d351859f9759
SHA512 27bb135eed391c8997edf1086cde9f4779f3808709541585f0352e542427838602691a7ccf2f1b4847edaac786a3789e5d251f74e437a94def5dce2c360e4b4a

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\5827

MD5 96a88cd8c90c47fccdbb1717dc161abf
SHA1 abfcb8da4a5dac3586e2be41f83946d6772e1af2
SHA256 3b0637c3c6235e4e317546a1faba9c3624283c83ba0124741bde7089459205c4
SHA512 85804a52c2231f9b0751354353a14efe710e18850ed24857979467ad57b9eb4a5fb84eeafd128af60ab7e4a1daed4c767ccbecdf27e50e23604ac401be1273b5

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\32176

MD5 80dae8bc49fdc1c630f5c176dd85b3f5
SHA1 3f7a46154599e044e0ce5e750c7b7a96e0f0873c
SHA256 200d54bf2cfbae6a2518876922d5ee4a8e86fc15e74fa3fe342a17eda52da0b4
SHA512 e80c67ebfa1be2b5f02362317c5a5baedbb3007771bd32428a87e605220dbf22b3589a46e2f76a6a85dbf88d9f2d9f5d0d056b56f26b049c779bc3ac758a3ac5

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\22379

MD5 de496cea22982846273467121dea4b3d
SHA1 cbe1efe9e15fe58efc233450b944e8ee299d8b06
SHA256 86c53d2d10beffb51c078a014278801ed89c75d90aecd7ef611d33f70aa6e625
SHA512 6f4dbe29b5f5161ff68c5a0723a9299eaaa0bbf2b84a09bbbd6e828466e08374992de390176040e92db56067ae4ee111f60392e1ab2329868660a5262804b789

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\19489

MD5 54c6dc490f18150944895fb5bc1c2cb0
SHA1 534741fdeff20823c954218cb493a656771aef57
SHA256 1dcd4c31ef0be7e2e4ea12c4ca781fcc631dbf41250c2e35cf04be6a7037963a
SHA512 88ae3d7f0a7e9dcf0d31f51690c4caad17aac5991152b284036a9842202de5d4ee7ed6224021ec863b37d06c3363828f7bfc5d2aaa61928424933f8e838bb6eb

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\29285

MD5 1383b073d49e4ce613071f269a25a062
SHA1 2d8670d6c0c5bb7db20881b331323653c5a5141a
SHA256 b75c70fdf0b246e3b7351beaaf7a926dad1df1046ba0fb09877701465326c54e
SHA512 a3fbe2123df2f8875f80291fc05be59f832951348f590afa2141a834d31b184ab895b3c51ca4074c0eac97676b274d4ed5471d3a012187000895086088517c91

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\28836

MD5 906e703f58b24f379cb214b2dc5882f4
SHA1 2356ea8ee869c664bbb21c8bdb0a697db49e1a3b
SHA256 beb402702e3724132a68db03c04120000f64607940cdfad73920420c240cf81c
SHA512 443fd063d9bf4c11560a4ce966ddd44e11b4e8a003cc54cdbc413808a416e76c203caabd9ca4f00f0b889e26b7e74a906d9cf26d770496f47db75bbb061e92ef

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\21E959F8770D67459E38610624F336AACFB3D529

MD5 4d7f9e13bf67cc862c72e4030f366276
SHA1 be40e2f2fb13bb402935f0920438f8bb1449049f
SHA256 2e151bc174f744feec52337fd352ba3ff8282dbb6eab0a2b6d2df6e321bc06eb
SHA512 b30fbc639c1dc06b622a58045f085d63ef9b0f38efdc5536d702946b7f94ea2fb203f6e23bc781e47a6eb06de3da854a6fc89e1f089baf2dd3adecf3b6562839

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\B2FC9333365215F8AB73862C5FF695A8E0AC7B34

MD5 26e2e376e976626b9a6a805d3d5c7e20
SHA1 86a5d964372e980196cd1378d2d0ae00a0f7589f
SHA256 9bb998ac6ee6214c341e8c7bbb99a9fbad6719c6ddd21f27153df0c75d048222
SHA512 9f99fc5ff0390f7af044b0629d856abf40d8be17714e014849bd812c191f6d4c30c14b44bbbeb41a1439ce9e892c3b50ac98b7b19a4948224498e2685bf129cd

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\53FC94F0947B78F378C5CE495559ACD51FCCA6F6

MD5 b1c8aa91d3ed597d37af192c4b4c58ea
SHA1 e9c11bef6bedfd62911311f19aeec648998618af
SHA256 5500616c057d3e71cde4e1fdcf72c644b4fe25ce024538997b7775f13a0e9158
SHA512 ceed907910ec15b04f47e9d9fdefd536de820581b5667a007a9fecb56fb9a824c5f7e7f0a648b43ee9a714e35429913a038b506137c4672c3dcbbd3f8b322a58

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\79D0FE390AE5E662DB64B0262924020CB1F1DAD6

MD5 722cb0a5efacb2df4f4f02b842909090
SHA1 ecf7e0eb09bd5830ac1261869d6b3e81a9ee34d8
SHA256 4e46b28e347bb6f95cb2ca275f774577e82acfba4e8903341743195cede4ab6e
SHA512 8335890a49e3bfc321103c32f6bdd40952238133a5c877f631961bd2c28f726e73f6a6ebe67cc0a08d2bf568648a7eeedb708d90f614859d20aec32bc16cfd7c

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\1271D81A0C579FD4BF442AFF46229C333B9ED2EE

MD5 c531448f95aec846f538e76740ce1471
SHA1 0f8294ad2788b19ca168513bbc1062b917707dd3
SHA256 196e050a9c639b864469bad10ed917d18809b51e07c72f51752fcd096b595e5f
SHA512 9d11c38871d5c0bd6bf01b56900baefc8591f100afdea0477fe04e53c7fe61df76e91e3c85955768816a60668bf81e229b77776b83902adeb8c4dabdb7833b8c

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\896F2B40654B677F7EE5A2721F4C9C792D60B6DC

MD5 0288adeeb208a0730d45247f5570f899
SHA1 47833f358f065875957b8c2d9cdd46ab15729b11
SHA256 5e4fb807fca7cb09b8c76f9543ef4449aa6b0f30941ce0e286205afff006b54b
SHA512 7087d79529d4da9074df175a897e5d6faff7971df37b2819243081e665381a28006c6054e61874523f5b825a5118db0a8bfb5289c0fc0e62ecdb0fd28bdb2f68

C:\Users\Admin\Downloads\Yandex.6zfzivG4.exe.part

MD5 3c18307dbe79f968744f7edd4c8a18dd
SHA1 cd325d6dae79a73ada9acdbc8a6b04119b6e1d81
SHA256 1525962d4f48d72eb8df82abab78b38ed7f2f9f13b6b2e3e3229328f04802efb
SHA512 e2968f94b319010dbdea0fa7724de97167b721f4d5efb98d11b009b16c5a5003d975944183c7eed518d5ad7a94cb8604626f6d7500650d267e9d6979ded39f6e

C:\Users\Admin\AppData\Local\Temp\TarC067.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\Local\Temp\CabC064.tmp

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 ec0ce52530c2ee9d3f64884fef0bd009
SHA1 a9e9d50e016d6c58042191799764f81221e25b4b
SHA256 c59099e35333f1a0fb4a3328c71401fc95b3f8e47874b13bc8743ac1ae425206
SHA512 e55aa6ede039aa642aeff0b88cb8cb5c4f4d8110571bd07b85019fd611c99ab2ec40a71b6c6c002ef242adc34e831ee1832825b4bc941c31349e0aad566b1036

C:\Users\Admin\Downloads\Yandex.exe

MD5 717a86efdee3d1c24957bb816f08a026
SHA1 4399b7dcfa99ab8536bb0d70a970115e7a1788b8
SHA256 66ab951e02012ef24691b21f6852ad599d2ca868c97fa0bebfc3c9bf97b2eb63
SHA512 dd8fc0553c73d27737b162e93565315564191a9244f5bd5a6b1830999fe028180bd027e17918e41ff03de5aba13dae339af75731251ba7e87c5e8934235a66c1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\crashes\store.json.mozlz4.tmp

MD5 a6338865eb252d0ef8fcf11fa9af3f0d
SHA1 cecdd4c4dcae10c2ffc8eb938121b6231de48cd3
SHA256 078648c042b9b08483ce246b7f01371072541a2e90d1beb0c8009a6118cbd965
SHA512 d950227ac83f4e8246d73f9f35c19e88ce65d0ca5f1ef8ccbb02ed6efc66b1b7e683e2ba0200279d7ca4b49831fd8c3ceb0584265b10accff2611ec1ca8c0c6c

C:\Users\Admin\Downloads\OperaSetup.aTHD8uIu.exe.part

MD5 ab0fea7391de383287a19937aa60d1b4
SHA1 6c04973cd3737000f285229620dd06f891abae3b
SHA256 f22701991d0cab406270f68396a210233b89714ed8bfb921967891e0796c5201
SHA512 235a82e3b003fd9144eb6066cdee9818c938df5a4ab4bc4c90e9e3891bf05f6978d1e6be8938880eb1ad7e347b6b3acdbcd0f395b1619b75786ecf3fad517f20

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6G4X5UFP\YandexPackSetup[1]

MD5 334e8d84ca45749879312c751ae88ab3
SHA1 be93f412d63842f6d573e610e8819f1563fe1a8d
SHA256 6acc7eb046aeef6f49040284e9fbf59637c5bc074bd56f22106f67d07a7686b7
SHA512 3aa0db5677201ab179dc6cf57628cf01e90696bc8d33224f2ae743b50af49e3eb9f5edf2f5fed0789cbefd26c9c033b58e6bae1b5e2a372b83196d06434a9261

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\1474

MD5 865167dd340cc39ab79f512cbb985b32
SHA1 8658cc0fc75d014cdd2768552e1bffb077df698e
SHA256 4c3c1b78176e742d3f998eeec2f2f03974558043427073a72c230b5485c94885
SHA512 7c60087342d22a5ee0e0d1ad2b431e11ec2cfef8355ce4c04219032141dc61318ba4f2dcfcfe7a4ed8239e142682cb44bf8a22df794df8062d507c6ed9e35de7

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\8118

MD5 7f8992c352ba03654392860917b83c54
SHA1 d80110277db04153a3d77132c2e48166c23b20c1
SHA256 2470460271961fb743c7c1550818dafe4b88bf24d29946ecec90a197a37a1bc1
SHA512 a48502c580151a1c548dc41f760a3201c6a387c80b54661768c216875c71de1297f2f346df700c062b3f573861c23a42321cc2492c1fd6a358e14ae3b79e09be

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\7669

MD5 08f5301278aedb172d45d04e327bcb3f
SHA1 15ceeeb9c457e3fd0e914ac9b4bfdb96e11f33a9
SHA256 e9f7340e912c1f911e6a0f895eb8a4a67c7b735227197fff143b0f064190718f
SHA512 7cff94cbc48eaab446794904c6419fd9128afbd0dcda92530bc391c001c2daf2f4d784560d4495d6c803a457f82759f85b4f579af65b699f0c80c7214b9d740c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d89d9eedaaed070db95bab727eb6682c
SHA1 f35331a1e932192e4b010d944a5b30408709eac9
SHA256 ba51f0a0f15dae20df9aa2ad48974217d33d6a4e989937933a6a00666a87c80d
SHA512 6dac374bb4f578db00f05171cfb5cf9191671313aac01412031d565df3b1c6cfd89ee53195c837cda68ed862f127c0ac817d786bb42189d79c9ed640edf53800

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\10F2B3FCF3FAE4203D644E76C052BD7A92C8BC07

MD5 dfbadab0f084dd2b83248b04b40986a2
SHA1 2c194474f5b46e0ae209b8a683897c3663440b99
SHA256 f9e1f6330400acf8a13689799998f992655eef0d4b778b6fe8bfed4c3a4f6424
SHA512 90a0687847da98b7b5d59eece285c7a08237457e6fdd64033de8918536e3c9b83a40117720da2bc9632f5a00e7df166249746b6e1a5ca8d7bbd9d46a31e6949f

C:\Users\Admin\Downloads\AlephNote_1.7AoF25QD.6.33.zip.part

MD5 06e96b850f7e5508586c31fc76513b6b
SHA1 126f7b7f7063628c8fb040674cf31abbaf9496d8
SHA256 f4b289f5c35dd88711d7987e17516001c7e3ae8531e08c5b47ab7efdcd63bdd6
SHA512 a5028b80512c8835507477ce5110c162f7a9d0de55e89c957cdb8530d07a2edfc222e7a6242988e75ec6a981042f996fd1a8b314d78ccf9aa7c8b2a38b2eb4eb

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 cd4822f4c52abb37401c7ac716f97242
SHA1 aa9e273a6d64bbbeb02375d5cb13d93ac1ccbf5c
SHA256 342acdf23bbc98665ab874479c29106ab7f98edb949f1429eba9a8da7de08d21
SHA512 272a56daa645d6b1bc3fbed68d6b7c5c322cc488c217faf6629ffbcbcd1014c42f75e70b7e521011fb3d84b17a113af52f5fb9242127c36868b3398e2549ac98

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 a4bd6dccbd954233e803e3727e0fd576
SHA1 736ac7ae0c6dd08f60bf824b2ce06768e128fa58
SHA256 bb6e9a78793503b10c58b566614d1a524427d592c5290f1c0fadc8eb0e2a4ae4
SHA512 edce71ac8c8d956aa1dacf14790bcd800f2a977b10aecffbf49e0ac98ce6ad83aa63e3d0f90830000c6ed1bc38f9891aafe9125351a40b77761edfbdcdcc8e05

memory/2240-2442-0x0000000001150000-0x000000000120A000-memory.dmp

memory/2240-2443-0x00000000003C0000-0x00000000003D0000-memory.dmp

memory/2240-2444-0x00000000003D0000-0x0000000000410000-memory.dmp

memory/2240-2445-0x0000000000D80000-0x0000000000DB2000-memory.dmp

memory/2240-2447-0x0000000000F20000-0x0000000000FA6000-memory.dmp

memory/2240-2446-0x0000000000F20000-0x0000000000FA6000-memory.dmp

memory/2240-2448-0x0000000000D30000-0x0000000000D3C000-memory.dmp

memory/2240-2449-0x0000000000D30000-0x0000000000D3C000-memory.dmp

memory/2240-2451-0x0000000000DC0000-0x0000000000DCA000-memory.dmp

memory/2240-2453-0x0000000000DD0000-0x0000000000DDC000-memory.dmp

memory/2240-2454-0x0000000000DF0000-0x0000000000DFE000-memory.dmp

memory/2240-2457-0x0000000001000000-0x0000000001016000-memory.dmp

memory/2240-2456-0x0000000001000000-0x0000000001016000-memory.dmp

memory/2240-2455-0x0000000000DF0000-0x0000000000DFE000-memory.dmp

memory/2240-2452-0x0000000000DD0000-0x0000000000DDC000-memory.dmp

memory/2240-2450-0x0000000000DC0000-0x0000000000DCA000-memory.dmp

memory/2240-2459-0x0000000001060000-0x0000000001072000-memory.dmp

memory/2240-2460-0x0000000005580000-0x00000000056D4000-memory.dmp

memory/2240-2474-0x00000000010A0000-0x00000000010AA000-memory.dmp

memory/2240-2473-0x00000000010A0000-0x00000000010AA000-memory.dmp

memory/2240-2502-0x0000000005950000-0x00000000059C8000-memory.dmp

memory/2240-2529-0x0000000009DD0000-0x0000000009EF0000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\tmp49FC.tmp

MD5 d679e5093cb53381dbe4e657a163b029
SHA1 905f011bc21862f059a8cf5fde7136bd58600612
SHA256 1b929c7069189114a9b5e9b759c611738c5dc13171af8b98b7a89b6da7577776
SHA512 1e0c161e9a100055457e9d381de2d77df94a565b959d752b52c4be449f00061fb451784510e93ceac4bb678c37b05ed52577b049a63f9fa633e1e641300d0022

memory/2240-2538-0x00000000064F0000-0x000000000659A000-memory.dmp

memory/2240-2607-0x00000000010A0000-0x00000000010AA000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 254cf085ca97898fab2d72568a7763e0
SHA1 58ed01ffa7b2db6b4139571fc18e5656979d3b43
SHA256 10e9e099e184a8b39cc3d8cda87f57a13968877700e36d863bc73fdc9b1061f6
SHA512 b0744a5bcf038af45b1074c49e91645165b7adecf662a1c44ea155290c119217e49cc1fef23d87aa8a2b341cc086ee579e0cf77768336fe516cccafa1a9cd4dc

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\98B5ECA4AC5EF5E72FE0A6121919618AB3FAAA7F

MD5 e1137251bb83186c7a68e8fdb1a0cef2
SHA1 63d9cfe19d2a19b38b3d31a71dc974bcaffef530
SHA256 a148a4cb25e6456788fa69721adaea162ea66e3c9abce704375e8fdbfb5667ac
SHA512 e762f5365cf691e7ca1bd34b6a778045ab377be2b47020ae4c690001fa032fd8b241846f11dea671caa76d4e63ec99fdda423aeaf78c695dd5258bb59e0a5fe5

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\17250

MD5 04b2e79a918427626c91fd2988b9d0a7
SHA1 30f99b7705c48ecb4fb1eb4235c026e372399d90
SHA256 897b8dafaa3ad29eccbe18781383a11597c5ba9e35ed6f68c5d0fdd7e6a7f81a
SHA512 28df816369004d7be665481ab477d9ea9c2409cc941e1a744a13f68f9fc6c0f34d9637ba63434ffece7d598277bf842db9bd3f94f20c97604369257377333895

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\7368

MD5 7efdeb7e95a0ec261ce1d8fe44450e58
SHA1 ce16fdc3947987ba2c8428f5f1a29bb0002f2015
SHA256 15cace5e78fc1dab512e4d95d02a9dc3bd369e25cc27c4d0d078884b4b67beab
SHA512 1d2dcfb90647b5291540480a81de2bd9ce5525d5245ec078d1b75339cec37b3f0a561300f58330e40183629e5af595bfacb4840cba71189b461dd9bdf658aade

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\25588

MD5 7e50640ace4a1935b726bd9e1b1a1564
SHA1 d7836e94717cc75051bbb57aff83be77183351b0
SHA256 f411fde0cd491f65d670c081af686e2c238e43e6e3beb1a4c54f8b3297403b50
SHA512 869a16e2f10c59dd0e195d5748ea6cfbc2f4372eb8fc2f7db1cee4665db40425ef0925307493fe4a1d57eaefa5039acaaf8e5446a7653b53679c93d70d97c22e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\8806

MD5 e1a881b4784f9bc4e4cb4324d9f69176
SHA1 6308a97d1fb268e356ccba5bfa527fb3287d13fc
SHA256 17d686b63bebc225f9d9ef5d2d5345815615ca77a8b1cc576d24c781aafea339
SHA512 3fd8da6c850a54be9abf315a41a352ea7bb9f47550d67431e375a3b6e6ff8bef46c6837e855db00b3a7b4c5c6ae6bc46a76001fd9653b660c87a22555db56216

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\8694

MD5 584c4b35985691fd988dd152495705f4
SHA1 e9b70553f3c678715715526a7dc256cb43c5c531
SHA256 766b56de5c390795a6e3c89224e0e7ed449bceba95c5c614a54c17c134bc81c1
SHA512 3a35b6507bef24bab2453be2502c2168fc12d29a4aa773bc8a4ea5bdebe042c731db0501bb2730a13e5c4104093f170c6ef9d407870d18e55daff7cd5f6b42d7

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\26156

MD5 6cc8175ce1062e6179bd360bf5afb725
SHA1 a50875d61283ef7aefd0b3d452617f095d4d19b4
SHA256 da2206ad0f91cdd14cdc43b7164567c924087d0c22937178f65e7448437b0eab
SHA512 c6de0a30257462a3bcc85137328cdcd10ff7f046f7571b990881ec8eb6814c3edb58fdd5ca4a7b22bbe3ebaa5901172b5611a3581c28e22245f991ebe103afe0

