Analysis Overview
Threat Level: Known bad
The file http://example.com was found to be: Known bad.
Malicious Activity Summary
Banload
Banload family
Identifies VirtualBox via ACPI registry values (likely anti-VM)
Blocklisted process makes network request
Creates new service(s)
Executes dropped EXE
Checks BIOS information in registry
Loads dropped DLL
Modifies file permissions
Reads user/profile data of web browsers
Network Service Discovery
Enumerates connected drives
Checks installed software on the system
Drops file in System32 directory
UPX packed file
Drops file in Windows directory
Subvert Trust Controls: Mark-of-the-Web Bypass
Drops file in Program Files directory
Launches sc.exe
System Location Discovery: System Language Discovery
Enumerates physical storage devices
Suspicious use of WriteProcessMemory
Views/modifies file attributes
Modifies data under HKEY_USERS
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SetWindowsHookEx
Checks SCSI registry key(s)
Kills process with taskkill
Suspicious behavior: LoadsDriver
Scheduled Task/Job: Scheduled Task
Modifies registry class
Uses Volume Shadow Copy service COM API
Modifies Internet Explorer settings
NTFS ADS
Suspicious use of FindShellTrayWindow
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: EnumeratesProcesses
Modifies system certificate store
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2025-02-23 17:52
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2025-02-23 17:52
Reported
2025-02-23 18:10
Platform
win11-20250218-en
Max time kernel
371s
Max time network
865s
Command Line
Signatures
Banload
Banload family
Identifies VirtualBox via ACPI registry values (likely anti-VM)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
Blocklisted process makes network request
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\rundll32.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\rundll32.exe | N/A |
Creates new service(s)
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Modifies file permissions
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SYSTEM32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\takeown.exe | N/A |
Reads user/profile data of web browsers
Checks installed software on the system
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\I: | C:\Windows\SysWOW64\msiexec.exe | N/A |
| File opened (read-only) | \??\R: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\A: | C:\Users\Admin\Downloads\Let's Compress.exe | N/A |
| File opened (read-only) | \??\G: | C:\Users\Admin\Downloads\Let's Compress.exe | N/A |
| File opened (read-only) | \??\J: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\G: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\K: | C:\Users\Admin\Downloads\Let's Compress.exe | N/A |
| File opened (read-only) | \??\E: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\SysWOW64\msiexec.exe | N/A |
| File opened (read-only) | \??\T: | C:\Windows\SysWOW64\msiexec.exe | N/A |
| File opened (read-only) | \??\R: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\O: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\N: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\P: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Z: | C:\Windows\SysWOW64\msiexec.exe | N/A |
| File opened (read-only) | \??\L: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\W: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Users\Admin\Downloads\Let's Compress.exe | N/A |
| File opened (read-only) | \??\H: | C:\Users\Admin\Downloads\Let's Compress.exe | N/A |
| File opened (read-only) | \??\N: | C:\Users\Admin\Downloads\Let's Compress.exe | N/A |
| File opened (read-only) | \??\W: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\P: | C:\Windows\SysWOW64\msiexec.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\U: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\V: | C:\Users\Admin\Downloads\Let's Compress.exe | N/A |
| File opened (read-only) | \??\G: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\R: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\SysWOW64\msiexec.exe | N/A |
| File opened (read-only) | \??\J: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\B: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\J: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\S: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\L: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\X: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\B: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\X: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\U: | C:\Users\Admin\Downloads\Let's Compress.exe | N/A |
| File opened (read-only) | \??\J: | C:\Windows\SysWOW64\msiexec.exe | N/A |
| File opened (read-only) | \??\S: | C:\Users\Admin\Downloads\Let's Compress.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\U: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\M: | C:\Users\Admin\Downloads\Let's Compress.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\SysWOW64\msiexec.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\I: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\N: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\W: | C:\Users\Admin\Downloads\Let's Compress.exe | N/A |
| File opened (read-only) | \??\T: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\P: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\A: | C:\Windows\SysWOW64\msiexec.exe | N/A |
| File opened (read-only) | \??\O: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\V: | C:\Windows\SysWOW64\msiexec.exe | N/A |
| File opened (read-only) | \??\P: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\J: | C:\Users\Admin\Downloads\Let's Compress.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\T: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\E: | C:\Windows\System32\msiexec.exe | N/A |
Network Service Discovery
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\SysWOW64\is-F0USJ.tmp | C:\Users\Admin\AppData\Local\Temp\is-ACIQS.tmp\spywareblastersetup55.tmp | N/A |
| File created | C:\Windows\SysWOW64\is-12DJ7.tmp | C:\Users\Admin\AppData\Local\Temp\is-ACIQS.tmp\spywareblastersetup55.tmp | N/A |
| File opened for modification | C:\Windows\System32\GroupPolicy | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\GroupPolicy\gpt.ini | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files (x86)\SpywareBlaster\sbdatabase.dtb | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| File created | C:\Program Files\Cloudflare\Cloudflare WARP\aws_lc_fips_0_12_10_crypto.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Cloudflare\Cloudflare WARP\aws_lc_fips_0_12_10_rust_wrapper.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Program Files (x86)\SpywareBlaster\unins000.dat | C:\Users\Admin\AppData\Local\Temp\is-ACIQS.tmp\spywareblastersetup55.tmp | N/A |
| File created | C:\Program Files\Cloudflare\Cloudflare WARP\warp-cli.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\SpywareBlaster\is-8KL9H.tmp | C:\Users\Admin\AppData\Local\Temp\is-ACIQS.tmp\spywareblastersetup55.tmp | N/A |
| File created | C:\Program Files (x86)\SpywareBlaster\is-6IVNJ.tmp | C:\Users\Admin\AppData\Local\Temp\is-ACIQS.tmp\spywareblastersetup55.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\SpywareBlaster\chromeckdb.dtb | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| File created | C:\Program Files\Cloudflare\Cloudflare WARP\warp_ipc.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\SpywareBlaster\is-M27PV.tmp | C:\Users\Admin\AppData\Local\Temp\is-ACIQS.tmp\spywareblastersetup55.tmp | N/A |
| File created | C:\Program Files (x86)\SpywareBlaster\is-5JMAU.tmp | C:\Users\Admin\AppData\Local\Temp\is-ACIQS.tmp\spywareblastersetup55.tmp | N/A |
| File created | C:\Program Files (x86)\SpywareBlaster\is-U645L.tmp | C:\Users\Admin\AppData\Local\Temp\is-ACIQS.tmp\spywareblastersetup55.tmp | N/A |
| File created | C:\Program Files (x86)\SpywareBlaster\is-74T0S.tmp | C:\Users\Admin\AppData\Local\Temp\is-ACIQS.tmp\spywareblastersetup55.tmp | N/A |
| File created | C:\Program Files (x86)\SpywareBlaster\is-RS923.tmp | C:\Users\Admin\AppData\Local\Temp\is-ACIQS.tmp\spywareblastersetup55.tmp | N/A |
| File created | C:\Program Files (x86)\SpywareBlaster\is-1DVF9.tmp | C:\Users\Admin\AppData\Local\Temp\is-ACIQS.tmp\spywareblastersetup55.tmp | N/A |
| File created | C:\Program Files (x86)\SpywareBlaster\is-R2LTS.tmp | C:\Users\Admin\AppData\Local\Temp\is-ACIQS.tmp\spywareblastersetup55.tmp | N/A |
| File created | C:\Program Files\Cloudflare\Cloudflare WARP\warp-dex.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Cloudflare\Cloudflare WARP\warp-svc.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Cloudflare\Cloudflare WARP\wintun.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\SpywareBlaster\is-GVA7R.tmp | C:\Users\Admin\AppData\Local\Temp\is-ACIQS.tmp\spywareblastersetup55.tmp | N/A |
| File created | C:\Program Files (x86)\SpywareBlaster\is-TSTSU.tmp | C:\Users\Admin\AppData\Local\Temp\is-ACIQS.tmp\spywareblastersetup55.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\SpywareBlaster\ckdatabase.dtb | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| File opened for modification | C:\Program Files (x86)\SpywareBlaster\chromescdb.dtb | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| File created | C:\Program Files (x86)\SpywareBlaster\is-M78VB.tmp | C:\Users\Admin\AppData\Local\Temp\is-ACIQS.tmp\spywareblastersetup55.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\SpywareBlaster\rsdatabase.dtb | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| File created | C:\Program Files\Cloudflare\Cloudflare WARP\warp-diag.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\SpywareBlaster\dep\is-FCFTH.tmp | C:\Users\Admin\AppData\Local\Temp\is-ACIQS.tmp\spywareblastersetup55.tmp | N/A |
| File created | C:\Program Files (x86)\SpywareBlaster\is-I8R0B.tmp | C:\Users\Admin\AppData\Local\Temp\is-ACIQS.tmp\spywareblastersetup55.tmp | N/A |
| File created | C:\Program Files (x86)\SpywareBlaster\is-M9I61.tmp | C:\Users\Admin\AppData\Local\Temp\is-ACIQS.tmp\spywareblastersetup55.tmp | N/A |
| File created | C:\Program Files\Cloudflare\Cloudflare WARP\Cloudflare WARP.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\SpywareBlaster\unins000.dat | C:\Users\Admin\AppData\Local\Temp\is-ACIQS.tmp\spywareblastersetup55.tmp | N/A |
| File created | C:\Program Files (x86)\SpywareBlaster\is-Q88TJ.tmp | C:\Users\Admin\AppData\Local\Temp\is-ACIQS.tmp\spywareblastersetup55.tmp | N/A |
| File created | C:\Program Files (x86)\SpywareBlaster\is-9UB3V.tmp | C:\Users\Admin\AppData\Local\Temp\is-ACIQS.tmp\spywareblastersetup55.tmp | N/A |
| File created | C:\Program Files (x86)\SpywareBlaster\is-MUC8D.tmp | C:\Users\Admin\AppData\Local\Temp\is-ACIQS.tmp\spywareblastersetup55.tmp | N/A |
| File created | C:\Program Files (x86)\SpywareBlaster\is-LHJJU.tmp | C:\Users\Admin\AppData\Local\Temp\is-ACIQS.tmp\spywareblastersetup55.tmp | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\Installer\e5d9a17.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI9A9E.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\inprogressinstallinfo.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\SourceHash{C69BD129-10F4-4332-A279-B754DE05A911} | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\SFXCA9DE06CBCE040D61B7E6C0E313D4C8E2F\WixToolset.Dtf.WindowsInstaller.dll | C:\Windows\SysWOW64\rundll32.exe | N/A |
| File created | C:\Windows\SystemTemp\~DFC7AB152AC80A6DA4.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\SFXCA9DE06CBCE040D61B7E6C0E313D4C8E2F\RequestSender.dll | C:\Windows\SysWOW64\rundll32.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI676B.tmp-0\Warp.Installer.Actions.dll | C:\Windows\system32\rundll32.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI9AFD.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\SFXCA68BD3185194C5A88D656F9EF9C7F66CA\Microsoft.Win32.TaskScheduler.resources.dll | C:\Windows\SysWOW64\rundll32.exe | N/A |
| File opened for modification | C:\Windows\Installer\SFXCAADA352EFAD4D0C9B955F6A1BEE02C4A8\Microsoft.Win32.TaskScheduler.dll | C:\Windows\SysWOW64\rundll32.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI595D.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI5A88.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI9AED.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI9B1F.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\SFXCA68BD3185194C5A88D656F9EF9C7F66CA\RequestSender.dll | C:\Windows\SysWOW64\rundll32.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF5D81C213D985497C.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF55D1B771AAA03824.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\SFXCAADA352EFAD4D0C9B955F6A1BEE02C4A8\WixToolset.Dtf.WindowsInstaller.dll | C:\Windows\SysWOW64\rundll32.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF2A4D65D3C933EE81.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI59AC.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI5BE1.tmp-0\Newtonsoft.Json.dll | C:\Windows\system32\rundll32.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF63EFD34546708156.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI676B.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\ | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\SFXCA9DE06CBCE040D61B7E6C0E313D4C8E2F\CustomAction.config | C:\Windows\SysWOW64\rundll32.exe | N/A |
| File opened for modification | C:\Windows\Installer\e5d9a10.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI9CD7.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIAC1E.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI69CD.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\{09B66760-FE2C-426F-852E-296E112C2DB4}\icon.ico | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF2E96A6FD7FAC738C.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI9BEC.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI9F2C.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\SFXCAADA352EFAD4D0C9B955F6A1BEE02C4A8\RequestSender.dll | C:\Windows\SysWOW64\rundll32.exe | N/A |
| File opened for modification | C:\Windows\Installer\SFXCAADA352EFAD4D0C9B955F6A1BEE02C4A8\CustomAction.config | C:\Windows\SysWOW64\rundll32.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI676B.tmp-0\Common.dll | C:\Windows\system32\rundll32.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI5BE1.tmp-0\Microsoft.Deployment.WindowsInstaller.dll | C:\Windows\system32\rundll32.exe | N/A |
| File opened for modification | C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI9A8D.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI9D07.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e5d9a14.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\SFXCAADA352EFAD4D0C9B955F6A1BEE02C4A8\Microsoft.Win32.TaskScheduler.resources.dll | C:\Windows\SysWOW64\rundll32.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI676B.tmp-0\CustomAction.config | C:\Windows\system32\rundll32.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI6C5F.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI9B0E.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\SFXCA68BD3185194C5A88D656F9EF9C7F66CA\Microsoft.Win32.TaskScheduler.dll | C:\Windows\SysWOW64\rundll32.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI9D27.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\SFXCA9DE06CBCE040D61B7E6C0E313D4C8E2F\Microsoft.Win32.TaskScheduler.resources.dll | C:\Windows\SysWOW64\rundll32.exe | N/A |
| File created | C:\Windows\Installer\e5d9a15.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI5BE1.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\{09B66760-FE2C-426F-852E-296E112C2DB4}\icon.ico | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\SFXCA68BD3185194C5A88D656F9EF9C7F66CA\WixToolset.Dtf.WindowsInstaller.dll | C:\Windows\SysWOW64\rundll32.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI9B7D.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DFDD638D8AECBE9200.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DFFF32223B3469DB10.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\e5d9a15.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\SourceHash{09B66760-FE2C-426F-852E-296E112C2DB4} | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI5BE1.tmp-0\Common.dll | C:\Windows\system32\rundll32.exe | N/A |
| File created | C:\Windows\Installer\e5d9a10.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\SFXCA68BD3185194C5A88D656F9EF9C7F66CA\CustomAction.config | C:\Windows\SysWOW64\rundll32.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIA8E1.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI5BE1.tmp-0\CustomAction.config | C:\Windows\system32\rundll32.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI676B.tmp-0\Microsoft.Deployment.WindowsInstaller.dll | C:\Windows\system32\rundll32.exe | N/A |
Launches sc.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\HiJackThis.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\spywareblastersetup55.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Let's Compress.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\SpybotPortable_2.6.paf.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\is-ACIQS.tmp\spywareblastersetup55.tmp | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\SpybotPortable\App\Spybot\SDScan.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\rundll32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\spywareblastersetup55.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Let's Compress.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\rundll32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\SpybotPortable\App\Spybot\SDWelcome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\rundll32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\SpybotPortable_2.6.paf.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\SpybotPortable\SpybotPortable.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\HiJackThis.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters | C:\Windows\system32\vssvc.exe | N/A |
| Key created | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr | C:\Windows\system32\vssvc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr\PartitionTableCache = 0000000004000000a5400205d534eb680000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000c01200000000ffffffff000000002701010000080000a54002050000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d01200000000000020ed3a000000ffffffff000000000700010000680900a5400205000000000000d012000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0ff3a0000000000000005000000ffffffff000000000700010000f87f1da5400205000000000000f0ff3a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000a540020500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Windows\system32\vssvc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr\SnapshotDataCache = 534e41505041525401000000700000008ec7416a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Windows\system32\vssvc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters | C:\Windows\system32\vssvc.exe | N/A |
Kills process with taskkill
