Analysis Overview
Threat Level: Known bad
The file https://url2.3u.com/MNBBfyaa was found to be: Known bad.
Malicious Activity Summary
Modifies firewall policy service
Downloads MZ/PE file
Reads user/profile data of web browsers
Checks computer location settings
Event Triggered Execution: Component Object Model Hijacking
Loads dropped DLL
Executes dropped EXE
Checks BIOS information in registry
Modifies file permissions
Enumerates connected drives
Drops desktop.ini file(s)
Adds Run key to start application
Checks installed software on the system
Blocklisted process makes network request
Drops file in System32 directory
UPX packed file
Launches sc.exe
Drops file in Program Files directory
Drops file in Windows directory
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Browser Information Discovery
Modifies registry class
Suspicious use of SendNotifyMessage
Checks processor information in registry
Checks SCSI registry key(s)
Uses Volume Shadow Copy service COM API
Suspicious use of WriteProcessMemory
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of AdjustPrivilegeToken
Modifies data under HKEY_USERS
Suspicious behavior: AddClipboardFormatListener
Enumerates system info in registry
Suspicious use of SetWindowsHookEx
Suspicious use of FindShellTrayWindow
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2025-06-30 18:24
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2025-06-30 18:24
Reported
2025-06-30 18:32
Platform
win10v2004-20250619-en
Max time kernel
458s
Max time network
454s
Command Line
Signatures
Modifies firewall policy service
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | C:\Program Files\Bonjour\mDNSResponder.exe | N/A |
| Key created | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | C:\Program Files\Bonjour\mDNSResponder.exe | N/A |
Downloads MZ/PE file
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Program Files\iTunes\iTunes.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-1567862796-3850854820-1319363977-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1567862796-3850854820-1319363977-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1567862796-3850854820-1319363977-1000\Control Panel\International\Geo\Nation | C:\Program Files\3uToolsV3\QtWebEngineProcess.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1567862796-3850854820-1319363977-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\3uTools_v3.26.007_Setup_x64.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1567862796-3850854820-1319363977-1000\Control Panel\International\Geo\Nation | C:\Program Files\3uToolsV3\3uTools.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1567862796-3850854820-1319363977-1000\Control Panel\International\Geo\Nation | C:\Program Files\iTunes\iTunes.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1567862796-3850854820-1319363977-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1567862796-3850854820-1319363977-1000\Control Panel\International\Geo\Nation | C:\Program Files\3uToolsV3\QtWebEngineProcess.exe | N/A |
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Loads dropped DLL
Modifies file permissions
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SYSTEM32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\takeown.exe | N/A |
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\iTunesHelper = "\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" | C:\Windows\system32\msiexec.exe | N/A |
Blocklisted process makes network request
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
Checks installed software on the system
Drops desktop.ini file(s)
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files\Bonjour\desktop.ini | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Bonjour\desktop.ini | C:\Windows\system32\msiexec.exe | N/A |
Enumerates connected drives
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\System32\DriverStore\FileRepository\applersm.inf_amd64_22734d1c46db7f66\AppleRSM.cat | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\system32\jdns_sd.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\System32\DriverStore\Temp\{e939cbb8-0c6c-0b45-bc19-f428dbc1158f}\SET7305.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{e939cbb8-0c6c-0b45-bc19-f428dbc1158f}\AppleUSB.cat | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{e939cbb8-0c6c-0b45-bc19-f428dbc1158f}\SET7318.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\FileRepository\appleusb.inf_amd64_58854158183af679\AppleKmdfFilter.sys | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{77eef5ec-3279-8e48-9090-6a077604c9b8}\AppleKIS.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\FileRepository\applekis.inf_amd64_0d321f6593083a69\AppleKIS.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\dns-sd.exe | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{e939cbb8-0c6c-0b45-bc19-f428dbc1158f}\SET7316.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{e939cbb8-0c6c-0b45-bc19-f428dbc1158f}\AppleUsb.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\SysWOW64\dnssd.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\system32\dns-sd.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\System32\DriverStore\Temp\{56fe5647-79a6-1746-9195-089833eb5c78}\SET58A7.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\FileRepository\applersm.inf_amd64_22734d1c46db7f66\AppleRSMInterface.dll | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{e939cbb8-0c6c-0b45-bc19-f428dbc1158f}\SET7317.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\System32\DriverStore\drvstore.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\FileRepository\appleusb.inf_amd64_58854158183af679\AppleUSB.cat | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\FileRepository\appleusb.inf_amd64_58854158183af679\AppleUsb.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{77eef5ec-3279-8e48-9090-6a077604c9b8}\AppleKISInterface.dll | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{77eef5ec-3279-8e48-9090-6a077604c9b8}\SETA3D8.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{77eef5ec-3279-8e48-9090-6a077604c9b8}\AppleKIS.sys | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\System32\DriverStore\Temp\{e939cbb8-0c6c-0b45-bc19-f428dbc1158f}\SET7315.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\CatRoot2\dberr.txt | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{77eef5ec-3279-8e48-9090-6a077604c9b8}\SETA3D7.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{77eef5ec-3279-8e48-9090-6a077604c9b8}\AppleKIS.cat | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\System32\DriverStore\Temp\{56fe5647-79a6-1746-9195-089833eb5c78}\SET58B9.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\system32\dnssd.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{56fe5647-79a6-1746-9195-089833eb5c78}\SET58B7.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{e939cbb8-0c6c-0b45-bc19-f428dbc1158f}\AppleKmdfFilter.sys | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\FileRepository\appleusb.inf_amd64_58854158183af679\AppleUsbFilter.dll | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\System32\DriverStore\drvstore.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\system32\jdns_sd.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\System32\DriverStore\Temp\{ae647e7a-8252-594b-b96a-6ee1da1ffb58}\SET6A9A.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{ae647e7a-8252-594b-b96a-6ee1da1ffb58}\AppleRSM.cat | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{e939cbb8-0c6c-0b45-bc19-f428dbc1158f}\SET7315.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\FileRepository\appleusb.inf_amd64_58854158183af679\AppleLowerFilter.sys | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\SysWOW64\dns-sd.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SysWOW64\dnssdX.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{77eef5ec-3279-8e48-9090-6a077604c9b8}\SETA3D9.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{56fe5647-79a6-1746-9195-089833eb5c78}\usbaaplrc.dll | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\System32\DriverStore\Temp\{ae647e7a-8252-594b-b96a-6ee1da1ffb58}\SET6A9C.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{e939cbb8-0c6c-0b45-bc19-f428dbc1158f} | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{56fe5647-79a6-1746-9195-089833eb5c78}\SET58B8.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{ae647e7a-8252-594b-b96a-6ee1da1ffb58}\SET6A89.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\FileRepository\usbaapl64.inf_amd64_c0e4d8c2aef471b7\usbaapl64.sys | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\CatRoot2\dberr.txt | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{56fe5647-79a6-1746-9195-089833eb5c78} | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\System32\DriverStore\Temp\{77eef5ec-3279-8e48-9090-6a077604c9b8}\SETA3FA.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\FileRepository\applekis.inf_amd64_0d321f6593083a69\AppleKISInterface.dll | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\system32\dns-sd.exe | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{77eef5ec-3279-8e48-9090-6a077604c9b8}\SETA3FA.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\system32\dnssdX.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\system32\dnssdX.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{56fe5647-79a6-1746-9195-089833eb5c78}\USBAAPL64.CAT | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\System32\DriverStore\drvstore.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\FileRepository\usbaapl64.inf_amd64_c0e4d8c2aef471b7\usbaapl64.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\dnssdX.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{56fe5647-79a6-1746-9195-089833eb5c78}\usbaapl64.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{56fe5647-79a6-1746-9195-089833eb5c78}\SET58A7.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\FileRepository\usbaapl64.inf_amd64_c0e4d8c2aef471b7\USBAAPL64.CAT | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\System32\DriverStore\Temp\{ae647e7a-8252-594b-b96a-6ee1da1ffb58}\SET6A89.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{ae647e7a-8252-594b-b96a-6ee1da1ffb58}\SET6A9C.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\FileRepository\applersm.inf_amd64_22734d1c46db7f66\AppleRSM.sys | C:\Windows\system32\DrvInst.exe | N/A |
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\Common Files\Apple\Mobile Device Support\CFNetwork.resources\ca.lproj\Localizable.strings | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\WebKit.resources\WebInspectorUI\Models\TimelineRecord.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\iTunes.Resources\ru.lproj\iPod touch License.rtf | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\iTunes.Resources\fr.lproj\PrintingTemplates\11.Insert.TextOnlyBW.xml | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\iTunes.Resources\sv.lproj\[email protected] | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\iTunes.Resources\th.lproj\[email protected] | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\WebKit.resources\WebInspectorUI\Views\ProbeSetDetailsSection.js | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Program Files\3uToolsV3\WebView2Loader.dll | C:\Users\Admin\Downloads\3uTools_v3.26.007_Setup_x64.exe | N/A |
| File created | C:\Program Files\Common Files\Apple\Mobile Device Support\icudt62.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\WebKit.resources\WebInspectorUI\Views\BootstrapScriptTreeElement.css | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\iTunes.Resources\uk.lproj\iTunesExtraGridView.png | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\iTunes.Resources\fr_CA.lproj\PrintingTemplates\04.Playlist.Custom.xml | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\iTunes.Resources\da.lproj\PrintingTemplates\14.Insert.LargePlaylistBW.xml | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\iTunes.Resources\pl.lproj\StoreBlankBuyButton.png | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\iTunes.Resources\en_AU.lproj\ViewLineItemRatingE_dark.png | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\id.lproj\Localizable.strings | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\iTunes.Resources\th.lproj\genresLoc.plist | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\ca.lproj\Localizable.strings | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\iTunes.Resources\pl.lproj\License.rtf | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Program Files\3uToolsV3\translations\qtbase_es.qm | C:\Users\Admin\Downloads\3uTools_v3.26.007_Setup_x64.exe | N/A |
| File created | C:\Program Files\iTunes\iTunes.Resources\hu.lproj\[email protected] | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\WebKit.resources\WebInspectorUI\Views\MediaTimelineOverviewGraph.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\CoreFoundation.resources\ko.lproj\Error.strings | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\AVFoundationCF.resources\cs.lproj\AVCFMediaSelectionOption.strings | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\iTunes.Resources\tr.lproj\[email protected] | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\3uToolsV3\locales\tools_tr.qm | C:\Users\Admin\Downloads\3uTools_v3.26.007_Setup_x64.exe | N/A |
| File created | C:\Program Files\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\ko.lproj\Error.strings | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.Resources\uk.lproj\SoftwareUpdateLocalized.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\WebKit.resources\WebInspectorUI\Views\FindBanner.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\iTunes.Resources\en_AU.lproj\ViewLineItemiTunesExtras.png | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\Foundation.resources\en.lproj\EncodingNames.strings | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\CoreFoundation.resources\es.lproj\Error.strings | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\iTunes.Resources\en_AU.lproj\[email protected] | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Program Files\3uToolsV3\translations\qtwebengine_en.qm | C:\Users\Admin\Downloads\3uTools_v3.26.007_Setup_x64.exe | N/A |
| File created | C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.Resources\vi.lproj\SoftwareUpdateLocalized.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\iTunes.Resources\[email protected] | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\iTunes.Resources\tr.lproj\StorePreOrderButton.png | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\WebKit.resources\zh_CN.lproj\Localizable.strings | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\iTunes.Resources\hi.lproj\iPad License.rtf | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\WebKit.resources\WebInspectorUI\Models\PropertyDescriptor.js | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\uk.lproj\Error.strings | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\3uToolsV3\translations\qtbase_fr.qm | C:\Users\Admin\Downloads\3uTools_v3.26.007_Setup_x64.exe | N/A |
| File created | C:\Program Files\iTunes\iTunes.Resources\sk.lproj\[email protected] | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\iTunes.Resources\pl.lproj\StoreViewButton.png | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\MediaAccessibility.resources\it.lproj\ProfileNames.strings | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\WebKit.resources\WebInspectorUI\Images\EventPlay.svg | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\iTunes.Resources\ja.lproj\ViewLineItemSubscribe.png | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Common Files\Apple\Mobile Device Support\CFNetwork.resources\en_GB.lproj\Localizable.strings | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Common Files\Apple\Mobile Device Support\CFNetwork.resources\he.lproj\Localizable.strings | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\iTunes.Resources\fi.lproj\TextStyles.plist | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\iTunes.Resources\pt.lproj\[email protected] | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.resources\Info.plist | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\iTunes.Resources\hi.lproj\[email protected] | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\iTunes.Resources\uk.lproj\ViewLineItemRatingE.png | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Program Files\3uToolsV3\translations\qtwebengine_locales\hi.pak | C:\Users\Admin\Downloads\3uTools_v3.26.007_Setup_x64.exe | N/A |
| File created | C:\Program Files\iTunes\iTunes.Resources\es.lproj\[email protected] | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\WebKit.resources\WebInspectorUI\Models\RecordingFrame.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\iTunes.Resources\ar.lproj\PrintingTemplates\08.Insert.Mosaic.xml | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.IE.client.resources\English.lproj\Localizable.strings | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping5148_157293051\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files\3uToolsV3\cache\ToolBoxSetting.json | C:\Program Files\3uToolsV3\3uTools.exe | N/A |
| File created | C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.Resources\hu.lproj\SoftwareUpdateLocalized.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\iTunes.Resources\pl.lproj\PrintingTemplates\11.Insert.TextOnlyBW.xml | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\iTunes\WebKit.resources\WebInspectorUI\Protocol\InspectorBackend.js | C:\Windows\system32\msiexec.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Installer\$PatchCache$\Managed\87EDE8AC80A772F4B9136D61C1909568\16.5.0 | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\$PatchCache$\Managed\87EDE8AC80A772F4B9136D61C1909568\16.5.0\vccorlib140.dll.BC0B92F1_D156_35A8_A565_6689E8DDDA1F | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e5a18ba.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\$PatchCache$\Managed\2CB0246788A03844DB1BD09DD7FF1336 | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\$PatchCache$\Managed\2CB0246788A03844DB1BD09DD7FF1336\12.12.9\vcruntime140.dll.DFEFC2FE_EEE6_424C_841B_D4E66F0C84A3 | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIFCFE.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI3905.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\Installer\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}\Bonjour.ico | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e5a18b4.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\$PatchCache$\Managed\2CB0246788A03844DB1BD09DD7FF1336\12.12.9\msvcp140.dll.DFEFC2FE_EEE6_424C_841B_D4E66F0C84A3 | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\{76420BC2-0A88-4483-BDB1-0DD97DFF3163}\RichText.ico | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI9184.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\SourceHash{76420BC2-0A88-4483-BDB1-0DD97DFF3163} | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e5a18bc.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIA954.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIE893.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIE8D3.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\Installer\$PatchCache$\Managed\87EDE8AC80A772F4B9136D61C1909568 | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI92C4.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI1D9B.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI41C6.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\inf\oem5.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Windows\SYSTEM32\pnputil.exe | N/A |
| File opened for modification | C:\Windows\Installer\$PatchCache$\Managed\87EDE8AC80A772F4B9136D61C1909568\16.5.0\concrt140.dll.BC0B92F1_D156_35A8_A565_6689E8DDDA1F | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI91D8.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIB26.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\inf\oem4.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\Installer\$PatchCache$\Managed\87EDE8AC80A772F4B9136D61C1909568\16.5.0\msvcp140.dll.BC0B92F1_D156_35A8_A565_6689E8DDDA1F | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\e5a18ba.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI2F4B.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\$PatchCache$\Managed\87EDE8AC80A772F4B9136D61C1909568\16.5.0\msvcp140.dll.B796D14F_AD8C_3A96_B2B8_3D8FF8499DA8 | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI53E3.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIE65.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIAB68.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIC34.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI1B3C.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSICC86.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\{76420BC2-0A88-4483-BDB1-0DD97DFF3163}\Installer.ico | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI1C27.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\e5a18b0.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e5a18b5.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\$PatchCache$\Managed\2CB0246788A03844DB1BD09DD7FF1336\12.12.9\msvcp140.dll.DFEFC2FE_EEE6_424C_841B_D4E66F0C84A3 | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI12BD.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}\RichText.ico | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI4BE1.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\$PatchCache$\Managed\2CB0246788A03844DB1BD09DD7FF1336\12.12.9\msvcp140_codecvt_ids.dll.DFEFC2FE_EEE6_424C_841B_D4E66F0C84A3 | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI40EA.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI2D42.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\{B292D163-23D2-4523-A699-1ABEC1875609}\Installer.ico | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\$PatchCache$\Managed\2CB0246788A03844DB1BD09DD7FF1336\12.12.9\concrt140.dll.DFEFC2FE_EEE6_424C_841B_D4E66F0C84A3 | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI3E38.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI92B3.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\$PatchCache$\Managed\2CB0246788A03844DB1BD09DD7FF1336\12.12.9\msvcp140_1.dll.DFEFC2FE_EEE6_424C_841B_D4E66F0C84A3 | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\{76420BC2-0A88-4483-BDB1-0DD97DFF3163}\iTunes.ico | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\e5a1a36.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI436D.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\inf\oem3.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI2E7D.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\$PatchCache$\Managed\87EDE8AC80A772F4B9136D61C1909568\16.5.0\msvcp140.dll.B796D14F_AD8C_3A96_B2B8_3D8FF8499DA8 | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\$PatchCache$\Managed\87EDE8AC80A772F4B9136D61C1909568\16.5.0\vccorlib140.dll.B796D14F_AD8C_3A96_B2B8_3D8FF8499DA8 | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIA19B.tmp | C:\Windows\system32\msiexec.exe | N/A |
Launches sc.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SYSTEM32\sc.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\sc.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\distnoted.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\3uTools_v3.26.007_Setup_x64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\DllHost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\DllHost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\IXP490.TMP\SetupAdmin.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\distnoted.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\3uTools_v3.26.007_Setup_x64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\3uToolsV3\updater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\distnoted.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\distnoted.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_DADY&PROD_HL-DT-ST_DVD+-RW\4&215468A5&0&010000 | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\HardwareID | C:\Windows\SYSTEM32\pnputil.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\CompatibleIDs | C:\Windows\SYSTEM32\pnputil.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_HL-DT-ST_DVD+-RW\4&215468a5&0&010000\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\CompatibleIDs | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_HL-DT-ST_DVD+-RW\4&215468a5&0&010000\Phantom | C:\Windows\SYSTEM32\pnputil.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\CompatibleIDs | C:\Windows\SYSTEM32\pnputil.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_DADY&PROD_HL-DT-ST_DVD+-RW\4&215468A5&0&010000 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_HL-DT-ST_DVD+-RW\4&215468a5&0&010000\HardwareID | C:\Windows\SYSTEM32\pnputil.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom | C:\Windows\SYSTEM32\pnputil.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_HL-DT-ST_DVD+-RW\4&215468a5&0&010000\HardwareID | C:\Windows\SYSTEM32\pnputil.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_HL-DT-ST_DVD+-RW\4&215468a5&0&010000\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Windows\SYSTEM32\pnputil.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom | C:\Windows\SYSTEM32\pnputil.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_DADY&PROD_HL-DT-ST_DVD+-RW\4&215468A5&0&010000 | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_HL-DT-ST_DVD+-RW\4&215468a5&0&010000\CompatibleIDs | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 | C:\Windows\SYSTEM32\pnputil.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\HardwareID | C:\Windows\SYSTEM32\pnputil.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\HardwareID | C:\Windows\SYSTEM32\pnputil.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\HardwareID | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Windows\SYSTEM32\pnputil.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\HardwareID | C:\Windows\SYSTEM32\pnputil.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_HL-DT-ST_DVD+-RW\4&215468a5&0&010000\ConfigFlags | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Windows\SYSTEM32\pnputil.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\CompatibleIDs | C:\Windows\SYSTEM32\pnputil.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_HL-DT-ST_DVD+-RW\4&215468a5&0&010000\CompatibleIDs | C:\Windows\SYSTEM32\pnputil.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\HardwareID | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_HL-DT-ST_DVD+-RW\4&215468a5&0&010000\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\HardwareID | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\CompatibleIDs | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_HL-DT-ST_DVD+-RW\4&215468a5&0&010000\HardwareID | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\HardwareID | C:\Windows\SYSTEM32\pnputil.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\CompatibleIDs | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\CompatibleIDs | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom | C:\Windows\SYSTEM32\pnputil.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\HardwareID | C:\Windows\SYSTEM32\pnputil.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_DADY&PROD_HL-DT-ST_DVD+-RW\4&215468A5&0&010000 | C:\Program Files\3uToolsV3\3uTools.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom | C:\Windows\SYSTEM32\pnputil.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\CompatibleIDs | C:\Windows\SYSTEM32\pnputil.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\HardwareID | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_HL-DT-ST_DVD+-RW\4&215468a5&0&010000\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr\SnapshotDataCache = 534e41505041525401000000700000008ec7416a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Windows\system32\vssvc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_HL-DT-ST_DVD+-RW\4&215468a5&0&010000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom | C:\Windows\SYSTEM32\pnputil.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ | C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\iTunes\iTunes.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\iTunes\iTunes.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ | C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ | C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2f\52C64B7E\@%SystemRoot%\System32\fveui.dll,-843 = "BitLocker Drive Encryption" | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Environment | C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\2B | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2f\52C64B7E\@%SystemRoot%\System32\fveui.dll,-844 = "BitLocker Data Recovery Agent" | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\29 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2c | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Apple Inc.\ASL\filenames | C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Apple Inc. | C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2f\52C64B7E\@%SystemRoot%\System32\wuaueng.dll,-400 = "Windows Update" | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2a | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Windows\system32\DrvInst.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\27\52C64B7E | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\iTunes.ImportSongsOnCD\shell\ | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\iTunes.AssocProtocol.italss\ = "URL:iTunes Audio Live Stream Secure" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{788D599D-FE85-4142-9B47-2498C5C6D0CF}\InprocServer32 | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{00D7FE99-7868-4CC7-AD9E-ACFD70D09566}\TypeLib\ = "{9E93C96F-CF0D-43F6-8BA8-B807A3370712}" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\iTunes.aiff\shell\open | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Bonjour.DNSSDRecord.1 | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{5E93C5A9-7516-4259-A67B-41A656F6E01C}\ProgID\ = "Bonjour.DNSSDRecord.1" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2692A9D5-61DF-46D5-A5A1-A6CCA921D578}\ProgID\ = "SoftwareUpdate.ASUController.1" | C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9DD6680B-3EDC-40DB-A771-E6FE4832E34A}\TypeLib\Version = "1.d" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\itms\shell | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{24CD4DE9-FF84-4701-9DC1-9B69E0D1090A}\VersionIndependentProgID\ = "Bonjour.DNSSDService" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7F7E1C5D-4D91-48C9-B09E-3E45D502FFA0}\ = "IASUTaskScheduler" | C:\Windows\syswow64\MsiExec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\.m4b\PerceivedType = "audio" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\iTunes.itls | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\iTunes.AssocProtocol.itls\ = "URL:iTunes Live Stream" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\itunesradio\shell | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E9D58BF1-0070-4fcd-B722-A0EE5A3ABCD6}\ = "iTunesAdminInstallTalkBackVoiceKit Class" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{08A6AF6A-8FF2-4a3b-BECF-C2FAC8630BBF} | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{AFEE063C-05BA-4248-A26E-168477F49734}\TypeLib | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1567862796-3850854820-1319363977-1000_Classes\PlistEditor.plist\shell\3uTools\command | C:\Program Files\3uToolsV3\3uTools.