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 14f9561c7ee5b849217e3dc59fb593b3
SHA1 c3d922ec84777b77e9b6b8ebe697e412bef6ec60
SHA256 1c50da05163e01a2d524e1949d838dfa91b29322160fcb7cc47682a3a4dc9e88
SHA512 d30c6cfc192d62e47579213085ff94f9c01cece0a6958daa6872eddc26478338e31dfabbaadf1134274d53ac4894c521d21cad9156ff5534dc4c0df96ec8f40b

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\3B240F37CDAE02FFEF8DDBD7C81147777AF2AE8C

MD5 4541d34ad283204fa1cffdca224a0d3d
SHA1 bd90d1fcd0a517879edd0830a826ce1f523af294
SHA256 e6549931554546e759722e6d84c2d27450513ee36c23186bfb37a6b201699228
SHA512 f307983ca7188a0964e169c4d9fd1f2ec117edc399217180ad3d9ace3a2a7a1e8dab67e1e581d60d71b42307933e3c4750c13f3680f18b37fcc94bb250df24dd

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\A6292EEC7CCFC32856F1619CBEC75285FCB43E4A

MD5 f09d4770473d996a04f8c49e6a4aface
SHA1 43123233e5b92a25ca2465d3283cd92bbe5a6587
SHA256 266438476fd52a95f967d01db57c1d553890208a099625216862fd6b1497f4df
SHA512 79a0570a34400240c6bacd815f516ac5eb5ac5f79e7f4fdbc503bf8b1623e37e64e8ab7e24175106bcc3bac3403914428733b237e8c0cc6c613f705cf3cdcc7d

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\8445

MD5 396ab0f740fbf20c9be61a929c95b66d
SHA1 1c470c4720455d8f5ca96e29427cdc9743fe7846
SHA256 11d5f183302d41e812d1e1a590d0ce1c8528395395377bb352ee49969d30262f
SHA512 0ef287a7946955fd22084e02333956461fb04ad3fa108e4c6686edb6d003aa61bdf173c3b97e32e5e24fd16cffea66dabd71d7e7b1f0840f2980ada941129901

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\2BB06C3962A0E7B1902E87FBCEE28083F704EB3B

MD5 5ac139b60d2bd4c94bb3d6a6b25d72de
SHA1 fde217099184be7ebca0bd0b77e49f01aa25e700
SHA256 7a5aaaf6dd2c03ae4e96686ef4c1143917e5626a4a8e59739bf8499b5be037b5
SHA512 0597fd9988044526c386d48a6152b8aca219db7205bc5531bf4f7c326a3cae585b30d3a832287dabb0ceb930f7a14c21108637a2ecbd5e1f0e855a11869d8023

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\20273

MD5 aa4e029875e6322dbe68e38f3f480b07
SHA1 9a46df7eac101f3935ebc23bbe7c0d6428ea00ce
SHA256 fd334e943ea012076bb01b6bcc487308ea7e83a1fe7ab1245c177bc21f3299d8
SHA512 7c6c275b68c886d4f63b9fe79c2fd8a3e09023f9f6b76b247e194335fdda80e3c86ca57b3bcc96e09ef5f09b202d8ab6c69bd2443e84a7d99f2273447e136e4f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\jumpListCache\ljiYbZi64FPOwqvslZi0_A==.ico

MD5 b46672b51b1595e0bf69d9dd1e61c8c2
SHA1 d661df8116f43a1cd04ad8573cf73940f73c6bf7
SHA256 bafd7c67f87673785232cd23136592f1e9355fe02edef0d6b7d7125ecbb44818
SHA512 2d2fde0a1cbbc93a82cf363ccd39863e01ca0abd1ea39f8b7099d98fb634be2a64cab48a1e596dfdf0664a3c3d48f6c366bbb12a105e3b9fd3c58219ecf63f12

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 6ea5bc2fab8be4c1126e939fe4cc1b84
SHA1 3c2049a8ed9fc49ab58486739ff9cd10ef277cc4
SHA256 83a13a73830e44b23048c7588a8a4cac75379341d946252e363f35d347fc442a
SHA512 d32d8c1f16b9e2bfc85f154099d3ec66523308995bc9208a18f1183ed627fc0e19e369b2a6443cef5fd8e6bf17848a109ec7a24eae477aee6251e219257594c8

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 cb9c4aeec2b5162733ff9d7a351da78f
SHA1 2efc947b773576d8b9324775c7dba264fc02b3ab
SHA256 bf7d2ffc7a81c7a937ec5d1b974575190311fcb8a9104a99887cb3d1bba9c80c
SHA512 1b8a324e4a4258e3a37dbacd9ff1a4ca55644cb839d28411c9ee5013da8e8b65d817b466ce0cee6a3b23b7d4c33ffe5c722c635bf66e81e8a3c0cfa2eb4c7341

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 28006edd8b24940bb4823d59d8009a23
SHA1 f5805ac1ced3daa32571d07bad52339dc3ccaa07
SHA256 232712cabcf2d23f5f203725174edf0e8124cdb83dbad67920559685ab121710
SHA512 0cc374dc2713eaa86f7b5733412d5aee2f99618dddf1eebfbffdd604e764832ddb8bd2ca06a889cde5c30cbb092aca998eddd3b32a463212e4a3e7b5688d3888

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\19244

MD5 2d3543cf35cca28fdaa32996c73398e1
SHA1 2a323bd23ec27d79f3a241571a47180f23d8525a
SHA256 8550b86acfe247ec6e8a7c1792ae38636b1c87d1d381838a680e3a51633161c0
SHA512 1bbd2a413358d9c771cbb7de595dfa846cc82983e31247b829abb2545a7f05c54de5dc412e90261c58a606149a6a284ac4e545f2e627d0ba0df2ada97e33d249

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\8C4276A0672336FACE7A23E0CE57ACC561BED479

MD5 5df3eaf31a4ae1aefe257b3bb04125d2
SHA1 929f93feb10fe50cf8f36e746ea9796d071a6fd8
SHA256 32abf17cf8d71330b232c30b75dbc92c25f54487903af383d2515c07844e5ee0
SHA512 c1c7187fd660d080f34617977209ee8739fc9f81db3471c3cfe96e38b89f6106d4685c31a9fc1ae55e936ca5ed7caec07547dcfcb28b60d514c8aadf7b3cf0de

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\0DCDE1951159C71665D86FA971C7E538EB3EB006

MD5 9598759092db85d547b6a5efbc03770c
SHA1 f61121d402a144bd9daebd74f943c0f96d9275c7
SHA256 9817adf83cad27dacef9fc5a95f1955f0a87d8bf9c4f87e2e200cf8b855aceaf
SHA512 3c7131a8eddf5264d980bc9882f8e781c45fff7a17a1d09d18f2f1f145eac95bd6c158f929be0ab3142b02fe695a415e3eccd1399204d2ccf7eb4e6778a112db

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\E8DDB0697939CB22CEA94D97A0AAF1C646807A99

MD5 f6180399196dbce0b9c99ab56d90f4d6
SHA1 afbdc370d61da46884950642180ef627ca787bd3
SHA256 a47a0f9e2ad2627f0054a1ed7ba3b52ad8ce2ba21c91464272e793589f83a1b6
SHA512 4fd4c91a425027677a4154e919d61b74e275cbf3724df04ac21a0919a58eb7791c363398b1635b28865a023153e716e44da55484bf0cbf64432b284c667308a3

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\44170DC829FB816981841199C5207CB2E03F5070

MD5 cb0d8b11314127296ffac78e162c7625
SHA1 e26cf3e0f3217c833b7a0b4925465cc0be631c3b
SHA256 daeb2c500f9410ad85f698e48007b06202823e51138556f409e59f04f9492dfd
SHA512 0d2740d9eab6dcd18ed1f546261c99b1348c3ed5dc306716a9bbf65688705ff0fdcd5ca05c672c6b4e9f1ad9d0063463ab7e6533df164c80d8f5d6d08485b1e3

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\AB3BC7F1A820D55AE8363110818C05FAFB79604A

MD5 96072a522c2b459d329a44949ca34c92
SHA1 04c95218295a0c96eabd9aeb7fba2b789bfbc048
SHA256 611da901c0b3deb41ef33660b6ec0087e0e3e6a1228c8c50153599449fe338b3
SHA512 2ed1b8f26fc2970fa8edb685ecdb560b79fb588dfaf2fdcd224cec2adb8ca6aa9aa141e8272badcbc8ad0a2e88f2a2d4adae302474d0fb375bf316af0c122b0e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\14526

MD5 d52e0be1cbd5bc6d9b64d4ecd0054439
SHA1 06b78eab96d282d74a2e2789b3843b92940de68b
SHA256 71c5393b970fda38449ebb9841c70950cd7279f609b227193a0489a6c9999890
SHA512 79c8a37951a974d74593918baa0a55c2f93a2a6ac9367a06b73671feebae7342a437454478536f879b54828a17465abd56476a5c6d488682ea9f6159bf576eec

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\11261

MD5 7426e50f50e529cc76d1f98c754f1134
SHA1 a71a6d9a37879415b35ff20389b487e0e3ac1371
SHA256 6b9daacbe6c88fb14a0b2baaf2c7a1a02ead9d21e36d48d17fd3a30b90c98c9c
SHA512 7a25d2dbb138266fbed81915460ed0ae07d0bc7c55d3b95c73a62d6e97bd3afed5a7647e9a8ec0777615a27662225ab9baab98ea488c5a99cf613063dbc3cb38

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\F5DC53E111DD9C0690FAF138F8178E8EC454A404

MD5 abd23cf8c8b8ee48524f2766235f6942
SHA1 1338aa5089f3f557372bd75458442bfe288ac3d8
SHA256 4b2e3e8009c5272fe787070f6a740f7754c17ce7281abda51f3173287f6271e2
SHA512 28449153c7ca45bf3ea06c48bbea1f48e1787674e52f8bcaf6922cdeec4baffa03f5d458d5e0e873abaef084d50e8fbac8f2b72a30513b5197e3abec4d689499

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\10289

MD5 72b156286189f5a8f99c8d992a018b03
SHA1 5779df6b3383715444b5f9bd806c1f31b17e1a2e
SHA256 516ab6ddb8137a99fa89ec1597ff3c1c3222cae7da55284c8ce3c9709db05861
SHA512 edfbae4d920758c576b6bb62b3fc792c889dbfb41fc5be6e4daeafc6e2da121cfa81855e5f8b9c559ac6cb92f57eda044676addc5b177476d0b31f910698bd4a

C:\Users\Admin\AppData\Local\Temp\tmp-403.xpi

MD5 b21e81ba539ed31756b3e749ddaba4de
SHA1 f0309af33fdae794c11271a10f2150d00963b3c9
SHA256 2d6a7a47a40ac4cef8a42868912d42667093f1a8412ad5db421e6a402bb6861c
SHA512 cab71c4626bc2cc3611f3b68f7809ef84c2fbe9060bc108f36756e26e86accd0183a24c9420aba290bd5d588e0c5b42331f455e602989c8d00ff602790258877

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 4ee513f4c6fd359d7cf108ada7ae3f31
SHA1 ccda9cd0d994974eab0f52108480aad0496b0a28
SHA256 124d7c90db539a287b50eaff63ed605faef56991732d974a0c191661a1aa2b1a
SHA512 6f97720ae59d1ecb3ba28789e16248d18c0dde88cec2246937e4f2666f8904f06755423c5df26b09b8b38c0495e281657e708bc3a44e354cd211b2cfc0730527

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\5568

MD5 4d8a98fb8132f3763ca068298200cd7d
SHA1 6cd041bd78e8a399becfeed731b37dbae80b12c7
SHA256 3f6acb9249dc17850b80715af511731e64884d417ca8aa31ee2d3d94cfdc0b1b
SHA512 a145160c141e46e6710a98ff4ee1329d52882dd757ff06cb9c2748b55599048242866b9c211697a703faa15e4cd0f86bb0f64c5dcfcb3d655821ee0428584e22

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\24376

MD5 44566a0e1fb5c8c346b93ae3b398082a
SHA1 5784c97014f0044ab44e36d2fee1702b03366350
SHA256 99b60df596ce1cf7729c8c9e5fc95c8b9a940b02d16c287edb1a8d762d75bd5b
SHA512 ea37ef30e2a00920f419f32098efa7fe25e83181e5d8391eb14e2692b78a44672c798442bf3c1a70f0fbc9ed554c4311a4ecc732f22a47bbec2df6846b7fa9c1

C:\Users\Admin\Downloads\TelamonCleaner_id67a383f35fbe1sp.eYSLSW-n.exe.part

MD5 a98ba5e5bd6af616702643651a9db2c6
SHA1 224a89bd00b600fc511ffe0e72d0e5e8b5e907f6
SHA256 ba360f3249b8be076af4771af5d9bac603351fc1ae91a19cf61a04f424c4d3c2
SHA512 cc49da583294e27aff1eaa12ed6fab1c797e72b57e5842216526eba00de41cbeb48672df255e78e9550d32b1d3834702ebc212d673adff4d8519a4f41aad51bb

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 aeec6d75689a51b2230599acb5e6da35
SHA1 ddbe8be5219c1908fa456b0a2e6b133159fdf59c
SHA256 55c7a3597bd8e708564c8e245d21520795b06c9daba43ac1930ed23d15fe259d
SHA512 426c0238f9503647e7d2249593e765aa7250aab63baac3eb9852151efecd267789873b2f11f8989b79d818456e46b09bd1fcc67a7e74ca74f4031affd8ba68d4

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\4656

MD5 226891d540d15c8ac6c5bd9ff5174b3e
SHA1 1fb6b60b6ec398be3b493d356ab1426b3cce4d65
SHA256 3c40dfd218a4f69547a4e6cd6c232007854804c7b3bebe8c143dd7bd681b7747
SHA512 79c9771989494676ddc9800ca681f223c3a1885359aec784044a1b724595f4c79262ee3e7a722d0e00c5c76e842889bd86b21dea191df4375da51e629724e260

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\downloads.json.tmp

MD5 57e093809a1d8ea686bf91fe557802d6
SHA1 af6686fd4565861e7682c02ae69c9ab9ec0f9335
SHA256 d6df9c1a5f45dc5015697f8b166af64d10738d1ae901471ca9e1f3f008824981
SHA512 3aa70140ba091840daac6b5aad2514534813f5b9ef2ca43f7bdfea031579eb34cd99c9bd17a81ed9dc56a6e133607685065db2590a5fe00b93159501accf9c68

memory/1084-3882-0x0000000000400000-0x00000000004ED000-memory.dmp

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\30059

MD5 b5ea71c7ccb5eeb2bee8b82d587579ba
SHA1 b732cc142c0b0a0799acd9a8fc3d20fc984b03a2
SHA256 dd0e5ec94f5bdd66bacfa6f01a33f3a8e98cef2e9a9f3db2ea303459b61a62d4
SHA512 e2ddc0fe024c91ffbde506c58ce038f221f48b3907bd403e4ef3dc85dc00d1839bf9596b0af0ad9f3bd4af6ed113f12d3390c4c64b64e2a8a18531e17ff28f63

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\77A2DC6F624F2766719F0D1A59CB7A14B741F482

MD5 9457914b1ee9930f0163f3f1bde63948
SHA1 8f3563a82eec1db21ffe9299d6d7f4c9507c0611
SHA256 3093a47c592b974665cc0daf1fe4201fb5b307059ecec17ffa72e79c9469fb87
SHA512 5ed481e25c2d6e828d64754027fda003286a72a61dcaa746f701ae00a1c45e5dbfec8f3a11b4e56370d4cf8498318606cd3fac140a20b3b9e311e2f0161a19c5

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\16370

MD5 bb7e056c655c930317b1315912603338
SHA1 2757a8a05bac4553f1159c44e7d6de1f87562de8
SHA256 2dd82adceaa545ff207f08a70617f0569f607ba0e68aa09b88924fba789be7ac
SHA512 83748a2c6b79e1b15bdb10bbccdc265ad709519527b07a8e625985a7b5dfb08c2716aa525b618b8c40256e01431c7d64a58cf402680ac6722cbcab639fd79d98

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\12880

MD5 13115de1d4df4578f6755a76a0192921
SHA1 c29b037e9c4d3caa4d89d86f165c2e404f2b963f
SHA256 b8105f33b2469d50b6957eb43d333ba227cd3f36ea8ece4bbdfd770d17f8c0a2
SHA512 ae02cf97c7d3ea52496811b5632f680568a37a6ffb55c6cb20492ef91f5b8e0c544a300634d866dfef5bc4b999ec86a1395f1155d7d9ff3c53925e840fb23e90

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 55050d0c120c1201c7954f3ce623812c
SHA1 3bf6431406923495b1e24b4178dece6849910bc2
SHA256 c60bdbfd35ae058e233dba5435d5b460f91dd33074fb4557b28e8c404ddfd02d
SHA512 0db57f32cf992ebfc4d9379e5640e2085238c8b134e4595216267ce86d5b49ef90b9736feb55fd862ee3fba476e088d15c11cd00dfb9d68e0d966ae54ba49067

memory/1084-3977-0x0000000000400000-0x00000000004ED000-memory.dmp

memory/1344-3978-0x0000000000400000-0x0000000000729000-memory.dmp

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\98CBB57A8C3603C773F3B2A6F9DABF5335E92CA8

MD5 70406273f992fb5971ad1a98565afe10
SHA1 7e1d5891854ab06c9e70300b47906c50c7b2275e
SHA256 e3814af0f7f70e88d031ce51518cf77a048edf808351a6fce595d3ba388dac67
SHA512 a19112c85f928c43a991b4c81b1bc78ca0f0d9a9a8064c4dabc5e521fa9524ff2a289fbdd5d24cbf161745c3a4e253da4826b5558446552543f0a4350b83ca94

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\14301

MD5 571b8d4953605505016e021f912634cc
SHA1 e05f3b6297430ec0632f457b64c15a3feede3704
SHA256 300ed84bdfb645cdb0e2e7931436a117d8602781fa529e32d85f6d75c45fc11d
SHA512 af321407bca43e4a5704b01bc5e939d4e7cbc0b1f83659ae9ab36a09bb2a42b3cb94fab16d35e6c3437442ec114e53e7134d93dd69f53b30fcb45907c23fb37e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\23986

MD5 6ec93e56e1c3fb7c8cb2a82a27c627df
SHA1 37da7ee41b18be0915a95fd4d76e541c9eaf6a2e
SHA256 ec6ea7965840f52080aeda9df025564c5caf0731f83224e992198c52bbcd0fa2
SHA512 85b205301163a9f0a633ecb81b5a0ee27c0d284da4acf936fbfda78efd6f524bb798217958da4c5c5822221b6fec0a3e47eaadc960d9045aba03b984636ca00d

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\25355

MD5 57c16d3b3535fe226c20eb12bdbb43fd
SHA1 4eab5870d44cfc66011afe306defe7e8eb8409f1
SHA256 8223163c51cb9e7ba07c606c8bc40c476fb5517b7d3317ebfffb8a39a4b46c75
SHA512 312f0e93ee5cb2abb940a1b6d13f13ba144cdcfddff7b3fbcb4c41ee8817caed71fadbe236a86a925075f1cde5826b6b19886a1912508c6e6ad1eb1e990689ba

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\18824

MD5 9954b3b02ba45a3e3e7528c118a4ccc9
SHA1 110a6d03d7a4341687f08d87db07bd3bcf5754d1
SHA256 8301e04e8c6b8eeca575d37734b6d0485fa40a2b400b4f681939b968e0697683
SHA512 ecbb9d87876c8f111f2f4d6bd8a7ec89da285b50864fa5dd5e6140dddea002d70e60f5d02c6f0435d2eb3a057924e3a4db282ac78af6788bf303ff90740c6f26

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\18712

MD5 8d3b17b30a3333b7076200ce7a55df5f
SHA1 ecc6d1ca6295b8b24570cb700c9a4db247e8a874
SHA256 6e0a09d90b15833e25fa4c7325b8933de9c25aaf299c0c07044f0cdac7348ee3
SHA512 e7001283ea4ba4715fc11194645a8e4b1691dd10ec2f6536b91d02671b3ac50910140cd418f41c2e2c522cbac901d700bb7c190267bb4dd77bc68d8fc088c930

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\28508

MD5 32f0483b1adc5615661be55aec677d26
SHA1 f40962d64a1babd73236514d00e517d8555240cd
SHA256 3a399d7cb488eeca9d5c9f5a130cca6bac8b8a512fadd8bc34a46c34338f6fb9
SHA512 29f411187e9184c38a8cee7146e912529b4a14b37f0408e234c0bf9d16577a610f870892bfec7b02ca311eabfc32cfb3f6cdf257c82f34b6810d3656b58cf4d4