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SYSTEM32\taskkill.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{C74190B6-8589-11D1-B16A-00C0F0283628} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{C74190B6-8589-11D1-B16A-00C0F0283628}\Compatibility Flags = "1024" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{9181DC5F-E07D-418A-ACA6-8EEA1ECB8E9E} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{8E3867A3-8586-11D1-B16A-00C0F0283628}\AlternateCLSID = "{585AA280-ED8B-46B2-93AE-132ECFA1DAFC}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{627C8B79-918A-4C5C-9E19-20F66BF30B86}\AlternateCLSID = "{585AA280-ED8B-46B2-93AE-132ECFA1DAFC}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{1EFB6596-857C-11D1-B16A-00C0F0283628}\AlternateCLSID = "{9A948063-66C3-4F63-AB46-582EDAA35047}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{35053A22-8589-11D1-B16A-00C0F0283628} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{2C247F23-8591-11D1-B16A-00C0F0283628}\AlternateCLSID = "{556C2772-F1AD-4DE1-8456-BD6E8F66113B}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{627C8B79-918A-4C5C-9E19-20F66BF30B86} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{979127D3-7D01-4FDE-AF65-A698091468AF}\AlternateCLSID = "{CCDB0DF2-FD1A-4856-80BC-32929D8359B7}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{2B11E9B0-9F09-11D0-9484-00A0C91110ED} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{DD9DA666-8594-11D1-B16A-00C0F0283628}\AlternateCLSID = "{87DACC48-F1C5-4AF3-84BA-A2A72C2AB959}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{F08DF954-8592-11D1-B16A-00C0F0283628} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{7DC6F291-BF55-4E50-B619-EF672D9DCC58} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{9181DC5F-E07D-418A-ACA6-8EEA1ECB8E9E}\Compatibility Flags = "1024" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{9181DC5F-E07D-418A-ACA6-8EEA1ECB8E9E}\AlternateCLSID = "{95F0B3BE-E8AC-4995-9DCA-419849E06410}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{2B11E9B0-9F09-11D0-9484-00A0C91110ED}\AlternateCLSID = "{1EAC2F2A-251F-4BA8-8617-99A8DD715453}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{99FF4677-FFC3-11D0-BD02-00C04FC2FB86}\Compatibility Flags = "1024" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{DD9DA666-8594-11D1-B16A-00C0F0283628} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{F91CAF91-225B-43A7-BB9E-472F991FC402} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{979127D3-7D01-4FDE-AF65-A698091468AF} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{35053A22-8589-11D1-B16A-00C0F0283628}\Compatibility Flags = "1024" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{F08DF954-8592-11D1-B16A-00C0F0283628}\Compatibility Flags = "1024" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{F91CAF91-225B-43A7-BB9E-472F991FC402}\AlternateCLSID = "{556C2772-F1AD-4DE1-8456-BD6E8F66113B}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{BDD1F04B-858B-11D1-B16A-00C0F0283628} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\AlternateCLSID = "{CCDB0DF2-FD1A-4856-80BC-32929D8359B7}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{627C8B79-918A-4C5C-9E19-20F66BF30B86}\Compatibility Flags = "1024" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{1EFB6596-857C-11D1-B16A-00C0F0283628} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{99FF4677-FFC3-11D0-BD02-00C04FC2FB86}\AlternateCLSID = "{D606EEC9-8368-4F10-88DB-BF5563EC36F6}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{7DC6F291-BF55-4E50-B619-EF672D9DCC58}\Compatibility Flags = "1024" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{2B11E9B0-9F09-11D0-9484-00A0C91110ED}\Compatibility Flags = "1024" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\Compatibility Flags = "1024" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{2C247F23-8591-11D1-B16A-00C0F0283628} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{7DC6F291-BF55-4E50-B619-EF672D9DCC58}\AlternateCLSID = "{8B2ADD10-33B7-4506-9569-0A1E1DBBEBAE}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{996BF5E0-8044-4650-ADEB-0B013914E99C} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{66833FE6-8583-11D1-B16A-00C0F0283628} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{99FF4677-FFC3-11D0-BD02-00C04FC2FB86} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{DD9DA666-8594-11D1-B16A-00C0F0283628}\Compatibility Flags = "1024" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{2C247F23-8591-11D1-B16A-00C0F0283628}\Compatibility Flags = "1024" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{6D835690-900B-11D0-9484-00A0C91110ED} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{35053A22-8589-11D1-B16A-00C0F0283628}\AlternateCLSID = "{A0E7BF67-8D30-4620-8825-7111714C7CAB}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{66833FE6-8583-11D1-B16A-00C0F0283628}\Compatibility Flags = "1024" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{66833FE6-8583-11D1-B16A-00C0F0283628}\AlternateCLSID = "{8B2ADD10-33B7-4506-9569-0A1E1DBBEBAE}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{C74190B6-8589-11D1-B16A-00C0F0283628}\AlternateCLSID = "{95F0B3BE-E8AC-4995-9DCA-419849E06410}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{6D835690-900B-11D0-9484-00A0C91110ED}\AlternateCLSID = "{7E96FC67-468E-4E70-B246-D42078DD2361}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{996BF5E0-8044-4650-ADEB-0B013914E99C}\Compatibility Flags = "1024" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{979127D3-7D01-4FDE-AF65-A698091468AF}\Compatibility Flags = "1024" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{F08DF954-8592-11D1-B16A-00C0F0283628}\AlternateCLSID = "{0B314611-2C19-4AB4-8513-A6EEA569D3C4}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{8E3867A3-8586-11D1-B16A-00C0F0283628} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{8E3867A3-8586-11D1-B16A-00C0F0283628}\Compatibility Flags = "1024" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{1EFB6596-857C-11D1-B16A-00C0F0283628}\Compatibility Flags = "1024" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{24B224E0-9545-4A2F-ABD5-86AA8A849385}\Compatibility Flags = "1024" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{6D835690-900B-11D0-9484-00A0C91110ED}\Compatibility Flags = "1024" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{F91CAF91-225B-43A7-BB9E-472F991FC402}\Compatibility Flags = "1024" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{24B224E0-9545-4A2F-ABD5-86AA8A849385} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{996BF5E0-8044-4650-ADEB-0B013914E99C}\AlternateCLSID = "{CCDB0DF2-FD1A-4856-80BC-32929D8359B7}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{24B224E0-9545-4A2F-ABD5-86AA8A849385}\AlternateCLSID = "{9A948063-66C3-4F63-AB46-582EDAA35047}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27 | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Safer Networking Limited\Localization\C:\Users\Admin\Downloads\SpybotPortable\App\Spybot\ = "en_IE" | C:\Users\Admin\Downloads\SpybotPortable\App\Spybot\SDWelcome.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Safer Networking Limited\Localization\C:\Users\Admin\Downloads\SpybotPortable\App\Spybot\ = "en_IE" | C:\Users\Admin\Downloads\SpybotPortable\App\Spybot\SDScan.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Safer Networking Limited\Localization | C:\Users\Admin\Downloads\SpybotPortable\App\Spybot\SDWelcome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT | C:\Users\Admin\Downloads\SpybotPortable\App\Spybot\SDWelcome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software | C:\Users\Admin\Downloads\SpybotPortable\App\Spybot\SDWelcome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Safer Networking Limited | C:\Users\Admin\Downloads\SpybotPortable\App\Spybot\SDWelcome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Safer Networking Limited\Localization\ | C:\Users\Admin\Downloads\SpybotPortable\App\Spybot\SDWelcome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Safer Networking Limited\Localization | C:\Users\Admin\Downloads\SpybotPortable\App\Spybot\SDScan.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{24B224E0-9545-4A2F-ABD5-86AA8A849385}\MiscStatus\1\ = "131473" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MSComctlLib.ProgCtrl | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{C27CCE3A-8596-11D1-B16A-00C0F0283628}\InprocServer32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{66833FED-8583-11D1-B16A-00C0F0283628} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{F91CAF91-225B-43A7-BB9E-472F991FC402}\ToolboxBitmap32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{F91CAF91-225B-43A7-BB9E-472F991FC402}\Implemented Categories\{40FC6ED4-2438-11CF-A3DB-080036F12502} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{627C8B79-918A-4C5C-9E19-20F66BF30B86}\CONTROL | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{3B6C15BE-F9FD-7E15-F865-ABA8E2A09915}\lxSffdZrpjp\ = "_`wB|iP" | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MSSTDFMT.StdDataFormats\CLSID\ = "{99FF4677-FFC3-11D0-BD02-00C04FC2FB86}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9181DC5F-E07D-418A-ACA6-8EEA1ECB8E9E}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\InprocServer32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0B314611-2C19-4AB4-8513-A6EEA569D3C4}\Programmable | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{BDD1F055-858B-11D1-B16A-00C0F0283628}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2C247F22-8591-11D1-B16A-00C0F0283628}\TypeLib\Version = "2.1" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{3B6C15BE-F9FD-7E15-F865-ABA8E2A09915}\lxSffdZrpjp\ = "_gM}]O@" | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MSComctlLib.TreeCtrl\CLSID\ = "{95F0B3BE-E8AC-4995-9DCA-419849E06410}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{24B224E0-9545-4A2F-ABD5-86AA8A849385}\Implemented Categories\{0DE86A57-2BAA-11CF-A229-00AA003D7352} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{556C2772-F1AD-4DE1-8456-BD6E8F66113B}\VersionIndependentProgID | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MSComctlLib.ImageComboCtl\CurVer | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99FF4676-FFC3-11D0-BD02-00C04FC2FB86}\TypeLib\Version = "1.0" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{24B224E0-9545-4A2F-ABD5-86AA8A849385}\VersionIndependentProgID\ = "MSComctlLib.TabStrip" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{7DC6F291-BF55-4E50-B619-EF672D9DCC58}\ProgID | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{627C8B79-918A-4C5C-9E19-20F66BF30B86}\Version\ = "2.1" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0B314611-2C19-4AB4-8513-A6EEA569D3C4}\ProgID\ = "MSComctlLib.Slider.2" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1EFB6597-857C-11D1-B16A-00C0F0283628} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DD9DA660-8594-11D1-B16A-00C0F0283628}\TypeLib\ = "{831FDD16-0C5C-11D2-A9FC-0000F8754DA1}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{7DC6F291-BF55-4E50-B619-EF672D9DCC58}\ToolboxBitmap32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2287204051-441334380-1151193565-1000_Classes\{5C321E34-4206-13D1-B2E4-0060975B8649}\bgyxwhiefeT\ = "[kA[dB^Y\\IM`hHjIfVzernEmjzT" | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CCDB0DF2-FD1A-4856-80BC-32929D8359B7}\MiscStatus | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\TypeLib\ = "{831FDD16-0C5C-11D2-A9FC-0000F8754DA1}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{831FDD16-0C5C-11D2-A9FC-0000F8754DA1}\2.1\HELPDIR\ | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C74190B8-8589-11D1-B16A-00C0F0283628}\TypeLib | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2C247F24-8591-11D1-B16A-00C0F0283628}\TypeLib\Version = "2.1" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F08DF952-8592-11D1-B16A-00C0F0283628}\TypeLib\Version = "2.1" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9A948063-66C3-4F63-AB46-582EDAA35047} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\ProgID\ = "MSComctlLib.ProgCtrl.2" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DD9DA660-8594-11D1-B16A-00C0F0283628}\TypeLib | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2B11E9B0-9F09-11D0-9484-00A0C91110ED}\Version | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\MiscStatus | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{BDD1F049-858B-11D1-B16A-00C0F0283628}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{BDD1F04E-858B-11D1-B16A-00C0F0283628}\TypeLib\Version = "2.1" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MSSTDFMT.StdDataFormats.1\CLSID | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99FF4676-FFC3-11D0-BD02-00C04FC2FB86}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{BDD1F049-858B-11D1-B16A-00C0F0283628}\TypeLib\ = "{831FDD16-0C5C-11D2-A9FC-0000F8754DA1}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{87DACC48-F1C5-4AF3-84BA-A2A72C2AB959}\Implemented Categories\{40FC6ED4-2438-11CF-A3DB-080036F12502} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{95F0B3BE-E8AC-4995-9DCA-419849E06410}\TypeLib | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MSComctlLib.Slider.2\CLSID\ = "{F08DF954-8592-11D1-B16A-00C0F0283628}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A0E7BF67-8D30-4620-8825-7111714C7CAB}\ToolboxBitmap32\ = "C:\\Windows\\SysWow64\\MSCOMCTL.OCX, 17" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C8A3DC00-8593-11D1-B16A-00C0F0283628}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DD9DA660-8594-11D1-B16A-00C0F0283628}\TypeLib | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{979127D3-7D01-4FDE-AF65-A698091468AF} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MSComctlLib.TabStrip.2 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{585AA280-ED8B-46B2-93AE-132ECFA1DAFC}\Version\ = "2.1" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2B11E9B0-9F09-11D0-9484-00A0C91110ED}\Version\ = "1.0" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{99FF4677-FFC3-11D0-BD02-00C04FC2FB86}\VersionIndependentProgID | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MSComctlLib.ImageListCtrl\CurVer | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C74190B4-8589-11D1-B16A-00C0F0283628}\ = "ITreeView" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DD9DA662-8594-11D1-B16A-00C0F0283628}\ = "IComboItems" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9181DC5F-E07D-418A-ACA6-8EEA1ECB8E9E}\ProgID | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A0E7BF67-8D30-4620-8825-7111714C7CAB}\ProgID\ = "MSComctlLib.ProgCtrl.2" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25 | C:\Users\Admin\Downloads\SpybotPortable\App\Spybot\SDWelcome.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 040000000100000010000000d474de575c39b2d39c8583c5c065498a0f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703086200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc30b00000001000000120000004400690067006900430065007200740000001d00000001000000100000008f76b981d528ad4770088245e2031b630300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25190000000100000010000000ba4f3972e7aed9dccdc210db59da13c92000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a | C:\Users\Admin\Downloads\SpybotPortable\App\Spybot\SDWelcome.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 5c000000010000000400000000080000190000000100000010000000ba4f3972e7aed9dccdc210db59da13c90300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc251d00000001000000100000008f76b981d528ad4770088245e2031b630b0000000100000012000000440069006700690043006500720074000000140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc36200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8040000000100000010000000d474de575c39b2d39c8583c5c065498a2000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a | C:\Users\Admin\Downloads\SpybotPortable\App\Spybot\SDWelcome.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\SpybotPortable_2.6.paf.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\netspeedmonitor_2_5_4_0_x64_setup.msi:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\ProgramData\TEMP:5C321E34 | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| File opened for modification | C:\ProgramData\TEMP:5C321E34 | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Let's Compress.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\HiJackThis.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\1111_with_WARP_V2024.12.760.0.msi:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\spywareblastersetup55.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\ProgramData\TEMP:5C321E34 | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
Scheduled Task/Job: Scheduled Task
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\SpybotPortable\App\Spybot\SDWelcome.exe | N/A |
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\Let's Compress.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\SpybotPortable_2.6.paf.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\SpybotPortable\App\Spybot\SDWelcome.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\HiJackThis.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\SpybotPortable\App\Spybot\SDScan.exe | N/A |
| N/A | N/A | C:\Windows\System32\msiexec.exe | N/A |
| N/A | N/A | C:\Windows\System32\msiexec.exe | N/A |
| N/A | N/A | C:\Windows\System32\msiexec.exe | N/A |
| N/A | N/A | C:\Windows\System32\msiexec.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-ACIQS.tmp\spywareblastersetup55.tmp | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\HiJackThis.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Volume Shadow Copy service COM API
Views/modifies file attributes
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SYSTEM32\attrib.exe | N/A |
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://example.com
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=30 --always-read-main-dll --field-trial-handle=5260,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=3776 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=29 --always-read-main-dll --field-trial-handle=3892,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=5128 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=31 --always-read-main-dll --field-trial-handle=5396,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=5608 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --string-annotations --always-read-main-dll --field-trial-handle=5636,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=5752 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --string-annotations --always-read-main-dll --field-trial-handle=5756,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=5780 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=34 --always-read-main-dll --field-trial-handle=6200,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=6184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=35 --always-read-main-dll --field-trial-handle=6172,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=1832 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --string-annotations --always-read-main-dll --field-trial-handle=6176,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=6148 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --string-annotations --always-read-main-dll --field-trial-handle=5900,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=5912 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=39 --always-read-main-dll --field-trial-handle=6564,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=5840 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=40 --always-read-main-dll --field-trial-handle=5792,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=6568 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=41 --always-read-main-dll --field-trial-handle=6732,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=6700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=42 --always-read-main-dll --field-trial-handle=6584,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=4360 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=6876,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=6756 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=6876,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=6756 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=44 --always-read-main-dll --field-trial-handle=6984,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=6748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=45 --always-read-main-dll --field-trial-handle=5364,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=6692 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=46 --always-read-main-dll --field-trial-handle=7120,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=47 --always-read-main-dll --field-trial-handle=7292,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=48 --always-read-main-dll --field-trial-handle=7344,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7376 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=49 --always-read-main-dll --field-trial-handle=7628,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=50 --always-read-main-dll --field-trial-handle=7184,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7916 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=51 --always-read-main-dll --field-trial-handle=8028,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=52 --always-read-main-dll --field-trial-handle=7256,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=53 --always-read-main-dll --field-trial-handle=7980,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=54 --always-read-main-dll --field-trial-handle=8072,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7972 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=55 --always-read-main-dll --field-trial-handle=8080,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7864 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=56 --always-read-main-dll --field-trial-handle=6260,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --string-annotations --always-read-main-dll --field-trial-handle=7232,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=4764 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=58 --always-read-main-dll --field-trial-handle=7952,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=6700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=7880,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=8816 /prefetch:14
