Analysis Overview
Threat Level: Likely malicious
The file http://duckduckgo.com was found to be: Likely malicious.
Malicious Activity Summary
Drops file in Drivers directory
Creates new service(s)
Downloads MZ/PE file
Loads dropped DLL
Reads user/profile data of web browsers
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Blocklisted process makes network request
Checks whether UAC is enabled
Adds Run key to start application
Checks installed software on the system
Enumerates connected drives
Drops file in System32 directory
Detected potential entity reuse from brand GOOGLE.
Detected potential entity reuse from brand MICROSOFT.
Subvert Trust Controls: Mark-of-the-Web Bypass
Drops file in Windows directory
Drops file in Program Files directory
Launches sc.exe
Browser Information Discovery
Enumerates physical storage devices
Command and Scripting Interpreter: PowerShell
Event Triggered Execution: Netsh Helper DLL
System Location Discovery: System Language Discovery
Modifies system certificate store
Suspicious use of SetWindowsHookEx
Checks processor information in registry
Uses Task Scheduler COM API
Suspicious use of WriteProcessMemory
Suspicious behavior: EnumeratesProcesses
NTFS ADS
Suspicious behavior: GetForegroundWindowSpam
Suspicious behavior: LoadsDriver
System policy modification
Modifies data under HKEY_USERS
Modifies registry key
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Modifies registry class
Uses Volume Shadow Copy service COM API
Uses Volume Shadow Copy WMI provider
Modifies Internet Explorer settings
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2025-02-05 15:22
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2025-02-05 15:22
Reported
2025-02-05 15:40
Platform
win7-20241023-en
Max time kernel
600s
Max time network
899s
Command Line
Signatures
Creates new service(s)
Downloads MZ/PE file
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Drops file in Drivers directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce\{77169412-f642-45e7-b533-0c6f48de12f9} = "\"C:\\ProgramData\\Package Cache\\{77169412-f642-45e7-b533-0c6f48de12f9}\\VC_redist.x64.exe\" /burn.runonce" | C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe | N/A |
Blocklisted process makes network request
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\E: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\O: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\R: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\V: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\W: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\B: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\G: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\J: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\M: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\U: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\S: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\X: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\A: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\I: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\N: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\P: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Z: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\L: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\T: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Windows\system32\msiexec.exe | N/A |
Detected potential entity reuse from brand GOOGLE.
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Detected potential entity reuse from brand MICROSOFT.
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\system32\concrt140.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\system32\vcamp140.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\system32\vcruntime140.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3130B1871A126520A8C47861EFE3ED4D | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015 | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\698460A0B6E60F2F602361424D832905_8BB23D43DE574E82F2BEE0DF0EC47EEB | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6DB145CFEEC544B1582FED1ADA3370DD | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3E3E9689537B6B136ECF210088069D55_E93D4349D1D2AF4AE2F3CBFF382A5C9D | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File created | C:\Windows\system32\msvcp140_atomic_wait.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\system32\mfc140rus.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\system32\mfc140esn.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B2238AACCEDC3F1FFE8E7EB5F575EC9 | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\37C951188967C8EB88D99893D9D191FE | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9CB4373A4252DE8D2212929836304EC5_1AB74AA2E3A56E1B8AD8D3FEC287554E | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\mfc140kor.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\system32\mfc140u.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\system32\mfcm140u.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\66AE3BFDF94A732B262342AD2154B86E_0D0888CE7AC1F2D5AD77780722B1FE14 | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\vcruntime140_1.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\42B9A473B4DAF01285A36B4D3C7B1662_178C086B699FD6C56B804AF3EF759CB5 | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E534EE129F27D55460CE17FD628216_56DB209C155B5A05FCBF555DF7E6D1BB | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\37C951188967C8EB88D99893D9D191FE | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C8E534EE129F27D55460CE17FD628216_1130D9B25898B0DB0D4F04DC5B93F141 | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\msvcp140_1.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\system32\mfc140deu.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357 | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5080DC7A65DB6A5960ECD874088F3328_79CFD3DF2894C4BFDA2ADFD6675FA18B | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\msvcp140.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B8CC409ACDBF2A2FE04C56F2875B1FD6 | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\572BF21E454637C9F000BE1AF9B1E1A9 | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5080DC7A65DB6A5960ECD874088F3328_79CFD3DF2894C4BFDA2ADFD6675FA18B | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F90F18257CBB4D84216AC1E1F3BB2C76 | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3130B1871A126520A8C47861EFE3ED4D | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\vcamp140.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\system32\vcomp140.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\system32\mfc140.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3E3E9689537B6B136ECF210088069D55_A925FAB5FFC3CEDB8E62B2DCCBBBB4F2 | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2F23D0F5E4D72862517E1CB26A329742_59C6B5742244136A08A70F9396A5A57A | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File created | C:\Windows\system32\vcruntime140_threads.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\system32\mfc140enu.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2F23D0F5E4D72862517E1CB26A329742_59C6B5742244136A08A70F9396A5A57A | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\572BF21E454637C9F000BE1AF9B1E1A9 | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\mfc140esn.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\system32\mfc140.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\66AE3BFDF94A732B262342AD2154B86E_0D0888CE7AC1F2D5AD77780722B1FE14 | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3E3E9689537B6B136ECF210088069D55_E93D4349D1D2AF4AE2F3CBFF382A5C9D | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\mfc140u.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\696F3DE637E6DE85B458996D49D759AD | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\698460A0B6E60F2F602361424D832905_8BB23D43DE574E82F2BEE0DF0EC47EEB | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C0018BB1B5834735BFA60CD063B31956 | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\msvcp140_codecvt_ids.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\system32\mfcm140.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7396C420A8E1BC1DA97F1AF0D10BAD21 | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C8E534EE129F27D55460CE17FD628216_56DB209C155B5A05FCBF555DF7E6D1BB | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C0018BB1B5834735BFA60CD063B31956 | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9CB4373A4252DE8D2212929836304EC5_1AB74AA2E3A56E1B8AD8D3FEC287554E | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\357F04AD41BCF5FE18FCB69F60C6680F_302C92F9A4A70ED9959CE3EA32202076 | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File created | C:\Windows\system32\mfc140jpn.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\42B9A473B4DAF01285A36B4D3C7B1662_178C086B699FD6C56B804AF3EF759CB5 | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_50385F8EB1F713E33924A830D7A2A41C | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7D11549FC90445E1CE90F96A21958A17_7122C10800ABD7B440413489C6913A51 | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File created | C:\Windows\system32\msvcp140.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\system32\mfcm140.dll | C:\Windows\system32\msiexec.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files\EnigmaSoft\SpyHunter\Data\ScanHistory.dat-journal | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Data\Notifications.dat | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File created | C:\Program Files (x86)\RU-Software\Log-Analyzer\is-RFQ0M.tmp | C:\Users\Admin\AppData\Local\Temp\is-GN1OF.tmp\is-78S6R.tmp | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Native.exe | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\7z.dll | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\eula.hash | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Logs\20250205_153442.krn.log | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Defs\Opt\full.dat | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files (x86)\RU-Software\Log-Analyzer\unins000.dat | C:\Users\Admin\AppData\Local\Temp\is-GN1OF.tmp\is-78S6R.tmp | N/A |
| File created | C:\Program Files (x86)\RU-Software\Log-Analyzer\is-F361Q.tmp | C:\Users\Admin\AppData\Local\Temp\is-GN1OF.tmp\is-78S6R.tmp | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\purl.dat | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\Dutch.lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\Romanian.lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\Ukrainian.lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\RU-Software\Log-Analyzer\unins000.dat | C:\Users\Admin\AppData\Local\Temp\is-GN1OF.tmp\is-78S6R.tmp | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\Chinese (Traditional).lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\Korean.lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\Turkish.lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Data\CrCache.dat | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\Japanese.lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\Portuguese (Portugal).lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\ShShellExt.dll | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\Albanian.lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\Croatian.lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\Italian.lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\Swedish.lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Data\TrIgnore.dat | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\Norwegian.lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\Portuguese (Brazil).lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\Slovene.lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files (x86)\RU-Software\Log-Analyzer\is-BD3PR.tmp | C:\Users\Admin\AppData\Local\Temp\is-GN1OF.tmp\is-78S6R.tmp | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\license.txt | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\English.lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Defs\full.def | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Temp\Opt\2023101901.ecf | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\Czech.lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\Danish.lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\Lithuanian.lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Logs\20250205_153443.sh5.log | C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe | N/A |
| File created | C:\Program Files (x86)\RU-Software\Log-Analyzer\is-8O5PR.tmp | C:\Users\Admin\AppData\Local\Temp\is-GN1OF.tmp\is-78S6R.tmp | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\German.lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\Serbian.lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Data\s3cfg | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\Chinese (Simplified).lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\French.lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\Hungarian.lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\Indonesian.lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\WebSecurityNative.exe | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\Russian.lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\data\acpwl.dat | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\Finnish.lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File opened for modification | C:\Program Files\EnigmaSoft\SpyHunter\Data\ScanHistory.dat | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Logs\ShMonitor.log | C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe | N/A |
| File created | C:\Program Files (x86)\RU-Software\Log-Analyzer\is-3NH53.tmp | C:\Users\Admin\AppData\Local\Temp\is-GN1OF.tmp\is-78S6R.tmp | N/A |
| File created | C:\Program Files (x86)\RU-Software\Log-Analyzer\Language\is-B7GLM.tmp | C:\Users\Admin\AppData\Local\Temp\is-GN1OF.tmp\is-78S6R.tmp | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\Bulgarian.lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\Spanish.lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\Greek.lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\data\acpdata.dat | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File opened for modification | C:\Program Files\EnigmaSoft\SpyHunter\Temp\Opt\2023101901.ecf | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| File created | C:\Program Files\EnigmaSoft\SpyHunter\Languages\Polish.lng | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\Installer\f7e5a1d.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Tasks\EsgInstallerTask87.job | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File opened for modification | C:\Windows\Installer\f7e59f3.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\ | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\f7e5a07.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\f7e5a07.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | \??\c:\windows\installer\{ac76ba86-7ad7-1033-7b44-a90000000001}\pdffile_8.ico | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI5E7B.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Tasks\EsgInstallerTask87.job | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| File opened for modification | C:\Windows\Installer\f7e5a0a.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\WindowsUpdate.log | C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe | N/A |
| File created | C:\Windows\Installer\f7e59f6.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\f7e5a0a.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI616E.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI61AE.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\f7e59f6.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\WindowsUpdate.log | C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe | N/A |
| File created | C:\Windows\Installer\f7e59f3.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI5DDD.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\f7e5a06.msi | C:\Windows\system32\msiexec.exe | N/A |
Launches sc.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\sc.exe | N/A |
| N/A | N/A | C:\Windows\System32\sc.exe | N/A |
| N/A | N/A | C:\Windows\System32\sc.exe | N/A |
| N/A | N/A | C:\Windows\System32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\System32\sc.exe | N/A |
| N/A | N/A | C:\Windows\System32\sc.exe | N/A |
| N/A | N/A | C:\Windows\System32\sc.exe | N/A |
| N/A | N/A | C:\Windows\System32\sc.exe | N/A |
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\TelamonCleaner_id67a383f35fbe1sp.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\TelamonCleaner_id67a3842933962sp.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\Setup_ASTER2600.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\Yandex.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\TelamonCleaner_id67a383f719b5asp.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\ZonaSetup64[6mP1u]-3.0.0.1.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\ashampoo_music_studio_11_11.0.3_sm.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\OperaSetup.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Browser Information Discovery
Command and Scripting Interpreter: PowerShell
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
Enumerates physical storage devices
Event Triggered Execution: Netsh Helper DLL
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\NetSh | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\NetSh | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\TelamonCleaner_id67a383f35fbe1sp.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\Temp\{3147B5F3-10C2-499A-A9B9-072344498796}\.cr\T0001_VC_redist.x64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\is-5KLOB.tmp\ashampoo_music_studio_11_11.0.3_sm.tmp | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\is-3TD1U.tmp\tt-installer-helper.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\is-0VOO7.tmp\TelamonCleaner_id67a383f35fbe1sp.tmp | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\is-3TD1U.tmp\tt-installer-helper.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\is-GN1OF.tmp\is-78S6R.tmp | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\D24D6AB0\T0001_VC_redist.x64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\AlephNote_1.6.33\AlephNote.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\OperaSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\Temp1_log-analyzer-release-1.0.1.83.zip\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\ashampoo_music_studio_11_11.0.3_sm.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Yandex.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Identifier | C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Identifier | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000024b0827b07a16b48bc9b44b4c41b980b000000000200000000001066000000010000200000007ecfb0a0b43f464053cef5427906096d24b4f833d42cbf19417b68b08785c3b7000000000e8000000002000020000000ff99b687db636476169d719e24fc6d723ac1942eea50d8f1cf7fd092bd462eb82000000088f9924bf6e3e1a72c85e4d7f792453189b745262a5619151416afbe8ca28ab84000000057f9eb6f751d130009b685221c20c60fc5ccebcc8f3ac8d9be1637ff3f1ed3c01c06fb119d3c6279291caa9ec8c2a9f4755051cda800c15b9673234ad9d1ac39 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000024b0827b07a16b48bc9b44b4c41b980b000000000200000000001066000000010000200000006ee5f9301c1a8801a293623a431fc2341a38b75a4f36e3f61bf75f08f3d0547f000000000e8000000002000020000000affd8f28bfd9c525135513c34153ba91d6558863679a1c2fb8625707b84bab6d900000005c187f0671b873dc8fc4d41f49c08b4ac994a9acc5aaf98c1d745960a20f27dd131d87294ef9f2c2bcf0b3928ed1b9e722e41173db2958b678cdce3345db568ce6b8fffa3ff50fbd0cb66082ad02dee12e07b82f7dc0be14e8c927982b941aac33bed2249e2934926257476bdc93e9d76d9cd81f594dd3bb1564d2859ebff06e0929b727fdc922b893f595452da7f6ce400000006c609b005536649d7fcc2f20bc07730426e54c034ca2ab0af68455f983adea278fa4466e8b67c9b1ec18ce413988e1e8b7355330798aa7471842e5f69a6c64b1 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{B73637E9-E3D6-11EF-8F62-F2F62FDDD033} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000000000001000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 60176d8de377db01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\My | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2E | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\ROOT\CTLs | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPublisher | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPublisher\CRLs | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\8D4C4A23BA9EE84EA7348FA98CC6E65FBB69DE7B\Blob = 0300000001000000140000008d4c4a23ba9ee84ea7348fa98cc6e65fbb69de7b140000000100000014000000bbaf7e023dfaa6f13c848eadee3898ecd93232d4040000000100000010000000ab9b109ce8934f11e7cd22ed550680da0f0000000100000030000000a768343c4aeaced5c72f3571938864983a67ed49031c1da2495863caf65fe507011f7f0e70b6cb40e5631c07721be03419000000010000001000000082218ffb91733e64136be5719f57c3a11800000001000000100000002aa1c05e2ae606f198c2c5e937c97aa22000000001000000820500003082057e30820466a003020102021067def43ef17bdae24ff5940606d2c084300d06092a864886f70d01010c0500307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c18414141204365727469666963617465205365727669636573301e170d3034303130313030303030305a170d3238313233313233353935395a308185310b3009060355040613024742311b30190603550408131247726561746572204d616e636865737465723110300e0603550407130753616c666f7264311a3018060355040a1311434f4d4f444f204341204c696d69746564312b302906035504031322434f4d4f444f205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010091e85492d20a56b1ac0d24ddc5cf446774992b37a37d23700071bc53dfc4fa2a128f4b7f1056bd9f7072b7617fc94b0f17a73de3b00461eeff1197c7f4863e0afa3e5cf993e6347ad9146be79cb385a0827a76af7190d7ecfd0dfa9c6cfadfb082f4147ef9bec4a62f4f7f997fb5fc674372bd0c00d689eb6b2cd3ed8f981c14ab7ee5e36efcd8a8e49224da436b62b855fdeac1bc6cb68bf30e8d9ae49b6c6999f878483045d5ade10d3c4560fc32965127bc67c3ca2eb66bea46c7c720a0b11f65de4808baa44ea9f283463784ebe8cc814843674e722a9b5cbd4c1b288a5c227bb4ab98d9eee05183c309464e6d3e99fa9517da7c3357413c8d51ed0bb65caf2c631adf57c83fbce95dc49baf4599e2a35a24b4baa9563dcf6faaff4958bef0a8fff4b8ade937fbbab8f40b3af9e843421e89d884cb13f1d9bbe18960b88c2856ac141d9c0ae771ebcf0edd3da996a148bd3cf7afb50d224cc01181ec563bf6d3a2e25bb7b204225295809369e88e4c65f191032d707402ea8b671529695202bbd7df506a5546bfa0a328617f70d0c3a2aa2c21aa47ce289c064576bf821827b4d5aeb4cb50e66bf44c867130e9a6df1686e0d8ff40ddfbd042887fa3333a2e5c1e41118163ce18716b2beca68ab7315c3a6a47e0c37959d6201aaff26a98aa72bc574ad24b9dbb10fcb04c41e5ed1d3d5e289d9cccbfb351daa747e584530203010001a381f23081ef301f0603551d23041830168014a0110a233e96f107ece2af29ef82a57fd030a4b4301d0603551d0e04160414bbaf7e023dfaa6f13c848eadee3898ecd93232d4300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff30110603551d20040a300830060604551d200030430603551d1f043c303a3038a036a0348632687474703a2f2f63726c2e636f6d6f646f63612e636f6d2f414141436572746966696361746553657276696365732e63726c303406082b0601050507010104283026302406082b060105050730018618687474703a2f2f6f6373702e636f6d6f646f63612e636f6d300d06092a864886f70d01010c050003820101007ff25635b06d954a4e74af3ae26f018b87d33297edf840d2775311d7c7162ec69de64856be80a9f8bc78d2c86317ae8ced1631fa1f18c90ec7ee48799fc7c9b9bccc8815e36861d19f1d4b6181d7560463c2086926f0f0e52fdfc00a2ba905f4025a6a89d7b4844295e3ebf776205e35d9c0cd2508134c71388e87b0338491991e91f1ac9e3fa71d60812c364154a0e246060bac1bc799368c5ea10ba49ed9424624c5c55b81aeada0a0dc9f36b88dc21d15fa88ad8110391f44f02b9fdd10540c0734b136d114fd07023dff7255ab27d62c814171298d41f450571a7e6560afcbc5287698aeb3a853768be621526bea21d0840e494e8853da922ee71d0866d7 | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\ROOT | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPublisher\CTLs | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\ROOT\CRLs | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPublisher\CRLs | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\8D4C4A23BA9EE84EA7348FA98CC6E65FBB69DE7B | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPublisher | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPublisher\Certificates | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2F | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPublisher\Certificates | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\30 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2F | C:\Windows\system32\msiexec.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\31\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000 | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2E | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\31 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\30 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPublisher\CTLs | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\B41940958CF92C44EA84C5F7036A30CE\SourceList | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{D71FC887-4726-44C5-AAE3-A27DE8B8322F}\ = "SHContextMenuExt Class" | C:\Windows\System32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{D71FC887-4726-44C5-AAE3-A27DE8B8322F}\InprocServer32 | C:\Windows\System32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\{D71FC887-4726-44C5-AAE3-A27DE8B8322F}\ = "SH5 Shell Extension" | C:\Windows\System32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\4AD2D065E69086842BA2AD4681DF6EBF\SourceList\Media\1 = ";" | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8A567BD6FA501A947AD1F646E53EEC14\SourceList\Media | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\88AAB0B9F51EF1A3CA0C2B609EDD7FC1 | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\4AD2D065E69086842BA2AD4681DF6EBF\Language = "1033" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\B41940958CF92C44EA84C5F7036A30CE\AdvertiseFlags = "388" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\B41940958CF92C44EA84C5F7036A30CE\SourceList\Net\1 = "C:\\ProgramData\\Package Cache\\{5904914B-9FC8-44C2-AE48-5C7F30A603EC}v14.40.33816\\packages\\vcRuntimeAdditional_amd64\\" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\B41940958CF92C44EA84C5F7036A30CE\SourceList\Media\1 = ";" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Installer\Dependencies\VC,redist.x64,amd64,14.40,bundle | C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8800A266DCF6DD54E97A86760485EA5D\SourceList\Net | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Microsoft.VS.VC_RuntimeMinimumVSU_amd64,v14\DisplayName = "Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33816" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\4AD2D065E69086842BA2AD4681DF6EBF\VC_Runtime_Minimum | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\4AD2D065E69086842BA2AD4681DF6EBF\ProductName = "Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33816" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\4AD2D065E69086842BA2AD4681DF6EBF\PackageCode = "EF1C5BBCEEFD25C458AFD3A70929F953" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\4AD2D065E69086842BA2AD4681DF6EBF\Version = "237536280" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Installer\Dependencies\Microsoft.VS.VC_RuntimeAdditionalVSU_amd64,v14 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\VC,redist.x64,amd64,14.40,bundle\DisplayName = "Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.40.33816" | C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\VC,redist.x64,amd64,14.40,bundle\Dependents\{77169412-f642-45e7-b533-0c6f48de12f9} | C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\B41940958CF92C44EA84C5F7036A30CE\SourceList\Net | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Installer\Dependencies\Microsoft.VS.VC_RuntimeAdditionalVSU_amd64,v14 | C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Microsoft.VS.VC_RuntimeAdditionalVSU_amd64,v14\Dependents\{57A73DF6-4BA9-4C1D-BBBB-517289FF6C13} | C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8A567BD6FA501A947AD1F646E53EEC14\SourceList\Net | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\B41940958CF92C44EA84C5F7036A30CE\Assignment = "1" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\B41940958CF92C44EA84C5F7036A30CE\InstanceType = "0" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Microsoft.VS.VC_RuntimeAdditionalVSU_amd64,v14\Dependents\{77169412-f642-45e7-b533-0c6f48de12f9} | C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\{D71FC887-4726-44C5-AAE3-A27DE8B8322F} | C:\Windows\System32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\VC,redist.x64,amd64,14.40,bundle\ = "{77169412-f642-45e7-b533-0c6f48de12f9}" | C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\4AD2D065E69086842BA2AD4681DF6EBF\Assignment = "1" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\4AD2D065E69086842BA2AD4681DF6EBF\SourceList\Net | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{026941B7-ABD1-4F16-ADB7-E811B8BAC354}\1.0 | C:\Windows\System32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{026941B7-ABD1-4F16-ADB7-E811B8BAC354}\1.0\0 | C:\Windows\System32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{026941B7-ABD1-4F16-ADB7-E811B8BAC354}\1.0\HELPDIR\ = "C:\\Program Files\\EnigmaSoft\\SpyHunter" | C:\Windows\System32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\4AD2D065E69086842BA2AD4681DF6EBF\SourceList\LastUsedSource = "n;1;C:\\ProgramData\\Package Cache\\{560D2DA4-096E-4868-B22A-DA6418FDE6FB}v14.40.33816\\packages\\vcRuntimeMinimum_amd64\\" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\B41940958CF92C44EA84C5F7036A30CE\Servicing_Key | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\B41940958CF92C44EA84C5F7036A30CE\PackageCode = "5E78E5602FA7A974088E3902313D8AF2" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8800A266DCF6DD54E97A86760485EA5D | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\4AD2D065E69086842BA2AD4681DF6EBF\Servicing_Key | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\B41940958CF92C44EA84C5F7036A30CE\Version = "237536280" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\B41940958CF92C44EA84C5F7036A30CE\SourceList\LastUsedSource = "n;1;C:\\ProgramData\\Package Cache\\{5904914B-9FC8-44C2-AE48-5C7F30A603EC}v14.40.33816\\packages\\vcRuntimeAdditional_amd64\\" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{D71FC887-4726-44C5-AAE3-A27DE8B8322F} | C:\Windows\System32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{026941B7-ABD1-4F16-ADB7-E811B8BAC354}\1.0\FLAGS | C:\Windows\System32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Microsoft.VS.VC_RuntimeMinimumVSU_amd64,v14\Version = "14.40.33816" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\4AD2D065E69086842BA2AD4681DF6EBF\SourceList | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\B41940958CF92C44EA84C5F7036A30CE\ProductName = "Microsoft Visual C++ 2022 X64 Additional Runtime - 14.40.33816" | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\09A86F63C932FD435BC8463B1035EC53 | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8A567BD6FA501A947AD1F646E53EEC14\SourceList | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{D71FC887-4726-44C5-AAE3-A27DE8B8322F}\InprocServer32\ThreadingModel = "Apartment" | C:\Windows\System32\regsvr32.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\4AD2D065E69086842BA2AD4681DF6EBF\Clients = 3a0000000000 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Microsoft.VS.VC_RuntimeMinimumVSU_amd64,v14\Dependents\{77169412-f642-45e7-b533-0c6f48de12f9} | C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\B41940958CF92C44EA84C5F7036A30CE\VC_Runtime_Additional | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{026941B7-ABD1-4F16-ADB7-E811B8BAC354}\1.0\0\win64 | C:\Windows\System32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Installer\Dependencies\Microsoft.VS.VC_RuntimeMinimumVSU_amd64,v14 | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\4AD2D065E69086842BA2AD4681DF6EBF\Provider | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\4AD2D065E69086842BA2AD4681DF6EBF\SourceList\PackageName = "vc_runtimeMinimum_x64.msi" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{026941B7-ABD1-4F16-ADB7-E811B8BAC354}\1.0\HELPDIR | C:\Windows\System32\regsvr32.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8800A266DCF6DD54E97A86760485EA5D\SourceList\Media | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\88AAB0B9F51EF1A3CA0C2B609EDD7FC1 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\B41940958CF92C44EA84C5F7036A30CE\SourceList\Media | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8800A266DCF6DD54E97A86760485EA5D\SourceList | C:\Windows\system32\msiexec.exe | N/A |
Modifies registry key
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\reg.exe | N/A |
| N/A | N/A | C:\Windows\system32\reg.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436\Blob = 1900000001000000100000000f3a0527d242de2dc98e5cfcb1e991ee030000000100000014000000a8985d3a65e5e5c4b2d7d66d40c6dd2fb19c54361d000000010000001000000059779e39e21a2e3dfced6857ed5c5fd90b000000010000001200000044006900670069004300650072007400000014000000010000001400000003de503556d14cbb66f0a3e21b1bc397b23dd155090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b060105050703080f0000000100000014000000b34ddd372ed92e8f2abfbb9e20a9d31f204f194b2000000001000000b3030000308203af30820297a0030201020210083be056904246b1a1756ac95991c74a300d06092a864886f70d01010505003061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100e23be11172dea8a4d3a357aa50a28f0b7790c9a2a5ee12ce965b010920cc0193a74e30b753f743c46900579de28d22dd870640008109cece1b83bfdfcd3b7146e2d666c705b37627168f7b9e1e957deeb748a308dad6af7a0c3906657f4a5d1fbc17f8abbeee28d7747f7a78995985686e5c23324bbf4ec0e85a6de370bf7710bffc01f685d9a844105832a97518d5d1a2be47e2276af49a33f84908608bd45fb43a84bfa1aa4a4c7d3ecf4f5f6c765ea04b37919edc22e66dce141a8e6acbfecdb3146417c75b299e32bff2eefad30b42d4abb74132da0cd4eff881d5bb8d583fb51be84928a270da3104ddf7b216f24c0a4e07a8ed4a3d5eb57fa390c3af270203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041403de503556d14cbb66f0a3e21b1bc397b23dd155301f0603551d2304183016801403de503556d14cbb66f0a3e21b1bc397b23dd155300d06092a864886f70d01010505000382010100cb9c37aa4813120afadd449c4f52b0f4dfae04f5797908a32418fc4b2b84c02db9d5c7fef4c11f58cbb86d9c7a74e79829ab11b5e370a0a1cd4c8899938c9170e2ab0f1cbe93a9ff63d5e40760d3a3bf9d5b09f1d58ee353f48e63fa3fa7dbb466df6266d6d16e418df22db5ea774a9f9d58e22b59c04023ed2d2882453e7954922698e08048a837eff0d6796016deace80ecd6eac4417382f49dae1453e2ab93653cf3a5006f72ee8c457496c612118d504ad783c2c3a806ba7ebaf1514e9d889c1b9386ce2916c8aff64b977255730c01b24a3e1dce9df477cb5b424080530ec2dbd0bbf45bf50b9a9f3eb980112adc888c698345f8d0a3cc6e9d595956dde | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349\Blob = 040000000100000010000000497904b0eb8719ac47b0bc11519b74d00f00000001000000140000003e8e6487f8fd27d322a269a71edaac5d57811286090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030853000000010000002600000030243022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c00b00000001000000180000004300b7004f00b7004d00b7004f00b7004400b7004f000000140000000100000014000000a0110a233e96f107ece2af29ef82a57fd030a4b41d00000001000000100000002e0d6875874a44c820912e85e964cfdb030000000100000014000000d1eb23a46d17d68fd92564c2f1f1601764d8e3491900000001000000100000002aa1c05e2ae606f198c2c5e937c97aa2200000000100000036040000308204323082031aa003020102020101300d06092a864886f70d0101050500307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c18414141204365727469666963617465205365727669636573301e170d3034303130313030303030305a170d3238313233313233353935395a307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c1841414120436572746966696361746520536572766963657330820122300d06092a864886f70d01010105000382010f003082010a0282010100be409df46ee1ea76871c4d45448ebe46c883069dc12afe181f8ee402faf3ab5d508a16310b9a06d0c57022cd492d5463ccb66e68460b53eacb4c24c0bc724eeaf115aef4549a120ac37ab23360e2da8955f32258f3dedccfef8386a28c944f9f68f29890468427c776bfe3cc352c8b5e07646582c048b0a891f9619f762050a891c766b5eb78620356f08a1a13ea31a31ea099fd38f6f62732586f07f56bb8fb142bafb7aaccd6635f738cda0599a838a8cb17783651ace99ef4783a8dcf0fd942e2980cab2f9f0e01deef9f9949f12ddfac744d1b98b547c5e529d1f99018c7629cbe83c7267b3e8a25c7c0dd9de6356810209d8fd8ded2c3849c0d5ee82fc90203010001a381c03081bd301d0603551d0e04160414a0110a233e96f107ece2af29ef82a57fd030a4b4300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff307b0603551d1f047430723038a036a0348632687474703a2f2f63726c2e636f6d6f646f63612e636f6d2f414141436572746966696361746553657276696365732e63726c3036a034a0328630687474703a2f2f63726c2e636f6d6f646f2e6e65742f414141436572746966696361746553657276696365732e63726c300d06092a864886f70d010105050003820101000856fc02f09be8ffa4fad67bc64480ce4fc4c5f60058cca6b6bc1449680476e8e6ee5dec020f60d68d50184f264e01e3e6b0a5eebfbc745441bffdfc12b8c74f5af48960057f60b7054af3f6f1c2bfc4b97486b62d7d6bccd2f346dd2fc6e06ac3c334032c7d96dd5ac20ea70a99c1058bab0c2ff35c3acf6c37550987de53406c58effcb6ab656e04f61bdc3ce05a15c69ed9f15948302165036cece92173ec9b03a1e037ada015188ffaba02cea72ca910132cd4e50826ab229760f8905e74d4a29a53bdf2a968e0a26ec2d76cb1a30f9ebfeb68e756f2aef2e32b383a0981b56b85d7be2ded3f1ab7b263e2f5622c82d46a004150f139839f95e93696986e | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436\Blob = 0f0000000100000014000000b34ddd372ed92e8f2abfbb9e20a9d31f204f194b090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000003de503556d14cbb66f0a3e21b1bc397b23dd1550b00000001000000120000004400690067006900430065007200740000001d000000010000001000000059779e39e21a2e3dfced6857ed5c5fd9030000000100000014000000a8985d3a65e5e5c4b2d7d66d40c6dd2fb19c54362000000001000000b3030000308203af30820297a0030201020210083be056904246b1a1756ac95991c74a300d06092a864886f70d01010505003061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100e23be11172dea8a4d3a357aa50a28f0b7790c9a2a5ee12ce965b010920cc0193a74e30b753f743c46900579de28d22dd870640008109cece1b83bfdfcd3b7146e2d666c705b37627168f7b9e1e957deeb748a308dad6af7a0c3906657f4a5d1fbc17f8abbeee28d7747f7a78995985686e5c23324bbf4ec0e85a6de370bf7710bffc01f685d9a844105832a97518d5d1a2be47e2276af49a33f84908608bd45fb43a84bfa1aa4a4c7d3ecf4f5f6c765ea04b37919edc22e66dce141a8e6acbfecdb3146417c75b299e32bff2eefad30b42d4abb74132da0cd4eff881d5bb8d583fb51be84928a270da3104ddf7b216f24c0a4e07a8ed4a3d5eb57fa390c3af270203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041403de503556d14cbb66f0a3e21b1bc397b23dd155301f0603551d2304183016801403de503556d14cbb66f0a3e21b1bc397b23dd155300d06092a864886f70d01010505000382010100cb9c37aa4813120afadd449c4f52b0f4dfae04f5797908a32418fc4b2b84c02db9d5c7fef4c11f58cbb86d9c7a74e79829ab11b5e370a0a1cd4c8899938c9170e2ab0f1cbe93a9ff63d5e40760d3a3bf9d5b09f1d58ee353f48e63fa3fa7dbb466df6266d6d16e418df22db5ea774a9f9d58e22b59c04023ed2d2882453e7954922698e08048a837eff0d6796016deace80ecd6eac4417382f49dae1453e2ab93653cf3a5006f72ee8c457496c612118d504ad783c2c3a806ba7ebaf1514e9d889c1b9386ce2916c8aff64b977255730c01b24a3e1dce9df477cb5b424080530ec2dbd0bbf45bf50b9a9f3eb980112adc888c698345f8d0a3cc6e9d595956dde | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 190000000100000010000000749966cecc95c1874194ca7203f9b6200300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d431d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0b000000010000001200000044006900670069004300650072007400000014000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b060105050703080f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa62000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2 | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\SystemCertificates\CA\Certificates\D89E3BD43D5D909B47A18977AA9D5CE36CEE184C | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\SystemCertificates\CA\Certificates\D89E3BD43D5D909B47A18977AA9D5CE36CEE184C\Blob = 030000000100000014000000d89e3bd43d5d909b47a18977aa9d5ce36cee184c1400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb040000000100000010000000285ec909c4ab0d2d57f5086b225799aa0f000000010000003000000013baa039635f1c5292a8c2f36aae7e1d25c025202e9092f5b0f53f5f752dfa9c71b3d1b8d9a6358fcee6ec75622fabf9190000000100000010000000ea6089055218053dd01e37e1d806eedf1800000001000000100000002aa1c05e2ae606f198c2c5e937c97aa22000000001000000850500003082058130820469a00302010202103972443af922b751d7d36c10dd313595300d06092a864886f70d01010c0500307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c18414141204365727469666963617465205365727669636573301e170d3139303331323030303030305a170d3238313233313233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a381f23081ef301f0603551d23041830168014a0110a233e96f107ece2af29ef82a57fd030a4b4301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff30110603551d20040a300830060604551d200030430603551d1f043c303a3038a036a0348632687474703a2f2f63726c2e636f6d6f646f63612e636f6d2f414141436572746966696361746553657276696365732e63726c303406082b0601050507010104283026302406082b060105050730018618687474703a2f2f6f6373702e636f6d6f646f63612e636f6d300d06092a864886f70d01010c05000382010100188751dc74213d9c8ae027b733d02eccecf0e6cb5e11de226f9b758e9e72fee4d6feaa1f9c962def034a7eaef48d6f723c433bc03febb8df5caaa9c6aef2fcd8eea37b43f686367c14e0cdf4f73ffedeb8b48af09196fefd43647efdccd201a17d7df81919c9422b13bf588bbaa4a266047688914e0c8914cea24dc932b3bae8141abc71f15bf0410b98000a220310e50cb1f9cd923719ed3bf1e43ab6f945132675afbbaaef3f7b773bd2c402913d1900d3175c39db3f7b180d45cd9385962f5ddf59164f3f51bdd545183fed4a8ee80661742316b50d50732744477f105d892a6b853114c4e8a96a4c80bc6a78cfb87f8e7672990c9dfed7910816a1a35f95 | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349 | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436 | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436\Blob = 04000000010000001000000079e4a9840d7d3a96d7c04fe2434c892e0f0000000100000014000000b34ddd372ed92e8f2abfbb9e20a9d31f204f194b090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000003de503556d14cbb66f0a3e21b1bc397b23dd1550b00000001000000120000004400690067006900430065007200740000001d000000010000001000000059779e39e21a2e3dfced6857ed5c5fd9030000000100000014000000a8985d3a65e5e5c4b2d7d66d40c6dd2fb19c54361900000001000000100000000f3a0527d242de2dc98e5cfcb1e991ee2000000001000000b3030000308203af30820297a0030201020210083be056904246b1a1756ac95991c74a300d06092a864886f70d01010505003061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100e23be11172dea8a4d3a357aa50a28f0b7790c9a2a5ee12ce965b010920cc0193a74e30b753f743c46900579de28d22dd870640008109cece1b83bfdfcd3b7146e2d666c705b37627168f7b9e1e957deeb748a308dad6af7a0c3906657f4a5d1fbc17f8abbeee28d7747f7a78995985686e5c23324bbf4ec0e85a6de370bf7710bffc01f685d9a844105832a97518d5d1a2be47e2276af49a33f84908608bd45fb43a84bfa1aa4a4c7d3ecf4f5f6c765ea04b37919edc22e66dce141a8e6acbfecdb3146417c75b299e32bff2eefad30b42d4abb74132da0cd4eff881d5bb8d583fb51be84928a270da3104ddf7b216f24c0a4e07a8ed4a3d5eb57fa390c3af270203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041403de503556d14cbb66f0a3e21b1bc397b23dd155301f0603551d2304183016801403de503556d14cbb66f0a3e21b1bc397b23dd155300d06092a864886f70d01010505000382010100cb9c37aa4813120afadd449c4f52b0f4dfae04f5797908a32418fc4b2b84c02db9d5c7fef4c11f58cbb86d9c7a74e79829ab11b5e370a0a1cd4c8899938c9170e2ab0f1cbe93a9ff63d5e40760d3a3bf9d5b09f1d58ee353f48e63fa3fa7dbb466df6266d6d16e418df22db5ea774a9f9d58e22b59c04023ed2d2882453e7954922698e08048a837eff0d6796016deace80ecd6eac4417382f49dae1453e2ab93653cf3a5006f72ee8c457496c612118d504ad783c2c3a806ba7ebaf1514e9d889c1b9386ce2916c8aff64b977255730c01b24a3e1dce9df477cb5b424080530ec2dbd0bbf45bf50b9a9f3eb980112adc888c698345f8d0a3cc6e9d595956dde | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 0f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa6090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f0b00000001000000120000004400690067006900430065007200740000001d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d432000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2 | C:\Users\Admin\Downloads\Yandex.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\Yandex.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\OperaSetup.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\AlephNote_1.6.33.zip:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\ZonaSetup64[6mP1u]-3.0.0.1.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\TelamonCleaner_id67a3842933962sp.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\Setup_ASTER2600.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\TelamonCleaner_id67a383f35fbe1sp.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\TelamonCleaner_id67a383f719b5asp.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\log-analyzer-release-1.0.1.83.zip:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\ashampoo_music_studio_11_11.0.3_sm.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-0VOO7.tmp\TelamonCleaner_id67a383f35fbe1sp.tmp | N/A |