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\21975

MD5 a7f388d28ddffb467ad37454a0920669
SHA1 2157d23116fe42ae24882e165aeb607d4c77389d
SHA256 20cf31a638ad624c49dd659269efffc7f146557f868ab36cf53427fdf54a3bbf
SHA512 d33c67f3405e9ff3bc416782fd7a0ad716af8f2966429414a3eb41b8334645eca0c9516346107ab4f902deb540e95fc2e9d555f10e03b4f91537d4e7954c4ccc

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\5537

MD5 3dc995c3fede83945b218740ae3a53fa
SHA1 ebbb425e787a3df3153b9f125b863e7300baf524
SHA256 42a77c9d4565347af56574e4eba41b80bd2b9ab9815a1b88fb3b012ac9e75dc8
SHA512 59bb5dbf807eedee64a15602c660a753737080ca0fa528a14c4bd14eb6ef000f3de7c0f1c04615dc5d25a624672d641a3403de476b02066eb087bec410c27acd

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\31774

MD5 b00e72af024a54b19bab5e59a7aed03e
SHA1 6174bd7b52e8e7b81add20ae34e0baa9138c3940
SHA256 5aaa13f2a36dd628f6cffe052500e6f9ae98f103f7569404fc9c92d2406295e0
SHA512 4d22893966322de78b35a162cf558912e1af801e60726f5b1af952fadb76cef5fb29c521ddea92848fc5194c0cf581f10a0431c9c448c153d01574dd13b181d9

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\18263

MD5 d0704d7af10cfb538e4a961f4effcb54
SHA1 6d15c6c5ee126b0dc17be2ec95d4dcdd256129ba
SHA256 d2b97653f5edb22e4ac8308a841d71f04eec48967b1b7f8d4913c8fc9b974f13
SHA512 0b587ff2678a9fe4e054303860fa8843a24ab2ab9dddc2b41c36311f2ed64571f694db6ba6bc0738d2a0e299d99947dcf3a284f9e78cb61020d9e9824b35ee36

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\5088

MD5 6285ae5108fff2f705e146202e7c547b
SHA1 fbb37aa9731747a77667ec22f6470255c56fc106
SHA256 c7adcedd12b106f7dafeecd0caa9ce9657cebbca025299a2362b91af8f8f29de
SHA512 d7bfb6422cac3c135590e3aa7cc70f90850a33eab4a238a50be32bda6ad0f4a71e4a03b292c2516221ca43b7efa5f01e06dfd724dd8ed050c6c30e5b42ace378

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\1823

MD5 99b5696e1ea9f95205807538aadc0edd
SHA1 f6ec7178a91b8cb51d56a3b36349185f2ae83515
SHA256 daf49c7fb6f7773df809f3f413089b3e1cbe1e55b34b1abf63829b08e07a68fc
SHA512 024afe828d6db7a16ab3669c5c932694d6a7c415a303cab264156e619f6fde98b003fd60926006f2644edf62461c13b9a37a49ca1025db494060f3bdde8b3d20

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\4976

MD5 c49e395defbcb1aedbcb01f6bede2199
SHA1 064fd79cc724af3b81db976189f3c7055628366e
SHA256 2032bf1f576b1ecea6375f70dfb263a3c64541ba3898a42b77448bc8b16672cb
SHA512 5da1018e72c945690c8388019a412c5e4af1f64039a24339c2739478f374aa90dbf2e4a4d751a17ad77bbefeeec31485ad3904f35a830d9371c034a7ec45e6fb

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\18038

MD5 1fe498f48088c4009a87891e87b182f2
SHA1 1bd8855f8ddccb3423ed14bda0862a1fb349259f
SHA256 739d90bdc982984ac97520c42cde1870fa4a77b512d55f27bdd6938c7217a72e
SHA512 b17e67d5a788209f8b59534f04a5e6e6e8fd35be9c119f1a763701468adb5b0f3b420b2858017110476f385b013bff7918788793135616b3da05372c5bee7b5c

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\1711

MD5 5a36841edf87afdc30ac1f84d0e1e621
SHA1 2bd94a89c94defca3f31d8516b1665ee2b3f11d7
SHA256 904178da3235aefa2e095401495c650165d2c0220d1650cc3d00e2836dfe6d27
SHA512 1c76bc8264e36e078a720dd3f64f92836f5605e29a488f80c6c466b39bd12e303ffe9cbed1466d48a409c85fa5e75a6ee14a1c062be17c56fea018e633769787

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\31213

MD5 d5d12b762967598b160236b792eccc81
SHA1 cdf3b0367be79194c9c2de897be286716b8d6acb
SHA256 706bb6167d0b35a765adeb11c465c8637ce7635fac32199487be2f2aac543717
SHA512 e190eccd9f3caa718ced4cc69bb93ea79d6f38a56957bd5a2ef23e8967a39504b3ed87b0c6f057bb4823adf785a150e6d8bd971ff49e51dece21e181af7069a7

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\24682

MD5 0076ad388196fe21940b725086c04bad
SHA1 68d31397bd5ef75ec221ab610093b2b2690b3515
SHA256 a48987631e25a34a14b1c1045959aa27621a7fa9b6d2aac1f4f072116ffbe3ec
SHA512 a48dbe9a6b43d047173db1dbc997c99a1f283afc66792604d3c9370b40aaca270f4c66137026f9bb7e0809fd9fe321377835f7b702c9cb393dd2c0d042f480ac

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\18151

MD5 36bcff11d4bf202f28228811ae3bc3e6
SHA1 bc168264273245927f7f61807dfe21af42f83548
SHA256 d132118e90df9035f1432bedb8abf2d87e71eb5beed8c8acb719e7d7122e43d1
SHA512 8954d056c4f97835d58073785b289265a20516725faba4e6a1a88947920e29097fa35efb2e50eb7ad9ee3dd494b2cf05307d0f4ddd7e42e9f86797f7aac73e02

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\1262

MD5 6010d5006c2bd2783408262b4fe4a1bd
SHA1 fc6d97fa5cef80545acdb9bc32b9aca8c8e2bc6b
SHA256 cd97490285717477afd5120e427d1f3ddf81378048d919dd816f6f743d44b75c
SHA512 98e4b00c4ee484c31fe8d22e03b59ba2014118dd7ea302eb340dc187cf8ad5c40573a3b53fc871b75d49adf5bcd44a94f82b2f7f9391aa017056e7ac0b4cdd3a

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\24233

MD5 1d9129c9e83ad3fae9cc03f51a995e32
SHA1 43f839f6ae202a95ebe2a39e68bc502ad7887202
SHA256 23fb57ededef9eb678bb9bdd28c70f921833790158fbbc86a9e7c6a106fb8ff5
SHA512 533b0e50e021342706c314335b8902757076c49edc5d0d47cc74d7b7b37e9c6b9d8593c1c956ea5167c8e96849d33b8e23c9e502eb777d285fcdb918785edd40

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\26547

MD5 5e8b54c6aaff8b0f9971b3f4e4fa132a
SHA1 53b8b2c76629bf8e9ad98d5d4c10a1e338cf95a8
SHA256 725c75a0940c0b0f5b8921e19697f2bb130d0d1663d75a971706a9eaaeee6d46
SHA512 72ba010a7f4321011d8efb21e115ec8b7ac8dd21fb9a44cec3d971b933a2bb642e40a19d7bdc0aff8b54093811afd1ecac932cde5fdd52a33e1d577e18e8cfc7

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\15964

MD5 8bf2fe6ca8cc73716834cee6e44add9e
SHA1 7294ccf9dd221732420440b8c01dd562111213ba
SHA256 229d3b3a9e19187efa7e4e07644b076e0694e739aaef28d8102a9ba99a3bc924
SHA512 cd5cf8033bd46261583330e054c02a4b8f54986ecc0a0922a8af1499c20a1e9444e09e5d4056d1b07a0b66f20c003f6de5ed24019d4962457e2ddfefae08fa49

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\32292

MD5 6f74979d00ae971394e983852dfc094a
SHA1 792c67ed355a35bd11909ce033aa055da0b05440
SHA256 7d9b20c921b343039df97b5d38f8c949407cd5842360cedf39132d13c540ace9
SHA512 6b9bd7e8b6013ac1cb4ce4d84d32ea224255c685da79830a7b0ba26aae84710e917b8f663c1599dfdafb8e401d72c38bb3d5fddbda993ff95a03bd0d63ac97a9

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\25761

MD5 328b025e9942d98506a8e2fe98f6d166
SHA1 35c7275e7d3b89f0d0e99082b156690c6b3ea156
SHA256 07a1605b18567079adb0fe2a8680fcc393ed6f411aa53da78f8c2d9085402d05
SHA512 e67f3020bc093b2400e6dbb134b12509d7c0985d12a0cf1f69fb3d110733d62d79c5e0f39b5da28fef5e85c1c7bad672ca727a387e2474e53ea9103fb43a1564

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\D2D4CEE0EBA7C34489300D793431F9F8CA2FF328

MD5 ccff8e15ac03d4a1886cfa26bf2b723a
SHA1 9b6b0d522fc86da1388e4744399db5c10fd5cf59
SHA256 05202aac830d0e79ca2f3d45729717402eb9398b866f6994f7e2b4b44d9a2ee5
SHA512 9c9458b3949ae775ba9260eddc2cafbd3532448740a77dd1e1279a94376e0f0ff2b753081eaff148a6e987bec61b3524de882f23492aadb42f9bcad8aeb06f00

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\40DCB6D55E314153F6072162146972EAC29E8DA1

MD5 8d1c429aba73767a19e8edd20041178e
SHA1 dfcc023558d358bda6c2782e9e2859a5e1762bfc
SHA256 aa98efffde99f81c96c6059cc660b4f68c06de94ef111f4e5ed75bb2ba4a7440
SHA512 8f146bafe0be292584149fe4ef1a5d07fbde8691339f4a85d4d7fd0379a87c078b36079e735315a5192b8b4a543f133a28b008cd0019d38e8f1eeee5d41d11de

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\760B6C1158230F4D5E69C71A6DCC2B1B53BAFACB

MD5 eb7c3fd7ac704264cd585f9eefd1888a
SHA1 265453b8e3ef73042881d4e74f9c3ef58e554095
SHA256 40266913aba715007f6a6894e582ef0903a1eafe1073fe2964e5b81a8c851f03
SHA512 d1267809ac589afe3de287a9fb1718bf044a26164329a572a20b34b194930a097d88c07edcea0cb5137fa56693c7ed1acfc010c8e9165e6815446779064ddc17

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\678D03F2DD18604CE794942E2FEBE59DD32182CD

MD5 1d0c5304f9d695875332a36ce34ad166
SHA1 20ad67f97675cfd36dba60f7cba676a89d2125b8
SHA256 bf2d6d42fb8474208f2085a3e45f1a31caeedffd56be0d3ab0dafd4befe3bed8
SHA512 bb138abe49670c3879da0ba161b3d0c1da203d148b30905dd7dbd1580a9e65f86a724cea9088eee3bf5b7722623730a8719b022fb5ce29a5fbd1e7361886f925

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\20007

MD5 b9a498679918fa43b782d7f25c20c89e
SHA1 90860de3bc3ef8a7dfbf2536bf065b4ad03dac0c
SHA256 c3b846fd7feb8d0a5859bff357d6581246e784d205b0759d8d7219ee2af61b89
SHA512 270b4cf9ff07a3a3b59d8d2a97dc6b36b6dec0132484d21f5e657d4db0fde8841114f4a4b15e6682a1853cbacb2c44724f3d4bc5e47bdf172584809f943f75d9

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\21C650A8F2DE2014ECC454552AF96FC06D2E70FC

MD5 4b9a43072d80180f65be418b82b1618a
SHA1 ee6ad0d752205e8f04649941d2fb74d16a217d47
SHA256 b4906a0e84e00d29c461083049f077436e8b5fbbc0350423cf31349adf95fbd5
SHA512 042379d8eceda60d6f94c87fb08502ebf68cc171a33fe815d1b3715961c0131cbb57552bc5d5bd803bf0b408f3e05248028ad6ffec72f14137929c2c26ac0a20

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\3455

MD5 410a2a94a5527fc56c3edfe49b08bcd9
SHA1 a9350c9aeab0762e0875f2109eccf0effacc10fa
SHA256 084b31484876bd02ee6f1f5b795665359ec2a0984e7cfcb43201a640c553ae9e
SHA512 d36964074298a5f52453f899feedc9d2907f13518baa9cfd5c5ff9bf2eb4cf9836ffbf260f8341e45a4924c9388213a25f3decbf3cf19a9272f4fb01c6ad2dea

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\5834

MD5 1dbd8880108f9ba58f996e982c54a6eb
SHA1 ef1dd9ed1f2d0d64b3e8143f49962026cbb4f55d
SHA256 aa3362fdda83f97705c500f5e3612dc0d471390a44f76171d6242dcf278ddfae
SHA512 6848ff7d7ee9cc8165937c9236841fdf71365eaf5874ab11bda9bd5414f63bb9b1b1fd164ef027ed8750b1eab642bb2eea1b4769b8ca0e1edc4e970ce44e57b3

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\32071

MD5 a42908c4f1c5c65ef275fc0740465f6b
SHA1 1dc0e31853ed6b3ebd387aebaf079d505a3a3716
SHA256 1044492bdcac2c59d92e0d0f0961e8ea9c64ce278dee6fd9b4bbd711476b0989
SHA512 667d463152f5da839a6186fe60633b408b7d2067c9092a06bbacd39af99a80574a5c4ee3942e640c6fc7e43182f4483faeafb90ed664ff944f5edfd2b6a9e762

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\12141

MD5 91843a6f310398a1d636af3cbcacd3f8
SHA1 ecb0f23d7c338cd704af2a628effa77bc575b08b
SHA256 bdd4b56e5c86f9ac70b0e3e8a90ed16b74e51431cbba7856503e0be09d0aab18
SHA512 080158cb022b6da4f7fdab1fdb9c986543f35c24e822d548819d0a5674539cfc015ffee2bccbefe1c5ebdec10a20584232de38141220ac5ef6f127ceb4ca9a0e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\B0753F0B8FD1F2344C41E9B51D77C3C42B33983D

MD5 234c152f2ad5526cd84e6889bbedf23e
SHA1 e95db9f777a8a7d6735d2172f91e8003af5ea031
SHA256 5d8814e76edafa50de915b93fcb9bc4b21fb6e63d934b448ac130e61120d9b75
SHA512 f48cf6ee1e097a13c8ae44ec5255a2954491ff355f8af3a7159059fc3141ad02c8a0434fc914ffd297ffc8fd645688ef288c306ad023ec79b17508677e13ce16

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\9324

MD5 cb65c029ae7593aaecd0a0f9846dbe11
SHA1 d3017635dd8b0bc247945aa2acb3c1958737f496
SHA256 d416dff5ecbdad8c4411df59c13e41888c707571aa9c16723fa0eb39d5404061
SHA512 5886c0e641e9b3ff28880648784313b61c0a10524ca0b647a4fc7ad6165be1981b1363977b5f8d3b46b9d3f1bf40f513846cf4616e2c2af244a6a2251f1d5644

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\28469

MD5 26880da3e578825464473f0474ff47d7
SHA1 bce4e28e52da2998ddd44321e008570829b8c1d1
SHA256 37712d1e1c28a2ce21a98775205fcdd56b007f4661d005dfc964ac17267be213
SHA512 db10c4a2b0d8725cc31a968b093553034ccac3d724d3d9fd09dc92b3d0bb42ba22b287e483b1b3f95c141bdc9b8c5e64bdea7151a5203b96a6ff36766f3bcc03

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\22623

MD5 fc6dae4f6b9cddb936ed297335b04df0
SHA1 480b824b9bb9e17ab8a3eef5ee2e8345cb0a888a
SHA256 e3ebd86c66fddbebf6102adc67ca2b104bd3f997b82f1cc773876d0d121216e1
SHA512 c37ab121133ee1d307047cc52d8c243ded56b08d2e9f77e1c0ef53413f84c15c8626f7c490b5053eb804b76d898124f4053c5c5f627718df10abe60c62325103

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\15979

MD5 d7db05128f7ced69c1f3142d7022fe92
SHA1 af66f721514e8deb4b8b67238ae52913447443cc
SHA256 143da939357f5a753e8fee5d0cd8cadc144b86ccf70424e1425c348ec4ad6ac8
SHA512 884359c49f65aad984eea9500b7026f029a052684882bd1d5f6ff83fca42d528968d9d1d325019d95915b67c8210d4c25158020e5afee672bb60ec35f0dd4dc2

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\12714

MD5 b958c245eacc4f108e75d6fc441bda0f
SHA1 a353a5421485a3a5a78f3f7bebc5040f6d70e91c
SHA256 2155c3fc00a8c28b83ba59bc13335f7459a1aa15f255dddefbea05aa9b6cec21
SHA512 4502226fbdfc11d3fc8bcd15ddaddc104b6d2fcc0bc12017e0a666ab7122ac3ccae3da30881666b94f01bbc293a730bae2840cad744cc35d607d8b43417ff06d

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\15755

MD5 e649657254d3eae273740b2c91e80327
SHA1 68637cdbb02e5fe4c0a5930fc2f1649a6ce70f26
SHA256 0b649e7d4aca9d4b164c409666dd209fc9e337b2cdd23d30d9df4fbd92b8d358
SHA512 33bfc3a3012d2aee5d186f44dcf9dbfc67581abf2298dd37f38bc5e4437915b0547c88b3e758c30e3ff42dcf3864e085a57843d7c5c9443f5ec58a1cbb3ff002

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\32419

MD5 9f1fab68bf5a02847f34c7ffedf9578c
SHA1 c57080ff789fed7dbc0487b98aadabbc7a839c49
SHA256 c3de2b8570e6bd10fc7f073b7449af1b654b72cf041b04569167394373eba80e
SHA512 2fc1373171f8c12c1f39a0bc7bb2a3dfa9a10a3f96c17fd7a9baa6e9e406b3b7bc852d263dbcd675175abdb086a67658c2dfbe68418e83e9a4ca8e6e782d79c2

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\29B9898F2706A53A2123651220D062D244AC2BB0

MD5 fe11a5bcb7993c2c734f12e2ca84dfa0
SHA1 c7897a935889f4b64f4dbc77c50c8131c2b4ca47
SHA256 af902a47814cbf1cd5f060ea0826a1c8dad924e9c2a76ab4d39c02f65cc1c1d9
SHA512 74a81e17aaa57f41b7ee340a2762296bc9302a6da5ec3367825dba11a672296b08d85e8755b3b5f2518675051547361987255d7dedffb9e82f162a07f06d61df

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\BE18ADE00C0840F1DC6F140555E947D68C30EADC

MD5 adcca468272fa299f6e556687d5b3e34
SHA1 50f3eff6311a097d71aa92146d7467ff57fbc53c
SHA256 909a4cd79235dfa61f59d69401997d6d59fd5e4e7aba07feed70fa7bb3238ded
SHA512 b88a9032a3946f653be57fe954c6eeac6e652c870345b0d5298f8b12d78556e16be6f59a78c1bcfaf55b889442a245c49a35688ad521517a7678ffffed9ca5aa

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\25439

MD5 9d60a382c6698c3edfdbbb0f395bf433
SHA1 eb748abf8381027a7bfcf7693ae13be59a49f011
SHA256 f911521a47b62c58472c63f11fd159df97a0fdde6aac69a1bf48017f3aa0d0cb
SHA512 cb5a43470dcc6018d7d158bfb1a931eb45a888a46617dd78832d8d9c904314c59c685abd4d380c4eeebfe2ed1a0ccb69de7436b92df8eeb9a797c007019687aa

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\D64112E7907740076EF52C0EAEE600DC15CC1487

MD5 5364ab061aa664d1df060489ae319b5d
SHA1 341678133619b83f69c5fd65b117bc5aa156cc46
SHA256 ce1ca00fbd3891dd499f6d8f630b81e566bf9748d155cb813b195ee980d71642
SHA512 ed1180d60a237a820783f607c718239b15aa16074568020c65eb0191d3ca8155a5f29f3c49ef39b34adeab2db46ed6728eabdee8136c485b1e24fec8ce757d9f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\7AB46441CC6F90220C4013A91A8B5FF827C85B07