C:\Users\Admin\Downloads\Let's Compress.exe
"C:\Users\Admin\Downloads\Let's Compress.exe"
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding F35CAF47A7A7BCB529E88669D6092D3A C
C:\Windows\SysWOW64\msiexec.exe
"C:\Windows\system32\msiexec.exe" /i "C:\Users\Admin\AppData\Roaming\Let's Compress\Let's Compress 1.4.0.0\install\E05A911\Let's Compress.msi" AI_SETUPEXEPATH="C:\Users\Admin\Downloads\Let's Compress.exe" SETUPEXEDIR=C:\Users\Admin\Downloads\ EXE_CMD_LINE="/exenoupdates /forcecleanup /wintime 1740092443 " AI_EUIMSI=""
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding FCFDA35932515D45A326950BBD967964
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe "C:\Windows\Installer\MSI9A8D.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_241015500 2 RequestSender!RequestSender.CustomActions.Start
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe "C:\Windows\Installer\MSI9D27.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_241016093 60 RequestSender!RequestSender.CustomActions.CreateScheduledTask
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe "C:\Windows\Installer\MSIAC1E.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_241019921 1939 RequestSender!RequestSender.CustomActions.Finish
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=60 --always-read-main-dll --field-trial-handle=8052,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7136 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=61 --always-read-main-dll --field-trial-handle=5584,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=62 --always-read-main-dll --field-trial-handle=7800,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=5596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=63 --always-read-main-dll --field-trial-handle=9160,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7588 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=64 --always-read-main-dll --field-trial-handle=9320,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=65 --always-read-main-dll --field-trial-handle=6692,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7956 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=66 --always-read-main-dll --field-trial-handle=7764,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7752 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=67 --always-read-main-dll --field-trial-handle=7152,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=9540 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --string-annotations --always-read-main-dll --field-trial-handle=5352,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=4644 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=6804,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=6820 /prefetch:14
C:\Users\Admin\Downloads\SpybotPortable_2.6.paf.exe
"C:\Users\Admin\Downloads\SpybotPortable_2.6.paf.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=70 --always-read-main-dll --field-trial-handle=4336,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=9544 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=71 --always-read-main-dll --field-trial-handle=9444,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7656 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=72 --always-read-main-dll --field-trial-handle=5588,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7996 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=73 --always-read-main-dll --field-trial-handle=6540,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=9512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=74 --always-read-main-dll --field-trial-handle=4356,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=9432 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=75 --always-read-main-dll --field-trial-handle=7960,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=9112 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=76 --always-read-main-dll --field-trial-handle=7144,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=8172 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=77 --always-read-main-dll --field-trial-handle=7760,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=8324 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=78 --always-read-main-dll --field-trial-handle=9452,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=9424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=79 --always-read-main-dll --field-trial-handle=9492,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=6912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=9412,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=9612 /prefetch:14
C:\Users\Admin\Downloads\SpybotPortable\SpybotPortable.exe
"C:\Users\Admin\Downloads\SpybotPortable\SpybotPortable.exe"
C:\Users\Admin\Downloads\SpybotPortable\App\Spybot\SDWelcome.exe
"C:\Users\Admin\Downloads\SpybotPortable\App\Spybot\SDWelcome.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=9292,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7976 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=9292,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7976 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=82 --always-read-main-dll --field-trial-handle=7300,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7940 /prefetch:1
C:\Users\Admin\Downloads\HiJackThis.exe
"C:\Users\Admin\Downloads\HiJackThis.exe"
C:\Windows\system32\bitsadmin.exe
"C:\Windows\SysNative\bitsadmin.exe" /list /allusers /verbose
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004E4 0x00000000000004E8
C:\Users\Admin\Downloads\SpybotPortable\App\Spybot\SDScan.exe
"C:\Users\Admin\Downloads\SpybotPortable\App\Spybot\SDScan.exe" /scan
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=83 --always-read-main-dll --field-trial-handle=6436,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=84 --always-read-main-dll --field-trial-handle=7236,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7376 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=86 --always-read-main-dll --field-trial-handle=9356,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=5596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=85 --always-read-main-dll --field-trial-handle=9364,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=8316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=87 --always-read-main-dll --field-trial-handle=6372,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=9360 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=88 --always-read-main-dll --field-trial-handle=6752,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=89 --always-read-main-dll --field-trial-handle=7964,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=6504 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=90 --always-read-main-dll --field-trial-handle=9272,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=8948 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=91 --always-read-main-dll --field-trial-handle=6796,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=2668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=92 --always-read-main-dll --field-trial-handle=9636,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=8880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=93 --always-read-main-dll --field-trial-handle=9312,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=4340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=94 --always-read-main-dll --field-trial-handle=9000,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=6844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=95 --always-read-main-dll --field-trial-handle=9680,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=8804 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=96 --always-read-main-dll --field-trial-handle=9784,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=9820 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=97 --always-read-main-dll --field-trial-handle=7636,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=4352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=98 --always-read-main-dll --field-trial-handle=8324,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=6124 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=99 --always-read-main-dll --field-trial-handle=8012,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=9340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=100 --always-read-main-dll --field-trial-handle=6356,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=9664 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=101 --always-read-main-dll --field-trial-handle=9832,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=9900 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=102 --always-read-main-dll --field-trial-handle=9884,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=6532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=10132,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=10136 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=104 --always-read-main-dll --field-trial-handle=7812,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=6816 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=7744,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=9624 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=106 --always-read-main-dll --field-trial-handle=9828,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=8008 /prefetch:1
C:\Windows\System32\msiexec.exe
"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\Downloads\1111_with_WARP_V2024.12.760.0.msi"
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\msiexec.exe
"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\Downloads\netspeedmonitor_2_5_4_0_x64_setup.msi"
C:\Windows\system32\srtasks.exe
C:\Windows\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:2
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 08B7EBD7AD205BD9150AA00A84289C03
C:\Windows\System32\MsiExec.exe
C:\Windows\System32\MsiExec.exe -Embedding BD2861D8A9B43343B6DB9370F3F96C48 E Global\MSI0000
C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Windows\Installer\MSI5BE1.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_241196046 1968 Warp.Installer.Actions!Warp.Installer.Actions.CustomActions.ReadCmdLineParams
C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Windows\Installer\MSI676B.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_241198953 1979 Warp.Installer.Actions!Warp.Installer.Actions.CustomActions.InstallService
C:\Windows\system32\sc.exe
"sc.exe" create CloudflareWARP binPath= "\"C:\Program Files\Cloudflare\Cloudflare WARP\warp-svc.exe"\" displayname= "Cloudflare WARP" start= "auto"
C:\Windows\system32\sc.exe
"sc.exe" config CloudflareWARP depend= "wlansvc"
C:\Windows\system32\sc.exe
"sc.exe" failure CloudflareWARP reset= 86400 actions= restart/0/restart/1000/restart/5000
C:\Windows\system32\sc.exe
"sc.exe" failureflag CloudflareWARP 1
C:\Windows\system32\sc.exe
"sc.exe" config CloudflareWARP start=AUTO
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding C09C9FE51AD7603B7E50AB4BEAAED142 E Global\MSI0000
C:\Program Files\Cloudflare\Cloudflare WARP\Cloudflare WARP.exe
"C:\Program Files\Cloudflare\Cloudflare WARP\Cloudflare WARP.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=107 --always-read-main-dll --field-trial-handle=6816,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=9664 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=108 --always-read-main-dll --field-trial-handle=9652,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=9304 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=109 --always-read-main-dll --field-trial-handle=9424,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=9964 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=110 --always-read-main-dll --field-trial-handle=9624,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=9688 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=111 --always-read-main-dll --field-trial-handle=10176,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=6588 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=112 --always-read-main-dll --field-trial-handle=8976,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=10164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=113 --always-read-main-dll --field-trial-handle=9844,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=8916 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=114 --always-read-main-dll --field-trial-handle=6812,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=10500 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=115 --always-read-main-dll --field-trial-handle=10224,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=9972 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=116 --always-read-main-dll --field-trial-handle=9504,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=6844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=117 --always-read-main-dll --field-trial-handle=9688,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=10644 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=118 --always-read-main-dll --field-trial-handle=9808,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=119 --always-read-main-dll --field-trial-handle=5348,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=10656 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=120 --always-read-main-dll --field-trial-handle=10160,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=9228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=121 --always-read-main-dll --field-trial-handle=9372,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=122 --always-read-main-dll --field-trial-handle=9336,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=8008 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=10392,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=10656 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=123 --always-read-main-dll --field-trial-handle=6756,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=5812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --string-annotations --always-read-main-dll --field-trial-handle=9800,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=10652 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=126 --always-read-main-dll --field-trial-handle=9892,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=9100 /prefetch:1
C:\Users\Admin\Downloads\spywareblastersetup55.exe
"C:\Users\Admin\Downloads\spywareblastersetup55.exe"
C:\Users\Admin\AppData\Local\Temp\is-ACIQS.tmp\spywareblastersetup55.tmp
"C:\Users\Admin\AppData\Local\Temp\is-ACIQS.tmp\spywareblastersetup55.tmp" /SL5="$9042C,4011576,54272,C:\Users\Admin\Downloads\spywareblastersetup55.exe"
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32.exe" /s "C:\Windows\system32\MSSTDFMT.DLL"
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32.exe" /s "C:\Windows\system32\MSCOMCTL.OCX"
C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe
"C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe" QUIETEXIT
C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe
"C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe" QUIETEXIT
C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe
"C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe" -AUCHECK
C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe
"C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe" -AUCHECK
C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe
"C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe"
C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe
"C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.spywareblaster.net/sb-link/autoupdate.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --edge-skip-compat-layer-relaunch --single-argument http://www.spywareblaster.net/sb-link/autoupdate.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=127 --always-read-main-dll --field-trial-handle=10788,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=9932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=128 --always-read-main-dll --field-trial-handle=9552,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7996 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=129 --always-read-main-dll --field-trial-handle=9156,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=6048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=130 --always-read-main-dll --field-trial-handle=7520,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=5328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=131 --always-read-main-dll --field-trial-handle=10940,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=6048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=132 --always-read-main-dll --field-trial-handle=10808,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=2632 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=133 --always-read-main-dll --field-trial-handle=7128,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=10448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=134 --always-read-main-dll --field-trial-handle=10052,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=10100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=9780,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=10876 /prefetch:14
C:\Users\Admin\Downloads\smadav2025rev1530.exe
"C:\Users\Admin\Downloads\smadav2025rev1530.exe"
C:\Users\Admin\AppData\Local\Temp\is-1GEGE.tmp\smadav2025rev1530.tmp
"C:\Users\Admin\AppData\Local\Temp\is-1GEGE.tmp\smadav2025rev1530.tmp" /SL5="$604A0,2397346,133120,C:\Users\Admin\Downloads\smadav2025rev1530.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --string-annotations --always-read-main-dll --field-trial-handle=6596,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=10812 /prefetch:14
C:\Windows\system32\regsvr32.exe
"C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\SMADAV\SmadExtMenu64.dll"
C:\Program Files (x86)\SMADAV\SMĪRTP.exe
"C:\Program Files (x86)\SMADAV\SMĪRTP.exe" rtc
C:\Windows\SysWOW64\schtasks.exe
"C:\Windows\system32\schtasks.exe" /create /tn "smadav" /xml "C:\Users\Admin\AppData\Roaming\Smadav\smadav.xml"
C:\Program Files (x86)\Smadav\SmadavProtect64.exe
"C:\Program Files (x86)\Smadav\SmadavProtect64.exe"
C:\Program Files (x86)\Smadav\SMĪRTP.exe
"C:\Program Files (x86)\Smadav\SMĪRTP.exe"
C:\Program Files (x86)\SMADAV\SMĪRTP.exe
"C:\Program Files (x86)\SMADAV\SMĪRTP.exe"
C:\Program Files (x86)\Smadav\SmadavHelper.exe
"C:\Program Files (x86)\Smadav\SmadavHelper.exe" "zZb1jxkjbLyptobLmmI.i.b4n.ptovbqxi'jYznpmkxjjbhmyaxex|"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=137 --always-read-main-dll --field-trial-handle=5912,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=10796 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=138 --always-read-main-dll --field-trial-handle=5868,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=5856 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=139 --always-read-main-dll --field-trial-handle=5876,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=9368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=140 --always-read-main-dll --field-trial-handle=5740,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=5856 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=141 --always-read-main-dll --field-trial-handle=7204,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=10732 /prefetch:1
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\Smadav\SmadExtc64.dll"
C:\Windows\system32\regsvr32.exe
/s "C:\Program Files (x86)\Smadav\SmadExtc64.dll"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=142 --always-read-main-dll --field-trial-handle=9972,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=10072,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=9408 /prefetch:14
C:\Windows\SysWOW64\schtasks.exe
"C:\Windows\system32\schtasks.exe" /create /tn "SmadavSecondaryUpdater" /xml "C:\Users\Admin\AppData\Roaming\Smadav\SmadavSecondaryUpdater.xml"
C:\Users\Admin\Downloads\USBLockit.exe
"C:\Users\Admin\Downloads\USBLockit.exe"
C:\Windows\SysWOW64\xcopy.exe