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
System policy modification
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System | C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe | N/A |
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Processes
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "http://duckduckgo.com"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url http://duckduckgo.com
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.0.1403523451\1969392840" -parentBuildID 20221007134813 -prefsHandle 1240 -prefMapHandle 1232 -prefsLen 20847 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f9e07509-307e-43cb-93b8-b89f3c2da079} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 1316 10aeab58 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.1.1246592697\309595935" -parentBuildID 20221007134813 -prefsHandle 1508 -prefMapHandle 1504 -prefsLen 21708 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1d5e36df-59b8-4129-8b2c-344010e7f480} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 1520 d6fe58 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.2.822300963\1981712072" -childID 1 -isForBrowser -prefsHandle 2100 -prefMapHandle 2096 -prefsLen 21811 -prefMapSize 233444 -jsInitHandle 908 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2f7d7381-e6b4-402a-b5b6-cf70527b01b7} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 2112 1aacf558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.3.768879931\203673410" -childID 2 -isForBrowser -prefsHandle 2944 -prefMapHandle 2940 -prefsLen 26216 -prefMapSize 233444 -jsInitHandle 908 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a326a842-4d6f-4066-be7b-a2dab72878b7} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 2956 d61c58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.4.510501036\1531609120" -childID 3 -isForBrowser -prefsHandle 3500 -prefMapHandle 3600 -prefsLen 26275 -prefMapSize 233444 -jsInitHandle 908 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {de328859-289d-4182-9557-4dece7d3abed} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 3636 19634858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.5.819374828\1145717624" -childID 4 -isForBrowser -prefsHandle 3748 -prefMapHandle 3672 -prefsLen 26275 -prefMapSize 233444 -jsInitHandle 908 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8af93956-0a3f-4a56-a90f-50b7b53d1ef3} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 3736 1e7afd58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.6.513307749\1957619163" -childID 5 -isForBrowser -prefsHandle 3860 -prefMapHandle 3864 -prefsLen 26275 -prefMapSize 233444 -jsInitHandle 908 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0f5b96a4-5a52-4287-91be-82fa6e29dff6} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 3756 19636c58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.7.1170312994\1563592608" -childID 6 -isForBrowser -prefsHandle 4056 -prefMapHandle 4060 -prefsLen 26275 -prefMapSize 233444 -jsInitHandle 908 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6501d522-7520-4d35-a24f-96a977af3e0d} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 4044 1fc34d58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.8.890839503\523900906" -childID 7 -isForBrowser -prefsHandle 2172 -prefMapHandle 2408 -prefsLen 26531 -prefMapSize 233444 -jsInitHandle 908 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {30068351-e5e8-47ea-9e4e-903cd1da962c} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 3772 1b61e758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.9.193811029\131400804" -childID 8 -isForBrowser -prefsHandle 1856 -prefMapHandle 3732 -prefsLen 26531 -prefMapSize 233444 -jsInitHandle 908 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {94578000-fc83-484a-8308-ade2951d563f} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 1964 175e0258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.10.1425931813\627969325" -childID 9 -isForBrowser -prefsHandle 4384 -prefMapHandle 4388 -prefsLen 26531 -prefMapSize 233444 -jsInitHandle 908 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c45d49db-9b39-4899-a000-163e3aeb759e} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 4372 1abc9c58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.11.687581338\520721189" -childID 10 -isForBrowser -prefsHandle 3952 -prefMapHandle 3828 -prefsLen 26531 -prefMapSize 233444 -jsInitHandle 908 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a0356753-e9ac-4794-b233-3333665c4d3e} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 3848 1e7ae558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.12.746108251\394233678" -childID 11 -isForBrowser -prefsHandle 3984 -prefMapHandle 4168 -prefsLen 26531 -prefMapSize 233444 -jsInitHandle 908 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {638a7486-a6bd-4fe3-b019-cea3c6697440} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 4160 2245a258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.13.1173620373\2007469962" -childID 12 -isForBrowser -prefsHandle 1944 -prefMapHandle 1876 -prefsLen 26796 -prefMapSize 233444 -jsInitHandle 908 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8549e103-9559-45d5-a5f2-41efb9a4fccf} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 3776 17575158 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2052.14.1364564755\1732343083" -childID 13 -isForBrowser -prefsHandle 1860 -prefMapHandle 1864 -prefsLen 26796 -prefMapSize 233444 -jsInitHandle 908 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2e28fef3-30e0-4da2-b90a-72194f56796b} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 1092 19634b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.0.737145632\884029792" -parentBuildID 20221007134813 -prefsHandle 1156 -prefMapHandle 1136 -prefsLen 21236 -prefMapSize 233496 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1ed3b3d0-adbb-4bc5-b3c3-ce23516fb60e} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 1304 14208858 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.1.1565295853\216413980" -parentBuildID 20221007134813 -prefsHandle 1460 -prefMapHandle 1456 -prefsLen 21317 -prefMapSize 233496 -appDir "C:\Program Files\Mozilla Firefox\browser" - {78c29326-8bde-4578-8d93-df2a815d5aec} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 1472 e71058 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.2.2065647844\1835031236" -childID 1 -isForBrowser -prefsHandle 1988 -prefMapHandle 1984 -prefsLen 21420 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9647ffcb-580f-482d-8263-644c5f05e9c1} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 2000 825e858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.3.1613484904\1842564284" -childID 2 -isForBrowser -prefsHandle 2444 -prefMapHandle 2424 -prefsLen 26605 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0683387b-1a39-4d4e-80bb-3a5b79fa2163} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 2320 135da258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.4.196263426\1705360918" -childID 3 -isForBrowser -prefsHandle 2636 -prefMapHandle 2632 -prefsLen 26605 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3a8044ea-f128-4c65-ba51-438fe00a4184} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 2652 e61f58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.5.1362973817\1680968236" -childID 4 -isForBrowser -prefsHandle 3368 -prefMapHandle 3376 -prefsLen 26605 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c252e7f7-5f92-47f3-833b-1cc33ad2dfae} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 3400 1ea19258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.6.2086009356\2047832876" -childID 5 -isForBrowser -prefsHandle 3508 -prefMapHandle 3512 -prefsLen 26605 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f81c9e38-27b9-41fa-badb-dd6cc8341d68} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 3496 1ea19b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.7.410906339\1029019283" -childID 6 -isForBrowser -prefsHandle 3684 -prefMapHandle 3688 -prefsLen 26605 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e6480f75-67d7-4d3f-9c1f-b427c459dacb} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 3672 1ea16e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.8.673655065\1524710588" -childID 7 -isForBrowser -prefsHandle 3732 -prefMapHandle 3736 -prefsLen 26605 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {622cfef9-46d5-43d3-87dc-68e2d4710378} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 3512 1ef25b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.9.1367020572\1400081824" -childID 8 -isForBrowser -prefsHandle 3424 -prefMapHandle 3412 -prefsLen 26798 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {fd4ab3a7-a683-40ee-bcd9-d776afda4cd5} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 3472 1ea17758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.10.819640271\1333293018" -childID 9 -isForBrowser -prefsHandle 4492 -prefMapHandle 2508 -prefsLen 26879 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {73ec3223-4b36-44b9-8f9b-93793ac98269} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 4456 1f1f5058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.11.1790855856\1290980274" -childID 10 -isForBrowser -prefsHandle 1656 -prefMapHandle 4308 -prefsLen 26879 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bb861dd4-d932-47bb-9c1f-f775bd409dec} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 4772 1ed47f58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.12.795863420\1792162312" -childID 11 -isForBrowser -prefsHandle 4928 -prefMapHandle 4936 -prefsLen 26879 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a3906b8a-dd18-420b-9c45-6258323ea7e5} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 4916 2145f858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.13.797533673\1317104635" -childID 12 -isForBrowser -prefsHandle 1836 -prefMapHandle 1864 -prefsLen 26888 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {182ec78a-c3b5-4d74-9050-482b7699d5e0} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 1660 1f151258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.14.1261645246\2079934414" -parentBuildID 20221007134813 -prefsHandle 5068 -prefMapHandle 5080 -prefsLen 26888 -prefMapSize 233496 -appDir "C:\Program Files\Mozilla Firefox\browser" - {979d26ae-4eec-44f5-beb8-5d6c7e63b21e} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 1836 22887758 rdd
C:\Users\Admin\Downloads\Yandex.exe
"C:\Users\Admin\Downloads\Yandex.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.15.504090044\1511217854" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 4304 -prefMapHandle 3472 -prefsLen 26928 -prefMapSize 233496 -appDir "C:\Program Files\Mozilla Firefox\browser" - {39b92062-8867-454a-b4dc-82b71358f200} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 3452 237db758 utility
C:\Users\Admin\Downloads\Yandex.exe
C:\Users\Admin\Downloads\Yandex.exe --stat dwnldr/p=225007/fail=1
C:\Users\Admin\Downloads\OperaSetup.exe
"C:\Users\Admin\Downloads\OperaSetup.exe"
C:\Users\Admin\AppData\Local\Temp\7zS09880ED8\setup.exe
C:\Users\Admin\AppData\Local\Temp\7zS09880ED8\setup.exe --server-tracking-blob=ZjZjMzI4MGU5ZTQ1YjNhZTlhYjkxOGY1ZTEzNzA4MDdlYWIyNDlmM2M4MjQxNGEyMTIxNjUyNGYwYmNiZTRjNjp7ImNvdW50cnkiOiJHQiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL2ZyZWVzb2Z0LnJ1LyIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFTZXR1cC5leGUiLCJwcm9kdWN0Ijoib3BlcmEiLCJxdWVyeSI6Ii9vcGVyYS9zdGFibGUvd2luZG93cz91dG1fc291cmNlPWZyZWVzb2Z0JnV0bV9tZWRpdW09cGImdXRtX2NhbXBhaWduPWZyZWVuZXQiLCJ0aW1lc3RhbXAiOiIxNzM4NzY5MjU5LjE4NzkiLCJ1c2VyYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCA2LjE7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwidXRtIjp7ImNhbXBhaWduIjoiZnJlZW5ldCIsIm1lZGl1bSI6InBiIiwic291cmNlIjoiZnJlZXNvZnQifSwidXVpZCI6IjAwNmE5NzE0LTRjZjQtNDlmOS05MDQ4LTdjNjBlMWJkMjA1OCJ9
C:\Users\Admin\Downloads\Yandex.exe
"C:\Users\Admin\Downloads\Yandex.exe"
C:\Users\Admin\Downloads\Yandex.exe
"C:\Users\Admin\Downloads\Yandex.exe"
C:\Users\Admin\Downloads\Yandex.exe
"C:\Users\Admin\Downloads\Yandex.exe"
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x590
C:\Users\Admin\Downloads\Yandex.exe
C:\Users\Admin\Downloads\Yandex.exe --stat dwnldr/p=225007/fail=1
C:\Users\Admin\Downloads\AlephNote_1.6.33\AlephNote.exe
"C:\Users\Admin\Downloads\AlephNote_1.6.33\AlephNote.exe"
C:\Users\Admin\Downloads\Yandex.exe
C:\Users\Admin\Downloads\Yandex.exe --stat dwnldr/p=225007/fail=1
C:\Users\Admin\Downloads\Yandex.exe
C:\Users\Admin\Downloads\Yandex.exe --stat dwnldr/p=225007/fail=1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.16.1790067970\910024383" -childID 13 -isForBrowser -prefsHandle 2400 -prefMapHandle 2264 -prefsLen 26984 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a42d8eb3-9dc7-4b69-acb1-7aeced6802a0} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 2312 1f14fd58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.17.1523100694\1322053440" -childID 14 -isForBrowser -prefsHandle 3972 -prefMapHandle 3960 -prefsLen 26984 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {81275e09-2ece-499a-a1f3-c8d3d1256b5d} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 3976 21d52c58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.18.1966282447\675101861" -childID 15 -isForBrowser -prefsHandle 3628 -prefMapHandle 3492 -prefsLen 26984 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {075519f2-29dc-4fc1-a049-7fde2ae18e93} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 3616 228f0958 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.19.695988876\1110953933" -childID 16 -isForBrowser -prefsHandle 2408 -prefMapHandle 4444 -prefsLen 26984 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {37d338cd-c144-434e-9a16-031ac1c1a9b9} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 5872 1a0dac58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.20.1271721424\1580030081" -childID 17 -isForBrowser -prefsHandle 4836 -prefMapHandle 4832 -prefsLen 26984 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e7fc9242-9ca6-4e3e-a071-f0bf4e8c4c38} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 4412 2028d858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.21.1267257702\1997298756" -childID 18 -isForBrowser -prefsHandle 4076 -prefMapHandle 4080 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9a002e87-d956-42fb-881b-39860b55011e} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 5128 1f220158 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.22.1401467829\168519032" -childID 19 -isForBrowser -prefsHandle 9668 -prefMapHandle 4208 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {23aef134-cc7f-4872-a831-10c959740520} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9656 256f2a58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.23.1028828245\523727669" -childID 20 -isForBrowser -prefsHandle 9540 -prefMapHandle 9536 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a8b19d0c-5d45-4e49-a886-ee30c621be48} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9552 256f2158 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.24.2145016734\1266724735" -childID 21 -isForBrowser -prefsHandle 9536 -prefMapHandle 9568 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a5439388-a2b8-4ef0-9dc1-bdbf1affb01d} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 4208 ff24158 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.25.579562808\1040610923" -childID 22 -isForBrowser -prefsHandle 9252 -prefMapHandle 9248 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {24680e8c-a81e-4b32-98a9-039d3fef6d59} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9264 ff25958 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.26.2092781219\1514668794" -childID 23 -isForBrowser -prefsHandle 3208 -prefMapHandle 9288 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9f5d18bc-7200-4605-a95b-f936473826aa} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9196 257e1858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.27.725943101\1523863165" -childID 24 -isForBrowser -prefsHandle 8820 -prefMapHandle 8824 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e6c63409-8c6f-43dc-be27-d65e6c3e79e0} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8840 18c54958 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.28.862348831\743118107" -childID 25 -isForBrowser -prefsHandle 8716 -prefMapHandle 8820 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4ff72bbc-57e7-403f-b10c-5be32309ef3f} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8864 25e1df58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.29.1282929971\522963666" -childID 26 -isForBrowser -prefsHandle 8716 -prefMapHandle 3688 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {33d2a823-5415-4da1-a772-cb8f6f01bccf} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8664 2adbbd58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.30.1109038000\997062363" -childID 27 -isForBrowser -prefsHandle 8976 -prefMapHandle 8936 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a9eba1a5-ec84-4422-908a-73a88037ceb1} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9224 1cb3c958 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.31.861661442\128812784" -childID 28 -isForBrowser -prefsHandle 8936 -prefMapHandle 9164 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {94da7e7d-6f65-4dd1-9e06-c7f8637940e6} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8272 18c58358 tab
C:\Users\Admin\Downloads\TelamonCleaner_id67a383f35fbe1sp.exe
"C:\Users\Admin\Downloads\TelamonCleaner_id67a383f35fbe1sp.exe"
C:\Users\Admin\AppData\Local\Temp\is-0VOO7.tmp\TelamonCleaner_id67a383f35fbe1sp.tmp
"C:\Users\Admin\AppData\Local\Temp\is-0VOO7.tmp\TelamonCleaner_id67a383f35fbe1sp.tmp" /SL5="$901CE,1801708,918016,C:\Users\Admin\Downloads\TelamonCleaner_id67a383f35fbe1sp.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe" "C:\Windows\system32\cmd.exe" /S /C ""C:\Users\Admin\AppData\Local\Temp\is-3TD1U.tmp\tt-installer-helper.exe" --getyaoffer --filename="TelamonCleaner_id67a383f35fbe1sp.exe" > "C:\Users\Admin\AppData\Local\Temp\is-3TD1U.tmp\~execwithresult.txt""
C:\Users\Admin\AppData\Local\Temp\is-3TD1U.tmp\tt-installer-helper.exe
"C:\Users\Admin\AppData\Local\Temp\is-3TD1U.tmp\tt-installer-helper.exe" --getyaoffer --filename="TelamonCleaner_id67a383f35fbe1sp.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.32.28835350\1572303747" -childID 29 -isForBrowser -prefsHandle 8644 -prefMapHandle 8604 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {26f015d1-b433-433f-b011-c6f6fe13f83e} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 796 1848cb58 tab
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe" "C:\Windows\system32\cmd.exe" /S /C ""C:\Users\Admin\AppData\Local\Temp\is-3TD1U.tmp\tt-installer-helper.exe" --getuid > "C:\Users\Admin\AppData\Local\Temp\is-3TD1U.tmp\~execwithresult.txt""
C:\Users\Admin\AppData\Local\Temp\is-3TD1U.tmp\tt-installer-helper.exe
"C:\Users\Admin\AppData\Local\Temp\is-3TD1U.tmp\tt-installer-helper.exe" --getuid
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.33.543352327\727975666" -childID 30 -isForBrowser -prefsHandle 4084 -prefMapHandle 8676 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f3e0abc8-a2d3-4db1-b522-ef6e0e9deb23} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8388 1cd51258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.34.1884245226\1867275388" -childID 31 -isForBrowser -prefsHandle 8324 -prefMapHandle 8424 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {143f5621-5516-46e5-9bc4-a4b906d2eb9e} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8692 24404d58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.35.201538773\479582246" -childID 32 -isForBrowser -prefsHandle 8352 -prefMapHandle 8416 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6ed6b13a-d66d-4a96-911c-2b016a614c5a} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 4016 24403e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.36.1823315702\1154171130" -childID 33 -isForBrowser -prefsHandle 8184 -prefMapHandle 8188 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6f36e950-5715-43cd-ab15-07f87f84e065} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8208 25374858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.37.686338724\481434401" -childID 34 -isForBrowser -prefsHandle 4320 -prefMapHandle 4696 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c98b9360-12b4-47a1-99fe-6760c39f94b3} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8092 256d3358 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.38.1154113115\1750171717" -childID 35 -isForBrowser -prefsHandle 9032 -prefMapHandle 4296 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0d6c822d-9f5d-4b66-99e3-ab13d6f54994} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 3152 25353858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.39.416488268\1015123407" -childID 36 -isForBrowser -prefsHandle 5800 -prefMapHandle 5760 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ba618016-758c-4578-980d-241ca612ec0c} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 5816 25354158 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.40.1680938576\1451480487" -childID 37 -isForBrowser -prefsHandle 8348 -prefMapHandle 9208 -prefsLen 26993 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {49459f81-dd21-42bf-9737-02079496a40c} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8448 2cf46458 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.41.607486322\796807988" -childID 38 -isForBrowser -prefsHandle 8164 -prefMapHandle 8748 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4590ab81-caf2-4234-b7f1-822fc11b1a67} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8640 24464b58 tab
C:\Users\Admin\AppData\Local\Temp\Temp1_log-analyzer-release-1.0.1.83.zip\setup.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_log-analyzer-release-1.0.1.83.zip\setup.exe"
C:\Users\Admin\AppData\Local\Temp\is-GN1OF.tmp\is-78S6R.tmp
"C:\Users\Admin\AppData\Local\Temp\is-GN1OF.tmp\is-78S6R.tmp" /SL4 $202C6 "C:\Users\Admin\AppData\Local\Temp\Temp1_log-analyzer-release-1.0.1.83.zip\setup.exe" 519312 52224
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.42.1887830934\195318272" -childID 39 -isForBrowser -prefsHandle 5252 -prefMapHandle 8308 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {30978618-d7e1-4995-b26b-e990962c8227} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8248 18903e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.43.641296330\1379409096" -childID 40 -isForBrowser -prefsHandle 9408 -prefMapHandle 8020 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bc481ea4-a3c6-484d-b5ea-8284d01d0b87} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 2264 18904458 tab
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\Temp1_log-analyzer-release-1.0.1.83.zip\readme.txt
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.44.433520429\845253947" -childID 41 -isForBrowser -prefsHandle 2376 -prefMapHandle 4496 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {11a511c0-8bfc-418c-bf08-36a9ee92d13c} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8472 1848da58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.45.1209432844\1147235815" -childID 42 -isForBrowser -prefsHandle 8148 -prefMapHandle 8136 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e04304d8-ec3e-42f6-9779-dc693373aba1} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8132 e2f658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.46.1478360449\1267450740" -childID 43 -isForBrowser -prefsHandle 8152 -prefMapHandle 8536 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d0e6c4b8-35d3-44f6-b796-c87b5b28fa68} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8440 1cebc858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.47.461436455\556405675" -childID 44 -isForBrowser -prefsHandle 8312 -prefMapHandle 8748 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {95f38951-66d8-4c59-bed5-9c99d8aae724} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 4024 1cbf3958 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.48.132744431\389252804" -childID 45 -isForBrowser -prefsHandle 8040 -prefMapHandle 8532 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d07e55e0-99ff-4acb-9117-49dc11429315} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8236 1cceab58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.49.283917356\817662947" -childID 46 -isForBrowser -prefsHandle 8416 -prefMapHandle 4760 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {efd98b94-8f21-42a8-843a-1874f7a3f260} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8712 2012e058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.50.378108168\26824629" -childID 47 -isForBrowser -prefsHandle 8196 -prefMapHandle 9376 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6d9dd808-fd7b-4aad-b45a-a5752e74912d} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9372 2012da58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.51.252568429\1616093059" -childID 48 -isForBrowser -prefsHandle 8424 -prefMapHandle 8356 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {20a4e65d-ad42-4dfb-9165-3716dbcaeb3d} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9396 22813258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.52.1942711990\508301870" -childID 49 -isForBrowser -prefsHandle 7988 -prefMapHandle 1656 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9e2ca132-a21a-4fc1-b4bb-5f1414d53cc6} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8136 23716858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.53.1469488074\2108141927" -childID 50 -isForBrowser -prefsHandle 8312 -prefMapHandle 4732 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {412faedd-560b-49bd-99b6-f13506e01d38} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8404 18ecf858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.54.2105973070\1874981572" -childID 51 -isForBrowser -prefsHandle 8532 -prefMapHandle 8504 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b68777e8-f1dc-4d0b-9e14-84d8e5990bba} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 3724 1848d458 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.55.560049018\669503542" -childID 52 -isForBrowser -prefsHandle 8004 -prefMapHandle 9444 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d8714f0c-fcc6-4b54-a417-4ee033a15dfb} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8132 1c9b3358 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.56.1932369057\1912025475" -childID 53 -isForBrowser -prefsHandle 4728 -prefMapHandle 4324 -prefsLen 27002 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7e5c3849-c5a3-4d27-97dd-cac034b708ae} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 4348 e5f858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.57.674655637\1532381716" -childID 54 -isForBrowser -prefsHandle 3596 -prefMapHandle 3984 -prefsLen 27011 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {63f3803f-ea4b-4e9a-94de-9861c6b46a92} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8068 e6ca58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.58.1351896400\342658725" -childID 55 -isForBrowser -prefsHandle 5868 -prefMapHandle 5996 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {67c2aa52-b363-426b-9ca9-74f4ee51d293} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 6016 18c58058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.59.129952847\886392666" -childID 56 -isForBrowser -prefsHandle 8704 -prefMapHandle 8280 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6b5450a6-5db2-4180-a17c-bae46deb07cb} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9272 1cc10d58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.60.1322118886\1603152500" -childID 57 -isForBrowser -prefsHandle 9340 -prefMapHandle 9000 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {da5da294-9e82-4b71-9408-3bf03b94757d} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9072 1cc11058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.61.2107083024\1350381487" -childID 58 -isForBrowser -prefsHandle 9592 -prefMapHandle 5796 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {630f7774-f874-4083-936c-1c2ee7d0cfcf} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8448 1cd54e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.62.562946443\246441683" -childID 59 -isForBrowser -prefsHandle 9468 -prefMapHandle 8368 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2f2e3e61-209e-4f48-a343-53dfae9fe7da} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9652 1eaaa758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.63.896514402\1410385203" -childID 60 -isForBrowser -prefsHandle 8784 -prefMapHandle 8428 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {13316afa-3dd2-450b-912c-2c2e834b3f56} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8848 1f29b658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.64.2041036598\158190928" -childID 61 -isForBrowser -prefsHandle 4776 -prefMapHandle 8436 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a3e02e8d-2aef-4851-9286-042ad6878b29} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8164 1f29b058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.65.1288591650\1811566931" -childID 62 -isForBrowser -prefsHandle 3784 -prefMapHandle 9372 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8ffd56f4-0832-496b-9708-0fcc26500f53} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9292 1ea16258 tab
C:\Users\Admin\Downloads\Setup_ASTER2600.exe
"C:\Users\Admin\Downloads\Setup_ASTER2600.exe"
C:\Windows\system32\cmd.exe
"C:\Windows\system32\cmd.exe" /c "C:\Users\Admin\AppData\Local\Temp\D24D6AB0\_tin0D5E.bat"
C:\Windows\system32\sc.exe
sc query MUTESV_SERVICE
C:\Windows\system32\find.exe
find "RUNNING"
C:\Users\Admin\AppData\Local\Temp\D24D6AB0\T0002_mutewizard.exe
"C:\Users\Admin\AppData\Local\Temp\D24D6AB0\T0002_mutewizard.exe"
C:\Users\Admin\AppData\Local\Temp\D24D6AB0\T0001_VC_redist.x64.exe
"C:\Users\Admin\AppData\Local\Temp\D24D6AB0\T0001_VC_redist.x64.exe" /install /quiet /norestart
C:\Windows\Temp\{3147B5F3-10C2-499A-A9B9-072344498796}\.cr\T0001_VC_redist.x64.exe
"C:\Windows\Temp\{3147B5F3-10C2-499A-A9B9-072344498796}\.cr\T0001_VC_redist.x64.exe" -burn.clean.room="C:\Users\Admin\AppData\Local\Temp\D24D6AB0\T0001_VC_redist.x64.exe" -burn.filehandle.attached=288 -burn.filehandle.self=292 /install /quiet /norestart
C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe
"C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe" -q -burn.elevated BurnPipe.{4D4F4189-99ED-49C5-8421-E44FE733C373} {EF6471CF-A9A6-4316-AF58-AE4AA741440C} 4144
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe
"C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe" -uninstall -quiet -burn.related.upgrade -burn.ancestors={77169412-f642-45e7-b533-0c6f48de12f9} -burn.filehandle.self=500 -burn.embedded BurnPipe.{F83C8C17-9ED4-4B23-9A52-403BFFF379C5} {5A91E21E-D037-4FE3-9502-6DE318EC1EB9} 5020
C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe
"C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe" -burn.clean.room="C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe" -burn.filehandle.attached=180 -burn.filehandle.self=188 -uninstall -quiet -burn.related.upgrade -burn.ancestors={77169412-f642-45e7-b533-0c6f48de12f9} -burn.filehandle.self=500 -burn.embedded BurnPipe.{F83C8C17-9ED4-4B23-9A52-403BFFF379C5} {5A91E21E-D037-4FE3-9502-6DE318EC1EB9} 5020
C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe
"C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\VC_redist.x64.exe" -q -burn.elevated BurnPipe.{19979A1A-446A-414E-B21C-0B883EA98B8C} {4CD1FEDA-7193-4884-9DEB-4FCB028F75D1} 2880
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.66.1680369851\1616898589" -childID 63 -isForBrowser -prefsHandle 9052 -prefMapHandle 9560 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {93ae7f95-1408-4681-9e80-29713f1007a7} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9524 1897eb58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.67.962435794\814203857" -childID 64 -isForBrowser -prefsHandle 5096 -prefMapHandle 8276 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {16ad281c-e569-4aa7-8a3b-e2dfaf8eeb2c} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 2248 21d04158 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.68.1149898632\1506636956" -childID 65 -isForBrowser -prefsHandle 9596 -prefMapHandle 9456 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ba658b1a-c885-4395-857d-e6b324506fa3} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 5712 e5ee58 tab
C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe
"C:\Users\Admin\Downloads\SpyHunter-5.18-397-76196-Installer.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.69.1803590245\1398099932" -childID 66 -isForBrowser -prefsHandle 4784 -prefMapHandle 9160 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {28add6e4-a2ff-469c-bb05-1089e0746ba2} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9376 1a042258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.70.213923607\1619077152" -childID 67 -isForBrowser -prefsHandle 8032 -prefMapHandle 2792 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8c10d54b-2be3-4917-b5a2-a87b9d635b39} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 4784 24d78c58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.71.35557177\983644557" -childID 68 -isForBrowser -prefsHandle 5844 -prefMapHandle 8736 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b26d269c-e330-4d57-8afb-c6b777d0ab2a} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9200 25372a58 tab
C:\Users\Admin\Downloads\ashampoo_music_studio_11_11.0.3_sm.exe
"C:\Users\Admin\Downloads\ashampoo_music_studio_11_11.0.3_sm.exe"
C:\Users\Admin\AppData\Local\Temp\is-5KLOB.tmp\ashampoo_music_studio_11_11.0.3_sm.tmp
"C:\Users\Admin\AppData\Local\Temp\is-5KLOB.tmp\ashampoo_music_studio_11_11.0.3_sm.tmp" /SL5="$60298,62889911,1073664,C:\Users\Admin\Downloads\ashampoo_music_studio_11_11.0.3_sm.exe"
C:\Windows\System32\sc.exe
C:\Windows\System32\sc.exe create EsgShKernel start= demand binPath= "\"C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe\"" DisplayName= "SpyHunter 5 Kernel"
C:\Windows\System32\sc.exe
C:\Windows\System32\sc.exe description EsgShKernel "SpyHunter 5 Kernel"
C:\Windows\System32\sc.exe
C:\Windows\System32\sc.exe create ShMonitor start= demand binPath= "\"C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe\"" DisplayName= "SpyHunter 5 Kernel Monitor"
C:\Windows\System32\sc.exe
C:\Windows\System32\sc.exe description ShMonitor "SpyHunter 5 Kernel Monitor"
C:\Windows\system32\taskeng.exe
taskeng.exe {4D4A0BE6-12F7-464B-A244-D8D5B62C9781} S-1-5-21-1163522206-1469769407-485553996-1000:PJCSDMRP\Admin:Interactive:[1]
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe url.dll,FileProtocolHandler https://www.enigmasoftware.com/congratulations-spyhunter-installed/?hwx=936a63337e4887d2ca70732170bdd70e&lang=EN&sid=tapf%2Daa%2Dyjy3nzg
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" https://www.enigmasoftware.com/congratulations-spyhunter-installed/?hwx=936a63337e4887d2ca70732170bdd70e&lang=EN&sid=tapf%2Daa%2Dyjy3nzg
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5012 CREDAT:275457 /prefetch:2
C:\Windows\System32\sc.exe
C:\Windows\System32\sc.exe config ShMonitor start= auto
C:\Windows\System32\sc.exe
C:\Windows\System32\sc.exe config EsgShKernel start= auto
C:\Windows\System32\regsvr32.exe
C:\Windows\System32\regsvr32.exe /s "C:\Program Files\EnigmaSoft\SpyHunter\ShShellExt.dll"
C:\Windows\System32\sc.exe
C:\Windows\System32\sc.exe start EsgShKernel -tt_on
C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
"C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe"
C:\Windows\System32\sc.exe
C:\Windows\System32\sc.exe start ShMonitor
C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
"C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe"
C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
"C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe" /hide
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.72.131757850\471510868" -childID 69 -isForBrowser -prefsHandle 9568 -prefMapHandle 8024 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a2571609-48a1-4eb5-a9b1-3d9d68484250} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9632 ff23e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.73.1604863252\1137792747" -childID 70 -isForBrowser -prefsHandle 8492 -prefMapHandle 1080 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2a9fb265-fab7-4bb9-a7c4-b7efed94b671} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8792 18f47c58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.74.76968778\87562509" -childID 71 -isForBrowser -prefsHandle 9496 -prefMapHandle 9480 -prefsLen 27546 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {47528cda-d4e9-4dd1-b881-d95eb9227838} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8020 e6f558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.75.710071438\1260486649" -childID 72 -isForBrowser -prefsHandle 1080 -prefMapHandle 3484 -prefsLen 27555 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6abe38f0-3a8c-4cc5-b393-452c14bc39c1} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 4168 1cce8758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.76.484088273\1793394965" -childID 73 -isForBrowser -prefsHandle 4680 -prefMapHandle 9380 -prefsLen 27555 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6e5bfb39-b44c-47d0-a004-2cd3ecf1f18d} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 3596 1848e058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.77.428419597\1555485743" -childID 74 -isForBrowser -prefsHandle 9556 -prefMapHandle 8892 -prefsLen 27555 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {109a6b19-e888-4ed1-a4b6-221f80b69d40} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 5872 18eb7b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.78.393952602\1653869623" -childID 75 -isForBrowser -prefsHandle 9412 -prefMapHandle 9388 -prefsLen 27555 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {32d26f9b-a5a2-4f65-8948-2ba41b56b63c} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8024 1c0a6b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.79.1215797427\559339152" -childID 76 -isForBrowser -prefsHandle 4808 -prefMapHandle 3976 -prefsLen 27555 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a81b9031-942c-4ce7-b1b7-afee7416f394} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 4936 1cb26b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.80.1730271394\1296306433" -childID 77 -isForBrowser -prefsHandle 8068 -prefMapHandle 3692 -prefsLen 27763 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {001e7020-7e64-4e4a-a952-6e74184cdef7} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 3596 ff25658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.81.1706215068\855145825" -childID 78 -isForBrowser -prefsHandle 8648 -prefMapHandle 3620 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {cfdf62c1-9bc3-471e-966d-52df66ad83ae} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 2664 1cce7b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.82.1976915920\1548502760" -childID 79 -isForBrowser -prefsHandle 9180 -prefMapHandle 6020 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f47d467d-303b-4eae-ac8c-3b9638d27ecf} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8076 1de5b058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.83.768869321\1321339035" -childID 80 -isForBrowser -prefsHandle 8748 -prefMapHandle 5352 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e647d498-989d-476d-bb00-f088b1600426} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8268 1f222e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.84.1222827340\1632607080" -childID 81 -isForBrowser -prefsHandle 8808 -prefMapHandle 8740 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {011f4d24-fa53-438d-b3ed-33ac9b3c9d7c} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9096 2028d558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.85.404024039\610960676" -childID 82 -isForBrowser -prefsHandle 9068 -prefMapHandle 1764 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bae2ff8e-1720-4a5c-804f-f9c9b02e8665} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8748 228ee858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.86.272059998\2007236922" -childID 83 -isForBrowser -prefsHandle 9404 -prefMapHandle 8284 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0d37ff0e-559c-44d2-aa27-7060b9c815d0} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8336 1cce7258 tab
C:\Users\Admin\Downloads\Setup.exe
"C:\Users\Admin\Downloads\Setup.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C netsh http add urlacl url=http://+:9007/ user=Everyone
C:\Windows\SysWOW64\netsh.exe
netsh http add urlacl url=http://+:9007/ user=Everyone
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.87.1283952426\186945422" -childID 84 -isForBrowser -prefsHandle 5784 -prefMapHandle 8044 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {27dee556-eaff-49f7-8801-f7be9d6f847f} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 4680 2026a358 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.88.83341185\248620756" -childID 85 -isForBrowser -prefsHandle 3692 -prefMapHandle 4688 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1b257843-9394-4283-a406-6c811539ca47} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8180 21436f58 tab