MD5 ac147c6c626b0c0f22297e6d8b5ae50f
SHA1 9bdb40fda958bb8bbfb4645b7361d8370cfd39db
SHA256 d4f460d9b4b2282228740adfa6585a7d4cfbae13c1b9928e156fc55f7e65647f
SHA512 2d97de70d0aec562b250bae808948b5e3faa564721f91b64ffa76787d5ae6a4acfbc4690a075fc7c0b39153c2483ece010f946017b0a9beeb47228d8e0c9c86d

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\DBE02BCC50035BCE2819F82880D4A1D02832CB27

MD5 bac08ec04ab5e4c4870891cfc52583d4
SHA1 c7d4ee10ec92f995b355977ead0062ff1f1bca31
SHA256 4ff6067bf230f185a237ea0760651ade524ef0b32c9b60e5b628cc218ee10337
SHA512 0fcf5025910631ab65ef7f3abba8d263d198ea5bed4e405eb55120fd5bdd7c3342d4dbf22ac6788583db616d17f2c3590f1032ca4cb453091f7d2efc434c7159

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\13557

MD5 a5ec239b35a78bc1a04837f48f75cd4d
SHA1 bef2bc3f437c1ecc3f400eef101b169a680324f8
SHA256 65a22e015e22352d97281fd0d9cefcf308b1db4b9ebdfc6c43aa9e7e0ee9e1ce
SHA512 4fb6d30fce26665de24c1b765f6be5507d56a5796bbbcb228b964647caf3821eefed0d316322067a5708f0f4b36ebed49d6665fa37abc65acd7182f444b91547

memory/1344-4398-0x0000000000400000-0x0000000000729000-memory.dmp

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\1B9362AA43B504C820CD8FE963484FB890CC0D34

MD5 55a6d460e253e678139b3df25ae56402
SHA1 62b28728ae7cc97aa377a215ca2d6ea00352ae64
SHA256 e40cd94e5bad0e1811f8446fe5012ede3494153b924c79389ddb4a225620d03b
SHA512 07d4bd855c5c5e5103a64f665a74a6603b556d32e7dbd07e68a0e567004576847ef34aa2ccf30450b64d0a6eead8671ce6ff78d1cf71e1bc8ddfa8fe9c72a969

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\74D6671B1ADA81E4FB19624A35D9A48D496C55ED

MD5 54bc992c227160bbc6441bb8ab2e1dc5
SHA1 1ebeab485f7fb4743f27852225fcb7dfc98376a4
SHA256 07469d7032a35955fcc9faa22466723adfce6fd5fe1bbe34325f77539787a058
SHA512 c6fcaafd6fe9a6cc331708c9b8f2d48fe249a2aed784951db9514993ed8a3292f2968ec281c929618776e4ba5f3e00d5a0c4ecd1b1bb21f99b3fcf120c56e79f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\E1799C5C76B4D7850EB43CEA975B5C9218FD9940

MD5 0b8c7557c2ebaa59a7ba56853b3929fc
SHA1 a014c27986f6b764d28e09527c6c5cd753f664c2
SHA256 eaf5f6bbb43ccdfd169f6896db9ad7b9858a12bb09e0eb48acbf4e33943d863d
SHA512 ffb1c4438d66f7b6d7ca69dc1a03d628c035b38b1606e5bb0e7a05368ea63b8a03f5c106f643411687ed5c7fa43a7fcec9213dfc9d4027e22b8d4dd9a1b7531d

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\19240

MD5 d765ea6d5e3ab2df5477a7ce1a805abd
SHA1 b285d3159da80d8ac90cc32562da7999fb52c62d
SHA256 31ec97a517cc55af45439289e77558926087a19be5aa2c3a04ac96e1c83d9286
SHA512 54de96350dc9e36f9ddb727ddaf6b9789296ab27d4236de5628a8ba44e887e2f84e162b9ace90ec10dddf731b8418309a470542cd3c3d298b9641eea599a87ee

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\18342

MD5 fcc9a1115bcdce2f0734f2ecd5be2559
SHA1 fbac367a32a013729dcebd67cff43e1874a8888f
SHA256 37c453bc9da8460024a55c781bca79e07f873a4fa44dbf74d04d73a17350e575
SHA512 ede2716f5026dc16c3cf3df1bbfae05233a0bedbd0bafe5d9d6bb0874c30cd638517050b804d6152ffa437908562f5c37431e119fe0b9141c37422501c5b4c72

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\15077

MD5 9b82bb8f949db3ab7b0626a94400e649
SHA1 4a433d2461f2ecf51730bf46827c5890a1712d11
SHA256 8eb963028cd7f90cb9b66d2ef249910a796c8ee90c5411920c91725dd2611b48
SHA512 55ed734e2e0a53c4a3bc0a762e24b6c3ac18df9b789d43a68d9356ceb2670c76562aaf9d00a4cb43203159929f1c8b2eb2c1577a6c441e6421fb6a553c6c94b8

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\14964

MD5 b4bba48f9f6dec5badf14e09a3f1bd22
SHA1 29540c2cb33323c4ae0f91424fd1209b4fe0f5da
SHA256 502d9dc4bab638f5f085f8af436033806658636a80ddf6dedc3d70a426671f4e
SHA512 cd0437d7ce63d02acfde2dafbe5829f56862ed782f86549b64dd2be89963515fa630d0ce8c0e95060b3a4b4f77f77028cb9af9a907133ce883d76672ca9564bf

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\11250

MD5 e606ec907eb46c0e447bba5a891c3501
SHA1 1c415ffe2541c0654cd26899c84a7f8d6c2b675c
SHA256 9d1a42ef9730657a4b404bdba7625bf6bac4638f4ca23e23c4f323b8519c3964
SHA512 f81688ff4c8de50c70fe15a63042f59939339e9b67be8ab8456a8dff7bbe5fe3a3224b66d5d37b09aecec4f10300adfbae3623c8707fce029556bc8cae54a80f

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

MD5 caa64fe136e8d9311cd3cdd4a13c3d20
SHA1 f68f8af22004d197f170ea192346caf59572d7e0
SHA256 5ee1c985f1787927e4ae1d98a55ea24d37b1209ef37d17bdca525ce00c057250
SHA512 e82fdbfe427353243ca2a92e5b25f4e1d02949d1630fff897c5b50f73b6605d633a7a267b19296c431c7404fef2708945f2f6d76fe3b98bb459eaa5aa9ccf8ec

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\149FD49E641AFDB55E8525DAE571D57DE7744EF4

MD5 fc1f9d55eaae25409ba75f8f3a7c55be
SHA1 2c88123a9563307cbd4d521fbbefd7f412f8a2d7
SHA256 b0bc2469cae2b4c4b634c6e2dae03d1f30e9b39a888885c1c2dbd4fbabf35d0d
SHA512 c10205718b8379a22e73c0a4d14b6c025012ab8475d32465916eeb5021ce308657e41ad3fd27bf9d0b22481fcf29bdb84bb8ba61c577b02ed8409d4fa1be6492

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\13923

MD5 84b564de4fb047e81888760ffbef1a45
SHA1 217ea9ba4547c178d70a4496bae4a574f771dc2f
SHA256 9630b3496c21c3b14e98bbc70a5493e8ae1ddb63dbe57bb7a367883dc60cfdd1
SHA512 115a8fcdf39e37a84bd63c63c1747b763a835937beac3858049a856436d7879a4707e935b4f1a116348ae272828604e9b24b5ed672af666c1b1cfbadbafc1a29

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\338279B29641A0CB831A707ADB94EAF1A78F586D

MD5 314cc61d248e97a360d5af56ce283171
SHA1 88fb56da0629ed3aa83c617d57ed6427fc2971ae
SHA256 29ccd08512e59b7a2c1332280288471439320bc1309738cf32fe1d135103333b
SHA512 635a397586aed60f4a32174cf39e6823f47fb0bd994671df1883b36a1dcc8fc540793dae5d936b0d20a1c1afc408b2da4c2b91826a14bac5d8c118c28b6054ab

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\6556

MD5 42eb9ab6c6ac80ca311a8d1739e568e7
SHA1 b6f4a35bb976d33470bf9ceba6a4e9f1a5f3e1ca
SHA256 13c6c8b9a86fcbd5e2f992329057798c3ed2fd23de10cdd8989021681656c96c
SHA512 b2a333cc1294a74fc3b239750bc4e7a12e0a11be140987b2f7a217156942e36591db9cf1b4af3fe0252f73afaa31195256950ffd71fbeee88d117d2dbe33e7bd

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 8483198b6073b8405cdd92f672c4b1dc
SHA1 d7e7f8a390f32ce96cbcd9f306cbf8a13f5e9a77
SHA256 2c75a2c3e36a89ce4ef340b3afffb856cf71f64df9df598d6718f2ed33e09b7b
SHA512 b70d6e59bc7dc47ec876bb245c0659a9e0069fddf2a1ce5c4bd622bee34d0a1483744905e0ca1ee6c0111e64a1b373c77e80888082d1a4ceb1abf28ffc5b046b

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\22783

MD5 a967fb8887063eea8f34c95b7a5246c6
SHA1 e8999f382a2f47868c07aba2dcb16b682b705841
SHA256 c725ec970f9eb4fa34295aa598dc3c55ba42302d2ea13dd2cd3242c994b4ef94
SHA512 c2cc75cf9319c96800e8806002f4068bc8290228167446c9bc2c874cb292f7fe1c6f174b25c687b48ac7f9f6f04bac5c51a3035f0fa0b630a418ad6bc9ff5e12

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\19257

MD5 66458119617d105bedbeff791931c3db
SHA1 5e21f7532fb3b2d5d728fa33c7fd6c13b6a19913
SHA256 61b0998263998a857e3ce8034106d605b5e4eb16b6d57d9df9dc1b5d98f2354d
SHA512 58cf95dde77a87ab2e2142598764de0b97964cc21e7f1cf806a320ca7e9f482b5062897b6be6a45ee4ce0b419397ea2cc78b5f8afaf4f121e7daf45318ec947f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\9235

MD5 2cc2a20ca7d0084c17c0dc3f2bc15367
SHA1 887de5a4d48ddbdf0f79ca82703bbe714da376d7
SHA256 e065769a91ff71e73261d3e6467f7f67cc11282fc267ce530cf9a00b55e985a0
SHA512 ded9be8c6caeda27b8dd8d10929a4bd27b8638d4bc76325282788652858536b6e1147179a85ceeb3598c9a375adc00236d02c663ee428be5497de4176b240b85

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\8485

MD5 66ea15abfaef722c722b570ba5976d04
SHA1 c200157ac207b5b444cfcbc8da523d36e03b040c
SHA256 e8dec3e8351b9f9026644ec30f287649ae8b644f111539bc7b3bc3f832681e89
SHA512 cc6b5d1f17ac7b6b7f45fb5b12b898f17275ec8b55d0e4a300667c48c73d063f0a837c22ddc9309175a017d908a1ede66a976a6a0e8681c69b1a0b2203607025

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\30558

MD5 0913105de4a9a4aa813cb0aa32382f2d
SHA1 2382d88252305dff6186c12f27efa17a1ceb9c42
SHA256 0af25ed6e188fc21ffca4efdaab0c5ab60d144df51c39e8918df3faa26129916
SHA512 18d6074426d902f57c13899cbcfc501e1de03d4bdd7e8f419d52bcefda1766e040942196fa48eb57bea8ced23f245a5095542febc3421d14982182338ec07b2b

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\CC1F118285652F91F7AAD5807E85EF542B40EFBE

MD5 35947631d14d6b70262a5cc136590b71
SHA1 d03dd9e1e1de976cb7c89d6eb3bac2b80aa92d49
SHA256 816989ebcc429a318a3978d5511ead524d9fd84cc54c44b88bc7c73f386aed18
SHA512 1d29051b050260e2bfe592ce94a99e2dffbf852743ef83b951553be6addbabc4fd53f97c80904f84af633c62823d9bac430a50bb1fec108a94ec1af00619959a

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\406

MD5 4602d933b0a873ef6bb74108ceff07ff
SHA1 d486504e4b7a9fee1ab4fee83b37eb38cb4806c1
SHA256 8e836a4f117103cc27123d686cb407554e2ed292c4da06372965dafdcad5d66c
SHA512 7021737bd827ba72be2ec6f109efa28a5a0312684d7ffd6842e83f0b1595e6f675473d7d638c7e58ad18bb34ead11f584223dc8dfe5e901acecf84d4cfc55e69

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\16734

MD5 cdfb1cd355336199d36b997d1c79f38f
SHA1 4ec20ccc241c3e48159e227ae1d624e4e02e697c
SHA256 bb0746d23d3b785932cc4e8af263933dc669782552c05dc82c00231a59d85894
SHA512 6d4b5fc850be47cfcb0d2ad12f5bf79c50e104b670e3f4356566706fab86ef89240f430b955320cc0e93ab2cbea833e1b328d76834a46cd95393f43a4200aa93

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\14501

MD5 019e99ec68581b053aff925346aee087
SHA1 e04c4b4aa841dc4f8cb12d38f931f58bf365591a
SHA256 22c5e1ce0a035cf4857ad05d05d10771a29857cf31a7f24a1738b24cceb8e1c4
SHA512 0190bb6a0b3c6a3e1713c802b67f887228120eff12f2365175c7c9097d2f62a695129fc00fe34d5f8a2318d293cf2313a8b636726c72050d01173f82714e98d2

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\17654

MD5 13a8b246844e984ca25c72005bc1190a
SHA1 410c497b5043729ce733076938c883c55b1293a6
SHA256 6bb107cab34b7c22df9cd783e22f02c0e94516337d82d1268299e7208a6c4cdb
SHA512 6afffc468a6cb52ea0c4364fa418afebf352029f3cc0e85ae5fe13645a94299945236074b4ec4f34865eed996631ab87371ed2f48879ff34c7d2bfccf8645d2f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\1338

MD5 d33cb7b7e23d13ebf3e33c825102f64d
SHA1 9049eba6c5686be73248eacdaa8007c949a0f354
SHA256 138fbedf53fb2d46363668970315b5582434212a77b0e123103359e5771534f8
SHA512 c597ca7bcc4d3035c135ca64b45e11b6d8ebead12d2ae0850ce3d4dfd2f78b52240d56bfa7f6de31d32d71389c32bede04cbd8b66e633ee592ca07e07ccd68bf

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\A3B53C4F7F16211D03EB4EFDBDEC4CB8DD28EBD4

MD5 4269420b9ec77fb200fb520f592b56d4
SHA1 cf36e5e393114921895a5d8b43864dc26b74efe5
SHA256 bbcdafdf06393a4c27abd000c808608bacfe8c775c825686838ce85faa0d3da0
SHA512 7a10344b479279ec3317df2f2efadc0576278c5ab70594b434243054d9fcba390d976b3b7f5627179843047b7093c8c85403a36af7a21d6ebb18845613b3f41e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\24197

MD5 dc78fc9374db726aef76eef12fefc406
SHA1 ffca30e773ea6f139ab08c5e763684756b6f7061
SHA256 bbf0f0cd0d5c5440815b9b168c9a1086298a5b4a5fc0620d5349c47cafc8f059
SHA512 fc8d48d6866ffca3f3694c6ca76a722f047401be65a29ee8aa9f33a0497a7092a4417a89dc458ca01b1f2378975379908dd4c5cab36cb98b49c77c9fe26d1e6f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 2db3204c5b1e1e17308bf3a1484a1529
SHA1 aaba7a17a3a9e2c7923f6a01e04c5f0ef105bcca
SHA256 92684d8747bffe98ae703251b3704548871a32b4141ce215776e56d58de58203
SHA512 7c8f421e47bc30e858837f9fb4ef8a7023b1102717a39c6b75e656b24f56648e5d685f3ac4e204d49450ba458bd720b216916d598f1afa910203482d0ce52c7f

C:\Users\Admin\Downloads\log-analyzer-release-1.TpM9Cqhr.0.1.83.zip.part

MD5 e6297c933aa0dc21888183a13a4d4075
SHA1 dbbd06e099e4b53d2c28d88bb74a563ee366675a
SHA256 505d092a2831ae2d547a9c8099e751334c4870a5c4b27112b33a01e7224b9597
SHA512 9135e392e3f417ac24e4952114be636f0fab031063ee5b29f59d9ff72b0259c48dd08d882aa3702b79b61962295e11bad79c2b2f966068844f577ecfd752ca52

memory/4632-5113-0x0000000000400000-0x0000000000413000-memory.dmp

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\7285

MD5 cd77dea7362d282b2381ce641cb16908
SHA1 8d4713d390929e5a255ac91d9bc2049a5a0fff79
SHA256 a895d2f1d1fbd9e389531771d5cf6b63c46e35ac1fcde8d7eef575ae7714b293
SHA512 177a34cd80e9d6059c73a20b135a169339a375164edd67f486b37984671c5aaa9a0ef5517a7f64e104e19907cf3025ea573003ba9d142ce244d31a0184eff75d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 ddd915df52f1d99bf63818819ea54763
SHA1 d43fbd8ad8e4576bfd70c09d40d760468056c5ea
SHA256 7df0d2966cd3efc871d6af1e180858961e441ca0239a45de99cb7a04b1853c35
SHA512 059e4d4f83c3087b5ed6daf8ae1c09dcea16d9d00b6a073386e093bcd66831acf598cfc57102e9586f10d8cf12dc5796b2c04ca4a74861c60f35159f3f6c1cfd

memory/4248-5185-0x0000000000400000-0x00000000004B0000-memory.dmp

memory/4632-5186-0x0000000000400000-0x0000000000413000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 85f7a26585f24506986d5a5473355a64
SHA1 bcf2a42495afb5d3ce2d3893592c27d174f2230c
SHA256 1c1abc34e83b719668062d0926d3880a00ce2e81666c0dfda5139249f4826898
SHA512 461e933c94010fc90d788f0a238c27334e754c681b8572ee80cbf45f38481dc35b54010b3cbe4dfb28d37fa65dcc2e14468842766a8882b59f96491f38cd5a80

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\4B604D0A3BB3937BAB80372449F8EDDDA9E256BC

MD5 3b05e21eea9a2cd69740ac85747dbcc6
SHA1 8de425143f323f9c371a490ff44eae1286ff5aa0
SHA256 55dd3dcdbd94ccb603f0349f31c9c604608270cbfe55ecc449b6dce27fa545d0
SHA512 0f18b4d714600a245b029a4625b4a4e5da0d7e0878fd724e12398424e53e24eb69d717df99d8d447b12f13ccd829073501afc4c80554a2da0da94b0bbf096419

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\22011

MD5 d619aaa5f6ce23f8e336179fb7ec10ab
SHA1 c4d5c80bb61452f3b30e850925f3b5d36ea2205b
SHA256 412e48be9efe0d875ab157c25674dc357017b6e731dc3f42757c38606fa3af4d
SHA512 9ebc3eb26496a370ac4b884d5b23df482ad756729793521e75118f65e5afb38ec531d278580ff74dc46a7a1c7b81efd96bb09172c2c0d54215c0e588f4bfcc0d

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\28983

MD5 e3ac93a37a6dcd871007c3b1b2481dff
SHA1 d49b8305ebff5fe38fdbee0bdd8e84c9ddf9de0b
SHA256 9475a130845d6edc9ad2165f40e8836303b8c3daaa4ffc1106718602f56de126
SHA512 44b9eba800a9b0f608078d2188b5cb71a3be03f90f08f9ce7d0bb2c1dc4acfd95f9fc53c89aba9cb3f330341a997f717b98c8d66189c737386c94ae6b495b93d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 2264d6eac8c6beb29b9c0d0f19f3e730
SHA1 eb032b1e37b8d4cd338a14331a535d2e09cb49ee
SHA256 eb3a3db0a5181aec397154403936a586b407a7001cb119e847e3691af589810b
SHA512 7e3549d3b8f66f13ec4766bd23bba7f663c842084602cf1235cd361d11d9a871b94d404b1a26c4d3f24c9bac4ffd3b417c6587c73fab92e431cc007fa2966691

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\2B9C971EDB51B126747C8403A0B1A054411586E2