xcopy "C:\Users\Admin\Downloads\USBLockit.exe" C:\users\public\ /Y
C:\users\public\USBLockit.exe
"C:\users\public\USBLockit.exe" C:\Users\Admin\Downloads\USBLockit.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=144 --always-read-main-dll --field-trial-handle=5936,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=10776 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=145 --always-read-main-dll --field-trial-handle=10904,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=10888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=146 --always-read-main-dll --field-trial-handle=10400,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=4352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=9344,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=6364 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=9344,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=6364 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=148 --always-read-main-dll --field-trial-handle=10728,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=6384 /prefetch:1
C:\Users\Admin\Downloads\USBLockit.exe
"C:\Users\Admin\Downloads\USBLockit.exe"
C:\Windows\SysWOW64\xcopy.exe
xcopy "C:\Users\Admin\Downloads\USBLockit.exe" C:\users\public\ /Y
C:\users\public\USBLockit.exe
"C:\users\public\USBLockit.exe" C:\Users\Admin\Downloads\USBLockit.exe
C:\Users\Admin\Downloads\USBLockit.exe
"C:\Users\Admin\Downloads\USBLockit.exe"
C:\Windows\SysWOW64\xcopy.exe
xcopy "C:\Users\Admin\Downloads\USBLockit.exe" C:\users\public\ /Y
C:\users\public\USBLockit.exe
"C:\users\public\USBLockit.exe" C:\Users\Admin\Downloads\USBLockit.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=149 --always-read-main-dll --field-trial-handle=5944,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=10496 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=150 --always-read-main-dll --field-trial-handle=10284,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=8320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=151 --always-read-main-dll --field-trial-handle=5896,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=6108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=152 --always-read-main-dll --field-trial-handle=10760,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=10568 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=6212,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=8940 /prefetch:14
C:\Users\Admin\Downloads\mobiunlockforandroid_trial_Installer_20250223.807801.exe
"C:\Users\Admin\Downloads\mobiunlockforandroid_trial_Installer_20250223.807801.exe"
C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\EDownloader.exe
"C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\EDownloader.exe" EXEDIR=C:\Users\Admin\Downloads ||| EXENAME=mobiunlockforandroid_trial_Installer_20250223.807801.exe ||| DOWNLOAD_VERSION=trial ||| RELEASE_TIME=2023-01-10_10_39_20 ||| PRODUCT_VERSION=1.0.0 ||| INSTALL_TYPE=0
C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\aliyun\InfoForSetup.exe
/Uid "S-1-5-21-2287204051-441334380-1151193565-1000"
C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\aliyun\InfoForSetup.exe
/SendInfo Window "Home_Installer" Activity "Result_Download_Configurefile" Attribute "{\"CDN\":\"http://download.easeus.com/api/index.php/Home/product/config/\",\"Elapsed\":\"2\",\"Errorinfo\":\"0\",\"Result\":\"Success\"}"
C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\aliyun\InfoForSetup.exe
/SendInfo Window "Install" Activity "Info_Userinfo" Attribute "{\"Country\":\"United States\",\"Language\":\"English\",\"OS\":\"Microsoft Windows 10\",\"Timezone\":\"GMT-00:00\",\"UE\":\"on\",\"Version\":\"trial\",\"Version_Num\":\"1.0.0\"}"
C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\aliyun\InfoForSetup.exe
/SendInfo Window "Home_Installer" Activity "Info_Finish" Attribute "{\"Country\":\"United States\",\"Language\":\"English\",\"OS\":\"Microsoft Windows 10\",\"Releasetime\":\"2023-01-10_10_39_20\",\"Testid\":\"\",\"Timezone\":\"GMT-00:00\",\"Version\":\"trial\",\"Version_Num\":\"1.0.0\"}"
C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\aliyun\AliyunWrapExe.Exe
C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\aliyun\AliyunWrapExe.Exe
C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\aliyun\AliyunWrapExe.Exe
C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\aliyun\AliyunWrapExe.Exe
C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\aliyun\AliyunWrapExe.Exe
C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\aliyun\AliyunWrapExe.Exe
C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\aliyun\InfoForSetup.exe
/SendInfo Window "DownloadInstall_Page" Activity "Click_Installnow"
C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\aliyun\InfoForSetup.exe
/SendInfo Window "Home_Installer" Activity "Click_Install" Attribute "{\"Country\":\"United States\",\"Install_Path\":\"C:/Program Files (x86)/EaseUS/EaseUS MobiUnlockForAndroid\",\"Language\":\"English\",\"Os\":\"Microsoft Windows 10\",\"Pageid\":\"1-807801\",\"Releasetime\":\"2023-01-10_10_39_20\",\"Testid\":\"\",\"Timezone\":\"GMT-00:00\",\"Version\":\"trial\",\"Version_Num\":\"1.0.0\"}"
C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\aliyun\InfoForSetup.exe
/SendInfo Window "Home_Installer" Activity "Info_Start_Download_Program"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --instant-process --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=154 --always-read-main-dll --field-trial-handle=10432,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=10672 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --string-annotations --always-read-main-dll --field-trial-handle=10796,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=6776 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=157 --always-read-main-dll --field-trial-handle=9316,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=10840 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=158 --always-read-main-dll --field-trial-handle=9092,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=5724 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=159 --always-read-main-dll --field-trial-handle=7320,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7136 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=160 --always-read-main-dll --field-trial-handle=9820,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=161 --always-read-main-dll --field-trial-handle=11164,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=11208 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=162 --always-read-main-dll --field-trial-handle=9904,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=11260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=163 --always-read-main-dll --field-trial-handle=11156,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=11176 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=164 --always-read-main-dll --field-trial-handle=11128,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=6944 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=165 --always-read-main-dll --field-trial-handle=11140,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=9600 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=166 --always-read-main-dll --field-trial-handle=5620,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=11176 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=167 --always-read-main-dll --field-trial-handle=5860,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=5760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=168 --always-read-main-dll --field-trial-handle=4788,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=8916 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=169 --always-read-main-dll --field-trial-handle=5328,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=9548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=170 --always-read-main-dll --field-trial-handle=11404,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=9100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=171 --always-read-main-dll --field-trial-handle=8784,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=10960 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=172 --always-read-main-dll --field-trial-handle=10984,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=10712 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=10948,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=10932 /prefetch:14
C:\Users\Admin\Downloads\FKPackage.exe
"C:\Users\Admin\Downloads\FKPackage.exe"
C:\ProgramData\HeavenWard\FreeKey\instreg.exe
"C:\ProgramData\HeavenWard\FreeKey\instreg.exe" -i freekey
C:\ProgramData\HeavenWard\FreeKey\freekey.exe
"C:\ProgramData\HeavenWard\FreeKey\freekey.exe" -init
C:\Users\Admin\Downloads\mobiunlockforandroid_trial_Installer_20250223.807801.exe
"C:\Users\Admin\Downloads\mobiunlockforandroid_trial_Installer_20250223.807801.exe"
C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\EDownloader.exe
"C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\EDownloader.exe" EXEDIR=C:\Users\Admin\Downloads ||| EXENAME=mobiunlockforandroid_trial_Installer_20250223.807801.exe ||| DOWNLOAD_VERSION=trial ||| RELEASE_TIME=2023-01-10_10_39_20 ||| PRODUCT_VERSION=1.0.0 ||| INSTALL_TYPE=0
C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\aliyun\InfoForSetup.exe
/Uid "S-1-5-21-2287204051-441334380-1151193565-1000"
C:\Windows\SysWOW64\werfault.exe
werfault.exe /h /shared Global\8bd2405837e24f7495ab42b6a4230c38 /t 5788 /p 3076
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=174 --always-read-main-dll --field-trial-handle=10348,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=10780 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=175 --always-read-main-dll --field-trial-handle=11396,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=11088 /prefetch:1
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=176 --always-read-main-dll --field-trial-handle=11204,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=10968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=177 --always-read-main-dll --field-trial-handle=11560,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=10748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=178 --always-read-main-dll --field-trial-handle=10908,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=7100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.FileUtilService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=11168,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=11508 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=5676,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=11064 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=181 --always-read-main-dll --field-trial-handle=10736,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=10256 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\AppData\Local\Temp\Temp1_Malware-Database-main.zip\Malware-Database-main\PCToaster.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_Malware-Database-main.zip\Malware-Database-main\PCToaster.exe"
C:\Program Files\Java\jre-1.8\bin\javaw.exe
"C:\Program Files\Java\jre-1.8\bin\javaw.exe" -jar "C:\Users\Admin\AppData\Local\Temp\Temp1_Malware-Database-main.zip\Malware-Database-main\PCToaster.exe"
C:\Windows\SYSTEM32\attrib.exe
attrib +h C:\Users\Admin\AppData\Local\Temp\Temp1_Malware-Database-main.zip\Malware-Database-main\scr.txt
C:\Windows\SYSTEM32\diskpart.exe
diskpart /s C:\Users\Admin\AppData\Local\Temp\Temp1_Malware-Database-main.zip\Malware-Database-main\scr.txt
C:\Windows\System32\vdsldr.exe
C:\Windows\System32\vdsldr.exe -Embedding
C:\Windows\System32\vds.exe
C:\Windows\System32\vds.exe
C:\Windows\SYSTEM32\takeown.exe
takeown /f V:\Boot /r
C:\Windows\SYSTEM32\takeown.exe
takeown /f V:\Recovery /r
C:\Users\Admin\AppData\Local\Temp\Temp1_Malware-Database-main.zip\Malware-Database-main\TaskILL.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_Malware-Database-main.zip\Malware-Database-main\TaskILL.exe"
C:\Users\Admin\AppData\Local\Temp\Temp1_Malware-Database-main.zip\Malware-Database-main\PankozaDestructive 2.0.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_Malware-Database-main.zip\Malware-Database-main\PankozaDestructive 2.0.exe"
C:\Windows\system32\wscript.exe
"C:\Windows\sysnative\wscript.exe" C:\Users\Admin\AppData\Local\Temp\1C5F.tmp\1C60.tmp\1C61.vbs //Nologo
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\1C5F.tmp\z.cmd" "
C:\Windows\system32\msg.exe
msg * your pc was destroyed by PankozaDestructive 2.0
C:\Users\Admin\AppData\Local\Temp\1C5F.tmp\MBRTrash.exe
MBRTrash.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UCVTSRzzkAAtUZzX88xoMdhw
C:\Users\Admin\AppData\Local\Temp\1C5F.tmp\1.exe
1.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=182 --always-read-main-dll --field-trial-handle=9112,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=4348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=183 --always-read-main-dll --field-trial-handle=9264,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=6600 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\1C5F.tmp\2.exe
2.exe
C:\Users\Admin\AppData\Local\Temp\1C5F.tmp\3.exe
3.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=184 --always-read-main-dll --field-trial-handle=6228,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=4296 /prefetch:1
C:\Windows\system32\reg.exe
reg delete hkcr /f
C:\Windows\SYSTEM32\taskkill.exe
taskkill /im lsass.exe /f
C:\Windows\System32\PickerHost.exe
C:\Windows\System32\PickerHost.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=185 --always-read-main-dll --field-trial-handle=11516,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=8860 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=186 --always-read-main-dll --field-trial-handle=6092,i,12331736354284649584,1031380232325094842,262144 --variations-seed-version --mojo-platform-channel-handle=10700 /prefetch:1
C:\Windows\SYSTEM32\mountvol.exe
mountvol A: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol B: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol D: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol E: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol F: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol G: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol H: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol I: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol J: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol K: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol L: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol M: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol N: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol O: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol P: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol Q: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol R: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol S: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol T: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol U: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol V: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol W: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol X: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol Y: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol Z: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol C: /d
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | example.com | udp |
| US | 8.8.8.8:53 | example.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 96.7.128.175:80 | example.com | tcp |
| US | 8.8.8.8:53 | example.com | udp |
| IE | 94.245.104.56:443 | api.edgeoffer.microsoft.com | tcp |
| US | 96.7.128.175:80 | example.com | tcp |
| US | 8.8.8.8:53 | example.com | udp |
| US | 8.8.8.8:53 | example.com | udp |
| US | 8.8.8.8:53 | example.com | udp |
| US | 8.8.8.8:53 | copilot.microsoft.com | udp |
| US | 8.8.8.8:53 | copilot.microsoft.com | udp |
| US | 23.215.0.136:443 | example.com | tcp |
| GB | 92.123.128.185:443 | copilot.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 23.215.0.136:443 | example.com | tcp |
| US | 204.79.197.239:443 | tcp | |
| GB | 2.17.5.133:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 23.215.0.136:443 | example.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 51.140.242.104:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.242.104:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.242.104:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.242.104:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.242.104:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.242.104:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | edgecdn-embza6g8cacagcbn.z01.azurefd.net | udp |
| US | 8.8.8.8:53 | edgecdn-embza6g8cacagcbn.z01.azurefd.net | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 13.107.246.64:443 | edgecdn-embza6g8cacagcbn.z01.azurefd.net | tcp |
| US | 13.107.246.64:443 | edgecdn-embza6g8cacagcbn.z01.azurefd.net | tcp |
| US | 13.107.246.64:443 | edgecdn-embza6g8cacagcbn.z01.azurefd.net | tcp |
| US | 13.107.246.64:443 | edgecdn-embza6g8cacagcbn.z01.azurefd.net | tcp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 13.107.246.65:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 199.232.214.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 13.107.246.64:443 | edgeassetservice.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgeassetservice.azureedge.net | tcp |
| GB | 92.123.128.163:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| GB | 92.123.128.163:443 | www.bing.com | tcp |
| GB | 92.123.128.163:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 151.101.1.91:443 | download.cnet.com | tcp |
| US | 151.101.1.91:443 | download.cnet.com | tcp |
| US | 151.101.1.91:443 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.cnet.com | udp |
| US | 8.8.8.8:53 | www.cnet.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | assets.dwncdn.net | udp |
| US | 8.8.8.8:53 | assets.dwncdn.net | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 151.101.1.91:443 | assets.dwncdn.net | tcp |
| US | 8.8.8.8:53 | images.dwncdn.net | udp |
| US | 8.8.8.8:53 | images.dwncdn.net | udp |
| GB | 13.224.225.87:443 | c.amazon-adsystem.com | tcp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 151.101.129.91:443 | images.dwncdn.net | tcp |
| US | 151.101.129.91:443 | images.dwncdn.net | tcp |
| GB | 13.224.225.87:443 | c.amazon-adsystem.com | tcp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 151.101.129.91:443 | images.dwncdn.net | tcp |
| US | 151.101.1.91:443 | images.dwncdn.net | tcp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| GB | 142.250.180.14:443 | syndicatedsearch.goog | tcp |
| US | 104.22.74.216:443 | btloader.com | tcp |
| US | 151.101.129.91:443 | images.dwncdn.net | udp |
| US | 151.101.129.91:443 | images.dwncdn.net | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | push-sdk.com | udp |
| US | 8.8.8.8:53 | push-sdk.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| US | 104.22.74.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | ag.dns-finder.com | udp |
| US | 8.8.8.8:53 | ag.dns-finder.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | push-sdk.com | udp |
| US | 8.8.8.8:53 | push-sdk.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| DE | 157.90.33.121:443 | push-sdk.com | tcp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | ag.dns-finder.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | uidsync.net | udp |
| US | 8.8.8.8:53 | uidsync.net | udp |
| DE | 157.90.33.68:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| DE | 157.90.33.68:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | ag.dns-finder.com | udp |
| US | 8.8.8.8:53 | ag.dns-finder.com | udp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 104.22.21.109:443 | cdn.btmessage.com | tcp |
| US | 104.22.21.109:443 | cdn.btmessage.com | tcp |
| US | 8.8.8.8:53 | api.btmessage.com | udp |
| US | 8.8.8.8:53 | api.btmessage.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| GB | 51.140.242.104:443 | app-edge.smartscreen.microsoft.com | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 199.232.210.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 199.232.214.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| DE | 157.90.33.121:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | client.wns.windows.com | udp |
| GB | 20.90.153.243:443 | client.wns.windows.com | tcp |