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe
"C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe" --install --geo=
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.89.522647982\327737288" -childID 86 -isForBrowser -prefsHandle 4168 -prefMapHandle 8940 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {14dc4758-74e5-467e-a2a5-c534eb437611} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8800 1cceab58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.90.1387333132\41930835" -childID 87 -isForBrowser -prefsHandle 8768 -prefMapHandle 9128 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {96ea5ce2-101c-4c84-a7ec-65324f6e301a} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 4480 21d53858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.91.534295857\1517707732" -childID 88 -isForBrowser -prefsHandle 5740 -prefMapHandle 9248 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {20c7b088-d169-47e5-a41a-6ade58e0ce93} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9500 229d5b58 tab
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe
"C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe" --afterinstall
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.92.1817661949\826111138" -childID 89 -isForBrowser -prefsHandle 9636 -prefMapHandle 8784 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8f82b72e-6b55-46cc-a32e-4dbb2f110a6c} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 9280 228eeb58 tab
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x534
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://webcompanion.com/en/install.php?partner=IN250101&campaign=18264794070&
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" https://webcompanion.com/en/install.php?partner=IN250101&campaign=18264794070&
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.93.781130921\1536554469" -childID 90 -isForBrowser -prefsHandle 9104 -prefMapHandle 3788 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a686cdd0-e7f5-481d-8198-1dad99ea952e} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 3836 1cee6b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.94.2126351425\1654225757" -childID 91 -isForBrowser -prefsHandle 8732 -prefMapHandle 8388 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {63cbc1ae-3542-4119-8103-0e53eee44d03} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8672 24461558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.95.1252132044\1126186967" -childID 92 -isForBrowser -prefsHandle 8376 -prefMapHandle 2956 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5671d004-0c07-4d71-b566-cab2952b627d} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 988 24463c58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3180.96.786073384\409259969" -childID 93 -isForBrowser -prefsHandle 8228 -prefMapHandle 9220 -prefsLen 27821 -prefMapSize 233496 -jsInitHandle 844 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bd4d6ecf-8570-4f5c-bf68-18c006a16f39} 3180 "\\.\pipe\gecko-crash-server-pipe.3180" 8664 18ee4458 tab
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Windows\system32\wscript.exe
"C:\Windows\system32\wscript.exe" /nologo "C:\Users\Admin\AppData\Local\Temp\D24D6AB0\_tin6613.vbs"
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Users\Admin\AppData\Local\Temp\D24D6AB0\T0006_checkver.exe
"C:\Users\Admin\AppData\Local\Temp\D24D6AB0\T0006_checkver.exe"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoLogo -Command -
C:\Windows\system32\reg.exe
"C:\Windows\system32\reg.exe" add HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard /v EnableVirtualizationBasedSecurity /t REG_DWORD /d 0 /f
C:\Windows\system32\reg.exe
"C:\Windows\system32\reg.exe" add HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity /v Enabled /t REG_DWORD /d 0 /f
C:\ProgramData\Uninstall\{BFEB483E-1D6F-4A10-9D35-AA73EB950523}\x64\regsvr32.exe
"C:\ProgramData\Uninstall\{BFEB483E-1D6F-4A10-9D35-AA73EB950523}\x64\regsvr32.exe" "C:\Program Files\ASTER\mutesv.dll" /r
C:\Program Files\ASTER\mutesv.exe
"C:\Program Files\ASTER\mutesv.exe" POSTINSTALL
C:\Program Files\ASTER\mutewizard.exe
"C:\Program Files\ASTER\mutewizard.exe" 2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7279758,0x7fef7279768,0x7fef7279778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1152 --field-trial-handle=1284,i,9775447407482136768,16228845025813056686,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1516 --field-trial-handle=1284,i,9775447407482136768,16228845025813056686,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1644 --field-trial-handle=1284,i,9775447407482136768,16228845025813056686,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2304 --field-trial-handle=1284,i,9775447407482136768,16228845025813056686,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2460 --field-trial-handle=1284,i,9775447407482136768,16228845025813056686,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1332 --field-trial-handle=1284,i,9775447407482136768,16228845025813056686,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3300 --field-trial-handle=1284,i,9775447407482136768,16228845025813056686,131072 /prefetch:1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.0.1666862248\1294887837" -parentBuildID 20221007134813 -prefsHandle 1128 -prefMapHandle 1120 -prefsLen 22129 -prefMapSize 234008 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3ad9d927-1c70-4c08-890b-e042d12c3c2f} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 1192 44e6e58 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.1.328595825\67112298" -parentBuildID 20221007134813 -prefsHandle 1348 -prefMapHandle 1344 -prefsLen 22174 -prefMapSize 234008 -appDir "C:\Program Files\Mozilla Firefox\browser" - {814587a9-ea65-4205-8cfd-a520f9d3d295} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 1360 ee6b58 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.2.50401181\51210273" -childID 1 -isForBrowser -prefsHandle 1852 -prefMapHandle 1776 -prefsLen 22637 -prefMapSize 234008 -jsInitHandle 724 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7ebc7da0-8450-41f0-9d69-8970830f0371} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 1840 4569158 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.3.273763473\312119042" -childID 2 -isForBrowser -prefsHandle 2448 -prefMapHandle 2444 -prefsLen 27673 -prefMapSize 234008 -jsInitHandle 724 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5fd4b4c8-f24c-4860-ac24-2e77b1439aea} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 2460 e61c58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.4.1085069713\391576159" -childID 3 -isForBrowser -prefsHandle 3104 -prefMapHandle 3092 -prefsLen 27750 -prefMapSize 234008 -jsInitHandle 724 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {91156d61-4c85-4dfe-bbf6-f6df0df2c453} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 3116 1e147e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.5.727108137\1864658958" -childID 4 -isForBrowser -prefsHandle 3476 -prefMapHandle 3496 -prefsLen 27789 -prefMapSize 234008 -jsInitHandle 724 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {45739daf-8fab-4123-9cb8-60dd02a10696} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 3492 20603b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.6.579655255\1365340928" -childID 5 -isForBrowser -prefsHandle 3788 -prefMapHandle 3784 -prefsLen 27712 -prefMapSize 234008 -jsInitHandle 724 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c7c69411-5f25-4e5d-a4ed-f04b18016658} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 3800 20297c58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.7.586028892\796676241" -childID 6 -isForBrowser -prefsHandle 3172 -prefMapHandle 3184 -prefsLen 27712 -prefMapSize 234008 -jsInitHandle 724 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9079c539-2d63-49a0-b0d8-24702035b1aa} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 3168 1ef81258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.8.460602398\1103671109" -childID 7 -isForBrowser -prefsHandle 4016 -prefMapHandle 3828 -prefsLen 27712 -prefMapSize 234008 -jsInitHandle 724 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5a3a9a1f-6992-4f52-b64e-b5c5f0e6233f} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 3756 1f284e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.9.985359857\2111512037" -childID 8 -isForBrowser -prefsHandle 3180 -prefMapHandle 3172 -prefsLen 27712 -prefMapSize 234008 -jsInitHandle 724 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5f289eb2-f8f9-4188-bdd0-3aa56ae7c465} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 4112 207bc358 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.10.1874101781\346484273" -childID 9 -isForBrowser -prefsHandle 4100 -prefMapHandle 4092 -prefsLen 27712 -prefMapSize 234008 -jsInitHandle 724 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {eaadb9b4-5e6d-4bd6-b58a-7cd1f0e1a466} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 4004 207bde58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1376.11.1777240635\825651068" -childID 10 -isForBrowser -prefsHandle 3200 -prefMapHandle 3824 -prefsLen 27712 -prefMapSize 234008 -jsInitHandle 724 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a6ca1dd0-55dd-4053-adaf-878577148ab0} 1376 "\\.\pipe\gecko-crash-server-pipe.1376" 4112 1f287558 tab
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| N/A | 127.0.0.1:49187 | tcp | |
| N/A | 127.0.0.1:49195 | tcp | |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | getpocket.cdn.mozilla.net | udp |
| IE | 52.142.124.215:80 | duckduckgo.com | tcp |
| IE | 52.142.124.215:80 | duckduckgo.com | tcp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 34.120.5.221:443 | getpocket.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.117.121.53:443 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | improving.duckduckgo.com | udp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| IE | 20.223.54.233:443 | links.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 104.22.36.240:443 | limewire.com | tcp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | js.stripe.com | udp |
| US | 151.101.64.176:443 | js.stripe.com | tcp |
| US | 8.8.8.8:53 | stripecdn.map.fastly.net | udp |
| US | 8.8.8.8:53 | stripecdn.map.fastly.net | udp |
| US | 8.8.8.8:53 | api.limewire.com | udp |
| US | 151.101.64.176:443 | stripecdn.map.fastly.net | udp |
| US | 104.22.36.240:443 | api.limewire.com | tcp |
| US | 8.8.8.8:53 | api.limewire.com | udp |
| US | 8.8.8.8:53 | api.limewire.com | udp |
| US | 8.8.8.8:53 | api.limewire.com | udp |
| US | 8.8.8.8:53 | api.limewire.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| DE | 172.217.18.99:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| DE | 172.217.18.99:443 | www.google.co.uk | udp |
| BE | 142.251.168.155:443 | stats.g.doubleclick.net | tcp |
| BE | 142.251.168.155:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | m.stripe.network | udp |
| US | 151.101.192.176:443 | m.stripe.network | tcp |
| US | 8.8.8.8:53 | m.stripe.com | udp |
| US | 44.239.106.85:443 | m.stripe.com | tcp |
| US | 8.8.8.8:53 | m.stripe.com | udp |
| US | 8.8.8.8:53 | m.stripe.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | m.stripe.com | udp |
| US | 8.8.8.8:53 | m.stripe.com | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| US | 8.8.8.8:53 | limewire.fyi | udp |
| US | 8.8.8.8:53 | limewire.fyi | udp |
| SE | 185.130.46.37:443 | limewire.fyi | tcp |
| US | 8.8.8.8:53 | limewire.fyi | udp |
| US | 8.8.8.8:53 | cdn.usefathom.com | udp |
| SE | 185.130.46.37:443 | limewire.fyi | tcp |
| SE | 185.130.46.37:443 | limewire.fyi | tcp |
| SE | 185.130.46.37:443 | limewire.fyi | tcp |
| SE | 185.130.46.37:443 | limewire.fyi | tcp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | limewire.pro | udp |
| GB | 79.127.237.132:443 | cdn.usefathom.com | tcp |
| US | 8.8.8.8:53 | fathom-cdn.b-cdn.net | udp |
| US | 151.101.194.137:443 | code.jquery.com | tcp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| SE | 185.130.46.37:443 | limewire.pro | tcp |
| US | 8.8.8.8:53 | limewire.pro | udp |
| US | 8.8.8.8:53 | fathom-cdn.b-cdn.net | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | limewire.pro | udp |
| SE | 185.130.46.37:443 | limewire.pro | tcp |
| US | 8.8.8.8:53 | web.archive.org | udp |
| SG | 207.241.237.3:80 | web.archive.org | tcp |
| US | 8.8.8.8:53 | web.archive.org | udp |
| US | 8.8.8.8:53 | web.archive.org | udp |
| US | 8.8.8.8:53 | web.archive.org | udp |
| SG | 207.241.237.3:80 | web.archive.org | tcp |
| US | 8.8.8.8:53 | web.archive.org | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| DE | 142.250.185.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| DE | 142.250.185.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| N/A | 127.0.0.1:50331 | tcp | |
| N/A | 127.0.0.1:50354 | tcp | |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 172.67.26.165:443 | limewire.com | tcp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | js.stripe.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 151.101.0.176:443 | js.stripe.com | tcp |
| US | 8.8.8.8:53 | stripecdn.map.fastly.net | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | api.limewire.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 151.101.0.176:443 | stripecdn.map.fastly.net | udp |
| US | 172.67.26.165:443 | limewire.com | tcp |
| US | 8.8.8.8:53 | api.limewire.com | udp |
| US | 8.8.8.8:53 | o4505008135340032.ingest.sentry.io | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 34.120.195.249:443 | o4505008135340032.ingest.sentry.io | tcp |
| US | 8.8.8.8:53 | o4505008135340032.ingest.sentry.io | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | o4505008135340032.ingest.sentry.io | udp |
| US | 34.120.195.249:443 | o4505008135340032.ingest.sentry.io | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | api.limewire.com | udp |
| DE | 172.217.18.99:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | api.limewire.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| DE | 172.217.18.99:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | api.limewire.com | udp |
| US | 8.8.8.8:53 | api.limewire.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | api.limewire.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | o4505008135340032.ingest.sentry.io | udp |
| US | 8.8.8.8:53 | api.limewire.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 34.120.195.249:443 | o4505008135340032.ingest.sentry.io | udp |
| US | 8.8.8.8:53 | o4505008135340032.ingest.sentry.io | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | api.limewire.com | udp |
| US | 8.8.8.8:53 | api.limewire.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | support.mozilla.org | udp |
| US | 8.8.8.8:53 | www.mozilla.org | udp |
| US | 8.8.8.8:53 | wiki.mozilla.org | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | www-mozilla.fastly-edge.com | udp |
| US | 8.8.8.8:53 | prod.wikimo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | www-mozilla.fastly-edge.com | udp |
| US | 8.8.8.8:53 | prod.wikimo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | api.limewire.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | api.limewire.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | limewire.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| IE | 20.223.54.233:443 | links.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| US | 8.8.8.8:53 | improving.duckduckgo.com | udp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| US | 8.8.8.8:53 | freesoft.ru | udp |
| US | 104.21.1.148:443 | freesoft.ru | tcp |
| US | 8.8.8.8:53 | freesoft.ru | udp |
| US | 8.8.8.8:53 | freesoft.ru | udp |
| US | 104.21.1.148:443 | freesoft.ru | udp |
| US | 8.8.8.8:53 | counter.yadro.ru | udp |
| US | 8.8.8.8:53 | counter.yadro.ru | udp |
| US | 8.8.8.8:53 | counter.yadro.ru | udp |
| US | 8.8.8.8:53 | onesignal.com | udp |
| US | 8.8.8.8:53 | onesignal.com | udp |
| US | 8.8.8.8:53 | onesignal.com | udp |
| RU | 88.212.202.52:443 | counter.yadro.ru | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| RU | 88.212.202.52:443 | counter.yadro.ru | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| RU | 88.212.202.52:443 | counter.yadro.ru | tcp |
| RU | 88.212.202.52:443 | counter.yadro.ru | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | freesoft.ru | udp |
| US | 8.8.8.8:53 | freesoft.ru | udp |
| RU | 88.212.202.52:443 | counter.yadro.ru | tcp |
| RU | 88.212.202.52:443 | counter.yadro.ru | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| RU | 88.212.202.52:443 | counter.yadro.ru | tcp |
| RU | 88.212.202.52:443 | counter.yadro.ru | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 151.101.193.229:443 | jsdelivr.map.fastly.net | tcp |
| US | 151.101.193.229:443 | jsdelivr.map.fastly.net | udp |
| RU | 88.212.201.204:443 | counter.yadro.ru | tcp |
| RU | 88.212.201.204:443 | counter.yadro.ru | tcp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| RU | 87.250.251.119:443 | mc.yandex.ru | tcp |
| RU | 87.250.251.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| RU | 87.250.251.119:443 | mc.yandex.ru | tcp |
| RU | 87.250.251.119:443 | mc.yandex.ru | tcp |
| RU | 87.250.251.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | dl.freesoftru.net | udp |
| FR | 92.204.40.173:443 | dl.freesoftru.net | tcp |
| US | 8.8.8.8:53 | dl.freesoftru.net | udp |
| US | 8.8.8.8:53 | dl.freesoftru.net | udp |
| US | 8.8.8.8:53 | downloader.yandex.net | udp |
| RU | 5.45.205.243:80 | downloader.yandex.net | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | cachev2-rad-01.cdn.yandex.net | udp |
| FI | 5.45.192.4:80 | cachev2-rad-01.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | net.geo.opera.com | udp |
| NL | 185.26.182.112:443 | net.geo.opera.com | tcp |
| US | 8.8.8.8:53 | eu.net.opera.com | udp |
| US | 8.8.8.8:53 | eu.net.opera.com | udp |
| US | 8.8.8.8:53 | cachev2-kiv-01.cdn.yandex.net | udp |
| FI | 5.45.192.133:80 | cachev2-kiv-01.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| RU | 88.212.201.204:443 | counter.yadro.ru | tcp |
| RU | 88.212.201.204:443 | counter.yadro.ru | tcp |
| US | 8.8.8.8:53 | cachev2-ams21.cdn.yandex.net | udp |
| NL | 5.45.247.25:80 | cachev2-ams21.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | clck.yandex.ru | udp |
| RU | 87.250.251.14:80 | clck.yandex.ru | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| RU | 88.212.201.204:443 | counter.yadro.ru | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| RU | 5.45.205.243:80 | downloader.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-rad-03.cdn.yandex.net | udp |
| FI | 5.45.192.8:80 | cachev2-rad-03.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-rad-05.cdn.yandex.net | udp |
| FI | 5.45.192.12:80 | cachev2-rad-05.cdn.yandex.net | tcp |
| RU | 5.45.205.243:80 | downloader.yandex.net | tcp |
| RU | 5.45.205.243:80 | downloader.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-ams22.cdn.yandex.net | udp |
| NL | 5.45.247.27:80 | cachev2-ams22.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-fra-02.cdn.yandex.net | udp |
| DE | 5.45.200.105:80 | cachev2-fra-02.cdn.yandex.net | tcp |
| DE | 5.45.200.105:80 | cachev2-fra-02.cdn.yandex.net | tcp |
| RU | 87.250.251.14:80 | clck.yandex.ru | tcp |
| US | 8.8.8.8:53 | cachev2-kiv-05.cdn.yandex.net | udp |
| FI | 5.45.192.144:80 | cachev2-kiv-05.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| RU | 87.250.251.14:80 | clck.yandex.ru | tcp |
| US | 8.8.8.8:53 | mikescher.com | udp |
| DE | 202.61.238.14:443 | mikescher.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| RU | 5.45.205.243:80 | downloader.yandex.net | tcp |
| RU | 87.250.251.14:80 | clck.yandex.ru | tcp |
| US | 104.21.1.148:443 | freesoft.ru | udp |
| RU | 88.212.201.198:443 | counter.yadro.ru | tcp |
| RU | 88.212.201.198:443 | counter.yadro.ru | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| RU | 88.212.201.198:443 | counter.yadro.ru | tcp |
| RU | 88.212.201.198:443 | counter.yadro.ru | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| RU | 88.212.201.198:443 | counter.yadro.ru | tcp |
| RU | 88.212.201.198:443 | counter.yadro.ru | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | ipatovsoft.ucoz.ru | udp |
| RU | 195.216.243.102:80 | ipatovsoft.ucoz.ru | tcp |
| RU | 195.216.243.102:80 | ipatovsoft.ucoz.ru | tcp |
| US | 8.8.8.8:53 | ipatovsoft.ucoz.ru | udp |
| US | 8.8.8.8:53 | ipatovsoft.ucoz.ru | udp |
| US | 8.8.8.8:53 | ipatovsoft.ucoz.ru | udp |
| RU | 195.216.243.102:443 | ipatovsoft.ucoz.ru | tcp |
| US | 8.8.8.8:53 | ipatovsoft.ucoz.ru | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| DE | 172.217.16.202:443 | ajax.googleapis.com | tcp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| DE | 172.217.16.202:443 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| RU | 93.158.134.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| RU | 87.250.250.119:443 | mc.yandex.com | tcp |
| RU | 87.250.250.119:443 | mc.yandex.com | tcp |
| US | 8.8.8.8:53 | adfstat.yandex.ru | udp |
| RU | 87.250.250.145:443 | adfstat.yandex.ru | tcp |
| US | 8.8.8.8:53 | adfstat.yandex.ru | udp |
| US | 8.8.8.8:53 | adfstat.yandex.ru | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| GB | 88.221.135.33:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | e86303.dscx.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e86303.dscx.akamaiedge.net | udp |
| GB | 88.221.135.33:443 | e86303.dscx.akamaiedge.net | udp |
| US | 8.8.8.8:53 | www.360totalsecurity.com | udp |
| CN | 106.63.24.72:443 | www.360totalsecurity.com | tcp |
| US | 8.8.8.8:53 | www.360totalsecurity.com | udp |
| CN | 106.63.24.72:443 | www.360totalsecurity.com | tcp |
| US | 8.8.8.8:53 | www.360totalsecurity.com | udp |
| US | 8.8.8.8:53 | auth.simperium.com | udp |
| US | 192.0.84.247:443 | auth.simperium.com | tcp |
| CN | 106.63.24.72:443 | www.360totalsecurity.com | tcp |
| CN | 106.63.24.72:443 | www.360totalsecurity.com | tcp |
| US | 8.8.8.8:53 | www.softportal.com | udp |
| US | 172.67.70.92:443 | www.softportal.com | tcp |
| US | 8.8.8.8:53 | www.softportal.com | udp |
| US | 8.8.8.8:53 | www.softportal.com | udp |
| US | 172.67.70.92:443 | www.softportal.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | spload.site | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| DE | 142.250.186.46:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | plus.l.google.com | udp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | plus.l.google.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 199.59.243.228:443 | spload.site | tcp |
| US | 8.8.8.8:53 | 77980.bodis.com | udp |
| US | 8.8.8.8:53 | 77980.bodis.com | udp |
| DE | 142.250.186.46:443 | plus.l.google.com | udp |
| US | 8.8.8.8:53 | counter.yadro.ru | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | counter.yadro.ru | udp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| US | 151.101.65.229:443 | jsdelivr.map.fastly.net | udp |
| RU | 88.212.202.52:443 | counter.yadro.ru | tcp |
| FR | 163.70.128.23:443 | scontent.xx.fbcdn.net | tcp |
| RU | 88.212.202.52:443 | counter.yadro.ru | tcp |
| FR | 163.70.128.23:443 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| FR | 163.70.128.23:443 | scontent.xx.fbcdn.net | tcp |
| RU | 77.88.21.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| RU | 77.88.21.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| DE | 172.217.18.99:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| DE | 142.250.186.46:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| DE | 172.217.18.99:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| DE | 142.250.186.46:443 | www3.l.google.com | udp |
| BE | 142.251.168.156:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| DE | 142.250.186.97:443 | lh3.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | googlehosted.l.googleusercontent.com | udp |
| BE | 142.251.168.156:443 | stats.g.doubleclick.net | udp |
| DE | 142.250.186.97:443 | googlehosted.l.googleusercontent.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| DE | 142.250.186.162:443 | googleads.g.doubleclick.net | tcp |
| DE | 142.250.186.162:443 | googleads.g.doubleclick.net | tcp |
| DE | 142.250.186.162:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| DE | 142.250.186.162:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| DE | 142.250.185.161:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| DE | 142.250.185.161:443 | tpc.googlesyndication.com | udp |
| US | 199.59.243.228:443 | 77980.bodis.com | tcp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| DE | 172.217.16.134:443 | s0.2mdn.net | tcp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| DE | 172.217.16.134:443 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| RU | 88.212.202.52:443 | counter.yadro.ru | tcp |
| DE | 142.250.186.98:443 | www.googletagservices.com | tcp |
| DE | 142.250.186.98:443 | www.googletagservices.com | udp |
| RU | 88.212.202.52:443 | counter.yadro.ru | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| DE | 142.250.186.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.softportal.com | udp |
| US | 8.8.8.8:53 | www.softportal.com | udp |
| DE | 142.250.186.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| DE | 142.250.185.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| DE | 142.250.185.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | adclick.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | easyprint.app | udp |
| US | 8.8.8.8:53 | adclick.g.doubleclick.net | udp |
| GB | 18.165.227.56:443 | easyprint.app | tcp |
| US | 8.8.8.8:53 | easyprint.app | udp |
| US | 8.8.8.8:53 | adclick.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | easyprint.app | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | cdn.easyprint.app | udp |
| US | 8.8.8.8:53 | containers.easyprint.app | udp |
| GB | 18.245.143.4:443 | containers.easyprint.app | tcp |
| US | 8.8.8.8:53 | d1bhiuzzocuycl.cloudfront.net | udp |
| IE | 3.162.140.80:443 | cdn.easyprint.app | tcp |
| US | 8.8.8.8:53 | d113e6q5xjybrb.cloudfront.net | udp |
| US | 8.8.8.8:53 | d1bhiuzzocuycl.cloudfront.net | udp |
| US | 8.8.8.8:53 | d113e6q5xjybrb.cloudfront.net | udp |
| US | 199.59.243.228:443 | 77980.bodis.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | cloudfront.easyprint.app | udp |
| IE | 13.224.68.107:443 | cloudfront.easyprint.app | tcp |
| US | 8.8.8.8:53 | ds4zyig8wqbvu.cloudfront.net | udp |
| US | 8.8.8.8:53 | ds4zyig8wqbvu.cloudfront.net | udp |
| RU | 88.212.202.52:443 | counter.yadro.ru | tcp |
| RU | 88.212.202.52:443 | counter.yadro.ru | tcp |
| US | 8.8.8.8:53 | app.termly.io | udp |
| US | 104.18.31.234:443 | app.termly.io | tcp |
| US | 8.8.8.8:53 | p.easyprint.app | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | app.termly.io | udp |
| US | 8.8.8.8:53 | p.easyprint.app | udp |
| US | 8.8.8.8:53 | app.termly.io | udp |
| US | 8.8.8.8:53 | www.softportal.com | udp |
| DE | 142.250.185.228:443 | www.google.com | tcp |
| US | 172.67.128.139:443 | p.easyprint.app | tcp |
| US | 8.8.8.8:53 | p.easyprint.app | udp |
| US | 104.18.31.234:443 | app.termly.io | udp |
| DE | 142.250.185.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| DE | 142.250.185.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 172.67.128.139:443 | p.easyprint.app | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| DE | 172.217.18.99:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | app.termly.io | udp |
| US | 8.8.8.8:53 | app.termly.io | udp |
| US | 104.18.31.234:443 | app.termly.io | udp |
| DE | 142.250.185.226:443 | googleads.g.doubleclick.net | udp |
| DE | 172.217.18.99:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | app.termly.io | udp |
| US | 8.8.8.8:53 | app.termly.io | udp |
| US | 104.18.31.234:443 | app.termly.io | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| DE | 172.217.18.99:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| BE | 142.251.168.156:443 | stats.g.doubleclick.net | tcp |
| BE | 142.251.168.156:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | app.termly.io | udp |
| US | 8.8.8.8:53 | app.termly.io | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | app.termly.io | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | app.termly.io | udp |
| US | 8.8.8.8:53 | api.easyprint-api.app | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 35.169.127.81:443 | api.easyprint-api.app | tcp |
| US | 35.169.127.81:443 | api.easyprint-api.app | tcp |
| US | 8.8.8.8:53 | ext-services-9-1895588158.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | ext-services-9-1895588158.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | cdn.easyprint-cdn.app | udp |
| GB | 108.138.233.121:443 | cdn.easyprint-cdn.app | tcp |
| GB | 108.138.233.121:443 | cdn.easyprint-cdn.app | tcp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| DE | 142.250.186.66:443 | ade.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| DE | 142.250.186.66:443 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| RU | 88.212.201.198:443 | counter.yadro.ru | tcp |
| RU | 88.212.201.198:443 | counter.yadro.ru | tcp |
| US | 8.8.8.8:53 | msoft.sbs | udp |
| NL | 45.82.68.79:443 | msoft.sbs | tcp |
| US | 8.8.8.8:53 | msoft.sbs | udp |
| US | 8.8.8.8:53 | msoft.sbs | udp |
| US | 8.8.8.8:53 | t1mnsft.com | udp |
| US | 172.67.194.176:443 | t1mnsft.com | tcp |
| US | 8.8.8.8:53 | t1mnsft.com | udp |
| US | 8.8.8.8:53 | t1mnsft.com | udp |
| US | 172.67.194.176:443 | t1mnsft.com | udp |
| US | 8.8.8.8:53 | dwnld5.t1mnsft.com | udp |
| US | 8.8.8.8:53 | dwnld5.t1mnsft.com | udp |
| US | 104.21.34.11:443 | dwnld5.t1mnsft.com | tcp |
| US | 8.8.8.8:53 | dwnld5.t1mnsft.com | udp |
| US | 104.21.34.11:443 | dwnld5.t1mnsft.com | udp |
| US | 8.8.8.8:53 | quickspeedtest.net | udp |
| US | 104.26.12.19:443 | quickspeedtest.net | tcp |
| US | 8.8.8.8:53 | quickspeedtest.net | udp |
| US | 8.8.8.8:53 | quickspeedtest.net | udp |
| US | 8.8.8.8:53 | drda.quickspeedtest.net | udp |
| US | 104.26.13.19:443 | drda.quickspeedtest.net | tcp |
| US | 8.8.8.8:53 | drda.quickspeedtest.net | udp |
| US | 8.8.8.8:53 | drda.quickspeedtest.net | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | containers.quickspeedtest.net | udp |
| US | 8.8.8.8:53 | script.crazyegg.com | udp |
| US | 8.8.8.8:53 | cdn.quickspeedtest-cdn.net | udp |
| US | 151.101.66.137:443 | code.jquery.com | tcp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| IE | 18.66.171.15:443 | containers.quickspeedtest.net | tcp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | cloudfront.quickspeedtest.net | udp |
| IE | 13.224.68.76:443 | cloudfront.quickspeedtest.net | tcp |
| RU | 88.212.201.198:443 | counter.yadro.ru | tcp |
| US | 8.8.8.8:53 | script.crazyegg.com.cdn.cloudflare.net | udp |
| IE | 3.162.140.101:443 | cdn.quickspeedtest-cdn.net | tcp |
| RU | 88.212.201.198:443 | counter.yadro.ru | tcp |
| IE | 3.162.140.101:443 | cdn.quickspeedtest-cdn.net | tcp |
| US | 104.19.147.8:443 | script.crazyegg.com.cdn.cloudflare.net | tcp |
| US | 8.8.8.8:53 | cdn.quickspeedtest.net | udp |
| US | 8.8.8.8:53 | app.termly.io | udp |
| US | 104.19.147.8:443 | script.crazyegg.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | p.quickspeedtest.net | udp |
| US | 104.19.147.8:443 | script.crazyegg.com.cdn.cloudflare.net | tcp |
| IE | 3.162.140.32:443 | cdn.quickspeedtest.net | tcp |
| IE | 3.162.140.32:443 | cdn.quickspeedtest.net | tcp |
| US | 8.8.8.8:53 | app.termly.io | udp |
| US | 104.18.31.234:443 | app.termly.io | tcp |
| DE | 142.250.185.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | p.quickspeedtest.net | udp |
| US | 172.67.69.227:443 | p.quickspeedtest.net | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | p.quickspeedtest.net | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 104.18.31.234:443 | app.termly.io | udp |
| DE | 142.250.185.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| DE | 172.217.18.99:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | app.termly.io | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 104.18.31.234:443 | app.termly.io | tcp |
| US | 104.18.31.234:443 | app.termly.io | udp |
| US | 104.18.31.234:443 | app.termly.io | tcp |
| US | 8.8.8.8:53 | app.termly.io | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| DE | 172.217.18.99:443 | www.google.co.uk | udp |
| BE | 142.251.168.156:443 | stats.g.doubleclick.net | tcp |
| BE | 142.251.168.156:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 104.21.34.11:443 | dwnld5.t1mnsft.com | udp |
| RU | 88.212.201.198:443 | counter.yadro.ru | tcp |
| RU | 88.212.201.198:443 | counter.yadro.ru | tcp |
| US | 8.8.8.8:53 | www.softportal.com | udp |
| US | 8.8.8.8:53 | www.softportal.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | config.telamoncleaner.com | udp |
| RU | 5.189.239.208:443 | config.telamoncleaner.com | tcp |
| US | 8.8.8.8:53 | app.termly.io | udp |
| US | 8.8.8.8:53 | app.termly.io | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| RU | 88.212.201.204:443 | counter.yadro.ru | tcp |
| RU | 88.212.201.204:443 | counter.yadro.ru | tcp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| DE | 142.250.186.46:443 | www3.l.google.com | udp |
| US | 199.59.243.228:443 | 77980.bodis.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| DE | 142.250.186.98:443 | www.googletagservices.com | udp |
| RU | 88.212.201.204:443 | counter.yadro.ru | tcp |
| DE | 142.250.186.34:443 | securepubads.g.doubleclick.net | udp |
| DE | 142.250.186.46:443 | www3.l.google.com | udp |
| RU | 88.212.201.204:443 | counter.yadro.ru | tcp |
| DE | 142.250.186.46:443 | www3.l.google.com | tcp |
| DE | 142.250.185.161:443 | tpc.googlesyndication.com | udp |
| DE | 142.250.185.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| DE | 172.217.18.99:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 199.59.243.228:443 | 77980.bodis.com | tcp |
| US | 151.101.65.229:443 | jsdelivr.map.fastly.net | udp |
| RU | 88.212.202.52:443 | counter.yadro.ru | tcp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | www.softportal.com | udp |
| RU | 88.212.201.204:443 | counter.yadro.ru | tcp |
| US | 8.8.8.8:53 | www.softportal.com | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| RU | 88.212.202.52:443 | counter.yadro.ru | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| RU | 88.212.202.52:443 | counter.yadro.ru | tcp |
| RU | 88.212.202.52:443 | counter.yadro.ru | tcp |
| DE | 142.250.184.225:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| RU | 88.212.202.52:443 | counter.yadro.ru | tcp |
| DE | 142.250.184.225:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | geteasyshare.app | udp |
| GB | 99.86.114.103:443 | geteasyshare.app | tcp |
| US | 8.8.8.8:53 | geteasyshare.app | udp |
| US | 8.8.8.8:53 | geteasyshare.app | udp |
| US | 8.8.8.8:53 | cdn.geteasyshare.app | udp |
| US | 8.8.8.8:53 | containers.geteasyshare.app | udp |
| IE | 18.66.171.15:443 | containers.geteasyshare.app | tcp |
| US | 8.8.8.8:53 | d1bhiuzzocuycl.cloudfront.net | udp |
| GB | 108.138.233.86:443 | cdn.geteasyshare.app | tcp |
| US | 8.8.8.8:53 | d113e6q5xjybrb.cloudfront.net | udp |
| US | 8.8.8.8:53 | d113e6q5xjybrb.cloudfront.net | udp |
| US | 8.8.8.8:53 | cloudfront.geteasyshare.app | udp |
| GB | 108.138.217.13:443 | cloudfront.geteasyshare.app | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| US | 199.59.243.228:443 | 77980.bodis.com | tcp |
| BR | 172.217.28.163:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| RU | 88.212.202.52:443 | counter.yadro.ru | tcp |
| BR | 172.217.28.163:443 | csi.gstatic.com | tcp |
| RU | 88.212.202.52:443 | counter.yadro.ru | tcp |
| BR | 172.217.28.163:443 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | app.termly.io | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | p.geteasyshare.app | udp |
| DE | 142.250.185.228:443 | www.google.com | tcp |
| US | 104.18.30.234:443 | app.termly.io | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | app.termly.io | udp |
| US | 104.21.12.42:443 | p.geteasyshare.app | tcp |
| US | 8.8.8.8:53 | p.geteasyshare.app | udp |
| US | 8.8.8.8:53 | p.geteasyshare.app | udp |
| DE | 142.250.185.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.softportal.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | www.softportal.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 104.18.30.234:443 | app.termly.io | udp |
| US | 8.8.8.8:53 | app.termly.io | udp |
| US | 8.8.8.8:53 | app.termly.io | udp |
| US | 104.18.30.234:443 | app.termly.io | udp |
| US | 104.21.12.42:443 | p.geteasyshare.app | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | app.termly.io | udp |
| US | 8.8.8.8:53 | app.termly.io | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 172.67.194.176:443 | dwnld5.t1mnsft.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 104.21.34.11:443 | dwnld5.t1mnsft.com | udp |
| RU | 88.212.201.198:443 | counter.yadro.ru | tcp |
| RU | 88.212.201.198:443 | counter.yadro.ru | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| RU | 88.212.201.198:443 | counter.yadro.ru | tcp |
| RU | 88.212.201.198:443 | counter.yadro.ru | tcp |
| RU | 88.212.201.198:443 | counter.yadro.ru | tcp |
| RU | 88.212.201.198:443 | counter.yadro.ru | tcp |
| US | 8.8.8.8:53 | www.softportal.com | udp |
| US | 8.8.8.8:53 | www.softportal.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.bestfree.ru | udp |
| RU | 45.130.41.22:443 | www.bestfree.ru | tcp |
| US | 8.8.8.8:53 | www.bestfree.ru | udp |
| US | 8.8.8.8:53 | www.bestfree.ru | udp |
| US | 8.8.8.8:53 | yandex.ru | udp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| US | 8.8.8.8:53 | counter.yadro.ru | udp |
| DE | 142.250.186.46:443 | translate.google.com | tcp |
| RU | 77.88.44.55:443 | yandex.ru | tcp |
| US | 8.8.8.8:53 | yandex.ru | udp |
| US | 8.8.8.8:53 | counter.yadro.ru | udp |
| DE | 142.250.186.46:443 | translate.google.com | tcp |
| US | 8.8.8.8:53 | yandex.ru | udp |
| DE | 142.250.186.46:443 | translate.google.com | udp |
| DE | 142.250.186.46:443 | translate.google.com | udp |
| US | 8.8.8.8:53 | vk.com | udp |
| US | 8.8.8.8:53 | vk.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | vk.com | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| RU | 87.240.132.72:443 | vk.com | tcp |
| DE | 142.250.185.110:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| DE | 172.217.18.106:443 | translate.googleapis.com | tcp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| DE | 142.250.185.110:443 | youtube-ui.l.google.com | udp |
| BE | 64.233.184.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| DE | 172.217.18.106:443 | translate.googleapis.com | udp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| RU | 87.240.132.72:443 | vk.com | tcp |
| BE | 64.233.184.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| DE | 142.250.185.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| DE | 142.250.186.163:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| DE | 142.250.181.234:443 | translate-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| DE | 142.250.186.163:443 | ssl.gstatic.com | udp |
| DE | 142.250.181.234:443 | translate-pa.googleapis.com | udp |
| DE | 142.250.185.228:443 | www.google.com | udp |
| RU | 88.212.201.204:80 | counter.yadro.ru | tcp |
| RU | 87.240.132.72:443 | vk.com | tcp |
| RU | 88.212.201.204:80 | counter.yadro.ru | tcp |
| RU | 77.88.21.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | an.yandex.ru | udp |
| US | 8.8.8.8:53 | favicon.yandex.net | udp |
| RU | 213.180.193.90:443 | an.yandex.ru | tcp |
| US | 8.8.8.8:53 | an.yandex.ru | udp |
| RU | 87.250.247.181:443 | avatars.mds.yandex.net | tcp |
| RU | 77.88.21.36:443 | favicon.yandex.net | tcp |
| US | 8.8.8.8:53 | avatars.mds.yandex.net | udp |
| US | 8.8.8.8:53 | favicon.yandex.net | udp |
| US | 8.8.8.8:53 | an.yandex.ru | udp |
| US | 8.8.8.8:53 | avatars.mds.yandex.net | udp |
| US | 8.8.8.8:53 | favicon.yandex.net | udp |
| RU | 88.212.201.204:80 | counter.yadro.ru | tcp |
| RU | 88.212.201.204:80 | counter.yadro.ru | tcp |
| RU | 87.240.132.72:443 | vk.com | tcp |
| US | 8.8.8.8:53 | an.yandex.ru | udp |
| RU | 93.158.134.90:443 | an.yandex.ru | tcp |
| US | 8.8.8.8:53 | an.yandex.ru | udp |
| RU | 213.180.193.90:443 | an.yandex.ru | tcp |
| RU | 77.88.21.36:443 | favicon.yandex.net | tcp |
| US | 8.8.8.8:53 | an.yandex.ru | udp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| US | 8.8.8.8:53 | an.yandex.ru | udp |
| RU | 87.250.251.119:443 | mc.yandex.com | tcp |
| US | 8.8.8.8:53 | an.yandex.ru | udp |
| US | 8.8.8.8:53 | an.yandex.ru | udp |
| US | 8.8.8.8:53 | an.yandex.ru | udp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| US | 8.8.8.8:53 | ru-software.com | udp |
| CZ | 176.74.219.29:80 | ru-software.com | tcp |
| CZ | 176.74.219.29:80 | ru-software.com | tcp |
| US | 8.8.8.8:53 | ru-software.com | udp |
| CZ | 176.74.219.29:80 | ru-software.com | tcp |
| CZ | 176.74.219.29:80 | ru-software.com | tcp |
| CZ | 176.74.219.29:80 | ru-software.com | tcp |
| CZ | 176.74.219.29:80 | ru-software.com | tcp |
| US | 8.8.8.8:53 | ru-software.com | udp |
| DE | 142.250.184.225:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.softportal.com | udp |
| US | 8.8.8.8:53 | www.softportal.com | udp |
| US | 8.8.8.8:53 | www.ferra.ru | udp |
| US | 8.8.8.8:53 | ferra.ru | udp |
| RU | 81.19.72.53:443 | ferra.ru | tcp |
| RU | 81.19.72.53:443 | ferra.ru | tcp |
| US | 8.8.8.8:53 | ferra.ru | udp |
| US | 8.8.8.8:53 | ssp.rambler.ru | udp |
| US | 8.8.8.8:53 | quiz.rambler.ru | udp |
| RU | 91.192.149.12:443 | ssp.rambler.ru | tcp |
| US | 8.8.8.8:53 | ssp.rambler.ru | udp |
| US | 8.8.8.8:53 | quiz.rambler.ru | udp |
| US | 8.8.8.8:53 | quiz.rambler.ru | udp |
| US | 8.8.8.8:53 | st.top100.ru | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | www.tns-counter.ru | udp |
| US | 8.8.8.8:53 | counter.yadro.ru | udp |
| US | 8.8.8.8:53 | rcmjs.rambler.ru | udp |
| US | 8.8.8.8:53 | top-fwz1.mail.ru | udp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | www.tns-counter.ru | udp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| DE | 151.236.71.248:443 | st.top100.ru | tcp |
| US | 8.8.8.8:53 | www.tns-counter.ru | udp |
| US | 8.8.8.8:53 | counter.yadro.ru | udp |
| US | 8.8.8.8:53 | rcmjs.rambler.ru | udp |
| RU | 91.192.149.12:443 | ssp.rambler.ru | tcp |
| US | 8.8.8.8:53 | top-fwz1.mail.ru | udp |
| US | 8.8.8.8:53 | 2e2qdr4l9f.a.trbcdn.net | udp |
| US | 8.8.8.8:53 | rcmjs.rambler.ru | udp |
| US | 8.8.8.8:53 | top-fwz1.mail.ru | udp |
| US | 151.101.65.229:443 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | 2e2qdr4l9f.a.trbcdn.net | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | kraken.rambler.ru | udp |
| RU | 81.19.89.16:443 | kraken.rambler.ru | tcp |
| US | 8.8.8.8:53 | kraken.rambler.ru | udp |
| US | 8.8.8.8:53 | kraken.rambler.ru | udp |
| RU | 81.19.89.16:443 | kraken.rambler.ru | tcp |
| US | 8.8.8.8:53 | developers.rambler.ru | udp |