MD5 c88cc3bdc1f5b4f7072dac31b4247152
SHA1 9a9338bea8277da6e47bc58f91cc151bdb175e21
SHA256 a65c4487ab21e839a433a9f5b460ab43a0231fa4d85cd83f9d1b0c44171e1a26
SHA512 3d32741a9b69f958da9b6829888de0afc7c16dcf3bbc42f77a56f9d51b206f7fa0ffba00014b4d53a75c5418b3b17b391349916057237df3235cd712db999302

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 5f24ce383adc5b61c6beef64668c3fb7
SHA1 974d888edeec10979847f423dda3ed4eda6bd7d7
SHA256 14686d3c5e1aee2bd5174b052ab54702f0287beb568e13d35bc70245d39d646c
SHA512 787bec54a07a5f6385514b2aad28392d3939beb3d6b96e0f01b1ccf536becdeefef71ca504737ed754a1fe068902a03c434a0951127be75016368d7aa6d0cfbb

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\5A9FFC54BDC24F3AB28A542142AB9F3AB0573E75

MD5 5efd8759a603c9ba77db281828d88f6a
SHA1 704dd49678187f33669dcb41f1bfa35dd3b516c5
SHA256 068523fb0861c3a9245b688e3389de445e361c0b6e391c6b1d7baad8ef942fc3
SHA512 5dfde1bb7c6959ec7536039bcf94dc594daaffc167208ef2252aca7b3285dc2fefc269535b06e5208f8c799f1de7090b47f17da2e2f2f12abd32274a8f647a14

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\6839

MD5 67e102df309f1b708a6fc9e6a1a6aeac
SHA1 db293b96a0af87255892000c6ece94c15d8c871f
SHA256 aa49afc6e9ad22584c693f702862b57e4ddb40a3237ae0c60ab3f203b1026447
SHA512 573968b55d72cdef4c4181bf222b5052ab4fbe5fedcf666efba26b4d46310ba870d051f9f4d642104a5aee984031b0f2a4dcdf2ce9cf2e071bfa6332e040718f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 787b0c6709c282adbcdfd626549af5fa
SHA1 01cb3bf3f80d4c53ea0f041116966fdd0cd27673
SHA256 61b669c992e3d4b9a50337264e17953bef75657960084e10eb79ad33587fd222
SHA512 126ba1ba5e7195078c4fcb7190297da0d734368d5c480bff824e779a4982a4843f1897f24d90d96eda9c2b8cf54c8bacd41cc1d242315b65b11f4745546989ff

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\23469

MD5 19f8eed3646cf5631e9be6af2f3cae73
SHA1 a6d9e3e3ecf8e7b6c7f01662ddbe625c6fbf1fa5
SHA256 43c03371ac01f3e68f9bf145dd50f3ba1f1f390864e0d77982e83b7f2c2e51eb
SHA512 2562a3334612719480b93dcb1603a229a6e22ceeed8e1961d015a27621544868c67d872e17eb7568c205aaa81d8612b15ebce3b6a8c7e7348ab2c41f73da0638

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 5ad4b15bc1c418a9c7f0007ae321ef96
SHA1 e3cf68d419751ab370f0c043bb3652330e14b1f0
SHA256 d93effe58a22b87279e67e7262f11fc3318dcb5754199e04c371a288e56dc01e
SHA512 8e371e10463156fe3c601f088dca658ee2ec1a43209d4513aea6ef9ca991ab21a5cf0dc2320a64ca48173ffec4e5e09f3dfb4f9c7b7f3fbbb4d82db026290e73

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 b9a3e1e70ebfe4a86626d2486f4c3d15
SHA1 be4d0697147d2e5e847f3b31d39a2afbea9e626f
SHA256 d585130eec987904c65bb961fcce86f64b0e5d84e3007e6acae285a6dce88f83
SHA512 5fa6af63368ab3b75c38f84cf0503226b5ffccd294415d352b49c6a666bbb6b02c47bb59b9bf20f16f0d50064805401e3e7075d3b7ed0ed550fa2d81d8c290d2

memory/1344-5883-0x0000000000400000-0x0000000000729000-memory.dmp

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\9097

MD5 500cbb297e5bb1434e3bf5f077e1cfda
SHA1 cc9783167e94f55fb0d0cf5d1495db29ba225417
SHA256 5e56554a93319a7ddd9b3ba0ac4928f40f2911ea87385fa66fdb1b62a39b0113
SHA512 5541ecc1a6e8714634f80f62f8dccc0e4a7bed03c5789a1d12a3d2422a9b62e799080ca9c72ecb06630d30bb9b40a63ffb20c5d9b606987b0b3d2217e5177211

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\31433

MD5 0a80489778aec56cf008b83b2560966b
SHA1 9876188136c60a60b6b2f059352392c5e9ae381a
SHA256 260372b3fd1e5eb9ec70735e57ef045f671692e91e597e7b01d06ba3b81c080a
SHA512 af95ab8d056c50238b52a6e61c70e2603145c5028cdeb985f0ca5ad09909ca882c1f71bc3f683370434c40791d7d29f1d8bff122f8f4ff5afd37b211203bc3fb

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\10691

MD5 f9c9b170404c7eb5e96ca1f2f0fd89f1
SHA1 3ccbea593f1073f3c271dcf2389cc61665422756
SHA256 99025800430f16c6c1c71b299d711e9db847f4cd4d309555e3c08cebd9e5cbb7
SHA512 a76308a2f3e491d59a8564694bf61e16b0973558a3a50a5f997c2e0c8759371ba071e70c6d813ec57d1635de4598e5a4b3c651fc1fbebd317ecfd7fedde12448

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 5198d127ef8e8779375b7c281a3dd017
SHA1 93ac70e6256b8b14aac86041cac1231ab4fe8be1
SHA256 2e31dc665bf0a6fb4dc0b66c48595432dca8cc83b908fcd9aca5fae41e53b51d
SHA512 6f235b72de0d539435b8903233b94e6e407520021b90e11b3dea9a833522fbeed0509d03bd7fcb2b8e1e71850bdb14f12f90a9c157ece65ee1176757900e037e

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\prefs-1.js

MD5 0a7bb00dc6d550def2bd56304fe48a12
SHA1 945e76aea6394addcf7fe942f662ee8388faa02b
SHA256 689185d822f90a62c3790a1ce9794db486798956e9b52f331193121367e7c15e
SHA512 8defbd1d135469402f3467285dcc4accb99a8e62bbd80541553b15c55103099da739af334351fb0afc3088191b6e4ea446b75b490c92e1023f0d173c9cd0aec2

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 a01c5ecd6108350ae23d2cddf0e77c17
SHA1 c6ac28a2cd979f1f9a75d56271821d5ff665e2b6
SHA256 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42
SHA512 b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 33bf7b0439480effb9fb212efce87b13
SHA1 cee50f2745edc6dc291887b6075ca64d716f495a
SHA256 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e
SHA512 d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 b7c0db324e5f9b95f45bdcfaeead2757
SHA1 44525cc707c75bcde57e501faae5c92cae4b3e23
SHA256 dee7428ad2ebd0ed07381487a78c30094d86f75054c452948921768dbec7aee1
SHA512 260e7db176f754774201199d0134bb861fdba8ea5f960a017da730fefc91d42c3fcbfd95566bb8c7d0be9a1986c960989517ba0ef5f94f7d545004f856b201af

C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.ba\logo.png

MD5 d6bd210f227442b3362493d046cea233
SHA1 ff286ac8370fc655aea0ef35e9cf0bfcb6d698de
SHA256 335a256d4779ec5dcf283d007fb56fd8211bbcaf47dcd70fe60ded6a112744ef
SHA512 464aaab9e08de610ad34b97d4076e92dc04c2cdc6669f60bfc50f0f9ce5d71c31b8943bd84cee1a04fb9ab5bbed3442bd41d9cb21a0dd170ea97c463e1ce2b5b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 f43e5176107393028f12df4167a22e0c
SHA1 b86f65ee4f1bcc3728ec57e49b0b4044621787f1
SHA256 7c6a8daa50e02d2a0672f082d3460967c6b6d060b1fb937e5b94d0b1a75ef8f7
SHA512 bc2b8720bf4087e86233cb92687ee89244fe493e48e6070e2caa2b97b270146bbea2aeb28b405b8611f4be1767f449da6bb180a769be1ae063258f60a4d5cf97

C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe

MD5 261f741c93973d184d4fccf833f0c075
SHA1 cb7846fc45cc545b3ac6ab0aa3425461e219b196
SHA256 1ec6ded595b12262d8bfcf8436046c9d84febff424924cb839a1946dad76ca4e
SHA512 90ca6a11c6bbd5f97d1ed146da5279bf40330bf9020b40eb816ede0d914ed4d769e9c48cb8c839924700dec818d4f818f89e6d6afbc7091e2a2809ebe099da81

C:\Windows\Installer\f7e5a06.msi

MD5 cbb2aeab99bcc3085738c1c41fdf3225
SHA1 9462fcbb04046d68df7250f5124e79c269f771b2
SHA256 59a148da299c73d6bd4ef9a8e99736c3d3eabb3b9f895ad8ab183b657516cc22
SHA512 aec8238b7d7a4727b1f3fdcd5d3c6064bf72af6da5d8ef6542fe5fd97b8e24b7d15540426fae029a628d7e160f9fb31fc482edccc416d970f93656ecad0fd5e7

C:\Config.Msi\f7e5a05.rbs

MD5 82c1abee2651ee0e0264bcaf9a53611e
SHA1 cc5a3e2941488e68b890c5908924a4ebf89b42c8
SHA256 49ca02e0f87ac944cb9c7e0da24669c78d663ad14acdac9a88553807e138639f
SHA512 f5e6eb4c9e45a5b4e7d95ef806622eff4bb9403795d98a84bac8c52b1e50008d4e61a72422e1eef6c8d897cb52ea3b7666b0954a900326fd739ed3f2c7f417c8

C:\Config.Msi\f7e59f9.rbs

MD5 ea032f8dd0f347a8ba536646823bdb98
SHA1 90d3937950696876cc3929025b803e1caf0fcb28
SHA256 2c8996ab5d0544dfadc889b52f95f5c03b716e0ad883ed6f02160ca9a145390f
SHA512 cbb4e422b4f345dde79298736700ff262a8387d955fca3a5138f009a6e8c163512f3b39c15ad3d5f6ef807c658507d0fe1cb08dbd9b6ad59912f2dda450ea039

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 17d0cb475faac9b582a9e6dcf48d1194
SHA1 3e35a3619cd820623e32b20a9a8cda78fd6bca5b
SHA256 b0f2881bba36a2abafe5068a9efb891c65645ed9361a34813863be13945f0b0b
SHA512 d8d777f2d75c419d08eff6d791e893c9ab15a87b9ea5633e3d036d3752d35f5b189f67038c7a8ed85c48f50f8a1801a4f81a65339d10f7bba43eab8e7d64c1d0

C:\Config.Msi\f7e5a0d.rbs

MD5 92866618647aa7d4669dfef42a994fed
SHA1 54c920ea337dd178453409c67f981508a0afb137
SHA256 e3143b1e4aed2119006b703dde36e50e0033109942fb27d63e0f260423562586
SHA512 d37976a14621847d453d0e9ae203b102020d672289f17c57c0790377f5a8cf5c555396513ca564b461f8848020c466355d935172ea3d01de38d0de1b65b4d44a

C:\Config.Msi\f7e5a1c.rbs

MD5 c6445322bf379ba0bb7c555aafb93a67
SHA1 101b09a7e2f3e7ec267de826b37255ac6f5be461
SHA256 9f43fc632294dde6a8f16c3431b8159ebcb498ed0f21c702c8b08126e72dbe93
SHA512 05f020435f3a15998c7b045a15c8c924ff0b46202be709c04f98735d49c08c86a5a6f3136b3de6d30577c407a7e197aeaabce022c8de65af3708152a9e7c81cf

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 5351e48cc992f77ec4fb649110c962b5
SHA1 81336c06782db1ab7c9a81b7845340ec04de8c7c
SHA256 c6d5aedd2506714ea2ee5770cbd5b32a4c2ff39bae6c6ac769d4dc3ed6d8ac3a
SHA512 845528994bd60995dabce091795fe97ef9f03643aedc526d91bc10dda9ba79845d11d01504dbe1dbfdf214d9401a55482527e3c0951dbe8419b39efe7589a1b4

memory/580-6871-0x00000000011B0000-0x0000000001227000-memory.dmp

memory/4564-6909-0x00000000011B0000-0x0000000001227000-memory.dmp

memory/2880-6908-0x00000000011B0000-0x0000000001227000-memory.dmp

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\5C77D493933E72898DABB44F1178D6BECA63CCBB

MD5 c4cdf77650be545322d51a136b303efb
SHA1 aeda67b348f475346f7217ce46bbde0f10aae13b
SHA256 99d1436b9a83c5d32bef32d31e5e3bcdbb24c0d1a733b4f8aff3ad7ce439740e
SHA512 6f928c499e76ffb3049319d4e32e734f8931f9132434cbcc865607e79e31d54673e4f30f96e40f1b2db16473146e3a16615144c807b48eadb10637eca6040219

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 74fa6bf286ea56b85e8c5b0dfb3ca116
SHA1 02211edfc3ee5f1aaf61f08f6676e963c2af2759
SHA256 633a35aeaa8f5cdb41fab28b6b51070e32a83602a276ff4450b8e370b6839343
SHA512 f32f558f75d8df72da2fea9f9f1fb077fbeb3349f45ece466642e11007043ab37d4b9bf3f668b4a0684fd853123ac27f3c39bd1d38035250ca8aa501c9a0092a

C:\Users\Admin\Downloads\SpyHunter-5.fuZLzD1w.18-397-76196-Installer.exe.part

MD5 e7f0449aec26f5ba3b1aa0adc8239838
SHA1 b7b0dd2539c25973aa4c731bb11f12db59010df7
SHA256 9ad8d984e52b05675a4c4c3452ffcec38c7dc4c9e33d572ce06b61bb83b3942c
SHA512 ec2cab8886a149d2f97ca18092f37db212695d2bbeefadccac6754dbb5b6627cc471ac41c7740dabc11179c6ad240ab30ff5bb8a451a9fc4a043b523f58e32ca

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\C743D27B01A577E1368E7099B0E4AB32A09811BE

MD5 177d7a5f8ce33c36f2f796a29ea8eee2
SHA1 2d40c1ea831ae727652535db3c4c3b24b79dc488
SHA256 eab0c6c9058900b2f11c1a3661d58a6b8e37999c1dab6c1287bf399d68edade4
SHA512 a2becc79a6a8d87dee2fdc1bfe9ae67f28b7b8ee094172ed7cfb191abed9679593b34a5d2f6284c673ac5d24308a26632a405ea63c2f20041049383d1d386ac4

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 fde574ebd793b91685b1d0dfbe68ab09
SHA1 eaa89fcc732f8f594f43144c2e55bdbe4e0ea50b
SHA256 e08dbfcdc443291b23151571b7b2017718d140ed7a6589653f48df7f3a7e38d3
SHA512 2861984a9ca1268e337cf5178ae0e54a0785dc1de91bcfa52f741f946efdb8500d8c740dcf2594a36e82187dd4fa82b2dc6c9ee0a267b927d04464484dfaa320

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\4DA6C6D0CB69D799C22392D2BBD4B08AAB9ED24D

MD5 9b881db90a59500d6ffddb5234ccb6ee
SHA1 69b7bc9f3c49b60f658f378192e06403f28cd2cb
SHA256 6accefea3df9b2080049190dfb52541eca07732d36c21ebcb8638e49756aa795
SHA512 2f8dca7abd900ed57d2c0e2b5198537d8cb3d1258a8a33c4edaa968897ff231a3b707b6f560cbe2680979068f707a4ce6539e409181e2c802b624c74c0221be7

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\9B970604E9A6E912996D64EE92B2496B27E6989A

MD5 11d167aeaeeb360f3e592267ee79f8d0
SHA1 1c6a90bfa7a8803edd42acac6395305da37a7772
SHA256 7db4d02f49f4c9161925983275f74604ca889315656184448aae2d4bec645a1f
SHA512 017cc908915ea521590465d7845dc879e669558f0c50249919ccd373a0cf42b6fa1ea691cd6c081d6abd5ba73b1090981b5d55b4ef63bcbb07edb35efd250a6a

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\2A15C33B455F9B78F002FF087F929C27CD634826

MD5 1f75a457f67e93f23152117c2ad069d9
SHA1 81af5fc35945ad08defda47510ed455699888aa6
SHA256 638c22ec75672d7a0c5dc209a3202d4f577d73de48de153c59cae15dcaf40ce7
SHA512 e7930718f7b61b6ee271797f10f6b19ffd9823ecb2bfd244ae3e08e5fff3f094de1e384f0a922ec0c9da69e132e1bcd6c5244df505c5dd36f64fbb31a082485e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 e74c3804cbe32cc01def465aa35b0e92
SHA1 e04650798b5aa763f976137fd8d2e6b14ff76d99
SHA256 3fb98a9b8c9e17cd2510400cae7b89659f00cd8b69d3c26c56af1cfc078ea9a0
SHA512 aa62791337d3c6c5911418d847a9c90a49b2d7bd740fb2e3cdd55777ce40107bfb2aa14d3af3622278971416231b3fa8e56f2f4f9ac04ad3a3d97f79b4447d00

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\4525

MD5 2e3c22cc55b51e06325db97ef8dc0508
SHA1 469a5514741e841fc05b7891fd401962e5e86001
SHA256 6adb460ecb3b0ca0e52d68444ef2286b9ca6f8ebe9adbfb01160ea04a28173cb
SHA512 667a4c1d51030d91c8e0b81ea55184a2be84fb6681d007a6251b82ec5e49bed8f57f412e9418e4e683a16b1c331aa86fc747be78dc579a3a618b3aa6033b1e45

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\31122

MD5 a08416ca3dd38d8b8d98356c57c30dd8
SHA1 da8195be6cdb56c195c14a941a3d5e5549b3bf68
SHA256 b3a42569ea8b3efe9315e472cad34a0558e01baf7907427d4080d6b732431679
SHA512 7494d887ef45ff505547e1860de32c1098283af5e334a2e9a59959270421e7c5687c5607e9f783fbac6041536c62327dca1f85c360b8384441bdc4cf9a6ee09c

memory/2640-7591-0x0000000000400000-0x0000000000513000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\is-VHP6D.tmp\setup_04_bg.bmp

MD5 224cb513cd06c7d83df8dafe8c111394
SHA1 dae2310fe2d1e211e013d4a22b6b54a3257625a4
SHA256 d4a70d24ad9cf5f7bbaff7beae54ed6772f32d19f1bb063bd9f4f722de2a8e88
SHA512 6aa39d2f3dca315e04f45c90cab357ed685ec279daf311bee2bf6973a4cdd9fc8dccacd55797c969a44c689e7f23114299b0e15e3c79159d997e66f1d26d957f

C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe

MD5 36da0a2fe1f31380380d5029e05e50f3
SHA1 df9a7a0cab61f904b21c0ed9e0b6b6105015f67a
SHA256 f480fb109d7a3296180a1011e6e43dda0382e651049590d09b475d33fe46a300
SHA512 464071e4ee76da508a9fe4f6a793eef23b4d6d4f651f4617587078bf847e251ab2bc846b890de154016d0a68cbfe31ba960dee64ddd26de26e24f01d593d5842

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f80072af205ee507982ad279925321b6
SHA1 58f63b3bc3becc3bf9b08e99fd572f170930e150
SHA256 d097b36dcb24f09da775c5696ab271ab6e4e9360563a5364a0ea112ccc55af20
SHA512 2386f41d12cfb215f7516ae57e7b174d27bd8cb06b3198563a155998b8ae70d9ab0c3ef4b6af202df9bb3ff8dea4303b38f1789b40be727e10d98cb4d6cc8dcd

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 937a583ca3a40c5628b564e47ce0694a
SHA1 d9c3b391324a61064bb51796f5159d2c61d839cc
SHA256 00d2fcd2916087a89d370469972af322c47cd205e055fb9e6b8f46bcb76aba85
SHA512 a58c1286b4d281028024fad83c2c081d890caf9ae5149f447118d5f99cd6ecc208d5bb19adf78a7956f089cd71fd555ba04ecc00b9807e3a46012e077f201257