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Interface\{53AE1704-491C-4289-94A0-958815675A3D}\TypeLib | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Interface\{206479C9-FE32-4F9B-A18A-475AC939B479}\TypeLib | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\.aa\Content Type = "audio/audible" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\iTunes.itdb | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{B8DF592B-DE05-49f5-BB21-084F548F12A9}\TypeLib | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7FD72324-63E1-45AD-B337-4D525BD98DAD}\NumMethods | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{5E93C5A9-7516-4259-A67B-41A656F6E01C}\ = "DNSSDRecord Class" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8BFDDD6597F70844985D521E5FA22BF8\SourceList\Net\1 = "C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP490.TMP\\" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{12E6A993-AE52-4F99-8B89-41F985E6C952}\ProgID\ = "OutlookChangeNotifier.Connect.1" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{91A9E6A9-3935-4A37-AFBA-F0904B166364}\Elevation\IconReference = "@C:\\Program Files (x86)\\Apple Software Update\\SoftwareUpdateAdmin.dll,-101" | C:\Windows\syswow64\MsiExec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{422CA428-AACB-496A-8FDD-86758BCFB756}\ = "_IASUControllerEvents" | C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\.m4a | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Interface\{CF4D8ACE-1720-4FB9-B0AE-9877249E89B0}\ProxyStubClsid32 | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\iTunes.cda\shell\open\ = "&Open" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\.itlp\Content Type = "application/x-itunes-itlp" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\.itls | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\iTunes.AssocProtocol.italss\shell | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\iTunes.AssocProtocol.itsradio | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\iTunes.AssocProtocol.itsradio\shell\open\command\ = "\"C:\\Program Files\\iTunes\\iTunes.exe\" /url \"%1\"" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{71A1A612-F7B4-4092-8E0F-C79C8FB0391D}\TypeLib | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\Bonjour.DLL | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface\{8FA0889C-5973-4FC9-970B-EC15C925D0CE}\ProxyStubClsid32 | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AppleSoftwareUpdateAdmin.ASUTaskSched.1\CLSID\ = "{BB46F03E-7CD2-489F-8F95-BB950F395FDB}" | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Interface\{755D76F1-6B85-4CE4-8F5F-F88D9743DCD8}\ProxyStubClsid32 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\iTunes.rmp\shell\open | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\pcast\shell\open | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{788D599D-FE85-4142-9B47-2498C5C6D0CF} | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1567862796-3850854820-1319363977-1000_Classes\3uViewer.heic\shell\open\ = "打开(&O)" | C:\Program Files\3uToolsV3\3uViewer.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\iTunes.itlp\shell\open\command | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\iTunes.AssocProtocol.italss\shell\open | C:\Windows\system32\msiexec.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\.itms\OpenWithProgIds\iTunes.itms | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BB46F03E-7CD2-489F-8F95-BB950F395FDB}\Elevation\Enabled = "1" | C:\Windows\syswow64\MsiExec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\iTunes.m4v\AppUserModelID = "Apple.iTunes" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\iTunes.cdda\shell\play | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\.mp2\OpenWithProgIds\iTunes.mp2 | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\.mpeg\ = "iTunes.mpeg" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\iTunes.wav\shell | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\itlss\ = "URL:iTunes Live Stream Secure" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\iTunes.AssocProtocol.itls\shell\open\command\ = "\"C:\\Program Files\\iTunes\\iTunes.exe\" /url \"%1\"" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{24CD4DE9-FF84-4701-9DC1-9B69E0D1090A}\ = "DNSSDService Class" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\.itdb\ = "iTunes.itdb" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{755D76F1-6B85-4CE4-8F5F-F88D9743DCD8}\ = "IITTrackCollection" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\iTunes.aa\DefaultIcon | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\iTunes.AssocProtocol.itvls\DefaultIcon | C:\Windows\system32\msiexec.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\3uToolsV3\3uTools.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\3uToolsV3\3uTools.exe | N/A |
| N/A | N/A | C:\Program Files\iTunes\iTunes.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\Downloads\3uTools_v3.26.007_Setup_x64.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\3uToolsV3\3uTools.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Program Files\3uToolsV3\3uTools.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Program Files\3uToolsV3\3uTools.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\SYSTEM32\takeown.exe | N/A |
| Token: SeAuditPrivilege | N/A | C:\Windows\system32\svchost.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\system32\svchost.exe | N/A |
| Token: SeLoadDriverPrivilege | N/A | C:\Program Files\3uToolsV3\files\inf\InfInstallerx64.exe | N/A |
| Token: SeLoadDriverPrivilege | N/A | C:\Program Files\3uToolsV3\3uTools.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Program Files\3uToolsV3\3uTools.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Program Files\3uToolsV3\3uTools.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Program Files\3uToolsV3\3uTools.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Program Files\3uToolsV3\3uTools.exe | N/A |
| Token: 33 | N/A | F:\3uToolsV3\Other\iTunes(12.12.9.4).exe | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | F:\3uToolsV3\Other\iTunes(12.12.9.4).exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeIncreaseQuotaPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeCreateTokenPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeAssignPrimaryTokenPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeLockMemoryPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeIncreaseQuotaPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeMachineAccountPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTcbPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeLoadDriverPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeSystemProfilePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeSystemtimePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeProfSingleProcessPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeCreatePermanentPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeAuditPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeSystemEnvironmentPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeChangeNotifyPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRemoteShutdownPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeUndockPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeSyncAgentPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeEnableDelegationPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeManageVolumePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeImpersonatePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeCreateGlobalPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeCreateTokenPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeAssignPrimaryTokenPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeLockMemoryPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeIncreaseQuotaPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeMachineAccountPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTcbPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeLoadDriverPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeSystemProfilePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeSystemtimePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeProfSingleProcessPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeCreatePermanentPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Volume Shadow Copy service COM API
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://url2.3u.com/MNBBfyaa
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x2c8,0x2cc,0x2d0,0x2c4,0x308,0x7ffb693ef208,0x7ffb693ef214,0x7ffb693ef220
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2208,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=2204 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1916,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=2104 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=1936,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=2628 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3444,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=3484 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3468,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=3500 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5020,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=5088 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5028,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=5112 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5484,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=5528 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --always-read-main-dll --field-trial-handle=5604,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=5708 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5892,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=5888 /prefetch:8
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6492,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=6240 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6492,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=6240 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --always-read-main-dll --field-trial-handle=6648,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=6652 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6240,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=6752 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6532,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=6780 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6740,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=6672 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5136,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=6568 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5336,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=5328 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5012,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=4824 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6812,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=6752 /prefetch:8
C:\Users\Admin\Downloads\3uTools_v3.26.007_Setup_x64.exe
"C:\Users\Admin\Downloads\3uTools_v3.26.007_Setup_x64.exe"
C:\Users\Admin\Downloads\3uTools_v3.26.007_Setup_x64.exe
"C:\Users\Admin\Downloads\3uTools_v3.26.007_Setup_x64.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=6248,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=5004 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5356,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=5048 /prefetch:8
C:\Program Files\3uToolsV3\3uTools.exe
"C:\Program Files\3uToolsV3\3uTools.exe"
C:\Program Files\3uToolsV3\updater.exe
"C:\Program Files\3uToolsV3\updater.exe" /background
C:\Program Files\3uToolsV3\3uViewer.exe
3uViewer.exe /reg 1
C:\Program Files\3uToolsV3\3uViewer.exe
3uViewer.exe /reg 2
C:\Program Files\3uToolsV3\files\inf\InfInstallerx64.exe
"C:\Program Files\3uToolsV3\files\inf\InfInstallerx64.exe" -i "C:\Users\Admin\AppData\Local\Temp\itunes_fix\applekis\x64\AppleKIS.inf"
C:\Windows\SYSTEM32\takeown.exe
takeown /F C:\Windows\System32\DriverStore\FileRepository\ /A
C:\Windows\SYSTEM32\cacls.exe
cacls C:\Windows\System32\DriverStore\FileRepository*.* /E /G Everyone:F
C:\Windows\SYSTEM32\pnputil.exe
pnputil -i -a "C:\Users\Admin\AppData\Local\Temp\itunes_fix\applekis\x64\AppleKIS.inf"
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch -p -s DeviceInstall
C:\Windows\system32\DrvInst.exe
DrvInst.exe "4" "0" "C:\Users\Admin\AppData\Local\Temp\{fbc78d81-fb15-3041-88da-340ff7219b3b}\AppleKIS.inf" "9" "4639b046f" "0000000000000148" "WinSta0\Default" "00000000000000E8" "208" "C:\Users\Admin\AppData\Local\Temp\itunes_fix\applekis\x64"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6892,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=5764 /prefetch:8
F:\3uToolsV3\Other\iTunes(12.12.9.4).exe
"F:\3uToolsV3\Other\iTunes(12.12.9.4).exe"
C:\Windows\system32\msiexec.exe
"C:\Windows\system32\msiexec.exe" /i "C:\Users\Admin\AppData\Local\Temp\IXP490.TMP\iTunes64.msi" INSTALL_SUPPORT_PACKAGES=1
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Windows\System32\MsiExec.exe
C:\Windows\System32\MsiExec.exe -Embedding C16E0B7B3E2683F2F99BE9A2E08FE786 C
C:\Users\Admin\AppData\Local\Temp\IXP490.TMP\SetupAdmin.exe
"C:\Users\Admin\AppData\Local\Temp\IXP490.TMP\SetupAdmin.exe" /evt E576 /pid 2188 /mon 776 796
C:\Windows\System32\MsiExec.exe
C:\Windows\System32\MsiExec.exe -Embedding DB5754DC776E38D69726477154F168F4
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 3B4358642776EBB778DB37C420B6DE38
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 2D54C7BD48277645F90ACD705AB3B6CF E Global\MSI0000
C:\Windows\System32\MsiExec.exe
"C:\Windows\System32\MsiExec.exe" /Y "C:\Program Files\Bonjour\mdnsNSP.dll"
C:\Windows\syswow64\MsiExec.exe
"C:\Windows\syswow64\MsiExec.exe" /Y "C:\Program Files (x86)\Bonjour\mdnsNSP.dll"
C:\Program Files\Bonjour\mDNSResponder.exe
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 2AFB6550136A970802686F6CDD055EB0
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5732,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=1444 /prefetch:8
C:\Windows\System32\MsiExec.exe
C:\Windows\System32\MsiExec.exe -Embedding C56D117B8642F72BB7CF63F4657683DD
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6092,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=3984 /prefetch:8
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 9DFB8300761028CC1BC9334B2773D94B E Global\MSI0000
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding D0F243B1FA266D4DC4EB119E21C336E2
C:\Windows\syswow64\MsiExec.exe
"C:\Windows\syswow64\MsiExec.exe" /Y "C:\Program Files (x86)\Apple Software Update\ScriptingObjectModel.dll"
C:\Windows\syswow64\MsiExec.exe
"C:\Windows\syswow64\MsiExec.exe" /Y "C:\Program Files (x86)\Apple Software Update\SoftwareUpdateAdmin.dll"
C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
"C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe" /RegServer
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{16D99191-6280-4B33-A2F5-04805A0FC582}
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding CDF5F4D44DE4A64D8A91684AEC59A089 E Global\MSI0000
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\srtasks.exe
C:\Windows\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:2
C:\Windows\System32\MsiExec.exe
C:\Windows\System32\MsiExec.exe -Embedding 55B087286761379EFC336B2A2557E350
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding F528F6303C3AC3DBD1966F3D2AF53B77
C:\Windows\System32\MsiExec.exe
C:\Windows\System32\MsiExec.exe -Embedding 6D0CB97524E3B67D475025552AC7C266 E Global\MSI0000
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5744,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=3480 /prefetch:8
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 49C404FDFED74F719EAF11F2B7F04B03 E Global\MSI0000
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\iTunes\iTunesHelper.exe"
C:\Program Files\iTunes\iTunesHelper.exe
"C:\Program Files\iTunes\iTunesHelper.exe"
C:\Program Files\iTunes\iTunesHelper.exe
"C:\Program Files\iTunes\iTunesHelper.exe"
C:\Program Files\iTunes\iTunes.exe
"C:\Program Files\iTunes\iTunes.exe"
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x50c 0x514
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe" --pipe \\.\pipe\31189484-672536709193264068 --parentPipe
C:\Program Files\iTunes\iTunesVisualizerHost.exe
"C:\Program Files\iTunes\iTunesVisualizerHost.exe"
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\distnoted.exe
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\distnoted.exe"
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\distnoted.exe
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\distnoted.exe"
C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
"C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe" -Embedding
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{16D99191-6280-4B33-A2F5-04805A0FC582}
C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
"C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe" -Embedding
C:\Program Files\3uToolsV3\QtWebEngineProcess.exe
"C:\Program Files\3uToolsV3\QtWebEngineProcess.exe" --type=utility --enable-features=AllowContentInitiatedDataUrlNavigations,TracingServiceInProcess --disable-features=BackgroundFetch,ConsolidatedMovementXY,DnsOverHttpsUpgrade,FormControlsRefresh,MojoVideoCapture,PictureInPicture,SmsReceiver,UseSkiaRenderer,WebPayments,WebUSB --lang=en-US --service-sandbox-type=network --no-sandbox --application-name=3uTools --webengine-schemes=qrc:sLV --mojo-platform-channel-handle=2472 /prefetch:8
C:\Program Files\3uToolsV3\QtWebEngineProcess.exe
"C:\Program Files\3uToolsV3\QtWebEngineProcess.exe" --type=renderer --no-sandbox --disable-speech-api --enable-threaded-compositing --enable-features=AllowContentInitiatedDataUrlNavigations,TracingServiceInProcess --disable-features=BackgroundFetch,ConsolidatedMovementXY,DnsOverHttpsUpgrade,FormControlsRefresh,MojoVideoCapture,PictureInPicture,SmsReceiver,UseSkiaRenderer,WebPayments,WebUSB --disable-gpu-compositing --lang=en-US --webengine-schemes=qrc:sLV --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=2 --mojo-platform-channel-handle=1592 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6908,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=6876 /prefetch:8
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 08DFF28746996E503E88B3018A577382
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe" --pipe \\.\pipe\31189484-36739540085164068 --parentPipe
C:\Windows\System32\MsiExec.exe
C:\Windows\System32\MsiExec.exe -Embedding D6AF4E406038939370EE75241D3BD2EB
C:\Windows\System32\MsiExec.exe
C:\Windows\System32\MsiExec.exe -Embedding 7C0FBA029C0CD1C8D1DF023D8D13F899
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding D1CA7AC088E0ED70EE415FF6C5C79692
C:\Windows\System32\MsiExec.exe
"C:\Windows\System32\MsiExec.exe" /Z "C:\Program Files\Bonjour\mdnsNSP.dll"
C:\Windows\syswow64\MsiExec.exe
"C:\Windows\syswow64\MsiExec.exe" /Z "C:\Program Files (x86)\Bonjour\mdnsNSP.dll"
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding B8DA5FCDD07A77B4D1DA4D1C0F88244C E Global\MSI0000
C:\Windows\SYSTEM32\sc.exe
sc start DeviceInstall
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch -p -s DeviceInstall
C:\Windows\SYSTEM32\sc.exe
sc start DsmSvc
C:\Program Files\3uToolsV3\files\patchtools\7z-64\7z.exe
"C:\Program Files\3uToolsV3\files\patchtools\7z-64\7z.exe" x "F:\3uToolsV3\Other\iTunes(12.12.9.4).exe" -aoa -o"C:\Users\Admin\AppData\Local\Temp\3uTools\iTunes(12.12.9.4)"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=2560,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=3480 /prefetch:8
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding EF8FAE77A3DDE4C2F700F63D4BF9F211
C:\Windows\System32\MsiExec.exe
C:\Windows\System32\MsiExec.exe -Embedding 414B1CDFAC7810BF547A077BE8F2388E
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6832,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=4316 /prefetch:8
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe" --pipe \\.\pipe\31189484-324681363104068 --parentPipe
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 1B49205B36AF94897E09132BCEDAE2E2 E Global\MSI0000
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\Windows\System32\MsiExec.exe
C:\Windows\System32\MsiExec.exe -Embedding A0A6B3A403D3B558F2637FF9F3AF7C87
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 6136EC480B2175726575403B8DF8D22C
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding AE62E871A819DF38AEF5520C3C27D54D E Global\MSI0000
C:\Windows\System32\MsiExec.exe
"C:\Windows\System32\MsiExec.exe" /Y "C:\Program Files\Bonjour\mdnsNSP.dll"
C:\Windows\syswow64\MsiExec.exe
"C:\Windows\syswow64\MsiExec.exe" /Y "C:\Program Files (x86)\Bonjour\mdnsNSP.dll"
C:\Program Files\Bonjour\mDNSResponder.exe
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Program Files\3uToolsV3\files\inf\InfInstallerx64.exe
"C:\Program Files\3uToolsV3\files\inf\InfInstallerx64.exe" -i "C:\Users\Admin\AppData\Local\Temp\itunes_fix\usb\x64\usbaapl64.inf"
C:\Windows\SYSTEM32\takeown.exe
takeown /F C:\Windows\System32\DriverStore\FileRepository\ /A
C:\Windows\SYSTEM32\cacls.exe
cacls C:\Windows\System32\DriverStore\FileRepository*.* /E /G Everyone:F
C:\Windows\SYSTEM32\pnputil.exe
pnputil -i -a "C:\Users\Admin\AppData\Local\Temp\itunes_fix\usb\x64\usbaapl64.inf"
C:\Windows\system32\DrvInst.exe
DrvInst.exe "4" "0" "C:\Users\Admin\AppData\Local\Temp\{f3cd8916-3926-f940-85c3-bdcc638b2e39}\usbaapl64.inf" "9" "452eabb2f" "0000000000000148" "WinSta0\Default" "0000000000000158" "208" "C:\Users\Admin\AppData\Local\Temp\itunes_fix\usb\x64"
C:\Program Files\3uToolsV3\files\inf\InfInstallerx64.exe
"C:\Program Files\3uToolsV3\files\inf\InfInstallerx64.exe" -i "C:\Users\Admin\AppData\Local\Temp\itunes_fix\applekis\x64\AppleKIS.inf"
C:\Windows\SYSTEM32\takeown.exe
takeown /F C:\Windows\System32\DriverStore\FileRepository\ /A
C:\Windows\SYSTEM32\cacls.exe
cacls C:\Windows\System32\DriverStore\FileRepository*.* /E /G Everyone:F
C:\Windows\SYSTEM32\pnputil.exe
pnputil -i -a "C:\Users\Admin\AppData\Local\Temp\itunes_fix\applekis\x64\AppleKIS.inf"
C:\Program Files\3uToolsV3\files\inf\InfInstallerx64.exe
"C:\Program Files\3uToolsV3\files\inf\InfInstallerx64.exe" -i "C:\Users\Admin\AppData\Local\Temp\itunes_fix\applersm\x64\AppleRSM.inf"
C:\Windows\SYSTEM32\takeown.exe
takeown /F C:\Windows\System32\DriverStore\FileRepository\ /A
C:\Windows\SYSTEM32\cacls.exe
cacls C:\Windows\System32\DriverStore\FileRepository*.* /E /G Everyone:F
C:\Windows\SYSTEM32\pnputil.exe
pnputil -i -a "C:\Users\Admin\AppData\Local\Temp\itunes_fix\applersm\x64\AppleRSM.inf"
C:\Windows\system32\DrvInst.exe
DrvInst.exe "4" "0" "C:\Users\Admin\AppData\Local\Temp\{f73144df-140b-4d42-bd63-83d744610702}\AppleRSM.inf" "9" "4c7809927" "0000000000000158" "WinSta0\Default" "000000000000015C" "208" "C:\Users\Admin\AppData\Local\Temp\itunes_fix\applersm\x64"
C:\Program Files\3uToolsV3\files\inf\InfInstallerx64.exe
"C:\Program Files\3uToolsV3\files\inf\InfInstallerx64.exe" -i "C:\Users\Admin\AppData\Local\Temp\itunes_fix\appleusbdevice\x64\AppleUsb.inf"
C:\Windows\SYSTEM32\takeown.exe
takeown /F C:\Windows\System32\DriverStore\FileRepository\ /A
C:\Windows\SYSTEM32\cacls.exe
cacls C:\Windows\System32\DriverStore\FileRepository*.* /E /G Everyone:F
C:\Windows\SYSTEM32\pnputil.exe
pnputil -i -a "C:\Users\Admin\AppData\Local\Temp\itunes_fix\appleusbdevice\x64\AppleUsb.inf"
C:\Windows\system32\DrvInst.exe
DrvInst.exe "4" "0" "C:\Users\Admin\AppData\Local\Temp\{e33b54c3-25f0-154a-9748-0d8d9a4730c5}\AppleUsb.inf" "9" "4ca0613ab" "000000000000015C" "WinSta0\Default" "0000000000000154" "208" "C:\Users\Admin\AppData\Local\Temp\itunes_fix\appleusbdevice\x64"
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /7
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" "https://www.bing.com/search?q=ertuba.exe ertuba.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --edge-skip-compat-layer-relaunch "https://www.bing.com/search?q=ertuba.exe ertuba.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --always-read-main-dll --field-trial-handle=7016,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=6880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --always-read-main-dll --field-trial-handle=7028,i,15112852695820941728,14205983311816007075,262144 --variations-seed-version --mojo-platform-channel-handle=6956 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x23c,0x240,0x244,0x238,0x24c,0x7ffb693ef208,0x7ffb693ef214,0x7ffb693ef220
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1920,i,5046204365260046424,1844397178077837587,262144 --variations-seed-version --mojo-platform-channel-handle=2340 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2284,i,5046204365260046424,1844397178077837587,262144 --variations-seed-version --mojo-platform-channel-handle=2272 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=1980,i,5046204365260046424,1844397178077837587,262144 --variations-seed-version --mojo-platform-channel-handle=2664 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4412,i,5046204365260046424,1844397178077837587,262144 --variations-seed-version --mojo-platform-channel-handle=4460 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4584,i,5046204365260046424,1844397178077837587,262144 --variations-seed-version --mojo-platform-channel-handle=4612 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4584,i,5046204365260046424,1844397178077837587,262144 --variations-seed-version --mojo-platform-channel-handle=4612 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" "https://www.bing.com/search?q=ertuba.exe ertuba.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --always-read-main-dll --field-trial-handle=4900,i,5046204365260046424,1844397178077837587,262144 --variations-seed-version --mojo-platform-channel-handle=4976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --always-read-main-dll --field-trial-handle=4908,i,5046204365260046424,1844397178077837587,262144 --variations-seed-version --mojo-platform-channel-handle=5188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5476,i,5046204365260046424,1844397178077837587,262144 --variations-seed-version --mojo-platform-channel-handle=5560 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5484,i,5046204365260046424,1844397178077837587,262144 --variations-seed-version --mojo-platform-channel-handle=5576 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x23c,0x240,0x244,0x238,0x264,0x7ffb693ef208,0x7ffb693ef214,0x7ffb693ef220
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1912,i,4798115160278834007,9934904438192300051,262144 --variations-seed-version --mojo-platform-channel-handle=2384 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2360,i,4798115160278834007,9934904438192300051,262144 --variations-seed-version --mojo-platform-channel-handle=2352 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2412,i,4798115160278834007,9934904438192300051,262144 --variations-seed-version --mojo-platform-channel-handle=2576 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4384,i,4798115160278834007,9934904438192300051,262144 --variations-seed-version --mojo-platform-channel-handle=4416 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4384,i,4798115160278834007,9934904438192300051,262144 --variations-seed-version --mojo-platform-channel-handle=4416 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4484,i,4798115160278834007,9934904438192300051,262144 --variations-seed-version --mojo-platform-channel-handle=4496 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe" --pipe \\.\pipe\31189485646986119206044068 --parentPipe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\distnoted.exe
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\distnoted.exe"
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\distnoted.exe
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\distnoted.exe"
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4568,i,4798115160278834007,9934904438192300051,262144 --variations-seed-version --mojo-platform-channel-handle=4412 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4556,i,4798115160278834007,9934904438192300051,262144 --variations-seed-version --mojo-platform-channel-handle=4532 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4544,i,4798115160278834007,9934904438192300051,262144 --variations-seed-version --mojo-platform-channel-handle=4732 /prefetch:8
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /7
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=2812,i,4798115160278834007,9934904438192300051,262144 --variations-seed-version --mojo-platform-channel-handle=4744 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4548,i,4798115160278834007,9934904438192300051,262144 --variations-seed-version --mojo-platform-channel-handle=4924 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5060,i,4798115160278834007,9934904438192300051,262144 --variations-seed-version --mojo-platform-channel-handle=3668 /prefetch:8
C:\Program Files\3uToolsV3\QtWebEngineProcess.exe
"C:\Program Files\3uToolsV3\QtWebEngineProcess.exe" --type=renderer --no-sandbox --disable-speech-api --enable-threaded-compositing --enable-features=AllowContentInitiatedDataUrlNavigations,TracingServiceInProcess --disable-features=BackgroundFetch,ConsolidatedMovementXY,DnsOverHttpsUpgrade,FormControlsRefresh,MojoVideoCapture,PictureInPicture,SmsReceiver,UseSkiaRenderer,WebPayments,WebUSB --disable-gpu-compositing --lang=en-US --webengine-schemes=qrc:sLV --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=4040 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | url2.3u.com | udp |