| US | 8.8.8.8:53 | id.rambler.ru | udp |
| US | 8.8.8.8:53 | comments.rambler.ru | udp |
| RU | 81.19.82.49:443 | comments.rambler.ru | tcp |
| RU | 81.19.82.49:443 | comments.rambler.ru | tcp |
| US | 8.8.8.8:53 | developers.rambler.ru | udp |
| US | 8.8.8.8:53 | comments.rambler.ru | udp |
| US | 8.8.8.8:53 | developers.rambler.ru | udp |
| US | 8.8.8.8:53 | id.rambler.ru | udp |
| RU | 81.19.82.49:443 | comments.rambler.ru | tcp |
| RU | 81.19.82.49:443 | comments.rambler.ru | tcp |
| RU | 81.19.82.54:443 | quiz.rambler.ru | tcp |
| RU | 194.226.130.228:443 | www.tns-counter.ru | tcp |
| RU | 194.226.130.228:443 | www.tns-counter.ru | tcp |
| RU | 194.226.130.228:443 | www.tns-counter.ru | tcp |
| RU | 88.212.201.204:443 | counter.yadro.ru | tcp |
| RU | 88.212.201.204:443 | counter.yadro.ru | tcp |
| RU | 95.163.52.67:443 | top-fwz1.mail.ru | tcp |
| RU | 81.19.82.57:443 | rcmjs.rambler.ru | tcp |
| RU | 93.158.134.119:443 | mc.yandex.ru | tcp |
| RU | 81.19.82.9:443 | developers.rambler.ru | tcp |
| RU | 81.19.78.77:443 | id.rambler.ru | tcp |
| RU | 93.158.134.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| RU | 81.19.78.77:443 | id.rambler.ru | tcp |
| RU | 81.19.82.54:443 | quiz.rambler.ru | tcp |
| RU | 194.226.130.228:443 | www.tns-counter.ru | tcp |
| RU | 194.226.130.228:443 | www.tns-counter.ru | tcp |
| RU | 81.19.82.57:443 | rcmjs.rambler.ru | tcp |
| RU | 81.19.82.9:443 | developers.rambler.ru | tcp |
| RU | 88.212.201.204:443 | counter.yadro.ru | tcp |
| RU | 88.212.201.204:443 | counter.yadro.ru | tcp |
| RU | 95.163.52.67:443 | top-fwz1.mail.ru | tcp |
| RU | 194.226.130.228:443 | www.tns-counter.ru | tcp |
| BE | 142.251.168.157:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| BE | 142.251.168.157:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | privacy-cs.mail.ru | udp |
| US | 8.8.8.8:53 | krf.r.mail.ru | udp |
| US | 8.8.8.8:53 | krf.r.mail.ru | udp |
| RU | 91.192.149.12:443 | ssp.rambler.ru | tcp |
| US | 8.8.8.8:53 | kraken.rambler.ru | udp |
| RU | 91.192.149.12:443 | ssp.rambler.ru | tcp |
| RU | 81.19.89.16:443 | kraken.rambler.ru | tcp |
| US | 8.8.8.8:53 | kraken.rambler.ru | udp |
| RU | 81.19.89.16:443 | kraken.rambler.ru | tcp |
| RU | 194.226.130.228:443 | www.tns-counter.ru | tcp |
| RU | 194.226.130.228:443 | www.tns-counter.ru | tcp |
| RU | 194.226.130.228:443 | www.tns-counter.ru | tcp |
| RU | 88.212.201.204:443 | counter.yadro.ru | tcp |
| RU | 88.212.201.204:443 | counter.yadro.ru | tcp |
| RU | 81.19.82.57:443 | rcmjs.rambler.ru | tcp |
| RU | 81.19.78.77:443 | id.rambler.ru | tcp |
| RU | 91.192.149.12:443 | ssp.rambler.ru | tcp |
| US | 8.8.8.8:53 | kraken.rambler.ru | udp |
| RU | 81.19.89.16:443 | kraken.rambler.ru | tcp |
| US | 8.8.8.8:53 | kraken.rambler.ru | udp |
| RU | 91.192.149.12:443 | ssp.rambler.ru | tcp |
| RU | 81.19.89.16:443 | kraken.rambler.ru | tcp |
| RU | 194.226.130.228:443 | www.tns-counter.ru | tcp |
| RU | 194.226.130.228:443 | www.tns-counter.ru | tcp |
| RU | 194.226.130.228:443 | www.tns-counter.ru | tcp |
| RU | 88.212.201.204:443 | counter.yadro.ru | tcp |
| RU | 88.212.201.204:443 | counter.yadro.ru | tcp |
| RU | 81.19.82.57:443 | rcmjs.rambler.ru | tcp |
| RU | 81.19.78.77:443 | id.rambler.ru | tcp |
| US | 8.8.8.8:53 | improving.duckduckgo.com | udp |
| US | 8.8.8.8:53 | improving.duckduckgo.com | udp |
| US | 8.8.8.8:53 | improving.duckduckgo.com | udp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | ipatovsoft.ucoz.ru | udp |
| RU | 195.216.243.102:443 | ipatovsoft.ucoz.ru | tcp |
| US | 8.8.8.8:53 | ipatovsoft.ucoz.ru | udp |
| US | 8.8.8.8:53 | ipatovsoft.ucoz.ru | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | ipatovsoft.ucoz.ru | udp |
| DE | 216.58.212.138:443 | ajax.googleapis.com | tcp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| DE | 216.58.212.138:443 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| IE | 20.223.54.233:443 | links.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | ipatovsoft.ucoz.ru | udp |
| US | 8.8.8.8:53 | ipatovsoft.ucoz.ru | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | ibiksoft.com | udp |
| AE | 20.203.123.248:443 | ibiksoft.com | tcp |
| US | 8.8.8.8:53 | ibiksoft.com | udp |
| DE | 142.250.185.110:443 | youtube-ui.l.google.com | tcp |
| DE | 142.250.185.110:443 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| DE | 172.217.18.2:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 142.250.186.106:443 | jnn-pa.googleapis.com | tcp |
| US | 142.250.186.106:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| DE | 142.250.185.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| DE | 142.250.74.214:443 | i.ytimg.com | tcp |
| DE | 172.217.16.193:443 | yt3.ggpht.com | tcp |
| DE | 172.217.18.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | photos-ugc.l.googleusercontent.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | photos-ugc.l.googleusercontent.com | udp |
| US | 142.250.186.106:443 | jnn-pa.googleapis.com | udp |
| DE | 142.250.185.228:443 | www.google.com | udp |
| DE | 142.250.74.214:443 | i.ytimg.com | udp |
| DE | 172.217.16.193:443 | photos-ugc.l.googleusercontent.com | udp |
| DE | 142.250.181.230:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| DE | 142.250.181.230:443 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 142.250.186.106:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| DE | 142.250.185.142:443 | play.google.com | tcp |
| DE | 142.250.185.142:443 | play.google.com | tcp |
| DE | 142.250.185.142:443 | play.google.com | tcp |
| DE | 142.250.185.142:443 | play.google.com | tcp |
| DE | 142.250.185.142:443 | play.google.com | tcp |
| DE | 142.250.185.142:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| DE | 142.250.185.142:443 | play.google.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| AE | 20.203.123.248:443 | ibiksoft.com | tcp |
| US | 8.8.8.8:53 | russoft.org | udp |
| RU | 158.160.3.4:443 | russoft.org | tcp |
| US | 8.8.8.8:53 | russoft.org | udp |
| US | 8.8.8.8:53 | russoft.org | udp |
| RU | 158.160.3.4:443 | russoft.org | tcp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| US | 8.8.8.8:53 | www.tazkranet.com | udp |
| US | 104.26.5.124:443 | www.tazkranet.com | tcp |
| US | 8.8.8.8:53 | www.tazkranet.com | udp |
| US | 8.8.8.8:53 | www.tazkranet.com | udp |
| US | 104.26.5.124:443 | www.tazkranet.com | udp |
| US | 104.26.13.42:443 | tdns5.gtranslate.net | tcp |
| US | 8.8.8.8:53 | tdns5.gtranslate.net | udp |
| US | 8.8.8.8:53 | tdns5.gtranslate.net | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | www.softodrom.ru | udp |
| US | 8.8.8.8:53 | www.softodrom.ru | udp |
| RU | 88.212.207.73:443 | www.softodrom.ru | tcp |
| US | 8.8.8.8:53 | www.softodrom.ru | udp |
| RU | 88.212.207.73:443 | www.softodrom.ru | tcp |
| US | 8.8.8.8:53 | update.telamoncleaner.com | udp |
| RU | 5.189.239.208:80 | update.telamoncleaner.com | tcp |
| IE | 20.223.54.233:443 | links.duckduckgo.com | tcp |
| IE | 20.223.54.233:443 | links.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | www.guru99.com | udp |
| US | 104.16.151.108:443 | www.guru99.com | tcp |
| US | 8.8.8.8:53 | pz3sdmtkaj.onrocket.site | udp |
| US | 8.8.8.8:53 | pz3sdmtkaj.onrocket.site | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| GB | 88.221.134.209:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| DE | 172.217.23.110:443 | youtube-ui.l.google.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| RU | 5.189.239.208:80 | update.telamoncleaner.com | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 104.16.151.108:443 | pz3sdmtkaj.onrocket.site | udp |
| US | 8.8.8.8:53 | tdns5.gtranslate.net | udp |
| US | 104.26.12.42:443 | tdns5.gtranslate.net | tcp |
| US | 8.8.8.8:53 | tdns5.gtranslate.net | udp |
| US | 104.26.12.42:443 | tdns5.gtranslate.net | tcp |
| DE | 172.217.23.110:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r4---sn-aigzrnsz.gvt1.com | udp |
| US | 8.8.8.8:53 | r4.sn-aigzrnsz.gvt1.com | udp |
| GB | 74.125.175.169:443 | r4.sn-aigzrnsz.gvt1.com | tcp |
| US | 8.8.8.8:53 | r4.sn-aigzrnsz.gvt1.com | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | cdn.convertbox.com | udp |
| US | 8.8.8.8:53 | s-part-0036.t-0009.t-msedge.net | udp |
| BE | 207.211.214.145:443 | cdn.convertbox.com | tcp |
| GB | 74.125.175.169:443 | r4.sn-aigzrnsz.gvt1.com | udp |
| US | 8.8.8.8:53 | s-part-0036.t-0009.t-msedge.net | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | convertbox.b-cdn.net | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| DE | 172.217.18.99:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | convertbox.b-cdn.net | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | app.convertbox.com | udp |
| US | 35.172.95.254:443 | app.convertbox.com | tcp |
| US | 8.8.8.8:53 | app.convertbox.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | app.convertbox.com | udp |
| DE | 172.217.18.99:443 | www.google.co.uk | udp |
| US | 13.107.246.64:443 | s-part-0036.t-0009.t-msedge.net | tcp |
| BE | 142.251.168.154:443 | stats.g.doubleclick.net | tcp |
| US | 13.107.246.64:443 | s-part-0036.t-0009.t-msedge.net | tcp |
| BE | 142.251.168.154:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| US | 8.8.8.8:53 | c-msn-pme.trafficmanager.net | udp |
| IE | 13.74.129.1:443 | c-msn-pme.trafficmanager.net | tcp |
| US | 8.8.8.8:53 | c-msn-pme.trafficmanager.net | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 150.171.28.10:443 | c.bing.com | tcp |
| US | 8.8.8.8:53 | ax-0001.ax-msedge.net | udp |
| US | 8.8.8.8:53 | ax-0001.ax-msedge.net | udp |
| US | 8.8.8.8:53 | u.clarity.ms | udp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| US | 8.8.8.8:53 | clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | polyfill-fastly.io | udp |
| US | 151.101.129.91:443 | polyfill-fastly.io | tcp |
| US | 8.8.8.8:53 | polyfill-fastly.io | udp |
| US | 8.8.8.8:53 | polyfill-fastly.io | udp |
| US | 8.8.8.8:53 | app.convertbox.com | udp |
| US | 8.8.8.8:53 | app.convertbox.com | udp |
| US | 8.8.8.8:53 | fonts.bunny.net | udp |
| US | 8.8.8.8:53 | bunnyfonts.b-cdn.net | udp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| US | 8.8.8.8:53 | bunnyfonts.b-cdn.net | udp |
| GB | 79.127.237.132:443 | fonts.bunny.net | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | guru99.click | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | guru99.click | udp |
| US | 52.72.49.79:443 | guru99.click | tcp |
| US | 8.8.8.8:53 | guru99.click | udp |
| US | 8.8.8.8:53 | www.anrdoezrs.net | udp |
| NL | 89.207.16.75:443 | www.anrdoezrs.net | tcp |
| US | 8.8.8.8:53 | track.cj.akadns.net | udp |
| US | 8.8.8.8:53 | track.cj.akadns.net | udp |
| US | 8.8.8.8:53 | cj.dotomi.com | udp |
| NL | 89.207.16.75:443 | cj.dotomi.com | tcp |
| US | 8.8.8.8:53 | www.emjcd.com | udp |
| NL | 89.207.16.75:443 | www.emjcd.com | tcp |
| US | 8.8.8.8:53 | ashampoo.com | udp |
| US | 8.8.8.8:53 | ashampoo.com | udp |
| DE | 18.197.209.74:443 | ashampoo.com | tcp |
| US | 8.8.8.8:53 | ashampoo.com | udp |
| US | 8.8.8.8:53 | www.ashampoo.com | udp |
| US | 8.8.8.8:53 | www.ashampoo.com | udp |
| DE | 18.197.209.74:443 | www.ashampoo.com | tcp |
| DE | 18.197.209.74:443 | www.ashampoo.com | tcp |
| US | 8.8.8.8:53 | app.usercentrics.eu | udp |
| US | 8.8.8.8:53 | img.ashampoo.com | udp |
| US | 8.8.8.8:53 | static.zdassets.com | udp |
| US | 8.8.8.8:53 | sih.ashampoo.com | udp |
| US | 35.190.14.188:443 | app.usercentrics.eu | tcp |
| US | 8.8.8.8:53 | app.usercentrics.eu | udp |
| US | 216.198.53.3:443 | static.zdassets.com | tcp |
| US | 8.8.8.8:53 | static.zdassets.com | udp |
| GB | 108.138.233.8:443 | img.ashampoo.com | tcp |
| GB | 108.138.233.8:443 | img.ashampoo.com | tcp |
| GB | 108.138.233.8:443 | img.ashampoo.com | tcp |
| GB | 108.138.233.8:443 | img.ashampoo.com | tcp |
| GB | 108.138.233.8:443 | img.ashampoo.com | tcp |
| GB | 108.138.233.8:443 | img.ashampoo.com | tcp |
| GB | 108.138.233.8:443 | img.ashampoo.com | tcp |
| GB | 108.138.233.8:443 | img.ashampoo.com | tcp |
| US | 8.8.8.8:53 | widget.trustpilot.com | udp |
| GB | 108.138.233.8:443 | img.ashampoo.com | tcp |
| US | 8.8.8.8:53 | app.usercentrics.eu | udp |
| US | 8.8.8.8:53 | static.zdassets.com | udp |
| US | 8.8.8.8:53 | img.ashampoo.com | udp |
| GB | 54.192.137.49:443 | widget.trustpilot.com | tcp |
| US | 8.8.8.8:53 | sih.ashampoo.com | udp |
| US | 8.8.8.8:53 | widget.trustpilot.com | udp |
| US | 8.8.8.8:53 | img.ashampoo.com | udp |
| US | 8.8.8.8:53 | widget.trustpilot.com | udp |
| US | 35.190.14.188:443 | app.usercentrics.eu | udp |
| US | 8.8.8.8:53 | sih.ashampoo.com | udp |
| GB | 3.166.49.70:443 | sih.ashampoo.com | tcp |
| GB | 3.166.49.70:443 | sih.ashampoo.com | tcp |
| DE | 18.197.209.74:443 | www.ashampoo.com | tcp |
| DE | 18.197.209.74:443 | www.ashampoo.com | tcp |
| DE | 18.197.209.74:443 | www.ashampoo.com | tcp |
| DE | 18.197.209.74:443 | www.ashampoo.com | tcp |
| US | 35.190.14.188:443 | app.usercentrics.eu | udp |
| US | 8.8.8.8:53 | ekr.zdassets.com | udp |
| US | 8.8.8.8:53 | u.clarity.ms | udp |
| US | 8.8.8.8:53 | ekr.zdassets.com | udp |
| US | 216.198.53.3:443 | ekr.zdassets.com | tcp |
| US | 35.190.14.188:443 | app.usercentrics.eu | tcp |
| US | 8.8.8.8:53 | ekr.zdassets.com | udp |
| US | 8.8.8.8:53 | api.usercentrics.eu | udp |
| US | 35.241.3.184:443 | api.usercentrics.eu | tcp |
| US | 35.241.3.184:443 | api.usercentrics.eu | tcp |
| US | 8.8.8.8:53 | api.usercentrics.eu | udp |
| US | 8.8.8.8:53 | api.usercentrics.eu | udp |
| US | 35.241.3.184:443 | api.usercentrics.eu | udp |
| US | 35.241.3.184:443 | api.usercentrics.eu | udp |
| US | 8.8.8.8:53 | ashampoo.zendesk.com | udp |
| US | 216.198.53.1:443 | ashampoo.zendesk.com | tcp |
| US | 8.8.8.8:53 | ashampoo.zendesk.com | udp |
| US | 8.8.8.8:53 | ashampoo.zendesk.com | udp |
| US | 8.8.8.8:53 | consent-api.service.consent.usercentrics.eu | udp |
| US | 8.8.8.8:53 | static.cleverpush.com | udp |
| US | 8.8.8.8:53 | dynamic.criteo.com | udp |
| US | 8.8.8.8:53 | ashampoo.slgnt.eu | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | www.redditstatic.com | udp |
| US | 35.201.111.240:443 | consent-api.service.consent.usercentrics.eu | tcp |
| US | 35.201.111.240:443 | consent-api.service.consent.usercentrics.eu | tcp |
| US | 104.26.15.31:443 | static.cleverpush.com | tcp |
| US | 8.8.8.8:53 | targetemsecure.blob.core.windows.net | udp |
| DE | 142.250.185.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.mczbf.com | udp |
| US | 104.17.122.18:443 | ashampoo.slgnt.eu | tcp |
| US | 8.8.8.8:53 | pixel.byspotify.com | udp |
| US | 8.8.8.8:53 | consent-api.service.consent.usercentrics.eu | udp |
| US | 8.8.8.8:53 | static.cleverpush.com | udp |
| US | 150.171.27.10:443 | bat.bing.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 151.101.65.140:443 | www.redditstatic.com | tcp |
| NL | 20.150.9.132:443 | targetemsecure.blob.core.windows.net | tcp |
| US | 8.8.8.8:53 | consent-api.service.consent.usercentrics.eu | udp |
| US | 34.117.162.98:443 | pixel.byspotify.com | tcp |
| GB | 108.156.39.54:443 | www.mczbf.com | tcp |
| US | 8.8.8.8:53 | static.cleverpush.com | udp |
| US | 8.8.8.8:53 | ashampoo.slgnt.eu.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | in-ftd-109.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | ashampoo.slgnt.eu.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | in-ftd-109.nl3.vip.prod.criteo.com | udp |
| US | 35.201.111.240:443 | consent-api.service.consent.usercentrics.eu | udp |
| US | 8.8.8.8:53 | dualstack.reddit.map.fastly.net | udp |
| US | 8.8.8.8:53 | blob.ams21prdstr01a.store.core.windows.net | udp |
| US | 8.8.8.8:53 | dualstack.reddit.map.fastly.net | udp |
| US | 8.8.8.8:53 | pixel.byspotify.com | udp |
| US | 8.8.8.8:53 | blob.ams21prdstr01a.store.core.windows.net | udp |
| DE | 142.250.185.228:443 | www.google.com | udp |
| US | 34.117.162.98:443 | pixel.byspotify.com | udp |
| US | 8.8.8.8:53 | dcjdc5qmbbux7.cloudfront.net | udp |
| US | 8.8.8.8:53 | pixel.byspotify.com | udp |
| US | 8.8.8.8:53 | e10883.g.akamaiedge.net | udp |
| NL | 178.250.1.8:443 | in-ftd-109.nl3.vip.prod.criteo.com | tcp |
| FR | 163.70.128.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 2.18.109.242:443 | e10883.g.akamaiedge.net | tcp |
| US | 8.8.8.8:53 | dcjdc5qmbbux7.cloudfront.net | udp |
| US | 8.8.8.8:53 | e10883.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| DE | 172.217.18.99:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | gtm.ashampoo.com | udp |
| FR | 163.70.128.23:443 | scontent.xx.fbcdn.net | udp |
| US | 216.239.32.21:443 | gtm.ashampoo.com | tcp |
| US | 216.239.32.21:443 | gtm.ashampoo.com | tcp |
| US | 8.8.8.8:53 | gtm.ashampoo.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | wave.outbrain.com | udp |
| US | 8.8.8.8:53 | tr.outbrain.com | udp |
| US | 8.8.8.8:53 | gtm.ashampoo.com | udp |
| DE | 172.217.18.99:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | chidc2.outbrain.org | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | chidc2.outbrain.org | udp |
| DE | 142.250.185.174:443 | google.com | tcp |
| DE | 142.250.185.174:443 | google.com | tcp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | google.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | gum.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | gum.nl3.vip.prod.criteo.com | udp |
| DE | 142.250.185.174:443 | google.com | udp |
| BE | 142.251.168.157:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gbc4.nl3.eu.criteo.com | udp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | gbc4.nl3.eu.criteo.com | udp |
| US | 8.8.8.8:53 | gbc2.fr3.eu.criteo.com | udp |
| FR | 185.235.86.64:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.131:443 | gbc4.nl3.eu.criteo.com | tcp |
| GB | 2.18.109.242:443 | wave.outbrain.com | tcp |
| US | 50.31.142.63:443 | tr.outbrain.com | tcp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 50.31.142.63:443 | tr.outbrain.com | tcp |
| BE | 142.251.168.157:443 | stats.g.doubleclick.net | udp |
| DE | 18.197.209.74:443 | www.ashampoo.com | tcp |
| US | 35.201.111.240:443 | consent-api.service.consent.usercentrics.eu | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | gtm.ashampoo.com | udp |
| US | 8.8.8.8:53 | gtm.ashampoo.com | udp |
| DE | 18.197.209.74:443 | www.ashampoo.com | tcp |
| US | 8.8.8.8:53 | cdn1.ashampoo.net | udp |
| GB | 18.245.162.126:443 | cdn1.ashampoo.net | tcp |
| US | 8.8.8.8:53 | d3q43xio2dych4.cloudfront.net | udp |
| US | 8.8.8.8:53 | d3q43xio2dych4.cloudfront.net | udp |
| US | 8.8.8.8:53 | graphql.usercentrics.eu | udp |
| US | 34.120.238.166:443 | graphql.usercentrics.eu | tcp |
| US | 34.120.238.166:443 | graphql.usercentrics.eu | tcp |
| US | 8.8.8.8:53 | graphql.usercentrics.eu | udp |
| US | 8.8.8.8:53 | graphql.usercentrics.eu | udp |
| US | 34.120.238.166:443 | graphql.usercentrics.eu | udp |
| US | 8.8.8.8:53 | crl.microsoft.com | udp |
| GB | 88.221.134.83:80 | crl.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 95.100.245.144:80 | www.microsoft.com | tcp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| US | 8.8.8.8:53 | www.bugsfighter.com | udp |
| US | 170.130.40.14:443 | www.bugsfighter.com | tcp |
| US | 8.8.8.8:53 | www.bugsfighter.com | udp |
| US | 8.8.8.8:53 | www.bugsfighter.com | udp |
| US | 8.8.8.8:53 | c0.wp.com | udp |
| US | 8.8.8.8:53 | ad.admitad.com | udp |
| US | 8.8.8.8:53 | bugsfighter.com | udp |
| US | 8.8.8.8:53 | tdns4.gtranslate.net | udp |
| US | 8.8.8.8:53 | i0.wp.com | udp |
| US | 192.0.77.37:443 | c0.wp.com | tcp |
| US | 8.8.8.8:53 | c0.wp.com | udp |
| US | 192.0.77.37:443 | c0.wp.com | tcp |
| US | 192.0.77.37:443 | c0.wp.com | tcp |
| US | 192.0.77.37:443 | c0.wp.com | tcp |
| US | 192.0.77.37:443 | c0.wp.com | tcp |
| US | 192.0.77.37:443 | c0.wp.com | tcp |
| US | 192.0.76.3:443 | stats.wp.com | tcp |
| US | 8.8.8.8:53 | stats.wp.com | udp |
| US | 172.67.68.204:443 | tdns4.gtranslate.net | tcp |
| US | 8.8.8.8:53 | c0.wp.com | udp |
| US | 8.8.8.8:53 | stats.wp.com | udp |
| US | 8.8.8.8:53 | i0.wp.com | udp |
| US | 8.8.8.8:53 | ad.admitad.com | udp |
| US | 8.8.8.8:53 | i0.wp.com | udp |
| US | 8.8.8.8:53 | ad.admitad.com | udp |
| US | 192.0.77.37:443 | c0.wp.com | udp |
| US | 192.0.76.3:443 | stats.wp.com | udp |
| US | 8.8.8.8:53 | tdns4.gtranslate.net | udp |
| US | 8.8.8.8:53 | bugsfighter.com | udp |
| US | 8.8.8.8:53 | tdns4.gtranslate.net | udp |
| US | 8.8.8.8:53 | bugsfighter.com | udp |
| DE | 185.26.99.247:443 | ad.admitad.com | tcp |
| US | 170.130.40.14:443 | bugsfighter.com | tcp |
| US | 192.0.77.2:443 | i0.wp.com | tcp |
| US | 192.0.77.2:443 | i0.wp.com | tcp |
| US | 192.0.77.2:443 | i0.wp.com | tcp |
| US | 192.0.77.2:443 | i0.wp.com | tcp |
| US | 192.0.77.2:443 | i0.wp.com | tcp |
| US | 192.0.77.2:443 | i0.wp.com | tcp |
| US | 192.0.77.2:443 | i0.wp.com | udp |
| US | 8.8.8.8:53 | csm.nl3.eu.criteo.net | udp |
| US | 8.8.8.8:53 | cdn.admitad-connect.com | udp |
| US | 104.26.5.175:443 | cdn.admitad-connect.com | tcp |
| US | 8.8.8.8:53 | cdn.admitad-connect.com | udp |
| US | 8.8.8.8:53 | cdn.admitad-connect.com | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| DE | 172.217.18.99:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| DE | 172.217.18.99:443 | www.google.co.uk | udp |
| RU | 93.158.134.119:443 | mc.yandex.ru | tcp |
| BE | 142.251.168.156:443 | stats.g.doubleclick.net | tcp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | csm.nl3.vip.prod.criteo.net | udp |
| US | 8.8.8.8:53 | csm.nl3.vip.prod.criteo.net | udp |
| BE | 142.251.168.156:443 | stats.g.doubleclick.net | tcp |
| BE | 142.251.168.156:443 | stats.g.doubleclick.net | udp |
| RU | 87.250.251.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | appmaster.io | udp |
| US | 172.67.69.86:443 | appmaster.io | tcp |
| US | 8.8.8.8:53 | appmaster.io | udp |
| US | 8.8.8.8:53 | appmaster.io | udp |
| US | 172.67.69.86:443 | appmaster.io | udp |
| US | 8.8.8.8:53 | js.hs-scripts.com | udp |
| US | 104.16.138.209:443 | js.hs-scripts.com | tcp |
| US | 8.8.8.8:53 | js.hs-scripts.com | udp |
| US | 104.26.14.122:443 | appmaster.io | tcp |
| US | 8.8.8.8:53 | s.appmaster.io | udp |
| US | 8.8.8.8:53 | s.appmaster.io | udp |
| US | 8.8.8.8:53 | js.hs-banner.com | udp |
| US | 8.8.8.8:53 | js.hs-analytics.net | udp |
| US | 104.18.40.240:443 | js.hs-banner.com | tcp |
| US | 8.8.8.8:53 | js.hs-banner.com | udp |
| US | 8.8.8.8:53 | js.hs-analytics.net | udp |
| US | 8.8.8.8:53 | js.hs-banner.com | udp |
| US | 8.8.8.8:53 | js.hs-analytics.net | udp |
| US | 104.26.14.122:443 | s.appmaster.io | udp |
| US | 8.8.8.8:53 | chat.appmaster.io | udp |
| US | 8.8.8.8:53 | pixel.wp.com | udp |
| US | 172.67.69.86:443 | chat.appmaster.io | tcp |
| US | 8.8.8.8:53 | chat.appmaster.io | udp |
| US | 192.0.76.3:443 | pixel.wp.com | tcp |
| US | 8.8.8.8:53 | pixel.wp.com | udp |
| US | 8.8.8.8:53 | chat.appmaster.io | udp |
| US | 8.8.8.8:53 | pixel.wp.com | udp |
| US | 192.0.76.3:443 | pixel.wp.com | udp |
| US | 172.67.69.86:443 | chat.appmaster.io | udp |
| US | 104.17.175.201:443 | js.hs-analytics.net | tcp |
| US | 8.8.8.8:53 | chat.appmaster.io | udp |
| US | 8.8.8.8:53 | track.hubspot.com | udp |
| US | 8.8.8.8:53 | js-na1.hs-scripts.com | udp |
| US | 104.26.14.122:443 | chat.appmaster.io | udp |
| US | 8.8.8.8:53 | chat.appmaster.io | udp |
| US | 172.67.69.86:443 | chat.appmaster.io | tcp |
| US | 104.16.141.209:443 | js-na1.hs-scripts.com | tcp |
| US | 8.8.8.8:53 | js-na1.hs-scripts.com | udp |
| US | 104.16.118.116:443 | track.hubspot.com | tcp |
| US | 104.16.118.116:443 | track.hubspot.com | tcp |
| US | 8.8.8.8:53 | track.hubspot.com | udp |
| US | 8.8.8.8:53 | js-na1.hs-scripts.com | udp |
| US | 8.8.8.8:53 | track.hubspot.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| DE | 172.217.18.99:443 | www.google.co.uk | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| DE | 172.217.18.99:443 | www.google.co.uk | udp |
| BE | 142.251.168.156:443 | stats.g.doubleclick.net | tcp |
| US | 172.67.69.86:443 | chat.appmaster.io | udp |
| BE | 142.251.168.156:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | dl.enigmasoftware.com | udp |
| GB | 18.245.143.95:443 | dl.enigmasoftware.com | tcp |
| US | 8.8.8.8:53 | dl.enigmasoftware.com | udp |
| RU | 87.250.251.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | d1grahinjz4k7j.cloudfront.net | udp |
| US | 8.8.8.8:53 | d1grahinjz4k7j.cloudfront.net | udp |
| GB | 18.245.158.177:443 | d1grahinjz4k7j.cloudfront.net | tcp |
| N/A | 127.0.0.1:56975 | tcp | |
| US | 8.8.8.8:53 | geo-ip.enigmasoft.net | udp |
| GB | 18.244.164.14:443 | geo-ip.enigmasoft.net | tcp |
| N/A | 127.0.0.1:56978 | tcp | |
| GB | 79.127.237.132:80 | fonts.bunny.net | tcp |
| N/A | 127.0.0.1:56981 | tcp | |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| GB | 18.244.164.14:443 | geo-ip.enigmasoft.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| N/A | 127.0.0.1:56984 | tcp | |
| N/A | 127.0.0.1:56987 | tcp | |
| N/A | 127.0.0.1:56992 | tcp | |
| N/A | 127.0.0.1:56995 | tcp | |
| N/A | 127.0.0.1:56998 | tcp | |
| N/A | 127.0.0.1:57001 | tcp | |
| N/A | 127.0.0.1:57006 | tcp | |
| GB | 18.245.143.95:443 | dl.enigmasoftware.com | tcp |
| US | 8.8.8.8:53 | instcfg.enigmasoftware.com | udp |
| GB | 18.245.218.128:443 | instcfg.enigmasoftware.com | tcp |
| N/A | 127.0.0.1:57010 | tcp | |
| N/A | 127.0.0.1:57013 | tcp | |
| N/A | 127.0.0.1:57018 | tcp | |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| N/A | 127.0.0.1:57022 | tcp | |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| N/A | 127.0.0.1:57061 | tcp | |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| N/A | 127.0.0.1:57082 | tcp | |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| N/A | 127.0.0.1:57093 | tcp | |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| N/A | 127.0.0.1:57099 | tcp | |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| N/A | 127.0.0.1:57111 | tcp | |
| N/A | 127.0.0.1:57115 | tcp | |
| N/A | 127.0.0.1:57120 | tcp | |
| N/A | 127.0.0.1:57126 | tcp | |
| N/A | 127.0.0.1:57130 | tcp | |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| N/A | 127.0.0.1:57134 | tcp | |
| N/A | 127.0.0.1:57138 | tcp | |
| N/A | 127.0.0.1:57142 | tcp | |
| N/A | 127.0.0.1:57146 | tcp | |
| N/A | 127.0.0.1:57150 | tcp | |
| N/A | 127.0.0.1:57154 | tcp | |
| N/A | 127.0.0.1:57158 | tcp | |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| N/A | 127.0.0.1:57162 | tcp | |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| US | 8.8.8.8:53 | u.clarity.ms | udp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| US | 8.8.8.8:53 | clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com | udp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| N/A | 127.0.0.1:57166 | tcp | |
| N/A | 127.0.0.1:57170 | tcp | |
| N/A | 127.0.0.1:57174 | tcp | |
| N/A | 127.0.0.1:57179 | tcp | |
| N/A | 127.0.0.1:57183 | tcp | |
| N/A | 127.0.0.1:57187 | tcp | |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| N/A | 127.0.0.1:57192 | tcp | |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| N/A | 127.0.0.1:57196 | tcp | |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| N/A | 127.0.0.1:57200 | tcp | |
| N/A | 127.0.0.1:57204 | tcp | |
| N/A | 127.0.0.1:57208 | tcp | |
| N/A | 127.0.0.1:57212 | tcp | |
| N/A | 127.0.0.1:57216 | tcp | |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| N/A | 127.0.0.1:57220 | tcp | |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| N/A | 127.0.0.1:57224 | tcp | |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| US | 8.8.8.8:53 | studio.appmaster.io | udp |
| US | 104.26.14.122:443 | studio.appmaster.io | tcp |
| US | 8.8.8.8:53 | studio.appmaster.io | udp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| US | 8.8.8.8:53 | studio.appmaster.io | udp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| US | 104.26.14.122:443 | studio.appmaster.io | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 104.16.138.209:443 | js-na1.hs-scripts.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| DE | 142.250.185.228:443 | www.google.com | tcp |
| DE | 142.250.185.228:443 | www.google.com | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| DE | 142.250.185.228:443 | www.google.com | udp |
| N/A | 127.0.0.1:57228 | tcp | |
| N/A | 127.0.0.1:57232 | tcp | |
| N/A | 127.0.0.1:57237 | tcp | |
| N/A | 127.0.0.1:57241 | tcp | |
| N/A | 127.0.0.1:57252 | tcp | |
| US | 104.26.14.122:443 | studio.appmaster.io | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | ax-0001.ax-msedge.net | udp |
| US | 104.26.14.122:443 | studio.appmaster.io | udp |
| US | 8.8.8.8:53 | improving.duckduckgo.com | udp |
| US | 8.8.8.8:53 | improving.duckduckgo.com | udp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | u.clarity.ms | udp |
| US | 8.8.8.8:53 | improving.duckduckgo.com | udp |
| US | 8.8.8.8:53 | clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| DE | 172.217.18.99:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | gtm.ashampoo.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | gtm.ashampoo.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| US | 4.227.249.197:443 | clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| US | 8.8.8.8:53 | gtm.ashampoo.com | udp |
| US | 34.120.238.166:443 | graphql.usercentrics.eu | udp |
| GB | 79.127.237.132:80 | fonts.bunny.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| IE | 20.223.54.233:443 | links.duckduckgo.com | tcp |
| N/A | 127.0.0.1:57363 | tcp | |
| N/A | 127.0.0.1:57377 | tcp | |
| N/A | 127.0.0.1:57383 | tcp | |
| N/A | 127.0.0.1:57393 | tcp | |
| N/A | 127.0.0.1:57396 | tcp | |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | gtm.ashampoo.com | udp |
| US | 8.8.8.8:53 | gtm.ashampoo.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| GB | 79.127.237.132:80 | fonts.bunny.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| N/A | 127.0.0.1:57507 | tcp | |
| N/A | 127.0.0.1:57510 | tcp | |
| N/A | 127.0.0.1:57514 | tcp | |
| GB | 79.127.237.132:80 | fonts.bunny.net | tcp |
| N/A | 127.0.0.1:57517 | tcp | |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| N/A | 127.0.0.1:57521 | tcp | |
| US | 8.8.8.8:53 | installer.enigmasoftware.com | udp |
| US | 8.8.8.8:53 | linktarget.ashampoo.com | udp |
| BE | 207.211.214.145:80 | installer.enigmasoftware.com | tcp |
| BE | 207.211.214.145:443 | installer.enigmasoftware.com | tcp |
| DE | 52.59.70.47:443 | et.ashampoo.com | tcp |
| DE | 52.59.70.47:443 | et.ashampoo.com | tcp |
| N/A | 127.0.0.1:57548 | tcp | |
| N/A | 127.0.0.1:57577 | tcp | |
| BE | 207.211.214.145:443 | installer.enigmasoftware.com | tcp |
| US | 8.8.8.8:53 | www.enigmasoftware.com | udp |
| GB | 52.84.90.76:443 | www.enigmasoftware.com | tcp |
| GB | 52.84.90.76:443 | www.enigmasoftware.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | tt.web.enigmasoftware.com | udp |
| IE | 34.252.174.61:443 | tt.web.enigmasoftware.com | tcp |
| GB | 18.244.164.14:443 | geo-ip.enigmasoft.net | tcp |
| GB | 52.84.90.76:443 | www.enigmasoftware.com | tcp |
| GB | 52.84.90.76:443 | www.enigmasoftware.com | tcp |
| GB | 52.84.90.76:443 | www.enigmasoftware.com | tcp |
| GB | 52.84.90.76:443 | www.enigmasoftware.com | tcp |
| US | 8.8.8.8:53 | api.enigmasoft.net | udp |
| US | 35.169.6.164:443 | api.enigmasoft.net | tcp |
| N/A | 127.0.0.1:57769 | tcp | |
| US | 35.169.6.164:443 | api.enigmasoft.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| US | 35.169.6.164:443 | api.enigmasoft.net | tcp |
| IE | 34.252.174.61:443 | tt.web.enigmasoftware.com | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| US | 8.8.8.8:53 | rh.downloads.enigmasoft.net | udp |
| GB | 18.245.253.95:443 | rh.downloads.enigmasoft.net | tcp |
| US | 35.169.6.164:443 | api.enigmasoft.net | tcp |
| US | 35.169.6.164:443 | api.enigmasoft.net | tcp |
| N/A | 127.0.0.1:57878 | tcp | |
| US | 35.169.6.164:443 | api.enigmasoft.net | tcp |
| US | 8.8.8.8:53 | crl.microsoft.com | udp |
| US | 8.8.8.8:53 | crl.microsoft.com | udp |
| GB | 88.221.134.83:80 | crl.microsoft.com | tcp |
| US | 8.8.8.8:53 | crl.microsoft.com | udp |
| GB | 88.221.134.83:80 | crl.microsoft.com | tcp |
| N/A | 127.0.0.1:57973 | tcp | |
| RU | 88.212.207.73:443 | www.softodrom.ru | tcp |
| GB | 88.221.134.83:80 | crl.microsoft.com | tcp |
| RU | 88.212.207.73:443 | www.softodrom.ru | tcp |
| N/A | 127.0.0.1:57998 | tcp | |
| N/A | 127.0.0.1:58002 | tcp | |
| N/A | 127.0.0.1:58008 | tcp | |
| N/A | 127.0.0.1:58010 | tcp | |
| N/A | 127.0.0.1:58015 | tcp | |
| N/A | 127.0.0.1:58021 | tcp | |
| N/A | 127.0.0.1:58024 | tcp | |
| N/A | 127.0.0.1:58027 | tcp | |
| N/A | 127.0.0.1:58030 | tcp | |
| N/A | 127.0.0.1:58037 | tcp | |
| N/A | 127.0.0.1:58044 | tcp | |
| N/A | 127.0.0.1:58056 | tcp | |
| GB | 88.221.134.83:80 | crl.microsoft.com | tcp |
| GB | 88.221.134.83:80 | crl.microsoft.com | tcp |
| N/A | 127.0.0.1:58065 | tcp | |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| US | 8.8.8.8:53 | ul.enigmasoft.net | udp |
| IE | 52.49.231.191:80 | ul.enigmasoft.net | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 95.100.245.144:80 | www.microsoft.com | tcp |
| GB | 88.221.134.83:80 | crl.microsoft.com | tcp |
| IE | 52.49.231.191:80 | ul.enigmasoft.net | tcp |
| US | 8.8.8.8:53 | crl.globalsign.com | udp |
| US | 151.101.66.133:80 | crl.globalsign.com | tcp |
| IE | 52.49.231.191:80 | ul.enigmasoft.net | tcp |
| US | 151.101.66.133:80 | crl.globalsign.com | tcp |
| US | 8.8.8.8:53 | crl.comodoca.com | udp |
| US | 172.64.149.23:80 | crl.comodoca.com | tcp |
| US | 8.8.8.8:53 | znanio.ru | udp |
| RU | 95.129.232.2:443 | znanio.ru | tcp |
| US | 8.8.8.8:53 | znanio.ru | udp |
| US | 8.8.8.8:53 | znanio.ru | udp |
| US | 8.8.8.8:53 | www.artfut.com | udp |
| US | 8.8.8.8:53 | fs.znanio.ru | udp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| US | 8.8.8.8:53 | fs.znanio.ru | udp |
| US | 104.26.0.109:443 | www.artfut.com | tcp |
| US | 8.8.8.8:53 | www.artfut.com | udp |
| US | 8.8.8.8:53 | fs.znanio.ru | udp |
| US | 8.8.8.8:53 | www.artfut.com | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| US | 8.8.8.8:53 | yandex.ru | udp |
| US | 8.8.8.8:53 | top-fwz1.mail.ru | udp |
| RU | 77.88.55.88:443 | yandex.ru | tcp |
| US | 8.8.8.8:53 | yandex.ru | udp |
| US | 8.8.8.8:53 | top-fwz1.mail.ru | udp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| GB | 95.100.245.144:80 | www.microsoft.com | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| US | 8.8.8.8:53 | matchid.adfox.yandex.ru | udp |
| RU | 93.158.134.118:443 | matchid.adfox.yandex.ru | tcp |
| US | 8.8.8.8:53 | matchid-production.adfox.yandex.ru | udp |
| US | 8.8.8.8:53 | matchid-production.adfox.yandex.ru | udp |
| RU | 87.250.250.119:443 | mc.yandex.ru | tcp |
| RU | 95.163.52.67:443 | top-fwz1.mail.ru | tcp |
| RU | 95.163.52.67:443 | top-fwz1.mail.ru | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| BE | 142.251.168.157:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| BE | 142.251.168.157:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| DE | 172.217.18.99:443 | www.google.co.uk | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| RU | 87.250.251.119:443 | mc.yandex.ru | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| DE | 172.217.18.99:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | crl.microsoft.com | udp |
| GB | 88.221.134.83:80 | crl.microsoft.com | tcp |
| GB | 79.127.237.132:443 | fonts.bunny.net | tcp |
| RU | 87.250.251.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | crl.comodoca.com | udp |
| US | 172.64.149.23:80 | crl.comodoca.com | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| US | 8.8.8.8:53 | csc3-2010-crl.verisign.com | udp |
| GB | 104.78.173.45:80 | csc3-2010-crl.verisign.com | tcp |
| US | 8.8.8.8:53 | ocsp.thawte.com | udp |
| GB | 104.78.173.45:80 | ocsp.thawte.com | tcp |
| US | 8.8.8.8:53 | crl.thawte.com | udp |
| GB | 104.78.173.45:80 | crl.thawte.com | tcp |
| US | 8.8.8.8:53 | geneweb.tuxfamily.org | udp |
| FR | 212.85.158.4:443 | geneweb.tuxfamily.org | tcp |
| US | 8.8.8.8:53 | geneweb.tuxfamily.org | udp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| US | 8.8.8.8:53 | geneweb.tuxfamily.org | udp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| IE | 20.223.54.233:443 | links.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| FR | 212.85.158.4:443 | geneweb.tuxfamily.org | tcp |
| FR | 212.85.158.4:443 | geneweb.tuxfamily.org | tcp |
| US | 8.8.8.8:53 | download.tuxfamily.org | udp |
| US | 8.8.8.8:53 | ielo.downloads.tuxfamily.net | udp |
| US | 8.8.8.8:53 | ielo.downloads.tuxfamily.net | udp |
| US | 8.8.8.8:53 | crl.globalsign.com | udp |
| US | 151.101.130.133:80 | crl.globalsign.com | tcp |
| FR | 212.85.158.13:443 | ielo.downloads.tuxfamily.net | tcp |
| FR | 212.85.158.13:443 | ielo.downloads.tuxfamily.net | tcp |
| FR | 212.85.158.13:443 | ielo.downloads.tuxfamily.net | tcp |
| FR | 212.85.158.13:443 | ielo.downloads.tuxfamily.net | tcp |
| IE | 52.49.231.191:80 | ul.enigmasoft.net | tcp |
| US | 8.8.8.8:53 | CSC3-2004-crl.verisign.com | udp |
| FR | 212.85.158.13:443 | ielo.downloads.tuxfamily.net | tcp |
| FR | 212.85.158.13:443 | ielo.downloads.tuxfamily.net | tcp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| US | 8.8.8.8:53 | api.enigmasoft.net | udp |
| US | 3.211.54.195:443 | api.enigmasoft.net | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| RU | 212.41.26.40:443 | fs.znanio.ru | tcp |
| IE | 52.49.231.191:80 | ul.enigmasoft.net | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| N/A | 127.0.0.1:58436 | tcp | |
| US | 8.8.8.8:53 | csc3-2004-crl.verisign.com | udp |
| US | 8.8.8.8:53 | csc3-2010-crl.verisign.com | udp |
| GB | 104.78.173.45:80 | csc3-2010-crl.verisign.com | tcp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | gameforge.com | udp |
| US | 172.64.144.70:443 | gameforge.com | tcp |
| US | 8.8.8.8:53 | gameforge.com | udp |
| US | 8.8.8.8:53 | gameforge.com | udp |
| US | 8.8.8.8:53 | igroutka.ru | udp |
| RU | 77.223.125.52:443 | igroutka.ru | tcp |
| US | 8.8.8.8:53 | igroutka.ru | udp |
| US | 8.8.8.8:53 | igroutka.ru | udp |
| RU | 77.223.125.52:443 | igroutka.ru | tcp |
| US | 8.8.8.8:53 | analytics-live.gameforge.com | udp |
| DE | 79.110.87.55:443 | analytics-live.gameforge.com | tcp |
| US | 8.8.8.8:53 | analytics-live.gameforge.com | udp |
| US | 8.8.8.8:53 | analytics-live.gameforge.com | udp |
| US | 8.8.8.8:53 | gameforge.com | udp |
| RU | 77.223.125.52:443 | igroutka.ru | tcp |
| RU | 77.223.125.52:443 | igroutka.ru | tcp |
| US | 8.8.8.8:53 | ul.enigmasoft.net | udp |
| IE | 52.49.231.191:80 | ul.enigmasoft.net | tcp |
| US | 8.8.8.8:53 | crl.sectigo.com | udp |
| US | 172.64.149.23:80 | crl.sectigo.com | tcp |
| US | 3.211.54.195:443 | api.enigmasoft.net | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | support.mozilla.org | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | api.enigmasoft.net | udp |
| US | 35.169.6.164:443 | api.enigmasoft.net | tcp |
| US | 35.169.6.164:443 | api.enigmasoft.net | tcp |
| N/A | 127.0.0.1:58546 | tcp | |
| US | 8.8.8.8:53 | ru.wikihow.com | udp |
| US | 151.101.65.91:443 | ru.wikihow.com | tcp |
| US | 8.8.8.8:53 | n.sni.global.fastly.net | udp |
| US | 8.8.8.8:53 | n.sni.global.fastly.net | udp |
| US | 151.101.65.91:443 | n.sni.global.fastly.net | udp |
| US | 8.8.8.8:53 | dn0qt3r0xannq.cloudfront.net | udp |
| US | 8.8.8.8:53 | www.wikihow.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| GB | 18.244.140.95:443 | dn0qt3r0xannq.cloudfront.net | tcp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | dn0qt3r0xannq.cloudfront.net | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| DE | 142.250.186.97:443 | lh3.googleusercontent.com | tcp |
| DE | 142.250.186.97:443 | lh3.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | googlehosted.l.googleusercontent.com | udp |
| DE | 142.250.186.97:443 | lh3.googleusercontent.com | udp |
| GB | 18.244.140.95:443 | dn0qt3r0xannq.cloudfront.net | udp |
| US | 8.8.8.8:53 | edge.aditude.io | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 104.22.61.119:443 | edge.aditude.io | tcp |
| US | 8.8.8.8:53 | raven-edge.aditude.io | udp |
| US | 172.67.10.132:443 | raven-edge.aditude.io | tcp |
| US | 8.8.8.8:53 | edge.aditude.io | udp |
| DE | 142.250.186.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 104.22.34.123:443 | static.kueezrtb.com | tcp |
| US | 8.8.8.8:53 | raven-edge.aditude.io | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | edge.aditude.io | udp |
| US | 8.8.8.8:53 | static.kueezrtb.com | udp |
| N/A | 127.0.0.1:58549 | tcp | |
| US | 8.8.8.8:53 | static.kueezrtb.com | udp |
| US | 151.101.193.91:443 | www.wikihow.com | tcp |
| US | 151.101.193.91:443 | www.wikihow.com | tcp |
| US | 151.101.193.91:443 | www.wikihow.com | tcp |
| US | 151.101.193.91:443 | www.wikihow.com | tcp |
| DE | 142.250.186.34:443 | securepubads.g.doubleclick.net | udp |
| US | 151.101.193.91:443 | www.wikihow.com | udp |
| US | 8.8.8.8:53 | raven-static.aditude.io | udp |
| US | 104.22.61.119:443 | raven-static.aditude.io | tcp |
| US | 8.8.8.8:53 | raven-static.aditude.io | udp |
| US | 8.8.8.8:53 | raven-static.aditude.io | udp |
| GB | 18.154.84.16:443 | sb.scorecardresearch.com | tcp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| IE | 20.223.54.233:443 | links.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | location.services.mozilla.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 35.190.72.216:443 | location.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 35.169.6.164:443 | api.enigmasoft.net | tcp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 35.190.72.216:443 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| N/A | 127.0.0.1:58553 | tcp | |
| N/A | 127.0.0.1:58556 | tcp | |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | vseigru.net | udp |
| US | 172.67.68.56:443 | vseigru.net | tcp |
| US | 8.8.8.8:53 | vseigru.net | udp |
| US | 8.8.8.8:53 | vseigru.net | udp |
| US | 8.8.8.8:53 | vseigru.net | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | vseigru.net | udp |
| RU | 87.250.250.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| RU | 93.158.134.119:443 | mc.yandex.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| DE | 142.250.185.161:443 | tpc.googlesyndication.com | tcp |
| DE | 142.250.185.161:443 | tpc.googlesyndication.com | tcp |
| DE | 142.250.185.161:443 | tpc.googlesyndication.com | tcp |
| DE | 142.250.185.161:443 | tpc.googlesyndication.com | tcp |
| DE | 142.250.185.161:443 | tpc.googlesyndication.com | tcp |
| DE | 142.250.185.161:443 | tpc.googlesyndication.com | tcp |
| DE | 142.250.185.161:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| DE | 142.250.184.226:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| DE | 142.250.184.226:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| DE | 142.250.184.225:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| DE | 142.250.184.225:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | free.webcompanion.com | udp |
| US | 8.8.8.8:53 | free.webcompanion.com | udp |
| US | 45.63.66.114:443 | free.webcompanion.com | tcp |