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5a084247a9227db0af607718b2881a6e
SHA1 4eb624754ad17dab0346099c4673c81d6a13a842
SHA256 071b62c1d282c925cdbd322392d55bdb955d12e7af7d1abf100a263d480b1afd
SHA512 4d4add7256cd9f122324e9b645e6b3ae1a798fe6b4877c6f125aa911b003e21c9b28bf126358de27f1ba035d63aee71b94c1de0d9da05e5577c7549ee81ae173

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

MD5 55540a230bdab55187a841cfe1aa1545
SHA1 363e4734f757bdeb89868efe94907774a327695e
SHA256 d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb
SHA512 c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ce2bd5aa1a90c8734863664e07685c7c
SHA1 a92b610bffe0005a164517e32a5744145d44f15b
SHA256 aa59eec1fb39b200cf38d1e769f96690154c6a5d3aa18bdcac1112c01029677a
SHA512 6206f881f3d802cf3cef037293b139a94844e1fe717bb0ab9741f3457ebf59d69757148260ff9c943d374aa83f8115c69eca37508bc41ea6d119a0633a672454

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 68d46fff0d1b279793c994a1abac017f
SHA1 b843a350e5721687875a4ee23baf1e037d8354f4
SHA256 0a194c1a7fea2592a0351b56182f3da655efcd8995cffd9ed4953a229d67c280
SHA512 ad421156f25b16ba7cf926d2e2898773c735170834ca9c54cc01c891f37c27cb3dfd2eddec96727c9686f2b308aaf45e944815a103038cf2c5fa57dff63ac4f2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cc444050b6952441852408f2aa49d240
SHA1 5b95e38c16abbaeed8f16498a09d8e028a1df7b1
SHA256 8abd2d1bbf62f7f9e22996cea75b57d4db90039eb89c48d25aa1b239c75c6388
SHA512 8054468c273bba9176af1bf9210b7148f0d9cd0bf730804804670cb63814ba87dc96de35c49ea8cb4d1e80cc53931d1e22c8fabd6085eab968d974ff01c4e1e0

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9GP4P3HF\favicon[1].png

MD5 c5045714e7e3e97fe1acf2cea9dee80e
SHA1 f53d19197b6a82f5120629d5d4dab1facedb2c9b
SHA256 968032001ff8eae4413f6603377c65eec94ae7a3c4d59423d9c7ee785836df36
SHA512 5e7b233bef0b1b9a72ee35bc11557c4d38ab333dd4e0cad458f1cb3c0523826c5fb8f6ff40d71b0a130a70c41ba209d09dd5345e1796e9f56171424f01e7fa51

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\datareporting\glean\pending_pings\3b1505ab-15b1-475f-a475-3d7db14eb74b

MD5 b99f7c814b1584c06116190a21598f04
SHA1 d5ffb07a4cc4a24390a443ccf37263209f193794
SHA256 532b55e2db73af1406227816ab4b049a4348babfa22b30ffbfa3a5e42baccfea
SHA512 d34a783394daf09cc9f55d13dc1d8177857e3b8afd94c024a17ec1ea448e0f58cded9e1d6486741f9aabd3d9f4d1cd24abdc9f71e7944845045e32e25ffb904c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\datareporting\glean\pending_pings\bf71fcc8-5728-44fe-9657-847388f9f80a

MD5 dd9ff888d74e12f1351d8f95091e0719
SHA1 ce0e7e635d8ecaddb25df496b03a7bca1b28e40a
SHA256 1a58c1383939f2acc0ad9bb1b8f8cf71e05bd8bcd3da5aab490b0c50087df47e
SHA512 b273c686c85734480069f243a7fcbea000d6d91a2e4bb453ee8c848b79ef6ed0d6ae0fb623d554dd6ad2c650346c9c4c4e98011f0eaec24b33716666e8ea8460

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\datareporting\glean\db\data.safe.bin

MD5 3bbd35ea5682018206c1d13d27ef996b
SHA1 f5389f273014ba580edbbd8f93668252989a8460
SHA256 ead7bf1388f5ac1b5ec3b8fedc8f0d2f4e9be9b1aa5d68ed9ad0807660ddb737
SHA512 df3fcbfc2068240ed04573992247eb35233d64ac8c056a21152134d9b029e725eb4e23c31e3d66133a30e039c4cd92d4ba6cd8da67ac6d2c70acec23f0a6d851

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 d330e7e8c83e23d51bf4fab6a1f2eaca
SHA1 b996cf81af2ecad8abfaeaf8a3391844bb68e79a
SHA256 c9741b21cf11a857164f73d1281799facac3504e3871265d14c3fdec4b407997
SHA512 d1ca43346160fbc2c106223434afd19c6a9aa6659cf04ab8a8d6b9ab48626e8dfbac5de2b00b11a224853ede984600d577fe78027e424671353524c91e1a96f8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e284d5542c3242db5b66cef49d89426e
SHA1 38ff7ecf7f483e794abb7860bc578269c431139e
SHA256 95e8a3a545a9e82ace9558d7ba1f0b1c79f72bc12417129b795ee679cb6d306b
SHA512 d81d2b00c44cef14a2691ed17656bebad48dd5a279ccde0f2f81df084840eab864eb799ae218371cf6d1f9cf94c5136f3157357eda02f40d51e47bbdad6ff26e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2c49f25adb826768b50ca50aff96994d
SHA1 1de1a296387d7bea63be66d939b7b65bcd50deb5
SHA256 6dfaefdcc86a841788c9c56ecbb598e6a9cdb100f296fc5da4d9f917ad53156b
SHA512 8bb2dc1682d036ca250720f4db33ba03d95572c8bce780445e1e9337b89ae1657fdd30f608f71a0703c0995a73c38e01a4794af5aec795e5074ffea66fd8508c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fee1b38dce62c0e2edb983a7f30af5cb
SHA1 430da985f0d54d9bb4044910e80ea6243c4d8157
SHA256 bd354dba8f7f3009c406eb6ba83aa7d767270284e11cfbaf502eed6ca9236d75
SHA512 1561392bae4bb4f599a9c8a8d9ec4e1c5db5f7b02d5fa3bcb7ffd1e2954a1d6751b33fac45bff4e2379bc59fb0c6b06fa4c5faa511a7292680c3874fa913850a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3ef5bf5c57f478a584877cfcb0825673
SHA1 3d32e6b59ecbc7025297b237bf5949b6faf1936a
SHA256 a8937ed005bfb216bb1629ab28c4d4ffc2658dc0d38d8bdeb3cd20bef98e719d
SHA512 1b186d594763c8c6303a031121c0ad6dd5cac1fbf23944b55148a2e454ac4d8707bcd2550e8ab9ea6406321fd1bbb4933eb7668f028b1ffaab5a9c00fd86bb96

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 45267c93ae3b962c334d3922861ff638
SHA1 2caeb6a81c47697483bca63ea7843bf884f3f3c3
SHA256 35c0d19adc191330d10d0eb7291d86b1ee68a8bafc52d13ab155fb14b76270c6
SHA512 122ffd1832167385ccf721130e3230d1393979ce267c1702f1f57718ee0f1724705f05f484667b020d96a79b5f04a393c31741f71cd52d8db20770209c098a29

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0781beeaeb40a604f7b40592d702bbf1
SHA1 63f5d074cd0efb60aa473cc3484a40faafade926
SHA256 9628ffb0a8f348d912e23e4f65b78647cf08e73f1df71fc7191e37dd82300613
SHA512 16ef8dd7b69b2c9b6ee0297804ef8bfcb9892075b43e51321775d1c34ce2ab5b56aec69b4a5556434f708e03388a1fe6cf472ae4acf93bda4057bf85f6117b73

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 ab9e23bf7b98ea0984d4396b0cb63c5f
SHA1 f9c1e3a38676da25199ef7782f03c0965ae1b1c7
SHA256 0afdb0741b9f4eb6811458fd7b9ea30f6c901344b9a5c364003570fd47e92148
SHA512 775f1fe9d06226e847d564cd0663c5c215c65fb2eb41cce1ee7ee51a0041666ca89b2da80cf4d2309e8ccd109321aa6316450a4c5f14d5fea4f989f33409b65a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 829dc4d2c150afbd21a0e1c6388b5782
SHA1 758b079e6ba45dadf5ce03e5d0b419fab3f53bc7
SHA256 124bfaa7d6ea44ae4f1640f43afbad250dd42f0463b912256af374e535df9765
SHA512 885b05398f36339d51841b07a64fd28a919d21cee19f22a6a5f26ca38b0cf7c16c25071962ccdf6afbf2fb135b2933b1c539ba7a452d320241a4fd6c5926ecea

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 642df6aaeccbef457d484d54de831381
SHA1 4a1b8598ce4f590fabcba264c2a9e6256f2926e9
SHA256 414ef1cc0fd4911e7ab79a9670f87537df663136cd83b71256f0d8dc63088cfc
SHA512 df3add28db419da8716525dc87cccd7a3235c6d64804722dfeec23b59dd294cbf6696668d804fa3eb6d2a77deb815d78930712e35c9553960732b3aa05e19472

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fd1b2e1b9ea3faba02a0cb897aaa2d07
SHA1 cb1f2a01bc572d4bfb084125bd0381ff4ff84b55
SHA256 17162b5a292eb909f2415b97e1f71f13a399af2614495e87d8ea023cb22a3198
SHA512 ea05d4794c725f7a175e64da2ed46160cb542818b0d61bb2979d5965a2dd8d6ca26b49c93f77a2c5a4f9b4a422349dcc0f59f61cd05557621a99d9deaee0b118

C:\Windows\Temp\Cab8F66.tmp

MD5 d59a6b36c5a94916241a3ead50222b6f
SHA1 e274e9486d318c383bc4b9812844ba56f0cff3c6
SHA256 a38d01d3f024e626d579cf052ac3bd4260bb00c34bc6085977a5f4135ab09b53
SHA512 17012307955fef045e7c13bf0613bd40df27c29778ba6572640b76c18d379e02dc478e855c9276737363d0ad09b9a94f2adaa85da9c77ebb3c2d427aa68e2489

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 a3d4c49232793568c9cb0ed32e225b71
SHA1 2a4f66fc9a201cc5110627a745a69b0cb90996f7
SHA256 d8471b8ba42e79f64e80a28302e0941beca2d6b007316efe323600622278c833
SHA512 d788d57471fef8e6648873fb3cff69f1b25e627583503b3c8f539728b16579f28a47253405477a85412c195d4e6768c8defe41a8c27444e8307554d635e5008b

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 3773d59fd234e04a16205f654381e0ee
SHA1 76a55ad440d7f6415996a75783c4f0731b1a8ecd
SHA256 efbd1e5a16758a99c079bb06718df5bb2c491243fcfd33f6f3a6ccfdd33a388a
SHA512 d34fc271a126d8897c1c37a23f25ec859eebc7df6de8e575f3000e0ce6e6dcce1922f0f9f42b97f198b52bc73731bb6b6dcb237719601a99c257ecc8c72642c1

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7116d5dcb207ee6f7697e0def7061e52
SHA1 f0f468afbf43a189344ac29164e6e81ce3d29647
SHA256 4c69e706c8cfbaad9c2e0507553c4346413f8ac801599bf19bd82fc4ba1ac3d1
SHA512 efb0d04c7c9688b014098ca483e6d5718116ecb41f36506d0343dcdfe27a20306779f3ef1819275a010522c247a87ef1eceb6246016945bef60a768ba069ea75

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a432fe7a0006e8059d8b2aeb27d9cafc
SHA1 b44ee6ebb9b11b0682e3437f3c3d4a941508aead
SHA256 2b173f1d426e72131944b308086381cf2b656ab09bf61a8eeeafbdb17af4536c
SHA512 0581ddfb0f1cfdc337b24fe5763e53dab19dec1f1dabc5320d689d7e57a1b2ad26d31277a8d677c8cd3d7af7f939eba4082404353b7478db7c980159800496c8

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9b3b7768d81b054cdf4f14a170342799
SHA1 cee2cea76a2a2e053d2ff4b3a7e156ede8a2e077
SHA256 f7c2290d8b6033a6a96e7f33e34658b9ad0fd85e58cab384ee9c0fd58c706740
SHA512 33f4631ebe84271d5919cde35236f98ce2dfc3a5a9fe11209a2c222e5250f5941ec7ee1c68c6a29e613373a85ec7428049261f360c89f4b4c82586b718e5db66

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 6675644ae9f8e0000929a555165a224d
SHA1 8f775b30e3e79847b6b45e9d8ce22efbb93048fd
SHA256 7d7bfd30d8cada1c26fefce697b5358014f0ee8d35c3199a9222adc4a6c681fe
SHA512 f96d282e12f31faa09bcf2d271c24656dd029ba8ea9c09e6ee84948ae5be9ebb8b77c19e52d44fb16aebe1652ff9a123526d4894e408843718ab3cad614330a3

C:\Windows\System32\drivers\EnigmaFileMonDriver.sys

MD5 63d8e8520fe3bd2b12576ae2170dc8bc
SHA1 7825af61addc0ad885cf7df21b99662819f7ee85
SHA256 0477164591f282c4cf1b86c19e573d3947333154b072ee4011c54113e8efa181
SHA512 f8b58ef05ed3df675c8be5b4513eaaa7d3773bd586f28201203dc08d67c11f58f29aa1bd25a32928762c391e1912cc03385a8e5a6604bd86b7107c906adc0cdc

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b2e3fd45ad3e29498f72f867fa23b8a7
SHA1 e36e43745b3976d5519255008af110d1e95a8e53
SHA256 e76360306f6a0db920885f433dfea0eca152214269bc7c682e6e2514ffe4eb4b
SHA512 9c325e91d18f5bd829f69e072184ffa74829d9f7378fbb72e3d79358a0af165c26e62392decf364686763b13c50519fb522e0561d99d515b58e5e799af1e426a

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EA618097E393409AFA316F0F87E2C202_5BE578E56C3C16717581F61DDAE55F13

MD5 5bfa51f3a417b98e7443eca90fc94703
SHA1 8c015d80b8a23f780bdd215dc842b0f5551f63bd
SHA256 bebe2853a3485d1c2e5c5be4249183e0ddaff9f87de71652371700a89d937128
SHA512 4cd03686254bb28754cbaa635ae1264723e2be80ce1dd0f78d1ab7aee72232f5b285f79e488e9c5c49ff343015bd07bb8433d6cee08ae3cea8c317303e3ac399

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 59b6181ef73d754b3ed305964b00d991
SHA1 12dc1f7c52b61724ec9612330a4280f0ffc7669c
SHA256 6a21c631ba647ff16f82153e9af637da7943771dff2ffa95fd558bc299fba5f7
SHA512 2636452a1536bb600e1ee72b94687cb6818a67374bed27d7df3f7a896d11fabaa75dc05cb5fce103bf065f7a25d81e4b36920b6652b2fec6d857a54f53fd0bff

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2d6e36d22e5b159210d6c9459f7b3f03
SHA1 578f20c2d35d541f88f0aa5e4cde2e283dea76d2
SHA256 9c100b71426a3736e7859280e93981adc6719a004c7fd185006be2d4cff11f5f
SHA512 04466b61bed21dc69f269dc27b1cdfa3d0500cad03720675d4d242a9445149a7295a0f95226f140a4569cb427b5cf8fe0e487d105bff8f00b0f916c0b62b78d8

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 df5a0a298de02d60a7c2f7507180de6c
SHA1 d2cd3fe9d2acaa6f12e793ea9fffd40142d767d3
SHA256 55ad81077b6ad89bdc949cd9d23a010b24115051ea744bb90445cbf485a679ca
SHA512 755adeda3b8562a874f4f5d61d10a1da5c08d6a27291a3e097e0be96bef51dbf755da0cb3fac754d15606487e21db362a48465716d8dd8fee9df7ef27f4632d1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 8ee51f76b830f4e1a85efb41eb6e85fb
SHA1 2956e2b00ae0ac2b983970304db7b7d64c47a53e
SHA256 eda5d38d8e60708e600a4987579a6dc9509223a01b58c2ae2a79143d5b969706
SHA512 ea18195e19e04a0f8b2104b34e22ac279496ddac0b16e2936baa0afc8a58d410286ccd541ef8fac2bdfdeec0d6f4e2f89012029dde59d6d99e04bd333455543c

C:\Program Files\EnigmaSoft\SpyHunter\Defs\Opt\Full.dat

MD5 dd9928453aaef922a330428effb37c47
SHA1 0555e82c4cd96f89a9fc312436bfe324a7925141
SHA256 7ae778527e465421c19094c84f8919926af53d50e4b71b0b2ac3c9fd3c1e8655
SHA512 3ce3251a0c8ad130f5edb2accb012b45b1bf33534abb190d654bee520342414a383230ab2448a3997acbf13e432ef509ed9890c400cac5a5d312815468552e0e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6c38b434c43bca036840bff218377fa0
SHA1 d514f9fe41bacf2c872cc311c532269730ef6f27
SHA256 efc408b9b55dbe4d879182ca510628c70c143dfd1f224188717e29b017368f85
SHA512 d53349fe44f7d52773e5f7e77d5975df9fa8de21bd95887f61c37af0acccc5e65b1c2e9b2e575df4481b22ffc8f88f23cd2c299d4804683de384b66e711f7472

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3fc2c0697d4f2626b7c6260c33fcea1b
SHA1 8d8104e7028f8090282cfdf348b379ed7b183f2d
SHA256 5dd220cebd3916c933995702d80b928ea1225b9b2a011383debd08db21e27cb4
SHA512 7162fe0bdff2c57e21281018cd7005a8490dd421297b4da4d4135175c4a79e593193c42c47d37d246274e24973706349f6c39b366703da7adb515e1368f4cf71

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 28d9fdfb7b93e1354fb39bc8f3a3416b
SHA1 5c214ea217a5fceafee84ed2cb3ff8dfabdfe5e2
SHA256 4c79482d08ba6248b07700117a393a4a700971ab8176a1e324d603d62d019e6e
SHA512 3b3139ad24c800697dbad916d3ad378c1e74c7e3d001fadf20129ae91f6331694878e7bf8a0a0eee9abf1c620e9c311016f160ced8ab571981541eba609f0014

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 600502aeada37e1767a4c30f4494b7cf
SHA1 0beb9b2bf6bca38736b6fc6847193e4720ee9ca0
SHA256 8d27a64da61a86670de6974dec45f1258a59fc2ded751ad406c7e4aa9635997e
SHA512 c6541f2b09b59b4c2b2e5ea1982c1bf307edd760d56bc3584c2017aa8c9965f7c50e69818450f90e59db919b97cd8e63264ed1147202f3a5bf9c9c368dfcd0ed

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2b12df220ebe3d6088d45bdcc2e0d07c
SHA1 94f2ca1ca47041ea8cad51cbbb0e462486120f83
SHA256 4ab9faa13ad33a0ad181a7a490e58555c34b4bc945117ef5c8cb400f230813b7
SHA512 7c9f05d2a4faaad4cacb5425114e9e2c3bbd38900a355cc4cba9f91da1554865fdb4435e3b3499139b37044a15cb672d3e5a0a14bd2b09b7367cada5319496a6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 134126011f28c65333c042a3ec491364
SHA1 e3742dfd58e7d1c6c43ee24aa7a0c4a1dd7bea58
SHA256 fa86a1a0d47e14096750bd2278bf0889c36f600f70ddba787c4d31cb567eadb4
SHA512 79bfded828efc2a875e145e65c5551ae1ba85b5b5b1bf27c20947fd88643945bd543a8e346ef6286fcf292f1f7b2d38141d980a3bcd18721a48ee1cb925f58af

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 38dbdad8ecbe0738a385ace1186419d2
SHA1 16a850e748f052c06b257356e628fbaf0ff72be4
SHA256 34d3905febcbc952e86cd6baa77e7c6d266d2fa6978358610523311f9cd9e817
SHA512 d07c066af211d22e74131c9e32083b63f47e43523e0a9f0fb2208bce11cc7e6909152ebd5c3a7a5df7b3c937b4e732b1adef2fd42959685785e4fcbac0e4c220

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 068e06524e08301fdf22613a5a464652
SHA1 cb08b913180648a57d24fef06b8583e78ad2332c
SHA256 8bc044e2b64e3f5a34e9dca724cbfe049627a577a8dcf87355f9d0b47e5ff4b2
SHA512 0e9f7be7afd6ac8919266882d2427cf15736f46f0681ea4584ff1df834dae0fa1e79f115850820bae3d8b07a74f10632ededf8f4dbeca5f71fa231e52100d307