| US | 8.8.8.8:53 | url2.3u.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 150.171.27.11:80 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | copilot.microsoft.com | udp |
| US | 8.8.8.8:53 | copilot.microsoft.com | udp |
| US | 13.107.246.64:443 | api.edgeoffer.microsoft.com | tcp |
| GB | 2.18.27.92:443 | copilot.microsoft.com | tcp |
| US | 13.107.246.64:443 | api.edgeoffer.microsoft.com | tcp |
| GB | 2.18.27.92:443 | copilot.microsoft.com | tcp |
| GB | 38.175.44.18:443 | url2.3u.com | tcp |
| GB | 38.175.44.18:443 | url2.3u.com | tcp |
| US | 8.8.8.8:53 | dl.3u.com | udp |
| US | 8.8.8.8:53 | dl.3u.com | udp |
| FR | 43.152.186.225:443 | dl.3u.com | tcp |
| FR | 43.152.186.225:443 | dl.3u.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| GB | 2.18.27.76:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| GB | 2.18.27.76:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 13.107.246.64:443 | edge-consumer-static.azureedge.net | tcp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | static.edge.microsoftapp.net | udp |
| US | 8.8.8.8:53 | static.edge.microsoftapp.net | udp |
| US | 13.107.246.64:443 | static.edge.microsoftapp.net | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| GB | 2.18.27.82:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| GB | 84.201.209.102:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| GB | 142.250.179.227:80 | c.pki.goog | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | tools.3u.com | udp |
| GB | 79.133.176.220:443 | tools.3u.com | tcp |
| N/A | 127.0.0.1:51575 | tcp | |
| N/A | 127.0.0.1:51594 | tcp | |
| GB | 79.133.176.220:443 | tools.3u.com | tcp |
| N/A | 127.0.0.1:51597 | tcp | |
| US | 8.8.8.8:53 | url.3u.com | udp |
| GB | 138.113.101.15:443 | url.3u.com | tcp |
| US | 8.8.8.8:53 | app4.i4.cn | udp |
| US | 8.8.8.8:53 | url.i4.cn | udp |
| CN | 47.99.89.159:443 | url.i4.cn | tcp |
| CN | 120.55.197.60:443 | app4.i4.cn | tcp |
| GB | 138.113.101.15:443 | url.3u.com | tcp |
| US | 8.8.8.8:53 | url2.3u.com | udp |
| GB | 138.113.101.15:443 | url.3u.com | tcp |
| GB | 79.133.176.220:443 | tools.3u.com | tcp |
| GB | 138.113.101.15:443 | url.3u.com | tcp |
| US | 8.8.8.8:53 | ios-pclog.3u.com | udp |
| GB | 138.113.101.15:443 | url.3u.com | tcp |
| GB | 79.133.176.220:443 | tools.3u.com | tcp |
| GB | 163.171.146.42:443 | ios-pclog.3u.com | tcp |
| GB | 38.175.44.15:443 | url2.3u.com | tcp |
| US | 8.8.8.8:53 | dl-image.3u.com | udp |
| US | 8.8.8.8:53 | d-updater.3u.com | udp |
| US | 8.8.8.8:53 | d.updater.3u.com | udp |
| FR | 43.152.186.225:443 | dl-image.3u.com | tcp |
| FR | 43.152.186.225:443 | dl-image.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| GB | 138.113.101.15:443 | url.3u.com | tcp |
| GB | 138.113.101.15:443 | url.3u.com | tcp |
| GB | 163.171.146.42:443 | ios-pclog.3u.com | tcp |
| GB | 168.235.193.215:443 | d.updater.3u.com | tcp |
| GB | 168.235.193.215:443 | d.updater.3u.com | tcp |
| N/A | 127.0.0.1:51620 | tcp | |
| N/A | 127.0.0.1:51622 | tcp | |
| US | 8.8.8.8:53 | www.zzzplay.bio | udp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| FR | 43.152.186.225:443 | dl-image.3u.com | tcp |
| GB | 168.235.193.215:443 | d.updater.3u.com | tcp |
| GB | 138.113.101.15:443 | url.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| N/A | 127.0.0.1:51627 | tcp | |
| N/A | 127.0.0.1:51635 | tcp | |
| N/A | 127.0.0.1:51637 | tcp | |
| N/A | 127.0.0.1:51639 | tcp | |
| N/A | 127.0.0.1:51641 | tcp | |
| N/A | 127.0.0.1:51646 | tcp | |
| N/A | 127.0.0.1:51648 | tcp | |
| N/A | 127.0.0.1:51652 | tcp | |
| N/A | 127.0.0.1:51657 | tcp | |
| N/A | 127.0.0.1:51659 | tcp | |
| N/A | 127.0.0.1:51661 | tcp | |
| N/A | 127.0.0.1:51663 | tcp | |
| N/A | 127.0.0.1:51665 | tcp | |
| N/A | 127.0.0.1:51669 | tcp | |
| N/A | 127.0.0.1:51674 | tcp | |
| N/A | 127.0.0.1:51676 | tcp | |
| N/A | 127.0.0.1:51679 | tcp | |
| N/A | 127.0.0.1:51687 | tcp | |
| N/A | 127.0.0.1:51708 | tcp | |
| N/A | 127.0.0.1:51711 | tcp | |
| N/A | 127.0.0.1:51719 | tcp | |
| N/A | 127.0.0.1:51726 | tcp | |
| N/A | 127.0.0.1:27015 | tcp | |
| N/A | 127.0.0.1:51750 | tcp | |
| N/A | 127.0.0.1:51753 | tcp | |
| N/A | 127.0.0.1:51757 | tcp | |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| GB | 168.235.193.215:443 | d.updater.3u.com | tcp |
| FR | 43.152.186.225:443 | dl-image.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| FR | 43.152.186.225:443 | dl-image.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| US | 8.8.8.8:53 | www.3u.com | udp |
| GB | 174.35.118.63:443 | www.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| GB | 174.35.118.63:443 | www.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| GB | 174.35.118.63:443 | www.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| N/A | 127.0.0.1:51764 | tcp | |
| N/A | 127.0.0.1:51770 | tcp | |
| N/A | 127.0.0.1:51777 | tcp | |
| N/A | 127.0.0.1:51780 | tcp | |
| N/A | 127.0.0.1:51787 | tcp | |
| N/A | 127.0.0.1:51792 | tcp | |
| N/A | 127.0.0.1:51797 | tcp | |
| N/A | 127.0.0.1:51804 | tcp | |
| N/A | 127.0.0.1:51807 | tcp | |
| N/A | 127.0.0.1:51813 | tcp | |
| N/A | 127.0.0.1:51820 | tcp | |
| N/A | 127.0.0.1:51824 | tcp | |
| N/A | 127.0.0.1:51828 | tcp | |
| N/A | 127.0.0.1:51835 | tcp | |
| N/A | 127.0.0.1:51840 | tcp | |
| N/A | 127.0.0.1:51845 | tcp | |
| N/A | 127.0.0.1:51850 | tcp | |
| N/A | 127.0.0.1:51855 | tcp | |
| N/A | 127.0.0.1:51860 | tcp | |
| N/A | 127.0.0.1:51867 | tcp | |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| N/A | 127.0.0.1:51941 | tcp | |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| N/A | 127.0.0.1:51966 | tcp | |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| N/A | 127.0.0.1:51978 | tcp | |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| N/A | 127.0.0.1:51992 | tcp | |
| N/A | 127.0.0.1:51994 | tcp | |
| GB | 138.113.101.15:443 | www.3u.com | tcp |
| GB | 163.171.146.42:443 | ios-pclog.3u.com | tcp |
| N/A | 127.0.0.1:51999 | tcp | |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| N/A | 127.0.0.1:52003 | tcp | |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| US | 8.8.8.8:53 | dl.3u.com | udp |
| FR | 43.152.186.225:443 | dl.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| GB | 138.113.101.15:80 | www.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| GB | 163.171.146.42:443 | ios-pclog.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| US | 8.8.8.8:53 | secure-appldnld.apple.com | udp |
| GB | 23.49.173.57:443 | secure-appldnld.apple.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| US | 8.8.8.8:53 | yfv6ssx-pc.i4.cn | udp |
| GB | 23.49.173.57:443 | secure-appldnld.apple.com | tcp |
| GB | 23.49.173.57:443 | secure-appldnld.apple.com | tcp |
| GB | 23.49.173.57:443 | secure-appldnld.apple.com | tcp |
| GB | 23.49.173.57:443 | secure-appldnld.apple.com | tcp |
| GB | 23.49.173.57:443 | secure-appldnld.apple.com | tcp |
| GB | 163.171.146.42:443 | ios-pclog.3u.com | tcp |
| N/A | 127.0.0.1:52009 | tcp | |
| N/A | 127.0.0.1:52013 | tcp | |
| N/A | 127.0.0.1:52026 | tcp | |
| N/A | 127.0.0.1:52033 | tcp | |
| N/A | 127.0.0.1:27015 | tcp | |
| N/A | 127.0.0.1:52096 | tcp | |
| N/A | 127.0.0.1:52099 | tcp | |
| N/A | 127.0.0.1:52106 | tcp | |
| N/A | 127.0.0.1:52111 | tcp | |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| CN | 121.199.63.222:14929 | yfv6ssx-pc.i4.cn | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| N/A | 127.0.0.1:52153 | tcp | |
| GB | 163.171.146.42:443 | ios-pclog.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| GB | 168.235.193.210:80 | d.updater.3u.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| N/A | 127.0.0.1:52174 | tcp | |
| N/A | 127.0.0.1:52187 | tcp | |
| N/A | 127.0.0.1:52195 | tcp | |
| N/A | 127.0.0.1:52219 | tcp | |
| N/A | 127.0.0.1:52289 | tcp | |
| N/A | 127.0.0.1:52312 | tcp | |
| N/A | 127.0.0.1:52328 | tcp | |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| N/A | 127.0.0.1:52400 | tcp | |
| N/A | 127.0.0.1:52405 | tcp | |
| N/A | 127.0.0.1:52410 | tcp | |
| N/A | 127.0.0.1:52415 | tcp | |
| N/A | 127.0.0.1:27015 | tcp | |
| N/A | 127.0.0.1:27015 | tcp | |
| N/A | 127.0.0.1:27015 | tcp | |
| N/A | 127.0.0.1:27015 | tcp | |
| N/A | 127.0.0.1:27015 | tcp | |
| N/A | 127.0.0.1:27015 | tcp | |
| N/A | 127.0.0.1:27015 | tcp | |
| CN | 121.199.63.222:14929 | yfv6ssx-pc.i4.cn | tcp |
| N/A | 127.0.0.1:52518 | tcp | |
| GB | 163.171.146.42:443 | ios-pclog.3u.com | tcp |
| N/A | 127.0.0.1:27015 | tcp | |
| N/A | 127.0.0.1:27015 | tcp | |
| N/A | 127.0.0.1:27015 | tcp | |
| N/A | 127.0.0.1:27015 | tcp | |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 13.107.246.64:443 | edgeassetservice.azureedge.net | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| N/A | 127.0.0.1:27015 | tcp | |
| N/A | 127.0.0.1:27015 | tcp | |
| N/A | 127.0.0.1:51666 | udp | |
| N/A | 127.0.0.1:5354 | tcp | |
| N/A | 127.0.0.1:5354 | tcp | |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| N/A | 127.0.0.1:27015 | tcp | |
| N/A | 127.0.0.1:65303 | udp | |
| US | 8.8.8.8:53 | ios-pclog.3u.com | udp |
| GB | 163.171.146.42:443 | ios-pclog.3u.com | tcp |
| GB | 163.171.146.42:443 | ios-pclog.3u.com | tcp |
| N/A | 127.0.0.1:57792 | tcp | |
| N/A | 127.0.0.1:57795 | tcp | |
| US | 8.8.8.8:53 | albert.apple.com | udp |
| US | 17.32.214.169:443 | albert.apple.com | tcp |
| N/A | 127.0.0.1:27015 | tcp | |
| N/A | 127.0.0.1:27015 | tcp | |
| N/A | 127.0.0.1:61046 | udp | |
| N/A | 127.0.0.1:5354 | tcp | |
| US | 8.8.8.8:53 | c12850432.mgr.gcsp.cddbp.net | udp |
| IE | 52.16.249.199:80 | c12850432.mgr.gcsp.cddbp.net | tcp |
| IE | 52.16.249.199:80 | c12850432.mgr.gcsp.cddbp.net | tcp |
| US | 8.8.8.8:53 | c9854976.mgr.gcsp.cddbp.net | udp |
| IE | 52.16.249.199:80 | c9854976.mgr.gcsp.cddbp.net | tcp |
| US | 8.8.8.8:53 | init-p01st.push.apple.com | udp |
| GB | 2.22.144.37:80 | init-p01st.push.apple.com | tcp |
| US | 8.8.8.8:53 | 4-courier.push.apple.com | udp |
| US | 8.8.8.8:53 | crl.apple.com | udp |
| DE | 17.253.15.202:80 | crl.apple.com | tcp |
| N/A | 127.0.0.1:5354 | tcp | |
| N/A | 127.0.0.1:57892 | tcp | |
| N/A | 127.0.0.1:57894 | tcp | |
| N/A | 127.0.0.1:57896 | tcp | |
| N/A | 127.0.0.1:27015 | tcp | |
| N/A | 127.0.0.1:57905 | tcp | |
| US | 8.8.8.8:53 | s.mzstatic.com | udp |
| US | 8.8.8.8:53 | swcatalog.apple.com | udp |
| GB | 184.26.80.220:443 | swcatalog.apple.com | tcp |
| US | 8.8.8.8:53 | swdist.apple.com | udp |
| GB | 184.26.80.220:443 | swdist.apple.com | tcp |
| GB | 163.171.146.42:443 | ios-pclog.3u.com | tcp |
| US | 8.8.8.8:53 | app-pcres.3u.com | udp |
| GB | 138.113.101.15:443 | app-pcres.3u.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| GB | 138.113.101.15:443 | app-pcres.3u.com | tcp |
| GB | 138.113.101.15:443 | app-pcres.3u.com | tcp |
| GB | 138.113.101.15:443 | app-pcres.3u.com | tcp |
| GB | 138.113.101.15:443 | app-pcres.3u.com | tcp |
| GB | 138.113.101.15:443 | app-pcres.3u.com | tcp |
| N/A | 127.0.0.1:58213 | tcp | |
| N/A | 127.0.0.1:58243 | tcp | |
| GB | 163.171.146.42:443 | ios-pclog.3u.com | tcp |
| US | 8.8.8.8:53 | dl-image.3u.com | udp |
| US | 8.8.8.8:53 | is1-ssl.mzstatic.com | udp |
| US | 151.101.3.6:443 | is1-ssl.mzstatic.com | tcp |
| US | 151.101.3.6:443 | is1-ssl.mzstatic.com | tcp |
| FR | 43.152.186.225:443 | dl-image.3u.com | tcp |
| US | 8.8.8.8:53 | is3-ssl.mzstatic.com | udp |
| US | 8.8.8.8:53 | is2-ssl.mzstatic.com | udp |
| US | 8.8.8.8:53 | is5-ssl.mzstatic.com | udp |
| N/A | 127.0.0.1:27015 | tcp | |
| US | 8.8.8.8:53 | app-pcres.3u.com | udp |
| N/A | 127.0.0.1:58269 | tcp | |
| GB | 163.171.146.42:443 | ios-pclog.3u.com | tcp |
| N/A | 127.0.0.1:58272 | tcp | |
| US | 8.8.8.8:53 | url.3u.com | udp |
| N/A | 127.0.0.1:58274 | tcp | |
| GB | 163.171.146.42:443 | ios-pclog.3u.com | tcp |
| GB | 163.171.130.132:443 | url.3u.com | tcp |
| N/A | 127.0.0.1:58278 | tcp | |
| US | 8.8.8.8:53 | dl.3u.com | udp |
| FR | 43.152.186.225:443 | dl.3u.com | tcp |
| GB | 163.171.130.132:80 | url.3u.com | tcp |
| N/A | 127.0.0.1:58281 | tcp | |
| GB | 163.171.146.42:443 | ios-pclog.3u.com | tcp |
| N/A | 127.0.0.1:58445 | tcp | |
| N/A | 127.0.0.1:27015 | tcp | |
| N/A | 127.0.0.1:27015 | tcp | |
| N/A | 127.0.0.1:27015 | tcp | |
| N/A | 127.0.0.1:27015 | tcp | |
| N/A | 127.0.0.1:27015 | tcp | |
| N/A | 127.0.0.1:27015 | tcp | |
| N/A | 127.0.0.1:27015 | tcp | |
| GB | 2.18.27.76:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| N/A | 127.0.0.1:27015 | tcp | |
| N/A | 127.0.0.1:27015 | tcp | |
| N/A | 127.0.0.1:27015 | tcp | |
| N/A | 127.0.0.1:27015 | tcp | |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| N/A | 127.0.0.1:27015 | tcp | |
| N/A | 127.0.0.1:58462 | udp | |
| US | 8.8.8.8:53 | sf.symcd.com | udp |
| GB | 2.22.142.222:80 | sf.symcd.com | tcp |
| US | 8.8.8.8:53 | sf.symcb.com | udp |
| GB | 2.22.142.222:80 | sf.symcb.com | tcp |
| N/A | 127.0.0.1:27015 | tcp | |
| US | 8.8.8.8:53 | ios-pclog.3u.com | udp |
| GB | 163.171.130.132:443 | ios-pclog.3u.com | tcp |
| N/A | 127.0.0.1:62386 | tcp | |
| GB | 163.171.130.132:443 | ios-pclog.3u.com | tcp |
| N/A | 127.0.0.1:63009 | tcp | |
| GB | 2.18.27.76:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 2.18.27.76:443 | th.bing.com | tcp |
| GB | 2.18.27.76:443 | th.bing.com | tcp |
| GB | 2.18.27.82:443 | th.bing.com | tcp |
| GB | 2.18.27.82:443 | th.bing.com | tcp |
| GB | 2.18.27.82:443 | th.bing.com | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 40.126.31.69:443 | login.microsoftonline.com | tcp |
| IE | 40.126.31.69:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| GB | 2.18.27.76:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| GB | 2.18.27.76:443 | www.bing.com | udp |
| US | 13.107.246.64:443 | api.edgeoffer.microsoft.com | tcp |
| GB | 2.18.27.76:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 2.18.27.76:443 | th.bing.com | udp |
| GB | 2.18.27.82:443 | th.bing.com | udp |
| US | 8.8.8.8:53 | cdn.sapphire.microsoftapp.net | udp |
| US | 8.8.8.8:53 | cdn.sapphire.microsoftapp.net | udp |
| US | 13.107.246.64:443 | cdn.sapphire.microsoftapp.net | tcp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 40.126.31.2:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| GB | 2.18.27.76:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 13.107.246.64:443 | edge-consumer-static.azureedge.net | tcp |
| US | 8.8.8.8:53 | static.edge.microsoftapp.net | udp |
| US | 8.8.8.8:53 | static.edge.microsoftapp.net | udp |
| US | 13.107.246.64:443 | static.edge.microsoftapp.net | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| GB | 84.201.209.102:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | ios-pclog.3u.com | udp |
| GB | 163.171.130.132:443 | ios-pclog.3u.com | tcp |
| N/A | 127.0.0.1:63870 | tcp | |
| GB | 163.171.130.132:443 | ios-pclog.3u.com | tcp |
| N/A | 127.0.0.1:63885 | tcp | |
| N/A | 127.0.0.1:63918 | tcp | |
| GB | 163.171.130.132:443 | ios-pclog.3u.com | tcp |
| US | 8.8.8.8:53 | app-pcres.3u.com | udp |
| GB | 163.171.129.134:443 | app-pcres.3u.com | tcp |
| GB | 163.171.129.134:443 | app-pcres.3u.com | tcp |
| GB | 163.171.129.134:443 | app-pcres.3u.com | tcp |
| GB | 163.171.129.134:443 | app-pcres.3u.com | tcp |
| GB | 163.171.129.134:443 | app-pcres.3u.com | tcp |
| GB | 163.171.129.134:443 | app-pcres.3u.com | tcp |
| US | 8.8.8.8:53 | d-ring.3u.com | udp |
| US | 8.8.8.8:53 | d-paper.3u.com | udp |
| GB | 163.171.129.134:443 | d-paper.3u.com | tcp |
| GB | 163.171.129.134:443 | d-paper.3u.com | tcp |
| GB | 163.171.129.134:443 | d-paper.3u.com | tcp |
| GB | 163.171.129.134:443 | d-paper.3u.com | tcp |
| GB | 163.171.129.134:443 | d-paper.3u.com | tcp |
| GB | 163.171.129.134:443 | d-paper.3u.com | tcp |
| GB | 163.171.146.42:443 | d-paper.3u.com | tcp |
| GB | 163.171.146.42:443 | d-paper.3u.com | tcp |
| GB | 163.171.146.42:443 | d-paper.3u.com | tcp |
| GB | 163.171.146.42:443 | d-paper.3u.com | tcp |
| GB | 163.171.146.42:443 | d-paper.3u.com | tcp |
| GB | 163.171.146.42:443 | d-paper.3u.com | tcp |
| N/A | 127.0.0.1:63944 | tcp | |
| GB | 163.171.130.132:443 | d-paper.3u.com | tcp |
| US | 8.8.8.8:53 | app-pcres.3u.com | udp |
| N/A | 127.0.0.1:63948 | tcp | |
| GB | 163.171.130.132:443 | d-paper.3u.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 07366d71fc96955d98051d1d2ba7cabe |
| SHA1 | 923a8f8c40bb068daad27f1b8ae99e243c474d1c |
| SHA256 | 6c3c6f617c420e34874d49c38a1e4f4ce040ce84fdea22ccd1232248c9340fc0 |
| SHA512 | 5a704ef6f810395607c4d6161a87e7d11bf738f1b1fb8fc8933d138048a127d2f431c7ade1323accd71bfc0f54f5bc1e71daa4b5b6d46ff0a89a48acd9b6502e |
\??\pipe\crashpad_5148_RTRJVCNVBWIYCSQD
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | af2e2f9069d6700662fc4f42db923f9b |
| SHA1 | 34cfa6edec5d4885a6e3a5a23af378179eb3a982 |
| SHA256 | 5839491ee2723c853670d5c0d304a0c8ab8ffd530e8c9ae5b45b5fa054b02667 |
| SHA512 | 84fc0f8ff9aee9e6322d433931eccc233123179f8165f58de0c62dfb63d7891312f8d3799710e6aba4a25f8b5f836b2aa9092a9a9bf4fc2c6bba490615fe44a1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
| MD5 | 1779e1e20a36c62258d562dd7e68ef2a |
| SHA1 | 2fef6ce745bc67dc4e05696c7e1d5c92c06a1a94 |
| SHA256 | cb08415f6abbfb6c4c98aa24d0de0433c667c83fca2d789f0cd020372e5c9979 |
| SHA512 | a2ee8db8e39217793dd0070c20006ec753f85d8110457320ba9acdecffdf89d343d3cd2eaaeb3ed3bb0d7d71061ab955d2e76d94cb097e75df10532b161ea6f5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log
| MD5 | 9ab1d4d788fa7112abadd8ea94a5799a |
| SHA1 | 068c1f7a8008b6e9321db8992861444bfe6f3e7f |
| SHA256 | 6188879327d79cd87b295a8706fa510c83e89a9caeb4f44ca0859a9a6e415d64 |
| SHA512 | 10afe534e05fbdfba56a27fa1b29630661d0ebba2fccd762dfbbea8eb08b3feef322cacab988c9e60e88e26366f4998d710945c11efa9de950b21c0035b47417 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 70ba9fe0dc15ddfe5a2bd9c05f7f8ba4 |
| SHA1 | 945b5a2ab807c4e6afd020c88f64233e2ca936c5 |
| SHA256 | 4efa604bef60cdcbaebf8a53991a30221c6510795592ddd368b394438d0174f9 |
| SHA512 | e41bae25a42bb98d8833f43ee348db7c33043d54c19821d38bf8a1b77df7b8931f3591d95e2e17a2af1beb544d128e181cc7ef7abdad20b7730f7899d4c2a68b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\ab0f1a00-923f-47a3-b432-c08c6ef11fd4.tmp
| MD5 | 06d55006c2dec078a94558b85ae01aef |
| SHA1 | 6a9b33e794b38153f67d433b30ac2a7cf66761e6 |
| SHA256 | 088bb586f79dd99c5311d14e1560bbe0bb56225a1b4432727d2183341c762bcd |
| SHA512 | ec190652af9c213ccbb823e69c21d769c64e3b9bae27bea97503c352163bf70f93c67cebbf327bfc73bfd632c9a3ae57283b6e4019af04750fe18a2410a68e60 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cccfbf16d8d23244c70c2dc79928d62e |
| SHA1 | fcef768fe8a59bde87dfd9fb9a69e8694b6bb6fe |
| SHA256 | 25deeae0b743e510e301dc8396b15f773141100793a59b56bf17655758004f4f |
| SHA512 | 72dbf7e0d87c83c0bf0e588065481a036aa9da2652a220ca5aad5ca1805b603d90beb3eabb8a25d27478545374df2f8572af05f977022806a12dc924b0540aa7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries
| MD5 | 20d4b8fa017a12a108c87f540836e250 |
| SHA1 | 1ac617fac131262b6d3ce1f52f5907e31d5f6f00 |
| SHA256 | 6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d |
| SHA512 | 507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 4850caf2a0f02db4d6a3b567163c594b |
| SHA1 | d2efeb8a6f4ae38936da3de1427efdf38ac2d1c0 |
| SHA256 | 89528506704a15e614f729dbd1864aa90a79390d308e4b1acaf1a9c3a3c53650 |
| SHA512 | c1eab170cf1456d803a395e8aacfa571467858b227b12dc600058d4654884c2cb16bb912281d62682982615995d85635216e9af8ccd1adb106426442394baad3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e0dacf1f4dfb9065ca2411216652d844 |
| SHA1 | cb9e5a8929014cc9be02e7b843976c8bff55d040 |
| SHA256 | 28463acaa3462797b5b8c42c8209fa3954ab5ed19042851aead6faaab1b8331b |
| SHA512 | 77052baf2dcfbbd219857781fb426b0c135a020b4197d95b1ef16e17590883ca69088bb1d7897113dd158564d35834008cbab5e82f87f7a32a698c3f822f849e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog
| MD5 | e4f09e7b391a3e28fb948686a1f16220 |
| SHA1 | 9baf223c4f549ce8d7d2ba9772fc07a25dd5f1b5 |
| SHA256 | 4d112049ca6c0f82d4df11344f69e9eec7325950f9f8fc89850dea82ea8b53f6 |
| SHA512 | 2f45b1615e30ec665dacb66759500d1606f3efc4d45814b15e3ad57609f594f4916e02549b159fbd029d202c12ec9779623a15af2645b3156c7674ba987204cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\f09db186-80da-44b6-a4ce-249a73f0186a.tmp
| MD5 | ba61e2360f456d5e7780daa26ba53b4c |
| SHA1 | 47e39ec023162eff97d635beb5c35b4f426b459e |
| SHA256 | 80734a1d7c2565e4e654132c77e9520923bd69e217cf47264884136fe91cc570 |
| SHA512 | 7c39ff799b775e87b1cfb698f1173a7d9994ce395395722ebb60bb6032ac6da77343f47cd20e2dbb1b21a032dcc94b6db0ec10637d34cb4b6131bc91b61fb5f5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | a6e9d5090df12c4c0cca357041190f5b |
| SHA1 | f0bea5ba5bb7182d746245853bdb3e5e43b6591a |
| SHA256 | 5a2b98b0b6d59429ed043b02d8127c702a10dd25787e0d7a54e5b66775d24431 |
| SHA512 | 8bec197f4b49e0a6a478caed6a599e7fbd0739c7753be483166b0fe085758acb6a00c05b2e4b201cce42410e76387817ba0e050f52730ebc129a9c8ad5cf9f06 |
C:\Program Files\chrome_Unpacker_BeginUnzipping5148_227858588\deny_domains.list
| MD5 | 085a334bdb7c8e27b7d925a596bfc19a |
| SHA1 | 1e4ad53dc335af5c6a8da2e4b4a175f37fafe2f2 |
| SHA256 | f51a7acfffec56d6751561966d947d3fd199b74528c07dabdcf5fcb33d5b2e85 |
| SHA512 | c883cb43c97a136825c6fd143f539210c234c66f9b76dfd8431f6ff014094e20b9410d7462aadee2344df8ca158def6b9a807e7cadbdfa947f6f8592e7283e34 |
C:\Program Files\chrome_Unpacker_BeginUnzipping5148_227858588\manifest.json
| MD5 | e7314184e67b4501f5048c2e5f181d96 |
| SHA1 | f741a8a1b8c18c8d4974f937ef589b134dde5419 |
| SHA256 | 7bd96fc0239229d64cc38693c64f2524d95711534c606b2b39957af8411d870a |
| SHA512 | 773ff8228cc87677e3f74667b61db59decfccb6ca4da80a5ac5e0aff0e3102e08e6c1561df35b9ed64c8b7db8dc8ed27210c2ca0139ec85d17f9e3f57018a086 |
C:\Program Files\3uToolsV3\files\bonjour\Bonjour64.msi
| MD5 | 86e2b390629665fbc20e06dfbf01a48f |
| SHA1 | d9f4697a6f4eceea24735822cb1df501268ca0b0 |
| SHA256 | 46e31e284da64d6c2d366352b8a8abcf7db28d3e2a870d8fcf15c4a6fe0a6dd1 |
| SHA512 | 05ecd3be5779f39db09329dda4dce0e3c49ac5d3950e92833031622b53542dadbe9e2948df35faeb4c41dbc8e01992935087c4a2975c797bd008ae177f7c3fea |
C:\Program Files\3uToolsV3\files\OpenStreetMap\search.png
| MD5 | a73bcc83dc2729d19d9d0e1eb36bbd96 |
| SHA1 | 9d15df65438cab48d07ebe7e9359258ff1011423 |
| SHA256 | 29739779fd76b21175d4ea24d7ded3e057233127062d05c164b9ab4df9e11a3f |
| SHA512 | c37de466294c22c9b3ed6587c639a7d53ae6f5cc8d352931035885191a2fd329dae3ff28d1bdeb363c2c12243505584354acc5f88bb8e21da9c2942d03cacf03 |
C:\Program Files\3uToolsV3\files\tutorial\ios9trustapp\jquery-1.11.1.min.js
| MD5 | 8101d596b2b8fa35fe3a634ea342d7c3 |
| SHA1 | d6c1f41972de07b09bfa63d2e50f9ab41ec372bd |
| SHA256 | 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 |
| SHA512 | 9e1634eb02ab6acdfd95bf6544eefa278dfdec21f55e94522df2c949fb537a8dfeab6bcfecf69e6c82c7f53a87f864699ce85f0068ee60c56655339927eebcdb |
C:\Program Files\3uToolsV3\translations\qtmultimedia_en.qm
| MD5 | bcebcf42735c6849bdecbb77451021dd |
| SHA1 | 4884fd9af6890647b7af1aefa57f38cca49ad899 |
| SHA256 | 9959b510b15d18937848ad13007e30459d2e993c67e564badbfc18f935695c85 |
| SHA512 | f951b511ffb1a6b94b1bcae9df26b41b2ff829560583d7c83e70279d1b5304bde299b3679d863cad6bb79d0beda524fc195b7f054ecf11d2090037526b451b78 |
C:\Program Files\3uToolsV3\translations\qt_gd.qm
| MD5 | d512456777500dc13ef834ed528d3704 |
| SHA1 | 90a32284052c3fe12c18afec9f7ff56735e2e34b |
| SHA256 | c515dd2a2e00765b5f651aae124a55d617b24777138019abc5a7001da7417561 |
| SHA512 | babef929ac600c117967b42389623f352d219a466c484ae68ef3c9da9ff61555875ffb0dafc3e5eada6fb43d37f7afe74a6b6c73458a93ffb42819e1068c9a3b |
C:\Program Files\3uToolsV3\translations\qt_he.qm
| MD5 | 26b777c6c94c5aa6e61f949aa889bf74 |
| SHA1 | f78da73388c86d4d5e90d19bb3bd5f895c027f27 |
| SHA256 | 4281c421984772665a9d72ab32276cfe1e2a3b0ebe21d4b63c5a4c3ba1f49365 |
| SHA512 | 8e02ce06f6de77729aefa24410cbd4bfba2d935ef10dcf071da47bb70d9c5e0969f528bdb3db5cab00e3142d7c573fcf66ea5eb4a2bc557229ad082c0eb1dbcc |
C:\Program Files\3uToolsV3\3uTools.exe
| MD5 | d0537f91590c1122e5aaa5e08de565d4 |
| SHA1 | d57923e88709be706b87cbdde7b1053b16e75a2a |
| SHA256 | 06cac5a360c086197ffa6bd223b3a9cc18949780c11a888e2b6122f4f7e2d689 |
| SHA512 | a721ab6adf39f390cb8ba4a0db5dbdebd9891f3b8d0a3d11a31b57c1da768e0d7f4266dcadcfef2d9bcdbe63d35e6fc6136332c4d4d8bf5c36d4e01d5e010fd7 |
C:\Program Files\3uToolsV3\Uninstall.exe
| MD5 | 196421661e24c59bd11536f3ad9bd243 |
| SHA1 | a59eeed11cf849a76e69c52b35c56fbcfbdde074 |
| SHA256 | f1b74d97c627f30df80f2615726561b103659a93e5c9c718bb4ed5b96344d7e6 |
| SHA512 | 7a358d504b74abbae0a7fa502ee85c87ba528ef01679af6a5fb591e75780cc8b1b4fb9afa11374ce7850d3c195f982a754319a015ee5bec4b4f0ba9a17ed095b |
C:\Program Files\chrome_Unpacker_BeginUnzipping5148_157293051\manifest.json
| MD5 | e6cd92ad3b3ab9cb3d325f3c4b7559aa |
| SHA1 | 0704d57b52cf55674524a5278ed4f7ba1e19ca0c |
| SHA256 | 63dfb8d99ce83b3ca282eb697dc76b17b4a48e4065fc7efafb77724739074a9d |
| SHA512 | 172d5dc107757bb591b9a8ed7f2b48f22b5184d6537572d375801113e294febfbe39077c408e3a04c44e6072427cbe443c6614d205a5a4aa290101722e18f5e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\CertificateRevocation\6498.2024.12.2\crl-set
| MD5 | 846feb52bd6829102a780ec0da74ab04 |
| SHA1 | dd98409b49f0cd1f9d0028962d7276860579fb54 |
| SHA256 | 124b7eeba31f0e3d9b842a62f3441204beb13fade81da38b854aecba0e03a5b4 |
| SHA512 | c8759e675506ccc6aa9807798252c7e7c48a0ab31674609738617dc105cee38bce69d4d41d6b95e16731466880b386d35483cbeea6275773f7041ba6e305fae9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8bdf9c71990e2bf3dabb2466b9461c3f |
| SHA1 | afb01b770739c4adf43f03355cfaabf766c73ed4 |
| SHA256 | 8a49421da1dbd21d34dcd06dc18a354ca103110b0d768cf5f55ea1901a9c3d71 |
| SHA512 | 7bb93d6416757ecbf9736073e78cbb9ad2ac86b98e4343b2e7006b5c6f1835af9f4ceb2f6a7e6c4770836228b20b2b36e5d5b90c10faf7dd2da350b1556ab4a3 |
C:\Program Files\3uToolsV3\Qt5Xml.dll
| MD5 | 6f8898d2285d5466ec54bda8af8d10b4 |
| SHA1 | 7238804242aff57aec15acf2351eb507b0111a39 |
| SHA256 | 2cad1733f9efc647fda9fcbe8cbd188e71e3cedaef0c3c1be07b6530d5727f9e |
| SHA512 | 200b2a62ead63232a7753c4b19813209951bdd00a151135a914c121077eb22c9a38ed550ac8842434758be4bbae4b14ba8096417f46ee8c051e589c0c4ec1e80 |
C:\Program Files\3uToolsV3\idm_other.dll
| MD5 | 970b84cd0bea2555e45d40c1ceddd1c6 |
| SHA1 | 0223b2da7d0543f4c1cea647916a0c3c368f2c9d |
| SHA256 | 2ccfb0ae3fa076fcaf5dd8fb7cd01168b82fe01961804b9ae7bcef7d117dd494 |
| SHA512 | 39f082294e2030b40cd55a576e62812e21f139f36608511f043b3bc836b453daf03aee84df73073d0c4d08e9eac4d9dd7abd85bebd93186f8d981a92059ef0f9 |
memory/5316-1714-0x00007FFB448A0000-0x00007FFB44DDD000-memory.dmp
memory/5316-1719-0x00007FF636660000-0x00007FF637359000-memory.dmp
memory/5316-1718-0x00007FFB444B0000-0x00007FFB448A0000-memory.dmp
memory/5316-1716-0x00007FF636660000-0x00007FF637359000-memory.dmp
memory/5316-1717-0x0000000061920000-0x0000000062247000-memory.dmp
memory/5316-1715-0x00007FFB444B0000-0x00007FFB448A0000-memory.dmp
C:\Program Files\3uToolsV3\idm_media.dll
| MD5 | af4ee552a5363c437fa9a310bcfa6a24 |
| SHA1 | c29de8edf94c5e64ab8b04ce180bed2cc21bce93 |
| SHA256 | 9d4ddeb158cf9715cf08ff4e45a60272d706a6e825212e79fea0d41c815322ea |
| SHA512 | b98472fb6f0a080ebbb5b365928767efc971e60e426b42fd610b3fbd9d35ea7dd38d7c026d2e25ad6c9346adcc75c34b38c735bb2dc533296909ca9a0ed48b48 |
C:\Program Files\3uToolsV3\idm_jb.dll
| MD5 | ddab30e12f7de6b8e5f5839ce9abb2fc |
| SHA1 | b3c23abea6677ba1f921da9aa93deb3e0fc65e7f |
| SHA256 | 9d879f5eb39b4cc7d262d17219975bab9083992caf67a7fd72b5e48289fbd41c |
| SHA512 | c8225d6269a1f123650ec8d4d1262d21aa56fbe3f0914c79a850a19230752ab3e7266c1c842330658b06deff2d48242cbeed053981e87fbb4c01ab429a1d0fc6 |
C:\Program Files\3uToolsV3\idm_info.dll
| MD5 | 5c3b95ff2681849b8e59f7bfc80ec186 |
| SHA1 | 025260bc595c2dcb30946e85ad51389cbde57639 |
| SHA256 | 8bf68b8f46cd1e1141b8a5c1062b082696c77a3a4942ad504575848761ed0a72 |
| SHA512 | 7108b708268c1b69b36dceba463e70117d2c4dfa1b9685b8a75ce0ee37b859935706867efc7f362729d2bd8caa3f5d58623203d419abc64f4e57d4abb6220296 |
C:\Program Files\3uToolsV3\idm_fm.dll
| MD5 | 8c92a3e15d3a619a97baa36d4ef357d9 |
| SHA1 | ca23f57dc973c2834e5a2fbc3f23965e7b4e822c |
| SHA256 | 79632fdb3e90017ce1774c587066eff264680e807f38faa06b7b357a68a88687 |
| SHA512 | 5c26d1c0370c0b55a0fb2c617c62eab2c1035db85aeb17164ca650cc3c8d676efbe39215e907c904a5532d90a34bbb955928f8a87e39881fd18d08f3c3c0bf18 |
C:\Program Files\3uToolsV3\idm_datamgr.dll
| MD5 | 8400f5bd382e4837bcb6ac4d2f5122ce |
| SHA1 | 9a961223761f98dd87dd0d23c5562808f48424cd |
| SHA256 | 74993e4197c85a9acd48514d81e8b280d1fbc797be6639fade49243fbfb1e2d5 |
| SHA512 | d0a1ca6e0d91cd50c0302fb6abb245042e062a2c06a410d95fac27c153eeeb89293fe80a467565aab31827049a4dd302f47b180d141e1502c636552362f8562b |
C:\Program Files\3uToolsV3\idm_app.dll
| MD5 | 906ff33f0e6d920dff8fb40c4b77820e |
| SHA1 | fb938d73d455985dab7ffe30612765101f82eb93 |
| SHA256 | a626864dc152382e09e0b11019411de039d6fcc244c09010abcfcfde1128c7bd |
| SHA512 | 647223bbd4665d54cd790a88b2614b67f4f5b600fbc646517c629843f308ddaac0a25b35132dfaddfcddc4c6f6f4fcd5f8a39d0e6e22d3dfa602f2f174a487e2 |
C:\Program Files\3uToolsV3\msvcp140.dll
| MD5 | 5cde3aed10412762e83b7fe43694a22b |
| SHA1 | 4ffcdf063eafc901105836c27a634530ea614755 |
| SHA256 | 10ddff48d704c6007e4c2d53fb4856b5e5e79479503366236246a323aaa76e9d |
| SHA512 | fcd7bc262e7bbcbbac9258e31b8d62efb2e601ac1fffac4c86819c8f2aed26fc19403d992a57d48ec92752b2a0a8b04e8204423d6077c7800ea4015f016faa23 |
C:\Program Files\3uToolsV3\Qt5Core.dll
| MD5 | 60b4635abd67a3040bbc138384a70411 |
| SHA1 | b03f6f8426f91ccecfd644ff637eae458429be42 |
| SHA256 | 8846ea3e4f3fd23e02f616c25a4fac5bda13030ef574608ef84497198a4b0258 |
| SHA512 | 4de46a3a5b4ba7f9cce001a662df24c15d11ae51919adc3af000c369a11b34eb7e99c477fb3e832640d9bbeaeb245313d895a09a00820a55a8a80f92d844b5ee |
C:\Program Files\3uToolsV3\Qt5Concurrent.dll
| MD5 | d761d30769fb241163c2e30081a6c47c |
| SHA1 | 8936afd8a68335ae33cdd8ec918446a1cf7164ea |
| SHA256 | e52e9901cd453adc04442795f507d122d64cdabf3e20cfc2e1aaf30de80259ae |
| SHA512 | b7f3e7fd7cd92f5c3d08b2d8202d76d1a76c31b6d2980e22f43317b3fbe2812018e5bffed15df699ce56e65ddf370d3627145619e011ddeac6d77e61708a975c |
C:\Program Files\3uToolsV3\Qt5Network.dll
| MD5 | ac5afb5d62ef4f569b48b14b94f972af |
| SHA1 | 9e02fba0a413d46f242e49307b34879022a3cd7c |
| SHA256 | 6f7eabbd07e24f0e0ec5424deb3ddaa31a14fd2e80f235792afb6323c832cdb7 |