| DE | 157.90.33.121:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | 168df0bea28471cdab5fa89a1f1e69d3.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 168df0bea28471cdab5fa89a1f1e69d3.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 168df0bea28471cdab5fa89a1f1e69d3.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 216.58.201.98:443 | ep1.adtrafficquality.google | udp |
| GB | 142.250.180.1:443 | 168df0bea28471cdab5fa89a1f1e69d3.safeframe.googlesyndication.com | udp |
| GB | 142.250.180.1:443 | 168df0bea28471cdab5fa89a1f1e69d3.safeframe.googlesyndication.com | udp |
| US | 13.107.246.65:443 | www.clarity.ms | tcp |
| GB | 18.165.242.125:443 | sb.scorecardresearch.com | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 142.250.187.193:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| GB | 142.250.187.193:443 | ep2.adtrafficquality.google | tcp |
| N/A | 127.0.0.1:443 | tcp | |
| N/A | 127.0.0.1:443 | tcp | |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| GB | 142.250.187.193:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 150.171.28.10:443 | c.bing.com | tcp |
| US | 8.8.8.8:53 | o.clarity.ms | udp |
| US | 8.8.8.8:53 | o.clarity.ms | udp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 8.8.8.8:53 | 168df0bea28471cdab5fa89a1f1e69d3.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 168df0bea28471cdab5fa89a1f1e69d3.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 199.232.210.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| GB | 216.58.201.98:443 | ep1.adtrafficquality.google | udp |
| US | 151.101.1.91:443 | download.cnet.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | udp |
| DE | 157.90.33.121:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | 4cedb5e9183663cf0a87e16a98aa97c3.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 4cedb5e9183663cf0a87e16a98aa97c3.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 4cedb5e9183663cf0a87e16a98aa97c3.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.178.1:443 | 4cedb5e9183663cf0a87e16a98aa97c3.safeframe.googlesyndication.com | udp |
| GB | 142.250.178.1:443 | 4cedb5e9183663cf0a87e16a98aa97c3.safeframe.googlesyndication.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | udp |
| DE | 157.90.33.121:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| DE | 157.90.33.121:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | di-images.sftcdn.net | udp |
| US | 8.8.8.8:53 | di-images.sftcdn.net | udp |
| US | 151.101.65.91:443 | di-images.sftcdn.net | tcp |
| US | 151.101.65.91:443 | di-images.sftcdn.net | tcp |
| DE | 157.90.33.68:443 | uidsync.net | tcp |
| DE | 157.90.33.68:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| GB | 142.250.180.14:443 | syndicatedsearch.goog | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | 3d848f64617e21f12d99f5c5df2a8cd4.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 3d848f64617e21f12d99f5c5df2a8cd4.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 3d848f64617e21f12d99f5c5df2a8cd4.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | partner.googleadservices.com | udp |
| US | 8.8.8.8:53 | partner.googleadservices.com | udp |
| GB | 142.250.180.14:443 | syndicatedsearch.goog | udp |
| GB | 142.250.200.2:443 | partner.googleadservices.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | udp |
| DE | 157.90.33.121:443 | uidsync.net | tcp |
| US | 151.101.65.91:443 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.letscompress.online | udp |
| US | 8.8.8.8:53 | download.letscompress.online | udp |
| US | 8.8.8.8:53 | download.letscompress.online | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 143.244.38.136:443 | download.letscompress.online | tcp |
| GB | 143.244.38.136:443 | download.letscompress.online | tcp |
| US | 8.8.8.8:53 | download.get-lets-compress.com | udp |
| US | 8.8.8.8:53 | download.get-lets-compress.com | udp |
| US | 8.8.8.8:53 | download.get-lets-compress.com | udp |
| US | 8.8.8.8:53 | download.get-lets-compress.com | udp |
| GB | 79.127.237.132:443 | download.get-lets-compress.com | tcp |
| US | 8.8.8.8:53 | dl-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | dl-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | app-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | app-edge.smartscreen.microsoft.com | udp |
| GB | 172.165.61.93:443 | app-edge.smartscreen.microsoft.com | tcp |
| GB | 143.244.38.136:443 | download.get-lets-compress.com | tcp |
| GB | 143.244.38.136:443 | download.get-lets-compress.com | tcp |
| GB | 2.23.210.82:80 | r10.o.lencr.org | tcp |
| GB | 143.244.38.136:443 | download.get-lets-compress.com | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 50ad1e49a732d332cb4e99f0a26f3751.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 50ad1e49a732d332cb4e99f0a26f3751.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 50ad1e49a732d332cb4e99f0a26f3751.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 216.58.201.97:443 | 50ad1e49a732d332cb4e99f0a26f3751.safeframe.googlesyndication.com | udp |
| GB | 216.58.201.97:443 | 50ad1e49a732d332cb4e99f0a26f3751.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| DE | 157.90.33.121:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | b32387409cad027693f2d45baaec1c07.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | b32387409cad027693f2d45baaec1c07.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | b32387409cad027693f2d45baaec1c07.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 216.58.204.65:443 | b32387409cad027693f2d45baaec1c07.safeframe.googlesyndication.com | udp |
| GB | 216.58.204.65:443 | b32387409cad027693f2d45baaec1c07.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| GB | 216.58.201.97:443 | cdn.ampproject.org | tcp |
| GB | 216.58.201.97:443 | cdn.ampproject.org | tcp |
| GB | 216.58.201.97:443 | cdn.ampproject.org | tcp |
| GB | 216.58.201.97:443 | cdn.ampproject.org | tcp |
| GB | 216.58.201.97:443 | cdn.ampproject.org | tcp |
| GB | 216.58.204.65:443 | b32387409cad027693f2d45baaec1c07.safeframe.googlesyndication.com | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| DE | 157.90.33.121:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | prod.downloadnow.com | udp |
| US | 8.8.8.8:53 | prod.downloadnow.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 151.101.65.91:443 | download.cnet.com | tcp |
| US | 8.8.8.8:53 | prod.downloadnow.com | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | o.clarity.ms | udp |
| US | 8.8.8.8:53 | o.clarity.ms | udp |
| GB | 92.123.128.161:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | sub.pretty-fly4.com | udp |
| US | 8.8.8.8:53 | sub.pretty-fly4.com | udp |
| DE | 157.90.33.122:443 | sub.pretty-fly4.com | tcp |
| DE | 157.90.33.122:443 | sub.pretty-fly4.com | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | assets.dwncdn.net | udp |
| US | 8.8.8.8:53 | assets.dwncdn.net | udp |
| US | 104.22.21.109:443 | cdn.btmessage.com | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | images.dwncdn.net | udp |
| US | 8.8.8.8:53 | images.dwncdn.net | udp |
| GB | 13.224.225.87:443 | c.amazon-adsystem.com | tcp |
| GB | 13.224.225.87:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| GB | 142.250.180.14:443 | syndicatedsearch.goog | tcp |
| US | 8.8.8.8:53 | push-sdk.com | udp |
| US | 8.8.8.8:53 | push-sdk.com | udp |
| DE | 157.90.33.122:443 | push-sdk.com | tcp |
| GB | 142.250.180.14:443 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | d432bd29e40c1e0edd94e16a7aa0d265.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | d432bd29e40c1e0edd94e16a7aa0d265.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | d432bd29e40c1e0edd94e16a7aa0d265.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.180.1:443 | d432bd29e40c1e0edd94e16a7aa0d265.safeframe.googlesyndication.com | udp |
| GB | 142.250.180.1:443 | d432bd29e40c1e0edd94e16a7aa0d265.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| DE | 157.90.33.68:443 | push-sdk.com | tcp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| DE | 157.90.33.68:443 | push-sdk.com | tcp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| DE | 157.90.33.122:443 | push-sdk.com | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | f3f70b37379a64aedb176e91faa1e3f0.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | f3f70b37379a64aedb176e91faa1e3f0.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | f3f70b37379a64aedb176e91faa1e3f0.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.179.225:443 | f3f70b37379a64aedb176e91faa1e3f0.safeframe.googlesyndication.com | udp |
| GB | 142.250.179.225:443 | f3f70b37379a64aedb176e91faa1e3f0.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 151.101.129.91:443 | download.cnet.com | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| DE | 157.90.33.122:443 | push-sdk.com | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | 41dd5abb794314f0a5664dc2a006c151.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 41dd5abb794314f0a5664dc2a006c151.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 41dd5abb794314f0a5664dc2a006c151.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| DE | 157.90.33.122:443 | push-sdk.com | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | prod.downloadnow.com | udp |
| US | 8.8.8.8:53 | prod.downloadnow.com | udp |
| N/A | 127.0.0.1:21322 | tcp | |
| US | 199.232.214.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 199.232.214.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| N/A | 127.0.0.1:21322 | tcp | |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| N/A | 127.0.0.1:21322 | tcp | |
| N/A | 127.0.0.1:21322 | tcp | |
| GB | 92.123.128.136:443 | www.bing.com | udp |
| N/A | 127.0.0.1:21322 | tcp | |
| US | 8.8.8.8:53 | o.clarity.ms | udp |
| US | 8.8.8.8:53 | o.clarity.ms | udp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | udp |
| N/A | 127.0.0.1:21322 | tcp | |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 151.101.65.91:443 | download.cnet.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 104.22.21.109:443 | cdn.btmessage.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | assets.dwncdn.net | udp |
| US | 8.8.8.8:53 | assets.dwncdn.net | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| US | 151.101.129.91:443 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | images.dwncdn.net | udp |
| US | 8.8.8.8:53 | images.dwncdn.net | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 13.224.225.87:443 | c.amazon-adsystem.com | tcp |
| GB | 13.224.225.87:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 151.101.193.91:443 | images.dwncdn.net | udp |
| GB | 142.250.180.14:443 | syndicatedsearch.goog | tcp |
| DE | 157.90.33.122:443 | push-sdk.com | tcp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| GB | 142.250.180.14:443 | syndicatedsearch.goog | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 093e87e7e336e293a0915f7354f1aee2.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 093e87e7e336e293a0915f7354f1aee2.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 093e87e7e336e293a0915f7354f1aee2.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.187.225:443 | 093e87e7e336e293a0915f7354f1aee2.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 142.250.187.225:443 | 093e87e7e336e293a0915f7354f1aee2.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | ag.dns-finder.com | udp |
| US | 8.8.8.8:53 | ag.dns-finder.com | udp |
| DE | 157.90.33.68:443 | push-sdk.com | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| DE | 157.90.33.68:443 | push-sdk.com | tcp |
| GB | 216.58.201.98:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| GB | 142.250.187.193:443 | ep2.adtrafficquality.google | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| DE | 157.90.33.122:443 | push-sdk.com | tcp |
| GB | 216.58.201.98:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | cdn.mediago.io | udp |
| US | 8.8.8.8:53 | trace-eu.mediago.io | udp |
| US | 8.8.8.8:53 | trace-eu.mediago.io | udp |
| US | 8.8.8.8:53 | images.mediago.io | udp |
| US | 8.8.8.8:53 | images.mediago.io | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | udp |
| US | 34.111.60.239:443 | images.mediago.io | tcp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | tcp |
| US | 8.8.8.8:53 | cdn.mediago.io | udp |
| GB | 52.84.90.15:443 | cdn.mediago.io | tcp |
| GB | 52.84.90.15:443 | cdn.mediago.io | tcp |
| US | 8.8.8.8:53 | cdn.mediago.io | udp |
| US | 8.8.8.8:53 | 093e87e7e336e293a0915f7354f1aee2.safeframe.googlesyndication.com | udp |
| GB | 52.84.90.15:443 | cdn.mediago.io | tcp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | udp |
| US | 8.8.8.8:53 | gtrace.mediago.io | udp |
| US | 8.8.8.8:53 | gtrace.mediago.io | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.180.14:443 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | d9a6944cafee7d9ce3f258b49b37fa48.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | d9a6944cafee7d9ce3f258b49b37fa48.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | d9a6944cafee7d9ce3f258b49b37fa48.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 172.217.16.225:443 | d9a6944cafee7d9ce3f258b49b37fa48.safeframe.googlesyndication.com | udp |
| GB | 172.217.16.225:443 | d9a6944cafee7d9ce3f258b49b37fa48.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| N/A | 127.0.0.1:21322 | tcp | |
| DE | 157.90.33.122:443 | push-sdk.com | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | 83d95b310636698a790566b0057b4532.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 83d95b310636698a790566b0057b4532.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 83d95b310636698a790566b0057b4532.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.200.33:443 | 83d95b310636698a790566b0057b4532.safeframe.googlesyndication.com | udp |
| GB | 142.250.200.33:443 | 83d95b310636698a790566b0057b4532.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| DE | 157.90.33.122:443 | push-sdk.com | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | prod.downloadnow.com | udp |
| US | 8.8.8.8:53 | prod.downloadnow.com | udp |
| US | 8.8.8.8:53 | prod.downloadnow.com | udp |
| US | 8.8.8.8:53 | dl-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | dl-edge.smartscreen.microsoft.com | udp |
| N/A | 127.0.0.1:21322 | tcp | |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| DE | 157.90.33.122:443 | push-sdk.com | tcp |
| DE | 157.90.33.68:443 | push-sdk.com | tcp |
| DE | 157.90.33.68:443 | push-sdk.com | tcp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | 7b60494ceee5961a9b4430b596b3b37c.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 7b60494ceee5961a9b4430b596b3b37c.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 7b60494ceee5961a9b4430b596b3b37c.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 216.58.201.97:443 | 7b60494ceee5961a9b4430b596b3b37c.safeframe.googlesyndication.com | udp |
| GB | 216.58.201.97:443 | 7b60494ceee5961a9b4430b596b3b37c.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| DE | 157.90.33.122:443 | push-sdk.com | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | acd0b635ff51d1d757de12db532855be.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | acd0b635ff51d1d757de12db532855be.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | acd0b635ff51d1d757de12db532855be.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | 4f1102a07efb73da124071bd2cbd5401.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 4f1102a07efb73da124071bd2cbd5401.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 4f1102a07efb73da124071bd2cbd5401.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 172.217.169.65:443 | 4f1102a07efb73da124071bd2cbd5401.safeframe.googlesyndication.com | udp |
| GB | 172.217.169.65:443 | 4f1102a07efb73da124071bd2cbd5401.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 151.101.129.91:443 | download.cnet.com | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | b2d0f3c923d8f7e201146c8a9f1ceda8.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | b2d0f3c923d8f7e201146c8a9f1ceda8.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | b2d0f3c923d8f7e201146c8a9f1ceda8.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| DE | 157.90.33.122:443 | push-sdk.com | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | app-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | app-edge.smartscreen.microsoft.com | udp |
| DE | 157.90.33.68:443 | push-sdk.com | tcp |
| DE | 157.90.33.68:443 | push-sdk.com | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| DE | 157.90.33.122:443 | push-sdk.com | tcp |
| GB | 92.123.128.157:443 | www.bing.com | udp |
| N/A | 127.0.0.1:21322 | tcp | |
| US | 199.232.214.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | o.clarity.ms | udp |
| US | 8.8.8.8:53 | o.clarity.ms | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| FR | 95.100.133.91:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 4f1102a07efb73da124071bd2cbd5401.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 172.217.169.65:443 | 4f1102a07efb73da124071bd2cbd5401.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | adsdk.microsoft.com | udp |
| US | 8.8.8.8:53 | adsdk.microsoft.com | udp |
| US | 8.8.8.8:53 | cdn.adnxs.com | udp |
| US | 8.8.8.8:53 | cdn.adnxs.com | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| US | 8.8.8.8:53 | adsdk.microsoft.com | udp |
| US | 8.8.8.8:53 | adsdk.microsoft.com | udp |
| US | 8.8.8.8:53 | cdn.adnxs.com | udp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| NL | 185.89.210.82:443 | ams3-ib.adnxs.com | tcp |
| US | 13.107.246.65:443 | adsdk.microsoft.com | tcp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 151.101.193.108:443 | cdn.adnxs.com | tcp |
| US | 151.101.193.108:443 | cdn.adnxs.com | tcp |
| US | 8.8.8.8:53 | cdn.adnxs-simple.com | udp |
| US | 8.8.8.8:53 | cdn.adnxs-simple.com | udp |
| US | 8.8.8.8:53 | cdn.adnxs-simple.com | udp |
| US | 8.8.8.8:53 | cdn.adnxs-simple.com | udp |
| US | 151.101.65.108:443 | cdn.adnxs-simple.com | tcp |
| GB | 92.123.128.180:443 | www.bing.com | tcp |
| GB | 92.123.128.180:443 | www.bing.com | tcp |
| GB | 92.123.128.180:443 | www.bing.com | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 104.22.21.109:443 | cdn.btmessage.com | tcp |
| US | 8.8.8.8:53 | assets.dwncdn.net | udp |
| US | 8.8.8.8:53 | assets.dwncdn.net | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 151.101.129.91:443 | assets.dwncdn.net | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| US | 151.101.65.91:443 | assets.dwncdn.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | images.dwncdn.net | udp |
| US | 8.8.8.8:53 | images.dwncdn.net | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 151.101.65.91:443 | images.dwncdn.net | udp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| GB | 142.250.180.14:443 | syndicatedsearch.goog | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | 6a48a425d6564bec1ad6d3384113becf.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 6a48a425d6564bec1ad6d3384113becf.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 6a48a425d6564bec1ad6d3384113becf.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 142.250.200.1:443 | 6a48a425d6564bec1ad6d3384113becf.safeframe.googlesyndication.com | udp |
| GB | 142.250.200.1:443 | 6a48a425d6564bec1ad6d3384113becf.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.200.1:443 | 6a48a425d6564bec1ad6d3384113becf.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| GB | 142.250.180.14:443 | syndicatedsearch.goog | udp |
| GB | 142.250.200.1:443 | 6a48a425d6564bec1ad6d3384113becf.safeframe.googlesyndication.com | tcp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 216.58.201.98:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| GB | 142.250.187.193:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | push-sdk.com | udp |
| US | 8.8.8.8:53 | push-sdk.com | udp |
| GB | 216.58.201.98:443 | ep1.adtrafficquality.google | udp |
| DE | 178.63.248.57:443 | push-sdk.com | tcp |
| GB | 92.123.128.157:443 | www.bing.com | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.180.14:443 | syndicatedsearch.goog | udp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| DE | 178.63.248.57:443 | push-sdk.com | tcp |
| GB | 142.250.180.14:443 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | 9c33084b4576ba9404bea98a855850a5.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 9c33084b4576ba9404bea98a855850a5.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | uidsync.net | udp |
| US | 8.8.8.8:53 | uidsync.net | udp |
| DE | 178.63.248.57:443 | uidsync.net | tcp |