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ec048fc8688603185026403f3df9068d
SHA1 eaa176d4ec15bf4dcafcab8a93d45ad8f508600d
SHA256 99c65eee9c3897740cb1030eea81279800012b362b4704c0547362c3ef78d323
SHA512 eef1a1d3ae007954f865f970dd849d65e29e7dfe07728a1d1575d4350d100e98b4b68d1a04da892035da3dc525c58cf80955cacca71fe29463992159af5af217

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8a15c5a2b7265135358decb0772fb9c9
SHA1 f6037cac7ede805326eec5875a2210b29c41a24f
SHA256 1f0d1f35c8be851fc8661e9f0e333b5eead6dfdcf10dd81332e9e756091ed001
SHA512 287e1940b410b1f346688718475d98982f5471739806f219f72bd7e0e57467791f80c6c75919495411833d7f9f1ef40c6dd255bd148de38254055fa655380f91

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C3948BE6E525B8A8CEE9FAC91C9E392_F70553637B9F26717122C4DAFA3ADB11

MD5 18649ff3ffcd862b87f4fc60f8e0fee0
SHA1 78f3357d7972dc9031f9f33b747effe793cc73ad
SHA256 3f75e08dffb71c9686ca4a5581d2011538490208eb0dda42bda30c7b85a808aa
SHA512 6352a910f583357a7d05cfcad5aa370139282620ecffe93f1d7cdac0db14c3543963dea322f259824c7cc2ad3e3aa42125c9dadd6f7639826006c82d42f2c4b6

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 0b825dacbc14e8711cf4adabd9f7f8fe
SHA1 3209add9a56b4d6ef5e8e7b366e2cf33fe783bb2
SHA256 5fb9cca9ffa5d2707cfc43b72521199066525f3845065a1b0de93cc81db051e4
SHA512 cd801d80fbfc52852890347b884620ceb2659bd63655ae46c8597e02a8968ed57c571436254cf5bae2ffa8fa866932eab79910d729ee61e463306093b24f6524

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\27836

MD5 dad249b9684e6104f92055534b8916e8
SHA1 719a140306b714d6475608e1e1b83fd30140486d
SHA256 8281c6df644be5ecb65a345ff18a61ac44383f9bd188b46af59ed0da53fa15de
SHA512 198ac1bf16c273632f4a724d012a7e92771c39f89c7709787b6a025977da63aef7bdf1f865406fa84254b91bce119f77ae843ecc02cfd9eca286ecce10e08ea3

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 099ffdc1ea3891f2522719763be11a81
SHA1 f7e726e3d33b0b0bd8a236ece7790df88f97c2ef
SHA256 dee858d733d725da9a7c42f58539c6f7bf132bfd79b0686b460dbf2dfb1a5eb3
SHA512 797a6f48761c349bd29635f31adc336629272cac8cdea57453b6b3d1d1ceed29988eef183392b76b7a66685a3ef237a738b8f09a5409b1884d8fc37203f07d18

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 6301972582f59b0cb677433c2824aa46
SHA1 6293ec80858e553ad1b3d34da9283999d5fbd43e
SHA256 4f9ab8bb8d4bf9274f813e14d190d93904cda8f9e50fe8a958e72430f74c9269
SHA512 52dd4882b37a4631488badf93def262cb1406a778604aa643dc7b5dc50f4faf61612cd6ed6890d61a7504d592c158469623460c49b01757d5fb959dccb35dfc9

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\XTXDI2USFT5OE1NDA4D9.temp

MD5 80b2c1c8845c8ea8aec90c39ffd5a742
SHA1 82361a0dd10dc90c3495cd7bf0c3b361f1988e83
SHA256 0b82871ca5ce9816fb507468e95dddc4393003cbe7cc3140cf817888a0b01e8b
SHA512 e2d0ec0ae8bfbe39cbfe2a08bd30498dd4b9e218e9f5e3e6eb585e7c074c64927e38b30b2d8b45ab8fe8cbdeb2b23eda6d780d425fe541882af17c6eab06c4e5

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\jumpListCache\fpA2DdJtRcS6guMpmGgWZQ==.ico

MD5 c9da4495de6ef7289e392f902404b4c8
SHA1 aa002e5d746c3ba0366cd90337a038fc01c987c9
SHA256 13ec8c9e113de6737a59d45ea5a99f345d6cba07f9a820bb2297121b8094790f
SHA512 bb72f0cc815e7b4c44959808b153aad28dbced8d97e50f83ef90229d19ea1c4b3fffff650bf49efe562451fcae0325cdbdffc1a5c4ec5d2c7c70ae9d1a0d8a16

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C3948BE6E525B8A8CEE9FAC91C9E392_F70553637B9F26717122C4DAFA3ADB11

MD5 011702fea45aa655e2e3f16461991096
SHA1 41ec11003fe847d1bdcb2421bf1d04f42dd71987
SHA256 c7b612a16e4f7c04c0776c5522f99c7d2ee4066898c4191ad8f4d15355912c15
SHA512 351ba693ecccf3d1ad592cc48e90ba71052ae56b19cb01989195228335f2de298b83a50803b2bdcc4759d3d66edcec6ddcac52e56a204016922aa5e0958b095f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 661d72e6cca159f54e30041412c7f709
SHA1 634a8155214132a95f11f98afa8d04c9849b8d02
SHA256 c19a7d57fb6be854b295b802fd009916b2075615be3d04465650bb949dddedf3
SHA512 ae0d924cb632c48be6ea7ccc12463b5158485397f0c8c96aa04eee8bf865fd0b74f0b19c45fb237b32d1a517cced6f903d478671ea97d3e9e589ae5c80948689

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 352fb5e7cab482e0775d156ed03377ca
SHA1 c5c4148f6de38b8edbd1b5cae5821ab7fd6352c6
SHA256 2f8268a8c2c25d9f3380da3e1edd4eccce076f1f33c1f5251ed376d2f28c639c
SHA512 69ba7490313160251c542e6fba758b950e6b4777bf0618baf809896327494b7c5c520d18f4c7a0900005c032a83475b3af94ce202321c85fd4193056fcbaf61e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\8304

MD5 9783142dd8accf193d163d0bc027aed6
SHA1 5ad7b7425f0375eddd0e3255ef26dce83b317ec5
SHA256 5aec9f0cf5a18fdb505d16cdb9b599772519b960e7275a8f19ee2df027d442ae
SHA512 1cf367d479f39dd7d85523a304ec0d38890378586b123dab8434f8db25851c91c43fa0c3934d71c3d86f23ca7d9658e2f7ac1913162bb0ad3fd934ddd6d5c2ae

C:\Users\Admin\Downloads\Setup.uRqcSQ3A.exe.part

MD5 49643f9ad66e51acae0c241948789639
SHA1 42a9bd916f77bba62ed88a377e72a4c2c441c4e1
SHA256 7e20ead3b7214fcf71143119e752e736f733845a97ba3151f2486f96f011efc1
SHA512 4875026015e9945af750bd60cef7753b740a74e2b5574bbd9c43c347f195c4defd3ba4c8ed64c2c80813499e845a172f8ae4ceab3cf4b16c702245ddd8922589

memory/4804-11379-0x0000000000F10000-0x0000000000FC8000-memory.dmp

memory/4804-11382-0x00000000027F0000-0x000000000285E000-memory.dmp

memory/4804-11384-0x0000000000B10000-0x0000000000B18000-memory.dmp

memory/4804-11386-0x0000000000D90000-0x0000000000D9A000-memory.dmp

memory/4804-11385-0x0000000000D90000-0x0000000000D9A000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 ebe97dc8f3d7869c2bd26a6d483a6a34
SHA1 7f0457ffa2d6fd43674a7201da93298963de22d5
SHA256 2bc514db1d15c5ea4ddcc40e0b76483feffc37e643219112614e4000b4d29da7
SHA512 f0ce31a8cd9e70ebdc39d05e456d08e0472f9e11083b68efe7367bdabcdc92076a8eed4d74af3312b2ce6773b884feaad34214ed93109f3056aa295be2b27bc9

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\22068

MD5 f3f8df094ed8f1bd75278fc9091f2022
SHA1 0540debd32c4c41d637cd2285c9bc1c86f9982a0
SHA256 59b16c4b9ae5d1db48e3f67591d7c39efbc3da07e0fc73b56acd514f1eee2eee
SHA512 08359f2ae86aa6b7bf7bb60cf77760db8f0872c00db5cea8bc3eaaeb53e0e6b37282b17f56ae893c664e055ea6eb1b8dcb2b4cba92f1695579ba4d3807d745a7

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\9006

MD5 41a83531d4a0db69287e778e1a1ed876
SHA1 8d2509e75c336054a22cf07741cd0da895dee071
SHA256 33c256089f7ef79cdb7f9e3dce9e29db1588c8c461aef74b57b716c4c5a9e8be
SHA512 3daf4f1bd6d9972c62277eef8e9261acf3eb40f8f363dc872416be91be4e29384c4b41368fd6ffb3bae4c24deab948ac3cbb1ed783f1faf2b80c2ef7f7a72d86

memory/4804-11419-0x0000000002DF0000-0x0000000002E24000-memory.dmp

memory/4804-11420-0x0000000000D90000-0x0000000000D9A000-memory.dmp

memory/4804-11495-0x0000000000D90000-0x0000000000D9A000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 c535b03f70e2f9bc5e7994462c5ad504
SHA1 4d20d2b3f69b59417b3df88de15f1efcb2b2b388
SHA256 c5a1343e315dd1ca98d44415fa35085b06a005382cdf901cc30d22e880833587
SHA512 215588e3f5603bc6a75d52d052c9b02a52d07edf067984aaef3d4487ee88b404f43969e7fb95aa14a86381d355f75f1beb897debff886eb9183c472da049d4bf

C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe

MD5 d5180525e08932a69dd1903ab30313ef
SHA1 4a7981b66fe6185177de6d001ad9ce77d2a437ec
SHA256 38b605a45b286c4827327bc6e10d08afc71e5dd8d2c9b4f717b1d8039e0f92c8
SHA512 ee7324000acaef8c40e5f8d9397fe5a1ceac5a4888808a33758a350fa9ab2783d8421164e8de34e61c74cb1e013f0b3e0cd777b54bfa2e97877dec9f3f1e5b4a

memory/4224-11528-0x0000000001270000-0x00000000015B8000-memory.dmp

memory/4224-11530-0x0000000000360000-0x00000000003B0000-memory.dmp

memory/4224-11532-0x00000000004F0000-0x0000000000510000-memory.dmp

memory/4224-11533-0x0000000000A20000-0x0000000000A3E000-memory.dmp

memory/4224-11534-0x0000000000A50000-0x0000000000A76000-memory.dmp

memory/4224-11539-0x0000000001210000-0x0000000001258000-memory.dmp

memory/4224-11538-0x0000000000B40000-0x0000000000B48000-memory.dmp

memory/4224-11542-0x0000000000D50000-0x0000000000D70000-memory.dmp

memory/4224-11552-0x0000000004AB0000-0x0000000004AD8000-memory.dmp

memory/4224-11553-0x0000000004DB0000-0x0000000004E1E000-memory.dmp

memory/4224-11562-0x0000000066D90000-0x0000000066DA2000-memory.dmp

memory/4224-11561-0x0000000004C80000-0x0000000004C92000-memory.dmp

C:\Users\Admin\AppData\Local\Lavasoft\Web Companion\Logs\Webcompanion\webcompanion.log

MD5 f888fdbcbf90f3e5affa4ed22ce597b8
SHA1 022f4ccefeb092cb8b6a8e3738816663d64d49d1
SHA256 07c6da1fe58a0094fa90735b5306cf6be437ffd2e5014a2728e41c8aa0ea70fe
SHA512 9f536fbd772527520cd5d1209918f1e036c4c47c6fe51e6189053ed7c19f99eb12f5b2bce99faecdd690358f294eeee2d82ac39e88d3b9f677c0e8ad3279554a

C:\Users\Admin\AppData\Local\Lavasoft\Web Companion\Logs\Webcompanion\webcompanion.log

MD5 18e28529457f3dd16268830db3280375
SHA1 3dd74989e1db1ed89d6d64394146bc130fb3b2a2
SHA256 0139063a848fd2f7012fedc3cf1eccc1a29133063765e33fe0beb1015e1ef2b7
SHA512 649f04a828e343b834ce002e3cafa578a04e166d708f74db4a481512b407fe982d2e4c8288418ea4fad97f82ca600fbe13f23ecfe4b715968315674d1c0fac02

C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\FData.txt

MD5 ebfdb3260a2b51fa4c01022345d7c29b
SHA1 21e06074e2d6dd9d98953b5835518c6f23c50675
SHA256 2ebfc9630708a4d46b82fc9dafc7d0a29d707f14181a557329f8f599180dae55
SHA512 d821182842691202e729e54d3e0571620a4a3f4a1725f8ca1c53ecdf6f6a19193c7f389c1ded06e5609985d8270feb2e0d8157c60d95ce0f19712a75e4fe4a72

C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\CData.txt

MD5 090ad3c270dfcaae6c9e970a12d67123
SHA1 fd5f8d671d42d0af5f2215f3a6b8481f31045ae0
SHA256 9965b7aca24279406227ea18300f2b271e599b25bca40bafb8cd53fe16336700
SHA512 8b01ef29d025700bd8c7a1a3901e982d86577f2b66bba66acdb77f56e2b8da365e31254cf69c466dfec7bf2fa95f9979835bf1f799561f455989b2eaaa1a9727

C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\statistic.db

MD5 49903fc5ec672f8b5671f4d31453ec36
SHA1 8ca85f98b0f6324eccacc6fd825d24d3c8829842
SHA256 cc56424d4887eee87a778ed067a9008f29a76b2c2afe576c4bdad5290689bb47
SHA512 bd73c79f108b8c99da5b55e34f7a7686106f65bd5e333f2f674737237a470600088ab25149cc7a3483e24b37c934fee7310b88df4d006372db5623bac7c8da2c

C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\user.config

MD5 6c7428ee170827af95a42c36eea3c79b
SHA1 0f3c9a3ed6b8ddb27afe69932de2b96a5ec2a84a
SHA256 acb6dd2a0049c987baaa2d46c6fcd6de74cc90aa79f3b5a5713454fceb299a46
SHA512 e4fe547e171e2d90a48876592dbfcd688ac61d63ff2c69fca4ab9bd4935600f362bf18ebcee1d7b2e2a8c16f15695627c28133d55e79be18d48c27c63c2e5b54

C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\user.config

MD5 335d8b10a6988eb38995ef38644b1552
SHA1 6e7f535cfa1e3ba2a2117a5a0801a00c6ec1e523
SHA256 aa0da1dc9950d1e0ef36e6429976cd1388561b5320aefef1f3f99a1a7b05c1dd
SHA512 f5060a2e0f2d5d5bba229a8a34442efe0b5334b41c9b76fd52f09325efcf6efc599f87e59f3a904ee299fbc9eb6519843559d539396ac25039a4696f045bb3ba

memory/4224-11726-0x0000000006270000-0x00000000062E8000-memory.dmp

C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\cb1zc54p.newcfg

MD5 d2a31af04b72f10b334cf6d83e329178
SHA1 87ce6a8c7c38b66bf229932daa43d10acd43f5df
SHA256 be6034c3d1169b8b945d3a6e939cfd25759ac788ade5b59dde8aa299d1cec49b
SHA512 f5dcd0d132ee4119550ef8f2c6675120e03647d36e2a1dd4e5bcae2bef0445398f4fcb4dac8287ba745a14e89d93c7cdae7c6701e4c6ede89a869c5b354f95bb

C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\y3zx1drs.newcfg

MD5 eae39683b5f9117fcde036e28aa6ea09
SHA1 b362a0882a2afb7d470b94ec9d72dcacad82737d
SHA256 e205315b625f88ba5db9fab72956be091f45fdc9e298f06d3408f04bacf183a0
SHA512 44d032ef7a455e11f20425ad351c743363d5583554db23003f3cdfa3aa12a0fd7c175f5b0e2d363619909d76ba92617784705f370ccb902295f2e96c2b6ce5fd

C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\ActiveFeatures.zip

MD5 5d6d40349d9416b8adf7139dac56919f
SHA1 3262a3a933a52e8e52ec66527f751714de498ffd
SHA256 5c1f551c88e0a9aa60d9bdf489e4e407eb3e29d84a7adfa81da7def6f1b86d66
SHA512 745ae9bcb30b1a2ef9814a19fd86d34effd249f3711c044c49276da54f5f4e62131acf95075c0be56add9869ab0550df19dca3b0255bfd66efba684aef95ed1f

memory/4224-11787-0x0000000006600000-0x0000000006634000-memory.dmp

C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\yxzewk0g.newcfg

MD5 8fcfed0307b17dbe792fd477141ebaa7
SHA1 eadeff417fee31215a1449982f3e58b9f52330bb
SHA256 04119e97067e832137e094aceaa61f131aa4984fff9a8930592ca8c30914f982
SHA512 ffa98e1347556f207e958c923f0a98f84891682ed5c28f60e81b2b7d8ef10d5fcaec81dfe440d51eff53dbcd77249596bb8c471e0056f807a7985a3f47e27544

memory/4224-11825-0x0000000006750000-0x000000000675C000-memory.dmp

C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\ServicePartnerInfo.txt

MD5 0e24c4dca27c9202da15a95736f4c374
SHA1 2712edd684c0331c3853a9864e27dc33fae2ad60
SHA256 1b05fcd17dcb871c1be01eddff900596a75737604c6e18e641a59b29dbb1ff46
SHA512 e8537dc1a67a9f6107465be11ba375cb0cbc7d4e67745c76647add3d2da1b611550ead9de9865678c54c76fe8e24589160a618386b973ecbf01463093bf8913a

C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\fhkq2dpb.newcfg

MD5 503758332f80d2c0cd5445e7fcd507c1
SHA1 897977a2e51e562e20fce5af1af7cde0fa2ca136
SHA256 0022a59125e8f274ec86835d3218f0b89baaa85cf2d25a4d8cde5e7ab1626822
SHA512 fb7b9f690b73f559edd5e3ea60e450bda2ee7438f819aa766ada3485a67a683623f381337726f2682615f9e0e266bef2417fbda6870c31c65fe05000ac29b285

C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\user.config

MD5 96e3ffe6a81df7e2b7a1555cf0233732
SHA1 0fe714d1fd8c15570c7399b3168669b5af0f5d16
SHA256 0a7331b69b026b92b73113d6eeb35854f251bbe65937deaa7ffdd8c1cd9421fd
SHA512 9ba8584a28420d0a5d8f0ed07a3c726e1bd8ee3e15490c7580f00924ad57ac65dc747e9b160871213d92efd44a4983bd78f234e9d28e351aa0003a096ea97e65

C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\tiavsouj.newcfg

MD5 d1e41197414d02a473efb6324ecf208a
SHA1 fe624687bdbf00d4e07e2ad17914ec043f373501
SHA256 a41e017f16955e3743290919929adce771190e601c70b8359d68fda2490f8ba0
SHA512 3f7c2ac115c4b0eb0208008840ee5439bf86718792c9133a92c80c729ed692bc2223ee02090e71d810313e0a511de62cdaed64e98aeef2c65b6bc00927c30a23

C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\hfddxxny.newcfg

MD5 b9bc89fafab270befc70bb7a00658a2a
SHA1 ba115190f67d739b8e97ee60670ed0e574bb05d9
SHA256 5921a5c30a0b4960c6b219715f2b9067b810e7b99c1e54467e76a2bb24b8cf4b
SHA512 2d2a8e293666bee8a0b5fcf1b25d5defd33928d4e844f47979d13af75ceca63f7a3d51c73834b6ceec84d861d09127a3a168cf254cdd5f62207e8d320b458acf