| DE | 172.217.18.2:443 | googleads.g.doubleclick.net | tcp |
| DE | 172.217.18.2:443 | googleads.g.doubleclick.net | udp |
| US | 45.63.66.114:443 | free.webcompanion.com | tcp |
| US | 45.63.66.114:443 | free.webcompanion.com | tcp |
| US | 45.63.66.114:443 | free.webcompanion.com | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 45.63.66.114:443 | free.webcompanion.com | tcp |
| US | 45.63.66.114:443 | free.webcompanion.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | cloud.webcompanion.com | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | s-part-0036.t-0009.t-msedge.net | udp |
| CA | 20.48.202.165:443 | cloud.webcompanion.com | tcp |
| US | 8.8.8.8:53 | waws-prod-yt1-053-803d.canadacentral.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | s-part-0036.t-0009.t-msedge.net | udp |
| US | 8.8.8.8:53 | waws-prod-yt1-053-803d.canadacentral.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| DE | 142.250.185.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| DE | 142.250.185.228:443 | www.google.com | udp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 13.107.246.64:443 | s-part-0036.t-0009.t-msedge.net | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | privacyportal-eu.onetrust.com | udp |
| US | 172.64.155.119:443 | privacyportal-eu.onetrust.com | tcp |
| US | 8.8.8.8:53 | privacyportal-eu.onetrust.com | udp |
| US | 8.8.8.8:53 | privacyportal-eu.onetrust.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 13.107.246.64:443 | s-part-0036.t-0009.t-msedge.net | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| DE | 172.217.18.99:443 | www.google.co.uk | tcp |
| DE | 172.217.18.99:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| N/A | 127.0.0.1:58596 | tcp | |
| US | 8.8.8.8:53 | u.clarity.ms | udp |
| US | 8.8.8.8:53 | download.webc.co | udp |
| US | 8.8.8.8:53 | c-msn-pme.trafficmanager.net | udp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| US | 104.21.88.13:443 | download.webc.co | tcp |
| US | 8.8.8.8:53 | download.webc.co | udp |
| US | 8.8.8.8:53 | download.webc.co | udp |
| US | 104.21.88.13:443 | download.webc.co | udp |
| N/A | 127.0.0.1:58665 | tcp | |
| N/A | 127.0.0.1:58672 | tcp | |
| US | 8.8.8.8:53 | geo.lavasoft.com | udp |
| US | 104.16.148.130:80 | geo.lavasoft.com | tcp |
| US | 8.8.8.8:53 | u.clarity.ms | udp |
| US | 8.8.8.8:53 | clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | featureflags.lavasoft.com | udp |
| US | 104.16.149.130:443 | featureflags.lavasoft.com | tcp |
| N/A | 127.0.0.1:58681 | tcp | |
| N/A | 127.0.0.1:58684 | tcp | |
| N/A | 127.0.0.1:58687 | tcp | |
| US | 8.8.8.8:53 | flwadw.com | udp |
| US | 104.18.26.149:443 | flwadw.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | privacyportal-eu.onetrust.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | privacyportal-eu.onetrust.com | udp |
| US | 172.64.155.119:443 | privacyportal-eu.onetrust.com | tcp |
| US | 172.64.155.119:443 | privacyportal-eu.onetrust.com | tcp |
| N/A | 127.0.0.1:58690 | tcp | |
| N/A | 127.0.0.1:58693 | tcp | |
| US | 8.8.8.8:53 | u.clarity.ms | udp |
| US | 8.8.8.8:53 | u.clarity.ms | udp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| N/A | 127.0.0.1:58704 | tcp | |
| US | 8.8.8.8:53 | wcdownloadercdn.lavasoft.com | udp |
| US | 104.16.149.130:443 | wcdownloadercdn.lavasoft.com | tcp |
| US | 8.8.8.8:53 | u.clarity.ms | udp |
| US | 8.8.8.8:53 | clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com | udp |
| N/A | 127.0.0.1:58911 | tcp | |
| N/A | 127.0.0.1:58936 | tcp | |
| N/A | 127.0.0.1:58965 | tcp | |
| US | 8.8.8.8:53 | minecraft-inside.ru | udp |
| US | 172.67.68.102:443 | minecraft-inside.ru | tcp |
| US | 8.8.8.8:53 | minecraft-inside.ru | udp |
| US | 8.8.8.8:53 | minecraft-inside.ru | udp |
| IE | 20.223.54.233:443 | links.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | udp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | improving.duckduckgo.com | udp |
| US | 8.8.8.8:53 | improving.duckduckgo.com | udp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | improving.duckduckgo.com | udp |
| US | 8.8.8.8:53 | minecraft-inside.ru | udp |
| US | 8.8.8.8:53 | minecraft-inside.ru | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | cloud.webcompanion.com | udp |
| US | 8.8.8.8:53 | u.clarity.ms | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | waws-prod-yt1-053-803d.canadacentral.cloudapp.azure.com | udp |
| US | 104.16.148.130:80 | wcdownloadercdn.lavasoft.com | tcp |
| US | 4.227.249.197:443 | clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com | tcp |
| US | 104.16.149.130:443 | wcdownloadercdn.lavasoft.com | tcp |
| US | 104.18.26.149:443 | flwadw.com | tcp |
| US | 8.8.8.8:53 | wc-partners.lavasoft.com | udp |
| CA | 64.18.87.82:80 | wc-partners.lavasoft.com | tcp |
| US | 8.8.8.8:53 | gamely.pro | udp |
| US | 104.26.2.47:443 | gamely.pro | tcp |
| US | 8.8.8.8:53 | gamely.pro | udp |
| US | 8.8.8.8:53 | gamely.pro | udp |
| US | 104.26.2.47:443 | gamely.pro | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | gamely.pro | udp |
| US | 8.8.8.8:53 | gamely.pro | udp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | webcompanion.com | udp |
| US | 104.19.159.224:80 | webcompanion.com | tcp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | minecraft-inside.ru | udp |
| US | 8.8.8.8:53 | minecraft-inside.ru | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| N/A | 127.0.0.1:59298 | tcp | |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | minecraft-inside.ru | udp |
| US | 8.8.8.8:53 | yandex.ru | udp |
| US | 8.8.8.8:53 | minecraft-inside.ru | udp |
| RU | 77.88.44.55:443 | yandex.ru | tcp |
| US | 8.8.8.8:53 | top-fwz1.mail.ru | udp |
| US | 8.8.8.8:53 | yandex.ru | udp |
| US | 8.8.8.8:53 | yandex.ru | udp |
| US | 8.8.8.8:53 | top-fwz1.mail.ru | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | st.top100.ru | udp |
| US | 8.8.8.8:53 | counter.yadro.ru | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | 2e2qdr4l9f.a.trbcdn.net | udp |
| DE | 151.236.71.248:443 | 2e2qdr4l9f.a.trbcdn.net | tcp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| US | 151.101.129.229:443 | jsdelivr.map.fastly.net | udp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| N/A | 127.0.0.1:59304 | tcp | |
| US | 8.8.8.8:53 | kraken.rambler.ru | udp |
| RU | 81.19.89.17:443 | kraken.rambler.ru | tcp |
| US | 8.8.8.8:53 | kraken.rambler.ru | udp |
| RU | 95.163.52.67:443 | top-fwz1.mail.ru | tcp |
| RU | 88.212.202.52:443 | counter.yadro.ru | tcp |
| RU | 95.163.52.67:443 | top-fwz1.mail.ru | tcp |
| RU | 81.19.89.17:443 | kraken.rambler.ru | tcp |
| RU | 81.19.89.18:443 | kraken.rambler.ru | tcp |
| RU | 95.163.52.67:443 | top-fwz1.mail.ru | tcp |
| RU | 88.212.202.52:443 | counter.yadro.ru | tcp |
| RU | 95.163.52.67:443 | top-fwz1.mail.ru | tcp |
| RU | 81.19.89.18:443 | kraken.rambler.ru | tcp |
| US | 104.19.159.224:443 | webcompanion.com | tcp |
| US | 8.8.8.8:53 | webcompanion.com | udp |
| US | 8.8.8.8:53 | webcompanion.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| DE | 142.250.185.138:443 | ajax.googleapis.com | tcp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | an.yandex.ru | udp |
| DE | 142.250.185.138:443 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | favicon.yandex.net | udp |
| US | 8.8.8.8:53 | avatars.mds.yandex.net | udp |
| RU | 213.180.193.90:443 | an.yandex.ru | tcp |
| RU | 213.180.193.90:443 | an.yandex.ru | tcp |
| US | 8.8.8.8:53 | an.yandex.ru | udp |
| RU | 87.250.247.183:443 | avatars.mds.yandex.net | tcp |
| RU | 87.250.247.183:443 | avatars.mds.yandex.net | tcp |
| US | 8.8.8.8:53 | avatars.mds.yandex.net | udp |
| RU | 213.180.204.36:443 | favicon.yandex.net | tcp |
| RU | 213.180.204.36:443 | favicon.yandex.net | tcp |
| US | 8.8.8.8:53 | favicon.yandex.net | udp |
| US | 8.8.8.8:53 | an.yandex.ru | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | favicon.yandex.net | udp |
| US | 150.171.28.10:443 | bat.bing.com | tcp |
| US | 8.8.8.8:53 | ax-0001.ax-msedge.net | udp |
| RU | 87.250.251.119:443 | mc.yandex.ru | tcp |
| RU | 87.250.251.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | cdn.inspectlet.com | udp |
| US | 104.22.56.245:443 | cdn.inspectlet.com | tcp |
| US | 8.8.8.8:53 | cdn.inspectlet.com | udp |
| US | 8.8.8.8:53 | cdn.inspectlet.com | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 104.22.56.245:443 | cdn.inspectlet.com | udp |
| US | 8.8.8.8:53 | s-part-0036.t-0009.t-msedge.net | udp |
| US | 104.16.149.130:443 | wcdownloadercdn.lavasoft.com | tcp |
| N/A | 127.0.0.1:59307 | tcp | |
| US | 104.18.26.149:443 | flwadw.com | tcp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | gamely.pro | udp |
| US | 8.8.8.8:53 | gamely.pro | udp |
| US | 8.8.8.8:53 | gamely.pro | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | i.imgur.com | udp |
| US | 8.8.8.8:53 | images.dmca.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 199.232.196.193:443 | i.imgur.com | tcp |
| US | 8.8.8.8:53 | ipv4.imgur.map.fastly.net | udp |
| US | 8.8.8.8:53 | dmca-images.b-cdn.net | udp |
| US | 8.8.8.8:53 | ipv4.imgur.map.fastly.net | udp |
| US | 8.8.8.8:53 | dmca-images.b-cdn.net | udp |
| US | 8.8.8.8:53 | partners.webcompanion.com | udp |
| GB | 79.127.237.132:443 | dmca-images.b-cdn.net | tcp |
| US | 104.19.159.224:443 | partners.webcompanion.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | portal.supportchat.live | udp |
| US | 8.8.8.8:53 | unpkg.com | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 151.101.129.229:443 | jsdelivr.map.fastly.net | tcp |
| US | 104.17.245.203:443 | unpkg.com | tcp |
| US | 8.8.8.8:53 | unpkg.com | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 151.101.2.137:443 | code.jquery.com | tcp |
| US | 151.101.2.137:443 | code.jquery.com | tcp |
| US | 104.21.35.158:443 | portal.supportchat.live | tcp |
| US | 8.8.8.8:53 | unpkg.com | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | portal.supportchat.live | udp |
| US | 8.8.8.8:53 | portal.supportchat.live | udp |
| US | 151.101.129.229:443 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | sg-bitmask.adaware.com | udp |
| US | 104.16.212.94:443 | sg-bitmask.adaware.com | tcp |
| US | 8.8.8.8:53 | gamely.pro | udp |
| US | 8.8.8.8:53 | gamely.pro | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | gamely.pro | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | gamely.pro | udp |
| US | 8.8.8.8:53 | gamely.pro | udp |
| US | 8.8.8.8:53 | gamely.pro | udp |
| RU | 77.88.21.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | unpkg.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | portal.supportchat.live | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | unpkg.com | udp |
| RU | 93.158.134.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | gamely.pro | udp |
| US | 8.8.8.8:53 | gamely.pro | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | an.yandex.ru | udp |
| US | 8.8.8.8:53 | an.yandex.ru | udp |
| DE | 142.250.185.228:443 | www.google.com | tcp |
| DE | 142.250.185.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | gamely.pro | udp |
| US | 8.8.8.8:53 | gamely.pro | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 172.67.70.231:443 | gamely.pro | tcp |
| US | 8.8.8.8:53 | gamely.pro | udp |
| US | 8.8.8.8:53 | gamely.pro | udp |
| US | 8.8.8.8:53 | minecraft-inside.ru | udp |
| US | 172.67.70.231:443 | gamely.pro | udp |
| US | 172.67.68.102:443 | minecraft-inside.ru | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | i.imgur.com | udp |
| US | 8.8.8.8:53 | images.dmca.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | ipv4.imgur.map.fastly.net | udp |
| US | 199.232.196.193:443 | ipv4.imgur.map.fastly.net | tcp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| GB | 79.127.237.132:443 | images.dmca.com | tcp |
| US | 8.8.8.8:53 | dmca-images.b-cdn.net | udp |
| US | 8.8.8.8:53 | portal.supportchat.live | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | unpkg.com | udp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.17.248.203:443 | unpkg.com | tcp |
| US | 8.8.8.8:53 | unpkg.com | udp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 151.101.2.137:443 | code.jquery.com | tcp |
| US | 151.101.2.137:443 | code.jquery.com | tcp |
| US | 151.101.2.137:443 | code.jquery.com | tcp |
| US | 104.21.35.158:443 | portal.supportchat.live | tcp |
| US | 8.8.8.8:53 | portal.supportchat.live | udp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 151.101.2.137:443 | code.jquery.com | tcp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | gamely.pro | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | gamely.pro | udp |
| RU | 93.158.134.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| RU | 93.158.134.119:443 | mc.yandex.ru | tcp |
| RU | 93.158.134.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| IE | 20.223.54.233:443 | links.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | portal.supportchat.live | udp |
| US | 8.8.8.8:53 | portal.supportchat.live | udp |
| US | 104.21.35.158:443 | portal.supportchat.live | tcp |
| US | 104.21.35.158:443 | portal.supportchat.live | tcp |
| US | 104.21.35.158:443 | portal.supportchat.live | tcp |
| US | 104.21.35.158:443 | portal.supportchat.live | tcp |
| US | 8.8.8.8:53 | gamely.pro | udp |
| US | 8.8.8.8:53 | gamely.pro | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | improving.duckduckgo.com | udp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
Files
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 33be5169d7bb86a2e917bb1c1fd239fd |
| SHA1 | 6ce1ba7548266058fa762024844749a03b4a7163 |
| SHA256 | bf41a016a430fc0287891d0690278b8ab3f89c55af164f22d97559da571f2857 |
| SHA512 | a5bcec7c53089958f46f52f5f329d05be0fb7525285b052553b97e6971e6399322f26afc47b9d471425e70e23dfe3ccbf68e28fdcecb9f13baae4b9ac7d52ed5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\datareporting\glean\pending_pings\ad31544e-fc3a-4d01-bec6-c0846540de34
| MD5 | 270edb7b3016a89dec20657d47390ecb |
| SHA1 | fede31e59e7e0d9cf22b4828ef41ad6bafd143ec |
| SHA256 | a43e16f76dfeca13aee531b0e28de3b281fad7db4fc233dd40a7ed12804ce40b |
| SHA512 | f9f2a28c8452fd6d61aadb8e2ed5b09c2075374b2796ea67a42106598837a55666343cf7226f77f5dd3f7dbae97019e2c6cd510246db38b79d99efe76f2aa312 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\datareporting\glean\pending_pings\0d2dbac3-a997-4c64-a179-b83fb2a72519
| MD5 | 0c939d15b883c52b676a0c170d2c5e3b |
| SHA1 | 2ff4af6b3edfbeac7b1e778b973d50132a316e74 |
| SHA256 | 67ac3e21bae9251760ba403caa3e62cad52dc09938412e4b7d612632ee312d54 |
| SHA512 | ccc4fc1e1e8f5460a465dac77c2d5f3e258cf7c9fd9a436add950e03245341dd1936539a70cb939e8b6e352e40de62ee4800de0dfb6116baa7e3446a3d1dcff4 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\activity-stream.discovery_stream.json.tmp
| MD5 | 66b5e2fe7f55eff12596083a3a858923 |
| SHA1 | b30ceff120f2662cac55081c78d38837997a4b9e |
| SHA256 | 8b2f094a720db3e7cc32f46bd39eb7b57f25e893b75454388aa7c5504c7e2033 |
| SHA512 | f9a8b7904eae8bb29ad342406df8e7cf7faac366c38d571e44a4cad53482e61370b505fa83392e8d784477fc970d1e6bcd090a66d08e9f3517f8bbb84b39dcc5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\settings\main\ms-language-packs\browser\newtab\asrouter.ftl
| MD5 | 96c542dec016d9ec1ecc4dddfcbaac66 |
| SHA1 | 6199f7648bb744efa58acf7b96fee85d938389e4 |
| SHA256 | 7f32769d6bb4e875f58ceb9e2fbfdc9bd6b82397eca7a4c5230b0786e68f1798 |
| SHA512 | cda2f159c3565bc636e0523c893b293109de2717142871b1ec78f335c12bad96fc3f62bcf56a1a88abdeed2ac3f3e5e9a008b45e24d713e13c23103acc15e658 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\prefs.js
| MD5 | cd30596abcb8a2610a5b506b7d991aac |
| SHA1 | c885a2a9dff17b333c2e68264bd394cd1ec86681 |
| SHA256 | 3403f558281d9a33eacb03468cae795959157b4f4ab58adf83cef6c4250066cd |
| SHA512 | ca32a291adbf1c1a33d6a15d03375821ca0c4e6e637cea1b6e26e4c5f0c1586493f64443ee05310d35952d7bfd4c1cccc6fa1104f985af7273a43f36606396b6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\prefs.js
| MD5 | 64ec654c527b3cef0937b71eb9b685e2 |
| SHA1 | 869add35db07d42fe6c954617da64834b5e359fe |
| SHA256 | 7c2180efb8d28257a3c3ceb364ee5e3f72f368776ae1827f44d3b265110fbc11 |
| SHA512 | 1f2f858ad5e49dd3f11712fad652afa70e3035eab730008a4087ba35bab9d2d002766390ed3d88328e0d689dfd907f906f30bb9362e072ba79874dea86a19da5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 3939352d44ca3a9fbe66ab409e3e1e6e |
| SHA1 | 5a0e8fd8a37fc02b7a6cbe90b9ca21affe19164a |
| SHA256 | 19f3a6fcac28a0b4cd52d3b51a264d88d385ee7947a8d5ba01e6571e038247b5 |
| SHA512 | c0847ca3d4519f05e9fbd8e9a5d2461fa478d2b6f669fe99eb08cf85782ad71f7ec9f24de2b7f0444700a06e343b28db917ea33c520a8da95b59160f6be5dfce |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\storage\default\https+++limewire.com\idb\2593500505lbmdw9r6-0ffibl4e7-fs.sqlite
| MD5 | 67f87521744e754a7ee3cddbc11de40a |
| SHA1 | fb84fd4e78c4d494d978f0ba90dcfc86bad0f3b9 |
| SHA256 | 67b918002338d492886686c5e6dc7dfb4d2020a76874d9d51b85e688b6494039 |
| SHA512 | 18163991080647775f9090d0b28aeffe02b434a4fe23d72f136d698f2e6ccce02e4ce734f28b3ba118d3011e0eb129deb917cef2cbe909875e7bb169d2e44b31 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\storage\default\https+++limewire.com\idb\2593500505lbmdw9r6-0ffibl4e7-fs.sqlite
| MD5 | fc559b4417297077b2f2cef41ca47d3e |
| SHA1 | f458135529b7374a8fff135c9e37ce693676f433 |
| SHA256 | 8c889c94f8670141aee57bd4713f9a60527f98c7199ad5e03a39386596d4ded0 |
| SHA512 | 28a89edf330ca02cc615d3a5218afa3ace546946e64a5d85998be3cf42ee33a54774e13f162c968f902363721b185511de93b9f1259b9b6e3e1e084199f74c28 |
\??\PIPE\samr
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\24061
| MD5 | 5948caa1eb2b9292b2143f4e3caeedda |
| SHA1 | 8aa301016b4672f736e128774be6c5c232a7d71a |
| SHA256 | 651f2f8aa824fd5e5148f4759dd4904f727a9c2cd9f7cb098dd88fd91ceddf89 |
| SHA512 | a487bb6d1c02a0cd4c10fc5ddab261869f55f28de8503fd45eab3d956c9d68e47ebf71252ce0a91d155ec501307c50c9a4754b7a39c4160cc875f9154aab9e89 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\4C18F2016606B43D054C8200B2142B749FA7F8F7
| MD5 | 70e3b4de165632805aca897a622acbf1 |
| SHA1 | 1d4e035824571bf9f4505aad7887c4906f77f77f |
| SHA256 | 500a4454bedac0840b1a7f5b6d3b621b6b68629b169c727060cde77d67f949c4 |
| SHA512 | 8b8ffd2012e2a2dac5c5bc5c58b3e14fb5f4ccaa2a419816d6fe41c420b0da6632bf0a95326d76fd1fc0d3c0546fb754097bacad32acf6c5fde4a5c2c3a3c520 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\29304
| MD5 | 37a644ef89a54fd7e5f8bb54b0178150 |
| SHA1 | 9a3abde4f279d6cb3ca99130496ffafbf59654a0 |
| SHA256 | 52670dd1b3463f10308029efee052ddc052b2336c74e81eb3394be52cd954e72 |
| SHA512 | f0d3f579d6f2c115f6a31c668755134b87bd920287dc55527c61f7d3a7ed72938e1244b072dc2226f99437a6d1af288e82814b686f8a9164c0029483ba4d97e5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\73EAA0767ECF1BFF6C0396D2598362046273B2CE
| MD5 | 54b5bad3e80e87effb21674178cbe859 |
| SHA1 | 0159cec0594cc4db5c19a7eb2ed2787f538d223f |
| SHA256 | d9fa6f99940f5880aaf9bc77eaec5dc98bd9f0bb3aaaec369283f31b5a0560ce |
| SHA512 | 06bd28eb0819e31e68c6624ccd3983c867a5c8cf713a3563d1466c548535809137601fa74d86a81e0b48701b98b6f53cc33b302c1261adcafa0b4e059d07c589 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\17062
| MD5 | ed616010fdc0bbfc48bc8b129fd16300 |
| SHA1 | e2d2da47f3265e3a72132c7e46d2a36a53ff5b7a |
| SHA256 | 0a070425b37fdf918ece7ab13f64dc6532ddde3b8514e1f56c4cb6d718627aec |
| SHA512 | 9be4fc69d7c6ce5131e5007d5057aa5224b0fd3d093c67bdf7bb6d8850c69fc63cae6d2546f989bed8ffa36f0eff8f4053d7a1ec855367b23de6394e1b5b924e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | ed9db89a4cebcaf4bae158a9bcb26612 |
| SHA1 | ec55955e25dc9d4b178b8500196ebeadac34b427 |
| SHA256 | 802a99e33844e7bc34efeaefe02c1b5c60065dd2baea0f8737c95a4a8b5e0671 |
| SHA512 | db59b1ed6d2e4463505c2d8c9b3a7d9a4dd811d5da4c37b10c1777452d290c82753c006417a64685aa8e5f19f288a93c3de4894488c925e9a6e3e4baabf7ee31 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\prefs-1.js
| MD5 | ec23f5374a9f1184f61c9556933271c1 |
| SHA1 | bd35e6d85e2e976b775232d93fb58edaf61f7a7b |
| SHA256 | 01211ea98ff3be8cdf216fd4fcdc459de55c50ba74b9b2634a496da407e78db5 |
| SHA512 | d08894303693bc7f490364ac93f222f414c9589b52cd71f876316460d1335b7023ba56bcf425fcb8dc8c840228c363201fdf11e9ec1e0fdf5374d3eed5a32319 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 38da3bb9ead0014cc487949290c5d7bc |
| SHA1 | 5a29b1f495c69932724d95e0ab493dee8643dbe9 |
| SHA256 | 37be3791dfe4c46dce7e48fa8a1f58ce7f11d406bd4afe46ca6c2a614e9a97f3 |
| SHA512 | eb01761f5e142aa6ba9130d64f96f9957ae3692e46bd5d4ece2d033548f0aa1690eb73461278f320b211c7c4f4363ff95dc44f5039b5afcf977a687018c42c51 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | fc05f09edf81f416dad9f0853e4a1d0c |
| SHA1 | ce888919f1bde07e9293f90f459f7129a79bab6d |
| SHA256 | 46ca16f28411b8a53544b4a65395d42cf4885b89876642b9c4a9ea06050a6819 |
| SHA512 | 05077e9fe808067f600da61b0d2862ccca9b9f708f055c09b3a8f210e2c5e80b887a1f91fef9a723efc9a07202eaa59405f3fdee40369c222401c0539d27a83d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 2e54feddbc02bd2214a2ab7b008e2706 |
| SHA1 | 868bce96c53f5c17aafb9ae6e35362ed1e82f48e |
| SHA256 | 7cef2da48a71a5ca534bdc0ceec9db2548ffcb56b4e6704554d376db80bf1eab |
| SHA512 | 728d8b2be0e6fb0b6122d48decc54cbef5240654d59e9017dc390913f0cdade71f1c253d9a3051386acba3177e4bc2dd20fbfd7d8a0850bf662a3d244731be4b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore.jsonlz4
| MD5 | aaf558f5036eba9e113a0f87b5ea1d26 |
| SHA1 | a9b284dd24ce48365ee3acefa6cd5ec27acf6eeb |
| SHA256 | e7dd7d0faa5094e16fcf249b794f4b871f26d7b0c44a332b86833632d46cce2f |
| SHA512 | e1adcfc2652d41bc57668d7a1fc607c5cdb31aa67a165095337d298100d932488283b5b6e72d19460ab4d53d0560b88bdc9ceb4f4c57950f1bfe7a803a06e401 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\prefs.js
| MD5 | fa7dfb9406309a58632c8330509a36c0 |
| SHA1 | c43c565bc08c2df630f1b425356edd32502c31a9 |
| SHA256 | b0f072fc28e5fa5322c64b9d0407ec57aa540ffd4465f794008a58dc29979b1b |
| SHA512 | a0c9d32eb7e268c50ab9b0e403e78e2634a29bf71900df1a8705c713e24a83e43220344a00f94aa1a0e74e6be484d847d09cc1e5aa1503b9909941ceec22b0ca |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\startupCache\scriptCache-child.bin
| MD5 | ba124be5761a8fbe221625fec2d7ee84 |
| SHA1 | f8617b00ee3c0d312c28852369da1878d564ad73 |
| SHA256 | 2f4592abf022de009ea331c95b31ef760e78efa67b20c7d66b054e8914d027dd |
| SHA512 | 53ce61703079932f08d881d51daa75f46a808b1ce64c1c0c85d56b6af2e6922294ffb7245ffa6375b8106ffd6e9750612f1ce53b97d955e792a707a2c277cbeb |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\startupCache\scriptCache.bin
| MD5 | ab341522348e7655dd5b3601cd66c62d |
| SHA1 | f08a3ba4a06456ac8edaf25865b1eb48cc8f9692 |
| SHA256 | d4d3b7951d2b963fa48b578d83716f24fae24194d24ea10ef4704a315d3b3487 |
| SHA512 | f95ff5e860b9fdc40c87d106598cb092b38f6bc2ca4922fe8c86a675ec352930578e6d6d20c07650fe4a61c2efe10bc66043244fce26679347a72eb413bedf31 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\addonStartup.json.lz4
| MD5 | af7ae2ab87817728d39cf68b61ba92c0 |
| SHA1 | 5cd668fd6b357f6bd6bdf321523a2ba5c57e6c23 |
| SHA256 | 4b2c613fad63709dd284a2d7ac8645b33e13eddea0ce45902953034d7e012518 |
| SHA512 | fd3bf105446b3c2047c3e0cead3a4f307423e74aeda2a0b019a8a6786d80ee2c5089e62047e338c0232d2d3c459aa8c3d032ce2ca4bdd5a635cd44fa32b5ff76 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\index
| MD5 | 805c657d56826e99f17d9f83d3a059cc |
| SHA1 | 626dd82748e3923a598ff34d6e34c9396856474a |
| SHA256 | 8d9dcdef82b7079c046a7efe683633fc57251963c075b9fd0b7c4cec4d558016 |
| SHA512 | a151c86e62ef26d16d950505477a82423c9e4a5369df7655f4540f7d427abe1213ec09defb7b79b718698e8cb15d20f5403e3ebb5f454b5720c08f30e752b4f4 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\index.log
| MD5 | 1cfcfc6c898820f009eab625157279c1 |
| SHA1 | 58e8199696e6d6c52bc449cedc30cddfdac48340 |
| SHA256 | d476ae1a9cd5d9d877b5fe94cf0b817d602f3b6c8fbf4e9baa7563234a65b12e |
| SHA512 | b40bc22d81e1e684a13633499f60e0e992c060d67edb15dcd7c2f5ca3ab6e1209f357de706a8e86775d5fa245c64ca26ce444399d8d7003471c5c77d5e836045 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\xulstore.json
| MD5 | 05e1ddb4298be4c948c3ae839859c3e9 |
| SHA1 | ea9195602eeed8d06644026809e07b3ad29335e5 |
| SHA256 | 1c2c5d5211674c3c8473e0589085499471399e53e9a85d7dd3b075fef6cbb6be |
| SHA512 | 3177b48cd0c877821419d7e5eb247a4c899bc37258994f22257ceaafefb316e6f5959faae02e380e432d7752f0218d45d56d6878c1e751d201d9fdb3ff98612e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cookies.sqlite
| MD5 | 62b987a3ef46337d45d4f98d0c838b7c |
| SHA1 | 4c5aa715a5c46b5f6a6f75d5f7dce0b4eadee0b3 |
| SHA256 | 941756f43e3164fbddaf2393d6b21d6778d77c99d9e9a37f6487b3f3ef686ae3 |
| SHA512 | 21821244e177f67db24d2f9a42002ed81cc1f67519a2dd1f8d8c1051d2b6d846d1611c0aff820f40a36dbfdf368b5ad9927e7cf2cbb8625ac1119380f1c9bce0 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\startupCache\urlCache.bin
| MD5 | 3b25a4e1b3881b7c355a06a8689bbaf0 |
| SHA1 | 9c2acc4a2265b23acc69fd4b9974608c9281f203 |
| SHA256 | b53ce53757577d43373ffda11f833e914febffa1294e8135050e13f1271fc04c |
| SHA512 | 76f9d4fdca07a84d9fce48c1fe17837a8f4bcad820b51351f7a03c6e4d1e61fca8e0f83a9dc98af5266d32d8535c8651dc64f2aa114d499e66b9907bf5de017f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionCheckpoints.json
| MD5 | 948a7403e323297c6bb8a5c791b42866 |
| SHA1 | 88a555717e8a4a33eccfb7d47a2a4aa31038f9c0 |
| SHA256 | 2fca1f29b73dd5b4159fa1eb16e69276482f5224ba7d2219a547039129a51f0e |
| SHA512 | 17e2f65c33f47c8bb4beca31db2aff3d4bbb6c2d36924057f9f847e207bdcb85ffcbb32c80dd06862ffc9b7f0bd3f5e2e65b48bb1bc3363732751101d5596b1a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionCheckpoints.json.tmp
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\permissions.sqlite
| MD5 | a2cdb6e0280382d732ce4f105f3032be |
| SHA1 | b1228c96657ab2d0e52cbf20c78d7c8b4d5d3853 |
| SHA256 | 326ffa27d578600e82aea89922a6f8542986a61ac2bc32ca33fff7093aacffeb |
| SHA512 | 1390b7f7c696623c1fcbed8878136d090fabaea78353c2b8ee17172e17211efa38e313aadd1a77c6b2f38a59e94093101b6a440e8c4fe63629688fa0f0883154 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\storage.sqlite
| MD5 | d45138703a68b00dfc0ee8717e5363f6 |
| SHA1 | 80a7245a5107e5aec116515dc562950cadda86cf |
| SHA256 | cb29ba720ffc1786961ffb1d941af1a82f0c76f025549d0d4428967510571c98 |
| SHA512 | c23a0356d4a7731b843af71e0574e4bd4e06e0ac61db70f75a496e898269ed5567d59bef45aab747eeeaf75f683f3d59a4e492e5d3c38ca3a1115686d031dd23 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cert9.db
| MD5 | 88405c915bbb2fd0ef2fb1f17de4788d |
| SHA1 | f382a8afe951d0fa6c830e9b72dbe8a2ddbb4f38 |
| SHA256 | d6d66653244db44d3667d34f32f94e20a9c5b0486c7fcef1f83196dd989b427c |
| SHA512 | 0f04750bce265c9294cf631d804078b36e1303f8e62fbcc82f1d4f7785b958f8d71f23345956a480530ab904380801dbd70ca96c4ad82993ae141e3677877220 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\SiteSecurityServiceState.txt
| MD5 | ef8be35d63ab56eb855f38d87bc6eb2a |
| SHA1 | 0e5e3af1f39a947c80a196306df829ae679ec2f7 |
| SHA256 | f9cde2ff717540f03c41e70a6c88e8168c544e4eb99a9ab77e9fd95a7ff6b19d |
| SHA512 | f59c3a4cbb6e18305f139fac5b766c679b44c996cefa42f82d255f514bab80a5647013fa988c0f2d3a07141d15b72f330b65168d818df7f2fe424651aade71a4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionCheckpoints.json.tmp
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite
| MD5 | 3a33d761dc802f7fe2607158761d58cf |
| SHA1 | f0d6427fcb35a7528992f1c466fe6ba869c5b047 |
| SHA256 | 75aaad0a7964568b1f38f3ceee635fcdcfedc30078eb2c9ac8f562d8de79defb |
| SHA512 | 6ccf04da1a86339ce307a8e3229d4439e6270a69d142eb7de58f9691c4fb589f25b4513e37c4fc93334d9078fea882330759971994fb19c3bd79f5cbf73d030c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\6D89348819C8881868053197CA0754F36784BF5F
| MD5 | 08799530e4534c343d8a2b4cefd139f3 |
| SHA1 | 8353e9e2d5aa5d276c17f40f6bcc8a3de12e8a87 |
| SHA256 | 0d9ca8f412dad6a4c61ee66b8a2866cf1a8ce2add7ba386e88150123192ef848 |
| SHA512 | d96b0378847566130a4749efda9b3526219d3812227ab43b8505776e61b8aad3b0260c3639fe6ef2c3b24cf36a220cd7ecafb74dd43cd9848e66d2083346446c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\AlternateServices.txt
| MD5 | 576eee618a2eb886cc2705f1d34099e4 |
| SHA1 | ce0c14e954accb72f08c636c6c09ef69002e303a |
| SHA256 | 4c526c2ae1f868c267897dc9a5160fb3a4bc483f3173bc4a221c44c70e3d37ee |
| SHA512 | 4b223f0fad5720caddba4675a9fdb7c0d9be6b9fdcb07ce7eedb8bcedf372fdb718a75b14a236651c1d8a3cb228c445574b3c19c57318423ff1cc6d6abb1903c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\favicons.sqlite
| MD5 | 016bdb3fad36fd28c416e89b99319387 |
| SHA1 | 2e756ad56c6c793bc78500de093a37cddeac8221 |
| SHA256 | eb2d62e39968013de24cdc41941202c895967b0175e6b8f76dc195cd1909fc17 |
| SHA512 | 1a49cf7da3a0898a93f5324e97663fc8845dd220cc16befad7fde3e844b74cebc2cb0deb1fbdd52937fc6bf0fdaabc9d489223b447d1fc9208429e40ed45d087 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\places.sqlite
| MD5 | 06f7c7123db16d48d4e8caa94e533eca |
| SHA1 | 53616e84755037a8bf3d7153b11cf9973ff03cac |
| SHA256 | 95c7c35b5786406f4289d2c5d43c7f1b138c08798b42f41c51cb3cad2c004588 |
| SHA512 | bfd9318e30f42bfc5d59b8ab6d6df18a76f03172d8ce67ad737b673dec79f9d007568bcb20ca53e2baf500d626747fc2705c49ab5a8d88d8ce19cdd87eb82e1a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\datareporting\glean\pending_pings\33a86e65-dc36-46b7-9d02-d0106bbf9e91
| MD5 | e533354365d3277b2fe2f82f7518ef67 |
| SHA1 | d72fb08e5b5d87784bd949512b04b48c69145bcc |
| SHA256 | 767fdbb111d892594000bdac601bf15723fd5c46254df948497b5e0ad9f75e04 |
| SHA512 | c14b3791eb19073422cbb513cd304185f69b7e5a67a21596ce91fc8f167b9b821e2cfbf306331b39e47a4d9e037211c8f315faf0806ca986dc238d5c5660f0c9 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\datareporting\glean\pending_pings\24ad0ea4-d8d7-449c-9613-8e31fb7e5afe
| MD5 | 44af87b1acae22cca5c450208d7d8d82 |
| SHA1 | b2ac9b3c9ce02f8f7086b893e77ecb53275256af |
| SHA256 | 91d0d00e8bf5ea891ff08fe989baf3a4c048a285c42289572c926bfdfb76ac70 |
| SHA512 | 9441fbe50cd6c63900515721342748f80df81cdbbb6d31efbec0a5733ea45c4e0c0dd61fcf070edca8575b026ece563582d1fb994aafcbd71180d5e3fe24a4e4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\datareporting\glean\db\data.safe.bin
| MD5 | cbbef5fafe6ba9ff47174e4e59e5db9c |
| SHA1 | 41888dd91a4678254235e8a5bf9b8b39cfd4a01d |
| SHA256 | b33711ace5ed62c465bcd569a27a5f5b0827123527df77b5edcfafffb490a516 |
| SHA512 | e9ae468ee985e2540355465f6c8b81487ecf4c8a5d6e25a4125cacb8007c957c396de267d8056cd35e2a1a9bb6ad6384637e497e09ab236736514c0025ef39a7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\datareporting\glean\events\events
| MD5 | 2c99a5dda62a880cdeb4fa2c2e5c6323 |
| SHA1 | da86ecec739f11d5934056d474744c68d9b5fdc6 |
| SHA256 | bc5400a0ed6ecd2eb42c02a54e423806679bec99a671d6038358c145a381e6f3 |
| SHA512 | 9ef2df078f09eeb5ba86cfd7c7e7915803aa7286e9356c08986d8fc1ede59c2c2188efd0f592e9edc0f2467ec8a960537be6c07ff61ecbac31cc0c3971e04099 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\protections.sqlite
| MD5 | deeced8825e857ead7ba3784966be7be |
| SHA1 | e72a09807d97d0aeb8baedd537f2489306e25490 |
| SHA256 | b9f022442a1506e592bf51284091a8a7fe17580b165d07e70c06fd6827343a54 |
| SHA512 | 01d303232d6481af322137b44fef6c2a584f0643c48bab2836f9fe3193207015da7f7514fe338500ae4469651e3d9618293858ae507e722198a249257677099e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\storage\default\https+++limewire.com\.metadata-v2
| MD5 | d15b760c87f5d6defe1ca2cc27ffb421 |
| SHA1 | 875cb19512c6af2213922598ff8b0e120bb853c8 |
| SHA256 | c08f33c8868f9bec1d16e3581b7518d55c0654c040f3dc06e0386568fdb01bf1 |
| SHA512 | 7ad9b308b2098fb2e804040aee4eb4f73089f1dbfd573490b412af1fc0fb41adbe09efd71f934b046763ee1b5ef3c4bc7199f04f04f329029459e55c757c6bce |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\storage\default\https+++www.google.com\ls\usage
| MD5 | 4c428e195a2fad0b912480f1aaa48bf3 |
| SHA1 | 52a8ec75e9ebe26a80438cfa5b234ccd96f24621 |
| SHA256 | 330e0baa0683f9a1187cfcee449c80c8d142c70ed58f6ed5bff634f23f399a8d |
| SHA512 | 795d309afb1c8bd2bb3ffa40ad5632fca3a1a8926143a1592a051ec8667bddcb21d0540fd33a898e4f28bfd65e13ae96693d96b11c13adcae09ff1f415a13ef2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\storage\default\https+++www.google.com\.metadata-v2
| MD5 | e1659471acfd5cc5cfada45164467af0 |
| SHA1 | e3927c52b418f79678c0b50556a272da0de07ca2 |
| SHA256 | 72aec4ce611e0c574142368dbd10e0b71c9c57d70a9c4c02817026a0e85d998e |
| SHA512 | cb6aaf299f34fd95a5544d1c1645a66e55ab97ffced9c33776d25c166d34abc9760e86ffd8276c6938f93be0095b8c17af58957a1277fa26dd927e6b68affcd7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\prefs-1.js
| MD5 | fdd79e6bcafbff7c9863b89479275686 |
| SHA1 | 65354b584b80200ad90228d799ab2b7d6ffc07e1 |
| SHA256 | c56b931fe850f20b9dd82502fd2e0fcdde964ca56e7dc74ee6ad4c52a62683bb |
| SHA512 | 644d33347890a0640107047bd0223c551d05d88f239430c16198b9fc8c1ebb1da6a8648d073e13695735b90c63d1cc1523fd192a5abb0baad128c9a35ba6067c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\thumbnails\e5cc99acaf3dfe519bbf116557da450f.png
| MD5 | 9f8df46bf4ba942bf20ee2b57a5a7467 |
| SHA1 | 7f7a0082b181c690e1cb5b0bfe9b1d4ffdcf30eb |
| SHA256 | 5a8d3b4d11e44c3bce62d62263b9827d6a9022d80270e7935b12d573cce8daa7 |
| SHA512 | 3a063def210095098966220d0b1f5eaf99747e7998441f3178076dabb2ee9d57587a59196a6855cbfb12ba26b8c48d7fd24004c1b3778e55790e5b3d26f5c6db |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\weave\toFetch\tabs.json.tmp
| MD5 | f20674a0751f58bbd67ada26a34ad922 |
| SHA1 | 72a8da9e69d207c3b03adcd315cab704d55d5d5f |
| SHA256 | 8f05bafd61f29998ca102b333f853628502d4e45d53cff41148d6dd15f011792 |
| SHA512 | 2bce112a766304daa2725740622d2afb6fe2221b242e4cb0276a8665d631109fbd498a57ca43f9ca67b14e52402abe900f5bac9502eac819a6617d133c1ba6a3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4.tmp
| MD5 | 5e87b4c0e4f33612f92ad0fd2a0401f8 |
| SHA1 | f10f8d8be02a72ed751126ea8e0e31610c09d55f |
| SHA256 | 7db06de8635cb79026112862b373e4d24d036dedde2f54ef715c3cbd1ddb2f80 |
| SHA512 | ee2d76746e908a60ce1ddce65b7ca010e656cb68aca0aed86f7c6114305038cb5ec03ab08de7e5b2b5273b7f8ee829d9f9e7aaf0ed333c755940cad0115a6a1d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 9c45bacf5ee7636352a14df85a4c1353 |
| SHA1 | a7f7478c03c2080e0e51e3d4cfe8ea8945978c60 |
| SHA256 | c6a0d4dcc642361353554a6ac6ca44c74e5847e94796e68549ab06a15589d2a3 |
| SHA512 | c3106b4b3c5c3d057d18936deaf91534cf9d4dff33429fb22c42c5225083d35393ec3b617f9700e75111716f29663692a22a4e1905c1e4131a01515a5c2d852b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\formhistory.sqlite
| MD5 | fcf6700893cf55f19a9ea5d370258be4 |
| SHA1 | 1641775098c9a606e9e153fb34d5dec64f21e3b7 |
| SHA256 | f89ff34e2b882b07dc359a3f3ea8ccc1a2fad087296f41a23f654207d477e3e9 |
| SHA512 | e4663c5a562e86e1f2f76e8d9a01c76204a0b8f9da0d647e5927a2dcbcb03dd5fb71fceca6d557cfa7d97ed1e5f9bbcbe00fe36e8db91866a93fa42361d4b077 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\EB921352F352981E1630D05B67EE4FFCA81B0519
| MD5 | a587c6c69636be89a92e4a09cbc5520c |
| SHA1 | ee76a3454574cef78d24e1f7b6115e0d44464258 |
| SHA256 | f735b64042c1757c419d964ef9eaf22af6af53dd06dc3fa43641e087cf84ecb4 |
| SHA512 | 771dc0634b69e94a2f8b61b1c0d82c3112680b3841f135a84cebe89ea4444aab6f8dc55f28f485c0cfabdb73c5d83e2d2a23f991132a75d834d06ffdaccfe421 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\C85D51C0F40E8F61591881546FB98A547BAF947E
| MD5 | 35917b34a6909e203938eda3fbd8645a |
| SHA1 | 8bcdda3702e5e84e337d4943773d2849ca066b69 |
| SHA256 | 99db124da34f6963ca1328b6c3f75b1a48e7ea3d9bdc7ed974eb4ecaa7f10656 |
| SHA512 | 9aaab1c44e474b08f77ffb9de1e88b66d8948dc1e0f0280f086e667451162d99e87056aa6601fd63ec8f280cab75add9770296c855da1d682c8d505347fa3cf2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\8AE459A0C624B0A26C9FBDB594D4AC73C7EAF156
| MD5 | 269027a3f20a10c903548faef9896943 |
| SHA1 | 44093e6be63b8ab7a5f68ca4e9b63c5fbd0a7d55 |
| SHA256 | 97c8a77e4388eb807e833af3b5174b242e6497df89bc1676538cd8a44ee19b63 |
| SHA512 | 4b1b55cb9a1c3f6340f9d94c0e52200ffb10a3da9f0e0c987b6a2e69898c477a050fc3da47d8ae89ad9754383a67da603049b413e9d13a769f042bef08d9d69c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\1CF967749DA8AE7ABE25FC8B3578E564AA41DB75
| MD5 | 88074b4dfbd37337ee705409f4bee2cd |
| SHA1 | ad812b7433ebea86f716d3644fc6067527d832d3 |
| SHA256 | 6ede11d53563e9c56459bef5be2952093f5d68a51a33d21d01d8f9e33f862c31 |
| SHA512 | ec25fd7d63ea032e3374086edeafe7e62f2fb1f3ae547be96d511d72e23e3ac1a3e25c44ea27591dda754e7f519ba331b56ea8e215c3b2653f7f3d4a6617930c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\A5B99B275F90FABE3C93EEBAC4EDED792A9D6854
| MD5 | 7b2a0935a4b4b7831f72f28fafef52a6 |
| SHA1 | 2ffb8c34f66d9522a72b8d488c057b1ee4e0ae82 |
| SHA256 | 6c7595c6d369857fc369ac49db562a47f521a5eb5a7959d0b6ae09ed536fb44c |
| SHA512 | 3d59799bfd4316eae259d63c68f3b7402a1756372f6df466de63be420e1c5960c49f46293c5b50e5165edef40f6cb15df0a5f3ae7b8316a1036f13860450d417 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\1A4284090372CDD935419D03AF68C9CF3ABAE584
| MD5 | e54694168810115db64acfe27a2fd5a7 |
| SHA1 | 11ec2b2c3360680c1dd1592abf013b436a991cdd |
| SHA256 | 7437967abc3b2d39bb39a9503a950eb80796417fe419a69a9536ed1222eedeae |
| SHA512 | 48f0ac3e0087ac30c6dfa5d0da2bb98bef4cc3bac233c7016ea861788a1c0680946b1819b2a1c963cc2bfdb1c2d7706c71019eca1c9cb3eb522618f4e69bb783 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\047DC33263ADB51399FFD73A80E487AE4A0EBC9A
| MD5 | 5547c955175317a7539f897794398038 |
| SHA1 | b1bdb941362a462246d844e9c57cc1e92ebb7dc8 |
| SHA256 | 73a57372fb7e92b06805b5b95eeaf5bd0c39d40e804d9c50c6aca3eda73f7136 |
| SHA512 | 7b5effb21145437fce40d921983a4fb6c68da3da50e02747f5bf5d033cc20560e86dfd94fa709e8e2f6c4bacbb2785162ecd515f33794b941d7ba498f7f6944b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\5FEC31B54D50AA81E863D2FE514B942EE293AA0E
| MD5 | 7779482d332ffa2d69c19f891106cc9a |
| SHA1 | cfdaac8e5aeccdb2e0ff965bf1f7617983e42f9b |
| SHA256 | 4990ecd6c1fac68f2017c456de89d23ecaf233bf7ebeb927a2ad1f37cbbe384f |
| SHA512 | 8c8fd906e83c0b53653dd325a3a9a3bc6a8d5227fc5ebd14320ad96357a561cf3e8c796e5d69ded1ed6c2df8e464e624e19a3c85b0183a994f10197ea4d41a3a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\BA30A8866A8313A16394DA2599448520494928BB
| MD5 | 9c2d6c0ed38658f1b1a330c7340b7019 |
| SHA1 | 4b8354f38f45e70206b68ffe5b0de4c305214de4 |
| SHA256 | b1c68616f84036bfcb3f1a70fb68f55b40fcd5c06ebe85e2b3acc5e7279b73e2 |
| SHA512 | ebdac9d4c7c7457acfbc419979dfbfa5dbf2d22a8dedab08fdf364633725508f5bafd9c457bbcfa56ac4459e82fc3721a4852e38046005a4696da6524bda058b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\79147479DDE08DDF6C904A234618A0D013413437
| MD5 | c908d6d688772acd9ec707c1f733c646 |
| SHA1 | 0ad508a68f36a0d16794ff6466284eb3497a7577 |
| SHA256 | 659b16a58ee0484066bf7769cc38b2e9f8a7fceab42830fc8829b5bcf23c991d |
| SHA512 | 500c21ff7fc955853398ccd172593da0cfffe460d2627a58bb6e4c7b3cf92c511b48ed54e653e0ee0432911366047174ace6d3b4f81da1632e97fdb6fd4eded6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\73EAA0767ECF1BFF6C0396D2598362046273B2CE
| MD5 | b018b045cec22702f5100e47df78920b |
| SHA1 | 10dcd2128d2608e03898ac834f6b3ae6dad5037e |
| SHA256 | aa6d4da5041d255d415edd1f3c3c82e447a9d06360f4d8c250a1f4ef7d005b62 |
| SHA512 | 6437fce55cb9e9bd875955ff7b9deb82b19df5a0be6bced162e1cfdb03c9ce0650047f58c6a3caebd7209722382b435be713181a74ab7b7b35fbc5873b3742d8 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\1FB1BE7AA8AE107A273DDF296642267C9F6180FC
| MD5 | a9ab349dd9ef437fbdb58996b552ca93 |
| SHA1 | 1a6b1f94f413dbb1532e65f8d52af08d94f33568 |
| SHA256 | 783f3fc449379c3fd7f61039f0858967d92b653fc7240a8d99fc923243d7eaa8 |
| SHA512 | 9912d3deff7842d5c7c42e9d5e55b7135f4ed65dc040852b64753802bcf8adf9741de4fa145982b8212e4de3fa7a4c34c11491b47336381156702c2151010e9c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\5A9FFC54BDC24F3AB28A542142AB9F3AB0573E75
| MD5 | 40fad502919bfda1b0903ba613dd9462 |
| SHA1 | d415e021022d73c4a61d4fd9c8beedad09290bd5 |
| SHA256 | c1fea01906abf8ae8495ee350d7c7a056c6f2375b53018990e0cf041ce47a0ce |
| SHA512 | e36d47c67139f556be0b876d1adc33351291ce25e1a38b0654fcad0e7ac09c68bc243443b45c3d20004f07f798da60c4df2d5388f4e61175255a41ecb242a04b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\C7F27F1B728D8DB7CFCCA0B5822E7997A8F337CE
| MD5 | 7f774bb8e573c2a568d4e96d3c9b725f |
| SHA1 | 29bf0e986cf53f620f48e096d4bcab6b5bc414bf |
| SHA256 | f69a5d32b940ec822e5ad71f0e48b179f033fe746ba15ae005679482aa68a0f4 |
| SHA512 | e072e1e7ca8e7011b002042e0febb4c57297df10a3ad098ea3744493a8fec45733fc4e09d8e76b6e31658bc7fee2ac97f9449b80aa80bbc865244902fde6c8d2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\B20AFDAC04D73B29FD4E298364F20FF1026A8956
| MD5 | 625b316f49c3c67c2e972280d54023a8 |
| SHA1 | e8aedcffcda952f6c13446b2bba5e5d53f9f739e |
| SHA256 | 470c206949aff6a1feb8f2db133bbf806002f24421c5178c401913a04fac0b1a |
| SHA512 | c208b22feffb6a6f1c00556f131840661772bddf64f02f46eae5fc6713ee4bbd7f33ca9ecdba8fe9685aa47e67d5b70a1bbfa9774838fa3ec2caedbcee2cf41d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\B554FEBDED57E8B700BA72FC63DF0F079EB37B60
| MD5 | 8715fa9063ecfbad28bd47542abc6678 |
| SHA1 | b9466797e8859be4ad716e27c98dc88043de7e19 |
| SHA256 | d7907697fa4ab61528df5b62ec9dd00be258fb235533bfc45ecd71532591e460 |
| SHA512 | 71b32ca1da7453365093608fd056318afab9227f86f20b9c7cceaac59c08cc0d55efb340ded90bd25114164ffb5f803525b02511754c40e7e827a7758cff2b0a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\2C9F7C365345D332755452A43101FE4AECAD3032
| MD5 | cedcd7b26ed4079fda585ba2fe6fa85d |
| SHA1 | 4a74a1626b8cb16f15848a6c8130757db3c094ec |
| SHA256 | 3175a19d9058f73b02de6e2b0e6bc993d170a55f1eaf97d7d11ade24119e8862 |
| SHA512 | c7b78b9fdc7358539a503481bf4aeef54efb101fdcc4e9ab873b70f7912ba71fed44716a4d529312edd64f59bdee38bc91decd94c2e857c39f62473e70614354 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\A7A216714F2D86AE63E7F54E4906BDBDF2CFCEA4
| MD5 | 105f4c8691ea99db56521a1c69ca5497 |
| SHA1 | e9bae01b2e49b74bf6161cd52b8f93e75a32a1d2 |
| SHA256 | 560785bb26ea75b4ed33e42ab03642a662fcea7abb92c5ebcbc8cb7c7c2b3f0d |
| SHA512 | fe075155b93920e29087c73a1ca76e9cc3011ba655fa472b7f6f908d95aa5dc1fe8c616df1180b472a33525d2b4453408a00b9baa8951e1f66bdac9e0721eac3 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\3361A155F53862EAFECFE104E9F3C429394EA4F2
| MD5 | 8212dcaeb4701d39610edd650c198ab6 |
| SHA1 | 910efe9fc555454882e7e63af0303b4561175903 |
| SHA256 | 15c62e96f480970aa39a3add792178d4563d687c407d386a7c9c8b6554220804 |
| SHA512 | 95908db9ba53b0ea7543ae157ee3510daa1aa3b409837a7acac06ca6c32b66f647e695322108e3d1de0d38413fa1592f37a0d4269247e923521c7812fa919cb6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\1763C62EC471851BB323C7AF5435CB7171D42421
| MD5 | 078500bb49b9b200af59bbf233cfebc4 |
| SHA1 | 898b497866278b7a5b1287d20692dfe0ec306cf6 |
| SHA256 | 08e5e89d0cff61abf8fc9cf4a79e329b123995074e9683d8fc924c0255797e1d |
| SHA512 | ba472fa0bfd21bd3efec5a8dd8f3660ee8b1e1b58a117cf0369c70975bd12e6cf78085dc5388d17569552d29adfaa8b7b5f308b2facd68314f65d85172305493 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\F6B08A32170A2EDC591AA8481B4CB167904E2378
| MD5 | 593823651de199c63fc7f2c7c8d27202 |
| SHA1 | 1acdb725e0e7e4b6791b5b48345a889aaad44aff |
| SHA256 | 8aa0b5ac9417a0be60246c716658a9a8c4f525cc184273b98e0b2f54706b1f97 |