| SHA512 | 34fd10fc67d13713c8fa943d8693444652dd2f0639727a85417c18c32eabe9ab50f505b963946be61c7e78bc7b6c45c00ace1cf4ffaa44fc46b43ef9d80c9de7 |
C:\Program Files\3uToolsV3\Qt5Gui.dll
| MD5 | 436607b792f143709c10ce039793656e |
| SHA1 | cf6282a5a91a35b1babcad4a315299f448e322aa |
| SHA256 | d6983a5092f90e189096b48154f2e80c91d3ecc006a1102e2eb06c3559c9138e |
| SHA512 | a3f7a1f1f022bde28b465969897902900fb343654f2d5e1f5c1b4ec86f21389042ee7830a31c7d619af653963e87dd30ffb82646a83a83c8535475b1e90d6135 |
C:\Program Files\3uToolsV3\Qt5Quick.dll
| MD5 | 2577d3423d0f29aa70a78450b28b5ec5 |
| SHA1 | 418acd19a9535bb5536487b3bdb7b73090511b2d |
| SHA256 | 98307b0c701b2a9886de24eff369e22714fe0aa3404e6a58591c8afc3719813e |
| SHA512 | b9e82136596263a36a6bd37564d6649205c4e66e19e9ae3ef79a31bde57c3ed9a8219ab0ed71e6a6c208e5b6b2e3d29cee437c6fca7cc1e2634fc9364908196f |
C:\Program Files\3uToolsV3\Qt5Multimedia.dll
| MD5 | 8ca625fd879fffda74779b0af552e465 |
| SHA1 | 6c6941e688136d22d72beaffcfe7cf541a62a6ad |
| SHA256 | 42a532132a7a04c0421f697eb023c54d791d3a8a3b2f82209120292073aca622 |
| SHA512 | 2087fa205916db22434f83f213419d88969bbdd48dc3908f1069df15996a4aaea9fc19eb572442c180c63e01824c3a9fe45e256318e588ca66eea2b40da6e1b7 |
C:\Program Files\3uToolsV3\Qt5Widgets.dll
| MD5 | 2c3d30abf2f9cf6ab33107e8bebdb181 |
| SHA1 | 9569fe1092aa2c4bda74548e44482e852b7a0167 |
| SHA256 | f9c58b3f883ce8e969fbeb2908f4a95589122c4574666d75dea6f6a835e3bc59 |
| SHA512 | 1cb5e3c2e960b992c8030d38c2f76307c06f2f1e7eff25ae99fbd304b32b590cfec5615dfcd05b1b1f8bc740db4360cc78a669b513cd94ba82b55743d0df57d9 |
C:\Program Files\3uToolsV3\Qt5PrintSupport.dll
| MD5 | 47a12398c7cecfe9ff5556e0dad8d8fc |
| SHA1 | 15e5c03a91d887b59a76634690d6d20efa9230e0 |
| SHA256 | 10f3f980b25d8d28747931f9c8b903beb0cb4e01ac5c4639c4757ad380c57b12 |
| SHA512 | 17b790185d1d24617f07c36091bc8db1df971376fa30643d205e7d5c3e82dd5bd7a4046a64da31d0bf25f052992169447e74a3827d8e54fae0e9e0cd6ae15927 |
C:\Program Files\3uToolsV3\Qt5WebEngineWidgets.dll
| MD5 | febd0bc442a26588adafd4bc3d59e7c3 |
| SHA1 | efc0b54962de01ba8a7db5254a14c3a1e584586d |
| SHA256 | 6f925a98067394119dee637365c7426bc011f3790a6ebd1209e0941ac7d8a7ae |
| SHA512 | ad0cc1f77af94ee83683eda0b45992652370faae6625a4476f8fa962e553183dd3a1d80c9b9b81b4bb20db7fa51d4b9418c5c27f37885c90553cbf6e2b7541d5 |
C:\Program Files\3uToolsV3\Qt5Svg.dll
| MD5 | 5455034a118445adabb7a2dba0a5c240 |
| SHA1 | 6ba6563d7709dbddbcf94ed2501235febe2385ad |
| SHA256 | 99fdcb49199d843659c4570df27670f12b33f659e3d080f8052c417fb468fb8c |
| SHA512 | 86c2834d5582edb79d01c1be508bae4f67947a1b291b512b9641715cdf6ffb6b6e4177ee3fa906c06f6c8775b3ec18b3edeb145566ff500c72532601c6f93f44 |
C:\Program Files\3uToolsV3\setting.cfg
| MD5 | 5e06b34689cabd514a777db740fde4a3 |
| SHA1 | 860f45d178b33f3236e988567645581b27d604a9 |
| SHA256 | d02ec6da1bfd753c72438f00628d498c573c1d6f5dba881255817dbe3f16af70 |
| SHA512 | c40e251aa511b4775e1ce0f6b58130768b0ac2f61a5c40cc410fa125d584bcf9c0cde8ac5eddd6887def3e9ecd408cd3d7e89391e5e75eb9e4f4ef2a20d3528f |
C:\Program Files\3uToolsV3\setting.cfg.lock
| MD5 | 46dca9a822dddde73ff62a3ae17921d5 |
| SHA1 | 21db5c0357330202f731e722f41586e8bbfd5c67 |
| SHA256 | afeb2f72ed635e002145a3d907a3def91263a88ed9b86c1d2033773668c14f07 |
| SHA512 | 067520962b16e0163587197c48609207415b845f418c5660a641274273d8d5fa2b8830b8d3f0b414ed761d574b30da79e61602b1feaf600c719259fd35e33dbb |
C:\Program Files\3uToolsV3\setting.cfg
| MD5 | aeba642ec3c17df7485618b35a924cc8 |
| SHA1 | 66cbef809d8f81192472abb0a84688177c247a0b |
| SHA256 | f95461757fbd678445fe708ed3d2cdfd074362903431ae6225a55e3a8c6c052c |
| SHA512 | ff4669ad3ffa46af96e816a54ddb4dad85c4ae67bd0f5ae2a70299228e11519b025a2a9a4f678b94d8e9f709f03ea45885f372b7ca0f21908bddcb7718043294 |
C:\Program Files\3uToolsV3\setting.cfg
| MD5 | 295378b509925b097268cfc33042ad0a |
| SHA1 | 89fb9cafb2b95563c600e4dce8a3e523d357ab55 |
| SHA256 | ba6eade872ca4b90cc2207c54f706d461a3a3e268fb0ec9bce2dc1bfc7710f53 |
| SHA512 | cf0f1305b63f16d21b5ef3bdb104d34f9a8872cbdb9c065ee25a724152d0ea3cf2a746576c2ad3136a1e2591e2b75a0e3710b75d7fb08a0dad7e5003ab06de2a |
memory/5936-1828-0x00007FFB448A0000-0x00007FFB44DDD000-memory.dmp
memory/4876-1831-0x00007FFB448A0000-0x00007FFB44DDD000-memory.dmp
C:\Program Files\3uToolsV3\cache\hometmp\1691646974439_747089.png.tmp
| MD5 | ddcce3bb78f7afe368ae73dc3ea96ac7 |
| SHA1 | adbc9d45e15c436b494a3141beeacfd94ad5dc46 |
| SHA256 | e8cae30319ecbd47cc171f1b594249b475ee6e21b3be7f647b8b498140fcc4c9 |
| SHA512 | 70243d9e576e73797664e3abbf01aed97d8c74ebd5fb73d63e37222131f8f32a65aec7676d4357867d969adc30eb1037bf3841dc63a6b0bbc8468b3b9ceccbe1 |
C:\Program Files\3uToolsV3\cache\devices_table\border_14_Yellow.svg
| MD5 | 7aa817eedb9c798f2c4bed65caf1cb1d |
| SHA1 | 48b3606695148db080c9190491623aa11f2cb428 |
| SHA256 | 3199bee53e8aab2b971d5038a106565eaff4995b2c3c732c898b4f85b61d2169 |
| SHA512 | 458367901075b45b39ee380adc3de7cf9d9c03c9d300bdca214b3e5ac695aebe38bc5b2d82120eb2b9e1abf748ea4fa3c9ad205f865c55e49876eab27baeae47 |
C:\Program Files\3uToolsV3\cache\devices_table\border_14Pro_SpaceBlack.svg.tmp
| MD5 | 7f2390f5032c2a01f2af2efd2fbf0fe6 |
| SHA1 | 155dfa69d939cbba1a6f147d608a102347af3509 |
| SHA256 | 65d4e961734340bcc372fb5789c5ee02070239e6209b9cdeedae54623ec2b7f3 |
| SHA512 | 7cfa63e91cf4f6569cf37fd49134cdc417758fefbf9720560bba36f7e85263954bc3979750213757550b7794f5d588bb2583273334fa44161248e2e36fa78a6e |
C:\Users\Admin\AppData\Local\Temp\itunes_fix\usb\x86\usbaaplrc.dll
| MD5 | 1428a8b3dbf4f73b257c4a461df9b996 |
| SHA1 | 0fe85ab508bd44dfb2fa9830f98de4714dfce4fa |
| SHA256 | 5ed0d8f2066dd19d5aec42c5498fdd1db9cefab4d024a1015c707dfd0cfd5b20 |
| SHA512 | 916a61feb9a36872a7c1adece8933599e55b46f7d113966ec4ad2af0e2568f1a339629ec48eca10bd1e071c88171fe88292dab27ce509ceea42afbd049599cc7 |
C:\Users\Admin\AppData\Local\Temp\{fbc78d81-fb15-3041-88da-340ff7219b3b}\SETA36A.tmp
| MD5 | 97bc3bb77be14d66bafe247e5c46b0db |
| SHA1 | 4a78bef761020aefc50adbf894eb02666dac6db6 |
| SHA256 | 9a160fcae82c933fe3930830782b7458707defbf2200f46d370f6bf1a699c376 |
| SHA512 | 2379eaa10def39cb5286aba3ba7df558de48e91fdb112aa8e4463ed009fd880fd4d46481d6aafa8ee84577331cbb79689ba4bfe4451cb017df5e31d7e95c83ab |
C:\Users\Admin\AppData\Local\Temp\{fbc78d81-fb15-3041-88da-340ff7219b3b}\SETA36B.tmp
| MD5 | 2ebc04e384f237d2b32caca8a3f901ba |
| SHA1 | 1f3638c5a94668f3877f046b6df2fc4ef6f2cd08 |
| SHA256 | 32a07ee9313ae0b4bae928e5ba0e2eb9d99a5577946fb44dcd0e81d8062859ac |
| SHA512 | 8c142a0eaed394f742e824ff41d0ceb927572d291fe20278d5c09ebea3d69467ea91db3befe72f550dfd6efa526836f7241d70589ca2ee5f8c097d3ad83ba601 |
C:\Users\Admin\AppData\Local\Temp\{fbc78d81-fb15-3041-88da-340ff7219b3b}\SETA36C.tmp
| MD5 | a31656d224232177d4049bdcf6d2a34c |
| SHA1 | 432483c57d446b2ef2bcbb1a8fe5826cd60d7011 |
| SHA256 | b385f6d5839e6a031451947f8ce57a361b2866ba888bea58ce37f425d36c020e |
| SHA512 | b403e8273c7076470cd93af76bd8714d1eecf14104b362971c6af84758d1ced73ff10a0bfc2c3f0e01f11716d77b21b01b0d660c06b0773734a961f7e7830bc3 |
C:\Users\Admin\AppData\Local\Temp\{fbc78d81-fb15-3041-88da-340ff7219b3b}\SETA37D.tmp
| MD5 | b2e9926bef29e3d5fa62928f0c7a16f8 |
| SHA1 | 5325f3761554b960e00ada65478cfe2967334768 |
| SHA256 | 97830acae22500125bb9fd2c0ad39471ac97bf95eb6787bc368c1365dc608390 |
| SHA512 | 288bddb5bc4495ca40fa2ad5d2e9f9aa49c0ce05f7fc464d759e7b529b748c6f0726b24ff69416acdce1dfbff3453362da40f4eaaed67ecfc3c2526935be4232 |
C:\Users\Admin\AppData\Local\Temp\itunes_fix\driver.7z
| MD5 | 238c5c261745b85ae717bc49df6f8170 |
| SHA1 | 04d2e17652e4f5c9aca9bcf756672df34db2da6f |
| SHA256 | 16fc810b7a9df820e9544a517cba3c455fe68d2b4934172f98d184e94c37cb34 |
| SHA512 | 17504743c90bbf6f0c8724ef439d317c4fc1e668e19c3445d7a96ab5915c4527ac7366fd951fb9232cd8c158ee5136b7563da9b42b02ded6378b05fd036ac7c4 |
C:\Users\Admin\AppData\Local\Temp\itunes_fix\applersm\x64\applersm.cat
| MD5 | 8dab3e4d8e271f17696cdbbd638f28af |
| SHA1 | c4b3df527a77303785ed28a5cf1ac00d729ee83c |
| SHA256 | df42e6ae66f82785552cbe1815246128cea10029e9dbb463e211590941a81bc1 |
| SHA512 | 0a52bb023cf6d33faded6eb2829e0706f021be76217f050a77f65b09142f20b37675877ce8911cdb3bc8349357e0630a1e36ec60b3855097ede1c803a60a5880 |
C:\Users\Admin\AppData\Local\Temp\itunes_fix\applersm\x64\AppleRSM.inf
| MD5 | 6db0394609c92e266a16bfd93b1eb597 |
| SHA1 | 2d77b73e0ee0cf5f891dfb527991ead8cb39f22e |
| SHA256 | 10aac2d96e5b2c8f55605fd6acf6a39c7ef3d092018a5bc622011ec46c139a7c |
| SHA512 | d1e160e507d5f4e2a561226c5ed4254562ac1599481f22d39d6f3b9560312f42d85247017db3b8b710677559327ac71badcf2473696a14dbd2244de6cb48c4ea |
C:\Users\Admin\AppData\Local\Temp\itunes_fix\appleusbdevice\x64\appleusb.cat
| MD5 | 70e09f54ea9a321c80359bc9493fd9b5 |
| SHA1 | 440f5acf4b12bdfb052bc2e079e80a8ec6feae1a |
| SHA256 | 775e43292702903d1f3991b655dde23ccb378052d28f7e0e8f89e2f4580a7387 |
| SHA512 | 46bedf56160b17fa9fcf0c707d88b6539e4acab7c76e74bce31d4875c0f5d1f8ff0eb177f94aa0dd11b47c13d39a637f96a81af064aa79886259082be79b6ead |
C:\Users\Admin\AppData\Local\Temp\itunes_fix\appleusbdevice\x64\AppleUsb.inf
| MD5 | a150a24f14aa40de4c18a868993c84aa |
| SHA1 | b239f3995efa3018025a8b59bd7617f6ae06fadd |
| SHA256 | 71ef7dbef3e7b2c1bdc32c1a4400aa5f92c5c7eee9ef6261385c54cd9d0e26a6 |
| SHA512 | 953cf9074a00267be108d4fcd8626bfd56fcc7e1df5116a39564cfca4cc472f15ba1f4731dbfcfc92f2a92aacaccb186e9e552bf2115e68f07699854194b1010 |
C:\Users\Admin\AppData\Local\Temp\itunes_fix\net\x64\netaapl64.cat
| MD5 | 168c4256eea6a76983d79d45f191469f |
| SHA1 | 2f4e6d8db4bcfeec816d31a70045895a3e6158e3 |
| SHA256 | 2b8a6ebc3e10d06a6ebbcb4ef89992978836eb52d2ad1c09e19b137b0963c2f9 |
| SHA512 | 743f28589f4357594c4490c6bdc46b6ca6e3164ab58495d686316ba8effc004e68507b26cb07032f3232ecf21045078a97aae0fad9ac78acff48ec2ae0c26585 |
C:\Users\Admin\AppData\Local\Temp\itunes_fix\net\x64\netaapl64.inf
| MD5 | 2428e7f81420a9d7e81dfce9fa0613b3 |
| SHA1 | 96605444de2721d553530179ea96024f29b32827 |
| SHA256 | 6db20d1374088a64b5a435189e3cbf1c0f30496d4a2c80346bc904605f3d0261 |
| SHA512 | fc98a3010d5a71ce4c9ec2ef16914cc6fabf531fdbf1cfc487d42dc352111e47f970565a011cc6ebd18b2632af5bc107e5c0e784127b789b68e6cb3f214aaf5b |
C:\Users\Admin\AppData\Local\Temp\itunes_fix\net\x86\netaapl.cat
| MD5 | 98b045f42f67bb602d8b768318a86018 |
| SHA1 | a04dd80cb60abf2dd73aae417b0a34e10c321346 |
| SHA256 | ad62ffdfba01af7222d95193d23bef0084115ee3aaba3ca1bcd808056dfe2437 |
| SHA512 | 5d3295eb28685cd16e7da047d708f3f0d7fe0b2ea56fbe87d671fdb8371ae9d0e8fd18e3c456189954c8938ca96b4dd5937f21716348b27449d9eafdea104d83 |
C:\Users\Admin\AppData\Local\Temp\itunes_fix\net\x86\netaapl.inf
| MD5 | 2e21c73e279f7d39222d038cb711d7c1 |
| SHA1 | 493f1339c2dcaf82ad589158fd2f1b134cadbf8f |
| SHA256 | 7d256f65ad5b0a2767f9cdfdabe80ff9fe18c00be93e7df0e08c6508f309d519 |
| SHA512 | f5118e029fb911108eae967bd175a30eeee4a3898897120c38e92b92b43009b21f3810805b7a92ef68d2b8cdd84ff3a11d554114c0c4290e5bd9edb0c47e35d3 |
C:\Users\Admin\AppData\Local\Temp\itunes_fix\path.txt
| MD5 | 8629beec6d2d530f4b06a816c78358a2 |
| SHA1 | e4fc314491e7af7783d82d452bad1cad6d535246 |
| SHA256 | 348b6816e84c4ee4cfd6cd69d340df2e9a7129c25c24f385e58a06a3bd2a7834 |
| SHA512 | 8d3887345d7389def047296613f1de77cdd8d925f94652c80d5b4b909a693838cbd09bc0df95458d25c25f1bf5b80d71bc030840da2c1ea5979d86677fbf7276 |
C:\Users\Admin\AppData\Local\Temp\itunes_fix\usb\x64\USBAAPL64.CAT
| MD5 | 26eee7af8aa1ef8c1bd7c9327c602844 |
| SHA1 | 990a56215aac7000eac9371f489a0fc57d560078 |
| SHA256 | 946b0a8150213d6a4dd3aef6248ebb923f8167c84c7ff1b10137e5030ec8bf30 |
| SHA512 | 1cce53edb09f449720005ee9ca013fabb0be498991adf38ce738330a02b336790cb835e235e097c57a7cf983b4bf18664bc113b074cd94f9118901565d83e24d |
C:\Users\Admin\AppData\Local\Temp\itunes_fix\usb\x64\usbaapl64.inf
| MD5 | 2da3a91b71919d035d8fd17b6b90bbc2 |
| SHA1 | c2c6a29f3abc80fd992777a92df30699124d37c5 |
| SHA256 | edea577e694efceec5b26d745fff8125e9fc8a78cacd7365e77ef35031ebc49b |
| SHA512 | 71b98c884c338902110c83f6c858b906bd8d63e09e5f92d3e019f586d82961fdc71a459e6456a3e9a56b9b109838b4556aee91e0befb68c2ae505c93a41fe56b |
C:\Users\Admin\AppData\Local\Temp\itunes_fix\usb\x86\USBAAPL.CAT
| MD5 | 97f4158a43852869de6ba9f1c754bbc8 |
| SHA1 | 0565f0874d623268529b86967b93a7ae8d57dab5 |
| SHA256 | 1daa9a80eaf692e1c1490afafcc435e37cafa94e9a9dfe453a82b1b472f3b1ba |
| SHA512 | ba75a483ac75deab29c4174f1991dbcf4a76857dac23c99065e07585a5958e49f1ade0133fabdb3c8a28ba35e8df06fb529f81c756ae549b35543ad39817a44e |
C:\Users\Admin\AppData\Local\Temp\itunes_fix\usb\x86\usbaapl.inf
| MD5 | ca3a369e3993295e11d5fb6b7663f3b9 |
| SHA1 | 7771a0176a543725d7bbf70a546c096a4ee2dd40 |
| SHA256 | 4494c8af156d9dc7deea76491d73716e16b42e3e8b5b4555b0fd247b6cacab8b |
| SHA512 | 650b0f23b6470ad84a001821bd5ba6fc906db0e6fd616d734a87b9777ac1f5f6d6d0dc52f5aef223bf362109b77cd89c5b4e93562c1168fbd049756d714b64cf |
C:\Users\Admin\AppData\Local\Temp\itunes_fix\usb\x86\usbaapl.PNF
| MD5 | e70b88763cbd6ea996b231f2d1f22b77 |
| SHA1 | fa42e09d3bed60f7ad90f46ef142699ff6a376ca |
| SHA256 | 0cdad698563e00f2f7fcb88d8260428630f2cac3bd8f4a60b6862c1db0694961 |
| SHA512 | 6c9c46fda2d6dc9076333981c5baada87a711d09394a4faa02d3c8d7dc40e08464c37e5439f604846f758684cacf7f78bf944dfcc84506b0ee709dbf4cdaa0cc |
C:\Users\Admin\AppData\Local\Temp\itunes_fix\applersm\x64\AppleRSM.sys
| MD5 | 39fbeae7efff3b0859b3d467e906a81a |
| SHA1 | de04f243e6837394f141897e6df98a7777a05d46 |
| SHA256 | 30bebe8d26c16e1d22d776e641f7a68b9ccd1c70a3804964db6753b821eee4b6 |
| SHA512 | f565684b27a92dee7b748479631af3f1a201fe9e6cf3b76346f83b59b1755fa3483c97c95b65e7bdd7d2bfcbcb973c4c1f0a2a6859d17e73b249e75f9a6c1058 |
C:\Users\Admin\AppData\Local\Temp\itunes_fix\applersm\x64\AppleRSMInterface.dll
| MD5 | cfdd6b37070699bf9ac287fa4fdebf0f |
| SHA1 | bb6d98979e0577229beae7607a92d5caadf45113 |
| SHA256 | 35075c0a280d7544b402c1f030ae9acd3c917fc1bd6a52145fae9b2a55320ecc |
| SHA512 | 793151eb8ab8c35eab2a4e4d66b2dcd4827fef53080b5c0be7fa359e7f4cc7377998d7f222303d93233b09fb76859c16f6c47b3ec3b0e88081a8d1cffa8b4978 |
C:\Users\Admin\AppData\Local\Temp\itunes_fix\appleusbdevice\x64\AppleKmdfFilter.sys
| MD5 | 201f083b80cdbe930d78fe72f1123e22 |
| SHA1 | 6a368a4665e0e56c3f32973c679258ab6c4fc35a |
| SHA256 | 72fe475d8ada0cc2e26a4e659ca7d03bdb8d3061b4a689016a54eb52b18773a3 |
| SHA512 | 3fa61fac2127efbcadff25c17e055f32ee8ec65e82f192cb87fc3390dac322d5d24b611ac3b665b5661beb1bb0e62929e6912c80880b2187540298bb6eeb52bf |
C:\Users\Admin\AppData\Local\Temp\itunes_fix\appleusbdevice\x64\AppleLowerFilter.sys
| MD5 | dbd000cc3ef170bd3e5d26b7349a7039 |
| SHA1 | 1022aa866910aeef33a711f5a6d1de77a5dcffb7 |
| SHA256 | ac3469ac659287626b05cda0da457b63ed78241d4f20c60778f6292d6e158346 |
| SHA512 | 6342cbbd7864494ca22b9a5eb26badbedbf800d094cb0343ff441c1b6db49b73e87d37377ed9029c386cdb4e60debe9e24cd34d0f3733ae55b42f6bcd7ce5f3f |
C:\Users\Admin\AppData\Local\Temp\itunes_fix\appleusbdevice\x64\AppleUsbFilter.dll
| MD5 | c1c5b35fff1e13816718d6c30e15e2c4 |
| SHA1 | a75a49857418f8915d27df08802555e9d2f65274 |
| SHA256 | 17fa26ea576e98f40eb2a353123d27232335e3a20c8d91465ec83710bc1a8eae |
| SHA512 | 6725458b4b99d330d49c2499659eb87c9cf7c623fb5e9d1660c2dd13104e169ca1cfd242dab1ed601ff9902691d7875fc7f5fb6bc9851c336b41d20c0b66ab3d |
C:\Users\Admin\AppData\Local\Temp\itunes_fix\net\x64\netaapl64.sys
| MD5 | ee00c544c025958af50c7b199f3c8595 |
| SHA1 | 1a9320ad1ebcaaa21abb5527d9a55ca265deec5d |
| SHA256 | d774db020d9c46d1aa0b2db9fa2c36c4a9c38d904cc6929695321d32aca0d4d1 |
| SHA512 | c08cfb84b6bc98a965b5195b06234646e8f500a0c7e167d8c2961dad3c10da47407d339f1fbd2c3af4104932b94ee042872680d968c3c9b086705d374fc9c94e |
C:\Users\Admin\AppData\Local\Temp\itunes_fix\net\x64\WdfCoInstaller01009.dll
| MD5 | 4da5da193e0e4f86f6f8fd43ef25329a |
| SHA1 | 68a44d37ff535a2c454f2440e1429833a1c6d810 |
| SHA256 | 18487b4ff94edccc98ed59d9fca662d4a1331c5f1e14df8db3093256dd9f1c3e |
| SHA512 | b3d73ed5e45d6f2908b2f3086390dd28c1631e298756cee9bdf26b185f0b77d1b8c03ad55e0495dba982c5bed4a03337b130c76f7112f3e19821127d2cf36853 |
memory/5316-2332-0x0000000061920000-0x0000000062247000-memory.dmp
C:\Program Files\3uToolsV3\cache\hometmp\1691646872461_895937.png
| MD5 | 417a9a266186eba0b5c0e7fae060d5b6 |
| SHA1 | cbedf7bd71f7737c076069565fcab54cd040cf3a |
| SHA256 | fb536ebf3436a353ca42d3efe03204d9bd13f6d073887f8f38b875896d1b51eb |
| SHA512 | bd6fd68e74312501cfe4701ed8627e341d53cb59c6f5bd23a86ee3ae7310762e0dbabaf0f96c5dd99e60a616242d4410e30f3ee083d9b54880ce3073c63a3c62 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | eb38107809cf569fb7788fe71b1e2aef |
| SHA1 | 251eb7b65b5b6d58264c3732a3a23f2076868036 |
| SHA256 | ec2702b390b8ba8243053398b1c70299a5cb777dd0741216b59d77141117a5ff |
| SHA512 | 93559df0ab778530039357f7dfc77db626365823d91c3eba7a3bdf7f28f4c21fdb9a5c746369f9ad53973f13f1d92e83fb8a9f6f997c8daabf1b23d61b3bac44 |
C:\Program Files\chrome_Unpacker_BeginUnzipping5148_744046103\manifest.json
| MD5 | 15b69964f6f79654cbf54953aad0513f |
| SHA1 | 013fb9737790b034195cdeddaa620049484c53a7 |
| SHA256 | 1bdda4a8fc3e2b965fbb52c9b23a9a34871bc345abfb332a87ea878f4472efbd |
| SHA512 | 7eeee58e06bba59b1ef874436035202416079617b7953593abf6d9af42a55088ab37f45fdee394166344f0186c0cb7092f55ed201c213737bb5d5318e9f47908 |
memory/5316-2389-0x0000000060EF0000-0x000000006191B000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | 3b4fc5b9da5a5b1e2bf0a3f62523e221 |
| SHA1 | 4485894002b763d0414f86d8907f041af77f938e |
| SHA256 | e7cfca586896c501bb2df8763d0eae22a6998c5e056c421e5a941d1843fd10ec |
| SHA512 | 267242c0755994565a92b057c163c909fb61d009266d768ac2a5576dc10d4c4c3f96dff40eb9ce6a6ae96def9276ba1cb22396b261ab4494c4dcb1b6ff361f99 |
memory/5316-2420-0x0000000060EF0000-0x000000006191B000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\MSIE7A.tmp
| MD5 | 6ad6ed5ec87f3e15b9ec07752d4f0390 |
| SHA1 | 4ab03a717d114ad88207ad808661d7f009156bd4 |
| SHA256 | fd762fdae46d1430ceb28887ac092e430003f3f09d45c294a49fb37c831a87ab |
| SHA512 | cc96928bbd249dfe6567469a5bb06cece2fe49b7479887434c3d2fbdca33969c2b05e5217be38eec4b5afa439bee3e3aeb9f7a9bfa015be17c31b2a0fff04770 |
memory/5316-2466-0x0000000060EF0000-0x000000006191B000-memory.dmp
C:\Windows\Installer\MSI1C27.tmp
| MD5 | 950087e828e1b7426f703678e446c799 |
| SHA1 | c9f28be9b9f810132ec8d78c161e5a232491e60e |
| SHA256 | 8a41eaa0d699f48661c2560aeffe4b0432cf755f1b15e31ac9aff667d498b3ee |
| SHA512 | 9ab24bf84a4534e219df132a0b43874c1d6410ef802c69e65c5aaf3d0c46085470690851ef23303f9a48076e8ae552d816903e02c43c1af83e6fc3457d2acb93 |
C:\Windows\Installer\MSI1F09.tmp
| MD5 | 6f8e3e4f72620bddc633f0175f47161e |
| SHA1 | 53ed75a208cc84f1a065e9e4ece356371cac0341 |
| SHA256 | 2adf199f6baf245f0b07d31a3a1401d4262c3e6c98b8f10df923ceb2c937291e |
| SHA512 | 80187277e78f59b7ea71ed3caa55452e730d93b8c296d5820d470776a428cbb7e7fead87240e811436f85e4d89df2b9f31d6d16658d21abf59395cab7074a869 |
C:\Program Files\Java\jre-1.8\lib\ext\dns_sd.jar
| MD5 | ce9a2f5a7fcfff341d6d901ad919a2ab |
| SHA1 | 341f9d9a0b3fd8cfbefe0169b148dcc55688ee93 |
| SHA256 | cc36a44467f41cf2dc91c126e368e357b28a0d57101472d2dfd1c06a4091cdf7 |
| SHA512 | 1f53e652b042ee27fe05b11ccda2ed9ae9a8f44b948b8658aa7a2d7ad2f5bd94ea16f3d9a92e65a8c65b7480517f1d05a066a4fb8d961b927d0d305399ca4e8f |
C:\Config.Msi\e5a18ad.rbs
| MD5 | 4a46cd60c9c6cbcddab8109626edf737 |
| SHA1 | a3d22e9ca68595719410da1353f15e6d5fedf1b9 |
| SHA256 | 2f7a06f3c79cf25a840a2f719f84262be5645ee8354e9bcdb6998548082f0855 |
| SHA512 | d0d5c751e3f40dafd3d897a83fdabe4c32dd7a2ccc89b04796467a0cab12ec21a6bfd6e9b1ef8b752ee1407816bb350d5bbc14b568a67edce93ec1be7a7c1ad6 |
C:\Windows\Installer\MSI2E7D.tmp
| MD5 | fe11c4804b99dc5328b62f266a34546b |
| SHA1 | b9e4b99c71d01a5105263b1b351325ad60ac31be |
| SHA256 | 774992b8ffbb893475392387ff449532c9d75ef65b1e45718a03967bc526c739 |
| SHA512 | 29f9f52f36de3501c60a9c41f5f16580c4f2b1c30bbbb2fbbc002b21ff514b3fdf5f1ad809fb84c9927c48a1cad9322ad92fd0a40522e115be8443946332a6a7 |
C:\ProgramData\Apple\Installer Cache\Apple Mobile Device Support 16.5.0.12\AppleMobileDeviceSupport64.msi
| MD5 | 5fa31f33afa76e4ff8387d526abb70e5 |
| SHA1 | c45e907c6189429b231579988cbe1010dd7f0f9b |
| SHA256 | b6accb2caf4f4668f130eee803387588d31cb9e8d16c9e02ea010c554c1193e1 |
| SHA512 | 6e2221ce35ee00b86ca4494ea41eefe9174290119f0798a351a2ffc51f3c8a35af3181c3d366f6232d5b2cada6729a265fdbc6de42ac56d8598516b2c9722072 |
memory/5316-2588-0x0000000060EF0000-0x000000006191B000-memory.dmp
C:\Program Files\chrome_Unpacker_BeginUnzipping5148_486043928\manifest.json
| MD5 | 01cb8b111843d1f1dac11d249c24c8b7 |
| SHA1 | c4f1f6f219f325caee6363df7f459323109f2f6e |
| SHA256 | b13947842a1d3e66e62bd32398a3780c18127a520e7212a4adbf006a9abfd74a |
| SHA512 | 075d54cdbd80078d4bf66f3c5814a055058f2535629cc7f5d88fa5c69d5c931dfd2c456a0bc634768d796af604ce4d585c7904c1924d35df7855dfd7e275d403 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.1.21\edge_autofill_global_block_list.json
| MD5 | 1c865471f98902a3818e8bbf46360342 |
| SHA1 | 932497309e942f67080b84dd37dbd634117135d4 |
| SHA256 | b3ed570caaa1e88ca7fdeaa6569b5ed172adcb64221766cc73fd7e6b07e0c65d |
| SHA512 | d77791b1a55cbb09a6dd88911be0219c712d573238666e09b0c18f7b92573db2a54dc0525d3232851f1bb9c008c2ab542bb4fcefa09b7a4be50fcd8bad4e231e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.1.21\autofill_bypass_cache_forms.json
| MD5 | 8060c129d08468ed3f3f3d09f13540ce |
| SHA1 | f979419a76d5abfc89007d91f35412420aeae611 |
| SHA256 | b32bfdb89e35959aaf3e61ae58d0be1da94a12b6667e281c9567295efdd92f92 |
| SHA512 | 99d0d9c816a680d7c0a28845aab7e8f33084688b1f3be4845f9cca596384b7a0811b9586c86ba9152de54cafcdea5871a6febbee1d5b3df6c778cdcb66f42cfa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.1.21\v1FieldTypes.json
| MD5 | c1a0d30e5eebef19db1b7e68fc79d2be |
| SHA1 | de4ccb9e7ea5850363d0e7124c01da766425039c |
| SHA256 | f3232a4e83ffc6ee2447aba5a49b8fd7ba13bcfd82fa09ae744c44996f7fcdd1 |
| SHA512 | f0eafae0260783ea3e85fe34cc0f145db7f402949a2ae809d37578e49baf767ad408bf2e79e2275d04891cd1977e8a018d6eeb5b95e839083f3722a960ccb57a |
C:\Config.Msi\e5a18b3.rbs
| MD5 | 10766f0cb36bfcda7a7b2eed1783fafb |
| SHA1 | b52947c393503e0ed1fe4c0bfc69a784eabb76c9 |
| SHA256 | c2ee5c14128e28bac9d52da02c54ac830270639b08c8f4c5ff8d0e951951cff2 |
| SHA512 | aea2ea86e945b63e7686d6f7cf6fd240f5623bda2ef2a3d6eb47caba4fb95da57413031f02a45525b14f1a827e8e718c8743e51d6a6f32e733245b8904c35fd8 |
C:\ProgramData\Apple\Installer Cache\Apple Software Update 2.7.0.3\AppleSoftwareUpdate.msi
| MD5 | adf71b16f66b235268c5d894bb7c46a5 |
| SHA1 | b44a713560477c1ddc0be33bfff1a21cba714bc7 |
| SHA256 | 0610ef6e01c2ba53f57035545f2c61e85b1bafa6334a47f6de8a63b060f9a130 |
| SHA512 | 4564dba8763a165b582e0ab785fbf658f50fe07469716d0b840261a8faa9b1b9ffba54cab14f674b46bb22445128a1f56e36491421c8ca0b7dab1d933e0dcbd4 |
memory/3312-3080-0x00000000029F0000-0x0000000002A2F000-memory.dmp
C:\Windows\Installer\MSI53E3.tmp
| MD5 | 928f5dc7a304a78d8687b16618ae7808 |
| SHA1 | b75a22cbcce356cdaf39ad2315ac8974f4ee62d4 |
| SHA256 | d1727467b076e59abc58fbc6a4355a9d238fc5b1842644e33a0f920aab449e28 |
| SHA512 | c85167a58195261cf71c528e4877618fc7183fe04284abf7cc1b50bb74add5bff81d53371d881771bc96302b0be35c2aad9696a7cb3292c3c3ab3cb8e4712900 |
C:\Config.Msi\e5a18b8.rbs
| MD5 | 09bfd75100aedafacb265abd03c869c4 |
| SHA1 | abe47c0bc2d06da15ab9dd0c147af73eb34e96a6 |
| SHA256 | 7ad67dbd30eb7d4aaa29ecb909b235e488c5765acde01bf18a37266d1b0bed28 |
| SHA512 | 60294704f0f143614ec74ecd62f04783355c8896ab1e245137b4fb61d179fe916a43a8fc913580ec75d7eaf6e7c4798d14403df4e296e9b1bb51faea1892817d |
memory/5316-3097-0x0000000060EF0000-0x000000006191B000-memory.dmp
memory/5316-3110-0x0000000060EF0000-0x000000006191B000-memory.dmp
memory/3572-3120-0x000001EF25210000-0x000001EF25243000-memory.dmp
memory/5316-3130-0x0000000060EF0000-0x000000006191B000-memory.dmp
C:\Program Files\iTunes\iTunes.Resources\en_GB.lproj\[email protected]
| MD5 | 59d4281f0f7f665c809f2a68434999ff |
| SHA1 | 1c71204e311646a1b367860c0de11ea5e60e06ed |
| SHA256 | 57b642737825507373c0b192e3431f7a15848c1fb061b51b262b8d2438551e43 |
| SHA512 | e38edd4b53f950b8c3202552d38a6a56ee726a239527a1aec064b9a3a66f06a3aced67c0b6bc3c240994d006d8dbd5f2e2ec67bdd4e76c181e9331891d1d0154 |
C:\Program Files\iTunes\iTunes.Resources\pt.lproj\ViewLineItemiTunesExtras_dark.png
| MD5 | 589bbd384b604e83cadeba1d59f8fd90 |
| SHA1 | ee6fe62fb935e9f1007f31eea754e3cdc315d022 |
| SHA256 | 096343c9ddc34fead4232f182085ceba66907446657257969f3916ba991eb58d |
| SHA512 | 369b8d35ee411971f1dfd02fa065ce2badca714a0046cd26d098c15a8f55185178206516a62de59f81bfd285d4a8804a29b64d98f51f4e4a543bdb2eea993736 |
C:\Program Files\iTunes\CFNetwork.resources\en_GB.lproj\Localizable.strings
| MD5 | 11d00b701160c1244899bc1647e3b756 |
| SHA1 | 866c9acf31291a1459e6719dff2764af41eddde0 |
| SHA256 | 47be7f1aea7eba3fe98080713b1c4414ed5018aee75ee7f6453ae2ff95aa76c0 |
| SHA512 | f1e8727fa33b70bd146d71aa782ef8000b6824c06b936b7584057ca77cd082a001398bc5ef2202e12b50bd86687f3a75ba3a6b028d14c7ae3d1a21d868cb756b |
C:\Program Files\iTunes\iTunes.Resources\id.lproj\[email protected]
| MD5 | 11b4d45789544050871f75c0fb3b5e3b |
| SHA1 | 3362722a15fdd5a67d0c7e1c643c64a3630e89df |
| SHA256 | f03209b2a8826502acf29e9769c73e1fabb923f4ac11057299cf8fea57a13def |
| SHA512 | 51854f9a9961224dac3fab303d2e39e0a30d3f52b9d5e561dc07c69950733e6a9c6f585e001a3f9453fe0a7932a74e9b53fea0e87a691787cd11cb009017a794 |
C:\Program Files\iTunes\iTunes.Resources\he.lproj\ViewLineItemiTunesExtras.png
| MD5 | 59ecde9c26c45850d5d42fefd0a2fad5 |
| SHA1 | 6bca0dc1fb62c293f30bd7880d91cf96835ed4e9 |
| SHA256 | 2f0e9c34845db2353f8798bbd7ec23ef4fc151cd61b3383b0a3280b7de78309c |
| SHA512 | 9b9744414188aacbace2bfa37561266f7aa6426c6e61bece4990601f0a57c7c41302dcefe1757e3da86947baac2ebb06c266f18108448ccee41d205680822994 |
C:\Program Files\iTunes\iTunes.Resources\zh_CN.lproj\[email protected]
| MD5 | ff602a53d097a0d42fae257d6cd2fcac |
| SHA1 | 57ed476c7c88b7c231ec9e4d6acbd5c04808d78c |
| SHA256 | 8acad76c6c4eb0c023664b845a7492adc2e418cefa48aba7e99496125a06e5cf |
| SHA512 | a5f0d07314040fdbc614d09e2d38bf87ad0a1286c472f8c7403dd488488124e769d436ec1b01ff1b47825455f03aafadcac5722f4367fcdefb13ec3de0ec8def |
C:\Program Files\iTunes\iTunes.Resources\pt.lproj\ParentalAdvisory.png
| MD5 | d947d2a1018ae12438bc118af0a04215 |
| SHA1 | c816253a5341d804712b8fe00967cbc887f99907 |
| SHA256 | 041204ca5fb90b0d19d0f8b5bae858bf4022d9c794990e8fa4a0bc7eae093ed7 |
| SHA512 | bf7192cd4f137311d4696a0dfcb5fec66df5ad45e301fff3f8d4104163b0c64d8abf2b2d3f4100802f75aa55b435cc890005d5836c1350702473b0359add46a8 |
C:\Program Files\iTunes\iTunes.Resources\ms.lproj\ViewLineItemRatingC_dark.png
| MD5 | b52bc951d0c8f8dae4329368388dbb76 |
| SHA1 | ae408ee6f2d946aaddb8be466f7de2b99c7c4c58 |
| SHA256 | befb8ccb14ff090ad56345786c9f367a8cb2d14516ccb52dcda123df5e5dfbe4 |
| SHA512 | 144de7bcef6fc1be493229c84c2038e2c6b6719c5ceba95d7abbc14539c5222a3bd1e65eb00e0c0f3bfbe6e0be4ddbc9d2876dcfdb9f1b3372cd3361d7f58d98 |
C:\Program Files\iTunes\iTunes.Resources\hu.lproj\[email protected]
| MD5 | 02185d025965988b87c6b4748cdcd745 |
| SHA1 | e110b97b7d669361a0f2a2cc38c4a62f3d5deeab |
| SHA256 | ce8aa4cf4ded795fbf1c10fc881978746ce6c76f13accf566e7ba0e98f5af774 |
| SHA512 | f1b6617eff4a584a760c24423226c844e2ceec8df8023bc9a53da69b18f76d2226ad24d0d1b2bf61cb2da9711caf4c23ff7905298edb309cf771cca1797a2c48 |
C:\Program Files\iTunes\iTunes.Resources\pl.lproj\SortPrefixes.plist
| MD5 | e4f62c535e191b6d40912f32c60e1eff |
| SHA1 | 37203bd8a250fb9b7471e1a4b8b2dd4f727aca2a |
| SHA256 | 800cb75b9347c5142edc9094c9c829b10b6a280271f19e8ef3b4673a1cc48484 |
| SHA512 | 2b64834f62de68efc971bf59e36d7cc0a29c3e7dc4c2c987ae6840488f6fb94e88ca73276fd0968f2f6b68d427a5f87a97faa0821f0cefb533deab38a58f3630 |
C:\Program Files\iTunes\iTunes.Resources\cs.lproj\iTunesExtraGridView.png
| MD5 | 94eae9dc7a205de2ee0a17effa21b60c |
| SHA1 | 54f23cb71ac3a62680bd22a3b2b8ed5c6c86d5a4 |
| SHA256 | a33f1e4d73943a77e6471143d263aaa53a871f7534e27435beeea19e75c82fbb |
| SHA512 | 5601cb432d92697a630dfa9c5403b7ff1210f517c51eb84a4036d7c14192af287eb86782a8036b0da72ff39f827d118d276a43cfdc0019f40b85147948d3d99c |
C:\Program Files\iTunes\iTunes.Resources\vi.lproj\StoreBlankBuyButton.png
| MD5 | ceeb4e2a8deb651b69a973f5d671d92f |
| SHA1 | 3fff59aa350cdd2cfea69c08b55540b63122bf26 |
| SHA256 | 51edab4204721531caab3a704e86d54445db4b4ddca70ef2c4b1012fa6bb3d5f |
| SHA512 | 9112040b761b90b93e89249986e6e75d55038fc1537293d7eadd02e181effd601ea15aff7a3100cf2c72de610b8b4cfefb433ae8bd75499e4a3dbbccf8410493 |
C:\Program Files\iTunes\iTunes.Resources\sv.lproj\[email protected]
| MD5 | e85fcfa0b73018404b29d4fa04f047a8 |
| SHA1 | 2c7ba150c3fd101231563ffec9a7fd5ec5ae02a0 |
| SHA256 | 55617519bf037182dc93082300e162933c3771996607aeb605079bb834a182ef |
| SHA512 | 141c92030b58dea61e29020b1792cc2a8dafd306af2a9130b105721a026b81a05d0d1621d4a76f6b6e5509dfffd47506885579279b6a098130b542df60b0f884 |
C:\Program Files\iTunes\iTunes.Resources\pl.lproj\[email protected]
| MD5 | 010e5869f100573199acf50905ba17b3 |
| SHA1 | da950fbeb52dea27dc393ad4a113422238bd6002 |
| SHA256 | f533c5ca2a6bdcd1a9c7f757c0c9a17d894b2717c3493bd7ced8f36a722eecc3 |
| SHA512 | 83c30c0291ce0540a41f07a6566eab12b784efe5a7a8dabe29dee67fdfdc0e53e89026511476d0abd46a267bda76e179892a249be46619c7b6fd621d1ce753ca |
C:\Program Files\iTunes\iTunes.Resources\he.lproj\[email protected]
| MD5 | 8875b575ec840a83ede84ca27762761b |
| SHA1 | 7463b50c8483598dc6ae4889633a11edfcd3a5ad |
| SHA256 | 6529e898923292f4163ad09594682cb7fa1c32c6c71baac0e4405d9996dda509 |
| SHA512 | 9af764d681309781353504d270d78ee59798154c94292e8eb73b07e78f077a52cecc9523ee088d68fc08de353541c6ed34fb2d73eabd1316e638485ceec6a6bd |
C:\Program Files\iTunes\iTunes.Resources\cs.lproj\iTunesExtraListView.png
| MD5 | 5e93c7b6af1f907359091cd0c629b3dd |
| SHA1 | 4aba4ecd7b1b5d7937e7c7faaf7ac1629c0394cc |
| SHA256 | b21d24670a44bea7c5c86c2b87d356e66006cfeaebb8e6b7d4ebf07974ac3f66 |
| SHA512 | 492683e196bceb4f80d2bf07dc9031fd8f1667b0d8e3da877df1666bc419276bde0a6af8a1dd983a0b5594d5e0143eeda09ad2b87378cd221fbdb3e45291772c |
C:\Program Files\iTunes\iTunes.Resources\ro.lproj\[email protected]
| MD5 | 6cf4cedb6b5148b103fc91a2d057888d |
| SHA1 | 23e873c7d60c21248eb9f8381643a295dc4fb12a |
| SHA256 | dae1592358924b99a4363cf20fc4a6dbcaeffb5af2f7a248a0fb687e95336597 |
| SHA512 | 4847a96925aa568c6d523f84e760b35d0f4abad4b6df70c3ed6003289b776b3327bbc41dda3da96221113e41b0097a2275db5bc562c77117db6c04e4275fc583 |
C:\Program Files\iTunes\iTunes.Resources\cs.lproj\[email protected]
| MD5 | 236216d5b66e7e9f48715b953b465c56 |
| SHA1 | 7ad8425770aeb398922005b2649c4764c5b6dc5f |
| SHA256 | ebdb9147c9b509b923fbb4e1e7903c84f67b42542b0055b2f8356a16c456191f |
| SHA512 | 6da4821957d52ef729cee2c6436f75b8581b702efeced430e99abc81be11f8cd2f2b2c374a88d68ee177b46b0cf34f723341a78d642dd4c81a8b5f09e8c77bd1 |
C:\Program Files\iTunes\iTunes.Resources\zh_CN.lproj\[email protected]
| MD5 | 755eb418266342b17633f1615a1882b0 |
| SHA1 | df51fddb36717426da15d38f4edd48f74c140364 |
| SHA256 | f5f639656493f65e4a5462f6c4e280fdd54a7a4e839c2c0f52c8b5b1840fdab2 |
| SHA512 | 8bd4b9879f1899c2a5e5f9de80897882f262252260c69767365634f9a97e281020176613c58a9d22ffcb510f1cce66dcf26903092c455d7b17f951ba0876f116 |
C:\Program Files\iTunes\iTunes.Resources\hi.lproj\RatingCaution.png
| MD5 | 22b6a916115477a43ce634ea820a6304 |
| SHA1 | a34138e73bae3a62d745171d62f9f05a6dc07276 |
| SHA256 | 138d6ca25775eee1f0ea7001f694a5b286224372aa168a09578a1a9af7eb76bd |
| SHA512 | 97502dcec76353fd69ffabf398b53777bde50d08cc998a6213410596fc42eade86f717eef60bea0d5a4f193fbdd18b33f09fe360b043246b9c96d3316c7a0347 |
C:\Program Files\iTunes\iTunes.Resources\fr.lproj\ViewLineItemRatingE_dark.png
| MD5 | ef859a036759f6f29c3dc14928a75c76 |
| SHA1 | 45f8c4450757f2ec653ee0845f5ce497b6832598 |
| SHA256 | c5c8219de48b954849bf19b716dbba8358c66b02836417d8d729dd2a672935c0 |
| SHA512 | 93aae547f72edf6c466b4f6c1a43f7f0fe0393cc7f7ea87818b462a4938cd86903017a12cf4eb1f3e05492b312e8826c5fea1935388a168e1f0278cbf3fb505d |
C:\Program Files\iTunes\iTunes.Resources\el.lproj\CleanLyrics.png
| MD5 | 357922d796c4ab56acb274ec1c89ed4b |
| SHA1 | 4f29801424d33877426dc21cf02bdbabaa321120 |
| SHA256 | 66e1fc581446d80a7f64afeae19273cef7d6a10001e3e7d3127ade5842c754ff |
| SHA512 | e0c7b23cec3ba61f83ba3a9675ce078d4fd36fed08f8e1c20be6e9b7891c1d4175e5ceca9ec3797419b22806d82d86fa4fbad314565d000a36fbe92905c9e36a |
C:\Program Files\iTunes\iTunes.Resources\fr.lproj\genresLoc.plist
| MD5 | 17d011dc9b1de5a0dbcbe11f5dfa4dda |
| SHA1 | 22b3182f41bc4a322f162832b4dfa92a46a71859 |
| SHA256 | a0f0336ccbb2964f1b6534fc1a59a04896bc104473812ce0f407496648eaa93c |
| SHA512 | 99193d05842ff4debac4d1c1ae772d3fa6424f5c097eea557095a9bbbcec044a18c3557afb1d2f474a2b86db7a8ce24d44d2b70d1c5a989258ad9f70d6561452 |
C:\Program Files\chrome_Unpacker_BeginUnzipping5148_536253503\manifest.json
| MD5 | a30b19bb414d78fff00fc7855d6ed5fd |
| SHA1 | 2a6408f2829e964c578751bf29ec4f702412c11e |
| SHA256 | 9811cd3e1fbf80feb6a52ad2141fc1096165a100c2d5846dd48f9ed612c6fc9f |
| SHA512 | 66b6db60e9e6f3059d1a47db14f05d35587aa2019bc06e6cf352dfbb237d9dfe6dce7cb21c9127320a7fdca5b9d3eb21e799abe6a926ae51b5f62cf646c30490 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\SafetyTips\3057\safety_tips.pb
| MD5 | bd6846ffa7f4cf897b5323e4a5dcd551 |
| SHA1 | a6596cdc8de199492791faa39ce6096cf39295cd |
| SHA256 | 854b7eb22303ec3c920966732bc29f58140a82e1101dffe2702252af0f185666 |
| SHA512 | aa19b278f7211ffaf16b14b59d509ce6b80708e2bb5af87d98848747de4cba13b6626135dd3ec7aabd51b4c2cfb46ed96800a520d2dae8af8105054b6cd40e0b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\SafetyTips\3057\typosquatting_list.pb
| MD5 | 17c10dbe88d84b9309e6d151923ce116 |
| SHA1 | 9ad2553c061ddcc07e6f66ce4f9e30290c056bdf |
| SHA256 | 3ad368c74c9bb5da4d4750866f16d361b0675a6b6dc4e06e2edd72488663450e |
| SHA512 | ad8ed3797941c9cad21ae2af03b77ce06a23931d9c059fe880935e2b07c08f85fc628e39873fb352c07714b4e44328799b264f4adb3513975add4e6b67e4a63c |
C:\Program Files\iTunes\iTunes.Resources\ar.lproj\genresLoc.plist
| MD5 | 093deba2a9db087a0cb01a676bff1c9b |
| SHA1 | 9c7d3070d1fef593731dacdde8cf38e7f96962ab |
| SHA256 | 2950ef6f4409f89b8513f2bb787f9070c2983b698b35b678088c59cd83246bce |
| SHA512 | dc3860ac3d87ad8f28988b2c7e694721757a43367ce6a1333205cf335de1c29e739a8468a70bc305a60c4d0587aa062fe01f3762d608c9bc4d76867f2d381c1b |
C:\Program Files\iTunes\iTunes.Resources\zh_HK.lproj\[email protected]
| MD5 | e14f8e390a9c489b10eb23306d27824a |
| SHA1 | e33831e12fa5092ca15e7d8af7b01afed996b30c |
| SHA256 | 0775705d7637f7173ec31f22e324af8160b43d4cc6a47a2f199b3751963252b5 |
| SHA512 | 63c3e261ea445de5d7eaab326e0168db054b4d953e81f89f16446a1ef5170a96aa32db5d7cf42181f990a8028e9a67764885a6d94f74d1d1c9910dcebc4f8a4d |
C:\Program Files\iTunes\iTunes.Resources\fr.lproj\ViewLineItemRatingE.png
| MD5 | 30aa67b32a3542874bcc88e146e17b46 |
| SHA1 | 6d86b94d2c71ae27504ce8b3ad000fa4ef532a6b |
| SHA256 | 2ece6d0b0fc97dd6deacfdbaef44458a4b96e43319c78cb74c55d4f7ea79d9b6 |
| SHA512 | dfd082a54a13c5d2fdfa66ee9db8c893bbc6b32108308727665267f0a9e9fa9610c174082c0ca7a34832cbba768a1e2d8f6218b4c5a538a328a6159be05f3cc3 |
memory/5316-4047-0x0000000060EF0000-0x000000006191B000-memory.dmp
C:\Program Files\iTunes\iTunes.Resources\it.lproj\ViewLineItemRatingC.png
| MD5 | 71062ebf3a5a9b5c578387aabb2e7fd3 |
| SHA1 | 410d43bb43f7ddc7ee7cc225963303326485bc0a |
| SHA256 | 5c751b7f4b96d07b22971ea4977566ed88c3297ab7d0b2853e7e9baec00be1a7 |
| SHA512 | 0ad45440a3e77a4ea2d1ebc8531c91fcd663e596a90f5cdf1d0a57384c54d988c0759dff51f5231d973f9886c80c16feecfc16da84579a0cad53ba70b984a865 |
C:\Program Files\iTunes\iTunes.Resources\id.lproj\ColumnWidths.plist
| MD5 | 8490f8bf0576147ba7cd139446e6cf20 |
| SHA1 | 48a557825885bea1a6afcb662b07113e99a20136 |
| SHA256 | bf81225b2c30aabab43beb74142693ba800af85f88025446aaed2dcfd5068ffa |
| SHA512 | 86f0896fa6ad25a9550cbb3d0746eb413c86832986165e0824eadd917bb902b1f13c9aa60db78d477c3c5921fb7fe1465025765429b6a5a7e638da8063487753 |
C:\Program Files\iTunes\iTunes.Resources\da.lproj\[email protected]
| MD5 | b8f2462ffc91bd1956cb2607c1c9df31 |
| SHA1 | b4d4a46fd481f23268fce6b63496e753ec1c8a25 |
| SHA256 | b58b3ac76194b282833d971e2e2379cb25e7149f29f4a585e9405daf810a3d50 |
| SHA512 | 6814101aaa72a241e4f9d37594c666016a36bd4d5e5ef50623e23590ccf94bac80d2b8c062213b557ebbef5e007fe0400ed9c84422df8f5a5486d2c9bc4516c2 |
C:\Program Files\iTunes\iTunes.Resources\sv.lproj\[email protected]
| MD5 | 784f871663195e678f524f4aefccc28a |
| SHA1 | ee8a70134370ce17ce49bb31e92cff252958d202 |
| SHA256 | efab63103f90135001658bac9c8724da424e81fc05c9385953a7555c6ce1ace3 |
| SHA512 | 7e1b0f1f74abd674b09443b835da35b9b1855a0d7ac15e60670c6d3ffa1059fb13ccc579f069e444d073be0da76b65b4dc1d517c2ffef654a99ba9143fda6f7b |
C:\Program Files\iTunes\iTunes.Resources\hi.lproj\ViewLineItemSubscribe.png
| MD5 | d4eda1881d75dbd2b0d9336e9a5108da |
| SHA1 | fa2264a591a47e42b7cd581b9e0a3ada33874746 |
| SHA256 | a9ccdc7553e6cf9095d3760e88a3c9f76c0817ea6596337f21ae748828ce3532 |
| SHA512 | 4a953a46684569c02fa447f46ebc5d8c8445a045703f36cc17df708eb53b2c324bf83c4c71a72f35d96f4655e5159b919f4eb631df598d4888d40a73d675f527 |
C:\Program Files\iTunes\iTunes.Resources\hr.lproj\[email protected]
| MD5 | 5132ff3c2935630e2f54ccc9a360b742 |
| SHA1 | 58a0b7d8667d625d8e0c9267bfbab88551c6524a |
| SHA256 | 5501b7a0c2af99684fb58c1acd227fe53bf07f4028382aca136607ed9459fc8a |
| SHA512 | 816d16f9b37c52f97a64a5a1f4c4b6c1bd2705231703416c7713212e1cca2753e3bc5e3352439a0cebc89a5ba0de584edd1183603cd387e7c7fdea1f023b1f85 |
C:\Program Files\iTunes\iTunes.Resources\pt.lproj\ViewLineItemRatingC.png
| MD5 | 471584f30a8dbce0f8e4ab7a781d3705 |
| SHA1 | 1d4ec7b6ad3ae1ccd48056c84d05f2d684db85b5 |
| SHA256 | ec0e0c2e51cf0c587bd8cd8842682ed78becd0cdb76ba06cb1c8cc1d98c710c1 |
| SHA512 | b6370cdbf9430cccb041c21641409e43bfd2a1b78836ee38fd0a706f26623ea1cc84e645fe6b501fed06b4222173055c101bee5de2cdd012c0cf5451cd3031d5 |
C:\Program Files\iTunes\iTunes.Resources\fr_CA.lproj\TextStyles.plist
| MD5 | 7f9f90998dbb72a12f12464fffd40997 |
| SHA1 | 01a41b41e92271eea01f31b208a2c2b47b496b59 |
| SHA256 | 503b82910c0a98e3509cdf590dfa8f722ef149390b260068675fae09c3cf12ef |
| SHA512 | 7c293a39681c386002107aeb852c15ec8b4acea037f8abcef601cc76380f3487f421d267a6ae856df90b10fe8d032852c3650d5feb36f675a524163314e23a98 |
C:\Program Files\iTunes\iTunes.Resources\sv.lproj\[email protected]
| MD5 | d9eb252906d8d98e592ef01034a94c76 |
| SHA1 | 5fd847136846bba1957e2ace9e1d3ec482de2e5a |
| SHA256 | 6f231775671c67eaa458a6a2d1405f3e5c52d56882f5620aa435166f4bfb7529 |
| SHA512 | 7bd132759532496ca864cfff7ad411ff48e3d2a9ab28e3b50afdabe5782d853da52a09f093b25c0d7c60906ce42ae8a28634df363fc6a435962dfdf3ae9faa71 |
C:\Program Files\iTunes\iTunes.Resources\en.lproj\[email protected]
| MD5 | 498055b7ec8f362e71a988ff8c79b517 |
| SHA1 | 4b28c12932e86c68c7acea45303be3900bf987ea |
| SHA256 | 065261151f732d9f8391b0bfc00e71d3dd8e47c84331aa94b58e295782d74a30 |
| SHA512 | 0b7c4dd87fed1ec01b14334e129ac43c598c30a1141bc9831f7b0ad106704072112b36ff4688520d675eb72652ef6a1dc349c95f55f6a59a245c5c151771f0f7 |
C:\Program Files\iTunes\iTunes.Resources\nb.lproj\[email protected]
| MD5 | c6beffb1568071b2fab6f19bb9c875c2 |
| SHA1 | 137ada0e83cce6b784a8d4f345430c28d61944a3 |
| SHA256 | f1b5cce0aece4f65441bb7cbbf86155ad2d4e90b8bbba8252de985ae02d751a5 |
| SHA512 | a1e811646642fbfd11ae794e7c764a3bff39e285f1724deddbf9ed516cfa7929e8ce10611b9d0cc11f6c1944728f4aedca99df5badc72f2878209c3d24b28758 |
C:\Program Files\iTunes\iTunes.Resources\tr.lproj\ViewLineItemRatingE.png
| MD5 | 18109ed593d861bd659055a5bd9db831 |
| SHA1 | 3b2596e909633ca509e857650d7d7c9693987a4c |
| SHA256 | 1c28554bca95dba35ce291c0a42e0810e2ceebe805d63f916b6b7505e057752e |
| SHA512 | 1b8bb8ce363f7b5db7fe6648f518d0d528cb47bc90f5c80e66d8928b79f7912879b1c35ec6944d9ff91cb70c84547b9e46758cdd315e299453016da3cc24bed9 |
C:\Program Files\iTunes\iTunes.Resources\sv.lproj\MasteredForiTunes.png
| MD5 | 67f1b4232079935a9998b0395a6b7c10 |
| SHA1 | ac4bfc88ed92cb526720f9cc9b4a377ae6a7a787 |
| SHA256 | 95f0affa39a202e292a5f630a2524c8de31b6478304e040ef06488d9dd1e9f0a |
| SHA512 | 410e56ec048d2033e7e05202fc09575758d5c5e441146bd89070106108f1332e3ed3b8868238c78f18c0d641898607ecf1c704f51234d741f0693868966b0219 |
C:\Program Files\iTunes\iTunes.Resources\hi.lproj\[email protected]
| MD5 | 7676be0b698ae5a36b25772f547142bf |
| SHA1 | 4f5ab9344fc8cc6de692bce6881878185b96bd4b |
| SHA256 | 946361d40f1b68a0cc29004ad4f55522c648023004e6adc9975e90b6e382657c |
| SHA512 | 09f77f33a281a5d4ab712b2f43f01da729085cbc27a973c8f34e3fe0cab1fc515f9dbc45ef35ed9d0a04aa76cf26e98d0c78e8b1805f12560e2866239bb9248c |
C:\Program Files\iTunes\iTunes.Resources\pt_PT.lproj\DeviceCapacityBox.png
| MD5 | 8246496c258d58712c0a972bece0d69a |
| SHA1 | 65f4a403895354702552e2769cfe7f480a70ea6f |
| SHA256 | f930036e7cae52b4022d979fdd6274d8604ca4c7e6f14495223dd78c17bc19a7 |
| SHA512 | b1dc4bfc186762e414ece274b158f10fefaa86ec373c732c804381733a7c17cd56e27331ca7381e7e9fb795c04a4a09ac75642684f36f99d4c2ae2871dd8d447 |
C:\Program Files\iTunes\iTunes.Resources\en_GB.lproj\iPhone License.rtf
| MD5 | cb4f512972b12e3b783e89704cccea3f |
| SHA1 | e64cd7091224e3449e15e4ea664aef256534183c |
| SHA256 | b636c8c51b01fd142af1134448763dc526041f3fbf635e841b0c2882254d64f4 |
| SHA512 | 8b9abc21f291f53ae89b16f1cd9403bb881f9fa9140cb919e0fd5f4ef8544dca0359b7d5e45f54e3ff74eeccd4d9f0b62494992a58c6e230e4467015a1092988 |
C:\Program Files\iTunes\iTunes.Resources\fr_CA.lproj\ViewLineItemUnsubscribe.png
| MD5 | 001e313e3be5e546cb50d86cb65dec8c |
| SHA1 | e7feac3aa8b53b2670077ae0254a2900ac579467 |
| SHA256 | 59a9ffdd81daf97ceb9e66f1e29b292dcf78373eef8df94038df3845d3e6d5a5 |
| SHA512 | 26329e02aba9b0ed9295dcdc0834a7b2a75aa05843365490ae0d86f787159967943a8040ab425c10266523e15308c6c52673cd2ac5db7073369bd76c0777278f |
C:\Windows\Installer\MSIFD0E.tmp
| MD5 | 93394d2866590fb66759f5f0263453f2 |
| SHA1 | 2f0903d4b21a0231add1b4cd02e25c7c4974da84 |
| SHA256 | 5c29b8255ace0cd94c066c528c8ad04f0f45eba12fcf94da7b9ca1b64ad4288b |
| SHA512 | f2033997b7622bd7cd6f30fca676ab02ecf6c732bd44e43358e4857b2cf5b227a5aa6bbbf2828c69dd902cbcc6ff983306787a46104ca000187f0cba3743c622 |
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk
| MD5 | 680b862ec54fbc504a1ee1847f160e49 |
| SHA1 | 2b0584a7d2e00c337faedf5ee084cee5545f7d80 |
| SHA256 | f5b207b18e431363b4b88d3fe321a7f16be3b60fc2eb065fe1e7e24fa898d2ee |
| SHA512 | 2322d2dba6851e12e4196a190ba7ca8772e9a9e604099b3c2109ce31469482a0c8ee521b8ef834eadb4078b4f5f837b53672ba27a2360798a02250d8fe73548f |
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk
| MD5 | b232bb048ae98f0de5d597066c22fde5 |
| SHA1 | 07a9713d193af91243ff6c1b2d75e7089f6a7ba6 |
| SHA256 | f97b74c859dd7f3978a697813c0fecf10998421309fd1d02e2bc3ebe5542b063 |
| SHA512 | 0fd1ac94d2b9bd9a311084ce2306960a7f0381f63b2cb1cdb94e41a96689638f097f8e8beb59c887363ac30d5e62b564952d13543137e6b694ecb594a5163e2f |
C:\Program Files\iTunes\iTunes.exe
| MD5 | f76984d6a5d80ead9c597ed723a3a4d2 |
| SHA1 | 161b2b74aded0e27d60ce71e8e1cb81d20caf527 |
| SHA256 | 985fb377ba59ef405cd7591b646cb17ee6cbebdb8fcfa33f4510c6e9ae7dd16e |
| SHA512 | c43903add9fac4a3b1628b32fe173c5a3d9ae2aaec85b3a4530a86b798a5a1db58923750f3da36736b0f04f5180a48a13036a4f4ae66312838feff360b800a83 |
memory/5316-7660-0x0000000060EF0000-0x000000006191B000-memory.dmp
C:\Config.Msi\e5a18bb.rbs
| MD5 | e28e7ad1c6c457c29f9e32c63a8f8aad |
| SHA1 | 0d52ed6359e7773bf48fe2a10ab25dee0929aafb |
| SHA256 | 6cadd385b30906af6a7af18d9c77f032a2b9ec4d340025aa9775f134be1a7adc |
| SHA512 | 1a015fca1b11fc8600c11c27aea35fb975c3812dd27413852a9d4c562732dd39ccfeeae2e2308f5675e890e6af3ad892f61bbcc9cfdd4767a3fbe94965fcb792 |
memory/4068-7683-0x00007FFB31ED0000-0x00007FFB3394B000-memory.dmp
memory/4068-7682-0x00007FF785430000-0x00007FF787A0C000-memory.dmp
C:\Users\Admin\AppData\Roaming\Apple Computer\Preferences\com.apple.iTunes.plist
| MD5 | 8f770dbbe853e44d5b119b80dfbc62ea |
| SHA1 | 6cee85554518d7a001a00d09f8c9fd1b7b979eee |
| SHA256 | 5ffd48bc774b10ccd5150d2fea0fa472bad76cdc0b59ba06962256f512281b60 |
| SHA512 | 54f36264fb27fb800eb09d6f39adcb3f9da21a89e8e9f586e3f28b96c7dde75fb8a0a8a4bba69ff72a1147e901df16c96b47f7d99defbe4d06cafd1e646271af |
memory/5316-7713-0x0000000060EF0000-0x000000006191B000-memory.dmp
C:\Users\Admin\AppData\Roaming\Apple Computer\Preferences\com.apple.iTunes.plist
| MD5 | f1d72378ef9eac50d0cdca42693a977a |
| SHA1 | 40acadd266c37b5af1b53df3ee8c3a03c5b6b72c |
| SHA256 | 285eefd5e18d162bb370fe3a2b99b2ab514d3a1314bcf5a8c2c7070d86c1c3c2 |
| SHA512 | ee93ae2f2e528f7e355cecab732a6729616451665d61a44aefd86cf6d496bf891bffbc890d8016f11bd701715dd27f846b1766951d21c889f05bcd46d93f6b41 |
C:\Users\Admin\AppData\Roaming\Apple Computer\Preferences\com.apple.iTunes.plist.Xa04740
| MD5 | e51fdb9a95c62038c1ca9761357a4e64 |
| SHA1 | 3843d6d7ec78531b595c3310fc55f8baee703465 |
| SHA256 | 790f43344026dfa62f4c5969530d2c0c22e77a7f825ad9a07b386927bad3325a |
| SHA512 | a12092971165f1158ea6f608e50b3fc8fa64248f205ddd3782e642279d4ae2ab55f8141853a3c8c93c6060e335637e598693c271d980c94c0ac2c7823867f2ec |
C:\Users\Admin\AppData\Roaming\Apple Computer\Preferences\ByHost\com.apple.iTunes.{64cca931-4d71-11f0-a49b-806e6f6e6963}.plist
| MD5 | 4c9450201ea591d809927172a5004ee7 |
| SHA1 | 0c195408e0626bd8ecb4bb6dbcb06e696f9304d6 |
| SHA256 | 80215326d75aeed7cac5346bd6fe383307a8e13c1f946ded4b8b62affd21e3a9 |
| SHA512 | c6c5cafb1e39828a1d7478373d9718917c97d8ad3652a323709d4ae2acb81f252e63cebfcb3843d36f20f5b5c739e4bbfbd31b2ae5a207bca79faa0724ec38e5 |
C:\Users\Admin\AppData\Roaming\Apple Computer\Preferences\com.apple.iTunes.plist.Xa04740
| MD5 | 39fc76ec25bfc17b9ba2bc126cd51b0c |
| SHA1 | 82b11cc225ff6ef4f2adef2b1d61b4cafd837f84 |
| SHA256 | 0bf2c4c1b5975cbae0098ba2817d47b8c296f466d8aad1692f9f5ad14c24d904 |
| SHA512 | 4b5d06e3571bd936988cfd9dd6909d0d0dba51d430de605129e4d428cd31dd3c930e3ade88674370d503ef015b123be1d418936398cfe24bbc629419c114e607 |
C:\Users\Admin\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\F702ADF51A2C7ADACC92D3771879D3259D54CB4E
| MD5 | 61f713638abefdcab8dbed695192a3f2 |
| SHA1 | 70ba569831332b076cfc524b016131c663d4f2c5 |
| SHA256 | 7a28934f09994b3dec3f844849c5411a02133dfe91791ace99490b1cfa091568 |
| SHA512 | 559df47da97f0a7197efbd0be3366b7dfc478e1ea42cfc02c329b4f3cf98bc8bfdafcb9f700117b9f75fb2fc44c48f825eb4da62382d4bdffe21f89c74b603cb |
C:\ProgramData\Apple Computer\iTunes\adi\adi-A0F89D8E.pb
| MD5 | 456642126aa296cf2e88b0cefde9c180 |
| SHA1 | 2a4b1a139a830041c92a572d0404ad734b5ee8e0 |
| SHA256 | 00bd5f421a69f088c31d40064b9ed6354680f69b98989803c3b237bc114fbc0c |
| SHA512 | d244f1f3b5e6f48a9bb372e25ec86ede690fcccaac6a8d8c0e52ec55dd6b48b48c8f172f4b30aa29aa26adb528aafc3cd2272a4dda4218f511bace9d5a468f4b |
C:\ProgramData\Apple Computer\iTunes\adi\adi.pb
| MD5 | 776cd421d2b7a1017ca2892648245108 |
| SHA1 | ea376d6d493d77063a47cf34c29b73de6788a529 |
| SHA256 | 11d31e528358c55425d5d0e087b8dfa75930dcb08e7414e55f9ed65b8c409c8f |
| SHA512 | 431fee467272bfd7475763d61e33e76c9355492f55fe42f302cf41291a48f5aa8ee1c62b3bafd9623f366e6c04df8db1daa786c4de2e28fd4d1c01481dab7d73 |
memory/2612-7850-0x0000000002B10000-0x0000000002B4F000-memory.dmp
C:\Users\Admin\AppData\Roaming\Apple Computer\Preferences\com.apple.iTunes.plist.Xa03532
| MD5 | b19f6859cfbb6bae0da68d6e99d928b8 |
| SHA1 | 4b521e706f1952252ecaaf9db8eaf94743352c4c |
| SHA256 | b7be1a50723a67d9f71d7afd6f7f6d30ef85917ba43b27b7c11ea045a04758e2 |
| SHA512 | 1474e701be5f8a54820c8c0b490f344da466d1dad11b0e410c34299a70e312bb7ac79efebf86c4e18cd3f51eb27f31fab4c3d405919f99631b8dbd3386f8961e |
C:\Users\Admin\AppData\Roaming\Apple Computer\Preferences\ByHost\com.apple.iTunes.{64cca931-4d71-11f0-a49b-806e6f6e6963}.plist.Xa04740
| MD5 | ad6d0d8b168cdcef68e16a5484c40501 |
| SHA1 | 0578374ab206eb032404e03b5cfa100f635c9e62 |
| SHA256 | 6a557a96c1c9a23124dd8166f59ebc4fb4c711e1fa8c87f0ae247ab897cb6308 |
| SHA512 | 05f9d42259cb9ac08b9059c6f00996704d1236d4fad427f7c9dcfbff9388c7265e3a633930168d6181078d7491702c4b5cb4552c58ec3c3bd9b8d04f37dc6890 |
C:\Users\Admin\AppData\Roaming\Apple Computer\Preferences\com.apple.iTunes.plist.Xa04740
| MD5 | 67be28fa28a83454dbc4707e27d836a0 |
| SHA1 | c25c6ff77438ef4ad62cc3cb4c6da051e3f9f3d2 |
| SHA256 | f0248dc7d03ef717e01b18fae08d79220836244e4a4fa588371147c917f5fe71 |
| SHA512 | 76100a30d2ed99b8e23b25926e3600957ba415734685a8e8d648041ab54171ff99578b1c5b95a32334ffc641620adeab02f0638be42e1dcdc8d1fedf4f355fda |
memory/5316-7910-0x0000000060EF0000-0x000000006191B000-memory.dmp
memory/1388-7914-0x0000000006890000-0x00000000068D8000-memory.dmp
C:\Users\Admin\AppData\Local\3uTools\QtWebEngine\Default\Platform Notifications\000001.dbtmp
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Program Files\3uToolsV3\QtWebEngineProcess.exe
| MD5 | 5a27bf395e2d7375c549b6c6976baf21 |
| SHA1 | 9997d224763d4107dbb8d37a77e6d6a47499d842 |
| SHA256 | 2112be5480733a2e8f735cf392e01ec629d25b5b8e96fa53cc9613ab2409973d |
| SHA512 | 252bbee67a9d1675ae947a265b948e2daa0e0a01d6b6085d6c116097d16c0724bd45742881603f8ae6a907330104e378d97b44e89bc38655cb56934f23227956 |
memory/4452-8075-0x00007FFB444B0000-0x00007FFB448A0000-memory.dmp
memory/4452-8076-0x00007FFB444B0000-0x00007FFB448A0000-memory.dmp
memory/5736-8077-0x00007FFB444B0000-0x00007FFB448A0000-memory.dmp
memory/5736-8078-0x00007FFB444B0000-0x00007FFB448A0000-memory.dmp
C:\Users\Admin\AppData\Local\Apple\Apple Software Update\DistCache\082-11726.English[1].dist
| MD5 | cd1c8fc295cf354cd9982b94554532a0 |
| SHA1 | d3e63b78f9baf518cea2a18acc5fc4912f5ca1a2 |
| SHA256 | fe2c63e9753f1ce8687e526f51f7309581abb953c02883e6a170a394920a2b86 |
| SHA512 | 02d5bd2c4161e63e5c718ed750233492a552f6144b696afcafbc27037b8c306b8d9c4c07a672cd13675d34d4e0de9eec32c7aa5275df6219bf7005fd168d97a4 |
memory/5316-8095-0x0000000060EF0000-0x000000006191B000-memory.dmp
C:\Program Files\chrome_Unpacker_BeginUnzipping5148_1354245751\manifest.json
| MD5 | 22b68a088a69906d96dc6d47246880d2 |
| SHA1 | 06491f3fd9c4903ac64980f8d655b79082545f82 |
| SHA256 | 94be212fe6bcf42d4b13fabd22da97d6a7ef8fdf28739989aba90a7cf181ac88 |
| SHA512 | 8c755fdc617fa3a196e048e222a2562622f43362b8ef60c047e540e997153a446a448e55e062b14ed4d0adce7230df643a1bd0b06a702dc1e6f78e2553aadfff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\EADPData Component\4.0.3.10\data.txt
| MD5 | 60beb7140ed66301648ef420cbaad02d |
| SHA1 | 7fac669b6758bb7b8e96e92a53569cf4360ab1aa |
| SHA256 | 95276c09f44b28100c0a21c161766eda784a983f019fc471290b1381e7ed9985 |
| SHA512 | 6dfa4eca42aea86fba18bc4a3ab0eed87948ea1831e33d43426b3aca1816070ecb7fd024856ad571ca2734214a98cc55e413502b3deef2c4a101228a7377e9d5 |
C:\Users\Admin\AppData\Local\Temp\itunes_fix\net\x86\netaapl.sys
| MD5 | 9213aa35bca94eb79d366da254e4bdf5 |
| SHA1 | e05ee5138270ef09bdaee37b31ddb57935e55cbb |
| SHA256 | 5e1c71beb6cfff5a6f149e9fe6e169d087a6cbe63a504fee8d42170284952f85 |
| SHA512 | 51f147b5822b1adbc524712575a0d77cc28cdf69e3c6e01a81136043fe6fe57c64783b47d59f8e8dc0235abbbeefb658f9dc123ac104666a8f232abc121a6e5c |
C:\Users\Admin\AppData\Local\Temp\itunes_fix\net\x86\WdfCoInstaller01009.dll
| MD5 | a9970042be512c7981b36e689c5f3f9f |
| SHA1 | b0ba0de22ade0ee5324eaa82e179f41d2c67b63e |
| SHA256 | 7a6bf1f950684381205c717a51af2d9c81b203cb1f3db0006a4602e2df675c77 |
| SHA512 | 8377049f0aaef7ffcb86d40e22ce8aa16e24cad78da1fb9b24edfbc7561e3d4fd220d19414fa06964692c54e5cbc47ec87b1f3e2e63440c6986cb985a65ce27d |
C:\Users\Admin\AppData\Local\Temp\itunes_fix\usb\x64\usbaapl64.sys
| MD5 | f957092c63cd71d85903ca0d8370f473 |
| SHA1 | 9d76d3df84ca8b3b384577cb87b7aba0ee33f08d |
| SHA256 | 4dec2fc20329f248135da24cb6694fd972dcce8b1bbea8d872fde41939e96aaf |
| SHA512 | a43ca7f24281f67c63c54037fa9c02220cd0fa34a10b1658bae7e544236b939f26a1972513f392a5555dd97077bba91bbe920d41b19737f9960ef427599622bc |
C:\Users\Admin\AppData\Local\Temp\itunes_fix\usb\x86\usbaapl.sys
| MD5 | a176718f0df45f60f545cf3e14f4d108 |
| SHA1 | fb03c1b53709f65712df5a8318130d9788bc3cea |
| SHA256 | 5e767cb0b51b3ba05b6f99a7e46bec275489dcfe874343c9b992843aa1f2334e |
| SHA512 | 7af3e0b90cd175b6b6c24abf237dc4395e6b9d2f360ee2cc3721d3184811fb5b086199d4a27f36bce8d6462c2717b3d9e2e1814a9d5a24ea4dc4fea32e6ae427 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.resources\ClientDescription40.plist
| MD5 | f4a8cacfacacf9d8367062bec459d4c7 |
| SHA1 | c848e149eb92e3e1fc185b66ff3c9075d3a89833 |
| SHA256 | 6dfda830fdf53416e579bb472d0ad35d38e2b4908ca8facb32c1107115ec30f5 |
| SHA512 | 7d170add75d15e918996667c2ed3e8daaf78fe59a5974fc99208280d2181adfb6e8c842b124541e4e0d62db2a716a59c67ef2870409bc68d1fcb25f8696b68bf |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.resources\ClientDescription40Tiger.plist
| MD5 | fd5e0a5957e6e850a0fec29a5b4e7778 |
| SHA1 | 0310df7cd8671079175a4bac08522002d873d08b |
| SHA256 | a409f64fed63229a64cc329757967cf689294ca51a3453f6ef56349e65b7abb2 |
| SHA512 | 15ca1a5247089e0ec21c169a35d78d26b3d30ef7ed50d285ec41ee791fa6771b7e692fbb9267c4c072f51838b8c3cc33d5fde3903e9bb275aab50a9da006f75f |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\CFNetworkCoreTypes-Info.plist
| MD5 | d255aa4a14ef83a6bff0e8d15cc5737b |
| SHA1 | ff259bbfffca544c54fb2c000d9edbaa904a0150 |
| SHA256 | f5fcb0fcd6d7a2b59ed3334271f828604e44eb6bdd74c247ff46385e419c782f |
| SHA512 | b0bfd38933bfc5983717aaa74c943e4f08aefbea114c5843060437b79ee501fe9e89cf29f0c228ca8bfcd3c998e93260b617111096f15bfcc7211198e3cde9f6 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\PACSupport.js
| MD5 | fa2b0e76f31fba2633e4b5f9af936656 |
| SHA1 | cf7d62e0fc5de667a6eeb2665980320f14b9690b |
| SHA256 | c206d735db997f65d265fa42d068744c7b1b1c14bbdab3fda7ec271e1953746b |
| SHA512 | be4aef1bf0276f492f17876adba88bece9f063e90cc87ef2d4a80a4deabfa5031d124dacc1fbe9652765b2f4412057727b0aefaef0eb880fca6ebf5bc7993108 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\types.plist
| MD5 | 7030a24390362226b001bac16f82417e |
| SHA1 | e198838ee05170afeab2313259a5b3f36ae8e82f |
| SHA256 | e57ab8116a2202a4c20ec2eb10f25f145a6a298ded8cbb28420d75dfb35366d3 |
| SHA512 | 4a94f0b6d7be64772c663d967b6da8041db229f7d191a156cf91e772d9b1bf9e3d613c3fbfd179b5628d55107a23b20a80978e96deca3d4935c4feecd5828109 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\ar.lproj\Localizable.strings
| MD5 | b63479f0ee7e3cf41dc013f1b0d6c8ef |
| SHA1 | f1c099f87f3c48745cff4214909270b2b24fc8b5 |
| SHA256 | 7924020d9ca8e53d520d53dfcbbaee633ed6801a696692c43f2710d251fadfb8 |
| SHA512 | 861be0f361098d705331a46c53d6e349553824b5be7d61ea7ae7feee622109e54351bc7e938657faf37f26ed9762dcc336f42632b0de2e8c9c73e9d94b302b01 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\ca.lproj\Localizable.strings
| MD5 | 988a7ec9ca3cb97bfb575da2970d2600 |
| SHA1 | e4b3efc59c48c465d4a214cb8b6ca0cc25511aaf |
| SHA256 | 31e59fd2e43d48f7c84cbbfada6aacd3962c5ddc89ce9630f366f8272201a403 |
| SHA512 | 868be2afd6967a9b5bb518cae3d7ffa89701791c60c539935525e627eafed2fa31e7d93d150023d1613e73422c0e849bbd20301d1b45522e6cb0684b992e3f0e |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\cs.lproj\Localizable.strings
| MD5 | aaf2bf0f366b20942615eb5901367b53 |
| SHA1 | 911dd660e053cd1600014800e16238c5b9edf67d |
| SHA256 | 0bae07fe7d8a7217b561869244200a3d860708257d4313d5f32fbaef478279c1 |
| SHA512 | 03f498e20c9d70288a018439061e96aa8b0cfd45f72eb4b8bfe97ecf1d10e5d6e98ce2f13ef023b4451a64ae665035ce5d1408bed802802498241e69e9ba278d |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\da.lproj\Localizable.strings
| MD5 | 8f7f2df2fca56448d7e6443865c2f0ca |
| SHA1 | 2ff994667d2eacb07d33924367a1bc62c612f24d |
| SHA256 | ab05afdf443334a85889dd600ea695e1d84940d5e790ce8f2cef6e22efc9a597 |
| SHA512 | 9d2454d927ca6a737d8b25e9575e195ba7013d852c4bb83efb98ed084dad16d7e3ff6e2640228b3b09b18c16b7909aa75ed4925604dbab0d6afd3afde3063120 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\Dutch.lproj\Localizable.strings
| MD5 | 2a75ded6b8ca09ae0dc178246dbd53cb |
| SHA1 | 8c1d029819ac0a45c24e2edc9ff566c5f2131c63 |
| SHA256 | f4113f9543e6e8de2a94eb70ba17d761e4140af2da61c9fcb694df8098d3f707 |
| SHA512 | ebfdf1d9b520cbd3befa89cf03f6b983a8d9abfbc4e5234fb9bdcb2e93d1ce35776c2a99c519f475d1bf3e310e98410918b02ec4228d4ce4dd59d57c03d0a409 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\el.lproj\Localizable.strings
| MD5 | 58da4449c708eaeb78082506aa82a09d |
| SHA1 | b24f6150216a511fbf7576862b18dc0a765b8b90 |
| SHA256 | b4fe229cc2578499061004644a42c973d4dc395f3499519932a8ebebc88cec07 |
| SHA512 | d6e8a81afacaef7ff18987fc2254ef7f0236d78939e40eccc0c8a389c8bc0dcd386f42753e3d655f79fa83671dc3f5cda4f2eb7ddef49db6762265cc4af46979 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\es_419.lproj\Localizable.strings
| MD5 | fa129e180724260a4a9d9511473edadb |
| SHA1 | c3e8b48d63ca9ffd4f444b85d616a8568b01afd2 |
| SHA256 | 4f02a5d6c31f0a39b68c8cb34b45dea4a2ad2faf363a95ee81968701153dc63d |
| SHA512 | a65d9ff7507c3a366cafdeb3e8e2fb46d388591989aca0a8ee6e883797f49186920bf93c44ef0a82a55972a060e0bbccdae0481d0abe3f06b087f41b87d4293e |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\fi.lproj\Localizable.strings
| MD5 | 143abb3fdab235aaab9fbdd038e05e5d |
| SHA1 | 04b78bc0682c28f638578994dc1ccac3336afee5 |
| SHA256 | 9045b3c351b44f1d450febe07421c3a24a88cf117370bf2fc1669ff3cddd8d64 |
| SHA512 | bdf9bb279ab9ee08f59ca8d48ae63203e27b2569ca587fb3e799a26536393caf251b7830d466d5489613a72b8b7ada369dc61f3d1e901d8e0fa64c9a8cd2061e |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\French.lproj\Localizable.strings
| MD5 | ffd3d649033c637e0a5f87036e7829bc |
| SHA1 | 1a1f76176e30a620ba536a8040de0b1b1b52b87e |
| SHA256 | edc7b90ed31e8e205179bf1b76423b582ea3735e4d3a2c2b8e8a37da1ce86ead |
| SHA512 | a34994db663ddb9e4b2c367427835f9e8f060b201ec38942dcf9a4614401c56903c1040c65950f995ecd7d49dd6669a817f321f97205f46fbe6a4bdead825999 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\German.lproj\Localizable.strings
| MD5 | 257b7494ce6458063e73ccd80d9abe03 |
| SHA1 | c6ef4dc93e43d1277ee7a0f1a46a1bbb8d6898ea |
| SHA256 | 5fc5efa213c122dad012f1af242a59720882fcd6f0ea9ccff086cc5dc2d16b13 |
| SHA512 | e31ad3c72ae43e370994d2e2553511fab9eaa0175b91a0eb65a564ec5a55eb00f1a2b14d264d68ba0a45ea91f120c1377b91d6ffb1ae8624efc62c27079b8b42 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\he.lproj\Localizable.strings
| MD5 | eeb0d6dafc21381c68c0540500ecfb6e |
| SHA1 | 062496448500fecac25a2e41942fb1972755aa96 |
| SHA256 | c49bcec8a1bf9f27d378e300463940242a47319633a1c0d0218efbe894264e19 |
| SHA512 | 54240f23937f8f33c5448797a394e9c4e5f203fb49df3912909c5d05b54f289d5a409ef300a954fe8f3538cc7446e9f23e8ca5a4ccab0b8e3f3aa74301244db5 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\hr.lproj\Localizable.strings
| MD5 | d0b1d92b910a016bf4e860f1735a3ad0 |
| SHA1 | a0c5b64bd8ccff27c361cb89c9f68f0b21a12469 |
| SHA256 | 18f5f28a065465c5a6288d95770cf2ba3e6bb25a27957b449f900768e2ae6cb0 |
| SHA512 | 4cf6a956d02d824e95c911209d75c87465bf9dcc460144409460a994fbc9bf7b0afd5ab190355dd7ab5b017b02cb5838b4025115f8f70bf7f62c4312a4e4c528 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\hu.lproj\Localizable.strings
| MD5 | e3b7230b907bd55a33754928501866f4 |
| SHA1 | e1da4e0cdf75ad7c6709f9cd08b8150f2389e392 |
| SHA256 | 618ee9b9991a884d75151cf06da52d6c6f7068b7d4aff91ee2a0493b293a6e0d |
| SHA512 | ff9269cfd3a2acab7b5abb53627907709cddd897e1740ec447ad4f26ff2ac52a43c3ce719b456c424ba1ef23599e5d473b3fe8f49f17015c3736fdaba65ec04f |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\id.lproj\Localizable.strings
| MD5 | e0a8e5e53832c40fff5c0171bb69919c |
| SHA1 | e500d1366fe0f52c36086b0b67e0eeba692db678 |
| SHA256 | ddd10ad95233ad606d03876058773faf0bd75e23de761970771a5151cea320b3 |
| SHA512 | 205bad0b8b7827106d08fa575c4e6664792f8f8b34f2f55fce73204e8cc039e38ff71f17424965b173e5a2d329619bdd37b6e6f649a6c4207795080798eb0676 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\Italian.lproj\Localizable.strings
| MD5 | 35603494436f5483bc80ed6f269af72b |
| SHA1 | c1b2f361acbbe0441a0f8a81e15a13bdbab2c9c1 |
| SHA256 | b9f2daaaaa6a6f157d2b507c7f5252954962e8d8ed6e57c9e70c92f7dd90d51a |
| SHA512 | 933b2a55091a7716a64f7db2740a20b5e9df58136ac15c28c3f64a580da024945319aecf111d6ab238220a6c5ce5842a354efbd8665e24d539638bceda962a55 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\Japanese.lproj\Localizable.strings
| MD5 | 6ac64ffc99ae891481e77eeb7be3fe32 |
| SHA1 | 36eaaf1ba3b8aae059d1474ac2d7a8b4fbd5a87c |
| SHA256 | 4e66d140c7d9377aacfb8c9a6cc7e01f837ad7e7da07811dd40f2d513eec1e2f |
| SHA512 | 93f55de023ebaf4def201004ae0efb3ac638dcac7b13c24fd0326b62a62caca04248775f0f85f32142b3ed753f2ecbf9ef57dcb2cd4b8b8f29de71c05440db61 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\ko.lproj\Localizable.strings
| MD5 | ce8f0fa6c2f6acb3872ffea8992119ab |
| SHA1 | 762b2685163b85bb7c2865c780f1456b4516cd09 |
| SHA256 | d705f8a6b2f1fd4d1a89694d64cfae73306f09ba264f3b1bd8ea579d5142f0d6 |
| SHA512 | b073e6b957758e2895bfe80daacf2ddf2e7713e8d92d426199ca1328ca6711859260957b1e5097c9d5431a652cd60f06d651964f4479d6bc9b08bf0270c8b9f2 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\ms.lproj\Localizable.strings
| MD5 | 6c9954e935baa10cad705d1373a799da |
| SHA1 | 53f0b8fc84bf946cb7826dd2807f1bb7a4241b73 |
| SHA256 | 1e61dea43d77eb1098b4a4510e9511e53a1b9141bbf9f72a9143cd3c89e2bfb2 |
| SHA512 | 2017a789624823de5b218fe971a9fa742b4c99af564a667e1186dff397b79d594e820bd9d8c3aa206a4551a7d9c1e8c3144994da702bf649fafd046824a4db0b |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\nb.lproj\Localizable.strings
| MD5 | 26bd730acdc5ac7cca4f7f6c458464ce |
| SHA1 | 240e53549be6c62f080d5dfb72e1e9ee8de39d08 |
| SHA256 | 59e34613c58bb72c28f2c81c826b66ec17083d5436009410035f4435a904bf5e |
| SHA512 | 9b7f2de5231ede30f054e5ebb0932f3d34762d0ba89ae85a39d8bf8c20f9a44526c086f75d96af1f0b96188508ce02934d7cb618e35ae4354a118c4c67c4af53 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\pl.lproj\Localizable.strings
| MD5 | 96dcb3e4f3ba2f9e4d7b38f4d5574a04 |
| SHA1 | 2e7e71742f7cb50e9015193f4cb6965e393b4f3a |
| SHA256 | fd8b61535eb6df458a8a799c2e7bfabf6cd7c0232f22cc2e391e058b33a5b3a4 |
| SHA512 | 351c44bc793a605dc6931520606425c317d18313668ecd28ea97138c88f1c553c765c9359a7ccb4ba0761e3fa715aa904eda6b5ce196c2f1e8b608bd43343386 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\pt.lproj\Localizable.strings
| MD5 | 180dcd8377675931c7dd20a6507fe8a8 |
| SHA1 | 3d397799dc4c052b287f21c70c9997bd12046390 |
| SHA256 | 90929ee8b0d2ed297ab1eecece802e6d12da340c421d6f9b57e5640d319d06e4 |
| SHA512 | 3a222ed70ce6fc88774722617e583247ec7b675bcc53fe2a8c330bd1e71fbb95c7a1f8c37ddfdca641a6176bd7a8f514dd08b1f134e370bfbb6fbeb95b905769 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\pt_PT.lproj\Localizable.strings
| MD5 | 758eea5a1be513676562d06f2be8b677 |
| SHA1 | 3e5f71521abf5c204061c1dddeda7307b2c84a85 |
| SHA256 | 1a8252b17cac94aa82d5588c13442f80f4c1a652120c79d8fce096e50396c365 |
| SHA512 | 6b2ac6ef5d4e7e0eac781b1d8041da4b3518e22d1130e42106a5ccd4abdcd580f02fa3d2017effba383bc6a17186a8aa41cf3f85fca6c08ab80c6f0aa6dff0a1 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\ro.lproj\Localizable.strings
| MD5 | d6e4ccc4902c8fece184b4243a63a229 |
| SHA1 | 67a300fa8174f1e5dfcfa27b0098a3d25e3a333b |
| SHA256 | 496676a45cfede197cfcdc660d398306a487ccb8f8fb7d7559cd06bbc904b834 |
| SHA512 | 16232ab74a492fe45e71d3cc6cbe749931455c7435e1c204e8242e83adc37ce77dabf20c18eb876918c53648873691847ec15cafface1498b394b096d138082f |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\ru.lproj\Localizable.strings
| MD5 | bc6ec8f3ea945f42aeef109cda23e85c |
| SHA1 | c8818eb4a6ed81417ee1b786fc828038db34bea9 |
| SHA256 | b20222b432188522728be00f196b3f23e093dc2db28efd2fcdd270c06e8496ee |
| SHA512 | 59ed48f18cae100c327322c4e30433b964407bff7921264adb061841b337ad25c3ff35bffb31634d97076c5de2953c1587fb4ec7340288009cbd9065729dd63d |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\sk.lproj\Localizable.strings
| MD5 | 3f66523fb039ec6a1d79c93d54bb6897 |
| SHA1 | 80daee3f66c68bbcf7ca0cad37e290d179aa4cb8 |
| SHA256 | 6b8d32d9c17e9fa14a50af69c5482ad14b9cb261961aba079f0f5b2618a03865 |
| SHA512 | f58ea2fe70eb2728692f92095777e879e3bc8c7e06524ed9d96cea9be361cf2f60fc422b3434e1cd65d20a4dd7a7e07905105aeff8998c34137f6648ff2c31c5 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\Spanish.lproj\Localizable.strings
| MD5 | bdd41ad87458f7b08091cc6b1fe92ab9 |
| SHA1 | fffeab1e20bd5b56ae2ff927036f43624c39c88e |
| SHA256 | a6e8811946f89501be1395e4ebaae841ca93eaec478a6704f5624155c153d3aa |
| SHA512 | 4c6e3a001c054240724451239668582943b57552e707ccd8186a429a75e22373a2c596330db6a77c32941ed7e80c58398786354a29b4dadacdada5a3dc355376 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\sv.lproj\Localizable.strings
| MD5 | 943d803d733eb087b0e2d825a57a22a2 |
| SHA1 | 33ebcf62d3da9b33b61969b8375d5a00becd9fe0 |
| SHA256 | 5a7c5e4d0694a36d8465f81044c89bd2155b0eac8d66671161c4eace47694fb5 |
| SHA512 | cde46282cd3bb738c0a24013f5f5d48b54d46b5df892a7853d5ac457424d85789a5b2982c28e13d1934ab69b68b5fab3df17c3832b8cae965a1a6f1eba426ecc |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\th.lproj\Localizable.strings
| MD5 | 268c4a68ff061248738c9279660328b8 |
| SHA1 | ff8616c9ff02d26b7d24d136348d2b748f8a019b |
| SHA256 | 88a1eea5c12e0d62d9089ad8d0fc8b44a6b50f219617475c32716e43c00168b1 |
| SHA512 | d9b02dd4ce7770766a1dac8cc7d274f2395bf31340dad0675adbde745e6fdc2bba475072e1693f91f67d9528a849bbd2c02957f4bf1644dc87030b95c1ba438f |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\tr.lproj\Localizable.strings
| MD5 | c0dbdc3a54b49c71d05872116775d073 |
| SHA1 | 5f51618214dffd9f53b08da702f456e2b818a536 |
| SHA256 | ce9b965642664a416a7ace61b80acd2ccba319789efcac97101ca4d889661bbe |
| SHA512 | ce82bd39bbb0d1090b34578df42460604891a5c2543247d34f1582c5da89bd08e7009af647027d38f23259e6da5277fee596cd88d2ee4d6ea20041eac460fee1 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\uk.lproj\Localizable.strings
| MD5 | 5092b4943281a78edd9ba468fe3d4acd |
| SHA1 | 64bf7f31407b21d925979373800801a89eb5feaf |
| SHA256 | 8a20acdf8a2cd8b4552800a5dbfa0da8b376e3e9dc1e7a9eb52b93ddba8b2f36 |
| SHA512 | f8be301bfbed0193507e7dce4616349a6e48d973ac117f212462f06e6dfd462542cadc47deedcdae16ddf7571e63642396cfd5fa7982f893fecf661ae4f730c3 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\vi.lproj\Localizable.strings
| MD5 | 2c937a02eb0aa17a6a000006a2e8d4f5 |
| SHA1 | 2e5f1989dbc2bd722f7802f5a1a5503e03ec8a3b |
| SHA256 | a0470812a2c2569bc8265b655d683bf03b280717c34a055f6811e77e0bd101f5 |
| SHA512 | 60eb99bfd98bac61c7dd24eabc15f21b0a57a805da086d02525aa6bed19d37f4842572ce984aeb40f9387b81ad46e00d3ce9e695768a79742ec9f51c623df5da |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\zh_CN.lproj\Localizable.strings
| MD5 | 28ccb4f3f1babd9b9a1e200c9fc179b9 |
| SHA1 | b394556cfc7fe91dc59d318002de65e91cec0e2f |
| SHA256 | a72efe35ed0980bc8d6ec1012c8c1f8ed9253bd7a26b9ba03ffc0db6e49587c3 |
| SHA512 | b7ed2cd6535b6eeb4a5bbc7e0e08632446ce6a5312a86f06a5a4a9a10283b8783043b705fed156cc8d9a1005e8d6714ddb2e8135f0f8f41c6d1ab97335d600d1 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CFNetwork.resources\zh_TW.lproj\Localizable.strings
| MD5 | 557c29c4ae6aeae8eb8940bd2e66fb61 |
| SHA1 | 9ff8478f740cd4ace7059ef464f6a9539a412bfb |
| SHA256 | e36027e8fedb625b0713cd1ff3cc4fc78ede573ce3b37c27c2cbf37315ca6dcb |
| SHA512 | 5bce9ac14f5d01f0abc34d78d4a0464f76388df282352770bd54d3a806af049ed799505c966b9b7ed864bab225602b1ff76f540dbcc70932ba797f3dabb9afad |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\CFUnicodeData-L.mapping
| MD5 | aa1641575ae08da9be4ca06650b8a579 |
| SHA1 | 5a486f7c0efd1e5c0bc7179c3361cea888926c98 |
| SHA256 | 95a9fdd9bb8aa77c9a57e5dfd9b789ab03766abfe72e271b08dbee5a74137c67 |
| SHA512 | 6fd513c85b241f1c103d427b572c3e526165952f37de446f5b52273dba95cbad669ff72df895636127c74501548823f67c78510b508526c8bbcfcf836488cb7c |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\ar.lproj\Error.strings
| MD5 | 8744ca814896e5120e41080655bad2d3 |
| SHA1 | ce557ed533321a16c44b6e2b91ed6b340792a23c |
| SHA256 | f2c854966337cbbca1d087524b1057049fad65ad08ccb30fa936f45e567f902c |
| SHA512 | b8800a5f977b6623ae8573dff768be850931bc125023dac399713221a2e27ec846ff39aff1a579d53da6598964a244fc277ee5c40a52e4f2436331d0fef8588f |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\ca.lproj\Error.strings
| MD5 | 5b8bbbadcaba3e9effb307fabab9b6b8 |
| SHA1 | f640604ef70f8f03b69c62da8abe60fcb1361bbe |
| SHA256 | 12810b32b5ae54ffdd80c392e3762dda094af65bcc4b2e946b9e5fd9ac7ef904 |
| SHA512 | 43d0c9ae66e7c49324a2a44f3dd3013fccf6e76540ca116002a77c1604c3a2e6374c182b2109478dc7554130c6004a91867cff256a54fa89be30027683a3d69f |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\cs.lproj\Error.strings
| MD5 | e6bb465c0c84c24d490a233d5e15fee6 |
| SHA1 | c3294d42ca0921c16fbef908059a6e9a722fbc90 |
| SHA256 | ba7305a291fedc3234a4c6fc2a751df30842b619ad120687709fa2bd112b0e0d |
| SHA512 | f925117d73750d33cd1be05e2e4aeb7c0ce20a06e095f96957a771a2bcd7de4335b0e4df4cf88c045589c220413945ffc3acb30efecb259b739ad18cee7e6817 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\da.lproj\Error.strings
| MD5 | 8e522a9f1efe755a12705e29f9b4abd7 |
| SHA1 | 7f7113cbe9239ace12a44f149201e011c928adb0 |
| SHA256 | 9e660848676a0fdff6b6f6ae68973fd99b670349a36ad7ebc56a319cab766839 |
| SHA512 | 14f43ee624a45bd10fd99eff84c514d77d32ee4e132b21e8a3d515022dadecbecac81bcf5ea61cd2c3d36abea041e16a654921fea70e15c311f77c73fc77bf47 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\de.lproj\Error.strings
| MD5 | 2be887e04f8e279e7cb9aa42f1408d57 |
| SHA1 | 9312df0b79dfdb0d0b1c5c52cd4227c870971830 |
| SHA256 | fe47c21a5b34cc6634716835c71afbe289581b90fdb4dc45165e25fe28f67aeb |
| SHA512 | 476f164a90ebaa7a598c0657814155b7948dc042309c49d2a2cfc248c32d8549062b8ab7f03dea643824b6144e4b6257bbef9e9cccf65d9b2141613b80a0cf0d |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\el.lproj\Error.strings
| MD5 | 8548e089d1004f40c8156858bc798468 |
| SHA1 | 0a0d4a4b843ab15af3645c4c6675a9c3f0e59f80 |
| SHA256 | 87b4c300541166546dbc8d6ef71f6daf80e8e4b6b0724d6a3838bd9f709235e4 |
| SHA512 | 4ed1be336a478cd8a6305581f1e356d8e5893f7aa563cd8faa8828837af4fd9f0fe66fb3b52c9bcd6f513c5388c84ea03bf77b062ddf65b6c67506a60148eb3f |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\en.lproj\Error.strings
| MD5 | 2edc6acd3caea3cc1d295aa83c4e42db |
| SHA1 | 0a017bb9a5426888e76f6629dc93279dd1e8a40f |
| SHA256 | ea8fc9192d60a78820da393baff637152404078202007c8a4597c1c029cd2bc9 |
| SHA512 | f25775a8d62a7935db3de09c20ece9938aa227d354e17b5abfaadce6592ae036577d9afffc804632f9d733ff515e10d05e729e97d3ac64a9db1472dfba664849 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\es.lproj\Error.strings
| MD5 | c76c4b7a72358da379c0faf39fe1b6e9 |
| SHA1 | acfc016321717f0c2cfb76bf155c5e1dc08297ef |
| SHA256 | d1321ff0de3719fddc55357f0e5af6af04530f40d173d5398f9c7fa4a734bcdc |
| SHA512 | 33178faabc142ca1c0569f6265464ef297b93cfa4a850cf3b5fec7c5dede19067f391c737af961a09f0f70ff16d2c2ce401c0253a6fb4dd5b02e4a14e9f9fb8d |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\es_419.lproj\Error.strings
| MD5 | d885bd58892a30421851dcda4bcda7b0 |
| SHA1 | 31b8e378d5fad3470c209271df66cba9d8b46967 |
| SHA256 | 995b3f4fb4634a0cadd1286d7b45d8cc9d628d8d14443056f0d2f8eef6842885 |
| SHA512 | 4edb3bcc43c254edc8939f7405dc1bf4914bfe460accbc9a451c1af1d853e59c0f2fef145fcc0f4b1f6aad3c265cfb0295dcfb84e53b49bee58fc441a0fde876 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\fi.lproj\Error.strings
| MD5 | cc9b90bbde52d2e64f528f4c5a9a8b6a |
| SHA1 | 4d83c8db08466100fab41ac052744dc165572c93 |
| SHA256 | 3bff46313bebd0dc446e19906fee1bd1da763d7fbae8c0a30178f72e88d4e0fd |
| SHA512 | a7b185468539c470e18a996bf70f41af9c29ae25a952009d36ff142817dd1f208b295b943d25b43f76f13200a73669be78e0f3b89a4b4998c8562f8a679e68bb |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\fr.lproj\Error.strings
| MD5 | 2c446435c0d0d1ad2f1bd32355341205 |
| SHA1 | 879f2e480562dc1d971e34a4c8aaf8344dc016a2 |
| SHA256 | a6a7f917e16619f66df619ea6ca6dab8590d697169a5e37d208fb2579270ec2f |
| SHA512 | 743ac4984778f63ef0e7bb8fd1995c874afc5ddcd07a3e8a56f8356bffe673d15a77bd6791ab8c9e010d27cea74bcc371a68a539c25d6fca34faeb8a257355bb |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\he.lproj\Error.strings
| MD5 | bf986abec72ccc86e69a813424dce535 |
| SHA1 | 8e297b76ff1b3908a6784bd02ba70a15e6f69ca3 |
| SHA256 | c046b7a995626a4de92329301dee8d89076c2d82108aa3a00100aade8661c58d |
| SHA512 | 6279c698cc269d6b628b9ae9616c4c3f48855a59b4c39ab731ab095794ceacaf5283116780479f930e4f5baa04601e195cd42dd35debf28ae841a839e6a8be6c |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\hr.lproj\Error.strings
| MD5 | 84d4f1b4d2e7da388b3d44a17fcbb12c |
| SHA1 | 079e081ec5139d1a58a3af7c37bbffde7d27480b |
| SHA256 | 74acfcd628e2e89ffb6f10d92d97c019e16bd1ba93b3f054b5f1a220dde2dd58 |
| SHA512 | 55f2644042c8906a0ffd1c1ea95fb8f3d27a3919ac5c41ee315c144c967c28cf3673666c1522706625165a9981374d8eb574f78694721f0d4c62da466ede680e |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\hu.lproj\Error.strings
| MD5 | 3bbbda44eb949a752e19f7438bf0797e |
| SHA1 | 757956a010b9843484e86c5982ee17aa19888bbe |
| SHA256 | 9def8ca5d38541c057cb079ea62a7ce508f7cd5d601b9012cd16506812f8bb91 |
| SHA512 | 2cea5847198ad7e6db7b118e913eb55a748f885b78ad948d5c7abfe339f6bd0919afffde98dc01442e1f83a0c0252763f12a3f2cb17711be968907a1349d56dc |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\id.lproj\Error.strings
| MD5 | 524db54430888a08448ba13b7257e4c2 |
| SHA1 | 07caa31075e86985da46a1582472cf6b7187f097 |
| SHA256 | 92b616861ae4f59a318a9f30170f05a45ca199b4cc088414808d2a42747fb634 |
| SHA512 | 50b2144e9fe41e028c5a2421f7b6a74c5456075cd21d77c4ccb5833708fa8f15f405d6a4997cbda527cfc0cd7744e9b89e87b64be76a00e3fdc709bda9a457de |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\it.lproj\Error.strings
| MD5 | 6c5e5067b1f93269de5185b428af832d |
| SHA1 | bd6139f2ac99fae483ea1631a3b432deab1cc21a |
| SHA256 | 1391a18b453b08d06e55075b467735ae4b8a915e272a90de41e2aa81ff92fc82 |
| SHA512 | a2e8e4f867104a6607e6929c87a388fd6ef2f5e2e8ba2c31e41cbaff9b334bf255c372650f150de03c9379cc51913dfb9f8fca51b3e1460967b4709a258d3e93 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\ja.lproj\Error.strings
| MD5 | 9fc71fe08468ed0872811c5a20eac1b9 |
| SHA1 | 4d45a62dcd5471f6f5d808d0be21b9a51abeae77 |
| SHA256 | 511d3fc7ffd515942f9f3a0fda579d92efe8eb239eb8a8ac769b9a45a56244f8 |
| SHA512 | 635217994b81cc5effa29cd25228b2d9831cd3d8abf7ecdca793113364720115b95b7c93c3be4d4112df0b90f5854c6355cfe96353f993c2cedde66b11afc4a5 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\ko.lproj\Error.strings
| MD5 | f415d4bd6995304d9ecc6b459cbf860a |
| SHA1 | c1970a923b9e33714e47e6c954d2b69472b3a4d0 |
| SHA256 | 6b41fe4976602843b48cc72700c85e93e19d18f8db32910c2407c291bdf9c60f |
| SHA512 | 6ae1eef41dd1c6a7675ca5d32e223551cd5abd0bfe1f475ac78d03ecb587fa3711d31932daeb44faab7fb55fecf84b5d77539daf122548ec6e7d709f0454202b |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\ms.lproj\Error.strings
| MD5 | 4a13350d1de04d0ad0deb22bdf7cadbc |
| SHA1 | 855f6ca7831e7cb0c0228fbbd9ef205ca5b96293 |
| SHA256 | d89f9f88de70d1064ef3ed841088af699ec8c9881068f6ca426037810a0616e4 |
| SHA512 | bc3af22ab203b59852e2ecdd972d186f31c3214b852d8e0306cf720a18ad3f9aadad604bbf4f929d6f4f1df0348e2540a6ef2b6766a7a8a134d96ee4079faa11 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\nb.lproj\Error.strings
| MD5 | bf5157a48f11f7f12779cec7ab5a0d3d |
| SHA1 | 0f60afe9211de5bff96353cfa19aabef751d1394 |
| SHA256 | f320947931297199997247908935c0bef9eca35cf6d48c00ff1114bf35b135ca |
| SHA512 | 4c0da787bb0c6e9a2bf3691af02f6465eb334df4ec40f0c819f4622bf247a7bc84ec6cc1e0452a49ae4f0f131b7d1fc20074325cff5d44742fe9df7e5fbd638d |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\nl.lproj\Error.strings
| MD5 | 65d1364e2feb65474927e5186056851b |
| SHA1 | 890f264c6e6f0b550ad974fbdf9273ebafb6489b |
| SHA256 | e2b1739edc388983e76c9c1935596e7153f191e789a0dd12e2a5d0fa8faa5b9a |
| SHA512 | 90aad82cb1cd7e478f710ba47dc475a473af3235009a1139f1f67c438400ab425396ed9d123988ab64eb21e585dfdb09332cef1008ed1f4633159a350e59dab7 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\pl.lproj\Error.strings
| MD5 | 45d9f8cf8cca2b0810ba850777244c41 |
| SHA1 | ab438576c736f352799f5523937dd641c67e5c53 |
| SHA256 | ebb2eef7ad536fb6ce5f66a2e69037e650af04b0a23cce97d814bb6f6000d53f |
| SHA512 | 058089c3fd5abb3c12e30789e8eaba28202c2780db10fff0a0db1b11911462514040404504c7219abdb555be6c408c8e8d91903716399c4d1350de4870a89373 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\pt.lproj\Error.strings
| MD5 | d64daf1206d8258483cbc4ba7a974a4a |
| SHA1 | b8ecbd1e33bbc14590dbb16f877a2e433342c09b |
| SHA256 | 7284d3d751ca5a2e0e825879e85b9b10633bd48b965932236452bde7e9288879 |
| SHA512 | 514d450400f5313d28ba9b7b75aaeadf97791775ae40b7aba7e29b88e5381392f2a790a79fbcb79378605fe3dc7b784a7775d9d1bb3610c1471cec5bd3197cdf |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\pt_PT.lproj\Error.strings
| MD5 | e2eb563f2e2566e86efa5b82c4f54782 |
| SHA1 | eac01239be3fbad3fc98205592ab750e8653cd5e |
| SHA256 | 587c63d9a85e2c2c9930ab75da3d72afee4e8358e538b12994c7da72723da8f1 |
| SHA512 | fa568674737a98ec0715d026cc89aa686c22268115b91dc8892fad64ce1f3c8cf5be51ab129ac363c415d641e1c4f58ffab857ebdb2d42305b49718f1ad25b80 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\ro.lproj\Error.strings
| MD5 | 84e94c3379b316999ff8b4062e214706 |
| SHA1 | 2fe1b980d9bd8985fb4dd25a3f3bdb85dcca6762 |
| SHA256 | 1899bb92e5d727771d1c3624e46e5f515db4c245dc20b1bafbb07bb3b858c680 |
| SHA512 | 2a6cb3f1e917c3a75189ecf0f536d430b4692e4a515dc5a5cfbf8ac6a9fb4e210eff207cba3897476ed1cea0c5c785765c8a108a7b44aebb8a4d1e1abd4a8358 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\ru.lproj\Error.strings
| MD5 | 774d7390d225233a1e3078ceb46f00c2 |
| SHA1 | 8c3ecf1b4dcf0bbfe4e204db067c9823b19d4a06 |
| SHA256 | 037b4a083e6c2f2c79db63ee4d6f5d3cb24a63a5d25b378b07cfe294869b6b72 |
| SHA512 | c04f5fe9a3ad68e948212a046b2876ef7504fa8d1d2bf071b6848b1b39a8de56f6c24e2df6d5b585ac8225fd586a8c599483aea77dd786bfe1a62ce15aff94fd |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\sk.lproj\Error.strings
| MD5 | c0e1beed2c2fcb7dd9267fca0dce471d |
| SHA1 | 8f0fc6fc443e8ae7127ff7f213d9662ca8818af8 |
| SHA256 | 4a3f6920393fad34c8367f48d93beea4352d12a4983d892caab7a86af05c7077 |
| SHA512 | 81c11bdc4a959420faa85a6c7016f7f160e7eb92e5fde04ad75e4e6c5cb069e601c1de33d3db7e12a8ee6f3ed94ccd8312b254a4b23c5ee2cc8f896852a38969 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\sv.lproj\Error.strings
| MD5 | 6041f8b3603a5483894b1f42e2a77cd6 |
| SHA1 | f3dc2d87872fd2e9bf8963864472baaebcfd8ce5 |
| SHA256 | 68cf33910fc2df8b53e3fc616c5cfb42b17eda2c69617fc618a67698bd040c6b |
| SHA512 | 516422a05efdfef17a4be95721fee17d6768bf059fdc940c4013d5d4f05bd5c063e0326ef28662f73d6365c135a696b64d7e30753bf1a584ac738fdc4d066bac |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\th.lproj\Error.strings
| MD5 | d582caa56f48c6ad4d06609cfcb3549f |
| SHA1 | 55ca0cce047baa4cb51f058f845916ef93108a89 |
| SHA256 | 58806171b4642f3be0333c4b9e47ad53f9f9fe552dfa33bf40df66f7ee060a28 |
| SHA512 | b44fb060d206fe445421141bac71af0c69be1e79cef9d9c5a6fb1ea88b9111f57d4597611fb10fa4c07995c8f7db3dac388474aba616d6ccf272200d8f68a386 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\tr.lproj\Error.strings
| MD5 | ee78ae40d9a246c6a3626b0f4d08a8aa |
| SHA1 | 5d7bc68cfa0f094f9aefc0ccd067695ed57a810e |
| SHA256 | e23ea347757a5dbbec6304167a20479d1d5c1fce617804507599ecbf3bb9d87f |
| SHA512 | fd5a6d7d7e49267b6d498b20beb968698272ca5b130b4c4714bcb8c195eea63d6d936315f52297c050173755659608583460638c491a8f51dd72f84d6b62ebc9 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\uk.lproj\Error.strings
| MD5 | 4f13b3cce1ea3cd36af6c9801c5a9cde |
| SHA1 | db0b2ccabf4ecf24d7c827b99ba87f4a6f667111 |
| SHA256 | 7caa89faa1591f8363aa4784c43b8e9a4512dd16593332d193ed24b5407a3016 |
| SHA512 | 55344cec635159ac18307da637a2a1505df6bbc4c03c9c04f83277f43718f84fc3027bbd33bf6c933daafc49a4436190016c69d846b60087b93abf0407376f39 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\vi.lproj\Error.strings
| MD5 | 476288822af17f7450d504721e16bf64 |
| SHA1 | 995efd1a96ec58c851404e661ce066e09f15c389 |
| SHA256 | d8206f6b72ef4f91c3ef68a74b6999538273641a0ee997a1d731ff24f7bc38ea |
| SHA512 | a34fbd4718ae102341a8ffe91143793e3c7a1f252009745a6db03a3144a38ea754ff1d0508ee013b344fb268015397fbd61f7853b9cdd7c59041cea6b86edc6e |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\zh_CN.lproj\Error.strings
| MD5 | 88e86c91755aac0b8b7f5c6c33d0a107 |
| SHA1 | 3ec91967089d43e1a8ac95e6863b8ca27d46e24f |
| SHA256 | e6f7d7583f51248bf4fe454ffefe7623d303de94d55f84f364d7c2861551ceba |
| SHA512 | 86d153971ae33a7634f4cf63edf8263f10fbaf3ad7e9482bc614f93352937e3c42281c64f7a3026ded2bfa8b9a981db75f05f2b6247dc7c8e967500d7f6a7507 |
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\zh_TW.lproj\Error.strings
| MD5 | f92956098e09b9a6846a5f59db75457c |
| SHA1 | 8104a1e6b3633a79a13fe08242ec2968866d46e8 |
| SHA256 | 227960093ea74b088b7473103ba4b1a4bac79b9f0aa638fd8d864029d31eaa08 |
| SHA512 | 7842782c91ddb06c4c3a5feabac023b110be26e32771980987990b313212a1b4e0a43424e264ec0272462b79ec355ad5224e8296a6416852c9f91824c5316984 |
memory/5316-8560-0x0000000060EF0000-0x000000006191B000-memory.dmp
C:\Windows\Installer\MSIAB68.tmp
| MD5 | 418322f7be2b68e88a93a048ac75a757 |
| SHA1 | 09739792ff1c30f73dacafbe503630615922b561 |
| SHA256 | ea5d4b4c7e7be1ce24a614ae1e31a58bcae6f1694dd8bfb735cf47d35a08d59b |
| SHA512 | 253f62f5ce75df3e9ac3c62e2f06f30c7c6de6280fbfc830cdd15bf29cb8ee9ed878212f6df5d0ac6a5c9be0e6259f900eccee472a890f15dd3ff1f84958aeef |
C:\Config.Msi\e5a18c4.rbf
| MD5 | 413b5abdb97475d3f33ee6e34025669a |
| SHA1 | 8f8e081622c14b5baf0858760333a4d6864c6888 |
| SHA256 | c7c070204d90d698e520b3d470fc6f18e1f5bfe89d11bb2b4ec7a7b2aac970b5 |
| SHA512 | 7f15f0765abbaeae32e95f16c46d8add184ae157c031199629d88b6e0067b57b5be542174714355ef17ece0d44479b7758dc4ee4e64dda0fab776ceea81fcfe0 |
C:\Config.Msi\e5a18c6.rbf
| MD5 | f4048ce55ed2ca9ca9e93db0ecaa6a8b |
| SHA1 | a5786a10386602d73fe0303f814e2bc87bdba310 |
| SHA256 | 405964db59bc97d621683bf3699a695cf6417c544a1079ce1f7c565843d46d00 |
| SHA512 | c36c72157f574d933d727b2128992264229724d7b69746f1553f46817b26ea04aa0c6447be07b5ca52ca497ab1f2558079673e56c5879301c7cd943bf0ad0cd8 |
C:\Config.Msi\e5a18c7.rbf
| MD5 | 3dd5b0e4cd4ace62e0e2b65f46480629 |
| SHA1 | 12a84cdc5112958f489a8a2449e37bf1915aae34 |
| SHA256 | da41e4cee8f8bbd98c03a91667098bc5144f1aa26b46c61406adf1d7b8bad60d |
| SHA512 | 6430d529a26f1cad4a4e816488bf598472c19957d0203afea1390014d4944a1b5888968bacbd7013ad8c727a01108490509bdfa0904a74933fb15f9cd11a8d05 |
C:\Config.Msi\e5a18c8.rbf
| MD5 | 73fad84db974c5f2a0274a1aa6015bfc |
| SHA1 | c699e26c064912830c39f11c30436d4c76a3d0a6 |
| SHA256 | 3887cdaaf37f0574ef0fecaeeb026d19c16162c5101491bb350a4a69a5c7fe8a |
| SHA512 | 1655badb044498fc255912bc02109405c0aef56b351c020c2e03d65238b7631fa06d5d1fd91c2650e14bcf11e955e17c1fabcb6c406725d581d5b1650bff4c3d |
C:\Config.Msi\e5a18c9.rbf
| MD5 | 38a2b9543ba3bd96912f50f38a7ddce8 |
| SHA1 | f0fee508c0d734d7c012da1ae7d2b3512daf5374 |
| SHA256 | 489a64f2b7d541295e54614db8fd188096b90629bbb5d319ecb51a509568c74d |
| SHA512 | 59606dcbcca17a48756b24790ed6611b9ca233734236a976f1762ea29a23622475c49dfe6dee21bb9b77f172d5fdfbfced89c3fd713c9aa6ea3bb6c662ac6e51 |
C:\Config.Msi\e5a18ca.rbf
| MD5 | 3d67a3ebcafcb41f9256ab2f97a8e812 |
| SHA1 | 474ddd8800a8bd34c10de476e710f7fda90aaaa1 |
| SHA256 | d2a3077d93c2b2485b1f6df96d7b675dc953094e9131d209659a34a1deecaa45 |
| SHA512 | cc179bf5b0730dcb485c8c8583cdd9e96c406ea713fe1de7d1af025dd393ac212595b37a7b104cd12bfa3d6c99fe7e753384c7b8652fcf419b246b0d1954bfa2 |
C:\Config.Msi\e5a18cb.rbf
| MD5 | a1f80a0940dd77583a8802cad4a99df7 |
| SHA1 | a137d22f08adff73bd28082fa338291cb9f1ea22 |
| SHA256 | 09a935974675499596214ed2db92c1c6e96516fd93df3845cc26041a14cd7337 |
| SHA512 | eae8b3a68f3d6ecfef5adb351748a1b6d9612e5d5e46e0a3d5dff7c2b466b560f85f2154a7b7c9c73d08b6d157534008935d7c7a7f778843a0145b23b985d1f3 |
C:\Config.Msi\e5a18cc.rbf
| MD5 | 59d8ea1d9646e94bb49f6443746f54a7 |
| SHA1 | 6598f214903a6e08b2d49d1d811e2a5875b5578a |
| SHA256 | c88fbd156276d61351e8b99f2d812d1c8dd88cdc40ed8b18bc8eedd961e93914 |
| SHA512 | 796b53124eab26555eb14316e4d6fc0ab95aa70943be7ccae17fbdf1dbb93ae8e305974bffa8e17330e744446b80b207c967e66a3d296d0a816f67deceb0ecc7 |
C:\Config.Msi\e5a18cd.rbf
| MD5 | 519a3a7e990f3fefaef77c4bed924e31 |
| SHA1 | c65bb4119e268f002a37ab1456a7d4cb2f2c9819 |
| SHA256 | 9003852e9d866a6144d354b6240679fa9b35144b9492653395640c3b80043f6c |
| SHA512 | ab6325a35d1f0f904a21853edf0d69566cd7087072f35475b3f46bb3b3e708bf4061a76e2610b7045046de214bb129dc09d251498ae70f30526838a09955ab40 |
C:\Config.Msi\e5a18ce.rbf
| MD5 | 249f43c632a82e9f7369d37bf9ae3a54 |
| SHA1 | 9b11f4f214056f14838e3ced98d3ea1463bf59a5 |
| SHA256 | e8d9d14b7883778a54918477199e9993e59ba4fba352eee2e7e522ac6c48f93d |
| SHA512 | 1751117d785b1c46e9fed8221afc1334a4dce887b0f540ead4cc49daba0f2f6736bc517c1ba4febc83a7ed80302fa099a35af73a9311ddc3af9069c549c03286 |
C:\Config.Msi\e5a18cf.rbf
| MD5 | 526d078076ff4f671f7978e34e2d625f |
| SHA1 | 54865788d6c297a545f12206d08c3922ff5c882e |
| SHA256 | c08e013786d878cd631810721646d6553050abda9974dc80c11e9ffc28958b54 |
| SHA512 | 521bb7d58b996f0693199652295554d24afe9810557f0bb5b17d78376d5c89efbe2561cb39f8c98e5ae3f5cbf1be22f072cc2a5f56a59446895b1be424aa9abe |
C:\Config.Msi\e5a18d0.rbf
| MD5 | d8a10fdeddd30d5ba600c98db0425273 |
| SHA1 | 9777c27b19e82f4e4437319d4fe896fa8f324d1b |
| SHA256 | 8ed6be8f5934609ca463c925991944784a53808cb7224cd126ee6fce0075ff58 |
| SHA512 | c09ce70949641b97001c64b4588d5c9f26ba6c0b9954441db4ef8e1b7bcbfd872c1201ae0b5c2c22ab847818986bfc741f7939d25fc9f8937cb7f96b78b8e2ad |
C:\Config.Msi\e5a18d1.rbf
| MD5 | 1c1414a1a2925fc066652192b7a7970a |
| SHA1 | 948ab017ac00c84e3c76039ac527a1b8eec6a153 |
| SHA256 | 167721fa8ab031389c0e795f50bbd4ba824bc3f30cd5e0bbd98b9c3f7f0d8ea3 |
| SHA512 | fff3c93433d0c4ce8fdebd1c220e36c07a85b4894379a9635302ea017fae8f3a90be4361ae3ebd6f354106e9bdd04c40eb7f71dec48025ff8c6eb9debe3b4a16 |
C:\Config.Msi\e5a18d2.rbf
| MD5 | 86c2dd95e9e41500b10e82af970a04ef |
| SHA1 | b2ae0a0cd6aabfc3f1df60246435bddf368f27b1 |
| SHA256 | c81aa8db1be728822cd83692aeab946b38c6db53941a3b66cff0ff0367041a9c |
| SHA512 | 9dc0a776e1efc2710fcf09ed1e857b5cc71eadc200e0613df0f840eb1d22d315f99752ff770b382fae6616a23008f09bc787afa348b2ab7533e43bc0d888b028 |
C:\Config.Msi\e5a18d4.rbf
| MD5 | 6102a65745afc727818f93db350cbf03 |
| SHA1 | 208883aceaa2218c544362290fc48adc3c1c24e0 |
| SHA256 | 0a8723ae8ed425c5030a00c870b5850ca7a45377d4c09ea6880191bd8d05a056 |
| SHA512 | 51e49ebdb9d1ba261f61aad90213277106552126ec60cd22bec7cd296acf69f7a8d3121d9d504784c4f3f2139a130f4a181b055361f77f3c0df6cb7a49abbb3c |
C:\Config.Msi\e5a18d5.rbf
| MD5 | 0e17ac9ca405595492dd86d1ef00d47d |
| SHA1 | 58641d77453aee7c5fd4e430f1566b6880919212 |
| SHA256 | c57d471f4c6581ed188ac9dfe2b760d4e43fd5d878ae98196ed1e5acda3f6c66 |
| SHA512 | 4fbd0a8573160641772fd1379ce9f9b8418cecbd1a5db7b95a17058df542ec8204e65bfb5492f7a2c064d6913b315270440b8a01de7191506fd47d57101ac7b1 |
C:\Config.Msi\e5a18d6.rbf
| MD5 | e112424dc9fa276db5c0641a8eb154bc |
| SHA1 | 259cd8484db1124f4ddfcb728cb37cdfde89c227 |
| SHA256 | 5489c9827c713602c6abfb702ba23871872cd0120ca5f2afaaf3b7f3a1c7a8c5 |
| SHA512 | 9b8c33567eab50fcc9ef397a4e55f268a48f88de6f731f91ff06fdca471a338e6aa43e4a785d6e4f7e69b0872ef39139e944d18f6527ce8f5bcc5f6261a4680b |
C:\Config.Msi\e5a18d9.rbf
| MD5 | febae94931cb3e1ff52ddf17e4e5229e |
| SHA1 | d770999ee3a0a14402d807f013efb6638da8c088 |
| SHA256 | f474dba31278306bebc1c4bdd65fb2a8314264c2bc01e7795636748f5eac6239 |
| SHA512 | b71ca0bde5ea5e194289a567191e812fc7cdfa64546c30721ed1a7bae2c7b4a0062d2f0aeb8adf7873c1de5ab3bff5ce86936addeb51651fa4e1d3da1b619889 |
C:\Config.Msi\e5a18db.rbf
| MD5 | 311252680e81d12ab13b2232d6ce1f38 |
| SHA1 | 8c69fca34bd168627eb5b43232de917f82d7fe82 |
| SHA256 | 2863ca770a369531d2eda73826cd7b445c2a10be7c4733ba09a45271c5ec9f0c |
| SHA512 | ed5caf66b81ea24d056458c7e00c282917ada5ea4796baf06859eb18b4c74fe80cf5e48555da76beb39e69c880d1cfb752798042ab24e70e94838c76a35d7538 |
C:\Config.Msi\e5a18dc.rbf
| MD5 | a149f1692e1cb2b15c3c3c504aca16a8 |
| SHA1 | 079c0b46ef6818603b79bd7eb83c8a1ec0230726 |
| SHA256 | fe85fc8cb0bfa285882f395d8ccf62357b0fcf3bb3f543492f6dc8a3c715580e |
| SHA512 | bef97b8b0d7f201c7fb81bc0d105d202944f67ecbaa840d6f09d926f0a4857c3bb50eaa0e5cb40355d9883c319060faf55c5c4c2d1cb1e5d38fc4dcdedf38742 |
C:\Config.Msi\e5a18dd.rbf
| MD5 | 461d941bdf42d9a5728e8c8f324a1527 |
| SHA1 | eb5df865b2a60e2666112a8d6c4886f3cbebbaf1 |
| SHA256 | 2d612d76b9e3eae1da135331cfdb0c5a17dfc8508663a975cc408da3a2df516e |
| SHA512 | 3fbcd95f91803dceb7f5a77e6849c2828aff5d8857871a61926e90612a20f8982ac25c78cab53ae1e4ee9442cda9c1b6ba583562975982b8c5a7482c3527e75a |
C:\Config.Msi\e5a18de.rbf
| MD5 | 57161a19ff1be550c684770455074148 |
| SHA1 | 4d5d3c34ff992be135b6e133b66903fb89adc30c |
| SHA256 | 9ba03e0009b505a01ab6f78735d9382492211db645350bab73c97f52b5038e0a |
| SHA512 | a75c67725f899326dd33d2f8e5187df5e074e3ad477bbc762d08835ac433140ccb1367bf01b71734fee44f662712477f8f2deb210a4b021a5550e08aeeb90dc6 |
C:\Config.Msi\e5a18df.rbf
| MD5 | 4a25b906e8741d6df171e7db6060cf2a |
| SHA1 | a1ca9741a60c7062e371b5dedad7dc7a1eac1d28 |
| SHA256 | 43783e98a10bc9dafc3734b7f563fd2ea526fe0e42ef5c991e4f38d69db14613 |
| SHA512 | fe46ceafec83015cf42c63eed2e3aca2223e7e98d7f966dc5a93fed390bb3bb296b18413c8ce0d0a6de5b3040bc512a7290f3846f2577ab8281e2732cefdc2d5 |
C:\Config.Msi\e5a18e0.rbf
| MD5 | 51f2bd76626cf45691515b5d577bfd93 |
| SHA1 | 2500293341f9d8d253688cb4d044af788ec627db |
| SHA256 | b74d390df1fe87c7246c7f374c62c5f9153cbbe1c8542aa355f79ec8b0076dfc |
| SHA512 | 3ba20e31732b27422bfa8163a57374539c7769d38f262fd6dfa96924f6af936609020f592d7fbf3be63b67d95dd7a103de3ef68d6aede5ed0246f1359c63e6bd |
C:\Config.Msi\e5a18e1.rbf
| MD5 | 987c8857c110b9f683bc75e0e1d6c097 |
| SHA1 | c2e543c3a172898027b50d7bbccd9bae5f8ebf87 |
| SHA256 | beed066eeb1970311261434f6d00980cf02e0fdf21e7c63c96f036a18262f4e1 |
| SHA512 | 3e8275dcb8edc24ebfdb185ca463aedd6ae6d8373cdd1adf478e828c9beace664ca2284e808e44f36e4a2a2c5b42fd250f017c26318c08aa3f4886e48024cf51 |
C:\Config.Msi\e5a18e4.rbf
| MD5 | 8e9393938e2ad56c1a7f29251cf34480 |
| SHA1 | 4fd02a343d5b7437b781884fbfde6cdb8452e54f |
| SHA256 | 3bbe66dbd355c087faaa30c735e964b5ceff0b6016246238e14ec9d222ccf543 |
| SHA512 | 21c3c145f09c4007c1c5ee0958ecdc9818139bd3e8d3d0eb09fb0d26c807b4e3a7b291209d389aa8a5857560f7a372826e1fcbb3311d19f2c0959f057e263515 |
C:\Config.Msi\e5a18ef.rbf
| MD5 | 3e0f86e99db7298ac78de994ef850850 |
| SHA1 | 7ac395a70611096b78f94a734ffb74324db06cf3 |
| SHA256 | f7629e2a449a07d5607be9ded12c9eea7e48efa1545c5d57c5e3547ccba3a1ca |
| SHA512 | 9cc604ede5c5e8107fdd20e38871aa0b575c29092b4a74a419b01d9b70d457d6f5dbb8d9a0f37c20d3b2cebb5422cb4f7435dcd6583d1c044f6730a935d81040 |
C:\Config.Msi\e5a18f3.rbf
| MD5 | 682900acb2d9716a937c261f3f3d1301 |
| SHA1 | 38311aaf71a75d8636b7bd5213b56e463adcbc68 |
| SHA256 | fc1b05440fac4fd43f837dd991df795c134be767e030942ddd5a0b5f92018600 |
| SHA512 | 7ac68d27cedeec8662dc3a1e2dc5a353b9a7c0064351c828f5354fa7e1373e763331887854db2f63e57b56362fdb7d7ee115f77e7bcdd883be4167897c9f165b |
C:\Config.Msi\e5a18f5.rbf
| MD5 | bbee8d4c25cd9677e66eabd15579483d |
| SHA1 | 0971ef81f3ce1a1d5af99fb92e2d631e84fd08ac |
| SHA256 | 6a6f450d1699a5d63ec1e6799ced68b52b13f6a73bc3f6dbca168ff421a7c1b6 |
| SHA512 | 0359cf42ca752c609bcfca7390621c1e7e75f43ce942ddcb5cdf32c4b66da430ff81db6f5c084eb4d7042a74c62740f0db12e6e45798d144b25577625bc665a9 |
C:\Config.Msi\e5a18fa.rbf
| MD5 | 684b4a283fe242eb5f725d123bdb4c47 |
| SHA1 | 962893d50228e7684ac6cc06a23b75a4015401ca |
| SHA256 | 2a730d75fec6ff9a4a1493e2e96b0efaa6655592afb1a1d2eacb7fa4e77b0c19 |
| SHA512 | 800466b1ade1e7afe13c26b716ee90adff200c0cef1b45ddca832321297c4efd0337ed7e0781346a375500f411febddf453dd1bf6d30154d60775f736a897f64 |
C:\Config.Msi\e5a1924.rbf
| MD5 | 0a2fbeb0434f2b91d2dc632befeecff4 |
| SHA1 | f899389e388ebf559707df1e0332ee04657e65f1 |
| SHA256 | 74dd52511cedb19d1fdff2eccf80f4c36c48b7335be84e7a6349cf956fb77786 |
| SHA512 | 6eb520304b742bb85ada1b4eda394fc8e7b04dd8f0ae96aa8563fe6ab96170eee0d6bd7bf185a125b92e739111b96cb6eea050ddaf1bcbaafd52d47ce11683f7 |
C:\Config.Msi\e5a1950.rbf
| MD5 | d4dfd40331e0d6a8a7a25a0895d0baee |
| SHA1 | c375b8d2d2e25f4f844496a970540cfcf94873f6 |
| SHA256 | d1045943718b17ed04036d6ca566e8626ee8d7c153c1b9092cc82b3e713e6b47 |
| SHA512 | 997802addc2125a9f94c31bfe4df8232f5f1597cebe89966611ccc0daae01cdd684e2ed24d430869429f13491f166d4ae8656c9b0e1ef5e2d39105e98b5df8f9 |
C:\Config.Msi\e5a1956.rbf
| MD5 | 5663cc9a64f410e9bd3dd071f0c93afa |
| SHA1 | 45cf6ad320eec4c4eb9a8c82c023f34b28420f3f |
| SHA256 | 98ec4d4b290dd7c4352296e1768440ea16587c696a299c203c07906cb3b248cd |
| SHA512 | d1c459e515351187c1acef395b2d0887374a8c56db7abb72005d153bd10a85d032e7389e2fc962afcf23120b77751de40d9b94915e9c4f747046ee2bef81b9f9 |
C:\Config.Msi\e5a195b.rbf
| MD5 | e8f92120a12ce59b207758a4f5813c57 |
| SHA1 | 97e88a8f751d7bf3ff0ae6cbe65a2fdfdfd92134 |
| SHA256 | a7007dc142fbe549c317414efeb0f74e9ae925f6020ca9eb407afbe99463d004 |
| SHA512 | 03b9eef3a4312db90f1da56003015f8829a4881e99a1ea81facfafa52f8e8a93ebbf22850a7596b85e1cd6c0d53132ea5fca0484069be1f17d86572f31a1cf15 |
C:\Config.Msi\e5a19aa.rbf
| MD5 | 69b3130ce593f0ca98a4cfeddd3ef941 |
| SHA1 | 2fc7757dfd5cfc313adab9626816a13a69fb3104 |
| SHA256 | 8e8eb5aae32ba9e37c6c2c2b0312fa33347333072e3fbe11f7f3903955859560 |
| SHA512 | 7c6348d957d2f41aea9ee7001758cc4b04ab8efc68916f9182ff864ed27e142afa6aad3121fef25bb5c28645f4faeccbfbf290dcf8b9cb305aa05118bcd96312 |
C:\Config.Msi\e5a19ab.rbf
| MD5 | 3aa2cf15c27a3d51f6d5e4b78d265a6a |
| SHA1 | bcf5145ab967bcaea56934176d9204b8e35d503d |
| SHA256 | 847ac5ce7b0922d3dcea30f559ed39881105168b38e5f9171d9dac7a5d4112ae |
| SHA512 | 0421b50d84f4dc3c760fe0f392da2a01e54b8fbc0a7e6623e952336e0bd246bbf990e0de2a2a787ac2ad93fc9ad47d9a9c45bc1fed2f163f09b23a5dcd39d017 |
C:\Config.Msi\e5a19ac.rbf
| MD5 | c180f6b66aa282e4fa62d0438d1bc742 |
| SHA1 | b79c645ec7ce8ed5804f2ce7315913aa7ab71327 |
| SHA256 | c3b0c4028e223b3c37b529c9873c6eb514c35048ac0b7d99222f469e64e0bf8c |
| SHA512 | 2c17c76eca36e484acf2838da1fea372215102a8ad1e15b0b6c2428e944e3076bf65f3c8aeceef12b03ec59726dd62b2446d334c0f73592890b804c6ca331852 |
C:\Config.Msi\e5a19ad.rbf
| MD5 | 549097c4d30e0623fe20142d50891bdc |
| SHA1 | bcf89775558ad69b64bc071eb36b469bf22d3aa5 |
| SHA256 | 51e3f1441ae71dba3f3fd1f88c0438a15aa4b4a46fb28e56ae0dc076c0b300fa |
| SHA512 | 17a6b84f9ee7ddb1c217203d8bc371332ab11c8f7f6444976c75c4a79590d8f8cfd6cf9683b304e79efbf9dfb69c16642fa75127b5d49fc2abde43e03b1001f5 |
C:\Config.Msi\e5a19ae.rbf
| MD5 | 296e20b8ee8d78fa7e37839b91c0311e |
| SHA1 | 0a25d1a8febeea5303995c21d51c5639b884fbb9 |
| SHA256 | 494d931e7c17db42ef9b80607c45b27be1e045062a95abec11307d826a95ab0a |
| SHA512 | 00283b24810076656080c7e030cbd64e936041af09407400d2c4ba79ffaa2a1f16a951bb138b8e1e148e597af49a6041a89ee26ad1c1824819e0241dbbe894e9 |
memory/5316-9335-0x0000000060EF0000-0x000000006191B000-memory.dmp
C:\Config.Msi\e5a19af.rbf
| MD5 | 8ab93bc44c9a9a8f7809bb04dce6ff37 |
| SHA1 | 4190011ee4d6c84686e80189fddedfc49e40fa5c |
| SHA256 | 52af1c437c5d82997915d56db21610f98747eca470418f6055e839498df0fedb |
| SHA512 | adb92b9d9c3096c69e051b47de3cad7e8869817304da6b149a03aa7fa50f2f4399e4e7ae31a29a23ceb65529053843bf92dcd57c0ffcc958162636f5fe8be0b7 |
C:\Config.Msi\e5a19b0.rbf
| MD5 | caeffb3a2869d5e2fd691d5fee0f5795 |
| SHA1 | 6d7c7e1d1bfff71028732743d28479ac2e919cf5 |
| SHA256 | a330c2b28422e1694c6539cda7a64da902e6bcd28a5bb0d01b38d17df3a9a932 |
| SHA512 | c47ffd51315aa3f606a430f4ec8313899fbdd31e227306785170448dd0bacb4760245bdd5e28d4ae97a025017de9883439a3d9cf62000ea145e56927b00fb6fb |
C:\Config.Msi\e5a19b1.rbf
| MD5 | 7be360e3381cb30fa15d89005b049a46 |
| SHA1 | a30684ab2ea44e296f6470180dc513f29be9fb02 |
| SHA256 | cc195d2b2ffb86ffb6912b8d1430c17f9e756de8c957bcc4e18c0843526211fe |
| SHA512 | 580dec6c6afb0a1b12ce05644d0b2d62726a10dee8317b521df3c63a85193b163ed904425f0cc157fc622a5db9c3a6c973b82e24b35b454e006e7fce8dc2b050 |
C:\Config.Msi\e5a19b2.rbf
| MD5 | 0f373c894b40eda33b406ac184cf4217 |
| SHA1 | 57895cb51a6a246565e0f2a2bf933f4a378d32e8 |
| SHA256 | 6ef126b15d251dfe4862b462457a8e41064422b68d98412d4c9fb8129ad8aafb |
| SHA512 | 808c42d2ebf53e404a1c1d25835afbe1a222bfe86f8e70555bda6ff242185a27388bf0f00be930de54a9859065cbe1cff36cb7a50fe325710368a715e253a28a |
C:\Config.Msi\e5a19b3.rbf
| MD5 | ddce4f5925f5907bc5468d32c60841ca |
| SHA1 | 8e51a42db2778b966036f0a9ba795c50092a77c1 |
| SHA256 | f2eaf469bfcde0bc69405c640acd7c05f0e17841ca34cded284b5bcf36186398 |
| SHA512 | c0b2ff2616bf8ef0d5f0f7bda2c629454993d6510354024c688d8ee9dd15cb71b83469c10b44779ac8c45eb2d5720c262492c19c65e3b1619835b1a4d9723f1e |
C:\Config.Msi\e5a19b4.rbf
| MD5 | 2b0841d3fccc2e299520af8a8109511d |
| SHA1 | 2f24e4ba99bc1973d39a2b82a2a1e4c76c0d53cb |
| SHA256 | 5220abd4563d4d2ba2455759d2d8aafd02da905359d891e9d87c9eea843812f7 |
| SHA512 | 5983e3d35780b5cd41acceb67e70e85a8e10971f8df937ed199518a67f5375fe9a4e256e7f7bb78a0d1f9b3c25d31e887ea34d3f2cf7e5db0e9fea82d9920f9f |
C:\Config.Msi\e5a19b5.rbf
| MD5 | 891e03266a9823b9854bf8fe6f027e82 |
| SHA1 | abddc6b01dba52326190b1540cf5af74240dba9b |
| SHA256 | d988044279adac93bb2e3b489234833f3358082e1988379a6c99b261d420826e |
| SHA512 | e6af1a20238323460c8311000fce073ca4b974738ed561b4cac5aa20936677a33ad2b28f7714e2bd2f892e4abdb139df1ce3141edc698248a3186f199dc96132 |
C:\Config.Msi\e5a19b6.rbf
| MD5 | 7392a34b1edba73424643ea793027b1c |
| SHA1 | df8de7bad2ed92dc1a01ac1254a6f1aa227ced66 |
| SHA256 | 60fb829b4c65ac92b6dda6f59c837d726faef18136265e3c8e01328a8a5fbd22 |
| SHA512 | 98f904c42d9aa3cccf1bfcb74e51c4e84f12c66e35ca1a7e051fbdbab6ce68270a1880f3694453f48cc99f6f5b63e88a8210b16776c77d115d90b21f9da0a276 |
C:\Config.Msi\e5a19b7.rbf
| MD5 | 8c28911c8c6500aee366f9515b583f4d |
| SHA1 | c2dac0ad77f4fd851e2a6a9179e6fc7997a55382 |
| SHA256 | e14bae6cdd0e04daef8e2a319040bd57592e4e6dfdffefdfa25bbe205a1be9da |
| SHA512 | 9fc329457ada05cce3338f3aef668a594033318fa6fe0809af41bf9b7566dd8533eccb0175664a6360e35d5acd2f75bd4c371a70bc08673d7bd33601804b273f |
C:\Config.Msi\e5a19b8.rbf
| MD5 | 60db22be7244bc3f307876fa75facadd |
| SHA1 | 6cb92c86c5097713c5ab338383c1a9e484c8f746 |
| SHA256 | 794759a52f2ca1b3f2b133afe0fb2a5e2e1b44067f0223d540bceb4468cdf08f |
| SHA512 | 246ee15c0bb5f7f25cd6e9da207f43ad7142bf5d224ebc30d47d5bfe26d62e970289168269571df193327e01ded5e9011129857cc7caf1e309ee652c6ddc9fa0 |
C:\Config.Msi\e5a19b9.rbf
| MD5 | 386d4e6516b7db69c66fd305d5b84f2b |
| SHA1 | d10f2ace7188430fe73f8963eb718283d7a17e0f |
| SHA256 | 42be0ff8e25dd802f3c4d245731d1ad31fd2dc3132547abc1df487ed7646b97a |
| SHA512 | 86d723665b165d8f48297e6aa1a0f351281eaa08e269692c722b6300dbfc54264486ca536303e14c776b754f456c2108a882ca0da9f3393cde88531b23783393 |
C:\Config.Msi\e5a19bb.rbf
| MD5 | bbdd0eeebf0b9d33d2de5e3eda27fb7d |
| SHA1 | f6650eae57dc3aed8aaa48fe0474c07c4614737e |
| SHA256 | 61fcff88914eb4b9a7dc5569cbfa9d8f02628d6b1f684552cd3382e87982e9b3 |
| SHA512 | 3a51f065a96f2528105a40c7b25ffd2643e1aa347f93a191b77b443519a06614829ada3cc2cc2794ede010f9307053f00911850d099a4c363fe1c42c984a7a85 |
C:\Config.Msi\e5a19bc.rbf
| MD5 | 7006cdc67ee3f25e73a3e72cd1f727d9 |
| SHA1 | d5ed4852bc4ac2686303f3713f7e9fa86d62f255 |
| SHA256 | 9fb2ebcaa1b37c3c1448202808c2730dca07b79a3528f09ce36ec9a8ae406ebb |
| SHA512 | f7deac126c0b370aa0263095bc3885bebcbb3911037bba8183dbf2a94dfc43960759cce76781a5a33892bc43e0e5ac49ad031ac36fde7c592b8bed94dea9284f |
C:\Config.Msi\e5a19bd.rbf
| MD5 | 28876b18201ad577d7f27c24f53b4ab3 |
| SHA1 | 89cee672b486db3839ad20c5e884ab978f72e34c |
| SHA256 | 18b6def1c85d178036bb71a22eeec1979b604cf3ccaa83ad795dbba8414a3454 |
| SHA512 | 35a5ba109f9eec22a975f12d1567577ad85c9a026e7bfb41f28744d4dd40eba97a6cf71af11007e7afcedc689bde931f93593d121cf17836e60205d2b2fd3f73 |
C:\Config.Msi\e5a19be.rbf
| MD5 | c7c0caf0304538ecbff06257db42257f |
| SHA1 | aaf92d9ce35bea52d605b969c79d982b9f374119 |
| SHA256 | 4d93c9d9b4931a559703e503e94db2059fcdaa6267b23339764ffdabd986d7ac |
| SHA512 | d4ee2ec08d4fc95ade87b0d65f4c170c6d1696eb9db7286eb3b041c546d72500a20b033670b488a6a42df13627d9e6aa59b52496c8ddd59760b222f7dcb4cda3 |
C:\Config.Msi\e5a19bf.rbf
| MD5 | 8324571c11429aefb0b5bf2400afa80b |
| SHA1 | 5b98d68d0863d61aef9f1374aee3792ccfc7782a |
| SHA256 | 9e52ddecf1c8f241e257030af5057020d74c6527dbc1c27c0ef0ab65c4ebe962 |
| SHA512 | 012f9a3444b0e51cdb3215923b84dc805e59aa2137eb67700566a61abb746bf8a2795b2c72ad1cec686cdd7efbec86637a4eaefba080f32247ae4ae83f6bb381 |
C:\Config.Msi\e5a19c0.rbf
| MD5 | acd0b10ede9a34bdc5c976a3b153d496 |
| SHA1 | 4a2314ab62ad2ea7aace0811d597d759aea34abe |
| SHA256 | 8385dcc52e2667791518e66e9d6c965371b1f6de9f37214685fd834b65076a9c |
| SHA512 | ae13f141d1da0484c1192a42e1dd404c54b6bf3c7a674bfa8fc6b6fbe826e351fab719ec303a6180c4ec80a4245d63f7d851290f7809748dd8b45da37e5c4119 |
C:\Config.Msi\e5a19c1.rbf
| MD5 | 62e2cafd3b9d7012a6c64daf8dbcaffa |
| SHA1 | 7c506da5c8bfc9454e32486e365349291256b829 |
| SHA256 | 3a88331bc1877dc015481d0d3c096307b5b91fe5cbf2a0016c63d8027b68dfab |
| SHA512 | daf8952d44cc596c00eb942a77683094565c50ccb539d0bf4f961b0f5c1f13922a9ed1a7985ab29569bb7018b9053f2d511dbec5748c8ae0f044712a84c84747 |
C:\Config.Msi\e5a19c2.rbf
| MD5 | d06bfce702ebc94a8a285c2e9a810026 |
| SHA1 | 43c9ff002c9f4c3613e050f48cc74a02fcba3dee |
| SHA256 | aaeb5b17334fe8f398f44296543c0765f3e91777b7afc64abd01b56146c16db4 |
| SHA512 | 6da24a308dbe1db0a25b1027db20c6aa8b622687ec7a915844653b238429aa8e60e216b3ad8d2d6a133880ac7a539d8f98e5c57def33c8053079263653a95e1c |
C:\Config.Msi\e5a19c3.rbf
| MD5 | a160dd35254ac34c693f05be99fa374f |
| SHA1 | eb4cbbc6741047e47a59b5422c55473a2328a876 |
| SHA256 | 189838a2c6fbc77141ac53eaeb34faa0989748c099d913ff87840cf6df30ea35 |
| SHA512 | a7e13a19a58ff655cf1e382824212b4c9a05c080d3093e0077a6ef106758bbea37776b89d36b13bdaf8eb07556ae5a926ddf6f06bfa8ce44263336bb0d7142ad |
C:\Config.Msi\e5a19c4.rbf
| MD5 | cbff36e3e1147a7f447e50697a3db020 |
| SHA1 | ffb348b0ac901b0d4c06b2fc335fb96eb6898bf1 |
| SHA256 | 3a0c96a6546cc59502b9720f12f03b7037d1f9f9d5a23c9194ceb765f7f58262 |
| SHA512 | 57e4f64bb224f31ec498c9a5135d84583941aacea9ed126c51183af361026a9f12d006fbc1a94e735188c093a3be23f0b9b2c839a603276c4ea6080a3a7e4fe3 |
C:\Config.Msi\e5a19c6.rbf
| MD5 | 4f4b03e798c6b1ee9e94a898e08585c0 |
| SHA1 | cc86d6df21abf5f6ba3ddc9ab41e6f38efa19232 |
| SHA256 | 9db52089a7ef223ea9fe710330a9dace3244fdd43d914f60f24fd529d5303cc4 |
| SHA512 | dc4a2496cd85037606df1d8915733b476c5d1398a7edb3db962eb9ada5940cbf8f11f2d7596156190086a302ce0131ae8a65ed83e3fc7302ba1085087e842d77 |
C:\Config.Msi\e5a19c8.rbf
| MD5 | e90573afe2137626846fee30392b095e |
| SHA1 | 59cd01c72e33afa3b0ab6424313eb4f160800e11 |
| SHA256 | d50936fdf76cfee739b0c64b61a42adf4b2276134fc97bc86c53685d240747a6 |
| SHA512 | 4f7813cecb75b3937f5c1c2e10278048ddcaf217f735acf0a553cfc2772df1c39016d02257459e4dfa5b65383e3799161e32abe5042c5eea761ee9a3aabfe670 |
C:\Config.Msi\e5a19c9.rbf
| MD5 | 09c8b18cf4b44443a867d35101fcc820 |
| SHA1 | 982f73d087641ccd817acc5f85aaf915e5a26708 |
| SHA256 | 3b17a6351c1f0e046d5e8e1a37b3d66dfcf0c8d20c50d122e9cd66e3376b1057 |
| SHA512 | a3cfc0f9a5f882477a83559c07d4b98760def72d41b1f9d5839f3a1d48ecf7c89ef406fac8b31ee5db251f6a2e506d0d5f9a55e55d79c771b2ad4ef0c36a4f98 |
C:\Config.Msi\e5a19cb.rbf
| MD5 | 19235806768a574adb4e06779817ddc8 |
| SHA1 | 7926b32bf9093099bd7a0d0f9b6ec828df0dea92 |
| SHA256 | 16460ae4731a2fbc04f44e1730685d390c59b09fd7391460a5d7b152e8ddc972 |
| SHA512 | d0523fba86fe2fd1f1624f03721d95bb309245f6040c3d7dc10a9038f05643713d36a2e4728abfd7e6616556df0710830aa7b57bed10d61a12291a513085b340 |
C:\Config.Msi\e5a19ca.rbf
| MD5 | d18fbed2919a5aab6f2e080a03b7d3a2 |
| SHA1 | b83070c301a31b5b55de3ccdd81d0c4b7f0771f3 |
| SHA256 | de2f5d355c0e0e2c28946069387cca189013085dd4771ff2f63c1d0012f22557 |
| SHA512 | 1d6b055ed4e92a2d31df67b5ea0eb3e3ba32068bc5dfa4b16b51a293fca08fe2afd11da33e00fffecee58a755661e24ffd20a5ba66d7d4ce38d30a347b2026d4 |
C:\Config.Msi\e5a19c7.rbf
| MD5 | 87bf2e81aa609133406d6374dacb858c |
| SHA1 | df77348f22f985d4a5e54780ea93c2060ea2e79c |
| SHA256 | 4ba5869f6751a3022d38efb190a16fdf7ee492340ede85d4f4f2f7227ae8783c |
| SHA512 | d2fc4608c86dd5508e03cdf1e25add053da97901760e02ee2e10b7c2833984414becf0bc51c0b6f701a55b7f1028f5db571bcdff21ee31b08616a41bdc4e0f38 |
C:\Config.Msi\e5a19c5.rbf
| MD5 | 9b36b8445c5ca281c0c6135c195d2b1c |
| SHA1 | 79d6f36e9fc4b2405616246733c3a34bd713c982 |
| SHA256 | 09f2d62beba93c2b47816fc58ed6e5e2b6de74d123fbbe1d836b0d7d610c5709 |
| SHA512 | 649c0b7c0a55311293b126266ffc22d24d23a9152ea106c85eaeafd8083661cc19e548ed4986681d9ae33d84185b50faaf93b305706294338436f2cafa03265f |
C:\Config.Msi\e5a19cc.rbf
| MD5 | f0c2d4bd59224be9e51342420a09948d |
| SHA1 | db00e8e7c7f83fc5d0bfc9046cf220470303c394 |
| SHA256 | 88ba01d62363007a0c37059febd4ae3f912f39f5eaa6e478554884f789a2c96a |
| SHA512 | 1e4892d04c35f8c486bb77057c989ea4b433d6bc66ac339233056a9b76bfa35e1550a3e2d78bb1fe99861e85b90d7c883db43178995ac11da5821b2a6d97967b |
C:\Config.Msi\e5a19cd.rbf
| MD5 | 29f1acd6d97658958c2f45fb1b107bb9 |
| SHA1 | 193d0e52e80b30aed25143d903a073dcc1a5d0bc |
| SHA256 | ad36955e499eb2c6fb5518a4ceb6f800d81996298235fe323a8941364fa2be86 |
| SHA512 | 38c4f74ae6c5d61b105bc86d0ae2af0bf472e71eff19144b5a41bfb33f66df5c68350781ad823795759910e477759667998fe5ad1151b41e0b62d88bb9194181 |
C:\Config.Msi\e5a19d8.rbf
| MD5 | b1f664a67453d6d18353b45a5c08e1f0 |
| SHA1 | 0d37cfca4a508c05d866717dc6b0188fc4ae16bf |
| SHA256 | e6332f6c81006835bc1252a1c1592f5d4446599917b5ce7f20d0fc1180828ed1 |
| SHA512 | c3e9cc738750cf9279951da4ce60d3dc2fd0dd1c91b9a2bffa9df4a3ad186817803bd0486af0a7b223581bee8d91e7fcd8c4161ee2f810120b2da0bb0758a84f |
C:\Config.Msi\e5a19d9.rbf
| MD5 | 6dadd4274b53c607309b21078c2bfaba |
| SHA1 | 8cef4cbd1fdae9e9df430e7e263a21b787dbb5b2 |
| SHA256 | 37375556be7d6e2904f97f273b59b33a114d9e2251900edbc88ef04d5898f926 |
| SHA512 | bc7b999886a5bf4eaa49c82f0ba7e22b5be5ffad745d2a1b5f0ee1f1cd442053bbfea7526c86b95e9ee7d753edefd86aa1812c25a56787334626dbbca8bafdbe |
C:\Config.Msi\e5a19da.rbf
| MD5 | b5d3c883a3f38734713ec578f2a99814 |
| SHA1 | 11f2daf08583c1b7a5c9b0c4ff5660b91049732b |
| SHA256 | 221c82767561d53534366c55027580d59be7a5e617fd33bacbef91e2ecf0fedf |
| SHA512 | 399d64c4a27d3e6c5a1215104790abed868f6027b599cca14d49418cefe3dd430eb976ffbd588ec98d53b4438b1f02a971c0c6c4b8f6a91e2e486155570ec39d |
C:\Config.Msi\e5a19db.rbf
| MD5 | 27237a00da8c9a27b52b291635c86307 |
| SHA1 | 21545feb5ea9db98f55d9290939405bfd97efd71 |
| SHA256 | 072b8eac5be99243c057763e0cf2500e5777c87a17471af845170231529fc491 |
| SHA512 | 5db5670a134daef062555c7e4c49a5748e53f0af492ae8e3fa6ce9c50af9d0a045c94b9510cdc8b0903566f31d640ec37dc1e8aba0058556975c03b0d009850c |
C:\Config.Msi\e5a19dc.rbf
| MD5 | c566a83855ab845359d75277a51b20a4 |
| SHA1 | a62e8847083bda76027e69e7b67cac137df7c2ea |
| SHA256 | 213c54bd4f89c474fa489aa114844e9ec9d2c304e287b2de34d2e7b4d8c19a1a |
| SHA512 | 0389e1f7ee4deb45cfeb9d16e54bec7d5f06a68fcc14715c7d17899b03c331bedf3348a3f6883832102b837e5691b889efdebc945b778428fcc4193efa7d8027 |
C:\Config.Msi\e5a19dd.rbf
| MD5 | 26cc50a08301004a550763f3122ae5b3 |
| SHA1 | bc3009a90d6734b4026ced08eb2d0db29eaf5228 |
| SHA256 | b0d820e40a04e6f564fd0b17c586799f72b59015d4b4803deee23e2638d32cee |
| SHA512 | 4d6d37fc7840d97b73787ec41cad09196928feec6a32797536346af31bcb0fc9e0659a36bea7b6a10dfa23db0ace32665131864f6b20fc87669876bbe789afcd |
C:\Config.Msi\e5a19de.rbf
| MD5 | cb7c8a5920d4ea2ff5f6635d49fc29f8 |
| SHA1 | bd08b57a05d46a086f3411898067c5001de1e9cb |
| SHA256 | fda2310c0a837febcf2975add0b816042c00bc256a8a20d8c26e25698f4099e6 |
| SHA512 | 95f1884849b83752ea668b0762e84a8edcdcb9ce8f6092176157a700675bb372a9294cefdaf420f73d9a0826f3378d7a196370cf0ce0e3e1fbfc4e2117d64f36 |
C:\Config.Msi\e5a19df.rbf
| MD5 | 8c7204816f074771d7d77693d35a86c4 |
| SHA1 | 8c0d5352e783b95f6a0e79d269e7e94b06d1a5f4 |
| SHA256 | 15126d10e06aaee6ec44e18c64aeeb1f99967466e4d060011a4735b41427b5db |
| SHA512 | 4145425c4e5f381f4a5c7ebe087a40bc7857458e575a81b48465af65726ae59c51c9abe1c31eeb1699d9c96f2ef096c4072afc0557131f87d7dcdfc203c815ee |
C:\Config.Msi\e5a19e0.rbf
| MD5 | 7bd5f1cec95df39a3b497844d1670d01 |
| SHA1 | 233f52cbb8ddaa10e02610d602f92ce79093697d |
| SHA256 | 6ef1c478910c478bf7f47f91edca5ef74afcc87a26e38a62154459b60dabceed |
| SHA512 | 52f89d1797e500f15e44976d4dcddb30956f4e59f09ff6864357962e1560490ffcdfec1662486c9227719af21270c07654f288fd46df52f6d0b165a132105548 |
C:\Config.Msi\e5a19e1.rbf
| MD5 | 5b58fdf8dab218c9d1fa3f639268522c |
| SHA1 | 40ee77c6b7aa2d175bdeedfae0abdbd9a9ad5bec |
| SHA256 | eda8a7738f9268a57b60c02eab8c6c5dccaff1b22e69ddf4e6b02ef75e4526d9 |
| SHA512 | 887e8f17c72775f1102a7fd447ffc449c7902b6c72df678f49cf6ac81d5521f6dbfa8dffa281860342449c6cd9093459c682d62707d87a25c5d2b9bcb17410dc |
C:\Config.Msi\e5a19e2.rbf
| MD5 | 80a93fdeedb7b495d24a683ee08b8b73 |
| SHA1 | 1253fe0b4fb6240f32a8d078eef0b78e92706d99 |
| SHA256 | 298c0e48f49a222c258a590d667a47a05fac590b3dda4a4370e506c03a6a3850 |
| SHA512 | c53c02624baade7690cc7bd1dc388b56ed89592096a1795bdd554698e3a82440cf96c2c88191237b3acda5cd88a65b0d3b154edcca05f5768c5e507073a6025a |
C:\Config.Msi\e5a19e3.rbf
| MD5 | dd955020722b99aeb6d4f7566d3cd7b7 |
| SHA1 | 7c1c4442323ce4fb42ebe3110d6482992663b407 |
| SHA256 | ab559663103f4e7767979ddde22fe7bd5e357452126d93ceeadf82cdbe57ae56 |
| SHA512 | 7fe8aa598bfeff2cb8b3bc3c522d08ce8be54fe45c239cc2b6d7746618c9b93dbc21cdc8c72fc11968343f11d946fb39385bc1b11daf12c5145dd82e00fba22d |
C:\Config.Msi\e5a19e4.rbf
| MD5 | b3b15bd8d83bbe8053fa90082a169d95 |
| SHA1 | 7ad5c8ba4d29d6af773c7468d02e8486738e3cef |
| SHA256 | 2195ad89049378706b20ada2201bfd0d0a5265455ee0919201a81131643a218a |
| SHA512 | dbb9c042a4b5fcfe06c8d4e7dfcf38357673abaa5435abcb559b784ee82ea8361a0f1dd402ee5068a08dc52eeb4b77e94aaf51d18ed2401d48efa6b7059fd76f |
C:\Config.Msi\e5a19e5.rbf
| MD5 | 6e9c5f764adf49156e03dc1cf54fdc70 |
| SHA1 | bf89f5ca4ab8510c71f7bb96d737ef16886de6b4 |
| SHA256 | 233b0754ddbaf2a3bf16b38ec4d74f0e8c620a92e92503af351c23b9e16149a4 |
| SHA512 | 6856351700fd5b5cec78b2552caccd7d3f41c64892791713661d411bfc0075c8f2ac2dd8500057761ac11146d40ecc8eef0be63221e8a2de9364d14ed982b356 |
C:\Config.Msi\e5a19e6.rbf
| MD5 | 1dc9b808b5fc0938dd53039812ea36a2 |
| SHA1 | 05720df31431ca3e259c7fa726afcddca618ec39 |
| SHA256 | 50b1f2372133cba51950fe1512a7050522fb7e88798b1b5b4e4199528813b17e |
| SHA512 | ad56c2bbff1ba8a9fb497729c0fa9ccad6e10ebafc6399bde6bd82b8b6ebb1a06a271504e17412af8eb561743fc6abd5cd7e37339a505890fe1ef8e413be008b |
C:\Config.Msi\e5a19e7.rbf
| MD5 | 41d9c719c66c79272a385a1c471cffd9 |
| SHA1 | 0ed4e0e85f648dc2fb8a3459878b62ff160219fc |
| SHA256 | 530fad2ae3dcb8fbacc6ba82557e3d10a6001373ffbc4f96192495d9458c004b |
| SHA512 | 7dcd5edac918841218c33dd60817e152a201bacabf47928b876e139d859b139b05d83bb3184bc8e06738625293731aca8fff0e461869facffd5c9af53681ace4 |
C:\Config.Msi\e5a19e8.rbf
| MD5 | 339e01686e0ec70664e3b165c358d737 |
| SHA1 | 46f8bb88bafa037066f4c605a48565ebe460efee |
| SHA256 | 1376b51b7a8fa906dbb05d0717b28d27acabd5d59ea969f0a6590d91db91a850 |
| SHA512 | 5e6857274a12a695b2e87ba17cfb6345af81ae19868e3be9931964512748418e3865b9a04182df6aaaea8c1d404199525a861d8d60eea5f1a0915c174e738738 |
C:\Config.Msi\e5a19e9.rbf
| MD5 | 4295cd19be24341cd33356b86e0df9ce |
| SHA1 | 9624388b828d4cdcab3813555d13b9770813a29f |
| SHA256 | fef8cd1aedd695561ee591f559eec2eb0e1fd591768fb68ab1737e19172f322b |
| SHA512 | 209c4ff567b62c3a4269f1014271ab07ef508ec2fca2db2fd5b4ca16fb3ccf2d27970301f443f63b5f2dd326148eaf4573f456231b9aeb4d50afc675e6b9a84b |
C:\Config.Msi\e5a19ea.rbf
| MD5 | 3a62e4f91e5daa20d4f35205b3b91da4 |
| SHA1 | bdaab06f2a0d4057bc13d3c77106aa6b14636c27 |
| SHA256 | 2e2872d6bef9f8ebe8c348a44f35551c9cd661c87e16058674164fd63b1e173d |
| SHA512 | 43e188cb320315f9a73161aeb1941bb34faa167cf6d7a2979824dc675c58a65d01ff2ffbbd0a05bddcad23b75e08e41ec2095d8d71dfbb7a67227198dec33b27 |
C:\Config.Msi\e5a19eb.rbf
| MD5 | c1eb3ec5286ca176912d7f06e94be2d6 |
| SHA1 | 2d0895b6b64e93ebba0c69b61bfc08da6a98975e |
| SHA256 | 170f3f20a4f01853e032e17622b7b6364c5cf5b5f683e1d7c99177a168006ca9 |
| SHA512 | 45d84a6534b0360c9e722afcab8ada89de803d7d8160029ce7df0eeb4a7ae4cc2ad6d30df1c47633e1d521c8f8eaedfb777605884f6394962719360a37ec4530 |
C:\Config.Msi\e5a19ec.rbf
| MD5 | 7567ec81db2b8c3944c317ff56ce0fe2 |
| SHA1 | a03f9a904732486807bf9a2250c5ccea7088fa7e |
| SHA256 | c6aeb784644e19502abf14febc3288361c4d5aa93a4f575392b5e4bf79488f7d |
| SHA512 | 7383ab1738fc164731d77b1f4da6840cae8f9cf6c2573ede8d7d05fa5c5c06f035f4f3ab71faa2b279a06538fb10101944b68d8ba4d6829587dc8bbdecd397d5 |
C:\Config.Msi\e5a19ed.rbf
| MD5 | 01d8cbf5c0cfab1f753aeb92761ca5fe |
| SHA1 | 8ab4fd7f7306cafb3f18d07a278115b1da026552 |
| SHA256 | a3704ba6b795ffabad3c163ca02d754ff48cd8b9c1e32ea3f6bd21eb1a9fc000 |
| SHA512 | d8d1986ea5a695c89ca7ee9b5e1cdf03e0564af75db4582a724718640ddee3f6ff1821c7fe6112a57249ca05ffc709c1994288716c18054381721ed3a91f663e |
C:\Config.Msi\e5a19ee.rbf
| MD5 | 7ddbdf3ae1b983997de21942a5cc2a72 |
| SHA1 | 066068f0b123c8546e82042cc8fe125988d91ecd |
| SHA256 | e409be0726adcca979ba49957f70d73cb26772b3f6d7a54a7a4086db2256869c |
| SHA512 | 2faad8f23b44fc031201cd8d1d8481d143c974440b12243b3c1d8edb7532d148c431c762f07013057c53b74480d9ec372bfb3506024124c1ac29a3eb2088616d |
C:\Config.Msi\e5a19ef.rbf
| MD5 | 95f9a2904d0aee9c0d1dbfcebf9eb431 |
| SHA1 | e2d47b43b2abe41f0870f34dfcebdc3ba3917d19 |
| SHA256 | 358c934185d4fe24ae6d6ce8b14579b13c16aaf85b2957af1bedcebc2d5d80a3 |
| SHA512 | e4e0dbd937d7f8e5ba291af66594788a369a6f962266dedbdb9d4b252b8bd8a4a948d1696670e880b3445474173776732090ea792890ab4cf0bb756564e5ebf6 |
C:\Config.Msi\e5a19f0.rbf
| MD5 | 7d3fa1ce90a24c2eede69f0ef4af4ecb |
| SHA1 | 67e441da98f24cf863d08bc02e1dc05d7622921a |
| SHA256 | 70e437b31670e5afb73dd835c91ebe8b002cd445940c3e397effea6673318848 |
| SHA512 | 2e2f137f914ec78da85bcb220cd42de07ec3d94bd5f19fdb0904f766315d9324e86887279a421cb476718437d841344fe24aae78ae838b87f3a866885c2a2736 |
C:\Config.Msi\e5a19f1.rbf
| MD5 | 54d17b3eaa90dc3146c266ab1ffd120c |
| SHA1 | d4a4b3867e6179d3eadd21ac2d7ac54505dc4b87 |
| SHA256 | 2ad1aea03e5155c2a40963b5c671cbea500bb92b9876f31608e0f2782c560926 |
| SHA512 | fcdc14938c04246b3e448ae90c4955ad78bb2fc5064e4f6b1984b1c6ced346ea93e747e8f663de01942f93086b17ba01cbbb43c61097ac0f02aab4e4594ec151 |
C:\Config.Msi\e5a19f2.rbf
| MD5 | 563ac815820715f93a3086ac35df8388 |
| SHA1 | 0584d9f2b67343aea1b0aeecc11f6c5f1402d64d |
| SHA256 | 2b65605144fe920ae6c0ed2b8141f0a2e04a1dd27fb1c6019cde25ec482e89df |
| SHA512 | f54b763ba4dc57af4847af4d6a857717ab2f0a644ba58ada2c656e1b9a853eff660607bd17b5be02f3669efa77b95528078c70d8b12721735e98beb88318083c |
C:\Config.Msi\e5a19f3.rbf
| MD5 | 8aa9ee7bd82b917e07e4455d49ad64a2 |
| SHA1 | 02f579804bab32544d27facbf62318d76ed80ca2 |
| SHA256 | a15516981645d67f4478917d0af8222665329a30d7e431b3227aaf59c2a90970 |
| SHA512 | 64823a9fc6e5a759d7bee833f60dcc36944b39fa6c10031cd1e0704cdb444f4006ebeb062e3777a221a0fdf96bbfcb9378eb4a0de6f047783b2000f7be27993b |
C:\Config.Msi\e5a19f4.rbf
| MD5 | c83d058492568167cb0191f4b16cf2d9 |
| SHA1 | f6f5a3c756d4e68f5c54236e8b1af830f9d7c8f4 |
| SHA256 | 50454777c63e43e350d5561deff48c3d29946d1c8127b48133cabf545f86304b |
| SHA512 | a5e1970f1cbdb89833e3fb8bae70d12b52133254e4b04986138bf0d33cc1fff8e816761e137a04a78b994dcedda4cf53dc5eca161041d21353690856117e7833 |
C:\Config.Msi\e5a19f5.rbf
| MD5 | 812f4f4cdf31704819569e348a11bd4d |
| SHA1 | 815e95d08ac3fa13074c131a3bb94191dc1c51c5 |
| SHA256 | 9a3a6a1b785360249b346f8c8d070f805bcedd96f4f845bc20715d4898865f04 |
| SHA512 | b4d093a7076c7056b33d7aa9c6b25d16be8d23f9e890e0cad47ab6d1fe91075f36992c98cfe31b07eb08e2c1b116f2b0c77cdb8e05a9527e0abc1798e947885c |
C:\Config.Msi\e5a19f6.rbf
| MD5 | 41b92794e0d7fc9ad83dd8ff189fd33b |
| SHA1 | cd6d7ca3fa6d127579c5c77d4574a72263974abe |
| SHA256 | b0961e1b1270b4838b04c0c0f79ea4bb776592326ad4ede3177f6808e706a13c |
| SHA512 | 730a3a03dbbf3063867265639dccc061b32845df6900ca383ea2bb35a63d49adb7c68e134c1c088591214a7697d6d89326935d84d7b4d173ec65fc294703a9ce |
C:\Config.Msi\e5a19f7.rbf
| MD5 | 8c9c20f41ebce00a9aaf2cc0289a3eee |
| SHA1 | 409110a6edf287cf5dd195b068f725f68682b895 |
| SHA256 | 7a5b6807712d1761e679fb19a7bdec9485ff511ff0c97574e22e8088bbf6592c |
| SHA512 | a605857a6021ae721a2739839211b4099c0cab223f400561cbc387ca37381427c8cfb04e0e05af53fd7a0d5adb7c8e1c2b7805d66e4b1d0f41407ffd500c98ba |
C:\Config.Msi\e5a19f8.rbf
| MD5 | cc821881fa3e10f876c44e4e4fbf2937 |
| SHA1 | bea6cab86090ec6b9b8b0d916b957da844fb8ee0 |
| SHA256 | a2ab0585ee4aa2672dc7f310aebc6e625b6e9c215455b796b4182b1c7b9bd18d |
| SHA512 | 7f213bdb004428a57837e7da2d93c72909d7900458a9f19b6fbfab4d42b8498ca82710d301bd04cbdf2e6ddd0beb29b88a6fe685ec54e543b4c8a50ac15ace30 |
memory/404-9629-0x0000000075430000-0x00000000755DD000-memory.dmp
memory/404-9634-0x0000000075080000-0x00000000751C0000-memory.dmp
memory/404-9633-0x00000000751C0000-0x00000000753C7000-memory.dmp
memory/404-9632-0x00000000753D0000-0x00000000753E8000-memory.dmp
memory/404-9631-0x0000000075420000-0x0000000075430000-memory.dmp
memory/404-9630-0x00000000753F0000-0x000000007541F000-memory.dmp
memory/404-9628-0x0000000000250000-0x000000000025B000-memory.dmp
C:\Config.Msi\e5a19f9.rbf
| MD5 | 89169842a1562e4365e2f23b38563e0d |
| SHA1 | 1c250907a0abd525af8dcabe546a04691ba91cdd |
| SHA256 | cc0efa72461233988007db6f0d89a7e1d78e739dc830bb776b1f458669451ab6 |
| SHA512 | e87e80205b1a66e2846f7b71c2713864b9b447d4f986e60ca516865a13bd2f9ce0d5f90a3c79050d3515eff84a1199857904d67f62a2351e7afc44c872968126 |
C:\Config.Msi\e5a19fa.rbf
| MD5 | 9d54b336b5a2d03898b73bf3e826336b |
| SHA1 | 63c669f255cde03b5b3ac515ce53294ed5f8feb2 |
| SHA256 | 34bc6ff281a5ed6bf5eaeda121e0aff6439a010d265ce450e011c7c0a3f8a8fe |
| SHA512 | 1c335c4d4ef760ef51c9ef577a674871a7ee9e21b8d83770d69af48623a0b14cffb6d6aec7147c75aea2176e516d1102cd53ad2ce3a37c7dc235449a54a9d8ff |
memory/404-9635-0x0000000000FF0000-0x00000000029D5000-memory.dmp
C:\Config.Msi\e5a19fb.rbf
| MD5 | 834da362b59c590d889cdfad7cb80399 |
| SHA1 | f95c6c81f8b2bb870777e70a37b9ab5bd9a5bb80 |
| SHA256 | 67713109fcf9a6aa20c480ff20471860fa198480de3a64aa51c1e5c94a16e7a2 |
| SHA512 | 7caedeef3c9cea200eab61eb909d9de72a12ba7b9fcdcb01ad7988b5a21b464b751cbb496346a4fbd30c2651b0e20696fc6e6fb744c34d2657c0e6d9b5c19e64 |
C:\Config.Msi\e5a19fc.rbf
| MD5 | dc54d64b19e1d63d4a0c54be370f1f0e |
| SHA1 | d595b8c816994f6a69bbb1c44aae50b927a689f0 |
| SHA256 | b45d1dff2a7ad8d68117a40979d6535107ff14521a8f1e6fecfb18c52ec3aa5e |
| SHA512 | db64c63b796aaec85e01956dec32e6a16cf4b95f9f157f5e6ca42cf17802be6c4f5e7fabe1601e0642587fb3ebf2e5f604bcaec5a1702114d048b1a749f63034 |
C:\Config.Msi\e5a19fd.rbf
| MD5 | 4a7ebac9f2e325c854220988b0492725 |
| SHA1 | 469e2ce21d0eb9b2268d0da1be660556fe24c0fc |
| SHA256 | 6f615e0a416f393fba3c72de4b29d97a331e8662bd7ece28211b7ddbe7443f23 |
| SHA512 | 04e38ab1b4d99421dc302122c98ccfc5637c5c872fc043cff449080ce302dacd27bc182de0061a6d80fdce78ba0df7a3a336727af57623bceb8a07086f746bdd |
C:\Config.Msi\e5a19fe.rbf
| MD5 | dbb80e2b61e6f829abd5f33907d8430a |
| SHA1 | c1c6f38d084668960232c04c0026060a8893ee75 |
| SHA256 | c595969b68a54566bc75d0548330e54709783201a179b96761e36562f80b1d0a |
| SHA512 | 50aa08299d1a22ecc454006d1091fa53a84757861bb701d605dc56ca84e64448cee9a4da3742a420a0527f0d8c750cb963143f19faba58aa0c9cb99eb6bdadec |
C:\Config.Msi\e5a19ff.rbf
| MD5 | 4145d647bc525c2ac1d2cdc768cb140c |
| SHA1 | 43a19450e1cf228f2f7d066ec706fcca9dd94517 |
| SHA256 | e71357ba7ddd0da43d2e4493192936c18be894028ced23cd944f5ba36221a2c3 |
| SHA512 | 44420dcb866c6e5a565d1c760b602b43ca96e061bf9d1adabca693afdd83eced011d40bc31498304199d6f4c70e4777fc6389b015d869ea44d362e7810990a08 |
memory/4592-9664-0x00000000008F0000-0x0000000000903000-memory.dmp
memory/4592-9666-0x00000000755E0000-0x00000000755EF000-memory.dmp
memory/4592-9665-0x0000000075600000-0x0000000075607000-memory.dmp
memory/4592-9667-0x0000000075430000-0x00000000755DD000-memory.dmp
memory/4592-9672-0x0000000075080000-0x00000000751C0000-memory.dmp
memory/4592-9684-0x0000000073F80000-0x000000007407F000-memory.dmp
memory/4592-9683-0x0000000073CC0000-0x0000000073CD5000-memory.dmp
memory/4592-9682-0x0000000073CE0000-0x0000000073DA3000-memory.dmp
memory/4592-9681-0x0000000073DB0000-0x0000000073F36000-memory.dmp
memory/4592-9679-0x00000000740A0000-0x0000000074389000-memory.dmp
memory/4592-9677-0x00000000743B0000-0x0000000074683000-memory.dmp
memory/4592-9676-0x0000000074690000-0x0000000074959000-memory.dmp
memory/4592-9675-0x0000000074960000-0x0000000074983000-memory.dmp
memory/4592-9670-0x00000000753D0000-0x00000000753E8000-memory.dmp
memory/4592-9669-0x0000000075420000-0x0000000075430000-memory.dmp
memory/4592-9668-0x00000000753F0000-0x000000007541F000-memory.dmp
memory/4592-9680-0x0000000073F40000-0x0000000073F7E000-memory.dmp
memory/4592-9678-0x0000000074390000-0x00000000743A3000-memory.dmp
memory/4592-9674-0x0000000074990000-0x00000000749BB000-memory.dmp
memory/4592-9671-0x00000000751C0000-0x00000000753C7000-memory.dmp
C:\Config.Msi\e5a1a08.rbf
| MD5 | 21438ef4b9ad4fc266b6129a2f60de29 |
| SHA1 | 5eb8e2242eeb4f5432beeec8b873f1ab0a6b71fd |
| SHA256 | 13bf7b3039c63bf5a50491fa3cfd8eb4e699d1ba1436315aef9cbe5711530354 |
| SHA512 | 37436ced85e5cd638973e716d6713257d692f9dd2e1975d5511ae3856a7b3b9f0d9e497315a058b516ab31d652ea9950938c77c1ad435ea8d4b49d73427d1237 |
C:\Config.Msi\e5a1a07.rbf
| MD5 | 9a53905892d9c9f3bf9d295c8b32e446 |
| SHA1 | 2c5c56ff86fb1e827b2e0d479c529baea13eb561 |
| SHA256 | d58e3ff10fd96a22a8e6d2fd76146a282cc45ccfaf2301257e76e7c2771cbd41 |
| SHA512 | 2dde975e15f95aa9310820cae009f2b04e26b7bafebb42d5822e3917017e4a37e17b0a71825f8f79f075abc1507d7d4d9202550fdd7a53ab54ac0fde4349fe2f |
C:\Config.Msi\e5a1a06.rbf
| MD5 | 7587bf9cb4147022cd5681b015183046 |
| SHA1 | f2106306a8f6f0da5afb7fc765cfa0757ad5a628 |
| SHA256 | c40bb03199a2054dabfc7a8e01d6098e91de7193619effbd0f142a7bf031c14d |
| SHA512 | 0b63e4979846ceba1b1ed8470432ea6aa18cca66b5f5322d17b14bc0dfa4b2ee09ca300a016e16a01db5123e4e022820698f46d9bad1078bd24675b4b181e91f |
C:\Config.Msi\e5a1a05.rbf
| MD5 | b3ca8dd4f087d9af6c2b918e2f05f6fb |
| SHA1 | 408009a526c89b1110496d654388fdccbd3c6669 |
| SHA256 | c1dacb1f6ddb8d1e7364bbf47d9079e137f4f40c64a51b16f81dbfde7297e144 |
| SHA512 | 1fa50c13347eea937ed9408fbd806b901018d649589c824fc2f3d218b8ff9eaf48c72f2008a3cf521807ab6155df4b302a152f42a308a277ce6b388f2c495cff |
C:\Config.Msi\e5a1a04.rbf
| MD5 | 2bb6b0f10b0a436861f02f7ea0d9a086 |
| SHA1 | 0e96c00e5f0151e195bf2cea4d8301ad3b078924 |
| SHA256 | 592680dc8933653e1527b5417588d261a7211f365159abbd9a47986342090416 |
| SHA512 | 2f72ee5ccb8e8210d289049a06593dd6db097c61283bfdd67dc104518aeb37bc7b996eaff9baaec5da00c1e6508bb1be9b9fb23fcb963e7d28d342b5c718273b |
C:\Config.Msi\e5a1a03.rbf
| MD5 | d396985225d85caa7d743d67c7da6316 |
| SHA1 | 915d5829ed02171684c2a9e8b3b57f7a35bc1e2c |
| SHA256 | be2ef4f6d540d0ac5fddd556dcb6bfaf6cb6288679e4d64882d625ff35f173aa |
| SHA512 | d7b0df2865bf491c9caf34cbabefb7b7f04b35b85276a59fef0499d02b09651d8f6d0db9e87df4a9a1417f07784a8e5625e9805bc434b87d64e442ab98e24075 |
C:\Config.Msi\e5a1a02.rbf
| MD5 | 109f0f02fd37c84bfc7508d4227d7ed5 |
| SHA1 | ef7420141bb15ac334d3964082361a460bfdb975 |
| SHA256 | 334e69ac9367f708ce601a6f490ff227d6c20636da5222f148b25831d22e13d4 |
| SHA512 | 46eb62b65817365c249b48863d894b4669e20fcb3992e747cd5c9fdd57968e1b2cf7418d1c9340a89865eadda362b8db51947eb4427412eb83b35994f932fd39 |