| DE | 178.63.248.57:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| DE | 178.63.248.57:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | c8bc2afd22728d5d56480937efdf55a1.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | c8bc2afd22728d5d56480937efdf55a1.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | c8bc2afd22728d5d56480937efdf55a1.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.178.1:443 | c8bc2afd22728d5d56480937efdf55a1.safeframe.googlesyndication.com | udp |
| GB | 142.250.178.1:443 | c8bc2afd22728d5d56480937efdf55a1.safeframe.googlesyndication.com | udp |
| DE | 178.63.248.57:443 | uidsync.net | tcp |
| DE | 178.63.248.57:443 | uidsync.net | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 151.101.65.91:443 | download.cnet.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 1f5e935c31a8d0849c93eab8ce9c0d7b.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 1f5e935c31a8d0849c93eab8ce9c0d7b.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 1f5e935c31a8d0849c93eab8ce9c0d7b.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.200.33:443 | 1f5e935c31a8d0849c93eab8ce9c0d7b.safeframe.googlesyndication.com | udp |
| GB | 142.250.200.33:443 | 1f5e935c31a8d0849c93eab8ce9c0d7b.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| DE | 178.63.248.57:443 | uidsync.net | tcp |
| DE | 178.63.248.57:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | o.clarity.ms | udp |
| US | 8.8.8.8:53 | o.clarity.ms | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| DE | 178.63.248.57:443 | uidsync.net | tcp |
| US | 104.22.21.109:443 | cdn.btmessage.com | tcp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | a27b7744c9434e7185bdac19bc7394be.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | a27b7744c9434e7185bdac19bc7394be.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | a27b7744c9434e7185bdac19bc7394be.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.179.225:443 | a27b7744c9434e7185bdac19bc7394be.safeframe.googlesyndication.com | udp |
| GB | 142.250.179.225:443 | a27b7744c9434e7185bdac19bc7394be.safeframe.googlesyndication.com | udp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 18.154.84.63:443 | sb.scorecardresearch.com | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| DE | 178.63.248.57:443 | uidsync.net | tcp |
| DE | 178.63.248.57:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| DE | 178.63.248.57:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | 66da87ca360f1410b8d54160055d458a.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 66da87ca360f1410b8d54160055d458a.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 66da87ca360f1410b8d54160055d458a.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.200.1:443 | 66da87ca360f1410b8d54160055d458a.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | udp |
| DE | 178.63.248.57:443 | uidsync.net | tcp |
| DE | 178.63.248.57:443 | uidsync.net | tcp |
| DE | 178.63.248.57:443 | uidsync.net | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| DE | 178.63.248.57:443 | uidsync.net | tcp |
| GB | 18.154.84.63:443 | sb.scorecardresearch.com | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| DE | 178.63.248.57:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 104.22.21.109:443 | cdn.btmessage.com | tcp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| GB | 142.250.180.14:443 | syndicatedsearch.goog | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | 3d06e4cb9804a2a9a7b2a1b3f0f9f6cb.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 3d06e4cb9804a2a9a7b2a1b3f0f9f6cb.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 3d06e4cb9804a2a9a7b2a1b3f0f9f6cb.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.187.225:443 | 3d06e4cb9804a2a9a7b2a1b3f0f9f6cb.safeframe.googlesyndication.com | udp |
| GB | 142.250.187.225:443 | 3d06e4cb9804a2a9a7b2a1b3f0f9f6cb.safeframe.googlesyndication.com | udp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| DE | 178.63.248.57:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 104.22.21.109:443 | cdn.btmessage.com | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| SE | 142.250.74.163:443 | csi.gstatic.com | tcp |
| SE | 142.250.74.163:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | prod.downloadnow.com | udp |
| US | 8.8.8.8:53 | prod.downloadnow.com | udp |
| US | 8.8.8.8:53 | prod.downloadnow.com | udp |
| US | 151.101.1.91:443 | prod.downloadnow.com | tcp |
| US | 8.8.8.8:53 | dl-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | dl-edge.smartscreen.microsoft.com | udp |
| US | 151.101.130.133:80 | crl.globalsign.net | tcp |
| US | 8.8.8.8:53 | app-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | app-edge.smartscreen.microsoft.com | udp |
| GB | 51.140.242.104:443 | app-edge.smartscreen.microsoft.com | tcp |
| DE | 178.63.248.57:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| DE | 178.63.248.57:443 | uidsync.net | tcp |
| US | 199.232.214.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| GB | 92.123.128.190:443 | www.bing.com | udp |
| SE | 142.250.74.163:443 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 199.232.214.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 8.8.8.8:53 | www.spywareblaster.net | udp |
| US | 8.8.8.8:53 | www.spywareblaster.net | udp |
| US | 8.8.8.8:53 | www.spywareblaster.net | udp |
| US | 8.8.8.8:53 | www.spywareblaster.net | udp |
| US | 8.8.8.8:53 | www.spywareblaster.net | udp |
| US | 8.8.8.8:53 | www.spywareblaster.net | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 67.225.152.20:80 | www.spywareblaster.net | tcp |
| US | 67.225.152.20:80 | www.spywareblaster.net | tcp |
| GB | 51.140.244.186:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 67.225.152.20:443 | www.spywareblaster.net | tcp |
| US | 8.8.8.8:53 | www.brightfort.com | udp |
| US | 8.8.8.8:53 | www.brightfort.com | udp |
| US | 8.8.8.8:53 | www.brightfort.com | udp |
| US | 67.225.152.22:443 | www.brightfort.com | tcp |
| US | 8.8.8.8:53 | o.clarity.ms | udp |
| US | 8.8.8.8:53 | o.clarity.ms | udp |
| US | 8.8.8.8:53 | www.spywareblaster.net | udp |
| US | 8.8.8.8:53 | www.spywareblaster.net | udp |
| US | 67.225.152.22:443 | www.brightfort.com | tcp |
| US | 67.225.152.20:443 | www.spywareblaster.net | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 67.225.152.22:443 | www.brightfort.com | tcp |
| US | 8.8.8.8:53 | www.brightfort.com | udp |
| US | 8.8.8.8:53 | www.brightfort.com | udp |
| US | 67.225.152.22:443 | www.brightfort.com | tcp |
| US | 67.225.152.20:443 | www.spywareblaster.net | tcp |
| GB | 51.140.244.186:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 67.225.152.22:443 | www.brightfort.com | tcp |
| US | 67.225.152.22:443 | www.brightfort.com | tcp |
| US | 67.225.152.22:443 | www.brightfort.com | tcp |
| US | 67.225.152.22:443 | www.brightfort.com | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | assets.dwncdn.net | udp |
| US | 8.8.8.8:53 | assets.dwncdn.net | udp |
| US | 151.101.65.91:443 | assets.dwncdn.net | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 151.101.65.91:443 | assets.dwncdn.net | udp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.178.1:443 | c8bc2afd22728d5d56480937efdf55a1.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | c8bc2afd22728d5d56480937efdf55a1.safeframe.googlesyndication.com | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| NL | 35.214.168.80:443 | gtrace.mediago.io | tcp |
| US | 8.8.8.8:53 | cdn.mediago.io | udp |
| US | 8.8.8.8:53 | cdn.mediago.io | udp |
| US | 8.8.8.8:53 | cdn.mediago.io | udp |
| US | 8.8.8.8:53 | c8bc2afd22728d5d56480937efdf55a1.safeframe.googlesyndication.com | udp |
| NL | 18.239.83.38:443 | cdn.mediago.io | tcp |
| US | 8.8.8.8:53 | gtrace.mediago.io | udp |
| US | 8.8.8.8:53 | gtrace.mediago.io | udp |
| NL | 35.214.168.80:443 | gtrace.mediago.io | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | images.dwncdn.net | udp |
| US | 8.8.8.8:53 | images.dwncdn.net | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| US | 151.101.65.91:443 | images.dwncdn.net | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| GB | 142.250.180.14:443 | syndicatedsearch.goog | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | 585c3575cc3bcf59e9d925cb9a84dc51.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.200.1:443 | 585c3575cc3bcf59e9d925cb9a84dc51.safeframe.googlesyndication.com | udp |
| GB | 142.250.200.1:443 | 585c3575cc3bcf59e9d925cb9a84dc51.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| NL | 18.65.39.70:443 | sb.scorecardresearch.com | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | api.btmessage.com | udp |
| US | 8.8.8.8:53 | api.btmessage.com | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 172.67.20.127:443 | cdn.btmessage.com | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| GB | 142.250.187.193:443 | ep2.adtrafficquality.google | udp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| DE | 178.63.248.57:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | www.smadav.net | udp |
| US | 8.8.8.8:53 | www.smadav.net | udp |
| US | 8.8.8.8:53 | www.smadav.net | udp |
| CA | 51.79.72.148:443 | www.smadav.net | tcp |
| GB | 51.140.244.186:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | 920178b3d171eee646e2ba3afc78a7fa.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 920178b3d171eee646e2ba3afc78a7fa.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 920178b3d171eee646e2ba3afc78a7fa.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| GB | 142.250.179.225:443 | 920178b3d171eee646e2ba3afc78a7fa.safeframe.googlesyndication.com | udp |
| GB | 142.250.179.225:443 | 920178b3d171eee646e2ba3afc78a7fa.safeframe.googlesyndication.com | udp |
| NL | 18.65.39.70:443 | sb.scorecardresearch.com | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 172.67.20.127:443 | cdn.btmessage.com | tcp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | smadav.net | udp |
| US | 8.8.8.8:53 | smadav.net | udp |
| CA | 51.79.72.148:443 | smadav.net | tcp |
| CA | 51.79.72.148:443 | smadav.net | tcp |
| CA | 51.79.72.148:443 | smadav.net | tcp |
| CA | 51.79.72.148:443 | smadav.net | tcp |
| CA | 51.79.72.148:443 | smadav.net | tcp |
| CA | 51.79.72.148:443 | smadav.net | tcp |
| CA | 51.79.72.148:443 | smadav.net | tcp |
| CA | 51.79.72.148:443 | smadav.net | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | smadav.net | udp |
| US | 8.8.8.8:53 | www.smadav.net | udp |
| US | 8.8.8.8:53 | smadsoft.com | udp |
| US | 8.8.8.8:53 | smadsoft.com | udp |
| US | 8.8.8.8:53 | smadsoft.com | udp |
| CA | 51.222.109.195:443 | smadsoft.com | tcp |
| US | 8.8.8.8:53 | dl-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | dl-edge.smartscreen.microsoft.com | udp |
| GB | 172.165.61.93:443 | dl-edge.smartscreen.microsoft.com | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 8.8.8.8:53 | app-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | app-edge.smartscreen.microsoft.com | udp |
| GB | 172.165.69.228:443 | app-edge.smartscreen.microsoft.com | tcp |
| N/A | 127.0.0.1:21322 | tcp | |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 13.107.21.239:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 13.107.246.64:443 | edgeassetservice.azureedge.net | tcp |
| GB | 92.123.128.188:443 | www.bing.com | udp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 216.58.213.2:443 | googleads.g.doubleclick.net | udp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| CA | 51.222.109.195:80 | konfirmasi.com | tcp |
| CA | 51.79.72.148:80 | dwres.com | tcp |
| US | 8.8.8.8:53 | www.konfirmasi.com | udp |
| CA | 51.222.109.195:80 | www.konfirmasi.com | tcp |
| CA | 51.79.72.148:80 | dwres.com | tcp |
| US | 8.8.8.8:53 | o.clarity.ms | udp |
| US | 8.8.8.8:53 | o.clarity.ms | udp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 8.8.8.8:53 | memberikan.com | udp |
| CA | 51.79.72.148:80 | memberikan.com | tcp |
| CA | 51.79.72.148:80 | memberikan.com | tcp |
| US | 8.8.8.8:53 | smadsoft.com | udp |
| CA | 51.222.109.195:21 | smadsoft.com | tcp |
| CA | 51.222.109.195:12067 | smadsoft.com | tcp |
| CA | 51.79.72.148:80 | memberikan.com | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 151.101.65.91:443 | download.cnet.com | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.180.14:443 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 51.140.244.186:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.244.186:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| GB | 142.250.180.14:443 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | images.dwncdn.net | udp |
| US | 8.8.8.8:53 | images.dwncdn.net | udp |
| US | 151.101.193.91:443 | images.dwncdn.net | udp |
| US | 8.8.8.8:53 | assets.dwncdn.net | udp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| US | 151.101.65.91:443 | images.dwncdn.net | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | 414245e2c8570a3e8d78e30fd9ba9f68.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 414245e2c8570a3e8d78e30fd9ba9f68.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 414245e2c8570a3e8d78e30fd9ba9f68.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.180.1:443 | 414245e2c8570a3e8d78e30fd9ba9f68.safeframe.googlesyndication.com | udp |
| GB | 142.250.180.1:443 | 414245e2c8570a3e8d78e30fd9ba9f68.safeframe.googlesyndication.com | udp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 13.107.246.65:443 | www.clarity.ms | tcp |
| NL | 18.65.39.28:443 | sb.scorecardresearch.com | tcp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.187.193:443 | ep2.adtrafficquality.google | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| GB | 216.58.213.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | 1052f43846c449d7e477cd7b688f36d5.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 1052f43846c449d7e477cd7b688f36d5.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 1052f43846c449d7e477cd7b688f36d5.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | telem-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | telem-edge.smartscreen.microsoft.com | udp |
| GB | 172.165.61.93:443 | telem-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | prod.downloadnow.com | udp |
| US | 8.8.8.8:53 | prod.downloadnow.com | udp |
| US | 8.8.8.8:53 | prod.downloadnow.com | udp |
| US | 151.101.129.91:443 | prod.downloadnow.com | tcp |
| GB | 172.165.69.228:443 | app-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.69.228:443 | app-edge.smartscreen.microsoft.com | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 199.232.214.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 199.232.210.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 13.107.21.239:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| GB | 142.250.180.14:443 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | push-sdk.com | udp |
| US | 8.8.8.8:53 | push-sdk.com | udp |
| DE | 178.63.248.57:443 | push-sdk.com | tcp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| GB | 142.250.180.14:443 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | f5528824c0ba3816bfd1328822442a5e.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | f5528824c0ba3816bfd1328822442a5e.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | f5528824c0ba3816bfd1328822442a5e.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 216.58.212.193:443 | f5528824c0ba3816bfd1328822442a5e.safeframe.googlesyndication.com | udp |
| US | 216.58.212.193:443 | f5528824c0ba3816bfd1328822442a5e.safeframe.googlesyndication.com | udp |
| GB | 51.140.244.186:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 13.107.246.65:443 | www.clarity.ms | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| NL | 18.65.39.28:443 | sb.scorecardresearch.com | tcp |
| DE | 178.63.248.57:443 | push-sdk.com | tcp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 151.101.193.91:443 | download.cnet.com | udp |
| DE | 178.63.248.57:443 | push-sdk.com | tcp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| CA | 51.79.72.148:80 | memberikan.com | tcp |
| DE | 178.63.248.57:443 | push-sdk.com | tcp |
| GB | 92.123.128.142:443 | www.bing.com | udp |
| GB | 216.58.213.2:443 | googleads.g.doubleclick.net | udp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 8.8.8.8:53 | o.clarity.ms | udp |
| US | 8.8.8.8:53 | o.clarity.ms | udp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 151.101.1.91:443 | download.cnet.com | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 142.250.180.14:443 | syndicatedsearch.goog | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| NL | 185.89.211.84:443 | ams3-ib.adnxs.com | tcp |
| GB | 172.217.169.65:443 | 4f1102a07efb73da124071bd2cbd5401.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | udp |
| GB | 92.123.128.150:443 | www.bing.com | udp |
| GB | 142.250.180.14:443 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | images.dwncdn.net | udp |
| US | 8.8.8.8:53 | images.dwncdn.net | udp |
| US | 8.8.8.8:53 | assets.dwncdn.net | udp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| US | 151.101.1.91:443 | assets.dwncdn.net | udp |
| US | 151.101.193.91:443 | assets.dwncdn.net | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | 4a3ef2731c550cc64119f6b14345e904.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 4a3ef2731c550cc64119f6b14345e904.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 4a3ef2731c550cc64119f6b14345e904.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 216.58.204.65:443 | 4a3ef2731c550cc64119f6b14345e904.safeframe.googlesyndication.com | tcp |
| GB | 216.58.204.65:443 | 4a3ef2731c550cc64119f6b14345e904.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | ag.dns-finder.com | udp |
| US | 8.8.8.8:53 | ag.dns-finder.com | udp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 13.107.246.65:443 | www.clarity.ms | tcp |
| NL | 18.65.39.29:443 | sb.scorecardresearch.com | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.187.193:443 | ep2.adtrafficquality.google | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | down.easeus.com | udp |
| US | 8.8.8.8:53 | down.easeus.com | udp |
| US | 8.8.8.8:53 | down.easeus.com | udp |
| US | 8.8.8.8:53 | down.easeus.com | udp |
| US | 8.8.8.8:53 | down.easeus.com | udp |
| US | 8.8.8.8:53 | down.easeus.com | udp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | 860f5ad18f7c2a06f0965ab430ffb9c5.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 860f5ad18f7c2a06f0965ab430ffb9c5.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.187.193:443 | 860f5ad18f7c2a06f0965ab430ffb9c5.safeframe.googlesyndication.com | udp |
| GB | 142.250.187.193:443 | 860f5ad18f7c2a06f0965ab430ffb9c5.safeframe.googlesyndication.com | udp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 13.107.246.65:443 | www.clarity.ms | tcp |
| NL | 18.65.39.29:443 | sb.scorecardresearch.com | tcp |
| NL | 18.239.94.116:443 | down.easeus.com | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download2.easeus.com | udp |
| US | 8.8.8.8:53 | download2.easeus.com | udp |
| US | 8.8.8.8:53 | download2.easeus.com | udp |
| US | 8.8.8.8:53 | download2.easeus.com | udp |
| US | 8.8.8.8:53 | download2.easeus.com | udp |
| US | 8.8.8.8:53 | download2.easeus.com | udp |
| NL | 18.238.243.114:443 | download2.easeus.com | tcp |
| US | 8.8.8.8:53 | dl-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | dl-edge.smartscreen.microsoft.com | udp |
| GB | 51.140.242.104:443 | dl-edge.smartscreen.microsoft.com | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| N/A | 127.0.0.1:21322 | tcp | |
| US | 8.8.8.8:53 | app-edge.smartscreen.microsoft.com | udp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| NL | 13.227.219.91:80 | download.easeus.com | tcp |
| US | 8.8.8.8:53 | d.easeus.com | udp |
| NL | 65.9.86.126:443 | d.easeus.com | tcp |
| US | 8.8.8.8:53 | track.easeus.com | udp |
| HK | 8.218.236.152:80 | track.easeus.com | tcp |
| US | 47.252.97.12:80 | easeusinfo.us-east-1.log.aliyuncs.com | tcp |
| US | 47.252.97.12:80 | easeusinfo.us-east-1.log.aliyuncs.com | tcp |
| US | 47.252.97.12:80 | easeusinfo.us-east-1.log.aliyuncs.com | tcp |
| NL | 65.9.86.126:443 | d.easeus.com | tcp |
| US | 47.252.97.12:80 | easeusinfo.us-east-1.log.aliyuncs.com | tcp |
| NL | 65.9.86.126:443 | d.easeus.com | tcp |
| NL | 65.9.86.126:443 | d.easeus.com | tcp |
| NL | 65.9.86.126:443 | d.easeus.com | tcp |
| US | 47.252.97.12:80 | easeusinfo.us-east-1.log.aliyuncs.com | tcp |
| US | 47.252.97.12:80 | easeusinfo.us-east-1.log.aliyuncs.com | tcp |
| GB | 92.123.128.173:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| GB | 2.22.249.137:443 | assets.msn.com | tcp |
| IE | 13.74.129.1:443 | c.msn.com | tcp |
| GB | 92.123.128.149:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| GB | 2.22.249.137:443 | assets.msn.com | tcp |