| SHA512 | 9c75ef4e032dd147bdaff0a185310f471f4009fbf2779aab120e2ea4629c2b7bf8eee3fcb61a8e6d7fbca42cc643643aab44749c570d236b4a782861a24e257d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\C20E6FAEA650EB528DD52149A6D1B3350DEC6FFB
| MD5 | 8fce8caeed6ea4ccd0b59917100c11dc |
| SHA1 | 1c781206ef94b10aee7924a2b35e92e512e56f18 |
| SHA256 | ae9ae00481254c7700051289bf02f0c31f0aabc69d95981c627220b9914f1fcd |
| SHA512 | 2c765f63d4ae50102f2fc149ccd89a10dd20279c6ed99103ccd98bb4e79f6075fc965908025b3825804727604f2dbe80a37e3036579b3785f394f43998f1b60c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\2386B5FD2B2EE77EEF07E46EC15D4BEC79022A65
| MD5 | 30b831a8061e0bf656e2519d8c462246 |
| SHA1 | 0fbf8fbe8bb6090558c02e7ce44fac2425f4d1e8 |
| SHA256 | 5116461c6c29c6c4bda1f1a20bfdd108cc8702558706eedb1daca7587ca398f0 |
| SHA512 | ca8cb2fe3396861c8a33ed0bc39691a216a8cac173efd5b492a6321dd3dfc38be0462490de403fe865b537a77902b0df0fe98301d9d0df39b3fd3a00bf58503e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\7293D5E92123A55BA7D5A819CA76A2995CB4EE79
| MD5 | d2a2de4cd646c12f2bf033a6e6c51865 |
| SHA1 | 00c09342f605aeacd6f2b8d5979ae80d2fa00b3f |
| SHA256 | 1d4ba6e095b5fe3f9628817ccc18de37beacdacf5010a21bd8ce8d2ef8e1f4af |
| SHA512 | df458664b224e47a3d8f3a2e13383898fea3f0f1f4f0c84758fdb89f50832dd87285ff510af6f9a9e4835b68ffe6014c00c27767151c3f93809c918298525ab3 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\047DC33263ADB51399FFD73A80E487AE4A0EBC9A
| MD5 | d8b950c090886e68c3319b92c016c438 |
| SHA1 | 24aa048fd94bee066fe6b8fc43eba2c2505e4c2c |
| SHA256 | d53884f9e0f54c5a941809b938493e39fd8d555be15a2b02d219c84a6fcbdfb7 |
| SHA512 | dee07adc67b093b7de7c8eba34291c408bc858d6aa119fbb35b801240b525c17feabc69ac3b15e8f8e0866f890403322db7d7516e1c64b5428188992360f3e61 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\1A4284090372CDD935419D03AF68C9CF3ABAE584
| MD5 | 95931818959b37f6dd6d8fad0204d9ac |
| SHA1 | 449d550c9fd9f02acc3b5c7e3cfcc5979db89996 |
| SHA256 | a6fd1d277ceffc06b6da5fa78a41376ec055ccfff0b763cd6b572696b3cad0d5 |
| SHA512 | 0c855756796c3b00733fdca8fef3275c5b01451a4590fe84efdd0ed71d9d2b3e5c17526f58ddbb25c9079625139e0fac0c5dd0522df0a244a439e92bfca9657b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\5FEC31B54D50AA81E863D2FE514B942EE293AA0E
| MD5 | 51bef9daa8bb1108338042afc0c6a8b2 |
| SHA1 | a427938ee54b14409106afb207ffc4d34204dfce |
| SHA256 | 896fb30a5bc5b6534163c19bd7e88282ee43b144acfa182d9dcc77acee0248f9 |
| SHA512 | 393e330b2c12a3693ef9675d4630ae18b24f269b67c3be88e1e6cce1a098393115136dfdd1895ba3948d04de1194e20b855d899e36d7b36a32bd1c1d9e5caf29 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\C7F27F1B728D8DB7CFCCA0B5822E7997A8F337CE
| MD5 | c89267f63ea635bec65ee4f75efdf747 |
| SHA1 | 9d69cd6298ecd9a24286edf833bd0ce53c52dc3f |
| SHA256 | cc5a3a5eee351bb7ff4a91632d16d9b3b417228be58550276808058ee7e067c8 |
| SHA512 | a8f000980e56c5639e6bcf30721e5611492a9c7cbb551e1b5fdd9c31824eb8a9aa8a13501347de8d6e7adfde75f2ecaf9ee4d6612f974d01137d987d0f4d2a3e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\79147479DDE08DDF6C904A234618A0D013413437
| MD5 | 7a621109893c92f35b177a0b89d8bbd5 |
| SHA1 | 9c409a433243c5fbb84695c597fc7e7e30c44666 |
| SHA256 | 648725aac6be0c8cfe36e39a3f67eeb7c6b5502029b06a35303e9f96cb643784 |
| SHA512 | 574fdc69c300f242e497473cb26aa77f42cea2b19bf0d123293c2c9d5615f26c02d7f6cd3f5ebb8789382a2b8e1e6f7e69bbdf6d823599df1553b0de1085fb87 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\BA30A8866A8313A16394DA2599448520494928BB
| MD5 | ce016f38a547b7523a360d927dd79dbd |
| SHA1 | 80896ab375f244934dee89b389d974154e241c71 |
| SHA256 | abab0cc8063931651c2c8ec7ad19a97edb4cf35a91b7de7f00419bf551f22ec7 |
| SHA512 | 5a791f61b811fd091a55b6c18a9f9cb305c0e0570965729dee65fe50f71fd24b11127977b307b018d8270f4e3f84de4e37f79eab0486f8472afdffd1630ec9a7 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\967
| MD5 | 3e32e73baeed732612925a0475498ee6 |
| SHA1 | 05b6b166c889db1a1d03399366209eef534ff5ad |
| SHA256 | db5ca0ab9bbf9a166dfeb3a4153711baa3fc64faedb217902b211efeefd40e67 |
| SHA512 | 51ea002870eadb3ad10a66b990d807574a2ddaaca4d065233362ece5cf215f6e02cfc4f1d26523ea4f0e2eb8e0020824b7b3337d53181c69394869f6a3d0bfe6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | bb8fceeed17764f381a5701b598eabc6 |
| SHA1 | 51748a05ba13221be6b4b0607d1c6e2c8699c960 |
| SHA256 | 945497904fe4aeacefff09f7220217cd44607d45c8b8c16280285a3dfc72cb9d |
| SHA512 | cb3e3bb1c716970058fef1632552e5d2e17e5c21af78c16524749ac859ad208a3c4cb4ef1eb97920fda61edff1232d0bb91d78a604b68b4d4e802f36469eaa7e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\1FB1BE7AA8AE107A273DDF296642267C9F6180FC
| MD5 | 253e34cde4cb49165a3392d93b83ac0d |
| SHA1 | 508fcd6078df95189fda1204e1996ae0c21de157 |
| SHA256 | 3574d4d2ebc8bdb792487fa6332a6f44ff36f4f27b96180d450b1af357928c25 |
| SHA512 | 343c82b6be9d0179aaca3e5f4c1a729df4b64da804a5999eb477b42930496de6616128cd05a8122bdf6c08ef38cafb832a4bf67a692f916027b193a9d93d8c9d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\1009
| MD5 | a40d32bd9809eab135feed11a4b2f33e |
| SHA1 | 01d6055eb61c9debac6545255370b9faf345df55 |
| SHA256 | 910faf652631386dd58db8c684f714e588f6d01ae46075f7f46f4cb0061bfe16 |
| SHA512 | da2a0382549e58804e16a24f7a18f38f2d2a478d0cf111d168587ee4790aaed79b4e0410c67dc5ec9f961e2084c7166e52758a09c23567f9b93c38f7935346dd |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\prefs-1.js
| MD5 | 7435084a62cda6e1db772d6890d63c9a |
| SHA1 | e5de788d06e8b4c5e43d56ba8b728deaef223ec5 |
| SHA256 | 13a4b6762fbf026ca412ec4d8e4afaec7f397bdcb64a871a6efd268ec5f1755b |
| SHA512 | 11962adad8b1ebcf2984b5f59c5a5a1063ff423819a85daa6df2603e8614643e0b9710815f69a955bbee4c9835b7a90d22a6428dbfc26da05a55c7fd89b53a73 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 2ecbb4976044312d670064128afe5749 |
| SHA1 | 596e4c7d3bcd6c3794f242f17a61e9e6171ad5ab |
| SHA256 | 8ebfdeca15c4ca1d6a8a3e7e10a52bee5e11a5184ea5d4762da9d351859f9759 |
| SHA512 | 27bb135eed391c8997edf1086cde9f4779f3808709541585f0352e542427838602691a7ccf2f1b4847edaac786a3789e5d251f74e437a94def5dce2c360e4b4a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\5827
| MD5 | 96a88cd8c90c47fccdbb1717dc161abf |
| SHA1 | abfcb8da4a5dac3586e2be41f83946d6772e1af2 |
| SHA256 | 3b0637c3c6235e4e317546a1faba9c3624283c83ba0124741bde7089459205c4 |
| SHA512 | 85804a52c2231f9b0751354353a14efe710e18850ed24857979467ad57b9eb4a5fb84eeafd128af60ab7e4a1daed4c767ccbecdf27e50e23604ac401be1273b5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\32176
| MD5 | 80dae8bc49fdc1c630f5c176dd85b3f5 |
| SHA1 | 3f7a46154599e044e0ce5e750c7b7a96e0f0873c |
| SHA256 | 200d54bf2cfbae6a2518876922d5ee4a8e86fc15e74fa3fe342a17eda52da0b4 |
| SHA512 | e80c67ebfa1be2b5f02362317c5a5baedbb3007771bd32428a87e605220dbf22b3589a46e2f76a6a85dbf88d9f2d9f5d0d056b56f26b049c779bc3ac758a3ac5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\22379
| MD5 | de496cea22982846273467121dea4b3d |
| SHA1 | cbe1efe9e15fe58efc233450b944e8ee299d8b06 |
| SHA256 | 86c53d2d10beffb51c078a014278801ed89c75d90aecd7ef611d33f70aa6e625 |
| SHA512 | 6f4dbe29b5f5161ff68c5a0723a9299eaaa0bbf2b84a09bbbd6e828466e08374992de390176040e92db56067ae4ee111f60392e1ab2329868660a5262804b789 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\19489
| MD5 | 54c6dc490f18150944895fb5bc1c2cb0 |
| SHA1 | 534741fdeff20823c954218cb493a656771aef57 |
| SHA256 | 1dcd4c31ef0be7e2e4ea12c4ca781fcc631dbf41250c2e35cf04be6a7037963a |
| SHA512 | 88ae3d7f0a7e9dcf0d31f51690c4caad17aac5991152b284036a9842202de5d4ee7ed6224021ec863b37d06c3363828f7bfc5d2aaa61928424933f8e838bb6eb |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\29285
| MD5 | 1383b073d49e4ce613071f269a25a062 |
| SHA1 | 2d8670d6c0c5bb7db20881b331323653c5a5141a |
| SHA256 | b75c70fdf0b246e3b7351beaaf7a926dad1df1046ba0fb09877701465326c54e |
| SHA512 | a3fbe2123df2f8875f80291fc05be59f832951348f590afa2141a834d31b184ab895b3c51ca4074c0eac97676b274d4ed5471d3a012187000895086088517c91 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\28836
| MD5 | 906e703f58b24f379cb214b2dc5882f4 |
| SHA1 | 2356ea8ee869c664bbb21c8bdb0a697db49e1a3b |
| SHA256 | beb402702e3724132a68db03c04120000f64607940cdfad73920420c240cf81c |
| SHA512 | 443fd063d9bf4c11560a4ce966ddd44e11b4e8a003cc54cdbc413808a416e76c203caabd9ca4f00f0b889e26b7e74a906d9cf26d770496f47db75bbb061e92ef |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\21E959F8770D67459E38610624F336AACFB3D529
| MD5 | 4d7f9e13bf67cc862c72e4030f366276 |
| SHA1 | be40e2f2fb13bb402935f0920438f8bb1449049f |
| SHA256 | 2e151bc174f744feec52337fd352ba3ff8282dbb6eab0a2b6d2df6e321bc06eb |
| SHA512 | b30fbc639c1dc06b622a58045f085d63ef9b0f38efdc5536d702946b7f94ea2fb203f6e23bc781e47a6eb06de3da854a6fc89e1f089baf2dd3adecf3b6562839 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\B2FC9333365215F8AB73862C5FF695A8E0AC7B34
| MD5 | 26e2e376e976626b9a6a805d3d5c7e20 |
| SHA1 | 86a5d964372e980196cd1378d2d0ae00a0f7589f |
| SHA256 | 9bb998ac6ee6214c341e8c7bbb99a9fbad6719c6ddd21f27153df0c75d048222 |
| SHA512 | 9f99fc5ff0390f7af044b0629d856abf40d8be17714e014849bd812c191f6d4c30c14b44bbbeb41a1439ce9e892c3b50ac98b7b19a4948224498e2685bf129cd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\53FC94F0947B78F378C5CE495559ACD51FCCA6F6
| MD5 | b1c8aa91d3ed597d37af192c4b4c58ea |
| SHA1 | e9c11bef6bedfd62911311f19aeec648998618af |
| SHA256 | 5500616c057d3e71cde4e1fdcf72c644b4fe25ce024538997b7775f13a0e9158 |
| SHA512 | ceed907910ec15b04f47e9d9fdefd536de820581b5667a007a9fecb56fb9a824c5f7e7f0a648b43ee9a714e35429913a038b506137c4672c3dcbbd3f8b322a58 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\79D0FE390AE5E662DB64B0262924020CB1F1DAD6
| MD5 | 722cb0a5efacb2df4f4f02b842909090 |
| SHA1 | ecf7e0eb09bd5830ac1261869d6b3e81a9ee34d8 |
| SHA256 | 4e46b28e347bb6f95cb2ca275f774577e82acfba4e8903341743195cede4ab6e |
| SHA512 | 8335890a49e3bfc321103c32f6bdd40952238133a5c877f631961bd2c28f726e73f6a6ebe67cc0a08d2bf568648a7eeedb708d90f614859d20aec32bc16cfd7c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\1271D81A0C579FD4BF442AFF46229C333B9ED2EE
| MD5 | c531448f95aec846f538e76740ce1471 |
| SHA1 | 0f8294ad2788b19ca168513bbc1062b917707dd3 |
| SHA256 | 196e050a9c639b864469bad10ed917d18809b51e07c72f51752fcd096b595e5f |
| SHA512 | 9d11c38871d5c0bd6bf01b56900baefc8591f100afdea0477fe04e53c7fe61df76e91e3c85955768816a60668bf81e229b77776b83902adeb8c4dabdb7833b8c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\896F2B40654B677F7EE5A2721F4C9C792D60B6DC
| MD5 | 0288adeeb208a0730d45247f5570f899 |
| SHA1 | 47833f358f065875957b8c2d9cdd46ab15729b11 |
| SHA256 | 5e4fb807fca7cb09b8c76f9543ef4449aa6b0f30941ce0e286205afff006b54b |
| SHA512 | 7087d79529d4da9074df175a897e5d6faff7971df37b2819243081e665381a28006c6054e61874523f5b825a5118db0a8bfb5289c0fc0e62ecdb0fd28bdb2f68 |
C:\Users\Admin\Downloads\Yandex.6zfzivG4.exe.part
| MD5 | 3c18307dbe79f968744f7edd4c8a18dd |
| SHA1 | cd325d6dae79a73ada9acdbc8a6b04119b6e1d81 |
| SHA256 | 1525962d4f48d72eb8df82abab78b38ed7f2f9f13b6b2e3e3229328f04802efb |
| SHA512 | e2968f94b319010dbdea0fa7724de97167b721f4d5efb98d11b009b16c5a5003d975944183c7eed518d5ad7a94cb8604626f6d7500650d267e9d6979ded39f6e |
C:\Users\Admin\AppData\Local\Temp\TarC067.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\Local\Temp\CabC064.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | ec0ce52530c2ee9d3f64884fef0bd009 |
| SHA1 | a9e9d50e016d6c58042191799764f81221e25b4b |
| SHA256 | c59099e35333f1a0fb4a3328c71401fc95b3f8e47874b13bc8743ac1ae425206 |
| SHA512 | e55aa6ede039aa642aeff0b88cb8cb5c4f4d8110571bd07b85019fd611c99ab2ec40a71b6c6c002ef242adc34e831ee1832825b4bc941c31349e0aad566b1036 |
C:\Users\Admin\Downloads\Yandex.exe
| MD5 | 717a86efdee3d1c24957bb816f08a026 |
| SHA1 | 4399b7dcfa99ab8536bb0d70a970115e7a1788b8 |
| SHA256 | 66ab951e02012ef24691b21f6852ad599d2ca868c97fa0bebfc3c9bf97b2eb63 |
| SHA512 | dd8fc0553c73d27737b162e93565315564191a9244f5bd5a6b1830999fe028180bd027e17918e41ff03de5aba13dae339af75731251ba7e87c5e8934235a66c1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\crashes\store.json.mozlz4.tmp
| MD5 | a6338865eb252d0ef8fcf11fa9af3f0d |
| SHA1 | cecdd4c4dcae10c2ffc8eb938121b6231de48cd3 |
| SHA256 | 078648c042b9b08483ce246b7f01371072541a2e90d1beb0c8009a6118cbd965 |
| SHA512 | d950227ac83f4e8246d73f9f35c19e88ce65d0ca5f1ef8ccbb02ed6efc66b1b7e683e2ba0200279d7ca4b49831fd8c3ceb0584265b10accff2611ec1ca8c0c6c |
C:\Users\Admin\Downloads\OperaSetup.aTHD8uIu.exe.part
| MD5 | ab0fea7391de383287a19937aa60d1b4 |
| SHA1 | 6c04973cd3737000f285229620dd06f891abae3b |
| SHA256 | f22701991d0cab406270f68396a210233b89714ed8bfb921967891e0796c5201 |
| SHA512 | 235a82e3b003fd9144eb6066cdee9818c938df5a4ab4bc4c90e9e3891bf05f6978d1e6be8938880eb1ad7e347b6b3acdbcd0f395b1619b75786ecf3fad517f20 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6G4X5UFP\YandexPackSetup[1]
| MD5 | 334e8d84ca45749879312c751ae88ab3 |
| SHA1 | be93f412d63842f6d573e610e8819f1563fe1a8d |
| SHA256 | 6acc7eb046aeef6f49040284e9fbf59637c5bc074bd56f22106f67d07a7686b7 |
| SHA512 | 3aa0db5677201ab179dc6cf57628cf01e90696bc8d33224f2ae743b50af49e3eb9f5edf2f5fed0789cbefd26c9c033b58e6bae1b5e2a372b83196d06434a9261 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\1474
| MD5 | 865167dd340cc39ab79f512cbb985b32 |
| SHA1 | 8658cc0fc75d014cdd2768552e1bffb077df698e |
| SHA256 | 4c3c1b78176e742d3f998eeec2f2f03974558043427073a72c230b5485c94885 |
| SHA512 | 7c60087342d22a5ee0e0d1ad2b431e11ec2cfef8355ce4c04219032141dc61318ba4f2dcfcfe7a4ed8239e142682cb44bf8a22df794df8062d507c6ed9e35de7 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\8118
| MD5 | 7f8992c352ba03654392860917b83c54 |
| SHA1 | d80110277db04153a3d77132c2e48166c23b20c1 |
| SHA256 | 2470460271961fb743c7c1550818dafe4b88bf24d29946ecec90a197a37a1bc1 |
| SHA512 | a48502c580151a1c548dc41f760a3201c6a387c80b54661768c216875c71de1297f2f346df700c062b3f573861c23a42321cc2492c1fd6a358e14ae3b79e09be |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\7669
| MD5 | 08f5301278aedb172d45d04e327bcb3f |
| SHA1 | 15ceeeb9c457e3fd0e914ac9b4bfdb96e11f33a9 |
| SHA256 | e9f7340e912c1f911e6a0f895eb8a4a67c7b735227197fff143b0f064190718f |
| SHA512 | 7cff94cbc48eaab446794904c6419fd9128afbd0dcda92530bc391c001c2daf2f4d784560d4495d6c803a457f82759f85b4f579af65b699f0c80c7214b9d740c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d89d9eedaaed070db95bab727eb6682c |
| SHA1 | f35331a1e932192e4b010d944a5b30408709eac9 |
| SHA256 | ba51f0a0f15dae20df9aa2ad48974217d33d6a4e989937933a6a00666a87c80d |
| SHA512 | 6dac374bb4f578db00f05171cfb5cf9191671313aac01412031d565df3b1c6cfd89ee53195c837cda68ed862f127c0ac817d786bb42189d79c9ed640edf53800 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\10F2B3FCF3FAE4203D644E76C052BD7A92C8BC07
| MD5 | dfbadab0f084dd2b83248b04b40986a2 |
| SHA1 | 2c194474f5b46e0ae209b8a683897c3663440b99 |
| SHA256 | f9e1f6330400acf8a13689799998f992655eef0d4b778b6fe8bfed4c3a4f6424 |
| SHA512 | 90a0687847da98b7b5d59eece285c7a08237457e6fdd64033de8918536e3c9b83a40117720da2bc9632f5a00e7df166249746b6e1a5ca8d7bbd9d46a31e6949f |
C:\Users\Admin\Downloads\AlephNote_1.7AoF25QD.6.33.zip.part
| MD5 | 06e96b850f7e5508586c31fc76513b6b |
| SHA1 | 126f7b7f7063628c8fb040674cf31abbaf9496d8 |
| SHA256 | f4b289f5c35dd88711d7987e17516001c7e3ae8531e08c5b47ab7efdcd63bdd6 |
| SHA512 | a5028b80512c8835507477ce5110c162f7a9d0de55e89c957cdb8530d07a2edfc222e7a6242988e75ec6a981042f996fd1a8b314d78ccf9aa7c8b2a38b2eb4eb |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | cd4822f4c52abb37401c7ac716f97242 |
| SHA1 | aa9e273a6d64bbbeb02375d5cb13d93ac1ccbf5c |
| SHA256 | 342acdf23bbc98665ab874479c29106ab7f98edb949f1429eba9a8da7de08d21 |
| SHA512 | 272a56daa645d6b1bc3fbed68d6b7c5c322cc488c217faf6629ffbcbcd1014c42f75e70b7e521011fb3d84b17a113af52f5fb9242127c36868b3398e2549ac98 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | a4bd6dccbd954233e803e3727e0fd576 |
| SHA1 | 736ac7ae0c6dd08f60bf824b2ce06768e128fa58 |
| SHA256 | bb6e9a78793503b10c58b566614d1a524427d592c5290f1c0fadc8eb0e2a4ae4 |
| SHA512 | edce71ac8c8d956aa1dacf14790bcd800f2a977b10aecffbf49e0ac98ce6ad83aa63e3d0f90830000c6ed1bc38f9891aafe9125351a40b77761edfbdcdcc8e05 |
memory/2240-2442-0x0000000001150000-0x000000000120A000-memory.dmp
memory/2240-2443-0x00000000003C0000-0x00000000003D0000-memory.dmp
memory/2240-2444-0x00000000003D0000-0x0000000000410000-memory.dmp
memory/2240-2445-0x0000000000D80000-0x0000000000DB2000-memory.dmp
memory/2240-2447-0x0000000000F20000-0x0000000000FA6000-memory.dmp
memory/2240-2446-0x0000000000F20000-0x0000000000FA6000-memory.dmp
memory/2240-2448-0x0000000000D30000-0x0000000000D3C000-memory.dmp
memory/2240-2449-0x0000000000D30000-0x0000000000D3C000-memory.dmp
memory/2240-2451-0x0000000000DC0000-0x0000000000DCA000-memory.dmp
memory/2240-2453-0x0000000000DD0000-0x0000000000DDC000-memory.dmp
memory/2240-2454-0x0000000000DF0000-0x0000000000DFE000-memory.dmp
memory/2240-2457-0x0000000001000000-0x0000000001016000-memory.dmp
memory/2240-2456-0x0000000001000000-0x0000000001016000-memory.dmp
memory/2240-2455-0x0000000000DF0000-0x0000000000DFE000-memory.dmp
memory/2240-2452-0x0000000000DD0000-0x0000000000DDC000-memory.dmp
memory/2240-2450-0x0000000000DC0000-0x0000000000DCA000-memory.dmp
memory/2240-2459-0x0000000001060000-0x0000000001072000-memory.dmp
memory/2240-2460-0x0000000005580000-0x00000000056D4000-memory.dmp
memory/2240-2474-0x00000000010A0000-0x00000000010AA000-memory.dmp
memory/2240-2473-0x00000000010A0000-0x00000000010AA000-memory.dmp
memory/2240-2502-0x0000000005950000-0x00000000059C8000-memory.dmp
memory/2240-2529-0x0000000009DD0000-0x0000000009EF0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\tmp49FC.tmp
| MD5 | d679e5093cb53381dbe4e657a163b029 |
| SHA1 | 905f011bc21862f059a8cf5fde7136bd58600612 |
| SHA256 | 1b929c7069189114a9b5e9b759c611738c5dc13171af8b98b7a89b6da7577776 |
| SHA512 | 1e0c161e9a100055457e9d381de2d77df94a565b959d752b52c4be449f00061fb451784510e93ceac4bb678c37b05ed52577b049a63f9fa633e1e641300d0022 |
memory/2240-2538-0x00000000064F0000-0x000000000659A000-memory.dmp
memory/2240-2607-0x00000000010A0000-0x00000000010AA000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 254cf085ca97898fab2d72568a7763e0 |
| SHA1 | 58ed01ffa7b2db6b4139571fc18e5656979d3b43 |
| SHA256 | 10e9e099e184a8b39cc3d8cda87f57a13968877700e36d863bc73fdc9b1061f6 |
| SHA512 | b0744a5bcf038af45b1074c49e91645165b7adecf662a1c44ea155290c119217e49cc1fef23d87aa8a2b341cc086ee579e0cf77768336fe516cccafa1a9cd4dc |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\98B5ECA4AC5EF5E72FE0A6121919618AB3FAAA7F
| MD5 | e1137251bb83186c7a68e8fdb1a0cef2 |
| SHA1 | 63d9cfe19d2a19b38b3d31a71dc974bcaffef530 |
| SHA256 | a148a4cb25e6456788fa69721adaea162ea66e3c9abce704375e8fdbfb5667ac |
| SHA512 | e762f5365cf691e7ca1bd34b6a778045ab377be2b47020ae4c690001fa032fd8b241846f11dea671caa76d4e63ec99fdda423aeaf78c695dd5258bb59e0a5fe5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\17250
| MD5 | 04b2e79a918427626c91fd2988b9d0a7 |
| SHA1 | 30f99b7705c48ecb4fb1eb4235c026e372399d90 |
| SHA256 | 897b8dafaa3ad29eccbe18781383a11597c5ba9e35ed6f68c5d0fdd7e6a7f81a |
| SHA512 | 28df816369004d7be665481ab477d9ea9c2409cc941e1a744a13f68f9fc6c0f34d9637ba63434ffece7d598277bf842db9bd3f94f20c97604369257377333895 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\7368
| MD5 | 7efdeb7e95a0ec261ce1d8fe44450e58 |
| SHA1 | ce16fdc3947987ba2c8428f5f1a29bb0002f2015 |
| SHA256 | 15cace5e78fc1dab512e4d95d02a9dc3bd369e25cc27c4d0d078884b4b67beab |
| SHA512 | 1d2dcfb90647b5291540480a81de2bd9ce5525d5245ec078d1b75339cec37b3f0a561300f58330e40183629e5af595bfacb4840cba71189b461dd9bdf658aade |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\25588
| MD5 | 7e50640ace4a1935b726bd9e1b1a1564 |
| SHA1 | d7836e94717cc75051bbb57aff83be77183351b0 |
| SHA256 | f411fde0cd491f65d670c081af686e2c238e43e6e3beb1a4c54f8b3297403b50 |
| SHA512 | 869a16e2f10c59dd0e195d5748ea6cfbc2f4372eb8fc2f7db1cee4665db40425ef0925307493fe4a1d57eaefa5039acaaf8e5446a7653b53679c93d70d97c22e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\8806
| MD5 | e1a881b4784f9bc4e4cb4324d9f69176 |
| SHA1 | 6308a97d1fb268e356ccba5bfa527fb3287d13fc |
| SHA256 | 17d686b63bebc225f9d9ef5d2d5345815615ca77a8b1cc576d24c781aafea339 |
| SHA512 | 3fd8da6c850a54be9abf315a41a352ea7bb9f47550d67431e375a3b6e6ff8bef46c6837e855db00b3a7b4c5c6ae6bc46a76001fd9653b660c87a22555db56216 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\8694
| MD5 | 584c4b35985691fd988dd152495705f4 |
| SHA1 | e9b70553f3c678715715526a7dc256cb43c5c531 |
| SHA256 | 766b56de5c390795a6e3c89224e0e7ed449bceba95c5c614a54c17c134bc81c1 |
| SHA512 | 3a35b6507bef24bab2453be2502c2168fc12d29a4aa773bc8a4ea5bdebe042c731db0501bb2730a13e5c4104093f170c6ef9d407870d18e55daff7cd5f6b42d7 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\26156
| MD5 | 6cc8175ce1062e6179bd360bf5afb725 |
| SHA1 | a50875d61283ef7aefd0b3d452617f095d4d19b4 |
| SHA256 | da2206ad0f91cdd14cdc43b7164567c924087d0c22937178f65e7448437b0eab |
| SHA512 | c6de0a30257462a3bcc85137328cdcd10ff7f046f7571b990881ec8eb6814c3edb58fdd5ca4a7b22bbe3ebaa5901172b5611a3581c28e22245f991ebe103afe0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 14f9561c7ee5b849217e3dc59fb593b3 |
| SHA1 | c3d922ec84777b77e9b6b8ebe697e412bef6ec60 |
| SHA256 | 1c50da05163e01a2d524e1949d838dfa91b29322160fcb7cc47682a3a4dc9e88 |
| SHA512 | d30c6cfc192d62e47579213085ff94f9c01cece0a6958daa6872eddc26478338e31dfabbaadf1134274d53ac4894c521d21cad9156ff5534dc4c0df96ec8f40b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\3B240F37CDAE02FFEF8DDBD7C81147777AF2AE8C
| MD5 | 4541d34ad283204fa1cffdca224a0d3d |
| SHA1 | bd90d1fcd0a517879edd0830a826ce1f523af294 |
| SHA256 | e6549931554546e759722e6d84c2d27450513ee36c23186bfb37a6b201699228 |
| SHA512 | f307983ca7188a0964e169c4d9fd1f2ec117edc399217180ad3d9ace3a2a7a1e8dab67e1e581d60d71b42307933e3c4750c13f3680f18b37fcc94bb250df24dd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\A6292EEC7CCFC32856F1619CBEC75285FCB43E4A
| MD5 | f09d4770473d996a04f8c49e6a4aface |
| SHA1 | 43123233e5b92a25ca2465d3283cd92bbe5a6587 |
| SHA256 | 266438476fd52a95f967d01db57c1d553890208a099625216862fd6b1497f4df |
| SHA512 | 79a0570a34400240c6bacd815f516ac5eb5ac5f79e7f4fdbc503bf8b1623e37e64e8ab7e24175106bcc3bac3403914428733b237e8c0cc6c613f705cf3cdcc7d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\8445
| MD5 | 396ab0f740fbf20c9be61a929c95b66d |
| SHA1 | 1c470c4720455d8f5ca96e29427cdc9743fe7846 |
| SHA256 | 11d5f183302d41e812d1e1a590d0ce1c8528395395377bb352ee49969d30262f |
| SHA512 | 0ef287a7946955fd22084e02333956461fb04ad3fa108e4c6686edb6d003aa61bdf173c3b97e32e5e24fd16cffea66dabd71d7e7b1f0840f2980ada941129901 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\2BB06C3962A0E7B1902E87FBCEE28083F704EB3B
| MD5 | 5ac139b60d2bd4c94bb3d6a6b25d72de |
| SHA1 | fde217099184be7ebca0bd0b77e49f01aa25e700 |
| SHA256 | 7a5aaaf6dd2c03ae4e96686ef4c1143917e5626a4a8e59739bf8499b5be037b5 |
| SHA512 | 0597fd9988044526c386d48a6152b8aca219db7205bc5531bf4f7c326a3cae585b30d3a832287dabb0ceb930f7a14c21108637a2ecbd5e1f0e855a11869d8023 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\20273
| MD5 | aa4e029875e6322dbe68e38f3f480b07 |
| SHA1 | 9a46df7eac101f3935ebc23bbe7c0d6428ea00ce |
| SHA256 | fd334e943ea012076bb01b6bcc487308ea7e83a1fe7ab1245c177bc21f3299d8 |
| SHA512 | 7c6c275b68c886d4f63b9fe79c2fd8a3e09023f9f6b76b247e194335fdda80e3c86ca57b3bcc96e09ef5f09b202d8ab6c69bd2443e84a7d99f2273447e136e4f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\jumpListCache\ljiYbZi64FPOwqvslZi0_A==.ico
| MD5 | b46672b51b1595e0bf69d9dd1e61c8c2 |
| SHA1 | d661df8116f43a1cd04ad8573cf73940f73c6bf7 |
| SHA256 | bafd7c67f87673785232cd23136592f1e9355fe02edef0d6b7d7125ecbb44818 |
| SHA512 | 2d2fde0a1cbbc93a82cf363ccd39863e01ca0abd1ea39f8b7099d98fb634be2a64cab48a1e596dfdf0664a3c3d48f6c366bbb12a105e3b9fd3c58219ecf63f12 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 6ea5bc2fab8be4c1126e939fe4cc1b84 |
| SHA1 | 3c2049a8ed9fc49ab58486739ff9cd10ef277cc4 |
| SHA256 | 83a13a73830e44b23048c7588a8a4cac75379341d946252e363f35d347fc442a |
| SHA512 | d32d8c1f16b9e2bfc85f154099d3ec66523308995bc9208a18f1183ed627fc0e19e369b2a6443cef5fd8e6bf17848a109ec7a24eae477aee6251e219257594c8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | cb9c4aeec2b5162733ff9d7a351da78f |
| SHA1 | 2efc947b773576d8b9324775c7dba264fc02b3ab |
| SHA256 | bf7d2ffc7a81c7a937ec5d1b974575190311fcb8a9104a99887cb3d1bba9c80c |
| SHA512 | 1b8a324e4a4258e3a37dbacd9ff1a4ca55644cb839d28411c9ee5013da8e8b65d817b466ce0cee6a3b23b7d4c33ffe5c722c635bf66e81e8a3c0cfa2eb4c7341 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 28006edd8b24940bb4823d59d8009a23 |
| SHA1 | f5805ac1ced3daa32571d07bad52339dc3ccaa07 |
| SHA256 | 232712cabcf2d23f5f203725174edf0e8124cdb83dbad67920559685ab121710 |
| SHA512 | 0cc374dc2713eaa86f7b5733412d5aee2f99618dddf1eebfbffdd604e764832ddb8bd2ca06a889cde5c30cbb092aca998eddd3b32a463212e4a3e7b5688d3888 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\19244
| MD5 | 2d3543cf35cca28fdaa32996c73398e1 |
| SHA1 | 2a323bd23ec27d79f3a241571a47180f23d8525a |
| SHA256 | 8550b86acfe247ec6e8a7c1792ae38636b1c87d1d381838a680e3a51633161c0 |
| SHA512 | 1bbd2a413358d9c771cbb7de595dfa846cc82983e31247b829abb2545a7f05c54de5dc412e90261c58a606149a6a284ac4e545f2e627d0ba0df2ada97e33d249 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\8C4276A0672336FACE7A23E0CE57ACC561BED479
| MD5 | 5df3eaf31a4ae1aefe257b3bb04125d2 |
| SHA1 | 929f93feb10fe50cf8f36e746ea9796d071a6fd8 |
| SHA256 | 32abf17cf8d71330b232c30b75dbc92c25f54487903af383d2515c07844e5ee0 |
| SHA512 | c1c7187fd660d080f34617977209ee8739fc9f81db3471c3cfe96e38b89f6106d4685c31a9fc1ae55e936ca5ed7caec07547dcfcb28b60d514c8aadf7b3cf0de |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\0DCDE1951159C71665D86FA971C7E538EB3EB006
| MD5 | 9598759092db85d547b6a5efbc03770c |
| SHA1 | f61121d402a144bd9daebd74f943c0f96d9275c7 |
| SHA256 | 9817adf83cad27dacef9fc5a95f1955f0a87d8bf9c4f87e2e200cf8b855aceaf |
| SHA512 | 3c7131a8eddf5264d980bc9882f8e781c45fff7a17a1d09d18f2f1f145eac95bd6c158f929be0ab3142b02fe695a415e3eccd1399204d2ccf7eb4e6778a112db |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\E8DDB0697939CB22CEA94D97A0AAF1C646807A99
| MD5 | f6180399196dbce0b9c99ab56d90f4d6 |
| SHA1 | afbdc370d61da46884950642180ef627ca787bd3 |
| SHA256 | a47a0f9e2ad2627f0054a1ed7ba3b52ad8ce2ba21c91464272e793589f83a1b6 |
| SHA512 | 4fd4c91a425027677a4154e919d61b74e275cbf3724df04ac21a0919a58eb7791c363398b1635b28865a023153e716e44da55484bf0cbf64432b284c667308a3 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\44170DC829FB816981841199C5207CB2E03F5070
| MD5 | cb0d8b11314127296ffac78e162c7625 |
| SHA1 | e26cf3e0f3217c833b7a0b4925465cc0be631c3b |
| SHA256 | daeb2c500f9410ad85f698e48007b06202823e51138556f409e59f04f9492dfd |
| SHA512 | 0d2740d9eab6dcd18ed1f546261c99b1348c3ed5dc306716a9bbf65688705ff0fdcd5ca05c672c6b4e9f1ad9d0063463ab7e6533df164c80d8f5d6d08485b1e3 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\AB3BC7F1A820D55AE8363110818C05FAFB79604A
| MD5 | 96072a522c2b459d329a44949ca34c92 |
| SHA1 | 04c95218295a0c96eabd9aeb7fba2b789bfbc048 |
| SHA256 | 611da901c0b3deb41ef33660b6ec0087e0e3e6a1228c8c50153599449fe338b3 |
| SHA512 | 2ed1b8f26fc2970fa8edb685ecdb560b79fb588dfaf2fdcd224cec2adb8ca6aa9aa141e8272badcbc8ad0a2e88f2a2d4adae302474d0fb375bf316af0c122b0e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\14526
| MD5 | d52e0be1cbd5bc6d9b64d4ecd0054439 |
| SHA1 | 06b78eab96d282d74a2e2789b3843b92940de68b |
| SHA256 | 71c5393b970fda38449ebb9841c70950cd7279f609b227193a0489a6c9999890 |
| SHA512 | 79c8a37951a974d74593918baa0a55c2f93a2a6ac9367a06b73671feebae7342a437454478536f879b54828a17465abd56476a5c6d488682ea9f6159bf576eec |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\11261
| MD5 | 7426e50f50e529cc76d1f98c754f1134 |
| SHA1 | a71a6d9a37879415b35ff20389b487e0e3ac1371 |
| SHA256 | 6b9daacbe6c88fb14a0b2baaf2c7a1a02ead9d21e36d48d17fd3a30b90c98c9c |
| SHA512 | 7a25d2dbb138266fbed81915460ed0ae07d0bc7c55d3b95c73a62d6e97bd3afed5a7647e9a8ec0777615a27662225ab9baab98ea488c5a99cf613063dbc3cb38 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\F5DC53E111DD9C0690FAF138F8178E8EC454A404
| MD5 | abd23cf8c8b8ee48524f2766235f6942 |
| SHA1 | 1338aa5089f3f557372bd75458442bfe288ac3d8 |
| SHA256 | 4b2e3e8009c5272fe787070f6a740f7754c17ce7281abda51f3173287f6271e2 |
| SHA512 | 28449153c7ca45bf3ea06c48bbea1f48e1787674e52f8bcaf6922cdeec4baffa03f5d458d5e0e873abaef084d50e8fbac8f2b72a30513b5197e3abec4d689499 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\10289
| MD5 | 72b156286189f5a8f99c8d992a018b03 |
| SHA1 | 5779df6b3383715444b5f9bd806c1f31b17e1a2e |
| SHA256 | 516ab6ddb8137a99fa89ec1597ff3c1c3222cae7da55284c8ce3c9709db05861 |
| SHA512 | edfbae4d920758c576b6bb62b3fc792c889dbfb41fc5be6e4daeafc6e2da121cfa81855e5f8b9c559ac6cb92f57eda044676addc5b177476d0b31f910698bd4a |
C:\Users\Admin\AppData\Local\Temp\tmp-403.xpi
| MD5 | b21e81ba539ed31756b3e749ddaba4de |
| SHA1 | f0309af33fdae794c11271a10f2150d00963b3c9 |
| SHA256 | 2d6a7a47a40ac4cef8a42868912d42667093f1a8412ad5db421e6a402bb6861c |
| SHA512 | cab71c4626bc2cc3611f3b68f7809ef84c2fbe9060bc108f36756e26e86accd0183a24c9420aba290bd5d588e0c5b42331f455e602989c8d00ff602790258877 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 4ee513f4c6fd359d7cf108ada7ae3f31 |
| SHA1 | ccda9cd0d994974eab0f52108480aad0496b0a28 |
| SHA256 | 124d7c90db539a287b50eaff63ed605faef56991732d974a0c191661a1aa2b1a |
| SHA512 | 6f97720ae59d1ecb3ba28789e16248d18c0dde88cec2246937e4f2666f8904f06755423c5df26b09b8b38c0495e281657e708bc3a44e354cd211b2cfc0730527 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\5568
| MD5 | 4d8a98fb8132f3763ca068298200cd7d |
| SHA1 | 6cd041bd78e8a399becfeed731b37dbae80b12c7 |
| SHA256 | 3f6acb9249dc17850b80715af511731e64884d417ca8aa31ee2d3d94cfdc0b1b |
| SHA512 | a145160c141e46e6710a98ff4ee1329d52882dd757ff06cb9c2748b55599048242866b9c211697a703faa15e4cd0f86bb0f64c5dcfcb3d655821ee0428584e22 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\24376
| MD5 | 44566a0e1fb5c8c346b93ae3b398082a |
| SHA1 | 5784c97014f0044ab44e36d2fee1702b03366350 |
| SHA256 | 99b60df596ce1cf7729c8c9e5fc95c8b9a940b02d16c287edb1a8d762d75bd5b |
| SHA512 | ea37ef30e2a00920f419f32098efa7fe25e83181e5d8391eb14e2692b78a44672c798442bf3c1a70f0fbc9ed554c4311a4ecc732f22a47bbec2df6846b7fa9c1 |
C:\Users\Admin\Downloads\TelamonCleaner_id67a383f35fbe1sp.eYSLSW-n.exe.part
| MD5 | a98ba5e5bd6af616702643651a9db2c6 |
| SHA1 | 224a89bd00b600fc511ffe0e72d0e5e8b5e907f6 |
| SHA256 | ba360f3249b8be076af4771af5d9bac603351fc1ae91a19cf61a04f424c4d3c2 |
| SHA512 | cc49da583294e27aff1eaa12ed6fab1c797e72b57e5842216526eba00de41cbeb48672df255e78e9550d32b1d3834702ebc212d673adff4d8519a4f41aad51bb |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | aeec6d75689a51b2230599acb5e6da35 |
| SHA1 | ddbe8be5219c1908fa456b0a2e6b133159fdf59c |
| SHA256 | 55c7a3597bd8e708564c8e245d21520795b06c9daba43ac1930ed23d15fe259d |
| SHA512 | 426c0238f9503647e7d2249593e765aa7250aab63baac3eb9852151efecd267789873b2f11f8989b79d818456e46b09bd1fcc67a7e74ca74f4031affd8ba68d4 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\4656
| MD5 | 226891d540d15c8ac6c5bd9ff5174b3e |
| SHA1 | 1fb6b60b6ec398be3b493d356ab1426b3cce4d65 |
| SHA256 | 3c40dfd218a4f69547a4e6cd6c232007854804c7b3bebe8c143dd7bd681b7747 |
| SHA512 | 79c9771989494676ddc9800ca681f223c3a1885359aec784044a1b724595f4c79262ee3e7a722d0e00c5c76e842889bd86b21dea191df4375da51e629724e260 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\downloads.json.tmp
| MD5 | 57e093809a1d8ea686bf91fe557802d6 |
| SHA1 | af6686fd4565861e7682c02ae69c9ab9ec0f9335 |
| SHA256 | d6df9c1a5f45dc5015697f8b166af64d10738d1ae901471ca9e1f3f008824981 |
| SHA512 | 3aa70140ba091840daac6b5aad2514534813f5b9ef2ca43f7bdfea031579eb34cd99c9bd17a81ed9dc56a6e133607685065db2590a5fe00b93159501accf9c68 |
memory/1084-3882-0x0000000000400000-0x00000000004ED000-memory.dmp
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\30059
| MD5 | b5ea71c7ccb5eeb2bee8b82d587579ba |
| SHA1 | b732cc142c0b0a0799acd9a8fc3d20fc984b03a2 |
| SHA256 | dd0e5ec94f5bdd66bacfa6f01a33f3a8e98cef2e9a9f3db2ea303459b61a62d4 |
| SHA512 | e2ddc0fe024c91ffbde506c58ce038f221f48b3907bd403e4ef3dc85dc00d1839bf9596b0af0ad9f3bd4af6ed113f12d3390c4c64b64e2a8a18531e17ff28f63 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\77A2DC6F624F2766719F0D1A59CB7A14B741F482
| MD5 | 9457914b1ee9930f0163f3f1bde63948 |
| SHA1 | 8f3563a82eec1db21ffe9299d6d7f4c9507c0611 |
| SHA256 | 3093a47c592b974665cc0daf1fe4201fb5b307059ecec17ffa72e79c9469fb87 |
| SHA512 | 5ed481e25c2d6e828d64754027fda003286a72a61dcaa746f701ae00a1c45e5dbfec8f3a11b4e56370d4cf8498318606cd3fac140a20b3b9e311e2f0161a19c5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\16370
| MD5 | bb7e056c655c930317b1315912603338 |
| SHA1 | 2757a8a05bac4553f1159c44e7d6de1f87562de8 |
| SHA256 | 2dd82adceaa545ff207f08a70617f0569f607ba0e68aa09b88924fba789be7ac |
| SHA512 | 83748a2c6b79e1b15bdb10bbccdc265ad709519527b07a8e625985a7b5dfb08c2716aa525b618b8c40256e01431c7d64a58cf402680ac6722cbcab639fd79d98 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\12880
| MD5 | 13115de1d4df4578f6755a76a0192921 |
| SHA1 | c29b037e9c4d3caa4d89d86f165c2e404f2b963f |
| SHA256 | b8105f33b2469d50b6957eb43d333ba227cd3f36ea8ece4bbdfd770d17f8c0a2 |
| SHA512 | ae02cf97c7d3ea52496811b5632f680568a37a6ffb55c6cb20492ef91f5b8e0c544a300634d866dfef5bc4b999ec86a1395f1155d7d9ff3c53925e840fb23e90 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 55050d0c120c1201c7954f3ce623812c |
| SHA1 | 3bf6431406923495b1e24b4178dece6849910bc2 |
| SHA256 | c60bdbfd35ae058e233dba5435d5b460f91dd33074fb4557b28e8c404ddfd02d |
| SHA512 | 0db57f32cf992ebfc4d9379e5640e2085238c8b134e4595216267ce86d5b49ef90b9736feb55fd862ee3fba476e088d15c11cd00dfb9d68e0d966ae54ba49067 |
memory/1084-3977-0x0000000000400000-0x00000000004ED000-memory.dmp
memory/1344-3978-0x0000000000400000-0x0000000000729000-memory.dmp
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\98CBB57A8C3603C773F3B2A6F9DABF5335E92CA8
| MD5 | 70406273f992fb5971ad1a98565afe10 |
| SHA1 | 7e1d5891854ab06c9e70300b47906c50c7b2275e |
| SHA256 | e3814af0f7f70e88d031ce51518cf77a048edf808351a6fce595d3ba388dac67 |
| SHA512 | a19112c85f928c43a991b4c81b1bc78ca0f0d9a9a8064c4dabc5e521fa9524ff2a289fbdd5d24cbf161745c3a4e253da4826b5558446552543f0a4350b83ca94 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\14301
| MD5 | 571b8d4953605505016e021f912634cc |
| SHA1 | e05f3b6297430ec0632f457b64c15a3feede3704 |
| SHA256 | 300ed84bdfb645cdb0e2e7931436a117d8602781fa529e32d85f6d75c45fc11d |
| SHA512 | af321407bca43e4a5704b01bc5e939d4e7cbc0b1f83659ae9ab36a09bb2a42b3cb94fab16d35e6c3437442ec114e53e7134d93dd69f53b30fcb45907c23fb37e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\23986
| MD5 | 6ec93e56e1c3fb7c8cb2a82a27c627df |
| SHA1 | 37da7ee41b18be0915a95fd4d76e541c9eaf6a2e |
| SHA256 | ec6ea7965840f52080aeda9df025564c5caf0731f83224e992198c52bbcd0fa2 |
| SHA512 | 85b205301163a9f0a633ecb81b5a0ee27c0d284da4acf936fbfda78efd6f524bb798217958da4c5c5822221b6fec0a3e47eaadc960d9045aba03b984636ca00d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\25355
| MD5 | 57c16d3b3535fe226c20eb12bdbb43fd |
| SHA1 | 4eab5870d44cfc66011afe306defe7e8eb8409f1 |
| SHA256 | 8223163c51cb9e7ba07c606c8bc40c476fb5517b7d3317ebfffb8a39a4b46c75 |
| SHA512 | 312f0e93ee5cb2abb940a1b6d13f13ba144cdcfddff7b3fbcb4c41ee8817caed71fadbe236a86a925075f1cde5826b6b19886a1912508c6e6ad1eb1e990689ba |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\18824
| MD5 | 9954b3b02ba45a3e3e7528c118a4ccc9 |
| SHA1 | 110a6d03d7a4341687f08d87db07bd3bcf5754d1 |
| SHA256 | 8301e04e8c6b8eeca575d37734b6d0485fa40a2b400b4f681939b968e0697683 |
| SHA512 | ecbb9d87876c8f111f2f4d6bd8a7ec89da285b50864fa5dd5e6140dddea002d70e60f5d02c6f0435d2eb3a057924e3a4db282ac78af6788bf303ff90740c6f26 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\18712
| MD5 | 8d3b17b30a3333b7076200ce7a55df5f |
| SHA1 | ecc6d1ca6295b8b24570cb700c9a4db247e8a874 |
| SHA256 | 6e0a09d90b15833e25fa4c7325b8933de9c25aaf299c0c07044f0cdac7348ee3 |
| SHA512 | e7001283ea4ba4715fc11194645a8e4b1691dd10ec2f6536b91d02671b3ac50910140cd418f41c2e2c522cbac901d700bb7c190267bb4dd77bc68d8fc088c930 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\28508
| MD5 | 32f0483b1adc5615661be55aec677d26 |
| SHA1 | f40962d64a1babd73236514d00e517d8555240cd |
| SHA256 | 3a399d7cb488eeca9d5c9f5a130cca6bac8b8a512fadd8bc34a46c34338f6fb9 |
| SHA512 | 29f411187e9184c38a8cee7146e912529b4a14b37f0408e234c0bf9d16577a610f870892bfec7b02ca311eabfc32cfb3f6cdf257c82f34b6810d3656b58cf4d4 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\21975
| MD5 | a7f388d28ddffb467ad37454a0920669 |
| SHA1 | 2157d23116fe42ae24882e165aeb607d4c77389d |
| SHA256 | 20cf31a638ad624c49dd659269efffc7f146557f868ab36cf53427fdf54a3bbf |
| SHA512 | d33c67f3405e9ff3bc416782fd7a0ad716af8f2966429414a3eb41b8334645eca0c9516346107ab4f902deb540e95fc2e9d555f10e03b4f91537d4e7954c4ccc |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\5537
| MD5 | 3dc995c3fede83945b218740ae3a53fa |
| SHA1 | ebbb425e787a3df3153b9f125b863e7300baf524 |
| SHA256 | 42a77c9d4565347af56574e4eba41b80bd2b9ab9815a1b88fb3b012ac9e75dc8 |
| SHA512 | 59bb5dbf807eedee64a15602c660a753737080ca0fa528a14c4bd14eb6ef000f3de7c0f1c04615dc5d25a624672d641a3403de476b02066eb087bec410c27acd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\31774
| MD5 | b00e72af024a54b19bab5e59a7aed03e |
| SHA1 | 6174bd7b52e8e7b81add20ae34e0baa9138c3940 |
| SHA256 | 5aaa13f2a36dd628f6cffe052500e6f9ae98f103f7569404fc9c92d2406295e0 |
| SHA512 | 4d22893966322de78b35a162cf558912e1af801e60726f5b1af952fadb76cef5fb29c521ddea92848fc5194c0cf581f10a0431c9c448c153d01574dd13b181d9 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\18263
| MD5 | d0704d7af10cfb538e4a961f4effcb54 |
| SHA1 | 6d15c6c5ee126b0dc17be2ec95d4dcdd256129ba |
| SHA256 | d2b97653f5edb22e4ac8308a841d71f04eec48967b1b7f8d4913c8fc9b974f13 |
| SHA512 | 0b587ff2678a9fe4e054303860fa8843a24ab2ab9dddc2b41c36311f2ed64571f694db6ba6bc0738d2a0e299d99947dcf3a284f9e78cb61020d9e9824b35ee36 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\5088
| MD5 | 6285ae5108fff2f705e146202e7c547b |
| SHA1 | fbb37aa9731747a77667ec22f6470255c56fc106 |
| SHA256 | c7adcedd12b106f7dafeecd0caa9ce9657cebbca025299a2362b91af8f8f29de |
| SHA512 | d7bfb6422cac3c135590e3aa7cc70f90850a33eab4a238a50be32bda6ad0f4a71e4a03b292c2516221ca43b7efa5f01e06dfd724dd8ed050c6c30e5b42ace378 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\1823
| MD5 | 99b5696e1ea9f95205807538aadc0edd |
| SHA1 | f6ec7178a91b8cb51d56a3b36349185f2ae83515 |
| SHA256 | daf49c7fb6f7773df809f3f413089b3e1cbe1e55b34b1abf63829b08e07a68fc |
| SHA512 | 024afe828d6db7a16ab3669c5c932694d6a7c415a303cab264156e619f6fde98b003fd60926006f2644edf62461c13b9a37a49ca1025db494060f3bdde8b3d20 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\4976
| MD5 | c49e395defbcb1aedbcb01f6bede2199 |
| SHA1 | 064fd79cc724af3b81db976189f3c7055628366e |
| SHA256 | 2032bf1f576b1ecea6375f70dfb263a3c64541ba3898a42b77448bc8b16672cb |
| SHA512 | 5da1018e72c945690c8388019a412c5e4af1f64039a24339c2739478f374aa90dbf2e4a4d751a17ad77bbefeeec31485ad3904f35a830d9371c034a7ec45e6fb |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\18038
| MD5 | 1fe498f48088c4009a87891e87b182f2 |
| SHA1 | 1bd8855f8ddccb3423ed14bda0862a1fb349259f |
| SHA256 | 739d90bdc982984ac97520c42cde1870fa4a77b512d55f27bdd6938c7217a72e |
| SHA512 | b17e67d5a788209f8b59534f04a5e6e6e8fd35be9c119f1a763701468adb5b0f3b420b2858017110476f385b013bff7918788793135616b3da05372c5bee7b5c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\1711
| MD5 | 5a36841edf87afdc30ac1f84d0e1e621 |
| SHA1 | 2bd94a89c94defca3f31d8516b1665ee2b3f11d7 |
| SHA256 | 904178da3235aefa2e095401495c650165d2c0220d1650cc3d00e2836dfe6d27 |
| SHA512 | 1c76bc8264e36e078a720dd3f64f92836f5605e29a488f80c6c466b39bd12e303ffe9cbed1466d48a409c85fa5e75a6ee14a1c062be17c56fea018e633769787 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\31213
| MD5 | d5d12b762967598b160236b792eccc81 |
| SHA1 | cdf3b0367be79194c9c2de897be286716b8d6acb |
| SHA256 | 706bb6167d0b35a765adeb11c465c8637ce7635fac32199487be2f2aac543717 |
| SHA512 | e190eccd9f3caa718ced4cc69bb93ea79d6f38a56957bd5a2ef23e8967a39504b3ed87b0c6f057bb4823adf785a150e6d8bd971ff49e51dece21e181af7069a7 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\24682
| MD5 | 0076ad388196fe21940b725086c04bad |
| SHA1 | 68d31397bd5ef75ec221ab610093b2b2690b3515 |
| SHA256 | a48987631e25a34a14b1c1045959aa27621a7fa9b6d2aac1f4f072116ffbe3ec |
| SHA512 | a48dbe9a6b43d047173db1dbc997c99a1f283afc66792604d3c9370b40aaca270f4c66137026f9bb7e0809fd9fe321377835f7b702c9cb393dd2c0d042f480ac |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\18151
| MD5 | 36bcff11d4bf202f28228811ae3bc3e6 |
| SHA1 | bc168264273245927f7f61807dfe21af42f83548 |
| SHA256 | d132118e90df9035f1432bedb8abf2d87e71eb5beed8c8acb719e7d7122e43d1 |
| SHA512 | 8954d056c4f97835d58073785b289265a20516725faba4e6a1a88947920e29097fa35efb2e50eb7ad9ee3dd494b2cf05307d0f4ddd7e42e9f86797f7aac73e02 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\1262
| MD5 | 6010d5006c2bd2783408262b4fe4a1bd |
| SHA1 | fc6d97fa5cef80545acdb9bc32b9aca8c8e2bc6b |
| SHA256 | cd97490285717477afd5120e427d1f3ddf81378048d919dd816f6f743d44b75c |
| SHA512 | 98e4b00c4ee484c31fe8d22e03b59ba2014118dd7ea302eb340dc187cf8ad5c40573a3b53fc871b75d49adf5bcd44a94f82b2f7f9391aa017056e7ac0b4cdd3a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\24233
| MD5 | 1d9129c9e83ad3fae9cc03f51a995e32 |
| SHA1 | 43f839f6ae202a95ebe2a39e68bc502ad7887202 |
| SHA256 | 23fb57ededef9eb678bb9bdd28c70f921833790158fbbc86a9e7c6a106fb8ff5 |
| SHA512 | 533b0e50e021342706c314335b8902757076c49edc5d0d47cc74d7b7b37e9c6b9d8593c1c956ea5167c8e96849d33b8e23c9e502eb777d285fcdb918785edd40 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\26547
| MD5 | 5e8b54c6aaff8b0f9971b3f4e4fa132a |
| SHA1 | 53b8b2c76629bf8e9ad98d5d4c10a1e338cf95a8 |
| SHA256 | 725c75a0940c0b0f5b8921e19697f2bb130d0d1663d75a971706a9eaaeee6d46 |
| SHA512 | 72ba010a7f4321011d8efb21e115ec8b7ac8dd21fb9a44cec3d971b933a2bb642e40a19d7bdc0aff8b54093811afd1ecac932cde5fdd52a33e1d577e18e8cfc7 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\15964
| MD5 | 8bf2fe6ca8cc73716834cee6e44add9e |
| SHA1 | 7294ccf9dd221732420440b8c01dd562111213ba |
| SHA256 | 229d3b3a9e19187efa7e4e07644b076e0694e739aaef28d8102a9ba99a3bc924 |
| SHA512 | cd5cf8033bd46261583330e054c02a4b8f54986ecc0a0922a8af1499c20a1e9444e09e5d4056d1b07a0b66f20c003f6de5ed24019d4962457e2ddfefae08fa49 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\32292
| MD5 | 6f74979d00ae971394e983852dfc094a |
| SHA1 | 792c67ed355a35bd11909ce033aa055da0b05440 |
| SHA256 | 7d9b20c921b343039df97b5d38f8c949407cd5842360cedf39132d13c540ace9 |
| SHA512 | 6b9bd7e8b6013ac1cb4ce4d84d32ea224255c685da79830a7b0ba26aae84710e917b8f663c1599dfdafb8e401d72c38bb3d5fddbda993ff95a03bd0d63ac97a9 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\25761
| MD5 | 328b025e9942d98506a8e2fe98f6d166 |
| SHA1 | 35c7275e7d3b89f0d0e99082b156690c6b3ea156 |
| SHA256 | 07a1605b18567079adb0fe2a8680fcc393ed6f411aa53da78f8c2d9085402d05 |
| SHA512 | e67f3020bc093b2400e6dbb134b12509d7c0985d12a0cf1f69fb3d110733d62d79c5e0f39b5da28fef5e85c1c7bad672ca727a387e2474e53ea9103fb43a1564 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\D2D4CEE0EBA7C34489300D793431F9F8CA2FF328