C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\isa2wrcb.newcfg

MD5 b52198384a6fc12c5b6f6cf9a264c6ee
SHA1 5c454ecbf151f167dbb60e2bce1b9969895b6e2a
SHA256 bb3c8f9b790303fb670dd2c4e02b7df85faadb57ebe379d6d23cbe39550fac40
SHA512 b14e397b2a2283e578048c1bd7f7be2595a83cdb78b3067955ad61b68876f15b4143c8390799512128d3f487fce7cb5dd1c9a6fbddbed9a552f9324e2ff1de9a

memory/4256-12056-0x0000000000DA0000-0x00000000010E8000-memory.dmp

memory/4256-12083-0x0000000066D90000-0x0000000066DA2000-memory.dmp

C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\statistic.db

MD5 d66d25f257c345e6e3684877690a0766
SHA1 a1715ea719757c38e4e85d21be55ea21fb3da43d
SHA256 9410716d4ee07e35188f8112503b244cbee596013b699534ccae2a1248c49cd5
SHA512 7d6f56cc460dd595f6c6fafaeadbb4bc4c50c181911759947fb59a625c769fc9f2b16b4c215061ff0b40643802735bddffe3b907bd395d4f9e1a676e7dcfd49b

C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\AppSettings.txt

MD5 590fd86ad024f2b655deec8333e240a9
SHA1 f1946050248dd1aea834f139063ac8eb3e41677e
SHA256 7afe6a8c5bf14cace6e9bb2d40df2adb5f31325fc024f448138106cf7b63f7c1
SHA512 c19bf730552e548b6caaa27f5ff2c5b34d34ac9408b3b6e388361635ddfd4f619b9205fad76b9141f2804b8dd364cd843dcbabd4d9d7b7b712f320f6729d87ec

C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\WebProtectionConfig.txt

MD5 0cb1cc6ebd3113ffa4d08cb8e611b0c1
SHA1 c084178a890875d41c400e8950537e1f8a58a50f
SHA256 b578ec7cfe4cdf6690c83daa66b068fc585a8b35fc3a8722e29f2dc0fabb26e2
SHA512 c86f4c9a16249313e1a4e0561dc6241e931c5d382a830b64e3aa9d1447734716417bc2f08e4860edc0d2945cc5091170b90039194c90985395d33a36662fffec

C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\ActiveFeatures.zip

MD5 feccfd96544fbce080774006bba936c3
SHA1 85a1367820c226a19c4a1d363eb7399e347ce975
SHA256 bfaa083049dfd1fd87d98f049f29b3d30bd26ab5316a6b831108fe7cf536f406
SHA512 3ad1e3ddf29c958e510e865e72a555f24807470d2785de5a662db9eb8721b9d781fc6e8497a375cfe1844bcd8d28eec41b6d40b7ffb65e2089f91adac44c0bb7

C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\yq2zkbmz.newcfg

MD5 4fc35c9640b0f0be0ae560d562193280
SHA1 c1b5748bf7f5ec64ff144d0922639afabdb1455e
SHA256 2405757ee8b9c9d69116c0ab7247f7ca4960c445ddf83daaabd2d40bc85e4a08
SHA512 1065029e892e8eadaa182ab33a36a63f6795252bc172d202eed4eab4df744ffceaf5f40ebc9fe048dca620332b7ba19e435ba5e55d8f55266f1f1d9683946a15

C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\wbthzuiq.newcfg

MD5 2a67e04dbfedd86457fdc0e5787bbafa
SHA1 d98e01286e306cba3ff0cd05d412797d385f3507
SHA256 47c3217ac3fa7e75b54c0aa9512cee2023180b77ec4c69a29824b4275ca1ed46
SHA512 e1004c8f11caa3361c80763ff1e0a374cc2bbae285a970b26a72dca3639e5a027b2fb200c084b67773c00238bd36e24ca81bd18300cd05f484f0fe28e9f3c158

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4

MD5 01f2b1b6814c074e934fd3136287f87d
SHA1 52a90f05c881479cdfc9c1f3a4d7ccbffb6d980e
SHA256 878546f82d42f38b7245234f84a2b66959f95c8247be621f66f1a00aab14ae37
SHA512 a7ceebb748df0cff4299d80ec5d1fd483e4b88d5233a54c20a3af1050931c52086fb1e8ec461c25c0df6c0718885628f2c31466cc985a132691298891005937c

C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\el5it4fz.newcfg

MD5 265568e63f5aab8b6a709497f32e0397
SHA1 f832e8e23b681685a328337aae1dd39eff63bdad
SHA256 725df7b6a12496d532af48b777feac64e12f31400809676facafdc55c72d2f9b
SHA512 7d3d563d303b9cf84ab43ba2631d5c65cd4e0ddeedc96f29b3a75992b7ec1016f88b4c071e04062a31624b5f1f17633c9663bd3af65c5fc2eebb3acd1a0cec90

memory/4256-12450-0x0000000006B70000-0x0000000006B7C000-memory.dmp

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\BBDB09DE51829D1988CB38FF4ACBA467292BD59D

MD5 529e71139bcfcf6c349a4699570a0e26
SHA1 f897e4961ac2af0168a37a45b2eaaf20c421994a
SHA256 ac3c8767588196a3b9b8f06c7e5cde46a515d49113dde06c2ae49417a48a547b
SHA512 7c1d05bceb80b897f2915527ff9000b396129ec72ec1b648d3078e884963f91188d41be054d747035f740a349f0ae08db00a6aeeebe3c9e1e4d2778440b99013

memory/4256-12482-0x0000000006C90000-0x0000000006C9A000-memory.dmp

C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\user.config

MD5 cec0be7ea37e1ddea565f7beb0d40514
SHA1 aa290c3ab4e31b157eab4561fe8bcb4362e4f168
SHA256 27cc078951039ccdd6f2141346d74cb76f855b9f4326023a5b519d4b26783fa0
SHA512 079a083816b3226c7b1ea7937745586e9080e596d010865424a67b82d5c9a4530c6d0ef66b1c6663d640ecc25163ad167f9f0ee060ac1cfdc7addf4a1fb2bd35

C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\FeatureActions.zip

MD5 2c610946dadcfe2dfe6a2a51b33bc589
SHA1 ef15b5d2504badf32aa89656ed83816d9a9e1ae7
SHA256 0f2489989e4db04d48ea81fad1f6cbca31ed71a69a4fca31de331d52e3c0d214
SHA512 9c516454138fc06a2e503842ce7e8800f5e6b460c46673e32f79df3ff35d475ed860ceeabbe701d3bb23589fd28ba821de08ebb159cb346c56622a35f7d676a7

C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\h5gcw0uw.newcfg

MD5 a74d1cfbbc18b73e268c98ab295d91f1
SHA1 dc24d4b73eed9730288c51d3ca8c7f1b400e87ab
SHA256 dd4eebca92bbba5fa4a89657ec07e2ca404f6f135e3d1f58aa0c04aed6e7934d
SHA512 b3f5da67a90064e9c59ab292033bc61185d585a70f0cef500f453cc4746ac1f48f184109e49a68417130edf742591b3172f2854faad773c3218d6d3ae0e36df7

C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\3maet4qz.newcfg

MD5 8344150f1ec5d9491651b680134dae3b
SHA1 f2ed5c704ec652735b9e89bd22aad971d1fb2ac0
SHA256 39ed246ee99c865bcdc95366a1854070be717020721c3315daecf83eb0028f2c
SHA512 4c34ea121815622d7d9e0672e36f4a3756f22a2641ab79db76d2c04798dc9e63b303fe671cbd5615b24c023bd7c9ca0cac37161b9277cba4b7d52c82f6e23acb

C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\mdjov02s.newcfg

MD5 06188dbb3b7cff1908d4135e1ac86b4f
SHA1 51622ad9e9c1638214f34324440f5f0c3236f029
SHA256 8eba494672e4941718bb4c99cfc186b9a14154223fd578757214830a15baf517
SHA512 e549bf3c13bed9b18a28042d296a5992e9c18ece285a9354112990acfa3092208e79ee1a52d23f3420b7efb1fee3dd2902684fdddfb0de484fb715bc168add93

memory/4256-12682-0x0000000006C90000-0x0000000006C9A000-memory.dmp

memory/1648-12699-0x0000000140000000-0x00000001405E8000-memory.dmp

memory/1648-12700-0x0000000140000000-0x00000001405E8000-memory.dmp

memory/1648-12708-0x0000000140000000-0x00000001405E8000-memory.dmp

memory/1648-12724-0x0000000140000000-0x00000001405E8000-memory.dmp

memory/1648-12725-0x0000000140000000-0x00000001405E8000-memory.dmp

memory/1648-12743-0x0000000140000000-0x00000001405E8000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\~DF2E98AC5D6C528D83.TMP

MD5 a770dc2e705810ddb8041d02a0d1f276
SHA1 ceeae03ae203a802c7f1054225ef53090608e069
SHA256 372dc36aa55c010d85c1c8ca3fb31d27ff4b3a6323c540eaaf6ec4551706ca92
SHA512 2e9164fc6cbbef129cab22ec79535c239b68ce72f078c54eec613037cb3efdc1711da44be2c3f972b1422dc8a2f5e7b10852705a310c9469322ae1ea5d77aea6

memory/5744-12894-0x000000001BC00000-0x000000001BEE2000-memory.dmp

memory/5744-12989-0x0000000002290000-0x0000000002298000-memory.dmp

C:\Program Files\ASTER\PowerSaver.scr._tm

MD5 afdd3bd33b9ff286f5f1d29953b1db63
SHA1 c195969c09781c1d3d3b729e29457097f02434c1
SHA256 2b6e949e92f2a1d74e1187a56baf3bd3a1eb154dc7cf8e8b926130643de3b501
SHA512 3a23dbce560be6e24ff404bf99f325b8784f40200d4ac5f77162181aa50441b5f9f525b214f82005f0d642ca4ac2e5b0944a3d6f14a238f1823d9e92d549a4b4

C:\Program Files\ASTER\EULA\EULA_ES.rtf._tm

MD5 bc86e386b32e3494f938e02930e8c7db
SHA1 f42f117689743e5a96da0a1a24f0dfd428a3d2d3
SHA256 78f10fae62b065b031527a98d5737ef4ad1b8873a590ff0036b6fd406a30cc3f
SHA512 63636f40abdf85ce2c57901354cc1ddf1a948a84b886df6a28dc6f3463fc2f6826dfeb21f1bead5b60eb78a3e1cab61b155fadbdddfd34d381bba7b54ab8e010

C:\Program Files\ASTER\EULA\EULA_RU.rtf

MD5 7831e5de41bc4f1e71cdce095d16d3d1
SHA1 c8d564a51b18357e9fff79ae79145f1ca9d7dc6a
SHA256 8da480b273be868818904207be3265ca71af72de544338c033b6270f1e29e87e
SHA512 93730ec08f57186138008cdbb617bb7d88c6b82fcc0119b9a2ba74008109b07e2a06276305abe4a9892446606c8e49f5240f0f5784f3b85b77e0ce6a186472a6

C:\Program Files\ASTER\mutesv.exe

MD5 bd4ec0873fabdee2952e40b4efa71932
SHA1 e1ac4f2d1a110f3c163b8962fd2e194b74130c0c
SHA256 8bc1f72467a046049739c08c14750e820cbdc06f581aaca582036986223b1e2a
SHA512 0b40340b8af641f23a200b4691f9468635aec51b0074bdd7d01ec19432e6ec2ca1436e14f54b40fa02ca6248f81ead10d7affc0a3f233092b2bc755c051a98e7

C:\Program Files\ASTER\mutewizard.exe

MD5 94b7e99eeabf7c4111e8367f0d3ee760
SHA1 0b3f6299bb379560e7c8403d1a49cb90f916c3a0
SHA256 2260192ee4be4bfc09e3764c11f9bae756a38d93f97e1c42f93ea01bc369c73c
SHA512 8d3bfc20cb39fa0a435eea72ba6825e5458c1a1f0b58229669df27ddfc5fe2b2278755f22594f379affa87289efa5771bb7fef8f54f7dde615cfc76a2b9b0487

memory/1648-13485-0x0000000140000000-0x00000001405E8000-memory.dmp

memory/1648-13486-0x0000000140000000-0x00000001405E8000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\D24D6AB0\Setup.ico

MD5 b293b41bc26f77560913ae3a4bc71805
SHA1 909325132adc0632420a7a318c13f332d33d8d6b
SHA256 3fbcdd827088a305f3153ff4a9a134e75a11f7ea1e3fb6b0578043c21c603514
SHA512 3d7ed10967fdbe5a63da3b1ccf3633ee1762d2f64717f5d539ba235b7d0e7a16e050e646e734218e51feb6c90b3fbff2ffca203fa6d69931003c93d2015fef07

C:\Users\Admin\AppData\Local\Temp\D24D6AB0\Readme.txt

MD5 045d9afa3c9fe47e0d5111a940dc9ee6
SHA1 d0c340d020d2fa6039e28e80abfeb2c11a24c358
SHA256 7e9a4e36d42298340c27a87684e584be1874a207c8069ddfc90de011a4c078b4
SHA512 e21de3268b743179ff0643e35700f37d7c8095d50e0adaa014dacd216fbeaeeed574a9738e687e23c93f4c326d37a3d66ce40b1691073db4a31826fc1175db13

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

memory/1648-13561-0x0000000140000000-0x00000001405E8000-memory.dmp

memory/1648-13562-0x0000000140000000-0x00000001405E8000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ea87c1c6-7b4f-40d5-8479-3b2e3939b016.tmp

MD5 8ea545e42b9cdd55f900a2acffe23258
SHA1 bb7733953dbde15f96e3f8a6d33725a2d2b0121f
SHA256 aff3463258ad16c5a8677bb36c407f8c601b0a3cba406bd881192faa81e9fc23
SHA512 2db1614538fc1f9d25656b1dcf9b258a43f5c2f76b285979883783aac5583082b911dd198ea1e9fe3ef8aee12405c06ca5e1c1b77da144dd86e4648c7be4c6eb

memory/1648-13644-0x0000000140000000-0x00000001405E8000-memory.dmp

memory/1648-13645-0x0000000140000000-0x00000001405E8000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\datareporting\glean\db\data.safe.bin

MD5 7b5bb8c261cb3ea203f643075d39a525
SHA1 e710f8415548bcd67008d3cb0b3cc1cf97f81891
SHA256 80dd403d1c5c71c38fd4062af0d3d1d76c1dae7193170970938ab6172e384df0
SHA512 c44e1cf392bbc936ec733bbcc933fe679fe8e063786916790d8a2a844aa07dfb05eb4121842b80dd58f3e586ac57732311ecdeac0d39bebe29f281bf6247c37d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\datareporting\glean\pending_pings\3002f2d5-1ec8-4204-abb4-2ea596e8578c

MD5 a5efbab68d12b90302b0b341c7e0ced3
SHA1 6b33255fe0b8f79695e86f4ea04791c38c9c1631
SHA256 df209f5c74cef42f3ca829ef21fef2c77c03e5ac143732c2f1340fd684b71941
SHA512 f8341492027b5f2d4d4124529590a037cf44be2ed99886dce0d49f9b7f1ad1695e2b4f79d481cc5e4cdc83667c543b83ae173170e14df7ed5424df185ad94b8a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\datareporting\glean\pending_pings\5593f60e-dbed-46d4-a88b-03d8080838e3

MD5 289b463af39cfcdf0d9d8f3fe6a9c315
SHA1 9fb898059120189eb8c547f2c06d35bd228a2224
SHA256 097be1c724b613cb59332656a5cac734e08e393d2fe1c91988bb7f9a36df331a
SHA512 76fea012812ea21f2f400eb3aa08087c7b6b16659129dd7054f246db5e04de8523c45948a5bf671c5e506167b7c0cb463e778823d3787042e150b75660638a5f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\12388

MD5 9f9fb79c9e91546cee9ee566c1f4b182
SHA1 39129cc13132797d455843733501004a173e3bca
SHA256 b07bd92219f8ed26ae32d2df93f2f92f2becde13ff4653a74c9c3bf71bbe97d2
SHA512 c1f21528420928f3c5a0bfd1d0c4a5702e5458ffbfaec1982c51353ecce16afae1a6c3e75f0727e373987b6c76e6d06e09220645b3ae8d64f06c522d547831d6

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\prefs-1.js

MD5 a9cabc3a9d71256b9fe54ec4f58c6310
SHA1 d9d1edf8220e9f5eb562b6aef1129a6c050cfb8a
SHA256 a6d2a570b9234aec95a9153491833f14c32db34943b6766c6f5760dd6f7a3719
SHA512 38ca33d7da390f5e5aa7d90f3ede4d5f8d528749c5b7d417b6371357c43259bb030b8f2d427cb30bcac09b29c76c0b716afce6686448ee80a9cbb2a24c40831a

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\C5C9BC10EDCB546E4D19440495CD77A8635471F3

MD5 2008897a0c6818698d29637fb8eeb0f0
SHA1 9153b55c69214ee132f52f5f42081e42ebe83cef
SHA256 52900a7a2e5d7717495a869c65302273a60f8881419db52d36933d377ffacf29
SHA512 b6a342022fead5a8a87dfa3647c2c94f87897002df8bd7c02fce9b55e6934308bce2caf0509c9b63478372520ae2c8a192ff6cffa8525f60e4e3b7d1a8528505

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\F3C6750171CAD7F1B66299812339C7B6E8CF80B3

MD5 6db2ecb9a16170ecbe235ab92ab73303
SHA1 19e72a55a5da813812f27c69562b729a4992bc27
SHA256 8d888dda0451a8f3396b097dd5daff32d4746073f7ec68c80ef7c1edb7e1c7f8
SHA512 0c33ab8894c72a4ce571ac8936064d53206ba5f428c98e84fbf750185e67ffd3370edee2913e1540018c7858e7032116f06f895c66666653191d454875e7c1e6

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\DAE3E074CE8DF23D65BF8B2AF1D46FA81C0559AF

MD5 ca46f38bc6f041374524c8a4d341fa55
SHA1 44c6d35ab17b85835a0e562db57720e9f53fe65a
SHA256 3b0342a1c323fd0cb6cac1f375cfb7e1a91df1f9cb1a9a5e84d8921d542ffd5b
SHA512 1abfd48c102ee2ec534aaf8dffb388546ab97ca2ad04bc645fc7dc3cabf1c2ad067e23c826491d4c2ff8925a726dd43479401e22638d21590a356b26ec91d5cc

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\616AB70ABAEF9D8489FCE6E76F0E12F837EB7A4A

MD5 d8e88174e267cde1f928ece3b7c56f5f
SHA1 cb6d5b87d3e4840c6b293843e56f5e0b9da4cca8
SHA256 bb57e14487cff200554962edf6fb105945a3eb0d6c9a339554a189907debfe98
SHA512 d3cee2a32c850351c4307d7113305244386dbd0b2de2a936db83c0c0f76f1d3dd88993ecacfe579ee7e323fea67107ce64d094e7bb4f2ea97303acead33f3a95

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\42988A3EA9BCE2F090887C01E2BEB626609D54B5

MD5 6581c5959f322c145ad36385a4b4dff0
SHA1 f5a36f235f78a7a82ed243c1e03d77c71a3e90bb
SHA256 a17db404364f536fdb6b18521e739286ff51f3553d72908b1bb986c10bcb7338
SHA512 6ad326d6e051703cda6e4e154f63e43f5f393ed37ea925eb91a8a3148964832efc2a1f347fbd00aa443527052a285d2075c78b391b4e64edc626ec82057cd7d6

memory/1648-13874-0x0000000140000000-0x00000001405E8000-memory.dmp

memory/1648-13875-0x0000000140000000-0x00000001405E8000-memory.dmp

memory/1648-13907-0x0000000140000000-0x00000001405E8000-memory.dmp

memory/1648-13911-0x0000000140000000-0x00000001405E8000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionCheckpoints.json.tmp

MD5 99601438ae1349b653fcd00278943f90
SHA1 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9
SHA256 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a
SHA512 ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore.jsonlz4

MD5 57c3aed333bda76f54b7950a0ff2d8c6
SHA1 c230ec9fac64463e6d94b01688e75041965c9da7
SHA256 f6b42ac8e1d4f44733221a43f14cd24e0e6316031087bffb9cfa49bd5d3f1d1d
SHA512 77421b14eb8ca2a4d39be7219b2da86761490decb30598e319df04117142e81067f8d9a389d1b87d71b214b016711dc89918cf70c9c2e26a37172d42f0dd47ff

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionCheckpoints.json

MD5 65690c43c42921410ec8043e34f09079
SHA1 362add4dbd0c978ae222a354a4e8d35563da14b4
SHA256 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d
SHA512 c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9