| US | 150.171.28.10:443 | c.bing.com | tcp |
| GB | 92.123.128.169:443 | th.bing.com | tcp |
| NL | 18.65.39.56:443 | sb.scorecardresearch.com | tcp |
| GB | 2.19.117.165:443 | img-s-msn-com.akamaized.net | tcp |
| GB | 2.22.249.137:443 | assets.msn.com | udp |
| GB | 2.19.117.165:443 | img-s-msn-com.akamaized.net | tcp |
| GB | 2.19.117.165:443 | img-s-msn-com.akamaized.net | tcp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| GB | 2.22.249.137:443 | assets.msn.com | udp |
| GB | 2.19.117.165:443 | img-s-msn-com.akamaized.net | udp |
| US | 20.42.73.24:443 | browser.events.data.msn.com | tcp |
| US | 8.8.8.8:53 | ecn.dev.virtualearth.net | udp |
| US | 8.8.8.8:53 | ecn.dev.virtualearth.net | udp |
| GB | 2.23.220.162:443 | ecn.dev.virtualearth.net | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| GB | 92.123.128.149:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | srtb.msn.com | udp |
| US | 8.8.8.8:53 | srtb.msn.com | udp |
| GB | 92.123.128.169:443 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.msftstatic.com | udp |
| US | 8.8.8.8:53 | r.msftstatic.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.msftstatic.com | udp |
| US | 8.8.8.8:53 | r.msftstatic.com | udp |
| US | 204.79.197.219:443 | r.msftstatic.com | tcp |
| US | 204.79.197.219:443 | r.msftstatic.com | tcp |
| GB | 92.123.128.166:443 | r.bing.com | tcp |
| GB | 92.123.128.166:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 92.123.128.182:443 | th.bing.com | tcp |
| GB | 92.123.128.161:443 | r.bing.com | tcp |
| GB | 92.123.128.161:443 | r.bing.com | tcp |
| GB | 92.123.128.182:443 | th.bing.com | tcp |
| GB | 92.123.128.161:443 | r.bing.com | udp |
| GB | 92.123.128.161:443 | r.bing.com | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| NL | 40.126.32.140:443 | login.microsoftonline.com | tcp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | tcp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | deff.nelreports.net | udp |
| US | 8.8.8.8:53 | deff.nelreports.net | udp |
| GB | 2.19.117.143:443 | aefd.nelreports.net | tcp |
| NL | 104.109.143.159:443 | deff.nelreports.net | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 13.107.21.239:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | o.clarity.ms | udp |
| US | 8.8.8.8:53 | o.clarity.ms | udp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| N/A | 127.0.0.1:21322 | tcp | |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 13.107.21.239:443 | edge.microsoft.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | codeload.github.com | udp |
| US | 8.8.8.8:53 | codeload.github.com | udp |
| US | 8.8.8.8:53 | codeload.github.com | udp |
| GB | 20.26.156.216:443 | codeload.github.com | tcp |
| GB | 51.140.242.104:443 | dl-edge.smartscreen.microsoft.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 199.232.214.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | assets.dwncdn.net | udp |
| US | 8.8.8.8:53 | assets.dwncdn.net | udp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 151.101.65.91:443 | assets.dwncdn.net | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 151.101.129.91:443 | assets.dwncdn.net | udp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 20.42.73.24:443 | browser.events.data.msn.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| IT | 91.80.49.20:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 13.107.21.239:443 | edge.microsoft.com | tcp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| GB | 92.123.128.190:443 | www.bing.com | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | tcp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | images.dwncdn.net | udp |
| US | 8.8.8.8:53 | images.dwncdn.net | udp |
| US | 151.101.1.91:443 | images.dwncdn.net | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| GB | 142.250.180.14:443 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | push-sdk.com | udp |
| US | 8.8.8.8:53 | push-sdk.com | udp |
| DE | 157.90.33.68:443 | push-sdk.com | tcp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.180.14:443 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | 093d85a5aae03759eccb3d210b3f7308.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 093d85a5aae03759eccb3d210b3f7308.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 093d85a5aae03759eccb3d210b3f7308.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 172.217.169.1:443 | 093d85a5aae03759eccb3d210b3f7308.safeframe.googlesyndication.com | udp |
| GB | 172.217.169.1:443 | 093d85a5aae03759eccb3d210b3f7308.safeframe.googlesyndication.com | udp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 13.107.246.65:443 | www.clarity.ms | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| NL | 18.65.39.29:443 | sb.scorecardresearch.com | tcp |
| US | 8.8.8.8:53 | uidsync.net | udp |
| US | 8.8.8.8:53 | uidsync.net | udp |
| DE | 23.88.8.123:443 | uidsync.net | tcp |
| DE | 23.88.8.123:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| GB | 142.250.187.193:443 | ep2.adtrafficquality.google | udp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| GB | 142.250.200.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| DE | 157.90.33.68:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | 2930185d645d89cc533a1c9338243b59.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 2930185d645d89cc533a1c9338243b59.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 2930185d645d89cc533a1c9338243b59.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 172.217.16.225:443 | 2930185d645d89cc533a1c9338243b59.safeframe.googlesyndication.com | udp |
| GB | 172.217.16.225:443 | 2930185d645d89cc533a1c9338243b59.safeframe.googlesyndication.com | udp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 13.107.246.65:443 | www.clarity.ms | tcp |
| NL | 18.65.39.29:443 | sb.scorecardresearch.com | tcp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 151.101.129.91:443 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.hwsuite.com | udp |
| US | 8.8.8.8:53 | www.hwsuite.com | udp |
| US | 185.142.34.199:443 | www.hwsuite.com | tcp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| NL | 18.65.39.29:443 | sb.scorecardresearch.com | tcp |
| US | 13.107.246.65:443 | www.clarity.ms | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | e4000c0f3020a145659642dfcec09d4a.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | e4000c0f3020a145659642dfcec09d4a.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| GB | 142.250.200.33:443 | e4000c0f3020a145659642dfcec09d4a.safeframe.googlesyndication.com | udp |
| GB | 142.250.200.33:443 | e4000c0f3020a145659642dfcec09d4a.safeframe.googlesyndication.com | udp |
| US | 185.142.34.199:443 | www.hwsuite.com | tcp |
| US | 185.142.34.199:443 | www.hwsuite.com | tcp |
| US | 185.142.34.199:443 | www.hwsuite.com | tcp |
| US | 185.142.34.199:443 | www.hwsuite.com | tcp |
| US | 185.142.34.199:443 | www.hwsuite.com | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | td.doubleclick.net | udp |
| US | 8.8.8.8:53 | td.doubleclick.net | udp |
| US | 8.8.8.8:53 | td.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.hwsuite.com | udp |
| RU | 77.88.21.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| US | 150.171.28.10:443 | bat.bing.com | tcp |
| GB | 216.58.213.2:443 | googleads.g.doubleclick.net | udp |
| GB | 163.70.147.23:443 | connect.facebook.net | udp |
| GB | 163.70.147.23:443 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 216.58.212.227:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| US | 8.8.8.8:53 | www.hwsuite.com | udp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| RU | 87.250.251.119:443 | mc.yandex.com | tcp |
| RU | 87.250.251.119:443 | mc.yandex.com | tcp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.hwsuite.com | udp |
| GB | 163.70.147.35:443 | www.facebook.com | udp |
| GB | 163.70.147.35:443 | www.facebook.com | udp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | hwsuiteshop.cloud | udp |
| US | 8.8.8.8:53 | hwsuiteshop.cloud | udp |
| US | 185.142.34.199:443 | hwsuiteshop.cloud | tcp |
| RU | 87.250.250.119:443 | mc.yandex.com | tcp |
| RU | 87.250.250.119:443 | mc.yandex.com | tcp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| US | 20.189.173.7:443 | browser.events.data.msn.com | tcp |
| US | 185.142.34.199:443 | hwsuiteshop.cloud | tcp |
| US | 20.189.173.7:443 | browser.events.data.msn.com | tcp |
| US | 8.8.8.8:53 | o.clarity.ms | udp |
| US | 8.8.8.8:53 | o.clarity.ms | udp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 185.142.34.199:443 | hwsuiteshop.cloud | tcp |
| US | 8.8.8.8:53 | td.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.hwsuite.com | udp |
| US | 8.8.8.8:53 | hwsuiteshop.cloud | udp |
| US | 185.142.34.199:443 | hwsuiteshop.cloud | tcp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 150.171.28.10:443 | bat.bing.com | tcp |
| US | 8.8.8.8:53 | dl-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | dl-edge.smartscreen.microsoft.com | udp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| RU | 87.250.250.119:443 | mc.yandex.com | tcp |
| US | 8.8.8.8:53 | app-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | app-edge.smartscreen.microsoft.com | udp |
| GB | 51.140.242.104:443 | app-edge.smartscreen.microsoft.com | tcp |
| RU | 87.250.250.119:443 | mc.yandex.com | tcp |
| RU | 87.250.250.119:443 | mc.yandex.com | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| RU | 87.250.250.119:443 | mc.yandex.com | tcp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | tcp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| RU | 87.250.250.119:443 | mc.yandex.com | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| GB | 92.123.128.163:443 | www.bing.com | udp |
| HK | 8.218.236.152:80 | track.easeus.com | tcp |
| RU | 87.250.250.119:443 | mc.yandex.com | tcp |
| RU | 87.250.250.119:443 | mc.yandex.com | tcp |
| RU | 87.250.250.119:443 | mc.yandex.com | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| CA | 51.79.72.148:443 | memberikan.com | tcp |
| CA | 51.79.72.148:443 | memberikan.com | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 151.101.193.91:443 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | images.dwncdn.net | udp |
| US | 8.8.8.8:53 | assets.dwncdn.net | udp |
| US | 8.8.8.8:53 | assets.dwncdn.net | udp |
| GB | 142.250.180.14:443 | syndicatedsearch.goog | udp |
| US | 151.101.193.91:443 | assets.dwncdn.net | udp |
| US | 151.101.193.91:443 | assets.dwncdn.net | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | c7e05eb2afdaeefd132fc423b6ae4427.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | c7e05eb2afdaeefd132fc423b6ae4427.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | c7e05eb2afdaeefd132fc423b6ae4427.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 216.58.212.225:443 | c7e05eb2afdaeefd132fc423b6ae4427.safeframe.googlesyndication.com | udp |
| GB | 216.58.212.225:443 | c7e05eb2afdaeefd132fc423b6ae4427.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| NL | 18.65.39.28:443 | sb.scorecardresearch.com | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 142.250.187.193:443 | ep2.adtrafficquality.google | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| DE | 157.90.33.68:443 | uidsync.net | tcp |
| GB | 142.250.180.14:443 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | 06fb4cc386ca75b626626b402cb91044.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 06fb4cc386ca75b626626b402cb91044.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 06fb4cc386ca75b626626b402cb91044.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 216.58.204.65:443 | 06fb4cc386ca75b626626b402cb91044.safeframe.googlesyndication.com | udp |
| GB | 216.58.204.65:443 | 06fb4cc386ca75b626626b402cb91044.safeframe.googlesyndication.com | udp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| DE | 23.88.8.123:443 | uidsync.net | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| NL | 18.65.39.28:443 | sb.scorecardresearch.com | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| DE | 23.88.8.123:443 | uidsync.net | tcp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| DE | 157.90.33.68:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | o.clarity.ms | udp |
| US | 8.8.8.8:53 | o.clarity.ms | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 6f0e9bda0d6e101286212e20d57c54dd.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 6f0e9bda0d6e101286212e20d57c54dd.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 6f0e9bda0d6e101286212e20d57c54dd.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| GB | 142.250.179.225:443 | 6f0e9bda0d6e101286212e20d57c54dd.safeframe.googlesyndication.com | udp |
| GB | 142.250.179.225:443 | 6f0e9bda0d6e101286212e20d57c54dd.safeframe.googlesyndication.com | udp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| NL | 18.65.39.28:443 | sb.scorecardresearch.com | tcp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | 6f0e9bda0d6e101286212e20d57c54dd.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 6f0e9bda0d6e101286212e20d57c54dd.safeframe.googlesyndication.com | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | udp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | udp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | tcp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | eaf1af8828d542cf366b453373adc3e5.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | eaf1af8828d542cf366b453373adc3e5.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | eaf1af8828d542cf366b453373adc3e5.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| GB | 216.58.201.97:443 | eaf1af8828d542cf366b453373adc3e5.safeframe.googlesyndication.com | tcp |
| GB | 216.58.201.97:443 | eaf1af8828d542cf366b453373adc3e5.safeframe.googlesyndication.com | tcp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| NL | 18.65.39.28:443 | sb.scorecardresearch.com | tcp |
| US | 8.8.8.8:53 | api.btmessage.com | udp |
| US | 172.67.20.127:443 | cdn.btmessage.com | tcp |
| US | 104.22.20.109:443 | cdn.btmessage.com | tcp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 199.232.214.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 199.232.210.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| N/A | 127.0.0.1:21322 | tcp | |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| GB | 92.123.128.133:443 | www.bing.com | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | deff.nelreports.net | udp |
| US | 8.8.8.8:53 | deff.nelreports.net | udp |
| GB | 2.19.117.146:443 | aefd.nelreports.net | udp |
| NL | 104.109.143.159:443 | deff.nelreports.net | tcp |
| N/A | 127.0.0.1:21322 | tcp | |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| N/A | 127.0.0.1:21322 | tcp | |
| NL | 185.89.210.180:443 | ams3-ib.adnxs.com | tcp |
| N/A | 127.0.0.1:21322 | tcp | |
| US | 8.8.8.8:53 | o.clarity.ms | udp |
| US | 8.8.8.8:53 | o.clarity.ms | udp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| N/A | 127.0.0.1:21322 | tcp | |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 151.101.193.91:443 | download.cnet.com | udp |
| CA | 51.79.72.148:80 | memberikan.com | tcp |
| N/A | 127.0.0.1:21322 | tcp | |
| N/A | 127.0.0.1:21322 | tcp | |
| N/A | 127.0.0.1:21322 | tcp | |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| GB | 92.123.128.192:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.178.14:443 | www.youtube.com | tcp |
| GB | 142.250.178.14:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 51.140.242.104:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| GB | 216.58.201.110:443 | consent.youtube.com | tcp |
| GB | 216.58.201.110:443 | consent.youtube.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| N/A | 127.0.0.1:21322 | tcp | |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | tcp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | udp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| N/A | 127.0.0.1:21322 | tcp | |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.178.14:443 | play.google.com | tcp |
| N/A | 127.0.0.1:21322 | tcp | |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 13.107.21.239:443 | edge.microsoft.com | tcp |
| GB | 92.123.128.164:443 | www.bing.com | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | tcp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | tcp |
| N/A | 127.0.0.1:21322 | tcp | |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.178.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| US | 8.8.8.8:53 | youareanidiot.cc | udp |
| US | 8.8.8.8:53 | youareanidiot.cc | udp |
| N/A | 127.0.0.1:21322 | tcp | |
| US | 8.8.8.8:53 | o.clarity.ms | udp |
| US | 8.8.8.8:53 | o.clarity.ms | udp |
| US | 52.152.143.207:443 | o.clarity.ms | tcp |
Files
C:\Users\Admin\Downloads\Let's Compress.exe
| MD5 | 62b3ac73731fc81080b814c88320961b |
| SHA1 | 76a7977f8ee1dc1663eb557aa9ad3940beadc9b9 |
| SHA256 | c2d89609c65e1179432737cdf317894efd44a4659dd71f6b9a15141b8928137c |
| SHA512 | 26a61dafa7fbd49fa50e68a0a67974f43c8100a92155d7977bcf227def166a5b7351697b97a35e81a25fbd16bc36017bfa2b8964aa65618500af3a61da4eaa34 |
C:\Users\Admin\AppData\Roaming\Let's Compress\Let's Compress 1.4.0.0\install\decoder.dll
| MD5 | 9d45f2790dda55df2d99ef66dcb2019d |
| SHA1 | f2a369c1b82476e2e0641f95394dd4dee8223f01 |
| SHA256 | 9b7ff49f7e1d0a39826ec458c8004b20a65a4bd0592b083f38b01e2dbc2b510f |
| SHA512 | 9bef561ec6908dcd7e75f5f63cff8b1ec73e9be2b4e4aa5602182cde18d691cc28259b980c87246c5d27b4284bc783fba44d92a202f77b15f3e65c89dd3aa069 |
C:\Users\Admin\AppData\Roaming\Let's Compress\Let's Compress 1.4.0.0\install\E05A911\Let's Compress.msi
| MD5 | f0768b8fb79d6e85606928a8942eb9b4 |
| SHA1 | bc3b854d0dda803b62d6acc859574acf7c5bf3d0 |
| SHA256 | 5814b58aa3203e7b08b4a9bea8f9fc8bd71993073d5ba827b03de71286377196 |
| SHA512 | 1c35ee1b8b9bd342b690cd580eb38c630a4a6792ce72b08ebabbb76ea8aa297b50c8ba389db6bbbe418b87bf7cd75313f25bdeb6ed5541e13ffef06dae230e3e |
C:\Users\Admin\AppData\Local\Temp\MSI983C.tmp
| MD5 | 72b1c6699ddc2baab105d32761285df2 |
| SHA1 | fc85e9fb190f205e6752624a5231515c4ee4e155 |
| SHA256 | bf7f6f7e527ab8617766bb7a21c21b2895b5275c0e808756c2aadcd66eff8a97 |
| SHA512 | cde1e754d8dfb2fa55db243517b5dd3d75b209ea6387ef2e4be6157875e536db2373f23434a9e66c119150301c7b7cdf97de5a5544d94c03247b4ae716cbc170 |
C:\Windows\Installer\MSI9A8D.tmp
| MD5 | ea331456b0c22e14ee435f7be74e92ed |
| SHA1 | afc527b8a232dcca8f6ba66bc6ee32045bfcb721 |
| SHA256 | 458b53c62837677a0308c12db582107831a40ce1b2b818603d166401f599ed68 |
| SHA512 | 64e88e4f1a2edb35daa04781561480210c61b401084e81622b4c84dfe61745941eafc3ed1513aaca92bc2f662b3a19255e3db9f9661742767398b2d5f573b714 |
C:\Windows\Installer\MSI9B1F.tmp
| MD5 | 40117f705bff008c3d96a73162dad044 |
| SHA1 | 2735813836f36b5de83a745c47628053a0f61f66 |
| SHA256 | 32211c43bcfee2ea3ae54899af178d1fc0c2b1111b2a9e3cc3fd125e1ab7daad |
| SHA512 | eace1d55d479c4cf5692ec1dc98a6738e94874901bebe14a0a0a93eefd00fc4bd55a701e4629a1f7c47f72ac91fe3b698d590a8463119998852e05d6682f91a4 |
C:\Users\Admin\AppData\Roaming\Let's Compress\Let's Compress 1.4.0.0\install\E05A911\lets_compress.exe
| MD5 | a67204f86460f7b1e2bfa5006b202605 |
| SHA1 | 978a7f8fb723ea2236a1c7b6e8438c5906dc66c4 |
| SHA256 | eaf8d7191a316c5b55ef00da8421c8614ea94e18bbd7de8ddc4bdd04b48b4eec |
| SHA512 | c14288a03b8d5af7161f9fabe4d9269ec56cbe523b0273f5b94be72aedae1c758f4c4ed06156df0eb33737f4b0debb5d4c1f0b8dfed1ec76fc9af0d56bb66bb8 |
C:\Users\Admin\AppData\Roaming\Let's Compress\Let's Compress 1.4.0.0\install\E05A911\upd.exe
| MD5 | bbc4c48776d5b5261d1d1b46ddb899bb |
| SHA1 | a5721691e0fbe4d65d074e4a928394efc6b375c8 |
| SHA256 | fd7e65d9fb95d7734efe5c9496245f6be10c692da15f43595dba7659e27fa296 |
| SHA512 | 757d3efaa8b380fbbafee9c46f030339b4455f9573a330e1f04f2c2b60b8138911854acc05a31e818cf2c8eff8f6f2b6fe8928dbb30e39ed71b5d57cb49a9666 |
memory/4548-86-0x0000000004DC0000-0x0000000004DF4000-memory.dmp
C:\Windows\Installer\SFXCA68BD3185194C5A88D656F9EF9C7F66CA\WixToolset.Dtf.WindowsInstaller.dll
| MD5 | ef8d5785ac8669f5fd54e22f52770e6b |
| SHA1 | 4c94ae7ef233be33a56c0a5d9b8e2211d5d5792c |
| SHA256 | a614884ea627da1925131ebf41e8ae202caeac0fe543b86384f5eb2bfaf1aa75 |
| SHA512 | ab3b140bd6531f22e994606820e6511442c23d9015b1e1a38aaed43aa42ba29a996511151d0b3a383c05c2b11f670e52cdd7f507ad1a1ad8cebea57fb22ade5a |
memory/4548-90-0x0000000004E00000-0x0000000004E0A000-memory.dmp
C:\Windows\Installer\SFXCA68BD3185194C5A88D656F9EF9C7F66CA\RequestSender.dll
| MD5 | 94a43bf9e4550a8e06cefcfb7519bbf5 |
| SHA1 | c40351ce9b24db273eecffbb708e7702080e2e80 |
| SHA256 | 9d9ea630863a3aabaf5d8552b467cfdd5339419d18197221f12dc5c9879f899b |
| SHA512 | f92b3b003b5abc0ca2fc487efb6ed352f5b08742e2cd235ca5ec0ca57c2d1fbd2fdebfb6dc92931389108b91102a9c7a9a7c4812cedf28758803f3e373563bb8 |