| MD5 | ccff8e15ac03d4a1886cfa26bf2b723a |
| SHA1 | 9b6b0d522fc86da1388e4744399db5c10fd5cf59 |
| SHA256 | 05202aac830d0e79ca2f3d45729717402eb9398b866f6994f7e2b4b44d9a2ee5 |
| SHA512 | 9c9458b3949ae775ba9260eddc2cafbd3532448740a77dd1e1279a94376e0f0ff2b753081eaff148a6e987bec61b3524de882f23492aadb42f9bcad8aeb06f00 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\40DCB6D55E314153F6072162146972EAC29E8DA1
| MD5 | 8d1c429aba73767a19e8edd20041178e |
| SHA1 | dfcc023558d358bda6c2782e9e2859a5e1762bfc |
| SHA256 | aa98efffde99f81c96c6059cc660b4f68c06de94ef111f4e5ed75bb2ba4a7440 |
| SHA512 | 8f146bafe0be292584149fe4ef1a5d07fbde8691339f4a85d4d7fd0379a87c078b36079e735315a5192b8b4a543f133a28b008cd0019d38e8f1eeee5d41d11de |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\760B6C1158230F4D5E69C71A6DCC2B1B53BAFACB
| MD5 | eb7c3fd7ac704264cd585f9eefd1888a |
| SHA1 | 265453b8e3ef73042881d4e74f9c3ef58e554095 |
| SHA256 | 40266913aba715007f6a6894e582ef0903a1eafe1073fe2964e5b81a8c851f03 |
| SHA512 | d1267809ac589afe3de287a9fb1718bf044a26164329a572a20b34b194930a097d88c07edcea0cb5137fa56693c7ed1acfc010c8e9165e6815446779064ddc17 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\678D03F2DD18604CE794942E2FEBE59DD32182CD
| MD5 | 1d0c5304f9d695875332a36ce34ad166 |
| SHA1 | 20ad67f97675cfd36dba60f7cba676a89d2125b8 |
| SHA256 | bf2d6d42fb8474208f2085a3e45f1a31caeedffd56be0d3ab0dafd4befe3bed8 |
| SHA512 | bb138abe49670c3879da0ba161b3d0c1da203d148b30905dd7dbd1580a9e65f86a724cea9088eee3bf5b7722623730a8719b022fb5ce29a5fbd1e7361886f925 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\20007
| MD5 | b9a498679918fa43b782d7f25c20c89e |
| SHA1 | 90860de3bc3ef8a7dfbf2536bf065b4ad03dac0c |
| SHA256 | c3b846fd7feb8d0a5859bff357d6581246e784d205b0759d8d7219ee2af61b89 |
| SHA512 | 270b4cf9ff07a3a3b59d8d2a97dc6b36b6dec0132484d21f5e657d4db0fde8841114f4a4b15e6682a1853cbacb2c44724f3d4bc5e47bdf172584809f943f75d9 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\21C650A8F2DE2014ECC454552AF96FC06D2E70FC
| MD5 | 4b9a43072d80180f65be418b82b1618a |
| SHA1 | ee6ad0d752205e8f04649941d2fb74d16a217d47 |
| SHA256 | b4906a0e84e00d29c461083049f077436e8b5fbbc0350423cf31349adf95fbd5 |
| SHA512 | 042379d8eceda60d6f94c87fb08502ebf68cc171a33fe815d1b3715961c0131cbb57552bc5d5bd803bf0b408f3e05248028ad6ffec72f14137929c2c26ac0a20 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\3455
| MD5 | 410a2a94a5527fc56c3edfe49b08bcd9 |
| SHA1 | a9350c9aeab0762e0875f2109eccf0effacc10fa |
| SHA256 | 084b31484876bd02ee6f1f5b795665359ec2a0984e7cfcb43201a640c553ae9e |
| SHA512 | d36964074298a5f52453f899feedc9d2907f13518baa9cfd5c5ff9bf2eb4cf9836ffbf260f8341e45a4924c9388213a25f3decbf3cf19a9272f4fb01c6ad2dea |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\5834
| MD5 | 1dbd8880108f9ba58f996e982c54a6eb |
| SHA1 | ef1dd9ed1f2d0d64b3e8143f49962026cbb4f55d |
| SHA256 | aa3362fdda83f97705c500f5e3612dc0d471390a44f76171d6242dcf278ddfae |
| SHA512 | 6848ff7d7ee9cc8165937c9236841fdf71365eaf5874ab11bda9bd5414f63bb9b1b1fd164ef027ed8750b1eab642bb2eea1b4769b8ca0e1edc4e970ce44e57b3 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\32071
| MD5 | a42908c4f1c5c65ef275fc0740465f6b |
| SHA1 | 1dc0e31853ed6b3ebd387aebaf079d505a3a3716 |
| SHA256 | 1044492bdcac2c59d92e0d0f0961e8ea9c64ce278dee6fd9b4bbd711476b0989 |
| SHA512 | 667d463152f5da839a6186fe60633b408b7d2067c9092a06bbacd39af99a80574a5c4ee3942e640c6fc7e43182f4483faeafb90ed664ff944f5edfd2b6a9e762 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\12141
| MD5 | 91843a6f310398a1d636af3cbcacd3f8 |
| SHA1 | ecb0f23d7c338cd704af2a628effa77bc575b08b |
| SHA256 | bdd4b56e5c86f9ac70b0e3e8a90ed16b74e51431cbba7856503e0be09d0aab18 |
| SHA512 | 080158cb022b6da4f7fdab1fdb9c986543f35c24e822d548819d0a5674539cfc015ffee2bccbefe1c5ebdec10a20584232de38141220ac5ef6f127ceb4ca9a0e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\B0753F0B8FD1F2344C41E9B51D77C3C42B33983D
| MD5 | 234c152f2ad5526cd84e6889bbedf23e |
| SHA1 | e95db9f777a8a7d6735d2172f91e8003af5ea031 |
| SHA256 | 5d8814e76edafa50de915b93fcb9bc4b21fb6e63d934b448ac130e61120d9b75 |
| SHA512 | f48cf6ee1e097a13c8ae44ec5255a2954491ff355f8af3a7159059fc3141ad02c8a0434fc914ffd297ffc8fd645688ef288c306ad023ec79b17508677e13ce16 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\9324
| MD5 | cb65c029ae7593aaecd0a0f9846dbe11 |
| SHA1 | d3017635dd8b0bc247945aa2acb3c1958737f496 |
| SHA256 | d416dff5ecbdad8c4411df59c13e41888c707571aa9c16723fa0eb39d5404061 |
| SHA512 | 5886c0e641e9b3ff28880648784313b61c0a10524ca0b647a4fc7ad6165be1981b1363977b5f8d3b46b9d3f1bf40f513846cf4616e2c2af244a6a2251f1d5644 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\28469
| MD5 | 26880da3e578825464473f0474ff47d7 |
| SHA1 | bce4e28e52da2998ddd44321e008570829b8c1d1 |
| SHA256 | 37712d1e1c28a2ce21a98775205fcdd56b007f4661d005dfc964ac17267be213 |
| SHA512 | db10c4a2b0d8725cc31a968b093553034ccac3d724d3d9fd09dc92b3d0bb42ba22b287e483b1b3f95c141bdc9b8c5e64bdea7151a5203b96a6ff36766f3bcc03 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\22623
| MD5 | fc6dae4f6b9cddb936ed297335b04df0 |
| SHA1 | 480b824b9bb9e17ab8a3eef5ee2e8345cb0a888a |
| SHA256 | e3ebd86c66fddbebf6102adc67ca2b104bd3f997b82f1cc773876d0d121216e1 |
| SHA512 | c37ab121133ee1d307047cc52d8c243ded56b08d2e9f77e1c0ef53413f84c15c8626f7c490b5053eb804b76d898124f4053c5c5f627718df10abe60c62325103 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\15979
| MD5 | d7db05128f7ced69c1f3142d7022fe92 |
| SHA1 | af66f721514e8deb4b8b67238ae52913447443cc |
| SHA256 | 143da939357f5a753e8fee5d0cd8cadc144b86ccf70424e1425c348ec4ad6ac8 |
| SHA512 | 884359c49f65aad984eea9500b7026f029a052684882bd1d5f6ff83fca42d528968d9d1d325019d95915b67c8210d4c25158020e5afee672bb60ec35f0dd4dc2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\12714
| MD5 | b958c245eacc4f108e75d6fc441bda0f |
| SHA1 | a353a5421485a3a5a78f3f7bebc5040f6d70e91c |
| SHA256 | 2155c3fc00a8c28b83ba59bc13335f7459a1aa15f255dddefbea05aa9b6cec21 |
| SHA512 | 4502226fbdfc11d3fc8bcd15ddaddc104b6d2fcc0bc12017e0a666ab7122ac3ccae3da30881666b94f01bbc293a730bae2840cad744cc35d607d8b43417ff06d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\15755
| MD5 | e649657254d3eae273740b2c91e80327 |
| SHA1 | 68637cdbb02e5fe4c0a5930fc2f1649a6ce70f26 |
| SHA256 | 0b649e7d4aca9d4b164c409666dd209fc9e337b2cdd23d30d9df4fbd92b8d358 |
| SHA512 | 33bfc3a3012d2aee5d186f44dcf9dbfc67581abf2298dd37f38bc5e4437915b0547c88b3e758c30e3ff42dcf3864e085a57843d7c5c9443f5ec58a1cbb3ff002 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\32419
| MD5 | 9f1fab68bf5a02847f34c7ffedf9578c |
| SHA1 | c57080ff789fed7dbc0487b98aadabbc7a839c49 |
| SHA256 | c3de2b8570e6bd10fc7f073b7449af1b654b72cf041b04569167394373eba80e |
| SHA512 | 2fc1373171f8c12c1f39a0bc7bb2a3dfa9a10a3f96c17fd7a9baa6e9e406b3b7bc852d263dbcd675175abdb086a67658c2dfbe68418e83e9a4ca8e6e782d79c2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\29B9898F2706A53A2123651220D062D244AC2BB0
| MD5 | fe11a5bcb7993c2c734f12e2ca84dfa0 |
| SHA1 | c7897a935889f4b64f4dbc77c50c8131c2b4ca47 |
| SHA256 | af902a47814cbf1cd5f060ea0826a1c8dad924e9c2a76ab4d39c02f65cc1c1d9 |
| SHA512 | 74a81e17aaa57f41b7ee340a2762296bc9302a6da5ec3367825dba11a672296b08d85e8755b3b5f2518675051547361987255d7dedffb9e82f162a07f06d61df |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\BE18ADE00C0840F1DC6F140555E947D68C30EADC
| MD5 | adcca468272fa299f6e556687d5b3e34 |
| SHA1 | 50f3eff6311a097d71aa92146d7467ff57fbc53c |
| SHA256 | 909a4cd79235dfa61f59d69401997d6d59fd5e4e7aba07feed70fa7bb3238ded |
| SHA512 | b88a9032a3946f653be57fe954c6eeac6e652c870345b0d5298f8b12d78556e16be6f59a78c1bcfaf55b889442a245c49a35688ad521517a7678ffffed9ca5aa |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\25439
| MD5 | 9d60a382c6698c3edfdbbb0f395bf433 |
| SHA1 | eb748abf8381027a7bfcf7693ae13be59a49f011 |
| SHA256 | f911521a47b62c58472c63f11fd159df97a0fdde6aac69a1bf48017f3aa0d0cb |
| SHA512 | cb5a43470dcc6018d7d158bfb1a931eb45a888a46617dd78832d8d9c904314c59c685abd4d380c4eeebfe2ed1a0ccb69de7436b92df8eeb9a797c007019687aa |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\D64112E7907740076EF52C0EAEE600DC15CC1487
| MD5 | 5364ab061aa664d1df060489ae319b5d |
| SHA1 | 341678133619b83f69c5fd65b117bc5aa156cc46 |
| SHA256 | ce1ca00fbd3891dd499f6d8f630b81e566bf9748d155cb813b195ee980d71642 |
| SHA512 | ed1180d60a237a820783f607c718239b15aa16074568020c65eb0191d3ca8155a5f29f3c49ef39b34adeab2db46ed6728eabdee8136c485b1e24fec8ce757d9f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\7AB46441CC6F90220C4013A91A8B5FF827C85B07
| MD5 | ac147c6c626b0c0f22297e6d8b5ae50f |
| SHA1 | 9bdb40fda958bb8bbfb4645b7361d8370cfd39db |
| SHA256 | d4f460d9b4b2282228740adfa6585a7d4cfbae13c1b9928e156fc55f7e65647f |
| SHA512 | 2d97de70d0aec562b250bae808948b5e3faa564721f91b64ffa76787d5ae6a4acfbc4690a075fc7c0b39153c2483ece010f946017b0a9beeb47228d8e0c9c86d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\DBE02BCC50035BCE2819F82880D4A1D02832CB27
| MD5 | bac08ec04ab5e4c4870891cfc52583d4 |
| SHA1 | c7d4ee10ec92f995b355977ead0062ff1f1bca31 |
| SHA256 | 4ff6067bf230f185a237ea0760651ade524ef0b32c9b60e5b628cc218ee10337 |
| SHA512 | 0fcf5025910631ab65ef7f3abba8d263d198ea5bed4e405eb55120fd5bdd7c3342d4dbf22ac6788583db616d17f2c3590f1032ca4cb453091f7d2efc434c7159 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\13557
| MD5 | a5ec239b35a78bc1a04837f48f75cd4d |
| SHA1 | bef2bc3f437c1ecc3f400eef101b169a680324f8 |
| SHA256 | 65a22e015e22352d97281fd0d9cefcf308b1db4b9ebdfc6c43aa9e7e0ee9e1ce |
| SHA512 | 4fb6d30fce26665de24c1b765f6be5507d56a5796bbbcb228b964647caf3821eefed0d316322067a5708f0f4b36ebed49d6665fa37abc65acd7182f444b91547 |
memory/1344-4398-0x0000000000400000-0x0000000000729000-memory.dmp
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\1B9362AA43B504C820CD8FE963484FB890CC0D34
| MD5 | 55a6d460e253e678139b3df25ae56402 |
| SHA1 | 62b28728ae7cc97aa377a215ca2d6ea00352ae64 |
| SHA256 | e40cd94e5bad0e1811f8446fe5012ede3494153b924c79389ddb4a225620d03b |
| SHA512 | 07d4bd855c5c5e5103a64f665a74a6603b556d32e7dbd07e68a0e567004576847ef34aa2ccf30450b64d0a6eead8671ce6ff78d1cf71e1bc8ddfa8fe9c72a969 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\74D6671B1ADA81E4FB19624A35D9A48D496C55ED
| MD5 | 54bc992c227160bbc6441bb8ab2e1dc5 |
| SHA1 | 1ebeab485f7fb4743f27852225fcb7dfc98376a4 |
| SHA256 | 07469d7032a35955fcc9faa22466723adfce6fd5fe1bbe34325f77539787a058 |
| SHA512 | c6fcaafd6fe9a6cc331708c9b8f2d48fe249a2aed784951db9514993ed8a3292f2968ec281c929618776e4ba5f3e00d5a0c4ecd1b1bb21f99b3fcf120c56e79f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\E1799C5C76B4D7850EB43CEA975B5C9218FD9940
| MD5 | 0b8c7557c2ebaa59a7ba56853b3929fc |
| SHA1 | a014c27986f6b764d28e09527c6c5cd753f664c2 |
| SHA256 | eaf5f6bbb43ccdfd169f6896db9ad7b9858a12bb09e0eb48acbf4e33943d863d |
| SHA512 | ffb1c4438d66f7b6d7ca69dc1a03d628c035b38b1606e5bb0e7a05368ea63b8a03f5c106f643411687ed5c7fa43a7fcec9213dfc9d4027e22b8d4dd9a1b7531d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\19240
| MD5 | d765ea6d5e3ab2df5477a7ce1a805abd |
| SHA1 | b285d3159da80d8ac90cc32562da7999fb52c62d |
| SHA256 | 31ec97a517cc55af45439289e77558926087a19be5aa2c3a04ac96e1c83d9286 |
| SHA512 | 54de96350dc9e36f9ddb727ddaf6b9789296ab27d4236de5628a8ba44e887e2f84e162b9ace90ec10dddf731b8418309a470542cd3c3d298b9641eea599a87ee |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\18342
| MD5 | fcc9a1115bcdce2f0734f2ecd5be2559 |
| SHA1 | fbac367a32a013729dcebd67cff43e1874a8888f |
| SHA256 | 37c453bc9da8460024a55c781bca79e07f873a4fa44dbf74d04d73a17350e575 |
| SHA512 | ede2716f5026dc16c3cf3df1bbfae05233a0bedbd0bafe5d9d6bb0874c30cd638517050b804d6152ffa437908562f5c37431e119fe0b9141c37422501c5b4c72 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\15077
| MD5 | 9b82bb8f949db3ab7b0626a94400e649 |
| SHA1 | 4a433d2461f2ecf51730bf46827c5890a1712d11 |
| SHA256 | 8eb963028cd7f90cb9b66d2ef249910a796c8ee90c5411920c91725dd2611b48 |
| SHA512 | 55ed734e2e0a53c4a3bc0a762e24b6c3ac18df9b789d43a68d9356ceb2670c76562aaf9d00a4cb43203159929f1c8b2eb2c1577a6c441e6421fb6a553c6c94b8 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\14964
| MD5 | b4bba48f9f6dec5badf14e09a3f1bd22 |
| SHA1 | 29540c2cb33323c4ae0f91424fd1209b4fe0f5da |
| SHA256 | 502d9dc4bab638f5f085f8af436033806658636a80ddf6dedc3d70a426671f4e |
| SHA512 | cd0437d7ce63d02acfde2dafbe5829f56862ed782f86549b64dd2be89963515fa630d0ce8c0e95060b3a4b4f77f77028cb9af9a907133ce883d76672ca9564bf |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\11250
| MD5 | e606ec907eb46c0e447bba5a891c3501 |
| SHA1 | 1c415ffe2541c0654cd26899c84a7f8d6c2b675c |
| SHA256 | 9d1a42ef9730657a4b404bdba7625bf6bac4638f4ca23e23c4f323b8519c3964 |
| SHA512 | f81688ff4c8de50c70fe15a63042f59939339e9b67be8ab8456a8dff7bbe5fe3a3224b66d5d37b09aecec4f10300adfbae3623c8707fce029556bc8cae54a80f |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | caa64fe136e8d9311cd3cdd4a13c3d20 |
| SHA1 | f68f8af22004d197f170ea192346caf59572d7e0 |
| SHA256 | 5ee1c985f1787927e4ae1d98a55ea24d37b1209ef37d17bdca525ce00c057250 |
| SHA512 | e82fdbfe427353243ca2a92e5b25f4e1d02949d1630fff897c5b50f73b6605d633a7a267b19296c431c7404fef2708945f2f6d76fe3b98bb459eaa5aa9ccf8ec |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\149FD49E641AFDB55E8525DAE571D57DE7744EF4
| MD5 | fc1f9d55eaae25409ba75f8f3a7c55be |
| SHA1 | 2c88123a9563307cbd4d521fbbefd7f412f8a2d7 |
| SHA256 | b0bc2469cae2b4c4b634c6e2dae03d1f30e9b39a888885c1c2dbd4fbabf35d0d |
| SHA512 | c10205718b8379a22e73c0a4d14b6c025012ab8475d32465916eeb5021ce308657e41ad3fd27bf9d0b22481fcf29bdb84bb8ba61c577b02ed8409d4fa1be6492 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\13923
| MD5 | 84b564de4fb047e81888760ffbef1a45 |
| SHA1 | 217ea9ba4547c178d70a4496bae4a574f771dc2f |
| SHA256 | 9630b3496c21c3b14e98bbc70a5493e8ae1ddb63dbe57bb7a367883dc60cfdd1 |
| SHA512 | 115a8fcdf39e37a84bd63c63c1747b763a835937beac3858049a856436d7879a4707e935b4f1a116348ae272828604e9b24b5ed672af666c1b1cfbadbafc1a29 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\338279B29641A0CB831A707ADB94EAF1A78F586D
| MD5 | 314cc61d248e97a360d5af56ce283171 |
| SHA1 | 88fb56da0629ed3aa83c617d57ed6427fc2971ae |
| SHA256 | 29ccd08512e59b7a2c1332280288471439320bc1309738cf32fe1d135103333b |
| SHA512 | 635a397586aed60f4a32174cf39e6823f47fb0bd994671df1883b36a1dcc8fc540793dae5d936b0d20a1c1afc408b2da4c2b91826a14bac5d8c118c28b6054ab |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\6556
| MD5 | 42eb9ab6c6ac80ca311a8d1739e568e7 |
| SHA1 | b6f4a35bb976d33470bf9ceba6a4e9f1a5f3e1ca |
| SHA256 | 13c6c8b9a86fcbd5e2f992329057798c3ed2fd23de10cdd8989021681656c96c |
| SHA512 | b2a333cc1294a74fc3b239750bc4e7a12e0a11be140987b2f7a217156942e36591db9cf1b4af3fe0252f73afaa31195256950ffd71fbeee88d117d2dbe33e7bd |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 8483198b6073b8405cdd92f672c4b1dc |
| SHA1 | d7e7f8a390f32ce96cbcd9f306cbf8a13f5e9a77 |
| SHA256 | 2c75a2c3e36a89ce4ef340b3afffb856cf71f64df9df598d6718f2ed33e09b7b |
| SHA512 | b70d6e59bc7dc47ec876bb245c0659a9e0069fddf2a1ce5c4bd622bee34d0a1483744905e0ca1ee6c0111e64a1b373c77e80888082d1a4ceb1abf28ffc5b046b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\22783
| MD5 | a967fb8887063eea8f34c95b7a5246c6 |
| SHA1 | e8999f382a2f47868c07aba2dcb16b682b705841 |
| SHA256 | c725ec970f9eb4fa34295aa598dc3c55ba42302d2ea13dd2cd3242c994b4ef94 |
| SHA512 | c2cc75cf9319c96800e8806002f4068bc8290228167446c9bc2c874cb292f7fe1c6f174b25c687b48ac7f9f6f04bac5c51a3035f0fa0b630a418ad6bc9ff5e12 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\19257
| MD5 | 66458119617d105bedbeff791931c3db |
| SHA1 | 5e21f7532fb3b2d5d728fa33c7fd6c13b6a19913 |
| SHA256 | 61b0998263998a857e3ce8034106d605b5e4eb16b6d57d9df9dc1b5d98f2354d |
| SHA512 | 58cf95dde77a87ab2e2142598764de0b97964cc21e7f1cf806a320ca7e9f482b5062897b6be6a45ee4ce0b419397ea2cc78b5f8afaf4f121e7daf45318ec947f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\9235
| MD5 | 2cc2a20ca7d0084c17c0dc3f2bc15367 |
| SHA1 | 887de5a4d48ddbdf0f79ca82703bbe714da376d7 |
| SHA256 | e065769a91ff71e73261d3e6467f7f67cc11282fc267ce530cf9a00b55e985a0 |
| SHA512 | ded9be8c6caeda27b8dd8d10929a4bd27b8638d4bc76325282788652858536b6e1147179a85ceeb3598c9a375adc00236d02c663ee428be5497de4176b240b85 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\8485
| MD5 | 66ea15abfaef722c722b570ba5976d04 |
| SHA1 | c200157ac207b5b444cfcbc8da523d36e03b040c |
| SHA256 | e8dec3e8351b9f9026644ec30f287649ae8b644f111539bc7b3bc3f832681e89 |
| SHA512 | cc6b5d1f17ac7b6b7f45fb5b12b898f17275ec8b55d0e4a300667c48c73d063f0a837c22ddc9309175a017d908a1ede66a976a6a0e8681c69b1a0b2203607025 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\30558
| MD5 | 0913105de4a9a4aa813cb0aa32382f2d |
| SHA1 | 2382d88252305dff6186c12f27efa17a1ceb9c42 |
| SHA256 | 0af25ed6e188fc21ffca4efdaab0c5ab60d144df51c39e8918df3faa26129916 |
| SHA512 | 18d6074426d902f57c13899cbcfc501e1de03d4bdd7e8f419d52bcefda1766e040942196fa48eb57bea8ced23f245a5095542febc3421d14982182338ec07b2b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\CC1F118285652F91F7AAD5807E85EF542B40EFBE
| MD5 | 35947631d14d6b70262a5cc136590b71 |
| SHA1 | d03dd9e1e1de976cb7c89d6eb3bac2b80aa92d49 |
| SHA256 | 816989ebcc429a318a3978d5511ead524d9fd84cc54c44b88bc7c73f386aed18 |
| SHA512 | 1d29051b050260e2bfe592ce94a99e2dffbf852743ef83b951553be6addbabc4fd53f97c80904f84af633c62823d9bac430a50bb1fec108a94ec1af00619959a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\406
| MD5 | 4602d933b0a873ef6bb74108ceff07ff |
| SHA1 | d486504e4b7a9fee1ab4fee83b37eb38cb4806c1 |
| SHA256 | 8e836a4f117103cc27123d686cb407554e2ed292c4da06372965dafdcad5d66c |
| SHA512 | 7021737bd827ba72be2ec6f109efa28a5a0312684d7ffd6842e83f0b1595e6f675473d7d638c7e58ad18bb34ead11f584223dc8dfe5e901acecf84d4cfc55e69 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\16734
| MD5 | cdfb1cd355336199d36b997d1c79f38f |
| SHA1 | 4ec20ccc241c3e48159e227ae1d624e4e02e697c |
| SHA256 | bb0746d23d3b785932cc4e8af263933dc669782552c05dc82c00231a59d85894 |
| SHA512 | 6d4b5fc850be47cfcb0d2ad12f5bf79c50e104b670e3f4356566706fab86ef89240f430b955320cc0e93ab2cbea833e1b328d76834a46cd95393f43a4200aa93 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\14501
| MD5 | 019e99ec68581b053aff925346aee087 |
| SHA1 | e04c4b4aa841dc4f8cb12d38f931f58bf365591a |
| SHA256 | 22c5e1ce0a035cf4857ad05d05d10771a29857cf31a7f24a1738b24cceb8e1c4 |
| SHA512 | 0190bb6a0b3c6a3e1713c802b67f887228120eff12f2365175c7c9097d2f62a695129fc00fe34d5f8a2318d293cf2313a8b636726c72050d01173f82714e98d2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\17654
| MD5 | 13a8b246844e984ca25c72005bc1190a |
| SHA1 | 410c497b5043729ce733076938c883c55b1293a6 |
| SHA256 | 6bb107cab34b7c22df9cd783e22f02c0e94516337d82d1268299e7208a6c4cdb |
| SHA512 | 6afffc468a6cb52ea0c4364fa418afebf352029f3cc0e85ae5fe13645a94299945236074b4ec4f34865eed996631ab87371ed2f48879ff34c7d2bfccf8645d2f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\1338
| MD5 | d33cb7b7e23d13ebf3e33c825102f64d |
| SHA1 | 9049eba6c5686be73248eacdaa8007c949a0f354 |
| SHA256 | 138fbedf53fb2d46363668970315b5582434212a77b0e123103359e5771534f8 |
| SHA512 | c597ca7bcc4d3035c135ca64b45e11b6d8ebead12d2ae0850ce3d4dfd2f78b52240d56bfa7f6de31d32d71389c32bede04cbd8b66e633ee592ca07e07ccd68bf |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\A3B53C4F7F16211D03EB4EFDBDEC4CB8DD28EBD4
| MD5 | 4269420b9ec77fb200fb520f592b56d4 |
| SHA1 | cf36e5e393114921895a5d8b43864dc26b74efe5 |
| SHA256 | bbcdafdf06393a4c27abd000c808608bacfe8c775c825686838ce85faa0d3da0 |
| SHA512 | 7a10344b479279ec3317df2f2efadc0576278c5ab70594b434243054d9fcba390d976b3b7f5627179843047b7093c8c85403a36af7a21d6ebb18845613b3f41e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\24197
| MD5 | dc78fc9374db726aef76eef12fefc406 |
| SHA1 | ffca30e773ea6f139ab08c5e763684756b6f7061 |
| SHA256 | bbf0f0cd0d5c5440815b9b168c9a1086298a5b4a5fc0620d5349c47cafc8f059 |
| SHA512 | fc8d48d6866ffca3f3694c6ca76a722f047401be65a29ee8aa9f33a0497a7092a4417a89dc458ca01b1f2378975379908dd4c5cab36cb98b49c77c9fe26d1e6f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 2db3204c5b1e1e17308bf3a1484a1529 |
| SHA1 | aaba7a17a3a9e2c7923f6a01e04c5f0ef105bcca |
| SHA256 | 92684d8747bffe98ae703251b3704548871a32b4141ce215776e56d58de58203 |
| SHA512 | 7c8f421e47bc30e858837f9fb4ef8a7023b1102717a39c6b75e656b24f56648e5d685f3ac4e204d49450ba458bd720b216916d598f1afa910203482d0ce52c7f |
C:\Users\Admin\Downloads\log-analyzer-release-1.TpM9Cqhr.0.1.83.zip.part
| MD5 | e6297c933aa0dc21888183a13a4d4075 |
| SHA1 | dbbd06e099e4b53d2c28d88bb74a563ee366675a |
| SHA256 | 505d092a2831ae2d547a9c8099e751334c4870a5c4b27112b33a01e7224b9597 |
| SHA512 | 9135e392e3f417ac24e4952114be636f0fab031063ee5b29f59d9ff72b0259c48dd08d882aa3702b79b61962295e11bad79c2b2f966068844f577ecfd752ca52 |
memory/4632-5113-0x0000000000400000-0x0000000000413000-memory.dmp
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\7285
| MD5 | cd77dea7362d282b2381ce641cb16908 |
| SHA1 | 8d4713d390929e5a255ac91d9bc2049a5a0fff79 |
| SHA256 | a895d2f1d1fbd9e389531771d5cf6b63c46e35ac1fcde8d7eef575ae7714b293 |
| SHA512 | 177a34cd80e9d6059c73a20b135a169339a375164edd67f486b37984671c5aaa9a0ef5517a7f64e104e19907cf3025ea573003ba9d142ce244d31a0184eff75d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | ddd915df52f1d99bf63818819ea54763 |
| SHA1 | d43fbd8ad8e4576bfd70c09d40d760468056c5ea |
| SHA256 | 7df0d2966cd3efc871d6af1e180858961e441ca0239a45de99cb7a04b1853c35 |
| SHA512 | 059e4d4f83c3087b5ed6daf8ae1c09dcea16d9d00b6a073386e093bcd66831acf598cfc57102e9586f10d8cf12dc5796b2c04ca4a74861c60f35159f3f6c1cfd |
memory/4248-5185-0x0000000000400000-0x00000000004B0000-memory.dmp
memory/4632-5186-0x0000000000400000-0x0000000000413000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 85f7a26585f24506986d5a5473355a64 |
| SHA1 | bcf2a42495afb5d3ce2d3893592c27d174f2230c |
| SHA256 | 1c1abc34e83b719668062d0926d3880a00ce2e81666c0dfda5139249f4826898 |
| SHA512 | 461e933c94010fc90d788f0a238c27334e754c681b8572ee80cbf45f38481dc35b54010b3cbe4dfb28d37fa65dcc2e14468842766a8882b59f96491f38cd5a80 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\4B604D0A3BB3937BAB80372449F8EDDDA9E256BC
| MD5 | 3b05e21eea9a2cd69740ac85747dbcc6 |
| SHA1 | 8de425143f323f9c371a490ff44eae1286ff5aa0 |
| SHA256 | 55dd3dcdbd94ccb603f0349f31c9c604608270cbfe55ecc449b6dce27fa545d0 |
| SHA512 | 0f18b4d714600a245b029a4625b4a4e5da0d7e0878fd724e12398424e53e24eb69d717df99d8d447b12f13ccd829073501afc4c80554a2da0da94b0bbf096419 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\22011
| MD5 | d619aaa5f6ce23f8e336179fb7ec10ab |
| SHA1 | c4d5c80bb61452f3b30e850925f3b5d36ea2205b |
| SHA256 | 412e48be9efe0d875ab157c25674dc357017b6e731dc3f42757c38606fa3af4d |
| SHA512 | 9ebc3eb26496a370ac4b884d5b23df482ad756729793521e75118f65e5afb38ec531d278580ff74dc46a7a1c7b81efd96bb09172c2c0d54215c0e588f4bfcc0d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\28983
| MD5 | e3ac93a37a6dcd871007c3b1b2481dff |
| SHA1 | d49b8305ebff5fe38fdbee0bdd8e84c9ddf9de0b |
| SHA256 | 9475a130845d6edc9ad2165f40e8836303b8c3daaa4ffc1106718602f56de126 |
| SHA512 | 44b9eba800a9b0f608078d2188b5cb71a3be03f90f08f9ce7d0bb2c1dc4acfd95f9fc53c89aba9cb3f330341a997f717b98c8d66189c737386c94ae6b495b93d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 2264d6eac8c6beb29b9c0d0f19f3e730 |
| SHA1 | eb032b1e37b8d4cd338a14331a535d2e09cb49ee |
| SHA256 | eb3a3db0a5181aec397154403936a586b407a7001cb119e847e3691af589810b |
| SHA512 | 7e3549d3b8f66f13ec4766bd23bba7f663c842084602cf1235cd361d11d9a871b94d404b1a26c4d3f24c9bac4ffd3b417c6587c73fab92e431cc007fa2966691 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\2B9C971EDB51B126747C8403A0B1A054411586E2
| MD5 | c88cc3bdc1f5b4f7072dac31b4247152 |
| SHA1 | 9a9338bea8277da6e47bc58f91cc151bdb175e21 |
| SHA256 | a65c4487ab21e839a433a9f5b460ab43a0231fa4d85cd83f9d1b0c44171e1a26 |
| SHA512 | 3d32741a9b69f958da9b6829888de0afc7c16dcf3bbc42f77a56f9d51b206f7fa0ffba00014b4d53a75c5418b3b17b391349916057237df3235cd712db999302 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 5f24ce383adc5b61c6beef64668c3fb7 |
| SHA1 | 974d888edeec10979847f423dda3ed4eda6bd7d7 |
| SHA256 | 14686d3c5e1aee2bd5174b052ab54702f0287beb568e13d35bc70245d39d646c |
| SHA512 | 787bec54a07a5f6385514b2aad28392d3939beb3d6b96e0f01b1ccf536becdeefef71ca504737ed754a1fe068902a03c434a0951127be75016368d7aa6d0cfbb |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\5A9FFC54BDC24F3AB28A542142AB9F3AB0573E75
| MD5 | 5efd8759a603c9ba77db281828d88f6a |
| SHA1 | 704dd49678187f33669dcb41f1bfa35dd3b516c5 |
| SHA256 | 068523fb0861c3a9245b688e3389de445e361c0b6e391c6b1d7baad8ef942fc3 |
| SHA512 | 5dfde1bb7c6959ec7536039bcf94dc594daaffc167208ef2252aca7b3285dc2fefc269535b06e5208f8c799f1de7090b47f17da2e2f2f12abd32274a8f647a14 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\6839
| MD5 | 67e102df309f1b708a6fc9e6a1a6aeac |
| SHA1 | db293b96a0af87255892000c6ece94c15d8c871f |
| SHA256 | aa49afc6e9ad22584c693f702862b57e4ddb40a3237ae0c60ab3f203b1026447 |
| SHA512 | 573968b55d72cdef4c4181bf222b5052ab4fbe5fedcf666efba26b4d46310ba870d051f9f4d642104a5aee984031b0f2a4dcdf2ce9cf2e071bfa6332e040718f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 787b0c6709c282adbcdfd626549af5fa |
| SHA1 | 01cb3bf3f80d4c53ea0f041116966fdd0cd27673 |
| SHA256 | 61b669c992e3d4b9a50337264e17953bef75657960084e10eb79ad33587fd222 |
| SHA512 | 126ba1ba5e7195078c4fcb7190297da0d734368d5c480bff824e779a4982a4843f1897f24d90d96eda9c2b8cf54c8bacd41cc1d242315b65b11f4745546989ff |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\23469
| MD5 | 19f8eed3646cf5631e9be6af2f3cae73 |
| SHA1 | a6d9e3e3ecf8e7b6c7f01662ddbe625c6fbf1fa5 |
| SHA256 | 43c03371ac01f3e68f9bf145dd50f3ba1f1f390864e0d77982e83b7f2c2e51eb |
| SHA512 | 2562a3334612719480b93dcb1603a229a6e22ceeed8e1961d015a27621544868c67d872e17eb7568c205aaa81d8612b15ebce3b6a8c7e7348ab2c41f73da0638 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 5ad4b15bc1c418a9c7f0007ae321ef96 |
| SHA1 | e3cf68d419751ab370f0c043bb3652330e14b1f0 |
| SHA256 | d93effe58a22b87279e67e7262f11fc3318dcb5754199e04c371a288e56dc01e |
| SHA512 | 8e371e10463156fe3c601f088dca658ee2ec1a43209d4513aea6ef9ca991ab21a5cf0dc2320a64ca48173ffec4e5e09f3dfb4f9c7b7f3fbbb4d82db026290e73 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | b9a3e1e70ebfe4a86626d2486f4c3d15 |
| SHA1 | be4d0697147d2e5e847f3b31d39a2afbea9e626f |
| SHA256 | d585130eec987904c65bb961fcce86f64b0e5d84e3007e6acae285a6dce88f83 |
| SHA512 | 5fa6af63368ab3b75c38f84cf0503226b5ffccd294415d352b49c6a666bbb6b02c47bb59b9bf20f16f0d50064805401e3e7075d3b7ed0ed550fa2d81d8c290d2 |
memory/1344-5883-0x0000000000400000-0x0000000000729000-memory.dmp
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\9097
| MD5 | 500cbb297e5bb1434e3bf5f077e1cfda |
| SHA1 | cc9783167e94f55fb0d0cf5d1495db29ba225417 |
| SHA256 | 5e56554a93319a7ddd9b3ba0ac4928f40f2911ea87385fa66fdb1b62a39b0113 |
| SHA512 | 5541ecc1a6e8714634f80f62f8dccc0e4a7bed03c5789a1d12a3d2422a9b62e799080ca9c72ecb06630d30bb9b40a63ffb20c5d9b606987b0b3d2217e5177211 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\31433
| MD5 | 0a80489778aec56cf008b83b2560966b |
| SHA1 | 9876188136c60a60b6b2f059352392c5e9ae381a |
| SHA256 | 260372b3fd1e5eb9ec70735e57ef045f671692e91e597e7b01d06ba3b81c080a |
| SHA512 | af95ab8d056c50238b52a6e61c70e2603145c5028cdeb985f0ca5ad09909ca882c1f71bc3f683370434c40791d7d29f1d8bff122f8f4ff5afd37b211203bc3fb |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\10691
| MD5 | f9c9b170404c7eb5e96ca1f2f0fd89f1 |
| SHA1 | 3ccbea593f1073f3c271dcf2389cc61665422756 |
| SHA256 | 99025800430f16c6c1c71b299d711e9db847f4cd4d309555e3c08cebd9e5cbb7 |
| SHA512 | a76308a2f3e491d59a8564694bf61e16b0973558a3a50a5f997c2e0c8759371ba071e70c6d813ec57d1635de4598e5a4b3c651fc1fbebd317ecfd7fedde12448 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 5198d127ef8e8779375b7c281a3dd017 |
| SHA1 | 93ac70e6256b8b14aac86041cac1231ab4fe8be1 |
| SHA256 | 2e31dc665bf0a6fb4dc0b66c48595432dca8cc83b908fcd9aca5fae41e53b51d |
| SHA512 | 6f235b72de0d539435b8903233b94e6e407520021b90e11b3dea9a833522fbeed0509d03bd7fcb2b8e1e71850bdb14f12f90a9c157ece65ee1176757900e037e |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 85430baed3398695717b0263807cf97c |
| SHA1 | fffbee923cea216f50fce5d54219a188a5100f41 |
| SHA256 | a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e |
| SHA512 | 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
| MD5 | fe3355639648c417e8307c6d051e3e37 |
| SHA1 | f54602d4b4778da21bc97c7238fc66aa68c8ee34 |
| SHA256 | 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e |
| SHA512 | 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
| MD5 | 3d33cdc0b3d281e67dd52e14435dd04f |
| SHA1 | 4db88689282fd4f9e9e6ab95fcbb23df6e6485db |
| SHA256 | f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b |
| SHA512 | a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\prefs-1.js
| MD5 | 0a7bb00dc6d550def2bd56304fe48a12 |
| SHA1 | 945e76aea6394addcf7fe942f662ee8388faa02b |
| SHA256 | 689185d822f90a62c3790a1ce9794db486798956e9b52f331193121367e7c15e |
| SHA512 | 8defbd1d135469402f3467285dcc4accb99a8e62bbd80541553b15c55103099da739af334351fb0afc3088191b6e4ea446b75b490c92e1023f0d173c9cd0aec2 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | a01c5ecd6108350ae23d2cddf0e77c17 |
| SHA1 | c6ac28a2cd979f1f9a75d56271821d5ff665e2b6 |
| SHA256 | 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42 |
| SHA512 | b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
| MD5 | 49ddb419d96dceb9069018535fb2e2fc |
| SHA1 | 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6 |
| SHA256 | 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539 |
| SHA512 | 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
| MD5 | 8be33af717bb1b67fbd61c3f4b807e9e |
| SHA1 | 7cf17656d174d951957ff36810e874a134dd49e0 |
| SHA256 | e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd |
| SHA512 | 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
| MD5 | 688bed3676d2104e7f17ae1cd2c59404 |
| SHA1 | 952b2cdf783ac72fcb98338723e9afd38d47ad8e |
| SHA256 | 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237 |
| SHA512 | 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
| MD5 | 33bf7b0439480effb9fb212efce87b13 |
| SHA1 | cee50f2745edc6dc291887b6075ca64d716f495a |
| SHA256 | 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e |
| SHA512 | d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
| MD5 | 937326fead5fd401f6cca9118bd9ade9 |
| SHA1 | 4526a57d4ae14ed29b37632c72aef3c408189d91 |
| SHA256 | 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81 |
| SHA512 | b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | b7c0db324e5f9b95f45bdcfaeead2757 |
| SHA1 | 44525cc707c75bcde57e501faae5c92cae4b3e23 |
| SHA256 | dee7428ad2ebd0ed07381487a78c30094d86f75054c452948921768dbec7aee1 |
| SHA512 | 260e7db176f754774201199d0134bb861fdba8ea5f960a017da730fefc91d42c3fcbfd95566bb8c7d0be9a1986c960989517ba0ef5f94f7d545004f856b201af |
C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.ba\logo.png
| MD5 | d6bd210f227442b3362493d046cea233 |
| SHA1 | ff286ac8370fc655aea0ef35e9cf0bfcb6d698de |
| SHA256 | 335a256d4779ec5dcf283d007fb56fd8211bbcaf47dcd70fe60ded6a112744ef |
| SHA512 | 464aaab9e08de610ad34b97d4076e92dc04c2cdc6669f60bfc50f0f9ce5d71c31b8943bd84cee1a04fb9ab5bbed3442bd41d9cb21a0dd170ea97c463e1ce2b5b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | f43e5176107393028f12df4167a22e0c |
| SHA1 | b86f65ee4f1bcc3728ec57e49b0b4044621787f1 |
| SHA256 | 7c6a8daa50e02d2a0672f082d3460967c6b6d060b1fb937e5b94d0b1a75ef8f7 |
| SHA512 | bc2b8720bf4087e86233cb92687ee89244fe493e48e6070e2caa2b97b270146bbea2aeb28b405b8611f4be1767f449da6bb180a769be1ae063258f60a4d5cf97 |
C:\Windows\Temp\{EC45EE5B-D7EC-4295-993F-7A8A5B7BF231}\.be\VC_redist.x64.exe
| MD5 | 261f741c93973d184d4fccf833f0c075 |
| SHA1 | cb7846fc45cc545b3ac6ab0aa3425461e219b196 |
| SHA256 | 1ec6ded595b12262d8bfcf8436046c9d84febff424924cb839a1946dad76ca4e |
| SHA512 | 90ca6a11c6bbd5f97d1ed146da5279bf40330bf9020b40eb816ede0d914ed4d769e9c48cb8c839924700dec818d4f818f89e6d6afbc7091e2a2809ebe099da81 |
C:\Windows\Installer\f7e5a06.msi
| MD5 | cbb2aeab99bcc3085738c1c41fdf3225 |
| SHA1 | 9462fcbb04046d68df7250f5124e79c269f771b2 |
| SHA256 | 59a148da299c73d6bd4ef9a8e99736c3d3eabb3b9f895ad8ab183b657516cc22 |
| SHA512 | aec8238b7d7a4727b1f3fdcd5d3c6064bf72af6da5d8ef6542fe5fd97b8e24b7d15540426fae029a628d7e160f9fb31fc482edccc416d970f93656ecad0fd5e7 |
C:\Config.Msi\f7e5a05.rbs
| MD5 | 82c1abee2651ee0e0264bcaf9a53611e |
| SHA1 | cc5a3e2941488e68b890c5908924a4ebf89b42c8 |
| SHA256 | 49ca02e0f87ac944cb9c7e0da24669c78d663ad14acdac9a88553807e138639f |
| SHA512 | f5e6eb4c9e45a5b4e7d95ef806622eff4bb9403795d98a84bac8c52b1e50008d4e61a72422e1eef6c8d897cb52ea3b7666b0954a900326fd739ed3f2c7f417c8 |
C:\Config.Msi\f7e59f9.rbs
| MD5 | ea032f8dd0f347a8ba536646823bdb98 |
| SHA1 | 90d3937950696876cc3929025b803e1caf0fcb28 |
| SHA256 | 2c8996ab5d0544dfadc889b52f95f5c03b716e0ad883ed6f02160ca9a145390f |
| SHA512 | cbb4e422b4f345dde79298736700ff262a8387d955fca3a5138f009a6e8c163512f3b39c15ad3d5f6ef807c658507d0fe1cb08dbd9b6ad59912f2dda450ea039 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 17d0cb475faac9b582a9e6dcf48d1194 |
| SHA1 | 3e35a3619cd820623e32b20a9a8cda78fd6bca5b |
| SHA256 | b0f2881bba36a2abafe5068a9efb891c65645ed9361a34813863be13945f0b0b |
| SHA512 | d8d777f2d75c419d08eff6d791e893c9ab15a87b9ea5633e3d036d3752d35f5b189f67038c7a8ed85c48f50f8a1801a4f81a65339d10f7bba43eab8e7d64c1d0 |
C:\Config.Msi\f7e5a0d.rbs
| MD5 | 92866618647aa7d4669dfef42a994fed |
| SHA1 | 54c920ea337dd178453409c67f981508a0afb137 |
| SHA256 | e3143b1e4aed2119006b703dde36e50e0033109942fb27d63e0f260423562586 |
| SHA512 | d37976a14621847d453d0e9ae203b102020d672289f17c57c0790377f5a8cf5c555396513ca564b461f8848020c466355d935172ea3d01de38d0de1b65b4d44a |
C:\Config.Msi\f7e5a1c.rbs
| MD5 | c6445322bf379ba0bb7c555aafb93a67 |
| SHA1 | 101b09a7e2f3e7ec267de826b37255ac6f5be461 |
| SHA256 | 9f43fc632294dde6a8f16c3431b8159ebcb498ed0f21c702c8b08126e72dbe93 |
| SHA512 | 05f020435f3a15998c7b045a15c8c924ff0b46202be709c04f98735d49c08c86a5a6f3136b3de6d30577c407a7e197aeaabce022c8de65af3708152a9e7c81cf |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 5351e48cc992f77ec4fb649110c962b5 |
| SHA1 | 81336c06782db1ab7c9a81b7845340ec04de8c7c |
| SHA256 | c6d5aedd2506714ea2ee5770cbd5b32a4c2ff39bae6c6ac769d4dc3ed6d8ac3a |
| SHA512 | 845528994bd60995dabce091795fe97ef9f03643aedc526d91bc10dda9ba79845d11d01504dbe1dbfdf214d9401a55482527e3c0951dbe8419b39efe7589a1b4 |
memory/580-6871-0x00000000011B0000-0x0000000001227000-memory.dmp
memory/4564-6909-0x00000000011B0000-0x0000000001227000-memory.dmp
memory/2880-6908-0x00000000011B0000-0x0000000001227000-memory.dmp
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\5C77D493933E72898DABB44F1178D6BECA63CCBB
| MD5 | c4cdf77650be545322d51a136b303efb |
| SHA1 | aeda67b348f475346f7217ce46bbde0f10aae13b |
| SHA256 | 99d1436b9a83c5d32bef32d31e5e3bcdbb24c0d1a733b4f8aff3ad7ce439740e |
| SHA512 | 6f928c499e76ffb3049319d4e32e734f8931f9132434cbcc865607e79e31d54673e4f30f96e40f1b2db16473146e3a16615144c807b48eadb10637eca6040219 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 74fa6bf286ea56b85e8c5b0dfb3ca116 |
| SHA1 | 02211edfc3ee5f1aaf61f08f6676e963c2af2759 |
| SHA256 | 633a35aeaa8f5cdb41fab28b6b51070e32a83602a276ff4450b8e370b6839343 |
| SHA512 | f32f558f75d8df72da2fea9f9f1fb077fbeb3349f45ece466642e11007043ab37d4b9bf3f668b4a0684fd853123ac27f3c39bd1d38035250ca8aa501c9a0092a |
C:\Users\Admin\Downloads\SpyHunter-5.fuZLzD1w.18-397-76196-Installer.exe.part
| MD5 | e7f0449aec26f5ba3b1aa0adc8239838 |
| SHA1 | b7b0dd2539c25973aa4c731bb11f12db59010df7 |
| SHA256 | 9ad8d984e52b05675a4c4c3452ffcec38c7dc4c9e33d572ce06b61bb83b3942c |
| SHA512 | ec2cab8886a149d2f97ca18092f37db212695d2bbeefadccac6754dbb5b6627cc471ac41c7740dabc11179c6ad240ab30ff5bb8a451a9fc4a043b523f58e32ca |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\C743D27B01A577E1368E7099B0E4AB32A09811BE
| MD5 | 177d7a5f8ce33c36f2f796a29ea8eee2 |
| SHA1 | 2d40c1ea831ae727652535db3c4c3b24b79dc488 |
| SHA256 | eab0c6c9058900b2f11c1a3661d58a6b8e37999c1dab6c1287bf399d68edade4 |
| SHA512 | a2becc79a6a8d87dee2fdc1bfe9ae67f28b7b8ee094172ed7cfb191abed9679593b34a5d2f6284c673ac5d24308a26632a405ea63c2f20041049383d1d386ac4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | fde574ebd793b91685b1d0dfbe68ab09 |
| SHA1 | eaa89fcc732f8f594f43144c2e55bdbe4e0ea50b |
| SHA256 | e08dbfcdc443291b23151571b7b2017718d140ed7a6589653f48df7f3a7e38d3 |
| SHA512 | 2861984a9ca1268e337cf5178ae0e54a0785dc1de91bcfa52f741f946efdb8500d8c740dcf2594a36e82187dd4fa82b2dc6c9ee0a267b927d04464484dfaa320 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\4DA6C6D0CB69D799C22392D2BBD4B08AAB9ED24D
| MD5 | 9b881db90a59500d6ffddb5234ccb6ee |
| SHA1 | 69b7bc9f3c49b60f658f378192e06403f28cd2cb |
| SHA256 | 6accefea3df9b2080049190dfb52541eca07732d36c21ebcb8638e49756aa795 |
| SHA512 | 2f8dca7abd900ed57d2c0e2b5198537d8cb3d1258a8a33c4edaa968897ff231a3b707b6f560cbe2680979068f707a4ce6539e409181e2c802b624c74c0221be7 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\9B970604E9A6E912996D64EE92B2496B27E6989A
| MD5 | 11d167aeaeeb360f3e592267ee79f8d0 |
| SHA1 | 1c6a90bfa7a8803edd42acac6395305da37a7772 |
| SHA256 | 7db4d02f49f4c9161925983275f74604ca889315656184448aae2d4bec645a1f |
| SHA512 | 017cc908915ea521590465d7845dc879e669558f0c50249919ccd373a0cf42b6fa1ea691cd6c081d6abd5ba73b1090981b5d55b4ef63bcbb07edb35efd250a6a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\2A15C33B455F9B78F002FF087F929C27CD634826
| MD5 | 1f75a457f67e93f23152117c2ad069d9 |
| SHA1 | 81af5fc35945ad08defda47510ed455699888aa6 |
| SHA256 | 638c22ec75672d7a0c5dc209a3202d4f577d73de48de153c59cae15dcaf40ce7 |
| SHA512 | e7930718f7b61b6ee271797f10f6b19ffd9823ecb2bfd244ae3e08e5fff3f094de1e384f0a922ec0c9da69e132e1bcd6c5244df505c5dd36f64fbb31a082485e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | e74c3804cbe32cc01def465aa35b0e92 |
| SHA1 | e04650798b5aa763f976137fd8d2e6b14ff76d99 |
| SHA256 | 3fb98a9b8c9e17cd2510400cae7b89659f00cd8b69d3c26c56af1cfc078ea9a0 |
| SHA512 | aa62791337d3c6c5911418d847a9c90a49b2d7bd740fb2e3cdd55777ce40107bfb2aa14d3af3622278971416231b3fa8e56f2f4f9ac04ad3a3d97f79b4447d00 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\4525
| MD5 | 2e3c22cc55b51e06325db97ef8dc0508 |
| SHA1 | 469a5514741e841fc05b7891fd401962e5e86001 |
| SHA256 | 6adb460ecb3b0ca0e52d68444ef2286b9ca6f8ebe9adbfb01160ea04a28173cb |
| SHA512 | 667a4c1d51030d91c8e0b81ea55184a2be84fb6681d007a6251b82ec5e49bed8f57f412e9418e4e683a16b1c331aa86fc747be78dc579a3a618b3aa6033b1e45 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\31122
| MD5 | a08416ca3dd38d8b8d98356c57c30dd8 |
| SHA1 | da8195be6cdb56c195c14a941a3d5e5549b3bf68 |
| SHA256 | b3a42569ea8b3efe9315e472cad34a0558e01baf7907427d4080d6b732431679 |
| SHA512 | 7494d887ef45ff505547e1860de32c1098283af5e334a2e9a59959270421e7c5687c5607e9f783fbac6041536c62327dca1f85c360b8384441bdc4cf9a6ee09c |
memory/2640-7591-0x0000000000400000-0x0000000000513000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-VHP6D.tmp\setup_04_bg.bmp
| MD5 | 224cb513cd06c7d83df8dafe8c111394 |
| SHA1 | dae2310fe2d1e211e013d4a22b6b54a3257625a4 |
| SHA256 | d4a70d24ad9cf5f7bbaff7beae54ed6772f32d19f1bb063bd9f4f722de2a8e88 |
| SHA512 | 6aa39d2f3dca315e04f45c90cab357ed685ec279daf311bee2bf6973a4cdd9fc8dccacd55797c969a44c689e7f23114299b0e15e3c79159d997e66f1d26d957f |
C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
| MD5 | 36da0a2fe1f31380380d5029e05e50f3 |
| SHA1 | df9a7a0cab61f904b21c0ed9e0b6b6105015f67a |
| SHA256 | f480fb109d7a3296180a1011e6e43dda0382e651049590d09b475d33fe46a300 |
| SHA512 | 464071e4ee76da508a9fe4f6a793eef23b4d6d4f651f4617587078bf847e251ab2bc846b890de154016d0a68cbfe31ba960dee64ddd26de26e24f01d593d5842 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f80072af205ee507982ad279925321b6 |
| SHA1 | 58f63b3bc3becc3bf9b08e99fd572f170930e150 |
| SHA256 | d097b36dcb24f09da775c5696ab271ab6e4e9360563a5364a0ea112ccc55af20 |
| SHA512 | 2386f41d12cfb215f7516ae57e7b174d27bd8cb06b3198563a155998b8ae70d9ab0c3ef4b6af202df9bb3ff8dea4303b38f1789b40be727e10d98cb4d6cc8dcd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | 937a583ca3a40c5628b564e47ce0694a |
| SHA1 | d9c3b391324a61064bb51796f5159d2c61d839cc |
| SHA256 | 00d2fcd2916087a89d370469972af322c47cd205e055fb9e6b8f46bcb76aba85 |
| SHA512 | a58c1286b4d281028024fad83c2c081d890caf9ae5149f447118d5f99cd6ecc208d5bb19adf78a7956f089cd71fd555ba04ecc00b9807e3a46012e077f201257 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5a084247a9227db0af607718b2881a6e |
| SHA1 | 4eb624754ad17dab0346099c4673c81d6a13a842 |
| SHA256 | 071b62c1d282c925cdbd322392d55bdb955d12e7af7d1abf100a263d480b1afd |
| SHA512 | 4d4add7256cd9f122324e9b645e6b3ae1a798fe6b4877c6f125aa911b003e21c9b28bf126358de27f1ba035d63aee71b94c1de0d9da05e5577c7549ee81ae173 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
| MD5 | 55540a230bdab55187a841cfe1aa1545 |
| SHA1 | 363e4734f757bdeb89868efe94907774a327695e |
| SHA256 | d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb |
| SHA512 | c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ce2bd5aa1a90c8734863664e07685c7c |
| SHA1 | a92b610bffe0005a164517e32a5744145d44f15b |
| SHA256 | aa59eec1fb39b200cf38d1e769f96690154c6a5d3aa18bdcac1112c01029677a |
| SHA512 | 6206f881f3d802cf3cef037293b139a94844e1fe717bb0ab9741f3457ebf59d69757148260ff9c943d374aa83f8115c69eca37508bc41ea6d119a0633a672454 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 68d46fff0d1b279793c994a1abac017f |
| SHA1 | b843a350e5721687875a4ee23baf1e037d8354f4 |
| SHA256 | 0a194c1a7fea2592a0351b56182f3da655efcd8995cffd9ed4953a229d67c280 |
| SHA512 | ad421156f25b16ba7cf926d2e2898773c735170834ca9c54cc01c891f37c27cb3dfd2eddec96727c9686f2b308aaf45e944815a103038cf2c5fa57dff63ac4f2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | cc444050b6952441852408f2aa49d240 |
| SHA1 | 5b95e38c16abbaeed8f16498a09d8e028a1df7b1 |
| SHA256 | 8abd2d1bbf62f7f9e22996cea75b57d4db90039eb89c48d25aa1b239c75c6388 |
| SHA512 | 8054468c273bba9176af1bf9210b7148f0d9cd0bf730804804670cb63814ba87dc96de35c49ea8cb4d1e80cc53931d1e22c8fabd6085eab968d974ff01c4e1e0 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9GP4P3HF\favicon[1].png
| MD5 | c5045714e7e3e97fe1acf2cea9dee80e |
| SHA1 | f53d19197b6a82f5120629d5d4dab1facedb2c9b |
| SHA256 | 968032001ff8eae4413f6603377c65eec94ae7a3c4d59423d9c7ee785836df36 |
| SHA512 | 5e7b233bef0b1b9a72ee35bc11557c4d38ab333dd4e0cad458f1cb3c0523826c5fb8f6ff40d71b0a130a70c41ba209d09dd5345e1796e9f56171424f01e7fa51 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\datareporting\glean\pending_pings\3b1505ab-15b1-475f-a475-3d7db14eb74b
| MD5 | b99f7c814b1584c06116190a21598f04 |
| SHA1 | d5ffb07a4cc4a24390a443ccf37263209f193794 |
| SHA256 | 532b55e2db73af1406227816ab4b049a4348babfa22b30ffbfa3a5e42baccfea |
| SHA512 | d34a783394daf09cc9f55d13dc1d8177857e3b8afd94c024a17ec1ea448e0f58cded9e1d6486741f9aabd3d9f4d1cd24abdc9f71e7944845045e32e25ffb904c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\datareporting\glean\pending_pings\bf71fcc8-5728-44fe-9657-847388f9f80a
| MD5 | dd9ff888d74e12f1351d8f95091e0719 |
| SHA1 | ce0e7e635d8ecaddb25df496b03a7bca1b28e40a |