C:\Config.Msi\e5a1a01.rbf
| MD5 | db9c709057fca0c0dfeaf17aac1b6c39 |
| SHA1 | 21c75a6e658aba023e4877f67e07f01179be024d |
| SHA256 | e4443d0a00bd600c5ad4b68982db804f3e0d106cfa73cac9b8266dc49f07df8c |
| SHA512 | c79106f2d0d3bcb6863f595ec12519a9eefc5967d2e44d0c803d8f9d23ef2c009597c6ce17cc0ad96eba3cd9b034e87507b1d6b2a107c0c37ab27152d8e4b69d |
C:\Config.Msi\e5a1a00.rbf
| MD5 | a9d3b1dfc5757f1ea793fa28a344dfaf |
| SHA1 | 737b2738b64f12e42b04da31d3167ec98882f906 |
| SHA256 | 47596155716aa40453cdb755dfc392e6aa1fc0b3f992db2c5d694e5bb0e7fc16 |
| SHA512 | 1671a66a8e575935dc9a3012298100fbb7defc11cf87e13b07db7bc7016c6b04bd614bfd5eacf2e356057a2c422cbcc45cb2eaceb17f00ae7ef4606386401cff |
C:\Config.Msi\e5a18bf.rbs
| MD5 | 9272adb43b26f392b636777f1118f5c0 |
| SHA1 | ef03426d2dd4b14396cb845fe83de20d3443ab44 |
| SHA256 | 22f9747f61b80baf7d65a111765c42d90c7a229c7d08e4181162b7776bcc194f |
| SHA512 | f4b047186f2a2671408c5247b144b8bcc404be33ff4e9e6bb30544b9af44c6261ff0843947dc506dc549e8800a22d87895038bbfa43d3ff7f34d61ef5e1e1da9 |
C:\Program Files\Bonjour\About Bonjour.lnk
| MD5 | 7854c8f9b915492e2c03c3d8a5e66d01 |
| SHA1 | 03f66f6b042595a4cb0a1e05d4d980e907bf609a |
| SHA256 | 66cd6553dea151a456e499370f396260c5ca5be52f522588994d5f3f284c0789 |
| SHA512 | 572c4fdc9d7dd83030700483566b8af1f5d0de225349e9650dccb5b017135079ef7d93b0dd84b1757aaaad02b8d4f810b5b8024b639691d5612a84fad7e2bdbb |
C:\Program Files (x86)\Bonjour\About Bonjour.lnk
| MD5 | 7d15e89bbd13ceb9987e208ca4512d8b |
| SHA1 | cda724cbe319be47e2fbd4febaae28be2fd698d2 |
| SHA256 | fca6dc9be7439fd44646a5bcf827ba731c0e1dca5916b93ed432473e964a8e19 |
| SHA512 | ac576f30dcdb3422c0073e042d000c9567707fb34377487d2d28bc38f4979f7e9423f6ab59580c43a13b148b11852e33adc5140b0838d7db38307131e66ea885 |
C:\Program Files (x86)\Bonjour\Bonjour.Resources\en_GB.lproj\About Bonjour.rtf
| MD5 | 9e626166d182ee9df2b9782edaf1798a |
| SHA1 | c0078989fb7d872a43a77f4c1ee48412fb0a6c57 |
| SHA256 | 23835e0a5eac9d4c76bd142ed94580afa45d0aefe52dc503d863a3430ad2d159 |
| SHA512 | fb9cf41fdbc54ebe051d164f3f09552451126b78de69e413895314c8eb26bbd0b86fa7c9d9c34e6e32cf1dbcc35d74aba0dbcdce31b9489f3454be4b512400ef |
memory/5316-10899-0x0000000060EF0000-0x000000006191B000-memory.dmp
C:\Config.Msi\e5a1a10.rbf
| MD5 | b028c54fa794c275703bf3f3babdc119 |
| SHA1 | 4f7dc4a2963a283df429bb8c751598e415e34b00 |
| SHA256 | 6a27826b490457ccfecebaf98a01325cc1ccecc81917b156aa1e566d141b520c |
| SHA512 | 79ca9874ec2b18f70a81a46bc7580786108f329bab287c0ee4df30578831a90a40fdface604be8d1aa8738a046f886a610c3ffadaac48a5164fc7d6004f7cf6f |
C:\Config.Msi\e5a1a14.rbf
| MD5 | 53b76c4a911ee4892df5d91930abb355 |
| SHA1 | 46aef82b84f29bb54585a487033f724b1ab09bde |
| SHA256 | 04151f4db372718a1a0b5b611f833ae94b2e74d6f46f047f6708897c6f284541 |
| SHA512 | 11a62d827219a8afee82822c7986c6bdebc35a738adce1a47eccdf195173e82f7788471fd510d6955f02f426642807a2d3992dda57044d95e7e15ad9e7d33842 |
C:\Config.Msi\e5a1a18.rbf
| MD5 | 1fd3881e7982cbefd63a6573093c54f6 |
| SHA1 | b424a7f3605aa09b6c22a727c865602161838ccc |
| SHA256 | 0c26331b75215a2b9504a02a91a7ec886b9721d8764453a48b4c607779179dc1 |
| SHA512 | 2300415b843d72dfc36014063e78b4684038e778d1ed0dcbb648281c2700fab3026fdac6be36e55669a56f8f0e8189c25b99f079e05646a71cf0a2121e1a26d8 |
C:\Config.Msi\e5a1a19.rbf
| MD5 | 6a5067a8a8a41542cc7f31161a061d35 |
| SHA1 | c9878df717d5755f0a2f71f31ba10c1a5a8a6473 |
| SHA256 | 687f7b82c26611fe08b18fe97c5b9fcf91d9f282df7cf26dc1df13199b340b13 |
| SHA512 | bf1d1dd6aa011fbe89d402ac5bbc7cf969ac55c42cbe7b28fbee8abddcaacf112d2d03d800ff4b12308bece37c370dbd60a864633e9f2452cd1016ef8c88dedb |
C:\Config.Msi\e5a1a1a.rbf
| MD5 | e4a3e4914a42fa318e2cfcc7a974cfe0 |
| SHA1 | fd0d87e0d59a0e56f04f0e0efc28c434786d2118 |
| SHA256 | ba2d6be9f8aa8f43a070e4f38b22664cd78502e7de1dd3f4d61bb9e39b540c11 |
| SHA512 | 0a86dd916fa631b294cb8819c2c0b4af8324557bcb33d28f057698012c4059570a4eca94ebf69af74e6e47cdb3b0d9f8daf9711654a59265aac86c5b0fdb1335 |
C:\Config.Msi\e5a1a1b.rbf
| MD5 | 4e63a1ec637976cee0fed2ac7ea3f6c0 |
| SHA1 | 6db00ac8282e599532343062fcf33b9b478cc6cd |
| SHA256 | 848567c21b0174b83e5cbf977e158088cb397d929cc2814fe91e6613fa5968a9 |
| SHA512 | 12b3adf901b7e547aeb5bda65dc309004ac07730064ef0117890efb3613cd65669a8b1355131fe0a6eec5af995611bf0f95f979235e33d43deec0b49a42da7eb |
C:\Config.Msi\e5a1a1c.rbf
| MD5 | 7e0a6ded4d0886adc99fee2a3048f3ca |
| SHA1 | 77fdbd19486b6265ac9833920149972aa36a49bc |
| SHA256 | 713c47e915773329be364ac7ee8c012ff21432f4d120aa8de0b2be5638c7cca5 |
| SHA512 | 975ef81f862c7fa1f51fc9a8d3f076d9bb6266d2a196061be45eaee84d5a0ef7fe5bd924d56da276580a122e9ff60152ff4b1578fe5a95f76535506e148219c0 |
C:\Config.Msi\e5a1a1e.rbf
| MD5 | 6647e1fa7909e75773805964669979fa |
| SHA1 | 1e896aee57db9d77e77f601c8f585f9bf54a6a20 |
| SHA256 | 02e3cd39e956c4286d106ca200886cc3bce5d020883ee5f8a82e7e1e74a862a7 |
| SHA512 | c11716ad9d06a3e5269b7ea1cc5e64f58eb58055529d4d65c0fcdd309bc2b872c3364bd420101c932cdc3d1f28c7b0135b708e54ae15e676508f911bfeca89c6 |
C:\Config.Msi\e5a1a1f.rbf
| MD5 | f3dbd6c5c3ed81e28f8ba57befc2d0b0 |
| SHA1 | ebc4c8776ea18808092267196f6def0535e912a0 |
| SHA256 | 88e7a3c48263f62f093ca933694bfb8e0ad482929a9cc88537c96a7e13baeb15 |
| SHA512 | 8d79cb3f19951d14389f2cbf60dddfffee4e32696345ab158ecaa3a47719b910bb671d5d39f34d1c545831d4123f1cb15b023beffb6fa719fa5d10f8a189660a |
C:\Config.Msi\e5a1a22.rbf
| MD5 | c8562a8e10d9a5c0e0194b48eefdf0cc |
| SHA1 | cb813d0d57619f9cde1181b128ac572e8b467faf |
| SHA256 | b15e8e12973f391e47a2de99f5ee7fa8cd86ef105d1e21a23ac5f869db13ab34 |
| SHA512 | c9fbe68d5d7629cf896abceae812187e5d5f3a55ae2d256e46d516e4d82feb13ced7dd563a9eb9ad72d65dc0d2b61b81bfa0723741385c4a121daa0b2a5af31e |
C:\Config.Msi\e5a1a23.rbf
| MD5 | 74389616be82976a331dc3a2a5167abc |
| SHA1 | 51d0600c32785cdd9d799fb7b4a5d9a503026b97 |
| SHA256 | 6347f7c16ab8e5797fff5131ea0c013d67f051be1519cf52142e928a5b3b7e1a |
| SHA512 | 1297a85f6c07d5dff90eb4a355f8b36bea8cad84b661e6c771de939a5c93d53191501984fea061d6add6c5ad4b6f7ed41077c4027134fa22d2f75dcde7144c46 |
C:\Config.Msi\e5a1a24.rbf
| MD5 | 0169695544211e46012688e66e9ceb59 |
| SHA1 | 58d0f2d80b7d945435a85648feaae41816224f0d |
| SHA256 | 15fd5ed281516f36d33723da63d76c26c8918e592e1995c7d15d9ec9fe2dc793 |
| SHA512 | cc1eeac8eacfb235196a9980ab50c648e2c7e68061038b012197fa39eafc68026b758a792a819519062c0af59bea83a346634b8398b94895bcacf4fad10168f0 |
C:\Config.Msi\e5a1a25.rbf
| MD5 | 082d4affc2c1a6c1b8439c9296742541 |
| SHA1 | 852bceae7c5d637276620c0fc141357cc9af27e2 |
| SHA256 | 993ad2d40d7c8ea08871753b6108e0a8f1f7830edff507414501e69010b57894 |
| SHA512 | 91d9476f87dfa09d0cad569f73ddcc1848e99e2d2ef04a47a7f21d3d3335ecd2fdfbd937898ba15f31d5381d7d48231f2dd266fa99b8172d38828355b32e2828 |
C:\Config.Msi\e5a1a26.rbf
| MD5 | 11d6fad916e1d51663eb4024cf4af61e |
| SHA1 | d0f524dd45620a53d50cbc254908fb239884f1e7 |
| SHA256 | 3dde76786997fcadc0a888530a2b1cace0c76fa07a81233c7e15c8b4023f9bf6 |
| SHA512 | f602c11019a4387dbb4e8e3e346716e27fc3796447aedcde47d785d8a5570b284125ab5681ad15f3e30f7a7753798366ab4a36e35674e9439cc19cced8495484 |
C:\Config.Msi\e5a1a27.rbf
| MD5 | b875b71de4d8495462549a76389f6d84 |
| SHA1 | 85adc0bfc1ffc8abf271e94fa38ce3545fec6290 |
| SHA256 | 4276d8aa0800f33a725f8414ae6c9524d25a13cfa5204d03944022d435e8573b |
| SHA512 | 125517261e611f8c6e4da6b859a94a14c804f5a95fd111abeb305de849201450d1361b6bb62a98e8a8765ff7dc890561184df30b6c39d02333a4c19f753b88ac |
C:\Config.Msi\e5a1a28.rbf
| MD5 | 8e102e655fae61ab477cb3f1e99d0da4 |
| SHA1 | 489ce79c50d36832611b8a60e42222eb4f03c001 |
| SHA256 | 7c6fb74a229d527873e12e3e1ae6a29077dcc98d9eff5d93dc50ea60f91eb616 |
| SHA512 | 1c6edf62c627e4381f3f75409810326168131c68854b0c2c9697950f0e9acd9eac7a986edd0dc572b09adee37ffce5d81881519e9b548e63fb10382d3e16dd67 |
C:\Config.Msi\e5a1a29.rbf
| MD5 | 720b1fe3985f5138fa7a5b7924b878d7 |
| SHA1 | 69542026e6fd7f4860937dca7927d4f6878b3571 |
| SHA256 | 080fe50e6027efc77e7501f8ee5b890736ea23c46e49467e20a3f08e1cbc1d3f |
| SHA512 | bff05813c4649a19f983ea7a084502f698ca003bccad96d60c4ab4930df198f186d871f9429dc6ac1971b78de81b558516b602596f0107411904f82185b639bd |
C:\Config.Msi\e5a1a2a.rbf
| MD5 | 18989069e6b0b0a6f279507399163d25 |
| SHA1 | 98b207210b3c8ceca7505e8cfac5c76175997665 |
| SHA256 | 39ec7c3443f9014d32bbe50bddedc0848ed91278f258fae69a684df61fa37998 |
| SHA512 | 2f1c7154b0a78254954ab4de0d1eb8811ddfc72cd481c6c5facc9587afb0a51b77dccfbccb024c6937fff48039e1279c4ecf53ca819c2ed1fa4df9549932f8c6 |
C:\Config.Msi\e5a1a2b.rbf
| MD5 | 56392716e859f435f7cb67bb7195b07e |
| SHA1 | 45f71c00d87bca7e6d8832acf0c765edf677382c |
| SHA256 | fa4b997ee99524806583e825b622f01c0831439be08071fa8911f445a5eb33bb |
| SHA512 | 3403f92999c96f8e48aafde8899eda5d4d4607b255a8b331af594173827f78b16e1d9927899ea5f44979a6160a5722cadf957d8cad9abfbcbf9c77dd94582d22 |
C:\Config.Msi\e5a1a2c.rbf
| MD5 | e51340704fabecb9fa4021d5aa0f5f51 |
| SHA1 | 87c0be029d1b5670e88ad5e13bfbe814e942a35e |
| SHA256 | 975f1ba19f362c35423d1d1f387355e42d66b814779df6f7afbb69c2dcea3a8f |
| SHA512 | b0e0119d6f17a9487af2b9a74f9f4b654b2dcab8ce2ea47a153eafe8287089ff10ccb9224362932428c36a5b19ffa129d8177222a02ba0dd185b3f7b61381c4a |
C:\Config.Msi\e5a1a2d.rbf
| MD5 | b13c7818e40fb0fb59224d79ff0c167b |
| SHA1 | 691792ca79e81220ed628b1dad18a6d5830ed256 |
| SHA256 | 79a975b8d9c03e8683421197b26c244c6ada8a3e1fc42d77f59388aaf38a1996 |
| SHA512 | bca8c3cf55ebd468f92be5665eadcf5b808f6a63ebfa6cf04c66681303312637cb615c2481308d407568c6c56aa338259652c9c86c469096bdcd7b4676a38a4f |
C:\Config.Msi\e5a1a2e.rbf
| MD5 | 9c442665b0ed37c58a6092181b38d4e2 |
| SHA1 | a54ce7c1aba738de69666069c05991250715491a |
| SHA256 | 86a7326245bdbad0485fc160892061f7957b80612aa44a87530642ff8c9cc4e0 |
| SHA512 | 8b56d3072f39199f281f4b0ad7a4b3d1de68d86872a29262938fd8e36ce528e5d7edd4345ece9b020ef08bab3a667dbf7c775368098d389e4584f990c6aeb130 |
C:\Config.Msi\e5a1a2f.rbf
| MD5 | 583b8847a23dbd9e9361d484a91ee58a |
| SHA1 | b71d437f8ee4af9cd77b3a8b85678fcb484cc997 |
| SHA256 | 23b16fa20436282520acd8559d3b57ebc0b082bd6c8d3395d737bfd7badc72de |
| SHA512 | af252776d5321252276cab3d90e34424a88ab51d3541157a01256f672a30e7d9d089a23bd5e5b2f99b95ebb280562ce39f6d74d108373496d5f2bcab1441e220 |
C:\Config.Msi\e5a1a30.rbf
| MD5 | 2cb8296ee774beb093841e14b1166b76 |
| SHA1 | 9d863e42a053544bbf96b01273ef143baa014822 |
| SHA256 | 81d5d10757f46184a48ef2c0476c6e251284028bbd5627113b95310f7155f53b |
| SHA512 | 2d2099ef10ed5514d10f029ac76b869592dce3521a1fc4c09300ce610f6b2f2bac04feb4bd273e56ed1fa79ad61731a12db4d6cfb41a98f2a84556af7961f8a8 |
C:\Config.Msi\e5a1a0b.rbs
| MD5 | 15bfc42c6b93176c8f055b0509b04125 |
| SHA1 | 28649cdf372efb3daf6b31c52033d44b63a6481f |
| SHA256 | d8f3fa99fd5a1f4b9ed35355f9936e2f499ec4a16d208acfa8438ad3c7e0e843 |
| SHA512 | 92bc77ecda68aad412b61867d7dd72770a0830b3d499e47764971bc64e952cfcc8f8f36817b4997a13e0d3072e6329c59bb5afb544d0362b5c09fb9b8d45f334 |
C:\Windows\Installer\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}\RichText.ico
| MD5 | d98ee604b37c67b9ee17f0d3dbc86224 |
| SHA1 | b4c0766bca7f0976fcf1fc99add5da037d7355e0 |
| SHA256 | 4f5507cefdb381248aa5dc244ca192d6c6471ef0079b18763b5345b1601b050c |
| SHA512 | 05ff3151c1da10001aaea0fa5229d6280dbf6322f530f5e6c56023892089090acfc375c64dcaaa07c48287c5f8a0bc28dc5338298f78289c83c16efeef31dbc5 |
memory/4068-11382-0x0000000060EA0000-0x0000000060EB9000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old
| MD5 | 609b7b15215a1066cf3339b30df389fa |
| SHA1 | ea7d36b6433427c3ed7c5c5263c377e49c0dccf3 |
| SHA256 | 617ed813c5d0dd8931cc60a2491eedb4f5ffc08e9a2e8e1c8595c108616700da |
| SHA512 | a1c6cf489806585f9614e6a1c96ba2babb965614d17881dd5fcf4493032e1b765a0d2573ffd8f8ec06154d0fcf4ed45328fa2e9d4ffffee95bb04a28c94ce291 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\MANIFEST-000001
| MD5 | e83f1ae7107ba9961bf566811e1b51eb |
| SHA1 | fb9c541d9479c12cb035ef3c38e7ec8b254f2e32 |
| SHA256 | df82e8fd9394ca9ea385079343ee08abffabac39078a6eebbe71664e52b6ed64 |
| SHA512 | 4e5846d94fd052c2fc6997450522f2bcc291637d379e17502aba52225fefb92bc2fa181e116d775978cd259aa6af4f2fc3c937e4ff8c1386a62e1e8b05990cda |
C:\Users\Admin\AppData\Local\Temp\3uTools\iTunes(12.12.9.4)\SetupAdmin.exe
| MD5 | 6a0d9995affa10fd6d842828c9420206 |
| SHA1 | 2c011c5ce86139bf35b72e017dff67b2fd54270a |
| SHA256 | 8ed8fff282adfb2f025b9d789577cccff5aaf426731615ef16dd99728f0f51e4 |
| SHA512 | 879439b4840388bb438f6359c458f61d8373632207ae57ac37c45d74060f5337dda7f0b2b45fa0534c305d5ea7fc8eb5de9fddc57fca513796d0ffc754ebd3bc |
memory/4452-11404-0x0000000060EC0000-0x0000000060EE6000-memory.dmp
memory/4592-11442-0x0000000073790000-0x00000000737A5000-memory.dmp
memory/5316-11446-0x0000000060EC0000-0x0000000060EE6000-memory.dmp
C:\Windows\Installer\MSI1EC5.tmp
| MD5 | a3ae5d86ecf38db9427359ea37a5f646 |
| SHA1 | eb4cb5ff520717038adadcc5e1ef8f7c24b27a90 |
| SHA256 | c8d190d5be1efd2d52f72a72ae9dfa3940ab3faceb626405959349654fe18b74 |
| SHA512 | 96ecb3bc00848eeb2836e289ef7b7b2607d30790ffd1ae0e0acfc2e14f26a991c6e728b8dc67280426e478c70231f9e13f514e52c8ce7d956c1fad0e322d98e0 |
C:\Program Files\Common Files\Apple\Mobile Device Support\CFNetwork.dll
| MD5 | b91de3c9295d400fb3194f3c41ebc70d |
| SHA1 | 9e8a4757f67360e1e636f9c71a223132ed493bcd |
| SHA256 | 22d48e85989402243d5a769871db257f41b80046047ad6fe33c6a04b053b344a |
| SHA512 | e2b5761e622966bbc57f76733d090f4adee4ffe03b747559f5db1ab96531722e78a087aa5f55025ce7cba8b931a4841a93e02c84cfd8b64ba94e81138b2885c9 |
C:\Program Files\Common Files\Apple\Mobile Device Support\objc.dll
| MD5 | 277abb137376a7aaad701f2795d64ea9 |
| SHA1 | 065c9c2371bd9645f02a3c387a78af77c4df25e1 |
| SHA256 | 82e2a33dd8a44f48a684a87ba8bbd6b5126edb7e87f18ba1279c09a5e12073f2 |
| SHA512 | 0564d7372beb2b437813726b1b50dff37b2f12dcdef5382cdad8328e2d4d6ada0fc687ce2dfb747fa5e24d2ac52b9bc95a102f597f1c03acd3fc005ade176ec0 |
C:\Program Files\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\CFCharacterSetBitmaps.bitmap
| MD5 | 714a4d047d00f16c28e33759cf6abff3 |
| SHA1 | f04b92b9bb6ab7de4a601a4cc9875ba8071c91a6 |
| SHA256 | abaa23c79ee3ad152875f3f68a7c57fb3a70cdd9536884f896ce70ba86eb70e7 |
| SHA512 | 241e62e42f3c6988994f3b0e84f3934fb5c728fa5ea69e7c96e87f5d50165f2f8ea1c3c014e9c32c38289280e74e944e3ab13a3be981b5a7f405b7ded04a8d21 |
C:\Program Files\Common Files\Apple\Mobile Device Support\icudt62.dll
| MD5 | f99eeeab85f45e61c0b538b35dc01063 |
| SHA1 | 6e008639fe0a477cc4ccc01fa0d36d2e4b292fbb |
| SHA256 | 374302eff32578d3d412332d3d50478fa770566d24d056e3c5bfb2019503a1bb |
| SHA512 | 239685c607ed67d46edc7a43d0c477550a19c1b25600b96cd4c77850f8d365cee9fce06538e77b8f7051d8de90da2617292d22044fbf39a2bc6bef37a9fb4c85 |
C:\Program Files\Common Files\Apple\Mobile Device Support\SQLite3.dll
| MD5 | ddf9ff916f6aa24b15f564cc3338f375 |
| SHA1 | d8ba1948d577216838b5088c762877c052db7c1b |
| SHA256 | 9acaf722c300fc27d007e3ddad7108559d5b0107653211f5add14989f87d004f |
| SHA512 | c90a9adb2acd92571ff563a79abd4f0ac20e566a55e381945bd8b95f9ac236debd2eb3956165abd89b95e1f2945ed5b7a6e9cd35ad4a716ec058afb262d74e25 |
C:\Program Files\chrome_Unpacker_BeginUnzipping5148_743406193\manifest.json
| MD5 | 59e5d162c3a5d96b7ebd23712271b96d |
| SHA1 | f48585f462ede55730df40a762f5234dbf67d664 |
| SHA256 | b88eec9977c596dc8adc22e39477392f808ebdc61220bfcf373dee09f87e764b |
| SHA512 | 1b1924164338dde0a51b852de40b4c422ea69a56c0f7f2d0e87f0c4d861416e1f9f922ab04aef0b808df4f372c4bf12edd147ec34872b97e8aff92d823a695ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Typosquatting\2025.6.30.1\typosquatting_list.pb
| MD5 | 981943717a2f6eec151e0981f42afffe |
| SHA1 | 7b96d1970f4137632264395dad561e541d0dce0f |
| SHA256 | 10d399c6b6ac4cf794b498459cf7926cc4bf6f862b78baf790c036c63b922a56 |
| SHA512 | 360feb97c12ba3db31df8b8f7e11cc6aa362b4c704f531df1d6de77d74468d7118d030048251b9ee336682bb6cf97b577f319266fbae609fdb28f6d46bcefa08 |
C:\Program Files\Common Files\Apple\Mobile Device Support\zlib1.dll
| MD5 | 047648e2fb7bf17228a27f15a9c07fe2 |
| SHA1 | 50f4278e1254742927882bd5d191ae408b3e32fb |
| SHA256 | c90da799fdd677c1854d609b84a76a2624feb5b855dfb97488e6db7967b8d7b0 |
| SHA512 | 7eb9df1cbb6c70015477e8fe3fab6414aced334a1993577c842a1faa37645c10c1bebb39c9d58522230a5ad6dc7322695cf2238a2c91e62ae31063e5701c97c3 |
C:\Program Files\Common Files\Apple\Mobile Device Support\libxml2.dll
| MD5 | 304dc99d4343b93366aa50e2bb5a9429 |
| SHA1 | 46c44dec6cc0b70f7e391b714dc6f6aa3a20095b |
| SHA256 | 1e8a6553c7ec397a206f11cac2eb3b2dd4ae4bee1b165cbe9b2080f346c27ffe |
| SHA512 | 8aa9b16d42b6735ff451c8e51a733ec300be4bb32184b749dde0add377752736743bd38eda63a66f766dda5be5f4aa555a4663466d798fe0fd882008b999e1b3 |
C:\Program Files\Common Files\Apple\Mobile Device Support\libicuuc.dll
| MD5 | d92a2a91263f2163057e54b9acfc0605 |
| SHA1 | 62c42367346159840ea9f8e651a4b5ec627bf79e |
| SHA256 | d7f4db0fcea1086da4ff27d147f47c32e367f237b6fb807a548971132bbdbf66 |
| SHA512 | f6c4b39cf12344bafe272ef763963340ec5ed41654ceaeb575b2e6f51013b2fb980aa93d87493920f11606ce8915b8a86af26cd772be5923ab8bb2f57340eda7 |
C:\Program Files\Common Files\Apple\Mobile Device Support\libdispatch.dll
| MD5 | 72805ed1349e2e76421881568a8d7a02 |
| SHA1 | 3a30d8db3113f45e520ae6e2ea9f9c197861c3f8 |
| SHA256 | 385a7961ffa20718f30768efcf85fc9f7d67b86dbd9d4591bbefdf69f7165aad |
| SHA512 | de2ad650652e654e20e27bf55d7532dc35f29e95492169bfb8a1bdd7ec8f1f120e279f8098e1e7771859f6536eb4f8aed094894dccdde6da2910c4752c3352d9 |
C:\Program Files\Common Files\Apple\Mobile Device Support\ASL.dll
| MD5 | 4fb181e09e6325ab98149215bf5aa63e |
| SHA1 | 7f45abb4e51034c540ef3bb3dde1c4b7b9ba9c48 |
| SHA256 | fc244a5316e5af521f6188115090b5ed22d8ca3f3d7f7bfbd53d0cbbf27ab341 |
| SHA512 | edd93632e87f9d84f7bdeca6f6e87f911b02113eaa8fd9d5de2c397dc121ef9874ac5630fcb05a7ca7ca07a8186fc267ec67016a5358c77ffd124130de3fc3e8 |
C:\Program Files\Common Files\Apple\Mobile Device Support\CoreFoundation.resources\Info.plist
| MD5 | 5596ffca74c5aace74655135b7cbdef5 |
| SHA1 | 062b0eeb23e8bd5841afc93681db96dc5c5168c9 |
| SHA256 | 2d4a9e1a4b85dfc33b0393fe0a24f838f9d91771977a430d046d910227fc4935 |
| SHA512 | 27b5bd9416296a16557d6b64ebff3d4ae99065038fd4e5082af1955737e4127b95b5089aa72eb8139d73a43f2f2b9c64a44c9e1fe6754914ebad2760ce06e3f1 |
C:\Program Files\Common Files\Apple\Mobile Device Support\libicuin.dll
| MD5 | 1eb9ed6b90831685af199a9480ffebfe |
| SHA1 | 18e7b798a36dbe04d5964d670bfe4d6e066d5caa |
| SHA256 | ba770ced35ce16468b278e07f85175be4cdc78158d85e3acf1a3f2e834d8c177 |
| SHA512 | 8e780ba76c9c82ca4b3e5dfdf6f17db58b501abc2ac47b3b2815641f08ec25ed6a6c8d0ed105a421fb1e0a864c2875752510e43beab6720fea3cd85bcb8e42a9 |
C:\Program Files\Common Files\Apple\Mobile Device Support\CoreFoundation.dll
| MD5 | 5f4ec9c2c1cfa04d012c1b43d791f029 |
| SHA1 | 66905957255241f79273c960e7745050eaca15ae |
| SHA256 | 5fda9c96ee55d54e9bef2d3ea0c8102a3269b73742388ab07a030a9756145b7e |
| SHA512 | 2171f8893a32a67e8f4034ca1c470f6e83fa052a85639c530f27a2e4986553e08306e7305726dd42cf728942c0da4b4565ab197d7e4dac2169f1014f49f4c646 |
C:\Program Files\Common Files\Apple\Mobile Device Support\pthreadVC2.dll
| MD5 | bcef1bf5c4bfe7ec96177f8d573f7513 |
| SHA1 | 3a3ae4dea406f46b54f358ac3a2d25f4f15efc98 |
| SHA256 | 6abafd58fb7b5c0450bc411342e2e83fc98f73b68ee8da3d8695b131d40facdd |
| SHA512 | 05f2d0295cca9bd7703e4738189925fa844dfa7ec314d18025cbdba9f81cc6065bfeb16f4b566af75d264453a8f33df3db98834f98a4234aed2c9d457017b7d9 |
C:\Windows\Installer\{CA8EDE78-7A08-4F27-9B31-D6161C095986}\Installer.ico
| MD5 | 42a57b57da632e3ffcbcd946d377fb07 |
| SHA1 | 7aad7f9fee65e7e217dd27c175f802a33650c405 |
| SHA256 | 13a6db9efb786bd94d24f11a8be391c5e67c9ea3a5d6824b1db3b7d64405e83b |
| SHA512 | fcb257fe7b5153037d7dcf1aa70021dd416ce48db596cbf407a8b79e8022b25a60079ce489d4af0cf3de4bcf0fa3570134f91c4d323fa9e28ef0037ea1f23987 |
C:\Config.Msi\e5a1a34.rbs
| MD5 | 84d9dff67da479d299d73ec133ed72f9 |
| SHA1 | c4eb22c62ad9a2a742887e11272ba2a993a1f716 |
| SHA256 | b8efb6ebd893b6311a63ab526f8b41c632dc07bd7e173f46d4f8306d1945c49c |
| SHA512 | 5e3cf383b954299854b39ee695ea7edd60b809c35ccf820178603cf3708ed5e805a8b3c8dab22c7b098517a00a40e0b66f2b794edabd4edf19c6ed6103663e8f |
C:\Windows\Installer\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}\Bonjour.ico
| MD5 | 278886d870b8fff6092dbfac68a2f619 |
| SHA1 | 638cea2ef489aecb0fa0e3289ac11b7f54166e1a |
| SHA256 | d291f80d1c5e4207ed3c67a996f5590fee4b747776c6a7bbb1f41d05b4d772f1 |
| SHA512 | 81b782347a59f6ff78cdfc529697c86b26bf7d1c2faa2629357c9a5e5e91855895d8119be5b979bd8d74cf9c35857621ebbd6529e7bdd24f4d316a4676e671d6 |
C:\Config.Msi\e5a1a39.rbs
| MD5 | 6a6e37bf3a3efb50aa21ac86576a2e44 |
| SHA1 | 3f6d36cd4047bff82b9231ef3569d523c920c7fc |
| SHA256 | 8c6efb1d1426fbd965568d7e79563ff6d9a137cd2520bd89299baf600ed05dcb |
| SHA512 | e45bd6ceceb0ba45a5b10fb2588acb20f4bc6a3245c828d1b311de43f5badc4b0767a7f178b2c0e1e470d15520418af0f95f03a7ded81f6e5e1971d1169b20f7 |
C:\Users\Admin\AppData\Local\3uTools\QtWebEngine\Default\0eb0b2da-4ea6-48c4-980d-f2ebca56a48d.tmp
| MD5 | c9d13cb52b68a92160a269ea151b197d |
| SHA1 | 989b3ae882d689e66d15a620cfcee91b589be675 |
| SHA256 | 64751ca2cebfdb4835433c6ef833ce0ec120126484fa4fe76ff24bf5beff90e5 |
| SHA512 | baf1e67294650d5162332713cc2ccda2fbdd81573ccfccadf642d10f2fd4a6781ebf911bae92ae2458051f18e1c2992b8937301201582769c30b83253bbe92c3 |
C:\Users\Admin\AppData\Local\3uTools\QtWebEngine\Default\Network Persistent State~RFe5c8ae2.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DawnGraphiteCache\data_1
| MD5 | 9f351aed0e571277fb7e37e620ab0795 |
| SHA1 | 920d299fbddfc4b73843b906eb4e4f7801d2036d |
| SHA256 | 6550a62f16e486286739b2d08ec13b1e5863e76714fbf92b6f8e5b9ba2ed0ccf |
| SHA512 | bea67e2aa65fc628fb037f53f371ea3ab3cbf5a693c162af6cab0b8de280e221357d728cfe0cc2bd38a3928ebfb32ea6fa1f9159c34958cd921a733ab5059eb8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e2ddfb3d678796ba6b3270b33134cf1b |
| SHA1 | 217442a3bf1df5c74f399d22d6a25d4e17083fd7 |
| SHA256 | a3938abf57366b3b39f22b5f8d271bc952761d491d464f615e96daaaa07c3f54 |
| SHA512 | d08cd8ef00c7b8394e8d75cc9dc89b513fbaae7d6ae5c4a8e6602c3bd1b11e9f3588b69f9d0b074e81768e957ff4976c12c17be33991e2382d65cf30ddd90c78 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1937fba478e1850e6e92b5d5ebaf33bb |
| SHA1 | 8e78c06808c6e7df4956d6e5871073da1c440811 |
| SHA256 | 2652df445cd2ea927a2555688e5207fe51e9259adcdecdc9ff11edbf6558fa6c |
| SHA512 | c50d9c644bb9ff315371125d3049063a73c6db9c72e726914e13c30f3c52a43a3452af744c9e4d8cbdf9d01d7db9537cb523786e35e6d9d78f72e3927d9d10b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 73773a42004497d4bec1002a0105bdbe |
| SHA1 | ff2d471f5c37ebe6355bf05f75a6a4cd046cbf2c |
| SHA256 | 6a8ec98ef6b40e4e02f0bd2521af949e6446f6a17803aec696f93ad6267d6d8b |
| SHA512 | 40df51624daec8435b503fc1d1f681756cfd56f32eb96baed006ccb6eddb849892565cf5cae1d055967df988d930f742011c200ef6ef1944d709fd1d5a0d6992 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe5ce98d.TMP
| MD5 | 431b86167168e824cfeb9ef6561ac211 |
| SHA1 | bd18e28912bc9b8d715c075010e8649ae719ef3c |
| SHA256 | b6bc9cfc833c8012f0b50dae1298edacf9f4b028171039cdab47b892dca894ad |
| SHA512 | d7eed93172bd5586128c9471b9f30c2559df7198c5a0e81a72767bb93354333211d7bafe7bfcdd5c93df4d371e598a30be8b87ce2f6a46bf6b4b0a1c6dcb0976 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 73523ee7d6317c37a79085bb64df669f |
| SHA1 | dc04a2e86c191d92dc656329c56d98586ae8e42f |
| SHA256 | 98d6eb460033e0ca39b3e816015a8f7663667d1488b0f1fa4cf721c2e4c88c22 |
| SHA512 | 449f56fca84d4046252538d84383b7d3ca7258a2d596a79c1e02ad75afa440729cbd908643f304eea0ccbe353d0e11b62ad99d32dcaa1710f4eb1cab1eba3cf4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | 1a60da62f2e3e71fd44d20da6b157827 |
| SHA1 | 0643ba99ef6321dc563ab105d84817789e92cf4b |
| SHA256 | eb231e4753e75ffe4ffb8a63bf3e68362f231688ec535fec53cbf4f0d15c820f |
| SHA512 | ce1cfa1c7b39da1ba29186d0a0d91fad43e05150e5a06da05ba8717eff16e74f99a9a3787d5975630614a06ea2ee00e078f9b71d4da5040d38a88d6b48586422 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 82e166485bb0c2ef70b18df1359914cc |
| SHA1 | 1e5bd63ac96f6c0df770e6f156f22dd151c0d8fd |
| SHA256 | b881cc33c521cfffb92bf99a7d38d08c992581b3c644f3d206ae9d7859b06baf |
| SHA512 | 081c24d5d3a3356c09d88782e94a9b6c7464c2927e3c906b5ad6d5977648aa329e73abe79052f57927b52e56dfd151504f71f82a8fbc0069b2109202b67348d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c8537fd4a32a4f5d50e170319aa6acaa |
| SHA1 | 73363b70d15d6a4c5c0888aed8ef7571a96cbd46 |
| SHA256 | a42ab8385ec443b9fa1b4edb907e02595c9237ee59583c5a384f5de5b3d3745c |
| SHA512 | 4175e9e509bc2d5e173abd518f77288070c78859f5af2e1b929cb99d2c880ccff2557917f0d51a3986849e2148919cf36c91109c587799540672a467f5a04d5d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3c6feb5e99b12b860c190731a8c68365 |
| SHA1 | 7fc0c14ff1bae5a87af8ae39dd9882809681a354 |
| SHA256 | 7cf06b353b9650222a4c0c96a3f5b71f1a9a07f803a205825fbd9b6b29ef10b6 |
| SHA512 | 9c4775e698e977ce699255cea2f561cf7c538a27038df77d65922149a10256108632f77037b3810abed717247feeab5f3005405a631210fd282661c3376cb440 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fc0fb702e94dc80194d1f8f28a57a704 |
| SHA1 | d15a6e0d72ee1ffbbcccbf54e68aaab1ff4e430b |
| SHA256 | 72f70b8a12839c26de8f6bef6513f6c833c2533d419d1814d5a167009a01dfe7 |
| SHA512 | 69070561194bd9e8c773e9c2c7fc10d5e5ecaa5ccc80eb0982c5cb736edc6567092ca32d78b1f735aa79e46472768ac38a5d8eeabb8037ec9839f689c703cab4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
| MD5 | ba53e3c4b67789d2d53a68ef04ebcc14 |
| SHA1 | 6d6ee089cf1ac806a3c39f751e51161aaa20d3aa |
| SHA256 | 2c58d088c02b52abced5dce183751377599322143a85e74da206feacccd9248e |
| SHA512 | b999d611d8421ed66dfaf17e507d225bf331659c9cbf38033737d37601173e19756947f84a2b2de3ade1d99d11d5d0e0df3f6e2b29b857ecc506ef55bbefdaa3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | 0a18f4d6eaf368b2162230eb8206fe67 |
| SHA1 | 6d487a83132a79927a3c20af6bd6df7d8cef196c |
| SHA256 | adbfb083377d24156eccb3881e48c1bcaa09b078f3c3abe019fa09c5f9d36f1a |
| SHA512 | 92e114c18715070f3da66ccd166ddacd1f7c7686cf92b2217b400cb1218fc84b0e92b795b1944619cd4657e21712316ce886545a8bc3c2f8ee78dd55c55282e1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\06a90874-b797-479c-addf-1899f599e5ae.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2b77e1c8fbaef2312aca1dbb879dd1cc |
| SHA1 | ff31318b3e7e86f9333664ac35ae63be757709c6 |
| SHA256 | 5a66d23770f5fb053c7cf6659ad8acdddf0616e18af0f237b248f71b53cdd450 |
| SHA512 | 1550f6924b1e2386cb63d9890da7e7b50757f0a4084101b48ff543dac9be1a440b54b26fecc9374dedf4d639b81881f72a1ce486e17710c22049fca16153da04 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog
| MD5 | b43985e3d21864bb1bb221c5f1007022 |
| SHA1 | 055e4ba86d3c646134009bf8ea74c699639133a8 |
| SHA256 | 87f442476d9c55e12e37113157baf61b0316b0eb9544d84c78670577032b314c |
| SHA512 | 03814fa0539a2f7e2d17d48c14e2da286d193e61e97c95d2d925583ad0fb25adaab13613ec78e867b7d6be9d0e3b0d9005871de18b8e3a6e15fe84e2d47a743f |
C:\Program Files\chrome_Unpacker_BeginUnzipping856_1330262655\deny_etld1_domains.list
| MD5 | eda89a2b55db30e05fa86cfe82dea445 |
| SHA1 | e5a6d07b82fc5c0f45f609d8e4eca85b1c76f57d |
| SHA256 | 5bf6736f4862211a3c667c23ac5d2ae8b5eb15a56b86881ad465d5724509b224 |
| SHA512 | 940f4ee0b01308d99b4f98b8a298bd39c36b03f622ac6dc9bb87c7632ee9f1cb01e553468a797c3c40b98e1f72c0f9ad131041a356ae68fcc4983f0e0f37d6ef |
C:\Program Files\chrome_Unpacker_BeginUnzipping856_1330262655\deny_full_domains.list
| MD5 | e0cbabe7207e6710bea35bc182665fbb |
| SHA1 | 46c04020f294f113e94a277de99e680fd7de0d5a |
| SHA256 | e7a7f70035de47b8ae0d121e42ca871c54783659411d6f3f94d7b4cade72631e |
| SHA512 | 2a9e920a588c67896a898b760fba251362ab9012dc3808a7c823323abd64d8ece17fec97ccbd2e96f57ad2d557d9e0376a38ecb134800f5b290ee2974429c223 |
C:\Program Files\chrome_Unpacker_BeginUnzipping856_1330262655\manifest.fingerprint
| MD5 | 0bd617df54405e6f6019ebe868d988f8 |
| SHA1 | 4b357979a82373ae8b20742a40489a153fcbb291 |
| SHA256 | e0f256b077c4989cad038f22caa9e515d5e0c32741bae25de8139cb76a6a4058 |
| SHA512 | 72931ee616ca827fdaf45887189f82cd995c666c0a2cc8e7c9f964b2af231655d1cea44b9909e4b71d98e6b0e18f7125aa952a30e7f1ee55eb792974ccbb98eb |
C:\Program Files\3uToolsV3\cache\hometmp\03.png
| MD5 | 1eeb44c3762821c39029fd3c995f8235 |
| SHA1 | 93cee74f8b7a3080309bf61cae6fd1941951cdf6 |
| SHA256 | 0400ac19d5cab765c8d86cfb534d3d9ea1d21aa84d292b0b66df36c74783e388 |
| SHA512 | 87976a2120e7954b165ff5945117ef68c1a1e8d1b33eab474a6583e173159418352932ab12a6772bf691f642f2a84de71308c3f87b540211b3d562dcd2319f20 |
C:\Program Files\3uToolsV3\cache\hometmp\02.png
| MD5 | 89b459877cb148ead13c042f5b1fcd85 |
| SHA1 | af426847b9c272af61656512595d07e7e8455249 |
| SHA256 | dae5faf25413f844510cddca3f4122e5a3865949d37b22e9110d478cb7f754f0 |
| SHA512 | 163abd457ba0fcdc0ce3ff9f78835a667179c5191969bf435e7f34f9020721d1be1e2a5c40355f5b436620436fce7270999f8eaf5ad1dbe396c941f57b86c165 |
C:\Program Files\3uToolsV3\cache\hometmp\01.png
| MD5 | d710d74bdc74c1f91d625813dda872d5 |
| SHA1 | a66ff93b665fed4a621b0e23e7617c8ac9cfe75f |
| SHA256 | dfbd40304b86dd6bf025b35a3b8654a38e6fe6f6d1dceda89d3eb491b23d84cb |
| SHA512 | faef92b1e690af017ebdba07419ef2796ef5646b8e356b3a4f125692120ef5f55b5fdcd83ae463ed3c3fd47bff5b2262a734f8d2f43044a94135772d54a926a6 |
C:\Program Files\chrome_Unpacker_BeginUnzipping856_1685977745\manifest.json
| MD5 | b0e549dcc425951a670808d628ab5181 |
| SHA1 | 63c37e4fd9193836f0100cee2bf76585787ae94b |
| SHA256 | b2c8ee75956c3bb7ea6865137c441b916badfb99c922c17785875e784c96e29a |
| SHA512 | d6dc7c7ddd5ad8ca06a831faa6bd399c8af77e0b21cfd039c608f366fb54b8d4553fc8f947a070544f472966190cf1ca5a236d1084be824b06684b6c6e8de0dc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\PKIMetadata\24.0.0.0\kp_pinslist.pb
| MD5 | 563bdb2192acf2c106832f696df5d84c |
| SHA1 | 898eee38d08e09254c39dd0d1707c98f95cb2fa6 |
| SHA256 | 2efcd280779456d767025a4f2915012cb9b11af2b8e199d3f32152232bf09460 |
| SHA512 | 550e3dbaa0a5d74763465318b6f14035e16e1d70602ca36a5636d159875b527fae51f0c7f81e380797b4871283dbddb964017e7a16857228a621284d7aef00f5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\PKIMetadata\24.0.0.0\crs.pb
| MD5 | 916f38644626b7201f29c01bc659525b |
| SHA1 | c259bfd1ccbf1347b6a0bac43e7aead100ca7092 |
| SHA256 | 8ba4acc8582041e5caa5dc4c73ade421b52a8b018e70f12b7a1437f74c6a955e |
| SHA512 | 33539525ec8bf13ee832365994dd6b3bc2162ef64e032baa1ab6e45d701125d08009504c254e85b763b69abd93f10366a4b44e5e62f7705c988c089aea447d19 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\PKIMetadata\24.0.0.0\ct_config.pb
| MD5 | 4fdf7c8ca48768f459c97b25fdd10d9b |
| SHA1 | d1f0ac34a53294875dd7bc03dfbdf5c7ae65a4d0 |
| SHA256 | 6a350094ab9a19b758f6660a58afdecc44e83b3ce8c3521fe3b831d5945a3911 |
| SHA512 | 7322c942946b83ed8cf8875613f72ab5fa5fcb4ca1671bba22bd02404546f8ce099b2941cb0897b3209aecb85b6ac2f1b98f2d11678e5304b55ae3974192042d |