C:\Windows\Installer\MSI9CD7.tmp
| MD5 | ec4cd2159189ffa5d293a24e92964b6d |
| SHA1 | d16bbb7b4504afa4d70442e051e548372586b5d3 |
| SHA256 | 8a77ed5526ecf88b81844993b5c55bdf6e056aade9c8cb3e1fd89a3b4d41a780 |
| SHA512 | 099663cd0584dce7ec17322fcecef330341a711a1d6854f57eb852650ab8272b44708f18ebf6ca0e42b2ca0ed10ad99ea7729562de553353afb615604ea19101 |
memory/4548-96-0x0000000004E80000-0x0000000004EE6000-memory.dmp
C:\Windows\Installer\SFXCA68BD3185194C5A88D656F9EF9C7F66CA\CustomAction.config
| MD5 | ee9a8381338b060d86c58e2415f481f3 |
| SHA1 | 200f3ed7c773f50c80644f3976e09e876f45993f |
| SHA256 | 7e1096d6f39ebe04d6e38bc714983af05ed92cc2bb4d3365ed4c85e733cb145c |
| SHA512 | 26b9108b9522574e08560bc45a6470f85ca149317bd763f3a357040e0f0e743fd7bfc05e0ce2d9fb52bf89e22c61d221ddf8a7163f5143848717ca3d56847ef1 |
C:\Windows\Installer\SFXCA9DE06CBCE040D61B7E6C0E313D4C8E2F\Microsoft.Win32.TaskScheduler.dll
| MD5 | 0616ea42b68a8f5f2f01bcd985bdcbc7 |
| SHA1 | 88d6aae1f17b00f4391e0e7b17e98c494be73ba1 |
| SHA256 | ea27c65491119eee5c8e87ce3d470783580db8fc5bd141c496768d7d0cce779a |
| SHA512 | ce4657908615c4837084c75d806c083b8f7e63965a2e7866b8c96de7c0278a0857235b74cd9443769968165db250eba042a5b05927febff5bb70bebb7dcbd814 |
memory/3568-123-0x0000000002D30000-0x0000000002D88000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\rundll32.exe.log
| MD5 | ef375f28c91db0202bf7db29c0cbc2ce |
| SHA1 | 5a3f5d4ec75a468b908c2eb2b9e6f4b1e76c1017 |
| SHA256 | f4d1c038db378dec10e7e2fc81ccc2e2d4b8132ef0d66905e3625a0b0cbbde5f |
| SHA512 | f18141e352fcd253e02cb25fa0cff29ab06dec62bafd5aa80ca48c959d1dba97deae830d01bf521f851a8143b9416747eb170d0cedafa32b59155027c02f244d |
C:\Config.Msi\e5d9a13.rbs
| MD5 | 685015247ff185390dfb92de790ec187 |
| SHA1 | 70a8b212ea37d7fab2af745c9040de78fb47a7d6 |
| SHA256 | ecb11fa4cad9db6dd6f132f0d1a96dd06d89f68186752fe342e23b5a13009f5f |
| SHA512 | 5a23d30ad5bdeb10361baee824b84efc9efd4c12d74ba519216d1b7417a16347d41ec5d0b603c6c9cdef531eb94b454ed64cbbb4ebb320c14969ca017643a62c |
C:\Users\Admin\AppData\Local\Temp\nsv12BD.tmp\LangDLL.dll
| MD5 | f1e9eed02db3a822a7ddef0c724e5f1f |
| SHA1 | 65864992f5b6c79c5efbefb5b1354648a8a86709 |
| SHA256 | 6dff504c6759c418c6635c9b25b8c91d0d9ef7787a3a93610d7670bb563c09df |
| SHA512 | c22b64fff76b25cf53231b8636f07b361d95791c4646787ce7beac27ad6a0de88337dcceb25b5196f97c452dda72e2614647f51a8a18cb4d5228a82ed2e0780c |
C:\Users\Admin\AppData\Local\Temp\nsv12BD.tmp\FindProcDLL.dll
| MD5 | ba4c1dfe226d573d516c0529f263011e |
| SHA1 | d726e947633ea75c09bba1cb6a14a79ce953be24 |
| SHA256 | 2ffe1ac2555e822b4a383996168031e456f09f9cf3bb763fccee35be178cf58a |
| SHA512 | 73d607f0cc27eb3b1966911edf669417249bbcaa2d07f037cb3d3d3eaf368110e7e683d0e2186b06820302cd17041d5f60adab1d0ad0ebc03e34075cea37f5f8 |
C:\Users\Admin\AppData\Local\Temp\nsv12BD.tmp\System.dll
| MD5 | 17ed1c86bd67e78ade4712be48a7d2bd |
| SHA1 | 1cc9fe86d6d6030b4dae45ecddce5907991c01a0 |
| SHA256 | bd046e6497b304e4ea4ab102cab2b1f94ce09bde0eebba4c59942a732679e4eb |
| SHA512 | 0cbed521e7d6d1f85977b3f7d3ca7ac34e1b5495b69fd8c7bfa1a846baf53b0ecd06fe1ad02a3599082ffacaf8c71a3bb4e32dec05f8e24859d736b828092cd5 |
C:\Users\Admin\AppData\Local\Temp\nsv12BD.tmp\nsDialogs.dll
| MD5 | 42b064366f780c1f298fa3cb3aeae260 |
| SHA1 | 5b0349db73c43f35227b252b9aa6555f5ede9015 |
| SHA256 | c13104552b8b553159f50f6e2ca45114493397a6fa4bf2cbb960c4a2bbd349ab |
| SHA512 | 50d8f4f7a3ff45d5854741e7c4153fa13ee1093bafbe9c2adc60712ed2fb505c9688dd420d75aaea1b696da46b6beccc232e41388bc2a16b1f9eea1832df1cd7 |
C:\Users\Admin\AppData\Local\Temp\nsv12BD.tmp\w7tbp.dll
| MD5 | 9a3031cc4cef0dba236a28eecdf0afb5 |
| SHA1 | 708a76aa56f77f1b0ebc62b023163c2e0426f3ac |
| SHA256 | 53bb519e3293164947ac7cbd7e612f637d77a7b863e3534ba1a7e39b350d3c00 |
| SHA512 | 8fddde526e7d10d77e247ea80b273beae9dde1d4112806f1f5c3e6a409247d54d8a4445ab5bdd77025a434c3d1dcfdf480dac21abbdb13a308d5eb74517fab53 |
C:\Users\Admin\Downloads\SpybotPortable\App\Spybot\Includes\Hijackers.sbi
| MD5 | 6c9e2c1af983cc415773b1e44f40f009 |
| SHA1 | 8009f98a1cfb54d88383aba563a0b6a876e8fb57 |
| SHA256 | f3c4f1333c7928d18af450cb0062c5cd007c899cb436b105d9804834a17198ab |
| SHA512 | 186f93fa09e3d66e997f6bfa5f1351d9aedec315b5165799fbf008a17ccc9b3c1758261ab8af3f3b8ce2621336bb5a1524dbc6b15a00236576c323055760d56d |
C:\Users\Admin\Downloads\SpybotPortable\App\Spybot\Includes\TrojansC-05.sbi
| MD5 | 8e23d6ae1fce7d134593d1ef555299ae |
| SHA1 | 786ad5cad894422f883b55fb00d9a7671d1b8e53 |
| SHA256 | 7281dfdaad20c91d51388e81e2156be8e25e2b806ffc84580993822f10ddc91c |
| SHA512 | 4edeb103c1f743fbffc753a6aa23100744b1ed52ee9e618c2450a833f473010acf261fce0f8a9d59f1ed521de759b8064211751e67bf4463c072f5afb0a44217 |
C:\Users\Admin\Downloads\SpybotPortable\App\Spybot\Updates\Downloads\TrojansC-05.sbi-20140116.cab
| MD5 | ffba0388187990039eedd2fe48cf0688 |
| SHA1 | 0a76168749cfe2753898842ab15e59cabef08306 |
| SHA256 | 73a790d6c7170a3197b50369f5023ed2155f12239c23056b19eeec81d80ef383 |
| SHA512 | d85bd4d3bda4919dcacf0832a4303f19a556a69aac81e0d49028e465d4123ec8895b119f1e08722d5c541f9bc143c37b21218a25e22448feb3b18c96bb5d1536 |
C:\Users\Admin\Downloads\SpybotPortable\App\Spybot\locale\ru_RU\LC_MESSAGES\default.mo
| MD5 | f5b62e103b2790783534b9b15d852861 |
| SHA1 | 577a4ba628d6ee691c245f1642d0ac959706909e |
| SHA256 | daf40252a688bd14e1c8845efc0f792c9cbc9d93cdb99549d153238a7b22f815 |
| SHA512 | da748c6bf441a77e2ca9ca578c6353d215ffcfcfdfc2c26484e25507a6c5efdedb3ca6290f9cf49d6c1d30b29fca14880bcbb11317678160b229a9e94936676e |
C:\Users\Admin\Downloads\SpybotPortable\App\AppInfo\pac_installer_log.ini
| MD5 | 7d52aa2322d59490a4ab565075166a7b |
| SHA1 | 5ed06b30928212977f33b45bbd851812f2660ee9 |
| SHA256 | 847bd4b3d805936b1fa2cb4dbc31b22e8f9a6d9d961236cb8430b27334cd63ac |
| SHA512 | cc20f9cda176f7b49f90fec80fb8ada56c066a06940bd58533800f9c3bcc1ac8ed707ce352e6364785a7c5e4aab5db712af604fb87afad7f859b5c570b4f2f95 |
C:\Users\Admin\AppData\Local\Temp\nsv12BD.tmp\modern-wizard.bmp
| MD5 | 4df53efcaa2c52f39618b2aad77bb552 |
| SHA1 | 542de62a8a48a3ff57cf7845737803078062e95b |
| SHA256 | ee13539f3d66cc0592942ea1a4c35d8fd9af67b1a7f272d0d791931e6e9ce4eb |
| SHA512 | 565a6ba0c9afc916cf62dac617c671f695cd86bd36358e9897f1f0e1a23a59d3019a12349029e05bf91abfb7b213ef02fc5c568a2bfcde0e3896e98cbcfa623a |
C:\Users\Admin\AppData\Local\Temp\nsy7426.tmp\launcher.ini
| MD5 | 9a5ab3d4e8e6c25ac9f8dd20a573d113 |
| SHA1 | 23a125b2ba80cd34f36b64bd1a6a4318f7913fca |
| SHA256 | 5b72284c8cff95adbc588b63bd11c8357ca5bbf672485752e0cf9f6d06f3c329 |
| SHA512 | 88d696b60bd4a01878023055c99bf0118e1490492cf7be7073b4b081c8355b73d1d7997677cd32fcad4c32e2d330be1cf648af2e0f2b2d65f149d606ad30ae33 |
C:\Users\Admin\AppData\Local\Temp\nsy7426.tmp\registry.dll
| MD5 | 2880bf3bbbc8dcaeb4367df8a30f01a8 |
| SHA1 | cb5c65eae4ae923514a67c95ada2d33b0c3f2118 |
| SHA256 | acb79c55b3b9c460d032a6f3aaf6c642bf8c1d450e23279d091cc0c6ca510973 |
| SHA512 | ca978702ce7aa04f8d9781a819a57974f9627e969138e23e81e0792ff8356037c300bb27a37a9b5c756220a7788a583c8e40cc23125bcbe48849561b159c4fa3 |
memory/5484-876-0x00000000051C0000-0x0000000005223000-memory.dmp
memory/5396-903-0x0000000000960000-0x0000000000A41000-memory.dmp
memory/5396-904-0x0000000000AA0000-0x0000000000B0B000-memory.dmp
memory/5396-902-0x0000000000A70000-0x0000000000A9E000-memory.dmp
memory/5396-901-0x0000000000A50000-0x0000000000A70000-memory.dmp
memory/5396-905-0x0000000003570000-0x000000000360B000-memory.dmp
memory/5396-930-0x00000000504B0000-0x00000000504EF000-memory.dmp
memory/5396-935-0x0000000003570000-0x000000000360B000-memory.dmp
memory/5396-936-0x0000000005150000-0x0000000005560000-memory.dmp
memory/5396-934-0x0000000000AA0000-0x0000000000B0B000-memory.dmp
memory/5396-933-0x0000000000A70000-0x0000000000A9E000-memory.dmp
memory/5396-931-0x0000000000960000-0x0000000000A41000-memory.dmp
memory/5396-932-0x0000000000A50000-0x0000000000A70000-memory.dmp
memory/5396-927-0x0000000050250000-0x00000000504AF000-memory.dmp
memory/5396-928-0x0000000048000000-0x000000004838F000-memory.dmp
memory/5396-926-0x0000000050030000-0x0000000050248000-memory.dmp
memory/5396-929-0x0000000040830000-0x0000000040884000-memory.dmp
memory/5396-925-0x0000000030400000-0x000000003080C000-memory.dmp
memory/5396-942-0x0000000050030000-0x0000000050248000-memory.dmp
memory/5396-943-0x0000000050250000-0x00000000504AF000-memory.dmp
memory/5396-955-0x0000000050250000-0x00000000504AF000-memory.dmp
memory/5396-954-0x0000000050030000-0x0000000050248000-memory.dmp
memory/4456-966-0x0000000003700000-0x00000000037E1000-memory.dmp
memory/4456-968-0x0000000003810000-0x000000000387B000-memory.dmp
memory/4456-967-0x00000000037F0000-0x0000000003810000-memory.dmp
memory/4456-965-0x0000000003660000-0x00000000036FB000-memory.dmp
memory/4456-972-0x0000000005C70000-0x000000000610F000-memory.dmp
memory/4456-975-0x0000000006360000-0x000000000638E000-memory.dmp
memory/4456-973-0x0000000006250000-0x000000000635B000-memory.dmp
memory/4456-976-0x0000000006390000-0x000000000642C000-memory.dmp
memory/4456-977-0x0000000006430000-0x0000000006487000-memory.dmp
memory/4456-978-0x0000000006710000-0x00000000067C6000-memory.dmp
memory/5396-980-0x0000000030400000-0x000000003080C000-memory.dmp
memory/5396-982-0x0000000050250000-0x00000000504AF000-memory.dmp
memory/5396-981-0x0000000050030000-0x0000000050248000-memory.dmp
C:\Users\Admin\Downloads\1111_with_WARP_V2024.12.760.0.msi:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\Downloads\1111_with_WARP_V2024.12.760.0.msi:Zone.Identifier
| MD5 | 1cb62b0579f0ce7f6850153a83c3b6e7 |
| SHA1 | c40d0302a089bac50d15abb0015f4f34aca826ca |
| SHA256 | 55106713ea8559b6b96636f8559c98e73470c9c3d8e318631818657b6815d9d2 |
| SHA512 | 55d3e9538d97bdfed05c679b211e9b32c4c267f3e04439c953046baa7d2b9b8029fcce6ce3c5a0c5d89b274cad7d0e1856aacdb7e5030185650713f62f7e7bda |
memory/1036-1264-0x000002A5DCDB0000-0x000002A5DCDDE000-memory.dmp
memory/1036-1266-0x000002A5DCDA0000-0x000002A5DCDAA000-memory.dmp
memory/1036-1268-0x000002A5DCF40000-0x000002A5DCF48000-memory.dmp
memory/1036-1269-0x000002A5DCF70000-0x000002A5DCF8A000-memory.dmp
C:\Windows\Installer\MSI676B.tmp-0\CustomAction.config
| MD5 | 01c01d040563a55e0fd31cc8daa5f155 |
| SHA1 | 3c1c229703198f9772d7721357f1b90281917842 |
| SHA256 | 33d947c04a10e3aff3dca3b779393fa56ce5f02251c8cbae5076a125fdea081f |
| SHA512 | 9c3f0cc17868479575090e1949e31a688b8c1cdfa56ac4a08cbe661466bb40ecfc94ea512dc4b64d5ff14a563f96f1e71c03b6eeacc42992455bd4f1c91f17d5 |
C:\Windows\Installer\MSI676B.tmp-0\Microsoft.Deployment.WindowsInstaller.dll
| MD5 | c2c83128276cc7c9cccc399bb5d76031 |
| SHA1 | 776f9ca8175d95d0bc7c44847d60091bdf415041 |
| SHA256 | 791da16b0df6956e88b04dab8b543b99dc2abd9af24aa25208fe5a0981e811b3 |
| SHA512 | c8651107f699daa299182dbe594da76cd794ba0d7661a483aaa932f0967a3af5761c8e8a3250cb501019d39b483d09427ac75aa7fa3a191a090e226d8d9fd515 |
C:\Windows\Installer\MSI676B.tmp-0\Warp.Installer.Actions.dll
| MD5 | 9624f3e0efeb4c10660a9a35c4f21e45 |
| SHA1 | ecef3063ca41df75730e0fd61d8a839a4926980e |
| SHA256 | 9375fd0099f4509bc6a59c80e5213c12a840344104b3063bed8d990026f0bc63 |
| SHA512 | 44c1a8a3ce188b751a891c8125f61554a83e53b6c8d22270ed34033147fd63e066b45f6bea6595d9bed6d48e5b0980173449bdec236ff96814121859c9e57b79 |
C:\Windows\Installer\MSI676B.tmp-0\Common.dll
| MD5 | 47dc1818d152b434d465575915f12589 |
| SHA1 | c9c026198b9ae849c92ff960854f79b81eef63ae |
| SHA256 | e92e5b899460d603278a5244fb6e456064457a5a25b6f3914f9a875d5c287e42 |
| SHA512 | 0266b8e2e8de8b726975de6d2e1d3592e66b7fb276bd7d92e3c46a4f0281b74dc7e27c249e3ac86ce441058333692dac2262781c6776c904667753a4e5a08267 |
C:\Windows\Installer\MSI69CD.tmp
| MD5 | 8eabeadadc6d03c9807787af28381b65 |
| SHA1 | b5015709fb98a8a849a0440c54c07c394e89bc59 |
| SHA256 | 386a4209241d3424783e2456ef79988a1032a9f4ead891b5551253520e439ee0 |
| SHA512 | 18ddec2d28640108faf5a4b9878cc0e6224fdc6ee26bd9fcfc2c972d0ea82a21468181c6fcc3413a99e2a9bc070e71d41c998528a324eee93ee1b59351b6f037 |
C:\Config.Msi\e5d9a16.rbs
| MD5 | 4da2e19fed9a93f3429f3ac9e0e76a1e |
| SHA1 | b0ec44edc077d9fc1dc17586b11920bf60aa26cf |
| SHA256 | 83d99d8ec12afb2099a7d1b0fe503f7126a607f7a6379a24d907d3d9cdcf62b2 |
| SHA512 | 9d248c07f2d9692f5326f25d41b3b36790f8cae73346f7f522f513489fb724edd573bd8a04bf794b6604c6a3e1c784038a211156a4b5628c8cca04ce7b9fcdfd |
C:\Program Files (x86)\SpywareBlaster\dep\MSCOMCTL.OCX
| MD5 | e52859fcb7a827cacfce7963184c7d24 |
| SHA1 | 35c4ae05d90f610c0520933faaca2a8d39e1b2a1 |
| SHA256 | 45b6eef5bbf223cf8ff78f5014b68a72f0bc2cceaed030dece0a1abacf88f1f8 |
| SHA512 | 013e6bf4762b1f90650ee6a1cb275607d1cad9df481362f42606a37f3a6f63de5cd0cdb0e9739df141b58f67ac079cf27be4ffe4937371972dd14eae18c58a94 |
C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe
| MD5 | 430f52e6f90343ea26ab73b32c818df6 |
| SHA1 | 73070ee9e60f3e0a5bd47c447de3c90dc8c70d49 |
| SHA256 | e1bb13dfb8948dd6a094db3328ded12f08319a37705f81180d4611b2e420942c |
| SHA512 | 0f1f8962a8d8af342d54ba88050d5860f9b46ac9f87ab238be2707d1723669e715e593e3bf1a76d3856d6156e31555fb742ba59f32271642ca1c9b0d55b6d81a |
memory/684-1924-0x0000000000400000-0x000000000091D000-memory.dmp
memory/3396-1926-0x0000000000400000-0x000000000091D000-memory.dmp
memory/684-1937-0x0000000000400000-0x000000000091D000-memory.dmp
memory/3396-1939-0x0000000000400000-0x000000000091D000-memory.dmp
memory/4920-1940-0x0000000000400000-0x000000000091D000-memory.dmp
memory/4920-1963-0x0000000000400000-0x000000000091D000-memory.dmp
memory/228-1965-0x0000000000400000-0x000000000091D000-memory.dmp
memory/4220-1968-0x0000000000400000-0x000000000091D000-memory.dmp
memory/4220-2027-0x0000000000400000-0x000000000091D000-memory.dmp
memory/3824-2029-0x0000000000400000-0x000000000091D000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-P9JSM.tmp\_isetup\_shfoldr.dll
| MD5 | 92dc6ef532fbb4a5c3201469a5b5eb63 |
| SHA1 | 3e89ff837147c16b4e41c30d6c796374e0b8e62c |
| SHA256 | 9884e9d1b4f8a873ccbd81f8ad0ae257776d2348d027d811a56475e028360d87 |
| SHA512 | 9908e573921d5dbc3454a1c0a6c969ab8a81cc2e8b5385391d46b1a738fb06a76aa3282e0e58d0d2ffa6f27c85668cd5178e1500b8a39b1bbae04366ae6a86d3 |
C:\Program Files (x86)\SMADAV\SMĪRTP.exe
| MD5 | effb66061635cbdae06ef811de9c9361 |
| SHA1 | 5f75ca5017ec6a55bf102b266c2bbd313e56f25c |
| SHA256 | 71c3ad607d3b6766e6ecb864a3f41c5498da83ba0f5a96500b7f954a08bbec41 |
| SHA512 | bb45d57e9e1aef1840545622cdaa7b9c2232f67a7cfe212b1b7b39f46da1a2c01535131498e036904c5da2f76d7ce404dacf40bc9d49969fa36094600a60c39a |
memory/2148-2469-0x0000000000050000-0x000000000005D000-memory.dmp
memory/2148-2476-0x0000000000050000-0x000000000005D000-memory.dmp
memory/5440-2474-0x0000000000A10000-0x0000000000A1D000-memory.dmp
memory/1420-2523-0x0000000000890000-0x000000000089D000-memory.dmp
memory/1420-2526-0x0000000000890000-0x000000000089D000-memory.dmp
memory/5436-2524-0x0000000000A10000-0x0000000000A1D000-memory.dmp
memory/5436-2528-0x0000000000A10000-0x0000000000A1D000-memory.dmp
memory/1992-2597-0x0000000000890000-0x000000000089D000-memory.dmp
C:\Users\Public\USBLockit.exe
| MD5 | fc711608a97efe2e9affe4f742e955f5 |
| SHA1 | 29f18f9d763661da5c6943206fc0eb24f6dcc870 |
| SHA256 | f87998b35adb4f078056ea1907be18c2a698c068eb379170cb660255213f87cf |
| SHA512 | 499cd4a68792c7899c46d944749d8179cc56b08eb76619eb1e3abb9792a90a3ab708c21d36a77305b7b02dc24d2ae563978f234f2f4252303687501dad428bb2 |
memory/5136-2602-0x0000000000210000-0x000000000021D000-memory.dmp
memory/1992-2604-0x0000000000890000-0x000000000089D000-memory.dmp
memory/5136-2624-0x0000000000210000-0x000000000021D000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\aliyun\DataFile.ini
| MD5 | dcef0f13e217f0d0df45f07cf77da4a1 |
| SHA1 | 57b3f21899e66a33156b7fd84b0f86d82f358164 |
| SHA256 | e43131396acdb9cdf35a7c653414b9ebd24616aebd74e99d52b9a48fcabafd9f |
| SHA512 | 48a6059fa6626b5ffe0d164cd66772fef1c7e66d748f8d4b2b6e2eff9a9577df7b06d8f187ab49ece061ccd2c3b30f0bc2e40c439c13918fc2e4a73119b5651c |
C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\aliyun\DataFile.ini
| MD5 | 0991df4c63366cca38b2b7a0efa76b8a |
| SHA1 | 22a368f752761e91466c8394594f074b10269df9 |
| SHA256 | 8d47ecb2169adcbdc01fc90d832755de0c397716c626e0fe7c7f6ec56e8555de |
| SHA512 | 4c69ef73a8300dfeaa1d25091fbb3d0134c19a230e82abe6cf7f86ba36c66d0da59e4107213c8a69f168aa23469eb59143dd2854cb203ce967d4e96e990ef07b |
C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\aliyun\tempInfo.web
| MD5 | cfcd208495d565ef66e7dff9f98764da |
| SHA1 | b6589fc6ab0dc82cf12099d1c2d40ab994e8410c |
| SHA256 | 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9 |
| SHA512 | 31bca02094eb78126a517b206a88c73cfa9ec6f704c7030d18212cace820f025f00bf0ea68dbf3f3a5436ca63b53bf7bf80ad8d5de7d8359d0b7fed9dbc3ab99 |
C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\aliyun\DataFile.ini
| MD5 | 6a0ecf3290b50e76a1315ab773df2751 |
| SHA1 | 35cfc5baa8a0a15c0fb19a9083e4178f1f519f50 |
| SHA256 | 82331c21c8e918105b97086175c99ff9be8476ad28ec52eeb06f8fd66fa190ae |
| SHA512 | d72317eb8c558101f049131e547c2b5b50c3535f36ba28a00ea667e9731c0ff577e471004ca0aab004dc974ac4fbf83b5890918cf712fb8cb0ec4039cb862ace |
C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\aliyun\DataFile.ini
| MD5 | 201ae8230c63ddbd6842cca0a7fa2681 |
| SHA1 | a62ee45756daefd65066d428f0926c64060b261b |
| SHA256 | 13fee6c4e80ca8f1b25f62baaf7c28c5eb153f8e471aa054766cc332962bc22a |
| SHA512 | 424c92159827ad3425e4db8cb488d2cd87ada25809a8e1b9064860a3b62327f8bdb2db9e410b60861d3c71148c8e348d3c2db8983def32828a15d542fe96dda0 |
C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\aliyun\DataFile.ini
| MD5 | 7f411750d07619f38537e7fd612b8b44 |
| SHA1 | cda241a1ce5141288582c8f0ac4850992b427bdc |
| SHA256 | ae89726af2bd0c0218fbf63af20d4464f44dced5156364d817b6e73afc8e9f87 |
| SHA512 | 35dad46325060004a66e01e10af6a3ebfd94b6751347b6ec64840c4ec03d81480fc324494ea39dded03bf2f1a1ce352b15ab518d14214c15567af17fb32f16b8 |
C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\aliyun\DataFile.ini
| MD5 | 7a9703e90829992168af77b8c3b6a2f2 |
| SHA1 | 028f6a285b4cd9eb990199cd03dc9ab241fcfe2d |
| SHA256 | 746f2924a4a212f82076d4e57dc1202c75c4611839c2df644881ffe7e8274cd2 |
| SHA512 | 79b338c0d8fadeff7213ee8f087e2cb150ebfbd0e9395e3e5a3ab066c4ae1a921c8476e6c79cd00790fbfa29a387178cabf46aa2a15a9835b3792c357b2db706 |
C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\aliyun\DataFile.ini
| MD5 | 80e59c2ebc6df1a8983046644aa919a5 |
| SHA1 | a3883d95e491960b1b04f55b2c2b620309fc20c0 |
| SHA256 | d7d274103abf9006008916871acd4e221cfc5befac8e308af93d10bf0e698258 |
| SHA512 | 33e9f02edf7022d7c3b17882a503f2a8f5be56dc931c98fe918acf110992f3332dd46d3949b38f2753f663debec2a95910098bbe71e46c6391ce00745a1c6b6e |
C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\EasyLog.log
| MD5 | 747ce0e054926fb82589e9233934b332 |
| SHA1 | b0210dfa37c1091123a43d726d34a3c975fa439b |
| SHA256 | 27c6022ba581db7a0ee498187f00049fc7284119a6d2a29ca131c81d5cf4a978 |
| SHA512 | 049c32832708ca5e3186733587e3892ab0a759adf93b8f8853a32a6fe412507b6cbc1fd7a6bb7eaa65b738af708caf688b0e326c37e1a84d9ba4e248a7077f64 |
C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\aliyun\DataFile.ini
| MD5 | 963bac90f47153a939c96f4c88d83b83 |
| SHA1 | 984f5ecdd83dc7ff9764a4144d9cfc5cd93525b1 |
| SHA256 | 34087d9186cf16dba72fad924d9638308b0d5410a122d483d93e9bb2824c7203 |
| SHA512 | dcea910d966acf752151fb5100d9da44a342816d1a2899177ccbc40e7f1b527fc11e50e75259c4c2244dbe1d80dcd35ad6439c148f0af4b04c69f8eb8769242e |
C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\aliyun\DataFile.ini
| MD5 | 4ba62946fc72dc787801d2ed2093c436 |
| SHA1 | a6a292483c6e7677e4bbc2a9fdc25c3cb9d88e04 |
| SHA256 | b262b8b35e2e3d3abc3b19aa86634b8c24fa361ac5c72f46f0813ce7b804ea54 |
| SHA512 | 7574f15e52ba0a17b153e6b8911b2eaeb0740ec0cab2408aa4d671142d80dfc7e271949229928a9f5f38984c47fc4632419a10ed9ea5c0c6066eee8b88df6048 |
C:\ProgramData\HeavenWard\FreeKey\instreg.exe
| MD5 | db11a07e8ad03370071ec5e6485acd58 |
| SHA1 | 3016e240a5b1c2ee48a6400f7d7db35c72471861 |
| SHA256 | 2da5d859131bd17d3588aa973d33a20261171b4380c88a32838465f9957cda3b |
| SHA512 | aa19c41ede9eac133d32b4e9e682150eed33d9fa2f5631af76677f3427ee858bdc7ec975455d1e93270848b89c604cf068a5435a238b620613e582c47fcac134 |
C:\Users\Admin\AppData\Local\Temp\downloader_easeus\1.0.0\35trial\aliyun\AliyunConfig.ini
| MD5 | bce58f0f756f17b8be5bab89fef4a388 |
| SHA1 | 8c1797c473c90def4de25d74a646b1ded4e77f39 |
| SHA256 | 2e45aa712157f230da352504de36b452cd474f7776d62ae94c119cd7c3fff223 |
| SHA512 | 6c4395a5937b1da81c6dbaae9d11176d52ae69700c48867be525514582a4dfb1c92720700e65b350f4de54425960bdfeb3c7bc5347425775503d6f736e15dd3c |
memory/6788-3837-0x0000000000400000-0x00000000004FE000-memory.dmp
memory/6788-3857-0x0000000000400000-0x00000000004FE000-memory.dmp