| SHA256 | 1a58c1383939f2acc0ad9bb1b8f8cf71e05bd8bcd3da5aab490b0c50087df47e |
| SHA512 | b273c686c85734480069f243a7fcbea000d6d91a2e4bb453ee8c848b79ef6ed0d6ae0fb623d554dd6ad2c650346c9c4c4e98011f0eaec24b33716666e8ea8460 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 3bbd35ea5682018206c1d13d27ef996b |
| SHA1 | f5389f273014ba580edbbd8f93668252989a8460 |
| SHA256 | ead7bf1388f5ac1b5ec3b8fedc8f0d2f4e9be9b1aa5d68ed9ad0807660ddb737 |
| SHA512 | df3fcbfc2068240ed04573992247eb35233d64ac8c056a21152134d9b029e725eb4e23c31e3d66133a30e039c4cd92d4ba6cd8da67ac6d2c70acec23f0a6d851 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | d330e7e8c83e23d51bf4fab6a1f2eaca |
| SHA1 | b996cf81af2ecad8abfaeaf8a3391844bb68e79a |
| SHA256 | c9741b21cf11a857164f73d1281799facac3504e3871265d14c3fdec4b407997 |
| SHA512 | d1ca43346160fbc2c106223434afd19c6a9aa6659cf04ab8a8d6b9ab48626e8dfbac5de2b00b11a224853ede984600d577fe78027e424671353524c91e1a96f8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e284d5542c3242db5b66cef49d89426e |
| SHA1 | 38ff7ecf7f483e794abb7860bc578269c431139e |
| SHA256 | 95e8a3a545a9e82ace9558d7ba1f0b1c79f72bc12417129b795ee679cb6d306b |
| SHA512 | d81d2b00c44cef14a2691ed17656bebad48dd5a279ccde0f2f81df084840eab864eb799ae218371cf6d1f9cf94c5136f3157357eda02f40d51e47bbdad6ff26e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2c49f25adb826768b50ca50aff96994d |
| SHA1 | 1de1a296387d7bea63be66d939b7b65bcd50deb5 |
| SHA256 | 6dfaefdcc86a841788c9c56ecbb598e6a9cdb100f296fc5da4d9f917ad53156b |
| SHA512 | 8bb2dc1682d036ca250720f4db33ba03d95572c8bce780445e1e9337b89ae1657fdd30f608f71a0703c0995a73c38e01a4794af5aec795e5074ffea66fd8508c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | fee1b38dce62c0e2edb983a7f30af5cb |
| SHA1 | 430da985f0d54d9bb4044910e80ea6243c4d8157 |
| SHA256 | bd354dba8f7f3009c406eb6ba83aa7d767270284e11cfbaf502eed6ca9236d75 |
| SHA512 | 1561392bae4bb4f599a9c8a8d9ec4e1c5db5f7b02d5fa3bcb7ffd1e2954a1d6751b33fac45bff4e2379bc59fb0c6b06fa4c5faa511a7292680c3874fa913850a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3ef5bf5c57f478a584877cfcb0825673 |
| SHA1 | 3d32e6b59ecbc7025297b237bf5949b6faf1936a |
| SHA256 | a8937ed005bfb216bb1629ab28c4d4ffc2658dc0d38d8bdeb3cd20bef98e719d |
| SHA512 | 1b186d594763c8c6303a031121c0ad6dd5cac1fbf23944b55148a2e454ac4d8707bcd2550e8ab9ea6406321fd1bbb4933eb7668f028b1ffaab5a9c00fd86bb96 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 45267c93ae3b962c334d3922861ff638 |
| SHA1 | 2caeb6a81c47697483bca63ea7843bf884f3f3c3 |
| SHA256 | 35c0d19adc191330d10d0eb7291d86b1ee68a8bafc52d13ab155fb14b76270c6 |
| SHA512 | 122ffd1832167385ccf721130e3230d1393979ce267c1702f1f57718ee0f1724705f05f484667b020d96a79b5f04a393c31741f71cd52d8db20770209c098a29 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0781beeaeb40a604f7b40592d702bbf1 |
| SHA1 | 63f5d074cd0efb60aa473cc3484a40faafade926 |
| SHA256 | 9628ffb0a8f348d912e23e4f65b78647cf08e73f1df71fc7191e37dd82300613 |
| SHA512 | 16ef8dd7b69b2c9b6ee0297804ef8bfcb9892075b43e51321775d1c34ce2ab5b56aec69b4a5556434f708e03388a1fe6cf472ae4acf93bda4057bf85f6117b73 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | ab9e23bf7b98ea0984d4396b0cb63c5f |
| SHA1 | f9c1e3a38676da25199ef7782f03c0965ae1b1c7 |
| SHA256 | 0afdb0741b9f4eb6811458fd7b9ea30f6c901344b9a5c364003570fd47e92148 |
| SHA512 | 775f1fe9d06226e847d564cd0663c5c215c65fb2eb41cce1ee7ee51a0041666ca89b2da80cf4d2309e8ccd109321aa6316450a4c5f14d5fea4f989f33409b65a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 829dc4d2c150afbd21a0e1c6388b5782 |
| SHA1 | 758b079e6ba45dadf5ce03e5d0b419fab3f53bc7 |
| SHA256 | 124bfaa7d6ea44ae4f1640f43afbad250dd42f0463b912256af374e535df9765 |
| SHA512 | 885b05398f36339d51841b07a64fd28a919d21cee19f22a6a5f26ca38b0cf7c16c25071962ccdf6afbf2fb135b2933b1c539ba7a452d320241a4fd6c5926ecea |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 642df6aaeccbef457d484d54de831381 |
| SHA1 | 4a1b8598ce4f590fabcba264c2a9e6256f2926e9 |
| SHA256 | 414ef1cc0fd4911e7ab79a9670f87537df663136cd83b71256f0d8dc63088cfc |
| SHA512 | df3add28db419da8716525dc87cccd7a3235c6d64804722dfeec23b59dd294cbf6696668d804fa3eb6d2a77deb815d78930712e35c9553960732b3aa05e19472 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | fd1b2e1b9ea3faba02a0cb897aaa2d07 |
| SHA1 | cb1f2a01bc572d4bfb084125bd0381ff4ff84b55 |
| SHA256 | 17162b5a292eb909f2415b97e1f71f13a399af2614495e87d8ea023cb22a3198 |
| SHA512 | ea05d4794c725f7a175e64da2ed46160cb542818b0d61bb2979d5965a2dd8d6ca26b49c93f77a2c5a4f9b4a422349dcc0f59f61cd05557621a99d9deaee0b118 |
C:\Windows\Temp\Cab8F66.tmp
| MD5 | d59a6b36c5a94916241a3ead50222b6f |
| SHA1 | e274e9486d318c383bc4b9812844ba56f0cff3c6 |
| SHA256 | a38d01d3f024e626d579cf052ac3bd4260bb00c34bc6085977a5f4135ab09b53 |
| SHA512 | 17012307955fef045e7c13bf0613bd40df27c29778ba6572640b76c18d379e02dc478e855c9276737363d0ad09b9a94f2adaa85da9c77ebb3c2d427aa68e2489 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | a3d4c49232793568c9cb0ed32e225b71 |
| SHA1 | 2a4f66fc9a201cc5110627a745a69b0cb90996f7 |
| SHA256 | d8471b8ba42e79f64e80a28302e0941beca2d6b007316efe323600622278c833 |
| SHA512 | d788d57471fef8e6648873fb3cff69f1b25e627583503b3c8f539728b16579f28a47253405477a85412c195d4e6768c8defe41a8c27444e8307554d635e5008b |
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | 3773d59fd234e04a16205f654381e0ee |
| SHA1 | 76a55ad440d7f6415996a75783c4f0731b1a8ecd |
| SHA256 | efbd1e5a16758a99c079bb06718df5bb2c491243fcfd33f6f3a6ccfdd33a388a |
| SHA512 | d34fc271a126d8897c1c37a23f25ec859eebc7df6de8e575f3000e0ce6e6dcce1922f0f9f42b97f198b52bc73731bb6b6dcb237719601a99c257ecc8c72642c1 |
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7116d5dcb207ee6f7697e0def7061e52 |
| SHA1 | f0f468afbf43a189344ac29164e6e81ce3d29647 |
| SHA256 | 4c69e706c8cfbaad9c2e0507553c4346413f8ac801599bf19bd82fc4ba1ac3d1 |
| SHA512 | efb0d04c7c9688b014098ca483e6d5718116ecb41f36506d0343dcdfe27a20306779f3ef1819275a010522c247a87ef1eceb6246016945bef60a768ba069ea75 |
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a432fe7a0006e8059d8b2aeb27d9cafc |
| SHA1 | b44ee6ebb9b11b0682e3437f3c3d4a941508aead |
| SHA256 | 2b173f1d426e72131944b308086381cf2b656ab09bf61a8eeeafbdb17af4536c |
| SHA512 | 0581ddfb0f1cfdc337b24fe5763e53dab19dec1f1dabc5320d689d7e57a1b2ad26d31277a8d677c8cd3d7af7f939eba4082404353b7478db7c980159800496c8 |
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9b3b7768d81b054cdf4f14a170342799 |
| SHA1 | cee2cea76a2a2e053d2ff4b3a7e156ede8a2e077 |
| SHA256 | f7c2290d8b6033a6a96e7f33e34658b9ad0fd85e58cab384ee9c0fd58c706740 |
| SHA512 | 33f4631ebe84271d5919cde35236f98ce2dfc3a5a9fe11209a2c222e5250f5941ec7ee1c68c6a29e613373a85ec7428049261f360c89f4b4c82586b718e5db66 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 6675644ae9f8e0000929a555165a224d |
| SHA1 | 8f775b30e3e79847b6b45e9d8ce22efbb93048fd |
| SHA256 | 7d7bfd30d8cada1c26fefce697b5358014f0ee8d35c3199a9222adc4a6c681fe |
| SHA512 | f96d282e12f31faa09bcf2d271c24656dd029ba8ea9c09e6ee84948ae5be9ebb8b77c19e52d44fb16aebe1652ff9a123526d4894e408843718ab3cad614330a3 |
C:\Windows\System32\drivers\EnigmaFileMonDriver.sys
| MD5 | 63d8e8520fe3bd2b12576ae2170dc8bc |
| SHA1 | 7825af61addc0ad885cf7df21b99662819f7ee85 |
| SHA256 | 0477164591f282c4cf1b86c19e573d3947333154b072ee4011c54113e8efa181 |
| SHA512 | f8b58ef05ed3df675c8be5b4513eaaa7d3773bd586f28201203dc08d67c11f58f29aa1bd25a32928762c391e1912cc03385a8e5a6604bd86b7107c906adc0cdc |
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b2e3fd45ad3e29498f72f867fa23b8a7 |
| SHA1 | e36e43745b3976d5519255008af110d1e95a8e53 |
| SHA256 | e76360306f6a0db920885f433dfea0eca152214269bc7c682e6e2514ffe4eb4b |
| SHA512 | 9c325e91d18f5bd829f69e072184ffa74829d9f7378fbb72e3d79358a0af165c26e62392decf364686763b13c50519fb522e0561d99d515b58e5e799af1e426a |
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EA618097E393409AFA316F0F87E2C202_5BE578E56C3C16717581F61DDAE55F13
| MD5 | 5bfa51f3a417b98e7443eca90fc94703 |
| SHA1 | 8c015d80b8a23f780bdd215dc842b0f5551f63bd |
| SHA256 | bebe2853a3485d1c2e5c5be4249183e0ddaff9f87de71652371700a89d937128 |
| SHA512 | 4cd03686254bb28754cbaa635ae1264723e2be80ce1dd0f78d1ab7aee72232f5b285f79e488e9c5c49ff343015bd07bb8433d6cee08ae3cea8c317303e3ac399 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 59b6181ef73d754b3ed305964b00d991 |
| SHA1 | 12dc1f7c52b61724ec9612330a4280f0ffc7669c |
| SHA256 | 6a21c631ba647ff16f82153e9af637da7943771dff2ffa95fd558bc299fba5f7 |
| SHA512 | 2636452a1536bb600e1ee72b94687cb6818a67374bed27d7df3f7a896d11fabaa75dc05cb5fce103bf065f7a25d81e4b36920b6652b2fec6d857a54f53fd0bff |
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2d6e36d22e5b159210d6c9459f7b3f03 |
| SHA1 | 578f20c2d35d541f88f0aa5e4cde2e283dea76d2 |
| SHA256 | 9c100b71426a3736e7859280e93981adc6719a004c7fd185006be2d4cff11f5f |
| SHA512 | 04466b61bed21dc69f269dc27b1cdfa3d0500cad03720675d4d242a9445149a7295a0f95226f140a4569cb427b5cf8fe0e487d105bff8f00b0f916c0b62b78d8 |
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | df5a0a298de02d60a7c2f7507180de6c |
| SHA1 | d2cd3fe9d2acaa6f12e793ea9fffd40142d767d3 |
| SHA256 | 55ad81077b6ad89bdc949cd9d23a010b24115051ea744bb90445cbf485a679ca |
| SHA512 | 755adeda3b8562a874f4f5d61d10a1da5c08d6a27291a3e097e0be96bef51dbf755da0cb3fac754d15606487e21db362a48465716d8dd8fee9df7ef27f4632d1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 8ee51f76b830f4e1a85efb41eb6e85fb |
| SHA1 | 2956e2b00ae0ac2b983970304db7b7d64c47a53e |
| SHA256 | eda5d38d8e60708e600a4987579a6dc9509223a01b58c2ae2a79143d5b969706 |
| SHA512 | ea18195e19e04a0f8b2104b34e22ac279496ddac0b16e2936baa0afc8a58d410286ccd541ef8fac2bdfdeec0d6f4e2f89012029dde59d6d99e04bd333455543c |
C:\Program Files\EnigmaSoft\SpyHunter\Defs\Opt\Full.dat
| MD5 | dd9928453aaef922a330428effb37c47 |
| SHA1 | 0555e82c4cd96f89a9fc312436bfe324a7925141 |
| SHA256 | 7ae778527e465421c19094c84f8919926af53d50e4b71b0b2ac3c9fd3c1e8655 |
| SHA512 | 3ce3251a0c8ad130f5edb2accb012b45b1bf33534abb190d654bee520342414a383230ab2448a3997acbf13e432ef509ed9890c400cac5a5d312815468552e0e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6c38b434c43bca036840bff218377fa0 |
| SHA1 | d514f9fe41bacf2c872cc311c532269730ef6f27 |
| SHA256 | efc408b9b55dbe4d879182ca510628c70c143dfd1f224188717e29b017368f85 |
| SHA512 | d53349fe44f7d52773e5f7e77d5975df9fa8de21bd95887f61c37af0acccc5e65b1c2e9b2e575df4481b22ffc8f88f23cd2c299d4804683de384b66e711f7472 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3fc2c0697d4f2626b7c6260c33fcea1b |
| SHA1 | 8d8104e7028f8090282cfdf348b379ed7b183f2d |
| SHA256 | 5dd220cebd3916c933995702d80b928ea1225b9b2a011383debd08db21e27cb4 |
| SHA512 | 7162fe0bdff2c57e21281018cd7005a8490dd421297b4da4d4135175c4a79e593193c42c47d37d246274e24973706349f6c39b366703da7adb515e1368f4cf71 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 28d9fdfb7b93e1354fb39bc8f3a3416b |
| SHA1 | 5c214ea217a5fceafee84ed2cb3ff8dfabdfe5e2 |
| SHA256 | 4c79482d08ba6248b07700117a393a4a700971ab8176a1e324d603d62d019e6e |
| SHA512 | 3b3139ad24c800697dbad916d3ad378c1e74c7e3d001fadf20129ae91f6331694878e7bf8a0a0eee9abf1c620e9c311016f160ced8ab571981541eba609f0014 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 600502aeada37e1767a4c30f4494b7cf |
| SHA1 | 0beb9b2bf6bca38736b6fc6847193e4720ee9ca0 |
| SHA256 | 8d27a64da61a86670de6974dec45f1258a59fc2ded751ad406c7e4aa9635997e |
| SHA512 | c6541f2b09b59b4c2b2e5ea1982c1bf307edd760d56bc3584c2017aa8c9965f7c50e69818450f90e59db919b97cd8e63264ed1147202f3a5bf9c9c368dfcd0ed |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2b12df220ebe3d6088d45bdcc2e0d07c |
| SHA1 | 94f2ca1ca47041ea8cad51cbbb0e462486120f83 |
| SHA256 | 4ab9faa13ad33a0ad181a7a490e58555c34b4bc945117ef5c8cb400f230813b7 |
| SHA512 | 7c9f05d2a4faaad4cacb5425114e9e2c3bbd38900a355cc4cba9f91da1554865fdb4435e3b3499139b37044a15cb672d3e5a0a14bd2b09b7367cada5319496a6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 134126011f28c65333c042a3ec491364 |
| SHA1 | e3742dfd58e7d1c6c43ee24aa7a0c4a1dd7bea58 |
| SHA256 | fa86a1a0d47e14096750bd2278bf0889c36f600f70ddba787c4d31cb567eadb4 |
| SHA512 | 79bfded828efc2a875e145e65c5551ae1ba85b5b5b1bf27c20947fd88643945bd543a8e346ef6286fcf292f1f7b2d38141d980a3bcd18721a48ee1cb925f58af |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 38dbdad8ecbe0738a385ace1186419d2 |
| SHA1 | 16a850e748f052c06b257356e628fbaf0ff72be4 |
| SHA256 | 34d3905febcbc952e86cd6baa77e7c6d266d2fa6978358610523311f9cd9e817 |
| SHA512 | d07c066af211d22e74131c9e32083b63f47e43523e0a9f0fb2208bce11cc7e6909152ebd5c3a7a5df7b3c937b4e732b1adef2fd42959685785e4fcbac0e4c220 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 068e06524e08301fdf22613a5a464652 |
| SHA1 | cb08b913180648a57d24fef06b8583e78ad2332c |
| SHA256 | 8bc044e2b64e3f5a34e9dca724cbfe049627a577a8dcf87355f9d0b47e5ff4b2 |
| SHA512 | 0e9f7be7afd6ac8919266882d2427cf15736f46f0681ea4584ff1df834dae0fa1e79f115850820bae3d8b07a74f10632ededf8f4dbeca5f71fa231e52100d307 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ec048fc8688603185026403f3df9068d |
| SHA1 | eaa176d4ec15bf4dcafcab8a93d45ad8f508600d |
| SHA256 | 99c65eee9c3897740cb1030eea81279800012b362b4704c0547362c3ef78d323 |
| SHA512 | eef1a1d3ae007954f865f970dd849d65e29e7dfe07728a1d1575d4350d100e98b4b68d1a04da892035da3dc525c58cf80955cacca71fe29463992159af5af217 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8a15c5a2b7265135358decb0772fb9c9 |
| SHA1 | f6037cac7ede805326eec5875a2210b29c41a24f |
| SHA256 | 1f0d1f35c8be851fc8661e9f0e333b5eead6dfdcf10dd81332e9e756091ed001 |
| SHA512 | 287e1940b410b1f346688718475d98982f5471739806f219f72bd7e0e57467791f80c6c75919495411833d7f9f1ef40c6dd255bd148de38254055fa655380f91 |
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C3948BE6E525B8A8CEE9FAC91C9E392_F70553637B9F26717122C4DAFA3ADB11
| MD5 | 18649ff3ffcd862b87f4fc60f8e0fee0 |
| SHA1 | 78f3357d7972dc9031f9f33b747effe793cc73ad |
| SHA256 | 3f75e08dffb71c9686ca4a5581d2011538490208eb0dda42bda30c7b85a808aa |
| SHA512 | 6352a910f583357a7d05cfcad5aa370139282620ecffe93f1d7cdac0db14c3543963dea322f259824c7cc2ad3e3aa42125c9dadd6f7639826006c82d42f2c4b6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 0b825dacbc14e8711cf4adabd9f7f8fe |
| SHA1 | 3209add9a56b4d6ef5e8e7b366e2cf33fe783bb2 |
| SHA256 | 5fb9cca9ffa5d2707cfc43b72521199066525f3845065a1b0de93cc81db051e4 |
| SHA512 | cd801d80fbfc52852890347b884620ceb2659bd63655ae46c8597e02a8968ed57c571436254cf5bae2ffa8fa866932eab79910d729ee61e463306093b24f6524 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\27836
| MD5 | dad249b9684e6104f92055534b8916e8 |
| SHA1 | 719a140306b714d6475608e1e1b83fd30140486d |
| SHA256 | 8281c6df644be5ecb65a345ff18a61ac44383f9bd188b46af59ed0da53fa15de |
| SHA512 | 198ac1bf16c273632f4a724d012a7e92771c39f89c7709787b6a025977da63aef7bdf1f865406fa84254b91bce119f77ae843ecc02cfd9eca286ecce10e08ea3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 099ffdc1ea3891f2522719763be11a81 |
| SHA1 | f7e726e3d33b0b0bd8a236ece7790df88f97c2ef |
| SHA256 | dee858d733d725da9a7c42f58539c6f7bf132bfd79b0686b460dbf2dfb1a5eb3 |
| SHA512 | 797a6f48761c349bd29635f31adc336629272cac8cdea57453b6b3d1d1ceed29988eef183392b76b7a66685a3ef237a738b8f09a5409b1884d8fc37203f07d18 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 6301972582f59b0cb677433c2824aa46 |
| SHA1 | 6293ec80858e553ad1b3d34da9283999d5fbd43e |
| SHA256 | 4f9ab8bb8d4bf9274f813e14d190d93904cda8f9e50fe8a958e72430f74c9269 |
| SHA512 | 52dd4882b37a4631488badf93def262cb1406a778604aa643dc7b5dc50f4faf61612cd6ed6890d61a7504d592c158469623460c49b01757d5fb959dccb35dfc9 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\XTXDI2USFT5OE1NDA4D9.temp
| MD5 | 80b2c1c8845c8ea8aec90c39ffd5a742 |
| SHA1 | 82361a0dd10dc90c3495cd7bf0c3b361f1988e83 |
| SHA256 | 0b82871ca5ce9816fb507468e95dddc4393003cbe7cc3140cf817888a0b01e8b |
| SHA512 | e2d0ec0ae8bfbe39cbfe2a08bd30498dd4b9e218e9f5e3e6eb585e7c074c64927e38b30b2d8b45ab8fe8cbdeb2b23eda6d780d425fe541882af17c6eab06c4e5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\jumpListCache\fpA2DdJtRcS6guMpmGgWZQ==.ico
| MD5 | c9da4495de6ef7289e392f902404b4c8 |
| SHA1 | aa002e5d746c3ba0366cd90337a038fc01c987c9 |
| SHA256 | 13ec8c9e113de6737a59d45ea5a99f345d6cba07f9a820bb2297121b8094790f |
| SHA512 | bb72f0cc815e7b4c44959808b153aad28dbced8d97e50f83ef90229d19ea1c4b3fffff650bf49efe562451fcae0325cdbdffc1a5c4ec5d2c7c70ae9d1a0d8a16 |
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C3948BE6E525B8A8CEE9FAC91C9E392_F70553637B9F26717122C4DAFA3ADB11
| MD5 | 011702fea45aa655e2e3f16461991096 |
| SHA1 | 41ec11003fe847d1bdcb2421bf1d04f42dd71987 |
| SHA256 | c7b612a16e4f7c04c0776c5522f99c7d2ee4066898c4191ad8f4d15355912c15 |
| SHA512 | 351ba693ecccf3d1ad592cc48e90ba71052ae56b19cb01989195228335f2de298b83a50803b2bdcc4759d3d66edcec6ddcac52e56a204016922aa5e0958b095f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 661d72e6cca159f54e30041412c7f709 |
| SHA1 | 634a8155214132a95f11f98afa8d04c9849b8d02 |
| SHA256 | c19a7d57fb6be854b295b802fd009916b2075615be3d04465650bb949dddedf3 |
| SHA512 | ae0d924cb632c48be6ea7ccc12463b5158485397f0c8c96aa04eee8bf865fd0b74f0b19c45fb237b32d1a517cced6f903d478671ea97d3e9e589ae5c80948689 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 352fb5e7cab482e0775d156ed03377ca |
| SHA1 | c5c4148f6de38b8edbd1b5cae5821ab7fd6352c6 |
| SHA256 | 2f8268a8c2c25d9f3380da3e1edd4eccce076f1f33c1f5251ed376d2f28c639c |
| SHA512 | 69ba7490313160251c542e6fba758b950e6b4777bf0618baf809896327494b7c5c520d18f4c7a0900005c032a83475b3af94ce202321c85fd4193056fcbaf61e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\8304
| MD5 | 9783142dd8accf193d163d0bc027aed6 |
| SHA1 | 5ad7b7425f0375eddd0e3255ef26dce83b317ec5 |
| SHA256 | 5aec9f0cf5a18fdb505d16cdb9b599772519b960e7275a8f19ee2df027d442ae |
| SHA512 | 1cf367d479f39dd7d85523a304ec0d38890378586b123dab8434f8db25851c91c43fa0c3934d71c3d86f23ca7d9658e2f7ac1913162bb0ad3fd934ddd6d5c2ae |
C:\Users\Admin\Downloads\Setup.uRqcSQ3A.exe.part
| MD5 | 49643f9ad66e51acae0c241948789639 |
| SHA1 | 42a9bd916f77bba62ed88a377e72a4c2c441c4e1 |
| SHA256 | 7e20ead3b7214fcf71143119e752e736f733845a97ba3151f2486f96f011efc1 |
| SHA512 | 4875026015e9945af750bd60cef7753b740a74e2b5574bbd9c43c347f195c4defd3ba4c8ed64c2c80813499e845a172f8ae4ceab3cf4b16c702245ddd8922589 |
memory/4804-11379-0x0000000000F10000-0x0000000000FC8000-memory.dmp
memory/4804-11382-0x00000000027F0000-0x000000000285E000-memory.dmp
memory/4804-11384-0x0000000000B10000-0x0000000000B18000-memory.dmp
memory/4804-11386-0x0000000000D90000-0x0000000000D9A000-memory.dmp
memory/4804-11385-0x0000000000D90000-0x0000000000D9A000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | ebe97dc8f3d7869c2bd26a6d483a6a34 |
| SHA1 | 7f0457ffa2d6fd43674a7201da93298963de22d5 |
| SHA256 | 2bc514db1d15c5ea4ddcc40e0b76483feffc37e643219112614e4000b4d29da7 |
| SHA512 | f0ce31a8cd9e70ebdc39d05e456d08e0472f9e11083b68efe7367bdabcdc92076a8eed4d74af3312b2ce6773b884feaad34214ed93109f3056aa295be2b27bc9 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\22068
| MD5 | f3f8df094ed8f1bd75278fc9091f2022 |
| SHA1 | 0540debd32c4c41d637cd2285c9bc1c86f9982a0 |
| SHA256 | 59b16c4b9ae5d1db48e3f67591d7c39efbc3da07e0fc73b56acd514f1eee2eee |
| SHA512 | 08359f2ae86aa6b7bf7bb60cf77760db8f0872c00db5cea8bc3eaaeb53e0e6b37282b17f56ae893c664e055ea6eb1b8dcb2b4cba92f1695579ba4d3807d745a7 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\9006
| MD5 | 41a83531d4a0db69287e778e1a1ed876 |
| SHA1 | 8d2509e75c336054a22cf07741cd0da895dee071 |
| SHA256 | 33c256089f7ef79cdb7f9e3dce9e29db1588c8c461aef74b57b716c4c5a9e8be |
| SHA512 | 3daf4f1bd6d9972c62277eef8e9261acf3eb40f8f363dc872416be91be4e29384c4b41368fd6ffb3bae4c24deab948ac3cbb1ed783f1faf2b80c2ef7f7a72d86 |
memory/4804-11419-0x0000000002DF0000-0x0000000002E24000-memory.dmp
memory/4804-11420-0x0000000000D90000-0x0000000000D9A000-memory.dmp
memory/4804-11495-0x0000000000D90000-0x0000000000D9A000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | c535b03f70e2f9bc5e7994462c5ad504 |
| SHA1 | 4d20d2b3f69b59417b3df88de15f1efcb2b2b388 |
| SHA256 | c5a1343e315dd1ca98d44415fa35085b06a005382cdf901cc30d22e880833587 |
| SHA512 | 215588e3f5603bc6a75d52d052c9b02a52d07edf067984aaef3d4487ee88b404f43969e7fb95aa14a86381d355f75f1beb897debff886eb9183c472da049d4bf |
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe
| MD5 | d5180525e08932a69dd1903ab30313ef |
| SHA1 | 4a7981b66fe6185177de6d001ad9ce77d2a437ec |
| SHA256 | 38b605a45b286c4827327bc6e10d08afc71e5dd8d2c9b4f717b1d8039e0f92c8 |
| SHA512 | ee7324000acaef8c40e5f8d9397fe5a1ceac5a4888808a33758a350fa9ab2783d8421164e8de34e61c74cb1e013f0b3e0cd777b54bfa2e97877dec9f3f1e5b4a |
memory/4224-11528-0x0000000001270000-0x00000000015B8000-memory.dmp
memory/4224-11530-0x0000000000360000-0x00000000003B0000-memory.dmp
memory/4224-11532-0x00000000004F0000-0x0000000000510000-memory.dmp
memory/4224-11533-0x0000000000A20000-0x0000000000A3E000-memory.dmp
memory/4224-11534-0x0000000000A50000-0x0000000000A76000-memory.dmp
memory/4224-11539-0x0000000001210000-0x0000000001258000-memory.dmp
memory/4224-11538-0x0000000000B40000-0x0000000000B48000-memory.dmp
memory/4224-11542-0x0000000000D50000-0x0000000000D70000-memory.dmp
memory/4224-11552-0x0000000004AB0000-0x0000000004AD8000-memory.dmp
memory/4224-11553-0x0000000004DB0000-0x0000000004E1E000-memory.dmp
memory/4224-11562-0x0000000066D90000-0x0000000066DA2000-memory.dmp
memory/4224-11561-0x0000000004C80000-0x0000000004C92000-memory.dmp
C:\Users\Admin\AppData\Local\Lavasoft\Web Companion\Logs\Webcompanion\webcompanion.log
| MD5 | f888fdbcbf90f3e5affa4ed22ce597b8 |
| SHA1 | 022f4ccefeb092cb8b6a8e3738816663d64d49d1 |
| SHA256 | 07c6da1fe58a0094fa90735b5306cf6be437ffd2e5014a2728e41c8aa0ea70fe |
| SHA512 | 9f536fbd772527520cd5d1209918f1e036c4c47c6fe51e6189053ed7c19f99eb12f5b2bce99faecdd690358f294eeee2d82ac39e88d3b9f677c0e8ad3279554a |
C:\Users\Admin\AppData\Local\Lavasoft\Web Companion\Logs\Webcompanion\webcompanion.log
| MD5 | 18e28529457f3dd16268830db3280375 |
| SHA1 | 3dd74989e1db1ed89d6d64394146bc130fb3b2a2 |
| SHA256 | 0139063a848fd2f7012fedc3cf1eccc1a29133063765e33fe0beb1015e1ef2b7 |
| SHA512 | 649f04a828e343b834ce002e3cafa578a04e166d708f74db4a481512b407fe982d2e4c8288418ea4fad97f82ca600fbe13f23ecfe4b715968315674d1c0fac02 |
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\FData.txt
| MD5 | ebfdb3260a2b51fa4c01022345d7c29b |
| SHA1 | 21e06074e2d6dd9d98953b5835518c6f23c50675 |
| SHA256 | 2ebfc9630708a4d46b82fc9dafc7d0a29d707f14181a557329f8f599180dae55 |
| SHA512 | d821182842691202e729e54d3e0571620a4a3f4a1725f8ca1c53ecdf6f6a19193c7f389c1ded06e5609985d8270feb2e0d8157c60d95ce0f19712a75e4fe4a72 |
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\CData.txt
| MD5 | 090ad3c270dfcaae6c9e970a12d67123 |
| SHA1 | fd5f8d671d42d0af5f2215f3a6b8481f31045ae0 |
| SHA256 | 9965b7aca24279406227ea18300f2b271e599b25bca40bafb8cd53fe16336700 |
| SHA512 | 8b01ef29d025700bd8c7a1a3901e982d86577f2b66bba66acdb77f56e2b8da365e31254cf69c466dfec7bf2fa95f9979835bf1f799561f455989b2eaaa1a9727 |
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\statistic.db
| MD5 | 49903fc5ec672f8b5671f4d31453ec36 |
| SHA1 | 8ca85f98b0f6324eccacc6fd825d24d3c8829842 |
| SHA256 | cc56424d4887eee87a778ed067a9008f29a76b2c2afe576c4bdad5290689bb47 |
| SHA512 | bd73c79f108b8c99da5b55e34f7a7686106f65bd5e333f2f674737237a470600088ab25149cc7a3483e24b37c934fee7310b88df4d006372db5623bac7c8da2c |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\user.config
| MD5 | 6c7428ee170827af95a42c36eea3c79b |
| SHA1 | 0f3c9a3ed6b8ddb27afe69932de2b96a5ec2a84a |
| SHA256 | acb6dd2a0049c987baaa2d46c6fcd6de74cc90aa79f3b5a5713454fceb299a46 |
| SHA512 | e4fe547e171e2d90a48876592dbfcd688ac61d63ff2c69fca4ab9bd4935600f362bf18ebcee1d7b2e2a8c16f15695627c28133d55e79be18d48c27c63c2e5b54 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\user.config
| MD5 | 335d8b10a6988eb38995ef38644b1552 |
| SHA1 | 6e7f535cfa1e3ba2a2117a5a0801a00c6ec1e523 |
| SHA256 | aa0da1dc9950d1e0ef36e6429976cd1388561b5320aefef1f3f99a1a7b05c1dd |
| SHA512 | f5060a2e0f2d5d5bba229a8a34442efe0b5334b41c9b76fd52f09325efcf6efc599f87e59f3a904ee299fbc9eb6519843559d539396ac25039a4696f045bb3ba |
memory/4224-11726-0x0000000006270000-0x00000000062E8000-memory.dmp
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\cb1zc54p.newcfg
| MD5 | d2a31af04b72f10b334cf6d83e329178 |
| SHA1 | 87ce6a8c7c38b66bf229932daa43d10acd43f5df |
| SHA256 | be6034c3d1169b8b945d3a6e939cfd25759ac788ade5b59dde8aa299d1cec49b |
| SHA512 | f5dcd0d132ee4119550ef8f2c6675120e03647d36e2a1dd4e5bcae2bef0445398f4fcb4dac8287ba745a14e89d93c7cdae7c6701e4c6ede89a869c5b354f95bb |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\y3zx1drs.newcfg
| MD5 | eae39683b5f9117fcde036e28aa6ea09 |
| SHA1 | b362a0882a2afb7d470b94ec9d72dcacad82737d |
| SHA256 | e205315b625f88ba5db9fab72956be091f45fdc9e298f06d3408f04bacf183a0 |
| SHA512 | 44d032ef7a455e11f20425ad351c743363d5583554db23003f3cdfa3aa12a0fd7c175f5b0e2d363619909d76ba92617784705f370ccb902295f2e96c2b6ce5fd |
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\ActiveFeatures.zip
| MD5 | 5d6d40349d9416b8adf7139dac56919f |
| SHA1 | 3262a3a933a52e8e52ec66527f751714de498ffd |
| SHA256 | 5c1f551c88e0a9aa60d9bdf489e4e407eb3e29d84a7adfa81da7def6f1b86d66 |
| SHA512 | 745ae9bcb30b1a2ef9814a19fd86d34effd249f3711c044c49276da54f5f4e62131acf95075c0be56add9869ab0550df19dca3b0255bfd66efba684aef95ed1f |
memory/4224-11787-0x0000000006600000-0x0000000006634000-memory.dmp
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\yxzewk0g.newcfg
| MD5 | 8fcfed0307b17dbe792fd477141ebaa7 |
| SHA1 | eadeff417fee31215a1449982f3e58b9f52330bb |
| SHA256 | 04119e97067e832137e094aceaa61f131aa4984fff9a8930592ca8c30914f982 |
| SHA512 | ffa98e1347556f207e958c923f0a98f84891682ed5c28f60e81b2b7d8ef10d5fcaec81dfe440d51eff53dbcd77249596bb8c471e0056f807a7985a3f47e27544 |
memory/4224-11825-0x0000000006750000-0x000000000675C000-memory.dmp
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\ServicePartnerInfo.txt
| MD5 | 0e24c4dca27c9202da15a95736f4c374 |
| SHA1 | 2712edd684c0331c3853a9864e27dc33fae2ad60 |
| SHA256 | 1b05fcd17dcb871c1be01eddff900596a75737604c6e18e641a59b29dbb1ff46 |
| SHA512 | e8537dc1a67a9f6107465be11ba375cb0cbc7d4e67745c76647add3d2da1b611550ead9de9865678c54c76fe8e24589160a618386b973ecbf01463093bf8913a |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\fhkq2dpb.newcfg
| MD5 | 503758332f80d2c0cd5445e7fcd507c1 |
| SHA1 | 897977a2e51e562e20fce5af1af7cde0fa2ca136 |
| SHA256 | 0022a59125e8f274ec86835d3218f0b89baaa85cf2d25a4d8cde5e7ab1626822 |
| SHA512 | fb7b9f690b73f559edd5e3ea60e450bda2ee7438f819aa766ada3485a67a683623f381337726f2682615f9e0e266bef2417fbda6870c31c65fe05000ac29b285 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\user.config
| MD5 | 96e3ffe6a81df7e2b7a1555cf0233732 |
| SHA1 | 0fe714d1fd8c15570c7399b3168669b5af0f5d16 |
| SHA256 | 0a7331b69b026b92b73113d6eeb35854f251bbe65937deaa7ffdd8c1cd9421fd |
| SHA512 | 9ba8584a28420d0a5d8f0ed07a3c726e1bd8ee3e15490c7580f00924ad57ac65dc747e9b160871213d92efd44a4983bd78f234e9d28e351aa0003a096ea97e65 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\tiavsouj.newcfg
| MD5 | d1e41197414d02a473efb6324ecf208a |
| SHA1 | fe624687bdbf00d4e07e2ad17914ec043f373501 |
| SHA256 | a41e017f16955e3743290919929adce771190e601c70b8359d68fda2490f8ba0 |
| SHA512 | 3f7c2ac115c4b0eb0208008840ee5439bf86718792c9133a92c80c729ed692bc2223ee02090e71d810313e0a511de62cdaed64e98aeef2c65b6bc00927c30a23 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\hfddxxny.newcfg
| MD5 | b9bc89fafab270befc70bb7a00658a2a |
| SHA1 | ba115190f67d739b8e97ee60670ed0e574bb05d9 |
| SHA256 | 5921a5c30a0b4960c6b219715f2b9067b810e7b99c1e54467e76a2bb24b8cf4b |
| SHA512 | 2d2a8e293666bee8a0b5fcf1b25d5defd33928d4e844f47979d13af75ceca63f7a3d51c73834b6ceec84d861d09127a3a168cf254cdd5f62207e8d320b458acf |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\isa2wrcb.newcfg
| MD5 | b52198384a6fc12c5b6f6cf9a264c6ee |
| SHA1 | 5c454ecbf151f167dbb60e2bce1b9969895b6e2a |
| SHA256 | bb3c8f9b790303fb670dd2c4e02b7df85faadb57ebe379d6d23cbe39550fac40 |
| SHA512 | b14e397b2a2283e578048c1bd7f7be2595a83cdb78b3067955ad61b68876f15b4143c8390799512128d3f487fce7cb5dd1c9a6fbddbed9a552f9324e2ff1de9a |
memory/4256-12056-0x0000000000DA0000-0x00000000010E8000-memory.dmp
memory/4256-12083-0x0000000066D90000-0x0000000066DA2000-memory.dmp
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\statistic.db
| MD5 | d66d25f257c345e6e3684877690a0766 |
| SHA1 | a1715ea719757c38e4e85d21be55ea21fb3da43d |
| SHA256 | 9410716d4ee07e35188f8112503b244cbee596013b699534ccae2a1248c49cd5 |
| SHA512 | 7d6f56cc460dd595f6c6fafaeadbb4bc4c50c181911759947fb59a625c769fc9f2b16b4c215061ff0b40643802735bddffe3b907bd395d4f9e1a676e7dcfd49b |
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\AppSettings.txt
| MD5 | 590fd86ad024f2b655deec8333e240a9 |
| SHA1 | f1946050248dd1aea834f139063ac8eb3e41677e |
| SHA256 | 7afe6a8c5bf14cace6e9bb2d40df2adb5f31325fc024f448138106cf7b63f7c1 |
| SHA512 | c19bf730552e548b6caaa27f5ff2c5b34d34ac9408b3b6e388361635ddfd4f619b9205fad76b9141f2804b8dd364cd843dcbabd4d9d7b7b712f320f6729d87ec |
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\WebProtectionConfig.txt
| MD5 | 0cb1cc6ebd3113ffa4d08cb8e611b0c1 |
| SHA1 | c084178a890875d41c400e8950537e1f8a58a50f |
| SHA256 | b578ec7cfe4cdf6690c83daa66b068fc585a8b35fc3a8722e29f2dc0fabb26e2 |
| SHA512 | c86f4c9a16249313e1a4e0561dc6241e931c5d382a830b64e3aa9d1447734716417bc2f08e4860edc0d2945cc5091170b90039194c90985395d33a36662fffec |
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\ActiveFeatures.zip
| MD5 | feccfd96544fbce080774006bba936c3 |
| SHA1 | 85a1367820c226a19c4a1d363eb7399e347ce975 |
| SHA256 | bfaa083049dfd1fd87d98f049f29b3d30bd26ab5316a6b831108fe7cf536f406 |
| SHA512 | 3ad1e3ddf29c958e510e865e72a555f24807470d2785de5a662db9eb8721b9d781fc6e8497a375cfe1844bcd8d28eec41b6d40b7ffb65e2089f91adac44c0bb7 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\yq2zkbmz.newcfg
| MD5 | 4fc35c9640b0f0be0ae560d562193280 |
| SHA1 | c1b5748bf7f5ec64ff144d0922639afabdb1455e |
| SHA256 | 2405757ee8b9c9d69116c0ab7247f7ca4960c445ddf83daaabd2d40bc85e4a08 |
| SHA512 | 1065029e892e8eadaa182ab33a36a63f6795252bc172d202eed4eab4df744ffceaf5f40ebc9fe048dca620332b7ba19e435ba5e55d8f55266f1f1d9683946a15 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\wbthzuiq.newcfg
| MD5 | 2a67e04dbfedd86457fdc0e5787bbafa |
| SHA1 | d98e01286e306cba3ff0cd05d412797d385f3507 |
| SHA256 | 47c3217ac3fa7e75b54c0aa9512cee2023180b77ec4c69a29824b4275ca1ed46 |
| SHA512 | e1004c8f11caa3361c80763ff1e0a374cc2bbae285a970b26a72dca3639e5a027b2fb200c084b67773c00238bd36e24ca81bd18300cd05f484f0fe28e9f3c158 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 01f2b1b6814c074e934fd3136287f87d |
| SHA1 | 52a90f05c881479cdfc9c1f3a4d7ccbffb6d980e |
| SHA256 | 878546f82d42f38b7245234f84a2b66959f95c8247be621f66f1a00aab14ae37 |
| SHA512 | a7ceebb748df0cff4299d80ec5d1fd483e4b88d5233a54c20a3af1050931c52086fb1e8ec461c25c0df6c0718885628f2c31466cc985a132691298891005937c |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\el5it4fz.newcfg
| MD5 | 265568e63f5aab8b6a709497f32e0397 |
| SHA1 | f832e8e23b681685a328337aae1dd39eff63bdad |
| SHA256 | 725df7b6a12496d532af48b777feac64e12f31400809676facafdc55c72d2f9b |
| SHA512 | 7d3d563d303b9cf84ab43ba2631d5c65cd4e0ddeedc96f29b3a75992b7ec1016f88b4c071e04062a31624b5f1f17633c9663bd3af65c5fc2eebb3acd1a0cec90 |
memory/4256-12450-0x0000000006B70000-0x0000000006B7C000-memory.dmp
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\BBDB09DE51829D1988CB38FF4ACBA467292BD59D
| MD5 | 529e71139bcfcf6c349a4699570a0e26 |
| SHA1 | f897e4961ac2af0168a37a45b2eaaf20c421994a |
| SHA256 | ac3c8767588196a3b9b8f06c7e5cde46a515d49113dde06c2ae49417a48a547b |
| SHA512 | 7c1d05bceb80b897f2915527ff9000b396129ec72ec1b648d3078e884963f91188d41be054d747035f740a349f0ae08db00a6aeeebe3c9e1e4d2778440b99013 |
memory/4256-12482-0x0000000006C90000-0x0000000006C9A000-memory.dmp
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\user.config
| MD5 | cec0be7ea37e1ddea565f7beb0d40514 |
| SHA1 | aa290c3ab4e31b157eab4561fe8bcb4362e4f168 |
| SHA256 | 27cc078951039ccdd6f2141346d74cb76f855b9f4326023a5b519d4b26783fa0 |
| SHA512 | 079a083816b3226c7b1ea7937745586e9080e596d010865424a67b82d5c9a4530c6d0ef66b1c6663d640ecc25163ad167f9f0ee060ac1cfdc7addf4a1fb2bd35 |
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\FeatureActions.zip
| MD5 | 2c610946dadcfe2dfe6a2a51b33bc589 |
| SHA1 | ef15b5d2504badf32aa89656ed83816d9a9e1ae7 |
| SHA256 | 0f2489989e4db04d48ea81fad1f6cbca31ed71a69a4fca31de331d52e3c0d214 |
| SHA512 | 9c516454138fc06a2e503842ce7e8800f5e6b460c46673e32f79df3ff35d475ed860ceeabbe701d3bb23589fd28ba821de08ebb159cb346c56622a35f7d676a7 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\h5gcw0uw.newcfg
| MD5 | a74d1cfbbc18b73e268c98ab295d91f1 |
| SHA1 | dc24d4b73eed9730288c51d3ca8c7f1b400e87ab |
| SHA256 | dd4eebca92bbba5fa4a89657ec07e2ca404f6f135e3d1f58aa0c04aed6e7934d |
| SHA512 | b3f5da67a90064e9c59ab292033bc61185d585a70f0cef500f453cc4746ac1f48f184109e49a68417130edf742591b3172f2854faad773c3218d6d3ae0e36df7 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\3maet4qz.newcfg
| MD5 | 8344150f1ec5d9491651b680134dae3b |
| SHA1 | f2ed5c704ec652735b9e89bd22aad971d1fb2ac0 |
| SHA256 | 39ed246ee99c865bcdc95366a1854070be717020721c3315daecf83eb0028f2c |
| SHA512 | 4c34ea121815622d7d9e0672e36f4a3756f22a2641ab79db76d2c04798dc9e63b303fe671cbd5615b24c023bd7c9ca0cac37161b9277cba4b7d52c82f6e23acb |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\mdjov02s.newcfg
| MD5 | 06188dbb3b7cff1908d4135e1ac86b4f |
| SHA1 | 51622ad9e9c1638214f34324440f5f0c3236f029 |
| SHA256 | 8eba494672e4941718bb4c99cfc186b9a14154223fd578757214830a15baf517 |
| SHA512 | e549bf3c13bed9b18a28042d296a5992e9c18ece285a9354112990acfa3092208e79ee1a52d23f3420b7efb1fee3dd2902684fdddfb0de484fb715bc168add93 |
memory/4256-12682-0x0000000006C90000-0x0000000006C9A000-memory.dmp
memory/1648-12699-0x0000000140000000-0x00000001405E8000-memory.dmp
memory/1648-12700-0x0000000140000000-0x00000001405E8000-memory.dmp
memory/1648-12708-0x0000000140000000-0x00000001405E8000-memory.dmp
memory/1648-12724-0x0000000140000000-0x00000001405E8000-memory.dmp
memory/1648-12725-0x0000000140000000-0x00000001405E8000-memory.dmp
memory/1648-12743-0x0000000140000000-0x00000001405E8000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\~DF2E98AC5D6C528D83.TMP
| MD5 | a770dc2e705810ddb8041d02a0d1f276 |
| SHA1 | ceeae03ae203a802c7f1054225ef53090608e069 |
| SHA256 | 372dc36aa55c010d85c1c8ca3fb31d27ff4b3a6323c540eaaf6ec4551706ca92 |
| SHA512 | 2e9164fc6cbbef129cab22ec79535c239b68ce72f078c54eec613037cb3efdc1711da44be2c3f972b1422dc8a2f5e7b10852705a310c9469322ae1ea5d77aea6 |
memory/5744-12894-0x000000001BC00000-0x000000001BEE2000-memory.dmp
memory/5744-12989-0x0000000002290000-0x0000000002298000-memory.dmp
C:\Program Files\ASTER\PowerSaver.scr._tm
| MD5 | afdd3bd33b9ff286f5f1d29953b1db63 |
| SHA1 | c195969c09781c1d3d3b729e29457097f02434c1 |
| SHA256 | 2b6e949e92f2a1d74e1187a56baf3bd3a1eb154dc7cf8e8b926130643de3b501 |
| SHA512 | 3a23dbce560be6e24ff404bf99f325b8784f40200d4ac5f77162181aa50441b5f9f525b214f82005f0d642ca4ac2e5b0944a3d6f14a238f1823d9e92d549a4b4 |
C:\Program Files\ASTER\EULA\EULA_ES.rtf._tm
| MD5 | bc86e386b32e3494f938e02930e8c7db |
| SHA1 | f42f117689743e5a96da0a1a24f0dfd428a3d2d3 |
| SHA256 | 78f10fae62b065b031527a98d5737ef4ad1b8873a590ff0036b6fd406a30cc3f |
| SHA512 | 63636f40abdf85ce2c57901354cc1ddf1a948a84b886df6a28dc6f3463fc2f6826dfeb21f1bead5b60eb78a3e1cab61b155fadbdddfd34d381bba7b54ab8e010 |
C:\Program Files\ASTER\EULA\EULA_RU.rtf
| MD5 | 7831e5de41bc4f1e71cdce095d16d3d1 |
| SHA1 | c8d564a51b18357e9fff79ae79145f1ca9d7dc6a |
| SHA256 | 8da480b273be868818904207be3265ca71af72de544338c033b6270f1e29e87e |
| SHA512 | 93730ec08f57186138008cdbb617bb7d88c6b82fcc0119b9a2ba74008109b07e2a06276305abe4a9892446606c8e49f5240f0f5784f3b85b77e0ce6a186472a6 |
C:\Program Files\ASTER\mutesv.exe
| MD5 | bd4ec0873fabdee2952e40b4efa71932 |
| SHA1 | e1ac4f2d1a110f3c163b8962fd2e194b74130c0c |
| SHA256 | 8bc1f72467a046049739c08c14750e820cbdc06f581aaca582036986223b1e2a |
| SHA512 | 0b40340b8af641f23a200b4691f9468635aec51b0074bdd7d01ec19432e6ec2ca1436e14f54b40fa02ca6248f81ead10d7affc0a3f233092b2bc755c051a98e7 |
C:\Program Files\ASTER\mutewizard.exe
| MD5 | 94b7e99eeabf7c4111e8367f0d3ee760 |
| SHA1 | 0b3f6299bb379560e7c8403d1a49cb90f916c3a0 |
| SHA256 | 2260192ee4be4bfc09e3764c11f9bae756a38d93f97e1c42f93ea01bc369c73c |
| SHA512 | 8d3bfc20cb39fa0a435eea72ba6825e5458c1a1f0b58229669df27ddfc5fe2b2278755f22594f379affa87289efa5771bb7fef8f54f7dde615cfc76a2b9b0487 |
memory/1648-13485-0x0000000140000000-0x00000001405E8000-memory.dmp
memory/1648-13486-0x0000000140000000-0x00000001405E8000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\D24D6AB0\Setup.ico
| MD5 | b293b41bc26f77560913ae3a4bc71805 |
| SHA1 | 909325132adc0632420a7a318c13f332d33d8d6b |
| SHA256 | 3fbcdd827088a305f3153ff4a9a134e75a11f7ea1e3fb6b0578043c21c603514 |
| SHA512 | 3d7ed10967fdbe5a63da3b1ccf3633ee1762d2f64717f5d539ba235b7d0e7a16e050e646e734218e51feb6c90b3fbff2ffca203fa6d69931003c93d2015fef07 |
C:\Users\Admin\AppData\Local\Temp\D24D6AB0\Readme.txt
| MD5 | 045d9afa3c9fe47e0d5111a940dc9ee6 |
| SHA1 | d0c340d020d2fa6039e28e80abfeb2c11a24c358 |
| SHA256 | 7e9a4e36d42298340c27a87684e584be1874a207c8069ddfc90de011a4c078b4 |
| SHA512 | e21de3268b743179ff0643e35700f37d7c8095d50e0adaa014dacd216fbeaeeed574a9738e687e23c93f4c326d37a3d66ce40b1691073db4a31826fc1175db13 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp
| MD5 | 18e723571b00fb1694a3bad6c78e4054 |
| SHA1 | afcc0ef32d46fe59e0483f9a3c891d3034d12f32 |
| SHA256 | 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa |
| SHA512 | 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
memory/1648-13561-0x0000000140000000-0x00000001405E8000-memory.dmp
memory/1648-13562-0x0000000140000000-0x00000001405E8000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ea87c1c6-7b4f-40d5-8479-3b2e3939b016.tmp
| MD5 | 8ea545e42b9cdd55f900a2acffe23258 |
| SHA1 | bb7733953dbde15f96e3f8a6d33725a2d2b0121f |
| SHA256 | aff3463258ad16c5a8677bb36c407f8c601b0a3cba406bd881192faa81e9fc23 |
| SHA512 | 2db1614538fc1f9d25656b1dcf9b258a43f5c2f76b285979883783aac5583082b911dd198ea1e9fe3ef8aee12405c06ca5e1c1b77da144dd86e4648c7be4c6eb |
memory/1648-13644-0x0000000140000000-0x00000001405E8000-memory.dmp
memory/1648-13645-0x0000000140000000-0x00000001405E8000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 7b5bb8c261cb3ea203f643075d39a525 |
| SHA1 | e710f8415548bcd67008d3cb0b3cc1cf97f81891 |
| SHA256 | 80dd403d1c5c71c38fd4062af0d3d1d76c1dae7193170970938ab6172e384df0 |
| SHA512 | c44e1cf392bbc936ec733bbcc933fe679fe8e063786916790d8a2a844aa07dfb05eb4121842b80dd58f3e586ac57732311ecdeac0d39bebe29f281bf6247c37d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\datareporting\glean\pending_pings\3002f2d5-1ec8-4204-abb4-2ea596e8578c
| MD5 | a5efbab68d12b90302b0b341c7e0ced3 |
| SHA1 | 6b33255fe0b8f79695e86f4ea04791c38c9c1631 |
| SHA256 | df209f5c74cef42f3ca829ef21fef2c77c03e5ac143732c2f1340fd684b71941 |
| SHA512 | f8341492027b5f2d4d4124529590a037cf44be2ed99886dce0d49f9b7f1ad1695e2b4f79d481cc5e4cdc83667c543b83ae173170e14df7ed5424df185ad94b8a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\datareporting\glean\pending_pings\5593f60e-dbed-46d4-a88b-03d8080838e3
| MD5 | 289b463af39cfcdf0d9d8f3fe6a9c315 |
| SHA1 | 9fb898059120189eb8c547f2c06d35bd228a2224 |
| SHA256 | 097be1c724b613cb59332656a5cac734e08e393d2fe1c91988bb7f9a36df331a |
| SHA512 | 76fea012812ea21f2f400eb3aa08087c7b6b16659129dd7054f246db5e04de8523c45948a5bf671c5e506167b7c0cb463e778823d3787042e150b75660638a5f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\doomed\12388
| MD5 | 9f9fb79c9e91546cee9ee566c1f4b182 |
| SHA1 | 39129cc13132797d455843733501004a173e3bca |
| SHA256 | b07bd92219f8ed26ae32d2df93f2f92f2becde13ff4653a74c9c3bf71bbe97d2 |
| SHA512 | c1f21528420928f3c5a0bfd1d0c4a5702e5458ffbfaec1982c51353ecce16afae1a6c3e75f0727e373987b6c76e6d06e09220645b3ae8d64f06c522d547831d6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\prefs-1.js
| MD5 | a9cabc3a9d71256b9fe54ec4f58c6310 |
| SHA1 | d9d1edf8220e9f5eb562b6aef1129a6c050cfb8a |
| SHA256 | a6d2a570b9234aec95a9153491833f14c32db34943b6766c6f5760dd6f7a3719 |
| SHA512 | 38ca33d7da390f5e5aa7d90f3ede4d5f8d528749c5b7d417b6371357c43259bb030b8f2d427cb30bcac09b29c76c0b716afce6686448ee80a9cbb2a24c40831a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\C5C9BC10EDCB546E4D19440495CD77A8635471F3
| MD5 | 2008897a0c6818698d29637fb8eeb0f0 |
| SHA1 | 9153b55c69214ee132f52f5f42081e42ebe83cef |
| SHA256 | 52900a7a2e5d7717495a869c65302273a60f8881419db52d36933d377ffacf29 |
| SHA512 | b6a342022fead5a8a87dfa3647c2c94f87897002df8bd7c02fce9b55e6934308bce2caf0509c9b63478372520ae2c8a192ff6cffa8525f60e4e3b7d1a8528505 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\F3C6750171CAD7F1B66299812339C7B6E8CF80B3
| MD5 | 6db2ecb9a16170ecbe235ab92ab73303 |
| SHA1 | 19e72a55a5da813812f27c69562b729a4992bc27 |
| SHA256 | 8d888dda0451a8f3396b097dd5daff32d4746073f7ec68c80ef7c1edb7e1c7f8 |
| SHA512 | 0c33ab8894c72a4ce571ac8936064d53206ba5f428c98e84fbf750185e67ffd3370edee2913e1540018c7858e7032116f06f895c66666653191d454875e7c1e6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\DAE3E074CE8DF23D65BF8B2AF1D46FA81C0559AF
| MD5 | ca46f38bc6f041374524c8a4d341fa55 |
| SHA1 | 44c6d35ab17b85835a0e562db57720e9f53fe65a |
| SHA256 | 3b0342a1c323fd0cb6cac1f375cfb7e1a91df1f9cb1a9a5e84d8921d542ffd5b |
| SHA512 | 1abfd48c102ee2ec534aaf8dffb388546ab97ca2ad04bc645fc7dc3cabf1c2ad067e23c826491d4c2ff8925a726dd43479401e22638d21590a356b26ec91d5cc |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\616AB70ABAEF9D8489FCE6E76F0E12F837EB7A4A
| MD5 | d8e88174e267cde1f928ece3b7c56f5f |
| SHA1 | cb6d5b87d3e4840c6b293843e56f5e0b9da4cca8 |
| SHA256 | bb57e14487cff200554962edf6fb105945a3eb0d6c9a339554a189907debfe98 |
| SHA512 | d3cee2a32c850351c4307d7113305244386dbd0b2de2a936db83c0c0f76f1d3dd88993ecacfe579ee7e323fea67107ce64d094e7bb4f2ea97303acead33f3a95 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\z3l10m6w.default-release\cache2\entries\42988A3EA9BCE2F090887C01E2BEB626609D54B5
| MD5 | 6581c5959f322c145ad36385a4b4dff0 |
| SHA1 | f5a36f235f78a7a82ed243c1e03d77c71a3e90bb |
| SHA256 | a17db404364f536fdb6b18521e739286ff51f3553d72908b1bb986c10bcb7338 |
| SHA512 | 6ad326d6e051703cda6e4e154f63e43f5f393ed37ea925eb91a8a3148964832efc2a1f347fbd00aa443527052a285d2075c78b391b4e64edc626ec82057cd7d6 |
memory/1648-13874-0x0000000140000000-0x00000001405E8000-memory.dmp
memory/1648-13875-0x0000000140000000-0x00000001405E8000-memory.dmp
memory/1648-13907-0x0000000140000000-0x00000001405E8000-memory.dmp
memory/1648-13911-0x0000000140000000-0x00000001405E8000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionCheckpoints.json.tmp
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionstore.jsonlz4
| MD5 | 57c3aed333bda76f54b7950a0ff2d8c6 |
| SHA1 | c230ec9fac64463e6d94b01688e75041965c9da7 |
| SHA256 | f6b42ac8e1d4f44733221a43f14cd24e0e6316031087bffb9cfa49bd5d3f1d1d |
| SHA512 | 77421b14eb8ca2a4d39be7219b2da86761490decb30598e319df04117142e81067f8d9a389d1b87d71b214b016711dc89918cf70c9c2e26a37172d42f0dd47ff |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z3l10m6w.default-release\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |