Malware Analysis Report

2025-08-10 19:57

Sample ID 250630-wmf49atn12
Target https://www.pcrisk.com/removal-guides/20871-fortnite-free-vbucks-codes-generator-adware
Tags
discovery motw phishing spyware stealer
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V16

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file https://www.pcrisk.com/removal-guides/20871-fortnite-free-vbucks-codes-generator-adware was found to be: Likely malicious.

Malicious Activity Summary

discovery motw phishing spyware stealer

Downloads MZ/PE file

Reads user/profile data of web browsers

Loads dropped DLL

Executes dropped EXE

Mark of the Web detected: This indicates that the page was originally saved or cloned.

Enumerates connected drives

Blocklisted process makes network request

Legitimate hosting services abused for malware hosting/C2

Drops file in Program Files directory

Browser Information Discovery

System Location Discovery: System Language Discovery

Suspicious use of AdjustPrivilegeToken

Suspicious use of SendNotifyMessage

Suspicious behavior: EnumeratesProcesses

Suspicious use of WriteProcessMemory

Checks processor information in registry

Enumerates system info in registry

Suspicious behavior: GetForegroundWindowSpam

Modifies data under HKEY_USERS

Modifies registry class

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies system certificate store

Opens file in notepad (likely ransom note)

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2025-06-30 18:02

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2025-06-30 18:02

Reported

2025-06-30 18:07

Platform

win10v2004-20250502-en

Max time kernel

299s

Max time network

300s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.pcrisk.com/removal-guides/20871-fortnite-free-vbucks-codes-generator-adware

Signatures

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\CCSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\Downloads\OperaSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS0D141DD9\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS0D141DD9\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS0D141DD9\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS0D141DD9\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202506301804441\assistant\Assistant_118.0.5461.41_Setup.exe_sfx.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202506301804441\assistant\assistant_installer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202506301804441\assistant\assistant_installer.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS0D141DD9\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS0D141DD9\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS0D141DD9\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS0D141DD9\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202506301804441\assistant\assistant_installer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202506301804441\assistant\assistant_installer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202506301804441\assistant\assistant_installer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202506301804441\assistant\assistant_installer.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A

Reads user/profile data of web browsers

spyware stealer

Blocklisted process makes network request

Description Indicator Process Target
N/A N/A C:\Windows\System32\msiexec.exe N/A
N/A N/A C:\Windows\System32\msiexec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\M: C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
File opened (read-only) \??\K: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\N: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\A: C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
File opened (read-only) \??\Q: C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
File opened (read-only) \??\E: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\I: C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
File opened (read-only) \??\E: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\J: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\N: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\A: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\B: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\G: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\G: C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
File opened (read-only) \??\J: C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
File opened (read-only) \??\T: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\R: C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
File opened (read-only) \??\U: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Q: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\Z: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\T: C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
File opened (read-only) \??\Y: C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
File opened (read-only) \??\B: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\M: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\O: C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
File opened (read-only) \??\U: C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
File opened (read-only) \??\X: C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
File opened (read-only) \??\M: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\W: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\S: C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
File opened (read-only) \??\A: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\I: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\P: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Q: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\L: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\T: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\X: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\D: C:\Users\Admin\AppData\Local\Temp\7zS0D141DD9\setup.exe N/A
File opened (read-only) \??\J: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\U: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\W: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\Y: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\L: C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
File opened (read-only) \??\N: C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
File opened (read-only) \??\O: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Y: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\R: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\S: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\V: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\P: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\X: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\K: C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
File opened (read-only) \??\V: C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
File opened (read-only) \??\S: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Z: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\F: C:\Users\Admin\AppData\Local\Temp\7zS0D141DD9\setup.exe N/A
File opened (read-only) \??\H: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\L: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\V: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\H: C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
File opened (read-only) \??\P: C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
File opened (read-only) \??\W: C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
File opened (read-only) \??\G: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\H: C:\Windows\system32\msiexec.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A yandex.com N/A N/A
N/A yandex.com N/A N/A
N/A yandex.com N/A N/A
N/A yandex.com N/A N/A
N/A yandex.com N/A N/A
N/A yandex.com N/A N/A

Mark of the Web detected: This indicates that the page was originally saved or cloned.

phishing motw
Description Indicator Process Target
N/A https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\page_embed_script.js C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\th\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\am\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\lv\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\ta\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\pl\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\pt_BR\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\en\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\pa\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\et\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\ja\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\es_419\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4976_107240589\manifest.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4976_1252496826\deny_full_domains.list C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\vi\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\sw\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\is\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4976_107240589\sets.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4976_885509452\keys.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4976_675712687\v1FieldTypes.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\hu\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\it\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\de\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\lo\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\offscreendocument.html C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\fi\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\zh_HK\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4976_107240589\_metadata\verified_contents.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4976_675712687\manifest.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4976_1258786358\manifest.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\gu\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_metadata\verified_contents.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\iw\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\zh_TW\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4976_1252496826\deny_domains.list C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4976_1258786358\safety_tips.pb C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\ko\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\lt\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\sk\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\id\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\az\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4976_885509452\manifest.fingerprint C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\fr\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\km\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\sl\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\eu\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\te\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\sr\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4976_1252496826\manifest.fingerprint C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\my\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\ka\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\en_CA\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\fa\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\pt_PT\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4976_885509452\_metadata\verified_contents.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\en_GB\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\en_US\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\nl\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4976_675712687\manifest.fingerprint C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\service_worker_bin_prod.js C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\dasherSettingSchema.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\hi\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\ro\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping4452_1336685682\_locales\es\messages.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Browser Information Discovery

discovery

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\syswow64\MsiExec.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\CMD.EXE N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\OperaSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202506301804441\assistant\Assistant_118.0.5461.41_Setup.exe_sfx.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\driverquery.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202506301804441\assistant\assistant_installer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202506301804441\assistant\assistant_installer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\syswow64\MsiExec.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\CCSetup.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133957801388174951" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1153236273-2212388449-1493869963-1000\{89CE609B-91D7-4E97-846B-39490FD11496} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\ C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1153236273-2212388449-1493869963-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1153236273-2212388449-1493869963-1000_Classes\Local Settings C:\Windows\system32\OpenWith.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1153236273-2212388449-1493869963-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-620072444-2846605723-1118207114-1642104096-81213792-2370344205-2712285428\DisplayName = "Chrome Sandbox" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1153236273-2212388449-1493869963-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-620072444-2846605723-1118207114-1642104096-81213792-2370344205-2712285428\Moniker = "cr.sb.odm3E4D1A088C1F6D498C84F3C86DE73CE49F82A104" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\ C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1153236273-2212388449-1493869963-1000\{85437FB7-5C3B-49A2-B30A-21E813956A57} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1153236273-2212388449-1493869963-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-620072444-2846605723-1118207114-1642104096-81213792-2370344205-2712285428 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1153236273-2212388449-1493869963-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-620072444-2846605723-1118207114-1642104096-81213792-2370344205-2712285428\Children C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies system certificate store

defense_evasion spyware trojan
Description Indicator Process Target
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 0f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703080b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f1d0000000100000010000000a86dc6a233eb339610f3ed414927c559030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e42000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e C:\Users\Admin\AppData\Local\Temp\7zS0D141DD9\setup.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 04000000010000001000000078f2fcaa601f2fb4ebc937ba532e7549030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e41d0000000100000010000000a86dc6a233eb339610f3ed414927c559140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac899880b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e19962000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e C:\Users\Admin\AppData\Local\Temp\7zS0D141DD9\setup.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 190000000100000010000000ffac207997bb2cfe865570179ee037b90f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703080b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f1d0000000100000010000000a86dc6a233eb339610f3ed414927c559030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e404000000010000001000000078f2fcaa601f2fb4ebc937ba532e75492000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e C:\Users\Admin\AppData\Local\Temp\7zS0D141DD9\setup.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 5c00000001000000040000000010000004000000010000001000000078f2fcaa601f2fb4ebc937ba532e7549030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e41d0000000100000010000000a86dc6a233eb339610f3ed414927c559140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac899880b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996190000000100000010000000ffac207997bb2cfe865570179ee037b92000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e C:\Users\Admin\AppData\Local\Temp\7zS0D141DD9\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4 C:\Users\Admin\AppData\Local\Temp\7zS0D141DD9\setup.exe N/A

Opens file in notepad (likely ransom note)

ransomware
Description Indicator Process Target
N/A N/A C:\Windows\system32\NOTEPAD.EXE N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeSecurityPrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeCreateTokenPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeAssignPrimaryTokenPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeLockMemoryPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeMachineAccountPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeTcbPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeSecurityPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeSystemtimePrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeCreatePermanentPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeBackupPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeRestorePrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeAuditPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeChangeNotifyPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeRemoteShutdownPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeUndockPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeSyncAgentPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeEnableDelegationPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeManageVolumePrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeImpersonatePrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeCreateGlobalPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeCreateTokenPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeAssignPrimaryTokenPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeLockMemoryPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeMachineAccountPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeTcbPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeSecurityPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeSystemtimePrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeCreatePermanentPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeBackupPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeRestorePrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeAuditPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeChangeNotifyPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeRemoteShutdownPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeUndockPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeSyncAgentPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeEnableDelegationPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeManageVolumePrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeImpersonatePrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeCreateGlobalPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeCreateTokenPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeAssignPrimaryTokenPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeLockMemoryPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
Token: SeMachineAccountPrivilege N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\System32\msiexec.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\CCSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS0D141DD9\setup.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4452 wrote to memory of 6100 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 6100 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 3396 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 3396 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 5844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 4960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 4960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 4960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 4960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 4960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 4960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 4960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 4960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4452 wrote to memory of 4960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.pcrisk.com/removal-guides/20871-fortnite-free-vbucks-codes-generator-adware

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x2c8,0x2cc,0x2d0,0x2c4,0x350,0x7ffbb851f208,0x7ffbb851f214,0x7ffbb851f220

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1760,i,5360377377064349632,15483717006525353817,262144 --variations-seed-version --mojo-platform-channel-handle=2488 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2460,i,5360377377064349632,15483717006525353817,262144 --variations-seed-version --mojo-platform-channel-handle=2456 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2616,i,5360377377064349632,15483717006525353817,262144 --variations-seed-version --mojo-platform-channel-handle=2740 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3424,i,5360377377064349632,15483717006525353817,262144 --variations-seed-version --mojo-platform-channel-handle=3444 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3448,i,5360377377064349632,15483717006525353817,262144 --variations-seed-version --mojo-platform-channel-handle=3464 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --always-read-main-dll --field-trial-handle=5072,i,5360377377064349632,15483717006525353817,262144 --variations-seed-version --mojo-platform-channel-handle=5048 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --always-read-main-dll --field-trial-handle=5132,i,5360377377064349632,15483717006525353817,262144 --variations-seed-version --mojo-platform-channel-handle=5152 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4772,i,5360377377064349632,15483717006525353817,262144 --variations-seed-version --mojo-platform-channel-handle=5388 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5304,i,5360377377064349632,15483717006525353817,262144 --variations-seed-version --mojo-platform-channel-handle=5408 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5976,i,5360377377064349632,15483717006525353817,262144 --variations-seed-version --mojo-platform-channel-handle=5996 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5976,i,5360377377064349632,15483717006525353817,262144 --variations-seed-version --mojo-platform-channel-handle=5996 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6108,i,5360377377064349632,15483717006525353817,262144 --variations-seed-version --mojo-platform-channel-handle=6012 /prefetch:8

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6148,i,5360377377064349632,15483717006525353817,262144 --variations-seed-version --mojo-platform-channel-handle=6532 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6504,i,5360377377064349632,15483717006525353817,262144 --variations-seed-version --mojo-platform-channel-handle=6544 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6192,i,5360377377064349632,15483717006525353817,262144 --variations-seed-version --mojo-platform-channel-handle=6244 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --always-read-main-dll --field-trial-handle=6116,i,5360377377064349632,15483717006525353817,262144 --variations-seed-version --mojo-platform-channel-handle=6224 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6760,i,5360377377064349632,15483717006525353817,262144 --variations-seed-version --mojo-platform-channel-handle=6964 /prefetch:8

C:\Users\Admin\Downloads\CCSetup.exe

"C:\Users\Admin\Downloads\CCSetup.exe"

C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe

C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.exe /q"C:\Users\Admin\Downloads\CCSetup.exe" /tempdisk1folder"C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}" /IS_temp

C:\Windows\system32\msiexec.exe

C:\Windows\system32\msiexec.exe /V

C:\Windows\syswow64\MsiExec.exe

C:\Windows\syswow64\MsiExec.exe -Embedding 8FF2C8BA978ABF9D601C511076088A5C C

C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{367EA250-D930-46FC-82C6-8D5CFA9D4977}

C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{110E87C4-0EF6-4A6C-8C9D-9DF0B087A2E1}

C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{14EA56C9-5C74-4000-AFDF-F22C150DEDC3}

C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{87DCCCB8-E44A-41B0-8AEA-42789D2F56A7}

C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{A398FA19-9DF1-4CDB-A508-4116E5B13036}

C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{BA0E1D25-7BBB-44F6-8039-3B6ADC56CD43}

C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{8DD03D81-5577-4923-84DF-3388E3CCB35A}

C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{18C3F272-2620-4AF7-99C4-9B6E1B3F0443}

C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{57C5DA54-977C-410C-B456-2123117A010A}

C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{8530F5A6-9E81-45ED-8DB2-5E26CEA13149}

C:\Windows\SysWOW64\CMD.EXE

CMD.EXE /C driverquery /v >C:\Users\Admin\AppData\Local\Temp\drivers.txt

C:\Windows\SysWOW64\driverquery.exe

driverquery /v

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7184,i,5360377377064349632,15483717006525353817,262144 --variations-seed-version --mojo-platform-channel-handle=5128 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6780,i,5360377377064349632,15483717006525353817,262144 --variations-seed-version --mojo-platform-channel-handle=6092 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5124,i,5360377377064349632,15483717006525353817,262144 --variations-seed-version --mojo-platform-channel-handle=5244 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x23c,0x240,0x244,0x238,0x260,0x7ffbb851f208,0x7ffbb851f214,0x7ffbb851f220

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1900,i,10269721194822001181,7289859295402463428,262144 --variations-seed-version --mojo-platform-channel-handle=2216 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2188,i,10269721194822001181,7289859295402463428,262144 --variations-seed-version --mojo-platform-channel-handle=2184 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2516,i,10269721194822001181,7289859295402463428,262144 --variations-seed-version --mojo-platform-channel-handle=2528 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4032,i,10269721194822001181,7289859295402463428,262144 --variations-seed-version --mojo-platform-channel-handle=3888 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4032,i,10269721194822001181,7289859295402463428,262144 --variations-seed-version --mojo-platform-channel-handle=3888 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4600,i,10269721194822001181,7289859295402463428,262144 --variations-seed-version --mojo-platform-channel-handle=4608 /prefetch:8

C:\Windows\SysWOW64\werfault.exe

werfault.exe /h /shared Global\db455f5348f14e758c486c524d45c9f3 /t 2488 /p 4476

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffb9693dcf8,0x7ffb9693dd04,0x7ffb9693dd10

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=2056,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=2052 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --field-trial-handle=2188,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=2236 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --field-trial-handle=2432,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=2516 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3180,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=3224 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3144,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=3156 /prefetch:1

C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4360,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=4376 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4812,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=4840 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5500,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=5508 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5636,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=5640 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5440,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=5572 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5852,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=5436 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5940,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=5908 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5952,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=5944 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5816,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=5676 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3184,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=3176 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=3324,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=3284 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4052,i,10269721194822001181,7289859295402463428,262144 --variations-seed-version --mojo-platform-channel-handle=4652 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4692,i,10269721194822001181,7289859295402463428,262144 --variations-seed-version --mojo-platform-channel-handle=4656 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4680,i,10269721194822001181,7289859295402463428,262144 --variations-seed-version --mojo-platform-channel-handle=4756 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=6036,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=5992 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=6156,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=6184 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=6000,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=5936 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=3288,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=5620 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=3440,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=6164 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=3376,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=6024 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=4124,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=4488 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=3420,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=6088 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=5908,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=5836 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=6204,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=6044 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=4368,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=5648 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=5748,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=3408 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=3304,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=864 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=6380,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=6216 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=3716,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=6360 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3380,i,10269721194822001181,7289859295402463428,262144 --variations-seed-version --mojo-platform-channel-handle=4568 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=6432,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=6476 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=6648,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=6876 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=7172,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=7148 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=6496,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=5768 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=6936,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=7228 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=7368,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=6928 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=3380,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=3020 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=5780,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=3928 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=4424,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=4416 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=7440,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=3236 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=7840,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=7472 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=7660,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=7596 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=7460,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=7612 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=7992,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=8024 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=8168,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=8180 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=8316,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=8328 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=8472,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=8484 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=8492,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=8624 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=8820,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=8860 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=8320,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=8992 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=7692,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=9152 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=9264,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=9280 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=9456,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=9436 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=9260,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=9596 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=9772,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=9756 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=9604,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=9916 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=10044,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=9948 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=9704,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=10208 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=10188,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=10356 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=10476,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=10500 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=10640,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=10660 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=10788,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=10812 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --field-trial-handle=10940,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=10964 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --field-trial-handle=11132,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=9776 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --field-trial-handle=10784,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=11296 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --field-trial-handle=11168,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=11428 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --field-trial-handle=11560,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=11572 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --field-trial-handle=11720,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=11568 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --field-trial-handle=12112,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=12156 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3924,i,10269721194822001181,7289859295402463428,262144 --variations-seed-version --mojo-platform-channel-handle=764 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=12292,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=12256 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=12440,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=12456 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=10516,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=11120 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=9368,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=11616 /prefetch:8

C:\Users\Admin\Downloads\OperaSetup.exe

"C:\Users\Admin\Downloads\OperaSetup.exe"

C:\Users\Admin\AppData\Local\Temp\7zS0D141DD9\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zS0D141DD9\setup.exe --server-tracking-blob=NWUwNTc0ZmI0ZWMyMjVlYjFkZTI3NzY5NWY1ZWU3YTE3ZDRiNjQ5MjBiODcwNTc1MGE0NjFjNWY0ZjcyNGRjNTp7ImNvdW50cnkiOiJHQiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL2d0YS01LXJlYWwtbGlmZS1tb2QuZW4uc29mdG9uaWMuY29tLyIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFTZXR1cC5leGUiLCJwcm9kdWN0Ijoib3BlcmEiLCJxdWVyeSI6Ii9vcGVyYS9zdGFibGUvd2luZG93cz91dG1fc291cmNlPXNvZnRvbmljJnV0bV9jb250ZW50PU1ERl9QQiZ1dG1fbWVkaXVtPWFwYiZ1dG1fY2FtcGFpZ249Q1BJX1dJTiIsInRpbWVzdGFtcCI6IjE3NTEzMDY2NzYuNjk0OCIsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMzMuMC4wLjAgU2FmYXJpLzUzNy4zNiIsInV0bSI6eyJjYW1wYWlnbiI6IkNQSV9XSU4iLCJjb250ZW50IjoiTURGX1BCIiwibWVkaXVtIjoiYXBiIiwic291cmNlIjoic29mdG9uaWMifSwidXVpZCI6IjcyNTY1MjE1LTgyOTQtNGQ4MC1hYTlmLTdhN2FlN2UzNmNmYiJ9

C:\Users\Admin\AppData\Local\Temp\7zS0D141DD9\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zS0D141DD9\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktop --annotation=ver=119.0.5497.141 --initial-client-data=0x284,0x288,0x28c,0x260,0x294,0x7ffb90a5a108,0x7ffb90a5a114,0x7ffb90a5a120

C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\setup.exe

"C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\setup.exe" --version

C:\Users\Admin\AppData\Local\Temp\7zS0D141DD9\setup.exe

"C:\Users\Admin\AppData\Local\Temp\7zS0D141DD9\setup.exe" --backend --install --import-browser-data=0 --enable-crash-reporting=1 --enable-stats=1 --enable-installer-stats=1 --consent-given=1 --general-interests=1 --general-location=1 --personalized-content=1 --personalized-ads=1 --launchopera=1 --showunbox=0 --installfolder="C:\Users\Admin\AppData\Local\Programs\Opera" --profile-folder --language=en --singleprofile=0 --copyonly=0 --allusers=0 --pintotaskbar=1 --pintostartmenu=1 --run-at-startup=1 --show-intro-overlay --server-tracking-data=server_tracking_data --initial-pid=7312 --package-dir-prefix="C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_20250630180444" --session-guid=546a3517-1cff-46d8-b8d0-d965d2499066 --server-tracking-blob="NmZmNWY1MzVhMGM1MTFmOGQ3NDgzMjIwOTA5YTkzOWRhNGYyZTEwMmI4YmZmZjQ0OWJhNjM4ZWZiNTIyYjNlNjp7ImNvdW50cnkiOiJHQiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL2d0YS01LXJlYWwtbGlmZS1tb2QuZW4uc29mdG9uaWMuY29tLyIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFTZXR1cC5leGUiLCJwcm9kdWN0Ijp7Im5hbWUiOiJvcGVyYSJ9LCJxdWVyeSI6Ii9vcGVyYS9zdGFibGUvd2luZG93cz91dG1fc291cmNlPXNvZnRvbmljJnV0bV9jb250ZW50PU1ERl9QQiZ1dG1fbWVkaXVtPWFwYiZ1dG1fY2FtcGFpZ249Q1BJX1dJTiIsInN5c3RlbSI6eyJwbGF0Zm9ybSI6eyJhcmNoIjoieDg2XzY0Iiwib3BzeXMiOiJXaW5kb3dzIiwib3BzeXMtdmVyc2lvbiI6IjEwIiwicGFja2FnZSI6IkVYRSJ9fSwidGltZXN0YW1wIjoiMTc1MTMwNjY3Ni42OTQ4IiwidXNlcmFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEzMy4wLjAuMCBTYWZhcmkvNTM3LjM2IiwidXRtIjp7ImNhbXBhaWduIjoiQ1BJX1dJTiIsImNvbnRlbnQiOiJNREZfUEIiLCJtZWRpdW0iOiJhcGIiLCJzb3VyY2UiOiJzb2Z0b25pYyJ9LCJ1dWlkIjoiNzI1NjUyMTUtODI5NC00ZDgwLWFhOWYtN2E3YWU3ZTM2Y2ZiIn0= " --desktopshortcut=1 --wait-for-package --initial-proc-handle=A809000000000000

C:\Users\Admin\AppData\Local\Temp\7zS0D141DD9\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zS0D141DD9\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktop --annotation=ver=119.0.5497.141 --initial-client-data=0x290,0x294,0x298,0x260,0x29c,0x7ffb94fba108,0x7ffb94fba114,0x7ffb94fba120

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=4556,i,10269721194822001181,7289859295402463428,262144 --variations-seed-version --mojo-platform-channel-handle=760 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --field-trial-handle=11488,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=7472 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1168,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=8844 /prefetch:8

C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202506301804441\assistant\Assistant_118.0.5461.41_Setup.exe_sfx.exe

"C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202506301804441\assistant\Assistant_118.0.5461.41_Setup.exe_sfx.exe"

C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202506301804441\assistant\assistant_installer.exe

"C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202506301804441\assistant\assistant_installer.exe" --version

C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202506301804441\assistant\assistant_installer.exe

"C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202506301804441\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=118.0.5461.41 --initial-client-data=0x23c,0x240,0x244,0x218,0x248,0x66103c,0x661048,0x661054

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=9424,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=7688 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x520 0x4a4

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=9228,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=11296 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4284,i,10269721194822001181,7289859295402463428,262144 --variations-seed-version --mojo-platform-channel-handle=4132 /prefetch:8

C:\Windows\System32\msiexec.exe

"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\Downloads\AppSuite-PDF.msi"

C:\Windows\syswow64\MsiExec.exe

C:\Windows\syswow64\MsiExec.exe -Embedding EFF4908611144CE985384D15D819EF21 U

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --field-trial-handle=6964,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=7052 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --field-trial-handle=11288,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=5980 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --field-trial-handle=11848,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=11576 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --field-trial-handle=10568,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=11360 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --field-trial-handle=11532,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=11676 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --field-trial-handle=11356,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=8724 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=10504,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=6984 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --field-trial-handle=10576,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=11872 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --field-trial-handle=9376,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=11616 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --field-trial-handle=12376,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=12352 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --field-trial-handle=12420,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=12616 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --field-trial-handle=12312,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=12816 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --field-trial-handle=12900,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=12756 /prefetch:1

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\7-Zip\7zG.exe

"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\GTA_5_Real_Life_Mod_v2.0\" -spe -an -ai#7zMap11431:110:7zEvent26327

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3236,i,10269721194822001181,7289859295402463428,262144 --variations-seed-version --mojo-platform-channel-handle=4024 /prefetch:8

C:\Program Files\7-Zip\7zFM.exe

"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\GTA_5_Real_Life_Mod_v2.0.rar"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4320,i,10269721194822001181,7289859295402463428,262144 --variations-seed-version --mojo-platform-channel-handle=3240 /prefetch:8

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\GTA_5_Real_Life_Mod_v2.0\RealLifeMod2.ini

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=on_device_model.mojom.OnDeviceModelService --lang=en-US --service-sandbox-type=on_device_model_execution --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=7516,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=8716 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --field-trial-handle=12004,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=10096 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --field-trial-handle=11592,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=11888 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --field-trial-handle=10944,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=11656 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --field-trial-handle=11368,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=9360 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --field-trial-handle=10612,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=12956 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --field-trial-handle=9952,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=8456 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --field-trial-handle=10048,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=9580 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --field-trial-handle=11084,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=10680 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --field-trial-handle=12764,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=11372 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --field-trial-handle=9284,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=8516 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4072,i,10269721194822001181,7289859295402463428,262144 --variations-seed-version --mojo-platform-channel-handle=4940 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --field-trial-handle=11940,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=7932 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --field-trial-handle=11092,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=10972 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --field-trial-handle=9928,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=7752 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --field-trial-handle=9232,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=9144 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --field-trial-handle=10000,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=11184 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --field-trial-handle=12952,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=7960 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --field-trial-handle=12976,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=10776 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --field-trial-handle=9440,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=9124 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --field-trial-handle=9992,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=7960 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --field-trial-handle=11220,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=9988 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --field-trial-handle=12928,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=9632 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --field-trial-handle=8672,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=8052 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --field-trial-handle=12964,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=12704 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --field-trial-handle=8772,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=13084 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --field-trial-handle=9980,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=11840 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --field-trial-handle=8224,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=7888 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --field-trial-handle=11800,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=10604 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --field-trial-handle=11596,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=9408 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --field-trial-handle=8016,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=8892 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --field-trial-handle=9108,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=8376 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --field-trial-handle=11764,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=9116 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --field-trial-handle=9464,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=8164 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --field-trial-handle=9092,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=9496 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --field-trial-handle=9616,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=8544 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --field-trial-handle=8972,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=11776 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --field-trial-handle=9104,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=9728 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --field-trial-handle=12624,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=12948 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --field-trial-handle=9004,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=9044 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --field-trial-handle=9588,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=8444 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --field-trial-handle=8368,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=9080 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=134 --field-trial-handle=8028,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=12936 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --field-trial-handle=11808,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=9028 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --field-trial-handle=13064,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=10536 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --field-trial-handle=10584,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=9620 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=138 --field-trial-handle=11376,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=9824 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --field-trial-handle=9100,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=8992 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --field-trial-handle=12728,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=7484 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=141 --field-trial-handle=9968,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=11540 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=142 --field-trial-handle=1336,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=8920 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=143 --field-trial-handle=8384,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=11772 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=144 --field-trial-handle=7640,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=7980 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=145 --field-trial-handle=12356,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=10128 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=146 --field-trial-handle=7564,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=8052 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=147 --field-trial-handle=12720,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=9392 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=148 --field-trial-handle=11248,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=11872 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=149 --field-trial-handle=12872,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=12408 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=150 --field-trial-handle=12948,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=8144 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=151 --field-trial-handle=9844,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=8724 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=152 --field-trial-handle=9832,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=12200 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=153 --field-trial-handle=10360,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=9868 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=154 --field-trial-handle=9268,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=10452 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=155 --field-trial-handle=12320,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=7972 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=156 --field-trial-handle=8400,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=8212 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=157 --field-trial-handle=12452,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=9608 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=158 --field-trial-handle=12868,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=11336 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=159 --field-trial-handle=6440,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=7672 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=160 --field-trial-handle=8504,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=7696 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=161 --field-trial-handle=13264,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=13224 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=162 --field-trial-handle=7768,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=12340 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=163 --field-trial-handle=11228,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=9516 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=164 --field-trial-handle=10236,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=10168 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=165 --field-trial-handle=10580,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=11104 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=166 --field-trial-handle=10728,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=7672 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=167 --field-trial-handle=3300,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=6256 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=168 --field-trial-handle=6308,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=10836 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=10308,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=10920 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3200,i,10269721194822001181,7289859295402463428,262144 --variations-seed-version --mojo-platform-channel-handle=4316 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=12352,i,1333147078001613423,8530215002067260493,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=9432 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.pcrisk.com udp
US 8.8.8.8:53 www.pcrisk.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 172.67.75.109:443 www.pcrisk.com tcp
US 150.171.27.11:80 edge.microsoft.com tcp
US 150.171.27.11:443 edge.microsoft.com tcp
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 copilot.microsoft.com udp
US 8.8.8.8:53 copilot.microsoft.com udp
US 150.171.27.11:443 edge.microsoft.com tcp
GB 2.18.27.68:443 copilot.microsoft.com tcp
US 13.107.246.64:443 api.edgeoffer.microsoft.com tcp
US 13.107.246.64:443 api.edgeoffer.microsoft.com tcp
GB 2.18.27.68:443 copilot.microsoft.com tcp
US 150.171.27.11:443 edge.microsoft.com tcp
US 8.8.8.8:53 pcriskweb.disqus.com udp
US 8.8.8.8:53 pcriskweb.disqus.com udp
US 172.67.75.109:443 www.pcrisk.com tcp
US 199.232.196.134:443 pcriskweb.disqus.com tcp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 150.171.27.11:443 edge.microsoft.com tcp
US 8.8.8.8:53 td.doubleclick.net udp
US 8.8.8.8:53 td.doubleclick.net udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 172.217.16.226:443 td.doubleclick.net tcp
GB 172.217.16.226:443 td.doubleclick.net tcp
US 216.239.32.36:443 region1.google-analytics.com tcp
GB 216.58.213.2:443 googleads.g.doubleclick.net udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 www.google.co.uk udp
GB 172.217.169.35:443 www.google.co.uk udp
US 172.67.75.109:443 www.pcrisk.com tcp
US 150.171.27.11:443 edge.microsoft.com tcp
US 8.8.8.8:53 update.googleapis.com udp
US 8.8.8.8:53 update.googleapis.com udp
GB 142.250.200.3:443 update.googleapis.com tcp
GB 2.18.27.82:443 www.bing.com tcp
US 8.8.8.8:53 clients2.googleusercontent.com udp
US 8.8.8.8:53 clients2.googleusercontent.com udp
GB 142.250.200.1:443 clients2.googleusercontent.com tcp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 150.171.28.11:443 edge.microsoft.com tcp
GB 2.18.27.82:443 www.bing.com udp
N/A 224.0.0.251:5353 udp
US 172.67.75.109:443 www.pcrisk.com tcp
GB 216.58.213.2:443 googleads.g.doubleclick.net udp
GB 172.217.16.226:443 td.doubleclick.net udp
US 216.239.32.36:443 region1.google-analytics.com udp
GB 172.217.16.226:443 td.doubleclick.net udp
GB 142.250.178.4:443 www.google.com udp
GB 172.217.169.35:443 www.google.co.uk udp
US 199.232.196.134:443 pcriskweb.disqus.com tcp
US 8.8.8.8:53 services.combocleaner.com udp
US 172.67.96.20:443 services.combocleaner.com tcp
US 8.8.8.8:53 e5.c.lencr.org udp
US 104.18.21.213:80 e5.c.lencr.org tcp
US 172.67.96.20:443 services.combocleaner.com tcp
US 8.8.8.8:53 edge-consumer-static.azureedge.net udp
US 8.8.8.8:53 edge-consumer-static.azureedge.net udp
US 13.107.246.64:443 edge-consumer-static.azureedge.net tcp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 150.171.27.11:443 edge.microsoft.com tcp
US 150.171.28.11:443 edge.microsoft.com tcp
US 150.171.28.11:443 edge.microsoft.com tcp
GB 2.18.27.76:443 www.bing.com tcp
GB 2.18.27.76:443 www.bing.com tcp
US 8.8.8.8:53 www.google.com udp
GB 216.58.204.68:443 www.google.com tcp
GB 216.58.204.68:443 www.google.com udp
US 8.8.8.8:53 ogads-pa.clients6.google.com udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.151.95:443 ogads-pa.clients6.google.com tcp
GB 142.250.117.139:443 apis.google.com tcp
GB 142.250.151.95:443 ogads-pa.clients6.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.16.238:443 play.google.com tcp
GB 172.217.16.238:443 play.google.com udp
US 8.8.8.8:53 clients2.google.com udp
GB 172.217.16.238:443 clients2.google.com tcp
US 8.8.8.8:53 clients2.googleusercontent.com udp
GB 142.250.200.1:443 clients2.googleusercontent.com tcp
US 8.8.8.8:53 dns-tunnel-check.googlezip.net udp
US 8.8.8.8:53 tunnel.googlezip.net udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 142.250.151.95:443 ogads-pa.clients6.google.com tcp
GB 142.250.151.95:443 ogads-pa.clients6.google.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 172.217.16.238:443 clients2.google.com tcp
GB 172.217.16.238:443 clients2.google.com udp
US 8.8.8.8:53 consent.google.com udp
GB 142.250.200.46:443 consent.google.com tcp
US 8.8.8.8:53 encrypted-vtbn0.gstatic.com udp
GB 216.58.201.110:443 encrypted-vtbn0.gstatic.com tcp
GB 216.58.201.110:443 encrypted-vtbn0.gstatic.com tcp
GB 216.58.201.110:443 encrypted-vtbn0.gstatic.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 freethevbucks.com udp
US 69.48.182.238:443 freethevbucks.com tcp
US 69.48.182.238:443 freethevbucks.com tcp
US 69.48.182.238:443 freethevbucks.com tcp
US 69.48.182.238:443 freethevbucks.com tcp
US 69.48.182.238:443 freethevbucks.com tcp
US 69.48.182.238:443 freethevbucks.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 142.251.30.156:443 googleads.g.doubleclick.net tcp
US 69.48.182.238:443 freethevbucks.com udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
GB 142.250.179.238:443 fundingchoicesmessages.google.com tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
US 216.239.32.36:443 region1.analytics.google.com tcp
GB 172.217.16.227:443 www.google.co.uk tcp
BE 74.125.71.154:443 stats.g.doubleclick.net tcp
GB 142.250.179.238:443 fundingchoicesmessages.google.com udp
GB 142.250.179.238:443 fundingchoicesmessages.google.com udp
US 69.48.182.238:443 freethevbucks.com udp
US 69.48.182.238:443 freethevbucks.com tcp
GB 142.251.30.156:443 googleads.g.doubleclick.net tcp
GB 142.251.30.156:443 googleads.g.doubleclick.net tcp
GB 142.251.30.156:443 googleads.g.doubleclick.net tcp
GB 142.251.30.156:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
GB 172.217.16.226:443 ep1.adtrafficquality.google tcp
US 8.8.8.8:53 edge-consumer-static.azureedge.net udp
US 8.8.8.8:53 edge-consumer-static.azureedge.net udp
US 13.107.246.64:443 edge-consumer-static.azureedge.net tcp
US 13.107.246.64:443 edge-consumer-static.azureedge.net tcp
US 8.8.8.8:53 ep2.adtrafficquality.google udp
GB 142.250.140.132:443 ep2.adtrafficquality.google tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
GB 142.251.30.156:443 googleads.g.doubleclick.net udp
GB 216.58.204.68:443 www.google.com tcp
GB 216.58.201.97:443 tpc.googlesyndication.com tcp
GB 216.58.201.97:443 tpc.googlesyndication.com tcp
GB 216.58.201.97:443 tpc.googlesyndication.com tcp
GB 216.58.201.97:443 tpc.googlesyndication.com tcp
GB 216.58.201.97:443 tpc.googlesyndication.com tcp
GB 216.58.201.97:443 tpc.googlesyndication.com tcp
GB 142.250.140.132:443 ep2.adtrafficquality.google tcp
GB 216.58.204.68:443 www.google.com tcp
GB 216.58.204.68:443 www.google.com udp
GB 216.58.201.97:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 syndicatedsearch.goog udp
GB 216.58.204.78:443 syndicatedsearch.goog tcp
US 8.8.8.8:53 partner.googleadservices.com udp
GB 172.217.16.226:443 partner.googleadservices.com tcp
GB 216.58.204.68:443 www.google.com udp
GB 216.58.204.68:443 www.google.com udp
US 8.8.8.8:53 www.googletagservices.com udp
GB 142.250.187.194:443 www.googletagservices.com tcp
US 8.8.8.8:53 a.c.appier.net udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 8.8.8.8:53 bh.contextweb.com udp
US 8.8.8.8:53 a.rfihub.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
GB 142.251.29.157:443 cm.g.doubleclick.net tcp
US 8.8.8.8:53 dsp.360yield.com udp
US 3.216.250.47:443 sync.srv.stackadapt.com tcp
US 8.8.8.8:53 gtrace.mediago.io udp
US 8.8.8.8:53 dsp.adkernel.com udp
NL 193.0.160.130:443 a.rfihub.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
JP 172.104.105.5:443 a.c.appier.net tcp
US 174.137.133.49:443 dsp.adkernel.com tcp
NL 35.214.168.80:443 gtrace.mediago.io tcp
IE 34.254.53.67:443 dsp.360yield.com tcp
US 216.239.32.36:443 region1.analytics.google.com udp
JP 172.104.105.5:443 a.c.appier.net tcp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn2.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn3.gstatic.com udp
GB 142.250.187.238:443 encrypted-tbn2.gstatic.com tcp
GB 142.250.187.238:443 encrypted-tbn2.gstatic.com tcp
GB 216.58.204.78:443 encrypted-tbn3.gstatic.com tcp
US 8.8.8.8:53 c.pki.goog udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.187.238:443 www.youtube.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.187.238:443 www.youtube.com udp
GB 172.217.169.54:443 i.ytimg.com tcp
GB 142.250.179.227:80 c.pki.goog tcp
GB 142.251.30.156:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 static.doubleclick.net udp
GB 142.250.178.6:443 static.doubleclick.net tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 172.217.169.74:443 jnn-pa.googleapis.com tcp
GB 172.217.169.74:443 jnn-pa.googleapis.com udp
GB 172.217.16.238:443 www.youtube.com tcp
GB 172.217.16.238:443 www.youtube.com tcp
GB 172.217.16.238:443 www.youtube.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 142.251.30.156:443 googleads.g.doubleclick.net udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 vbucks-numbers-for-fortnite-ios.soft112.com udp
US 104.243.35.223:443 vbucks-numbers-for-fortnite-ios.soft112.com tcp
US 104.243.35.223:443 vbucks-numbers-for-fortnite-ios.soft112.com tcp
US 8.8.8.8:53 cdn.soft112.com udp
US 8.8.8.8:53 www.soft112.com udp
US 209.222.98.21:443 www.soft112.com tcp
US 209.222.98.21:443 www.soft112.com tcp
US 209.222.98.21:443 www.soft112.com tcp
US 209.222.98.21:443 www.soft112.com tcp
US 209.222.98.21:443 www.soft112.com tcp
US 209.222.98.21:443 www.soft112.com tcp
US 209.222.98.21:443 www.soft112.com tcp
GB 79.127.237.132:443 cdn.soft112.com tcp
GB 142.250.179.238:443 fundingchoicesmessages.google.com tcp
GB 142.250.179.238:443 fundingchoicesmessages.google.com udp
GB 142.250.179.238:443 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 lh3.googleusercontent.com udp
GB 142.250.200.1:443 lh3.googleusercontent.com tcp
US 216.239.32.36:443 region1.analytics.google.com tcp
BE 74.125.71.154:443 stats.g.doubleclick.net tcp
GB 172.217.16.227:443 www.google.co.uk tcp
US 8.8.8.8:53 ads.soft112.com udp
US 209.222.98.37:443 ads.soft112.com tcp
US 209.222.98.37:443 ads.soft112.com tcp
GB 142.251.30.156:443 googleads.g.doubleclick.net tcp
US 216.239.32.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 static.edge.microsoftapp.net udp
US 8.8.8.8:53 static.edge.microsoftapp.net udp
US 13.107.246.64:443 static.edge.microsoftapp.net tcp
US 150.171.27.11:443 edge.microsoft.com tcp
US 8.8.8.8:53 edge-cloud-resource-static.azureedge.net udp
US 8.8.8.8:53 edge-cloud-resource-static.azureedge.net udp
US 13.107.246.64:443 edge-cloud-resource-static.azureedge.net tcp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
GB 84.201.209.99:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 csi.gstatic.com udp
JP 142.250.207.35:443 csi.gstatic.com tcp
US 8.8.8.8:53 vbucks-roulette-for-fortnite-ios.soft112.com udp
GB 142.251.30.156:443 googleads.g.doubleclick.net tcp
GB 142.251.30.156:443 googleads.g.doubleclick.net tcp
GB 142.251.30.156:443 googleads.g.doubleclick.net tcp
GB 216.58.201.97:443 tpc.googlesyndication.com tcp
GB 216.58.204.68:443 www.google.com tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 142.250.187.227:443 beacons.gcp.gvt2.com tcp
GB 142.251.30.156:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 windows.soft112.com udp
GB 142.250.187.227:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 www.softlandro.com udp
US 209.222.98.37:443 www.softlandro.com tcp
US 8.8.8.8:53 google.com udp
GB 142.250.187.238:443 google.com tcp
GB 216.58.201.97:443 tpc.googlesyndication.com udp
GB 216.58.204.68:443 www.google.com udp
US 8.8.8.8:53 creativecdn.com udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 8.8.8.8:53 gtracenep.admaster.cc udp
US 8.8.8.8:53 www.temu.com udp
US 8.8.8.8:53 pr-bh.ybp.yahoo.com udp
US 8.8.8.8:53 a.tribalfusion.com udp
GB 142.251.29.157:443 cm.g.doubleclick.net tcp
NL 193.0.160.130:443 a.rfihub.com tcp
US 104.18.37.193:443 a.tribalfusion.com tcp
US 104.18.43.206:443 www.temu.com tcp
IE 34.243.72.95:443 pr-bh.ybp.yahoo.com tcp
NL 185.184.8.90:443 creativecdn.com tcp
US 3.208.183.244:443 sync.srv.stackadapt.com tcp
NL 35.214.168.80:443 gtracenep.admaster.cc tcp
US 3.208.183.244:443 sync.srv.stackadapt.com tcp
NL 193.0.160.130:443 a.rfihub.com tcp
US 104.18.43.206:443 www.temu.com tcp
US 104.18.43.206:443 www.temu.com tcp
GB 142.251.29.157:443 cm.g.doubleclick.net tcp
US 8.8.8.8:53 match.prod.bidr.io udp
IE 52.210.89.164:443 match.prod.bidr.io tcp
GB 142.251.29.157:443 cm.g.doubleclick.net udp
US 8.8.8.8:53 s.tribalfusion.com udp
GB 172.217.16.226:443 partner.googleadservices.com tcp
GB 142.250.140.132:443 ep2.adtrafficquality.google tcp
GB 142.250.187.194:443 www.googletagservices.com tcp
GB 142.250.140.132:443 ep2.adtrafficquality.google tcp
GB 142.250.140.132:443 ep2.adtrafficquality.google udp
GB 172.217.16.226:443 partner.googleadservices.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 142.250.151.95:443 ogads-pa.clients6.google.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 en.softonic.com udp
GB 172.217.16.238:443 www.youtube.com udp
US 151.101.65.91:443 en.softonic.com tcp
US 151.101.65.91:443 en.softonic.com tcp
US 8.8.8.8:53 sdk.privacy-center.org udp
US 8.8.8.8:53 assets.sftcdn.net udp
US 8.8.8.8:53 images.sftcdn.net udp
US 8.8.8.8:53 bat.bing.com udp
US 151.101.129.91:443 images.sftcdn.net tcp
US 151.101.129.91:443 images.sftcdn.net tcp
US 151.101.1.91:443 images.sftcdn.net tcp
US 150.171.28.10:443 bat.bing.com tcp
GB 18.165.160.104:443 sdk.privacy-center.org tcp
US 151.101.129.91:443 images.sftcdn.net udp
GB 18.165.160.104:443 sdk.privacy-center.org udp
US 151.101.1.91:443 images.sftcdn.net udp
US 8.8.8.8:53 bat.bing.net udp
US 150.171.28.10:443 bat.bing.net tcp
US 150.171.28.10:443 bat.bing.net tcp
US 150.171.28.10:443 bat.bing.net tcp
US 8.8.8.8:53 api.privacy-center.org udp
GB 216.58.204.68:443 www.google.com tcp
US 8.8.8.8:53 www.clarity.ms udp
US 8.8.8.8:53 push-sdk.com udp
US 8.8.8.8:53 cdn.debugbear.com udp
GB 3.162.20.128:443 api.privacy-center.org tcp
US 13.107.246.64:443 www.clarity.ms tcp
US 104.22.63.145:443 cdn.debugbear.com tcp
DE 157.90.33.121:443 push-sdk.com tcp
GB 3.162.20.128:443 api.privacy-center.org udp
US 216.239.32.36:443 region1.analytics.google.com tcp
BE 74.125.71.154:443 stats.g.doubleclick.net tcp
GB 172.217.16.227:443 www.google.co.uk tcp
US 8.8.8.8:53 c.clarity.ms udp
IE 13.74.129.1:443 c.clarity.ms tcp
US 8.8.8.8:53 uidsync.net udp
DE 157.90.33.122:443 uidsync.net tcp
US 8.8.8.8:53 c.bing.com udp
US 8.8.8.8:53 b.clarity.ms udp
DE 157.90.33.122:443 uidsync.net tcp
US 4.153.129.168:443 b.clarity.ms tcp
DE 157.90.33.121:443 uidsync.net tcp
US 151.101.65.91:443 images.sftcdn.net udp
US 216.239.32.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 8.8.8.8:53 rv-assets.softonic.com udp
GB 216.58.204.68:443 www.google.com udp
US 151.101.1.91:443 rv-assets.softonic.com tcp
GB 172.217.169.66:443 securepubads.g.doubleclick.net tcp
GB 13.224.225.87:443 c.amazon-adsystem.com tcp
GB 13.224.225.87:443 c.amazon-adsystem.com tcp
GB 172.217.169.66:443 securepubads.g.doubleclick.net tcp
GB 216.58.204.78:443 www.youtube.com tcp
GB 172.217.169.66:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 btloader.com udp
US 104.22.74.216:443 btloader.com tcp
GB 172.217.16.226:443 partner.googleadservices.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
US 8.8.8.8:53 id5-sync.com udp
DE 162.19.138.120:443 id5-sync.com tcp
GB 172.217.169.66:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 cdn-ima.33across.com udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
GB 216.58.204.78:443 www.youtube.com udp
US 8.8.8.8:53 cdn-ima.33across.com udp
GB 18.245.143.58:443 tags.crwdcntrl.net tcp
US 8.8.8.8:53 ag.dns-finder.com udp
US 8.8.8.8:53 ad-delivery.net udp
GB 52.84.90.126:443 config.aps.amazon-adsystem.com tcp
US 104.22.5.65:443 ad-delivery.net tcp
US 104.22.5.65:443 ad-delivery.net tcp
GB 172.217.169.66:443 securepubads.g.doubleclick.net udp
US 34.36.200.111:443 ag.dns-finder.com tcp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 104.22.52.86:443 cdn.id5-sync.com tcp
DE 162.19.138.117:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 api.btloader.com udp
US 8.8.8.8:53 cdn.btmessage.com udp
US 104.22.74.216:443 btloader.com tcp
US 130.211.23.194:443 api.btloader.com tcp
US 130.211.23.194:443 api.btloader.com tcp
US 172.67.20.127:443 cdn.btmessage.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 172.67.20.127:443 cdn.btmessage.com tcp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
US 8.8.8.8:53 api.btmessage.com udp
N/A 127.0.0.1:443 tcp
N/A 127.0.0.1:443 tcp
US 8.8.8.8:53 lbs.eu-1-id5-sync.com udp
FR 57.129.92.70:443 lbs.eu-1-id5-sync.com tcp
US 8.8.8.8:53 match.adsrvr.org udp
US 35.71.131.137:443 match.adsrvr.org tcp
US 8.8.8.8:53 rtb.gumgum.com udp
IE 52.210.241.74:443 rtb.gumgum.com tcp
US 8.8.8.8:53 a9c6fe108afe572efe5d6e77925b5b95.safeframe.googlesyndication.com udp
GB 172.217.16.225:443 a9c6fe108afe572efe5d6e77925b5b95.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 ce.lijit.com udp
IE 52.213.73.46:443 ce.lijit.com tcp
US 8.8.8.8:53 dis.eu.criteo.com udp
NL 178.250.1.9:443 dis.eu.criteo.com tcp
GB 216.58.201.97:443 tpc.googlesyndication.com tcp
GB 216.58.201.97:443 tpc.googlesyndication.com tcp
GB 216.58.201.97:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 ib.adnxs.com udp
NL 185.89.210.90:443 ib.adnxs.com tcp
GB 142.250.187.227:443 beacons.gcp.gvt2.com tcp
GB 142.250.187.227:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.66:443 securepubads.g.doubleclick.net udp
GB 172.217.169.66:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 ice.360yield.com udp
IE 52.48.81.152:443 ice.360yield.com tcp
GB 142.250.187.194:443 www.googletagservices.com tcp
US 8.8.8.8:53 rtd-tm.everesttech.net udp
US 151.101.2.49:443 rtd-tm.everesttech.net tcp
US 8.8.8.8:53 c1.adform.net udp
DK 37.157.6.237:443 c1.adform.net tcp
GB 142.250.187.227:443 beacons.gcp.gvt2.com udp
GB 172.217.16.226:443 partner.googleadservices.com tcp
GB 142.250.140.132:443 ep2.adtrafficquality.google tcp
GB 142.250.140.132:443 ep2.adtrafficquality.google tcp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.140.132:443 ep2.adtrafficquality.google udp
GB 172.217.16.226:443 partner.googleadservices.com udp
US 8.8.8.8:53 gta-5-real-life-mod.en.softonic.com udp
US 151.101.193.91:443 gta-5-real-life-mod.en.softonic.com tcp
GB 216.58.204.78:443 www.youtube.com udp
DE 162.19.138.120:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 2eb014fdcab54d5a180ac4ee73efa423.safeframe.googlesyndication.com udp
GB 142.250.178.1:443 2eb014fdcab54d5a180ac4ee73efa423.safeframe.googlesyndication.com tcp
N/A 127.0.0.1:443 tcp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
US 8.8.8.8:53 shb.richaudience.com udp
US 104.18.27.193:443 htlb.casalemedia.com tcp
DE 49.12.171.126:443 shb.richaudience.com tcp
DE 49.12.171.126:443 shb.richaudience.com tcp
US 34.36.200.111:443 ag.dns-finder.com udp
US 34.120.63.153:443 prebid.media.net tcp
NL 185.64.189.112:443 hbopenbid.pubmatic.com tcp
FR 34.1.1.166:443 hb-api.omnitagjs.com tcp
IE 54.216.35.176:443 ap.lijit.com tcp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 storage.googleapis.com udp
US 8.8.8.8:53 di-images.sftcdn.net udp
GB 108.156.36.80:443 aax.amazon-adsystem.com tcp
GB 142.250.178.27:443 storage.googleapis.com tcp
DE 162.19.138.117:443 lb.eu-1-id5-sync.com tcp
US 130.211.23.194:443 api.btloader.com udp
GB 216.58.201.97:443 tpc.googlesyndication.com tcp
GB 216.58.201.97:443 tpc.googlesyndication.com tcp
GB 216.58.201.97:443 tpc.googlesyndication.com tcp
N/A 127.0.0.1:443 tcp
GB 216.58.201.97:443 tpc.googlesyndication.com udp
FR 57.129.92.70:443 lbs.eu-1-id5-sync.com tcp
US 8.8.8.8:53 dclk-match.dotomi.com udp
US 8.8.8.8:53 x.bidswitch.net udp
GB 142.251.29.157:443 cm.g.doubleclick.net tcp
NL 89.207.16.204:443 dclk-match.dotomi.com tcp
NL 35.214.136.108:443 x.bidswitch.net tcp
NL 35.214.136.108:443 x.bidswitch.net udp
GB 142.251.29.157:443 cm.g.doubleclick.net udp
NL 35.214.136.108:443 x.bidswitch.net tcp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 8.8.8.8:53 csync.loopme.me udp
NL 35.214.249.5:443 csync.loopme.me tcp
US 8.8.8.8:53 image6.pubmatic.com udp
DE 103.231.98.107:443 image6.pubmatic.com tcp
GB 142.250.187.227:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 eb2.3lift.com udp
US 76.223.111.18:443 eb2.3lift.com tcp
GB 172.217.16.226:443 partner.googleadservices.com udp
US 8.8.8.8:53 sync.richaudience.com udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 visitor.omnitagjs.com udp
US 8.8.8.8:53 contextual.media.net udp
US 8.8.8.8:53 ce.lijit.com udp
US 8.8.8.8:53 js-sec.indexww.com udp
US 104.18.24.18:443 js-sec.indexww.com tcp
DE 148.251.20.72:443 sync.richaudience.com tcp
GB 184.25.192.27:443 contextual.media.net tcp
FR 34.1.1.166:443 visitor.omnitagjs.com tcp
IE 52.213.73.46:443 ce.lijit.com tcp
GB 184.26.56.245:443 ads.pubmatic.com tcp
DE 103.231.98.107:443 image6.pubmatic.com tcp
US 8.8.8.8:53 s.ad.smaato.net udp
NL 34.1.242.226:443 s.ad.smaato.net tcp
US 8.8.8.8:53 us-u.openx.net udp
US 35.244.159.8:443 us-u.openx.net tcp
US 8.8.8.8:53 sync.serverbid.com udp
GB 143.204.176.112:443 sync.serverbid.com tcp
US 8.8.8.8:53 sync.adkernel.com udp
US 8.8.8.8:53 ssc-cms.33across.com udp
NL 103.67.200.72:443 sync.adkernel.com tcp
US 67.202.105.21:443 ssc-cms.33across.com tcp
US 35.244.159.8:443 us-u.openx.net udp
US 67.202.105.21:443 ssc-cms.33across.com tcp
US 67.202.105.21:443 ssc-cms.33across.com tcp
US 8.8.8.8:53 onetag-sys.com udp
DE 51.75.86.98:443 onetag-sys.com tcp
US 8.8.8.8:53 player.aniview.com udp
GB 2.20.12.70:443 player.aniview.com tcp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
US 54.159.122.92:443 cs-server-s2s.yellowblue.io tcp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
NL 81.17.55.123:443 ssbsync.smartadserver.com tcp
NL 103.67.200.72:443 sync.adkernel.com tcp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
US 8.8.8.8:53 pixel-eu.rubiconproject.com udp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
IE 54.216.35.176:443 ap.lijit.com tcp
US 8.8.8.8:53 um.simpli.fi udp
IE 54.216.35.176:443 ap.lijit.com tcp
US 8.8.8.8:53 cms.quantserve.com udp
NL 185.184.8.90:443 creativecdn.com tcp
US 8.8.8.8:53 t.adx.opera.com udp
US 8.8.8.8:53 sync.1rx.io udp
IE 52.95.115.196:443 aax-eu.amazon-adsystem.com tcp
NL 69.173.156.148:443 pixel-eu.rubiconproject.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
NL 35.204.158.49:443 um.simpli.fi tcp
NL 82.145.213.8:443 t.adx.opera.com tcp
US 8.8.8.8:53 sync-tm.everesttech.net udp
DE 91.228.74.200:443 cms.quantserve.com tcp
DK 37.157.6.237:443 c1.adform.net tcp
NL 46.228.174.117:443 sync.1rx.io tcp
NL 35.214.249.5:443 csync.loopme.me tcp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 151.101.130.49:443 sync-tm.everesttech.net tcp
US 104.18.27.193:443 ssum-sec.casalemedia.com tcp
US 8.8.8.8:53 pixel-us-east.rubiconproject.com udp
US 8.8.8.8:53 cs.krushmedia.com udp
US 69.173.146.5:443 pixel-us-east.rubiconproject.com tcp
US 80.77.82.130:443 cs.krushmedia.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
US 104.18.27.193:443 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 p.rfihub.com udp
NL 193.0.160.130:443 p.rfihub.com tcp
IE 52.95.115.196:443 aax-eu.amazon-adsystem.com tcp
US 8.8.8.8:53 dis.criteo.com udp
US 8.8.8.8:53 ups.analytics.yahoo.com udp
US 8.8.8.8:53 dpm.demdex.net udp
IE 34.243.72.95:443 pr-bh.ybp.yahoo.com tcp
US 8.8.8.8:53 pixel.onaudience.com udp
US 8.8.8.8:53 uipglob.semasio.net udp
US 35.71.131.137:443 match.adsrvr.org tcp
FR 51.38.30.15:443 pixel.onaudience.com tcp
US 8.8.8.8:53 simage2.pubmatic.com udp
NL 178.250.1.9:443 dis.criteo.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
DK 77.243.51.121:443 uipglob.semasio.net tcp
GB 87.248.114.12:443 ups.analytics.yahoo.com tcp
IE 52.209.167.50:443 dpm.demdex.net tcp
IE 52.210.89.164:443 match.prod.bidr.io tcp
GB 184.25.192.27:443 contextual.media.net udp
DE 103.231.98.109:443 simage2.pubmatic.com tcp
DE 103.231.98.109:443 simage2.pubmatic.com tcp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
GB 2.22.134.142:443 secure-assets.rubiconproject.com tcp
US 8.8.8.8:53 net.geo.opera.com udp
DE 51.75.86.98:443 onetag-sys.com udp
NL 185.26.182.111:443 net.geo.opera.com tcp
NL 185.26.182.111:443 net.geo.opera.com tcp
US 8.8.8.8:53 eus.rubiconproject.com udp
GB 184.25.193.73:443 eus.rubiconproject.com tcp
US 8.8.8.8:53 secure.adnxs.com udp
US 8.8.8.8:53 api-ssp.spot.im udp
NL 35.214.249.5:443 csync.loopme.me tcp
US 8.8.8.8:53 image8.pubmatic.com udp
US 8.8.8.8:53 hb.trustedstack.com udp
US 8.8.8.8:53 match.sharethrough.com udp
US 76.223.111.18:443 eb2.3lift.com tcp
US 3.208.183.244:443 sync.srv.stackadapt.com tcp
DE 37.252.171.53:443 secure.adnxs.com tcp
DE 37.252.171.53:443 secure.adnxs.com tcp
DE 37.252.171.53:443 secure.adnxs.com tcp
DE 3.70.96.114:443 match.sharethrough.com tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
GB 2.22.144.72:443 hb.trustedstack.com tcp
GB 18.244.140.50:443 api-ssp.spot.im tcp
US 8.8.8.8:53 usync.smxconv.com udp
US 8.8.8.8:53 sync.targeting.unrulymedia.com udp
US 8.8.8.8:53 visitor.europe-west9.gcp.omnitagjs.com udp
US 80.77.84.209:443 usync.smxconv.com tcp
US 8.8.8.8:53 u.openx.net udp
FR 34.1.1.166:443 visitor.europe-west9.gcp.omnitagjs.com tcp
FR 34.1.1.166:443 visitor.europe-west9.gcp.omnitagjs.com tcp
FR 34.1.1.166:443 visitor.europe-west9.gcp.omnitagjs.com tcp
FR 34.1.1.166:443 visitor.europe-west9.gcp.omnitagjs.com tcp
FR 34.1.1.166:443 visitor.europe-west9.gcp.omnitagjs.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
US 8.8.8.8:53 gum.criteo.com udp
US 8.8.8.8:53 pxl.iqm.com udp
US 8.8.8.8:53 c21lg-d.media.net udp
US 8.8.8.8:53 medianet-match.dotomi.com udp
US 8.8.8.8:53 ad.360yield.com udp
US 8.8.8.8:53 visitor-adpone.omnitagjs.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
US 54.88.142.103:443 pxl.iqm.com tcp
GB 184.26.56.27:443 c21lg-d.media.net tcp
NL 89.149.193.104:443 rtb-csync.smartadserver.com tcp
NL 89.149.193.104:443 rtb-csync.smartadserver.com tcp
NL 89.149.193.104:443 rtb-csync.smartadserver.com tcp
NL 89.149.193.104:443 rtb-csync.smartadserver.com tcp
NL 89.149.193.104:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 jadserve.postrelease.com udp
GB 184.26.56.27:443 c21lg-d.media.net tcp
US 104.18.43.206:443 www.temu.com tcp
IE 52.211.139.188:443 ad.360yield.com tcp
IE 52.210.241.74:443 rtb.gumgum.com tcp
IE 52.50.71.86:443 jadserve.postrelease.com tcp
US 8.8.8.8:53 aorta.clickagy.com udp
NL 185.89.210.90:443 ib.adnxs.com tcp
US 8.8.8.8:53 s0.2mdn.net udp
US 52.5.62.21:443 aorta.clickagy.com tcp
GB 216.58.204.70:443 s0.2mdn.net tcp
NL 198.47.127.205:443 image2.pubmatic.com tcp
US 8.8.8.8:53 openx2-match.dotomi.com udp
NL 63.215.202.137:443 openx2-match.dotomi.com tcp
US 8.8.8.8:53 sync.aniview.com udp
NL 35.214.249.5:443 csync.loopme.me tcp
US 8.8.8.8:53 ssp-sync.criteo.com udp
US 8.8.8.8:53 cs.media.net udp
US 172.240.45.96:443 sync.aniview.com tcp
NL 178.250.1.57:443 ssp-sync.criteo.com tcp
US 8.8.8.8:53 dsum-sec.casalemedia.com udp
US 8.8.8.8:53 s.amazon-adsystem.com udp
US 98.82.156.107:443 s.amazon-adsystem.com tcp
US 3.208.183.244:443 sync.srv.stackadapt.com tcp
US 8.8.8.8:53 wt.rqtrk.eu udp
US 8.8.8.8:53 sync.bfmio.com udp
US 8.8.8.8:53 partners.tremorhub.com udp
US 8.8.8.8:53 sync.outbrain.com udp
US 172.240.45.96:443 sync.aniview.com tcp
US 18.208.85.142:443 partners.tremorhub.com tcp
US 54.86.210.228:443 sync.bfmio.com tcp
DE 57.129.18.113:443 wt.rqtrk.eu tcp
US 50.31.142.31:443 sync.outbrain.com tcp
US 8.8.8.8:53 idsync.rlcdn.com udp
US 8.8.8.8:53 ads.yieldmo.com udp
US 8.8.8.8:53 sync.screencore.io udp
US 8.8.8.8:53 csync.copper6.com udp
US 8.8.8.8:53 id.rlcdn.com udp
US 8.8.8.8:53 bttrack.com udp
US 35.244.174.68:443 id.rlcdn.com tcp
US 35.244.174.68:443 id.rlcdn.com tcp
IE 34.246.208.138:443 ads.yieldmo.com tcp
US 80.77.81.74:443 sync.screencore.io tcp
US 8.8.8.8:53 sync.taboola.com udp
US 80.77.84.96:443 csync.copper6.com tcp
US 192.132.33.67:443 bttrack.com tcp
US 8.8.8.8:53 bpi.rtactivate.com udp
NL 141.226.228.48:443 sync.taboola.com tcp
US 34.233.83.130:443 bpi.rtactivate.com tcp
US 8.8.8.8:53 eu-u.openx.net udp
US 104.18.37.193:443 s.tribalfusion.com tcp
US 8.8.8.8:53 token.rubiconproject.com udp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 54.88.142.103:443 pxl.iqm.com tcp
US 54.88.142.103:443 pxl.iqm.com tcp
US 54.88.142.103:443 pxl.iqm.com tcp
US 80.77.84.96:443 csync.copper6.com tcp
US 54.88.142.103:443 pxl.iqm.com tcp
DE 103.231.98.104:443 simage4.pubmatic.com tcp
US 80.77.84.96:443 csync.copper6.com tcp
US 4.153.129.168:443 b.clarity.ms tcp
US 8.8.8.8:53 desktop-netinstaller-sub.osp.opera.software udp
NL 82.145.217.121:443 desktop-netinstaller-sub.osp.opera.software tcp
US 8.8.8.8:53 autoupdate.opera.com udp
NL 185.26.182.124:443 autoupdate.opera.com tcp
NL 185.26.182.124:443 autoupdate.opera.com tcp
US 8.8.8.8:53 features.opera-api2.com udp
NL 82.145.216.59:443 features.opera-api2.com tcp
US 8.8.8.8:53 api.config.opr.gg udp
US 104.18.24.17:443 api.config.opr.gg tcp
GB 142.250.179.227:80 c.pki.goog tcp
US 8.8.8.8:53 download.opera.com udp
NL 82.145.216.23:443 download.opera.com tcp
US 8.8.8.8:53 download5.operacdn.com udp
US 104.18.10.89:443 download5.operacdn.com tcp
US 8.8.8.8:53 pdfadmin.com udp
GB 18.172.89.20:443 pdfadmin.com tcp
GB 18.172.89.20:443 pdfadmin.com tcp
GB 142.251.30.156:443 googleads.g.doubleclick.net tcp
GB 142.251.30.156:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 content.pdfadmin.com udp
GB 3.162.20.83:443 content.pdfadmin.com tcp
GB 3.162.20.83:443 content.pdfadmin.com tcp
GB 3.162.20.83:443 content.pdfadmin.com tcp
GB 3.162.20.83:443 content.pdfadmin.com tcp
NL 82.145.217.121:443 desktop-netinstaller-sub.osp.opera.software tcp
US 8.8.8.8:53 ajax.googleapis.com udp
GB 172.217.16.234:443 ajax.googleapis.com tcp
GB 142.250.178.4:443 www.google.com tcp
GB 142.251.30.156:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 td.doubleclick.net udp
US 216.239.32.36:443 region1.google-analytics.com tcp
BE 74.125.71.154:443 stats.g.doubleclick.net tcp
GB 172.217.16.227:443 www.google.co.uk tcp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 publickeyservice.pa.gcp.privacysandboxservices.com udp
US 8.8.8.8:53 publickeyservice.pa.aws.privacysandboxservices.com udp
US 34.54.30.30:443 publickeyservice.pa.gcp.privacysandboxservices.com tcp
GB 18.154.84.82:443 publickeyservice.pa.aws.privacysandboxservices.com tcp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 app.termly.io udp
US 104.18.15.11:443 app.termly.io tcp
US 104.18.15.11:443 app.termly.io udp
US 104.18.15.11:443 app.termly.io udp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 142.250.187.227:443 beacons.gcp.gvt2.com udp
GB 142.250.178.3:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 e2c21.gcp.gvt2.com udp
CA 34.130.135.16:443 e2c21.gcp.gvt2.com tcp
US 8.8.8.8:53 beacons.gvt2.com udp
GB 142.250.178.3:443 beacons.gvt2.com tcp
GB 142.250.187.238:443 google.com tcp
US 8.8.8.8:53 www.ssl.com udp
US 54.82.109.181:80 www.ssl.com tcp
US 8.8.8.8:53 inst.productivity-tools.ai udp
GB 3.165.148.13:443 inst.productivity-tools.ai tcp
GB 142.251.30.156:443 googleads.g.doubleclick.net udp
GB 142.251.30.156:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 b.clarity.ms udp
US 4.153.129.168:443 b.clarity.ms tcp
US 151.101.193.91:443 di-images.sftcdn.net udp
US 216.239.32.36:443 region1.google-analytics.com udp
US 151.101.1.91:443 di-images.sftcdn.net udp
US 172.67.20.127:443 api.btmessage.com tcp
US 8.8.8.8:53 assets.sftcdn.net udp
GB 172.217.16.227:443 www.google.co.uk udp
US 151.101.65.91:443 assets.sftcdn.net udp
GB 172.217.169.66:443 securepubads.g.doubleclick.net udp
GB 216.58.204.78:443 www.youtube.com udp
US 8.8.8.8:53 sdk.privacy-center.org udp
US 8.8.8.8:53 images.sftcdn.net udp
GB 172.217.169.66:443 securepubads.g.doubleclick.net udp
GB 18.165.160.52:443 sdk.privacy-center.org udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 www.clarity.ms udp
US 34.120.63.153:443 prebid.media.net udp
US 104.18.27.193:443 dsum-sec.casalemedia.com udp
US 8.8.8.8:53 0fbf791f7907a58c0baeb0229e8eb1d1.safeframe.googlesyndication.com udp
GB 142.250.200.1:443 0fbf791f7907a58c0baeb0229e8eb1d1.safeframe.googlesyndication.com tcp
US 130.211.23.194:443 api.btloader.com udp
GB 172.217.16.226:443 partner.googleadservices.com udp
US 8.8.8.8:53 navvy.media.net udp
US 34.160.55.127:443 navvy.media.net tcp
GB 142.250.140.132:443 ep2.adtrafficquality.google udp
US 8.8.8.8:53 cdn.ampproject.org udp
GB 216.58.201.97:443 tpc.googlesyndication.com udp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 172.217.16.226:443 partner.googleadservices.com udp
US 8.8.8.8:53 en.softonic.com udp
GB 142.250.178.3:443 beacons.gvt2.com tcp
US 8.8.8.8:53 rv-assets.softonic.com udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 8.8.8.8:53 prs.sftcdn.net udp
US 8.8.8.8:53 9f392a061e72f16f40467ae973b39774.safeframe.googlesyndication.com udp
GB 142.250.200.33:443 9f392a061e72f16f40467ae973b39774.safeframe.googlesyndication.com tcp
DE 157.90.33.121:443 uidsync.net tcp
US 34.36.200.111:443 ag.dns-finder.com udp
GB 216.58.204.78:443 www.youtube.com udp
US 8.8.8.8:53 sc.sftcdn.net udp
US 8.8.8.8:53 uidsync.net udp
DE 157.90.33.68:443 uidsync.net tcp
DE 157.90.33.68:443 uidsync.net tcp
GB 172.217.169.66:443 securepubads.g.doubleclick.net udp
GB 172.217.169.66:443 securepubads.g.doubleclick.net udp
GB 142.250.178.4:443 www.google.com udp
NL 178.250.1.9:443 dis.criteo.com tcp
US 8.8.8.8:53 b1sync.zemanta.com udp
NL 81.17.55.123:443 ssbsync.smartadserver.com tcp
GB 142.251.29.157:443 cm.g.doubleclick.net udp
US 50.31.142.95:443 b1sync.zemanta.com tcp
US 8.8.8.8:53 b1sync.outbrain.com udp
US 50.31.142.95:443 b1sync.outbrain.com tcp
US 8.8.8.8:53 gsf-fl.softonic.com udp
US 8.8.8.8:53 pbs-cs.yellowblue.io udp
US 104.18.27.193:443 dsum-sec.casalemedia.com udp
IE 52.215.99.98:443 pbs-cs.yellowblue.io tcp
GB 184.25.192.27:443 cs.media.net udp
DE 51.75.86.98:443 onetag-sys.com tcp
US 54.88.142.103:443 pxl.iqm.com tcp
US 35.244.159.8:443 eu-u.openx.net udp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
US 80.77.82.130:443 cs.krushmedia.com tcp
IE 52.95.115.196:443 aax-eu.amazon-adsystem.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 8.8.8.8:53 data.adsrvr.org udp
US 104.18.43.206:443 www.temu.com udp
NL 103.67.200.72:443 sync.adkernel.com tcp
US 67.202.105.21:443 ssc-cms.33across.com tcp
NL 185.89.210.90:443 ib.adnxs.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
NL 178.250.1.57:443 ssp-sync.criteo.com tcp
US 8.8.8.8:53 cm.adform.net udp
US 8.8.8.8:53 rtb.mfadsrvr.com udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 8.8.8.8:53 ads.stickyadstv.com udp
US 8.8.8.8:53 pixel.rubiconproject.com udp
US 8.8.8.8:53 cs.admanmedia.com udp
US 8.8.8.8:53 ssbsync-global.smartadserver.com udp
US 8.8.8.8:53 sync.crwdcntrl.net udp
DE 3.70.96.114:443 match.sharethrough.com tcp
US 8.8.8.8:53 cs.yellowblue.io udp
US 80.77.87.162:443 cs.admanmedia.com tcp
DK 37.157.5.87:443 cm.adform.net tcp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
IE 54.72.150.115:443 sync.crwdcntrl.net tcp
FR 154.54.250.81:443 ads.stickyadstv.com tcp
NL 103.67.200.72:443 sync.adkernel.com tcp
DE 37.252.171.53:443 secure.adnxs.com tcp
US 8.8.8.8:53 casale-match.dotomi.com udp
NL 35.214.249.5:443 csync.loopme.me tcp
US 98.82.156.107:443 s.amazon-adsystem.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
US 8.8.8.8:53 track.adform.net udp
IE 54.216.35.176:443 ap.lijit.com tcp
NL 35.214.199.88:443 rtb.mfadsrvr.com tcp
NL 89.149.193.104:443 rtb-csync.smartadserver.com tcp
DE 162.19.138.120:443 lb.eu-1-id5-sync.com tcp
NL 63.215.202.172:443 casale-match.dotomi.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
FR 34.1.1.166:443 visitor-adpone.omnitagjs.com tcp
DK 37.157.5.141:443 track.adform.net tcp
IE 52.213.73.46:443 ce.lijit.com tcp
NL 82.145.213.8:443 t.adx.opera.com tcp
US 76.223.111.18:443 eb2.3lift.com tcp
US 8.8.8.8:53 a.sportradarserving.com udp
GB 2.22.144.72:443 hb.trustedstack.com tcp
IE 52.50.71.86:443 jadserve.postrelease.com tcp
US 80.77.84.209:443 usync.smxconv.com tcp
US 80.77.81.74:443 sync.screencore.io tcp
US 80.77.84.96:443 csync.copper6.com tcp
US 54.86.210.228:443 sync.bfmio.com tcp
GB 18.244.140.50:443 api-ssp.spot.im tcp
US 35.71.131.137:443 data.adsrvr.org tcp
US 3.208.183.244:443 sync.srv.stackadapt.com tcp
IE 34.246.208.138:443 ads.yieldmo.com tcp
US 192.132.33.67:443 bttrack.com tcp
US 50.31.142.31:443 sync.outbrain.com tcp
US 35.244.174.68:443 id.rlcdn.com udp
US 172.240.45.96:443 sync.aniview.com tcp
DE 103.231.98.107:443 image6.pubmatic.com tcp
NL 141.226.228.48:443 sync.taboola.com tcp
NL 34.1.242.226:443 s.ad.smaato.net tcp
IE 52.210.241.74:443 rtb.gumgum.com tcp
DE 3.70.96.114:443 match.sharethrough.com tcp
US 98.82.156.107:443 s.amazon-adsystem.com tcp
NL 35.214.183.184:443 a.sportradarserving.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
FR 34.1.1.166:443 visitor-adpone.omnitagjs.com tcp
US 98.82.156.107:443 s.amazon-adsystem.com tcp
US 3.208.183.244:443 sync.srv.stackadapt.com tcp
DE 37.252.171.53:443 secure.adnxs.com tcp
US 80.77.82.130:443 cs.krushmedia.com tcp
DK 37.157.5.141:443 track.adform.net tcp
NL 35.214.183.184:443 a.sportradarserving.com udp
IE 52.210.89.164:443 match.prod.bidr.io tcp
NL 35.214.249.5:443 csync.loopme.me tcp
IE 54.216.35.176:443 ap.lijit.com tcp
IE 54.216.35.176:443 ap.lijit.com tcp
IE 54.216.35.176:443 ap.lijit.com tcp
IE 54.216.35.176:443 ap.lijit.com tcp
US 8.8.8.8:53 dsum.casalemedia.com udp
US 104.18.27.193:443 dsum.casalemedia.com tcp
US 8.8.8.8:53 pm.w55c.net udp
BE 35.210.130.15:443 pm.w55c.net tcp
BE 35.210.130.15:443 pm.w55c.net udp
US 104.22.74.216:443 btloader.com tcp
US 4.153.129.168:443 b.clarity.ms tcp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 150.171.28.11:443 edge.microsoft.com tcp
US 4.153.129.168:443 b.clarity.ms tcp
US 150.171.28.10:443 bat.bing.com tcp
GB 142.251.30.156:443 googleads.g.doubleclick.net udp
GB 172.217.16.227:443 www.google.co.uk udp
US 8.8.8.8:53 visitor.omnitagjs.com udp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
US 8.8.8.8:53 sync.serverbid.com udp
US 8.8.8.8:53 aorta.clickagy.com udp
US 8.8.8.8:53 ap.lijit.com udp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 69.173.146.5:443 pixel-us-east.rubiconproject.com tcp
DE 91.228.74.200:443 cms.quantserve.com tcp
NL 35.204.158.49:443 um.simpli.fi tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 8.8.8.8:53 sync.smartadserver.com udp
US 8.8.8.8:53 prebid.a-mo.net udp
DE 51.75.86.98:443 onetag-sys.com tcp
US 8.8.8.8:53 hb.trustedstack.com udp
IE 52.95.125.22:443 aax-eu.amazon-adsystem.com tcp
NL 81.17.55.123:443 ssbsync-global.smartadserver.com tcp
NL 185.89.210.90:443 ib.adnxs.com tcp
GB 143.204.176.88:443 sync.serverbid.com tcp
DE 37.252.171.53:443 secure.adnxs.com tcp
US 52.71.154.121:443 aorta.clickagy.com tcp
GB 184.26.56.245:443 ads.pubmatic.com tcp
NL 103.67.200.72:443 sync.adkernel.com tcp
NL 103.67.200.72:443 sync.adkernel.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
US 80.77.84.96:443 csync.copper6.com tcp
US 8.8.8.8:53 ssc-cms.33across.com udp
US 8.8.8.8:53 api-ssp.spot.im udp
NL 163.5.194.30:443 prebid.a-mo.net tcp
FR 217.182.178.234:443 sync.smartadserver.com tcp
US 80.77.81.74:443 sync.screencore.io tcp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
US 8.8.8.8:53 match.sharethrough.com udp
US 35.244.159.8:443 eu-u.openx.net udp
NL 35.214.249.5:443 csync.loopme.me tcp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 192.132.33.67:443 bttrack.com tcp
US 8.8.8.8:53 ads.yieldmo.com udp
US 8.8.8.8:53 id.rlcdn.com udp
GB 142.251.29.157:443 cm.g.doubleclick.net udp
US 104.18.43.206:443 www.temu.com udp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
US 8.8.8.8:53 sync-tm.everesttech.net udp
US 35.244.174.68:443 id.rlcdn.com udp
DE 3.79.111.41:443 match.sharethrough.com tcp
US 67.202.105.21:443 ssc-cms.33across.com tcp
US 104.18.27.193:443 ssum-sec.casalemedia.com udp
US 3.208.183.244:443 sync.srv.stackadapt.com tcp
NL 193.0.160.130:443 p.rfihub.com tcp
US 8.8.8.8:53 contextual.media.net udp
GB 184.25.192.27:443 contextual.media.net udp
US 8.8.8.8:53 rtb.gumgum.com udp
IE 34.246.39.55:443 rtb.gumgum.com tcp
GB 18.165.160.52:443 sdk.privacy-center.org udp
US 151.101.65.91:443 gsf-fl.softonic.com udp
US 151.101.193.91:443 gsf-fl.softonic.com udp
US 150.171.28.10:443 bat.bing.com tcp
GB 172.217.169.66:443 securepubads.g.doubleclick.net udp
GB 13.224.225.87:443 c.amazon-adsystem.com tcp
GB 142.250.178.4:443 www.google.com udp
US 13.107.246.64:443 www.clarity.ms tcp
US 172.67.20.127:443 api.btmessage.com tcp
US 8.8.8.8:53 gta-5-real-life-mod.en.softonic.com udp
US 104.22.74.216:443 btloader.com tcp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
GB 52.84.90.126:443 config.aps.amazon-adsystem.com tcp
US 104.22.63.145:443 cdn.debugbear.com tcp
US 104.22.52.86:443 cdn.id5-sync.com tcp
US 216.239.32.36:443 region1.google-analytics.com udp
GB 13.224.225.87:443 c.amazon-adsystem.com tcp
GB 172.217.169.66:443 securepubads.g.doubleclick.net udp
GB 216.58.204.78:443 www.youtube.com udp
GB 142.250.178.3:443 beacons.gvt2.com udp
GB 142.250.178.3:443 beacons.gvt2.com udp
US 8.8.8.8:53 e2c63.gcp.gvt2.com udp
GB 142.250.178.3:443 beacons.gvt2.com udp
IL 34.165.122.223:443 e2c63.gcp.gvt2.com tcp
GB 216.58.204.78:443 www.youtube.com udp
US 104.22.5.65:443 ad-delivery.net tcp
US 34.36.200.111:443 ag.dns-finder.com udp
GB 142.250.178.3:443 beacons.gvt2.com tcp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 prebid.media.net udp
NL 185.64.189.112:443 hbopenbid.pubmatic.com tcp
DE 49.12.171.126:443 shb.richaudience.com tcp
US 104.18.26.193:443 htlb.casalemedia.com udp
IE 52.49.49.165:443 ap.lijit.com tcp
US 34.120.63.153:443 prebid.media.net udp
FR 34.1.1.166:443 visitor.omnitagjs.com tcp
US 104.22.74.216:443 btloader.com tcp
US 34.120.63.153:443 prebid.media.net tcp
US 4.153.129.168:443 b.clarity.ms tcp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 2eb9ba07c1a4d1a0a019444593207015.safeframe.googlesyndication.com udp
US 130.211.23.194:443 api.btloader.com udp
GB 142.250.200.1:443 2eb9ba07c1a4d1a0a019444593207015.safeframe.googlesyndication.com tcp
GB 18.244.143.99:443 aax.amazon-adsystem.com tcp
GB 142.250.187.238:443 google.com udp
GB 172.217.169.66:443 securepubads.g.doubleclick.net udp
IE 52.49.46.71:443 ce.lijit.com tcp
DE 148.251.20.72:443 sync.richaudience.com tcp
FR 34.1.1.166:443 visitor.omnitagjs.com tcp
US 172.67.20.127:443 api.btmessage.com tcp
GB 172.217.169.66:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 150.171.27.11:443 edge.microsoft.com tcp
US 8.8.8.8:53 en.softonic.com udp
GB 142.250.178.3:443 beacons.gvt2.com tcp
GB 142.250.178.3:443 beacons.gvt2.com udp
US 8.8.8.8:53 sc.sftcdn.net udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
GB 172.217.16.227:443 www.google.co.uk udp
US 8.8.8.8:53 sdk.privacy-center.org udp
US 8.8.8.8:53 assets.sftcdn.net udp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 rv-assets.softonic.com udp
US 8.8.8.8:53 www.clarity.ms udp
US 8.8.8.8:53 images.sftcdn.net udp
US 8.8.8.8:53 b.clarity.ms udp
US 4.153.129.168:443 b.clarity.ms tcp
GB 172.217.16.226:443 partner.googleadservices.com udp
US 8.8.8.8:53 f476a925955458769bee7c9645a75035.safeframe.googlesyndication.com udp
GB 172.217.16.225:443 f476a925955458769bee7c9645a75035.safeframe.googlesyndication.com tcp
GB 142.250.140.132:443 ep2.adtrafficquality.google udp
GB 172.217.16.226:443 partner.googleadservices.com udp
US 8.8.8.8:53 gta-iv.en.softonic.com udp
US 151.101.1.91:443 gta-iv.en.softonic.com tcp
US 151.101.1.91:443 gta-iv.en.softonic.com tcp
US 8.8.8.8:53 wct.softonic.com udp
DE 162.19.138.120:443 lb.eu-1-id5-sync.com tcp
US 172.67.74.173:443 wct.softonic.com tcp
N/A 127.0.0.1:443 tcp
US 8.8.8.8:53 fb524b00a47969f37f7cd50caeddfe63.safeframe.googlesyndication.com udp
GB 142.250.179.225:443 fb524b00a47969f37f7cd50caeddfe63.safeframe.googlesyndication.com tcp
DE 162.19.138.117:443 lb.eu-1-id5-sync.com tcp
N/A 127.0.0.1:443 tcp
US 172.67.74.173:443 wct.softonic.com tcp
FR 57.129.92.70:443 lbs.eu-1-id5-sync.com tcp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 104.18.26.193:443 ssum-sec.casalemedia.com tcp
US 8.8.8.8:53 navvy.media.net udp
US 34.160.55.127:443 navvy.media.net udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
GB 216.58.201.97:443 tpc.googlesyndication.com udp
US 3.215.89.222:443 sync.srv.stackadapt.com tcp
GB 142.250.178.4:443 www.google.com udp
GB 216.58.201.97:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 c1.adform.net udp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
NL 35.214.249.5:443 csync.loopme.me tcp
US 8.8.8.8:53 sync.teads.tv udp
US 8.8.8.8:53 cs-ob.yellowblue.io udp
US 8.8.8.8:53 dsp.360yield.com udp
GB 142.251.29.157:443 cm.g.doubleclick.net udp
DK 37.157.2.13:443 c1.adform.net tcp
US 151.101.194.132:443 sync.teads.tv tcp
IE 34.249.49.98:443 dsp.360yield.com tcp
IE 63.32.36.167:443 cs-ob.yellowblue.io tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
IE 54.170.123.81:443 ads.yieldmo.com tcp
US 8.8.8.8:53 ssum.casalemedia.com udp
NL 208.93.169.131:443 bh.contextweb.com tcp
US 35.244.159.8:443 eu-u.openx.net tcp
IE 52.49.46.71:443 ce.lijit.com tcp
GB 18.165.160.56:443 sdk.privacy-center.org udp
NL 103.67.200.72:443 sync.adkernel.com tcp
US 67.202.105.21:443 ssc-cms.33across.com tcp
DE 51.75.86.98:443 onetag-sys.com tcp
US 52.1.176.129:443 cs-server-s2s.yellowblue.io tcp
NL 81.17.55.123:443 ssbsync-global.smartadserver.com tcp
NL 103.67.200.72:443 sync.adkernel.com tcp
FR 217.182.178.234:443 rtb-csync.smartadserver.com tcp
DE 162.19.138.120:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 equativ-match.dotomi.com udp
DE 3.79.111.41:443 match.sharethrough.com tcp
NL 89.207.16.201:443 equativ-match.dotomi.com tcp
DE 37.252.171.53:443 secure.adnxs.com tcp
US 8.8.8.8:53 x.bidswitch.net udp
US 76.223.111.18:443 eb2.3lift.com tcp
GB 18.244.140.50:443 api-ssp.spot.im tcp
US 35.71.131.137:443 data.adsrvr.org tcp
NL 35.214.249.5:443 csync.loopme.me tcp
GB 2.22.144.72:443 hb.trustedstack.com tcp
US 3.208.183.244:443 sync.srv.stackadapt.com tcp
US 35.244.159.8:443 eu-u.openx.net udp
IE 52.50.71.86:443 jadserve.postrelease.com tcp
IE 52.49.49.165:443 ap.lijit.com tcp
US 80.77.84.96:443 csync.copper6.com tcp
IE 54.170.123.81:443 ads.yieldmo.com tcp
US 192.132.33.67:443 bttrack.com tcp
US 35.244.174.68:443 id.rlcdn.com udp
US 35.244.159.8:443 eu-u.openx.net tcp
US 80.77.81.74:443 sync.screencore.io tcp
US 8.8.8.8:53 visitor.europe-west9.gcp.omnitagjs.com udp
FR 34.1.1.166:443 visitor.europe-west9.gcp.omnitagjs.com tcp
NL 34.1.242.226:443 s.ad.smaato.net tcp
NL 35.214.136.108:443 x.bidswitch.net tcp
US 151.101.130.49:443 sync-tm.everesttech.net tcp
NL 193.0.160.130:443 p.rfihub.com tcp
US 8.8.8.8:53 6e026b28980df7482e9640dec460918e.safeframe.googlesyndication.com udp
US 8.8.8.8:53 www.eneba.com udp
US 104.22.56.159:443 www.eneba.com tcp
US 104.22.56.159:443 www.eneba.com tcp
NL 103.67.200.72:443 sync.adkernel.com tcp
US 104.22.56.159:443 www.eneba.com udp
US 8.8.8.8:53 static.eneba.games udp
US 8.8.8.8:53 products.eneba.games udp
US 8.8.8.8:53 imgproxy.eneba.games udp
US 8.8.8.8:53 img.youtube.com udp
US 8.8.8.8:53 assets.eneba.games udp
GB 79.127.165.112:443 imgproxy.eneba.games tcp
GB 79.127.165.112:443 imgproxy.eneba.games tcp
GB 79.127.165.112:443 imgproxy.eneba.games tcp
GB 79.127.165.112:443 imgproxy.eneba.games tcp
GB 79.127.165.112:443 imgproxy.eneba.games tcp
GB 79.127.165.112:443 imgproxy.eneba.games tcp
GB 79.127.165.112:443 imgproxy.eneba.games tcp
GB 79.127.165.112:443 imgproxy.eneba.games tcp
GB 79.127.165.112:443 imgproxy.eneba.games tcp
GB 79.127.165.112:443 imgproxy.eneba.games tcp
US 104.26.11.134:443 assets.eneba.games tcp
US 8.8.8.8:53 slider.eneba.games udp
GB 142.250.187.238:443 img.youtube.com tcp
GB 79.127.165.112:443 slider.eneba.games tcp
GB 79.127.165.112:443 slider.eneba.games tcp
GB 79.127.165.112:443 slider.eneba.games tcp
GB 79.127.165.112:443 slider.eneba.games tcp
GB 79.127.165.112:443 slider.eneba.games tcp
GB 79.127.165.112:443 slider.eneba.games tcp
GB 79.127.165.112:443 slider.eneba.games udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.200.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 8.8.8.8:53 ihjzq5lw2r-dsn.algolia.net udp
US 8.8.8.8:53 widget.trustpilot.com udp
US 104.18.94.41:443 challenges.cloudflare.com tcp
GB 23.106.239.52:443 ihjzq5lw2r-dsn.algolia.net tcp
GB 54.192.137.11:443 widget.trustpilot.com tcp
GB 79.127.165.112:443 slider.eneba.games udp
US 104.18.94.41:443 challenges.cloudflare.com udp
US 8.8.8.8:53 mx.eneba.com udp
US 8.8.8.8:53 static.hotjar.com udp
US 8.8.8.8:53 sdk.nsureapi.com udp
GB 18.165.242.88:443 static.hotjar.com tcp
GB 54.192.137.11:443 widget.trustpilot.com tcp
GB 54.192.137.11:443 widget.trustpilot.com tcp
GB 18.164.68.106:443 sdk.nsureapi.com tcp
US 8.8.8.8:53 script.hotjar.com udp
GB 18.245.253.48:443 script.hotjar.com tcp
US 8.8.8.8:53 region1.analytics.google.com udp
BE 74.125.71.154:443 stats.g.doubleclick.net tcp
US 216.239.32.36:443 region1.analytics.google.com tcp
US 216.239.32.36:443 region1.analytics.google.com tcp
GB 172.217.16.227:443 www.google.co.uk tcp
GB 18.164.68.106:443 sdk.nsureapi.com tcp
US 8.8.8.8:53 vc.hotjar.io udp
GB 18.245.218.86:443 vc.hotjar.io tcp
US 216.239.32.36:443 region1.analytics.google.com udp
US 104.26.11.134:443 assets.eneba.games udp
US 8.8.8.8:53 avatars.eneba.games udp
GB 18.164.68.106:443 sdk.nsureapi.com tcp
US 8.8.8.8:53 sdk-service.nsureapi.com udp
US 8.8.8.8:53 metrics.nsureapi.com udp
DE 3.126.35.244:443 sdk-service.nsureapi.com tcp
DE 3.126.35.244:443 sdk-service.nsureapi.com tcp
US 35.71.187.51:443 metrics.nsureapi.com tcp
US 8.8.8.8:53 prs.sftcdn.net udp
US 35.71.187.51:443 metrics.nsureapi.com udp
US 8.8.8.8:53 use1-turn.fpjs.io udp
US 8.8.8.8:53 use1-turn.fpjs.io udp
DE 18.196.235.131:3478 use1-turn.fpjs.io tcp
DE 18.196.235.131:3478 use1-turn.fpjs.io tcp
US 35.71.187.51:443 metrics.nsureapi.com tcp
US 8.8.8.8:53 981030a1ed9471c483758e65456c2aa2.safeframe.googlesyndication.com udp
GB 142.250.200.33:443 981030a1ed9471c483758e65456c2aa2.safeframe.googlesyndication.com tcp
US 35.71.187.51:443 metrics.nsureapi.com udp
US 8.8.8.8:53 push-sdk.com udp
DE 157.90.33.72:443 push-sdk.com tcp
US 8.8.8.8:53 di-images.sftcdn.net udp
US 8.8.8.8:53 afs.googleusercontent.com udp
GB 142.250.200.1:443 afs.googleusercontent.com tcp
GB 142.250.200.1:443 afs.googleusercontent.com tcp
N/A 10.127.0.111:64530 udp
DE 157.90.33.68:443 push-sdk.com tcp
DE 157.90.33.68:443 push-sdk.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
GB 142.250.178.4:443 www.google.com tcp
GB 142.251.30.156:443 googleads.g.doubleclick.net tcp
GB 142.251.30.156:443 googleads.g.doubleclick.net tcp
GB 142.251.30.156:443 googleads.g.doubleclick.net tcp
GB 142.251.30.156:443 googleads.g.doubleclick.net tcp
GB 142.251.30.156:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 eneba-static.com udp
US 8.8.8.8:53 static.criteo.net udp
US 104.21.82.184:443 eneba-static.com tcp
US 104.21.82.184:443 eneba-static.com tcp
US 104.21.82.184:443 eneba-static.com tcp
GB 163.70.147.23:443 connect.facebook.net tcp
NL 178.250.1.39:443 static.criteo.net tcp
GB 142.250.178.4:443 www.google.com udp
GB 172.217.16.227:443 www.google.co.uk udp
US 8.8.8.8:53 www.redditstatic.com udp
US 8.8.8.8:53 analytics.tiktok.com udp
US 150.171.27.10:443 bat.bing.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
NL 178.250.1.11:443 gum.criteo.com tcp
GB 2.18.27.96:443 analytics.tiktok.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
GB 142.251.30.156:443 googleads.g.doubleclick.net udp
US 151.101.1.140:443 www.redditstatic.com tcp
US 8.8.8.8:53 bat.bing.net udp
US 8.8.8.8:53 pixel-config.reddit.com udp
US 13.107.246.64:443 www.clarity.ms tcp
US 150.171.28.10:443 bat.bing.net tcp
US 151.101.193.140:443 pixel-config.reddit.com tcp
US 8.8.8.8:53 sslwidget.criteo.com udp
NL 178.250.1.9:443 sslwidget.criteo.com tcp
US 8.8.8.8:53 b.clarity.ms udp
US 4.153.129.168:443 b.clarity.ms tcp
US 8.8.8.8:53 measurement-api.criteo.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 r.casalemedia.com udp
NL 35.214.136.108:443 x.bidswitch.net tcp
GB 142.251.29.157:443 cm.g.doubleclick.net tcp
NL 178.250.1.11:443 gum.criteo.com tcp
DE 162.19.138.120:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 ad.360yield.com udp
US 8.8.8.8:53 contextual.media.net udp
US 8.8.8.8:53 exchange.mediavine.com udp
US 104.18.26.193:443 r.casalemedia.com tcp
NL 178.250.1.24:443 measurement-api.criteo.com tcp
DE 35.156.184.164:443 exchange.mediavine.com tcp
GB 184.25.192.27:443 contextual.media.net tcp
IE 34.255.144.221:443 ad.360yield.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
IE 52.50.71.86:443 jadserve.postrelease.com tcp
US 8.8.8.8:53 simage2.pubmatic.com udp
US 50.31.142.31:443 sync.outbrain.com tcp
US 8.8.8.8:53 dpm.demdex.net udp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
FR 217.182.178.234:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 sync-t1.taboola.com udp
DE 103.231.98.109:443 simage2.pubmatic.com tcp
US 8.8.8.8:53 criteo-sync.teads.tv udp
IE 34.243.141.18:443 dpm.demdex.net tcp
NL 141.226.228.48:443 sync-t1.taboola.com tcp
US 151.101.194.132:443 criteo-sync.teads.tv tcp
US 8.8.8.8:53 criteo-partners.tremorhub.com udp
US 76.223.111.18:443 eb2.3lift.com tcp
US 8.8.8.8:53 ad.yieldlab.net udp
US 18.208.85.142:443 criteo-partners.tremorhub.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
GB 184.26.56.119:443 ad.yieldlab.net tcp
US 8.8.8.8:53 aa.agkn.com udp
IE 108.128.172.51:443 aa.agkn.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
DE 3.126.35.244:443 sdk-service.nsureapi.com tcp
US 8.8.8.8:53 sentry.eneba.com udp
US 172.67.30.209:443 sentry.eneba.com tcp
FR 217.182.178.234:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 match.prod.bidr.io udp
US 8.8.8.8:53 pbs-cs.yellowblue.io udp
IE 52.48.163.253:443 match.prod.bidr.io tcp
NL 103.67.200.72:443 sync.adkernel.com tcp
NL 185.89.210.90:443 ib.adnxs.com tcp
DE 3.79.111.41:443 match.sharethrough.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
NL 81.17.55.123:443 ssbsync-global.smartadserver.com tcp
NL 35.214.249.5:443 csync.loopme.me tcp
NL 103.67.200.72:443 sync.adkernel.com tcp
NL 35.204.158.49:443 um.simpli.fi tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
US 52.71.154.121:443 aorta.clickagy.com tcp
IE 52.95.125.22:443 aax-eu.amazon-adsystem.com tcp
NL 82.145.213.8:443 t.adx.opera.com tcp
US 69.173.146.5:443 pixel-us-east.rubiconproject.com tcp
DE 91.228.74.200:443 cms.quantserve.com tcp
GB 143.204.176.88:443 sync.serverbid.com tcp
US 80.77.82.130:443 cs.krushmedia.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
DE 37.252.171.53:443 secure.adnxs.com tcp
US 3.208.183.244:443 sync.srv.stackadapt.com tcp
US 80.77.81.74:443 sync.screencore.io tcp
US 80.77.84.96:443 csync.copper6.com tcp
NL 178.250.1.9:443 sslwidget.criteo.com tcp
US 8.8.8.8:53 s.amazon-adsystem.com udp
US 104.18.37.193:443 s.tribalfusion.com udp
US 98.82.158.241:443 s.amazon-adsystem.com tcp
NL 35.214.183.184:443 a.sportradarserving.com tcp
US 104.18.43.206:443 www.temu.com udp
US 80.77.84.96:443 csync.copper6.com tcp
US 80.77.84.96:443 csync.copper6.com tcp
GB 184.25.192.27:443 contextual.media.net udp
US 8.8.8.8:53 c21lg-d.media.net udp
US 54.88.142.103:443 pxl.iqm.com tcp
GB 184.26.56.27:443 c21lg-d.media.net tcp
US 8.8.8.8:53 dsum-sec.casalemedia.com udp
US 8.8.8.8:53 dsum.casalemedia.com udp
US 8.8.8.8:53 sync.bfmio.com udp
US 50.31.142.31:443 sync.outbrain.com tcp
US 8.8.8.8:53 sync.aniview.com udp
DE 103.231.98.107:443 image6.pubmatic.com tcp
NL 141.226.228.48:443 sync-t1.taboola.com tcp
US 44.212.120.232:443 sync.bfmio.com tcp
US 172.240.45.96:443 sync.aniview.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.151.95:443 ogads-pa.clients6.google.com udp
GB 142.251.30.156:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.16.238:443 play.google.com udp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 142.250.151.95:443 ogads-pa.clients6.google.com udp
GB 142.250.200.10:443 content-autofill.googleapis.com tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 172.217.16.238:443 play.google.com udp
US 8.8.8.8:53 yandex.com udp
US 8.8.8.8:53 yastatic.net udp
RU 37.9.64.225:443 yastatic.net tcp
RU 37.9.64.225:443 yastatic.net tcp
RU 37.9.64.225:443 yastatic.net tcp
RU 37.9.64.225:443 yastatic.net tcp
RU 37.9.64.225:443 yastatic.net tcp
RU 37.9.64.225:443 yastatic.net tcp
RU 37.9.64.225:443 yastatic.net tcp
RU 37.9.64.225:443 yastatic.net tcp
RU 37.9.64.225:443 yastatic.net tcp
RU 37.9.64.225:443 yastatic.net tcp
GB 172.217.16.227:443 www.google.co.uk udp
RU 77.88.44.55:443 yandex.com tcp
RU 77.88.44.55:443 yandex.com tcp
US 8.8.8.8:53 static-mon.yandex.net udp
RU 77.88.44.55:443 yandex.com tcp
US 8.8.8.8:53 mc.yandex.ru udp
RU 77.88.44.55:443 yandex.com tcp
RU 77.88.44.55:443 yandex.com tcp
RU 87.250.251.92:443 static-mon.yandex.net tcp
RU 87.250.250.119:443 mc.yandex.ru tcp
US 8.8.8.8:53 yandex.ru udp
RU 5.255.255.77:443 yandex.ru tcp
US 8.8.8.8:53 mc.yandex.com udp
RU 87.250.250.119:443 mc.yandex.com tcp
RU 87.250.250.119:443 mc.yandex.com tcp
RU 5.255.255.77:443 yandex.ru tcp
US 8.8.8.8:53 edge.microsoft.com udp
RU 87.250.251.92:443 static-mon.yandex.net tcp
US 8.8.8.8:53 avatars.mds.yandex.net udp
US 8.8.8.8:53 favicon.yandex.net udp
RU 87.250.247.183:443 avatars.mds.yandex.net tcp
RU 87.250.250.36:443 favicon.yandex.net tcp
US 8.8.8.8:53 yabs.yandex.ru udp
RU 87.250.250.91:443 yabs.yandex.ru tcp
RU 87.250.250.91:443 yabs.yandex.ru tcp
GB 142.250.178.3:443 beacons.gvt2.com udp
GB 142.250.178.3:443 beacons.gvt2.com tcp
GB 142.250.178.3:443 beacons.gvt2.com udp
GB 142.250.178.3:443 beacons.gvt2.com udp
GB 142.250.187.238:443 img.youtube.com udp
US 8.8.8.8:53 egress.yandex.net udp
RU 5.255.197.17:443 egress.yandex.net tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 522beb95f5f7adf551fb466aa9017241
SHA1 f8cd81f53849cb654e2540bd49eaacc08203a260
SHA256 4a02e8b092a28432a421b38a99b1d65830680d252392387cdf8fe2560693d2a0
SHA512 b1acbab9d87557209d04011e999f149cb10ea40506832c4b589a83714cd6272bcab1ae0ab74c5a5ab801aebf1ffe04aefca448e9af39b0a04da779dc2582bf2d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 b345fa7ab820f2300f851d6fabfe9396
SHA1 61c0590a3d8d426504f58b2b8a767b077a6a0232
SHA256 2c52262ba509370ee8ab62adebaf38a04995bef9c6a54f89ab9d0bd07c60c8ba
SHA512 1774b312c665ec536461e1ea4602137e23659af4e1c37104ba4531b5f7eae9a9954b7d4b6b78b2dc1b1c5d0ba249d5e6975bcc64d6c2cc71b230cb88a67674b5

\??\pipe\crashpad_4452_MPCEYFLSWGAXLGUC

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 36326fcbb6119326e7c8aa24c4156548
SHA1 ed128a9727e1d58b970e732b8c66fc827b18372b
SHA256 ac41191dcaf36d91f7bd9a077bc59b1bd7218daa27b263d1da6a548f58264987
SHA512 ed5c79f1edc0c65a1cf0ace91ea5538245c1569c3b25ae3cdf033ffcb55d37e7b09baec36570e82fc1525c24224cea08a53abab7e52db6376f48f099ffefd1fe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

MD5 5be1d82e500934a515dc45b7d69f764d
SHA1 5c77e214745ac92a82be6862e70e1c5f3d12cc50
SHA256 7bca4f21428a118ac4718231e1e413067d50aaff7455acff80155eae06973d6e
SHA512 608a687a715a444029734f53a4b8186b8b8812ce60a732cefbac92bbef07fd4a8d69b0d02cae2f5fec2349b1a419710b800cb13f21688a4774a18bc933e324ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log

MD5 3e8d3bff658077d9b71bb8f6017f4e41
SHA1 4ce0a008dfa30baee0e2a8037151d726955216af
SHA256 b13c4e2718d966e9d0a50304e4bacb6c739057340a65245f38aeb1d0be6214e5
SHA512 c63ea350297dd80458f74037b7f52bf711ba2cbbec9fe2431220b60a82b6488245c6361c74f7803c9e38f7140fe7cf9a2343370a3ad259ce3e380a7daf92fd62

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps

MD5 06d55006c2dec078a94558b85ae01aef
SHA1 6a9b33e794b38153f67d433b30ac2a7cf66761e6
SHA256 088bb586f79dd99c5311d14e1560bbe0bb56225a1b4432727d2183341c762bcd
SHA512 ec190652af9c213ccbb823e69c21d769c64e3b9bae27bea97503c352163bf70f93c67cebbf327bfc73bfd632c9a3ae57283b6e4019af04750fe18a2410a68e60

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a061221f5c970cab9d0130f8bad1846a
SHA1 7f88fc1af44b704e97fdbf138ac46e07270d30ef
SHA256 1c965b4dc87d8928c9a64fa5a82752f6e6e025e53d24c6fb35a272e28f74e417
SHA512 956ece04bb274e4d56b019d6d2a05e8d27079354a43c265faaa1ee9ff19d180d9355c34264597d32106e3c6d23c8bdc12b0fbb1057ce4f088a5153b312e05783

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\extensions_crx_cache\ghbmnnjooekpmoecnnnilnnbdlolhkhi_1.0a6b11a5b642bf6c1938189707e109a1f48eb02018cfb146f09e74a753567d1b

MD5 b384b2c8acf11d0ca778ea05a710bc01
SHA1 4d3e01b65ed401b19e9d05e2218eeb01a0a65972
SHA256 0a6b11a5b642bf6c1938189707e109a1f48eb02018cfb146f09e74a753567d1b
SHA512 272dd92a3efbf6cefe4b13127e09a9bd6455f5fc4913e7477c6712e4c3fd67efe87bd0d5bf1ec6b1e65f8d3aa0ac99d5bcf88d8a44d3f3116527253a01dde3be

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 10a273a79d12a4f248ea5262054b4d39
SHA1 19ba4e34fab84d0931bb979ac25b503365367fc1
SHA256 46abbde55cdf25bb335dc7fe9d32ad44cc65da2ff7c04d62421eaf3236a48056
SHA512 c9733249f9ff121af9603baae7a4d9b92fe0337c97aa90aba182f976abd4b188bf0bba589dc8da42f6d163cb9fdaa9baedc225f45b8d3d2fef48df84196349b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 4e687af6a9723baecaa6a8fc8dda8093
SHA1 c71ad651c53d21a213e4d330ff75855ea157e28b
SHA256 1f4008118333acfc259d2fc159762bd9210519ce98966f9ac9397535ca5cf25b
SHA512 6eebe3a2e547a7a21102900982f1a37e32c9d32f8a97925a7fb390ebbe485e487a6776d1dd091f86466a7b45fa1018cb59e418f8d13c2fca27891821ca330d55

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

MD5 20d4b8fa017a12a108c87f540836e250
SHA1 1ac617fac131262b6d3ce1f52f5907e31d5f6f00
SHA256 6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d
SHA512 507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

C:\Users\Admin\Downloads\CCSetup.exe.crdownload

MD5 fe50297191b241c60616f04e2febb8bb
SHA1 27db17dc474df0a37ddbbb335d7b5802e671c77c
SHA256 e8adc6e787862b84a865b06a8efaecb272f618cc8733b9ae686496418ba6b35b
SHA512 452779d3d3b2b7c9e086f2921b7bf03250492f1514453bc173c76376d6b988380c807af7e7692fd68983c08fd312c85dc70026a354b20a0388dd0967f330444f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 af0319c5f4110161b89b119a80585ef4
SHA1 deb2c80ea86fa3ac163e90966464fe27fef3f9d7
SHA256 89786e0132071c2c2527ec9216f6675d2a0bc335bd477a1eef6e105892387d37
SHA512 1a0e3aef56f55f8cec90a1e9e9da9ed3f389381b507a01babb5042dc8019938ad77255b2a3df9a57a2e8563ec82e0ff48ed2d18fdc88461f15374fb3d40f6ea8

C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\_ISMSIDEL.INI

MD5 07c6316c4407019b9e16a7223d530894
SHA1 d16e2794f0ea6b2532bd17be46512c42311305ec
SHA256 202cb0db5e5ecaf37d81ae0fdbede756db218ed9cf088238e7ff1ee68ce6c3eb
SHA512 71b43fa1097093bea33dddce6391a70fb79530f6ffa77798fe465551a3edcd53e2595d76a18a8ed16e5556004746bd76a5196dcd1052d950cdcfe31acae1a21f

C:\Users\Admin\AppData\Local\Temp\~A1FF.tmp

MD5 e8c4db7e72f0c84a72e6e08cf8e7d10b
SHA1 6280e66a804839ee5abe0b8aa83406e6b49ca583
SHA256 5bf7b082ed0f731c57ea5c1a63cb30df9c68100a8acc37ee4568dc1fb891ef33
SHA512 47f1d67b94086588d0c543dce253a6c41dd21d83ef52f031d306d4f920fe366218deb67e8a4627e72f1cba5e26a33cc40074ad78ec042c5241be051c5fffd903

C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\_ISMSIDEL.INI

MD5 2c2ed30ab2c5e240a669186942cfa3da
SHA1 6388c8603fd20f4b57ea2be960ff89595984a141
SHA256 a8ebb3132aa6729b97a1e055326367eb220879d6ad4d2b8807cd20d7fdcc8c37
SHA512 5ff7515c659da0b448e10bced2ad5a96c4e853e22e22971837aecbd2316bd2630763c8c5cbcc5c27be0b6cbc2847e7d57d9c041f04615be101f0cc99412aae7a

C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\0x0409.ini

MD5 a108f0030a2cda00405281014f897241
SHA1 d112325fa45664272b08ef5e8ff8c85382ebb991
SHA256 8b76df0ffc9a226b532b60936765b852b89780c6e475c152f7c320e085e43948
SHA512 d83894b039316c38915a789920758664257680dcb549a9b740cf5361addbee4d4a96a3ff2999b5d8acfb1d9336da055ec20012d29a9f83ee5459f103fbeec298

C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\CCSetup.msi

MD5 efcad86241e5215071f90eb1e158925d
SHA1 db7fdf0ff9e92fa90954d474343487d9c803f80a
SHA256 ddcc94d8d33fb38f10e5630b3fafc0d92180379c2f7019cd5e89421cc74aeb55
SHA512 9a22c2687a17e7b2fb77dc85ec7ba45fc59c8de3fc67903feb1406fef51be3c59714118a3e770623fd5813864313e057c40d5076e3b01437439c043e48f53589

C:\Users\Admin\AppData\Local\Temp\{E0B12D2F-41F2-4E41-98D4-0AF9AEF505A8}\ISSetup.dll

MD5 a415c19f90e68b0069587e6304eba4aa
SHA1 e3fcebd19dd8928fcb3b1c476c19e316b70b1193
SHA256 9bde2457c7f22a67d240978f82ce0b811d714c0be6c463441d8695af228df7fe
SHA512 642b5fc4538e5ab1701915766e94f4f3a8c03246951604db8213f698a1608fb0d258ec1be99df37f7e1cde03280b72d3ba277b7d2c541d20fa0c95ec6d268474

C:\Users\Admin\AppData\Local\Temp\MSIACCC.tmp

MD5 caab36876c8757cb23ceb224c583903a
SHA1 41872dced001b6898309a5dc005e162c9d450d7c
SHA256 fb6fd34e42619110bdd4e7410e6cf5792d48da3579d451a4ca8853cdaa681ff4
SHA512 ac3ae007dd3ae3fc29fabb0cb694e174339f78ce7e11b0ab624ae9316adcd6d3f86a701c045074c3eb1a7a34060528cce4cb86a457c11a39f7338b0c0f25483b

C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISBEW64.exe

MD5 aa9eb5317eac5401d5eb0b96a19af711
SHA1 87e0d072d1212f6f696a2750162fd1d57394652f
SHA256 1360a6ec6d8a575780b7740e2dd56fcfcf2db997dc1c908f7e7e381ee4f12a1b
SHA512 f17f84344a1ffd094bdb5ac52698c1abfa8ad9013e64915c2edba301504bc8cf765a82d57897655163a86fcd2939d97068a321849cf98937d4a1a305656355e8

C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\ISRT.dll

MD5 b4171921e8339f2c5712b3c58cd86965
SHA1 146ac8f91f65780269b9aa12ff90079159578275
SHA256 d72c678d0265d44898f6f85ae0a65ad5429a10564ee5070de93a75511f438f2a
SHA512 8d009c6863e782ceeeabeb8f1a39cf594e916fb94eac4a215e4cf9e82174170fa5eead12312801f3e787c7e7ad9badd20f5a03c7302cc63a2d33dbd0d77f4536

memory/4476-671-0x0000000010000000-0x0000000010114000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\_isres_0x0409.dll

MD5 cbf32e9e7482eda0ed5490cbfcf42fd5
SHA1 3c411155e102f44003da3a981e833073243fcad5
SHA256 6b458dcf8e27154328f5ba1c6496a6ec480a3af6fd85aa2ac438dac822a1f128
SHA512 c4ba46040f346308975fff55704f435f7cd5bd9c21b50bce2e750364017a0639390e5b7e6588100b903f8eeafca74144429e28136e53cbe49fc7101952a201e1

C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\_isuser_0x0409.dll

MD5 0ba8640ac748b6585ba428c2c03a75d5
SHA1 6312cde3c3925ba7c68c65409cfd1515f5ccb6fa
SHA256 fb1918b290efd737bd06cc37c3208eed2276f06473eb3fe18d26b448259603d1
SHA512 624ad202e2cc051c39de556b96fa32df9c2e9a7f7ebbedac4a57c8b5597a735f09bea6f8c2ac0c28ac8e78b0496076cce852db1bc9f01efb14cb79793417d828

C:\Users\Admin\AppData\Local\Temp\{C08E2354-186C-47F5-BEE6-2135E089C880}\skinaf6a.rra

MD5 7568981428a026c5597569e15c918764
SHA1 61b70714f95713c7d48bea3e815801713a1a2254
SHA256 60296347d78f52d5ccd20a8cfc426719f4821ecab61463c59ed32362d63d7646
SHA512 e498ad274dc6c317e007df03379e92edb1741fad641b4aefacbbea267abdb2e09fbf54e990c1330ea96a7b2a92583cfc18f6c1eb3618e773cc7e8375916c1111

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 b56b55005802322c5cec454e458a3dbb
SHA1 22c07a217989dae8f53de21a30d29ddbadb7c1a5
SHA256 21dd5e726f1d9771b634f57c2e03e765ea5c2f14ebf8fc8461816030149b0bd1
SHA512 c3571696c7d99b4e41cd65cae044e64913bcccd94b00617b3ffc774bc69cc1413f0276c8844da3c77f89b76db0b90801602aa28df8de09b11788c5c47bfb2880

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57b7d6.TMP

MD5 884ae097c97fb0b24fb7d9f46a97e660
SHA1 17fa466e30f8277ff3bf4f05ee4f0e2eadc604b3
SHA256 26321dfce1220dd21845147d1d44641a92a31df277a62ee9108b94715b765b7c
SHA512 e2e809f72449ffcd26409a3a76fcb13c8ddd8d72f2e9f6a5a58434da8730ecb47796e7b8d779fe66e653967e05c044944f624329b4a0a7de603a8aaf2846e7f3

C:\Users\Admin\AppData\Local\Temp\drivers.txt

MD5 9e745b7ba367ceca33fb6076bf7e3595
SHA1 ee10db1c94a990e5dfcd5a16749f77df82eb94a3
SHA256 098be81f994d726fcac9352b57ab2c1d9388278d94e28bf767beda2df9ff8d5b
SHA512 f8229af6828c0c823db4961bd59c76f363302c0ed51b4e9b3bf974c4c2019cb17294aad87deaca2d06a6a68d4ec32bf9fa8711155d7e771f6b38a1e382aa586b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter

MD5 c6d64bb3b87950bebe7ff28dbc6c9dc6
SHA1 c210f94486b89e6c2a51f3631ff7a6b4095c17a7
SHA256 e9565a681c03ca16d333c666930242a2fc5f8b7a8b92d64e74ee1abedb07117a
SHA512 645872d6af5ebf4b74c41b6f82978fcfc55e0bee6de2633acf29effaad657f9f951bd6a153a42a7e2a8abd004c051f6f27b54822b496b62378cbf1d3969cb7a8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter~RFe57c553.TMP

MD5 fe9805b6308e8ed0467ab61be5302bfd
SHA1 83120b4e4fa210022c4d8d9046595e00e0ba3783
SHA256 e40ced6b9d03dad5bd527517f28a716665824cefe98aadc582cd3c3d7093d488
SHA512 f5e074ed914dfd583fdc3ed3807810330556eab06ba0cbf6ac216f0e8848f3b6c538d59f70c0243997456a4d9046ff785559647c27df2deea3c22cb15955667f

memory/4476-1181-0x0000000010000000-0x0000000010114000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 6a6b50400638e250e4ac5cde3c6ce59f
SHA1 54085d7a743db7c381946914b9d15cc507983d0f
SHA256 c73be495f9fde700135799fadcde659ddcb1d8f71e34aa208c21d84695b8f77d
SHA512 0fd32de581ccb912ee5002dd46d383fb3f1af2c37114133ff1f831846b0590479009600f81581df62dde859cb5d1ee296f4f7cf0e31413315c48d927e9d58327

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a2b7482922196a01785d2a4d7e1864e8
SHA1 b842f0040a04204a0e8a59cfa83c7259642284fb
SHA256 670ed8d84f672ed3824c72672c3516d6abc93ea951b4a8b31e9f942c1692c301
SHA512 14d107015b321ba1aab1bfe62c8ae674272c6dffe8749191d911191a4e456b2488ca8d674e5f73a166bdb627e81aa19bd6980845d4be621c36bb160e221b5455

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a2279b01207facddba8c058a67b586ee
SHA1 cc54aea8f14ab29b14f3a0a856448147acbe7133
SHA256 ac71380edf6ce782e9b915b400943a387be0ddff77d16ec39617873089bff74b
SHA512 3f262274a00fb4324e7938b8d20e4f836edd7e38f53ca54171557f205f7ee844d1d7e558cc39b5afd677802421997a9b1454b81cbe4d31f33b21c4e3ac248a8f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b90bb54b9e1b500f3df1a8fbf3db4d56
SHA1 321c18f9b73b3b20c8db86e94c7278c1daa142d4
SHA256 f0cfa4eb4d9af1e430081ab9f30980c137bd3305934e2df4d42494adc69012c4
SHA512 8343e90e454773f2aad9d970b914b92fb83e8ca18841efd7730b5a2400db66ad3b1c395dca17c53fe9d7fc63dc6be846be35fc9c2c2b48d35d64871e10ddc900

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe57f107.TMP

MD5 0a14165ba488c1740b2f9ef7580d44ba
SHA1 6bc101bb59049e75d5f364885e59ec2f58c29b68
SHA256 cb1ade0ccb2106a198077f1edee519ae8f3230a34c843be163d9c7a5a11c7b48
SHA512 9ca39d780b1cb853eade3e40bfacf81e0d4d392f3736a3d9ea23db5e69fbb52e13fbe0061cf7aa6d3c9e69428140c1c6c4f082426af22fe5fc0b09103df3e422

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

MD5 a9aef4c3788a6df80f35beeb9de61294
SHA1 7a33ad4ecc53f79c73b8cc1828b833f87dece25d
SHA256 c0865f6f7918d34b23f80b0f261602f75ca857cb9e2ab614933de8d018f44c0a
SHA512 da1aa5a9c0e1972030dd7e33d898b4d498cf21f2a75bc036ee978b619ec603a773c56970333f936b42434785ac3b6cb17d4fab4ddabe97218ec4dd0200390e10

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DawnGraphiteCache\data_1

MD5 7fe71ec40aa9d059dc04bd5de1435500
SHA1 a2bce060ec7de402acc7da9cec5f43c7a12b97ed
SHA256 2dd8f36f363392b2782443f30352dea1c85b9009ddfb7ce248260855dfb8137f
SHA512 9e438cfadf169de13d3192b6f2881493d9f34dec3cd946614ab96b9fe22649c2392daa967bd19e106b67fb7cbc242079988294361fcf21ff17094f9f273e8c74

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 067ae66df6c4ef9dad4e1078bcf3c54a
SHA1 e5946d1d57f0084a5fc0726c285593f60a769649
SHA256 f92d2a62a8859a19f602adb830dc8f4c223133ab7cc5259b6da629b9bb1252f5
SHA512 b190e5d592a365ecf349f04cdf3fcab7bceb4888b073611243522d2baddba2d760b82338dae38cd46af1b95a5f4aaa8eb6a5c83d492db5742ad574c0bb498019

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Variations

MD5 961e3604f228b0d10541ebf921500c86
SHA1 6e00570d9f78d9cfebe67d4da5efe546543949a7
SHA256 f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed
SHA512 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

MD5 3e45022839c8def44fd96e24f29a9f4b
SHA1 c798352b5a0860f8edfd5c1589cf6e5842c5c226
SHA256 01a3e5d854762d8fdd01b235ce536fde31bf9a6be0596c295e3cea9aaf40f3dd
SHA512 2888982860091421f89f3d7444cacccb1938ef70fc084d3028d8a29021e6e1d83eaef62108eace2f0d590ed41ece0e443d8b564e9c9a860fc48d766edb1dc3d9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\05c34143-8ba7-458e-8fe9-36667fc7829c.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007a

MD5 b47c1460cf034b551d678eafd8f6855f
SHA1 ef949b0d6423f0240f33af52faef9b31df8cfabc
SHA256 efbe4e417ed249147a11618eb4443877a0342b9c7edbdd764511d291f0213df0
SHA512 fc8cf1dbc10d81415163c0e825aea18ef2c19b9f9e0aa7054f6611cc2b71c688173894178e7541f9b1e0516fb6415b60d2be2b204d7a6774bdbc3e9d212b2a14

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000078

MD5 57f019d28c8e3e8c9ed08e5811126c55
SHA1 d9e3b043cc08ba478a81e58c3a55e3d95a416d90
SHA256 86aa089e748ebae35b0bbf7d8a477f92137f0c1434547827d7c503316c21afa9
SHA512 866ed885eb0bc1051a0fd4669516f2b84c27d26e0973ff4fb91331d6aa9e87ec63398e2e06dde89ce51c5a62cec71103e69646645b769e2dc849848d67c595ce

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000077

MD5 4bc317899970a602fde7636ab6ddd3a3
SHA1 920bd188a603c7ed86e25e049071b1704d3736f8
SHA256 7ae11c07e7083e9b883a1ccc3685420542d53b1d99243b4ffb0cc0518bf03f1a
SHA512 dda0017d8447f9668f95017f53e706199e3152bcee45e8d2866326b31bae7af25a3e007bb25f26d21d1eafca8053928c7dbc1d7957e8d60ca2be04ef869a3280

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000076

MD5 e8730678d4610fa908d3cba1ef0b4ddf
SHA1 1efcbee909ce74bf04878d74867f12a1e41ae7a4
SHA256 e921785496ed2d98c2257c88a6f838afa6acbee05cb8467048501bfe2a301461
SHA512 d7c3f81ad11ac5b3e6f454fbbb9be0940b3e8da93cde0b80f9a91a8259966be466b4d6a0fd5527fcc6c8f218aad8ffd0124bb29dfa08f6ca658ce49fe9e37e6c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000075

MD5 9a01b69183a9604ab3a439e388b30501
SHA1 8ed1d59003d0dbe6360481017b44665153665fbe
SHA256 20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
SHA512 0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000074

MD5 8e09bd50d6c630ac00a511ddf66ecf03
SHA1 d9a3b8970c3006bc4659dd463df9f0e8cfb4e0db
SHA256 60c0d73fa626dc3edbe9ab84577cca5733cdd0c0759b440fb2be44895f4a5c60
SHA512 413276aa7178629023f66628fc39d7840e78dd2d005a9dedde1e966ad6a3e02220717861b182756eb5c740546824222ffcd13646a1b233d48228212a3927da28

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000073

MD5 0c0c1a73844d0b83b8b99b56016cc936
SHA1 2b378e617a3acdbe0de0ceaab8d83157664f83b9
SHA256 f0d593981d853b5e8f49a3f22305b6140eacb73f12aeb166f65afcb69842c737
SHA512 46ac9f071339407fc84b04efad8a3f24668c8509fd61032eb2d2778ffe1ee016498e9d90406ecc8d85eb6893cab220a2873677f86a85bb4db0ef709855ac7420

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_3

MD5 5ffe9329345c2781b40bcaf8311b4cff
SHA1 12d458fc6895a4582ebd43c021705528e1e0565b
SHA256 cd70adfc1d70e6a9913baaefa283cd157f5804af2e4f032cc4f60162bf8da310
SHA512 c7a2e4ebef7e8f8aec55b4975da2a9c2ff6f667c5b4a17b74ca83e4c05d68028bc859f5d77881f6f3f7da5d44818291275de56067b10035a96a8cdd277c67ebf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_2

MD5 40885181fe875324d2a579bb9c132e9c
SHA1 0cc87167b6d1feccdccce27afef423756b0eb382
SHA256 c11abc98b95519948d7bc1884d041a9d6d993991920aaf5d54d1148ea5f60e33
SHA512 c71096b3e34e7e7e586f8da7a3c2ebfdd75cd0adcf01af35a7160f7ca8a7a21dbafdfed944cb2392cd35cd27be78646ca2e6ffbb4a8dfa360bee9d78f1789d2d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_0

MD5 9426a5e3977fc4befc289d5254ecdd62
SHA1 9262db703894c2020550a67acc75c1857ce75a86
SHA256 63126dee9b915d6f77786c22a59fcdc7b32b261163e240d68d93e0b753644e4c
SHA512 e6264c180ad17c806ac1d5aa783b5d5ceef041e4da06ce270be07f23963f6d19e1be7ce71f149d658ff479d7b86801b13b398fb138024a594b2874b9a6eb55a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_1

MD5 e0ba8af0b0e8dad97b3692975b19aaec
SHA1 c85a9863f0bc74c25f9abaa0a20992d2930ba329
SHA256 1f7156c2654a9ae1ec0ca49e7b3eca1ab07c0a66c471215a1d1f6aad095f13f8
SHA512 629cefa3ff2349f085a8e101b1999417bca36bd23051412bdc24be17ca0daf874d024d331a05d3548046ecc9f7c26adf0cae3bb7b4088ba28464e2571c700d38

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

MD5 6a8e3838fac0de257f4e47a2ede08cb7
SHA1 9eb908aeea29829ebd9ba75e553124d8a0317a2c
SHA256 82783b55f16604218de9f51044fba837c8feaf9111d4df8390efbd02bd33bd27
SHA512 086a46ac826fa44d6993b8b9a622b9e4226fe481f8c783d498a80998187dcbedcd10c950db36748d6eaafd91e5e2f816201c7457a5ab825a545022487d00569f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_1

MD5 14b13042a0d1275502a4c9d5a2af67d2
SHA1 7c183aef1921cb80674e08cd55c2497f68394883
SHA256 16833d6bbdc32cea4a5380ed83df72bb8f82aee001bda3f589da5d2059de9bdb
SHA512 a9a31e26580c39156fc3d0920bf7bd2729af4ad883bc0f94688c420e491675d2f33f309fa1d18080cc2959be73f99bee82e0b2c6af7d780cbf00e0e72e58813e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 ba65eb249439bb14148f0c3add46c65a
SHA1 0053c6f591c4d135f51d8c8fe99b29aeb26e323b
SHA256 be8dc30281a1b7651a5f2918315e5da89a1f5076bfc02415ed43b075c3fbaa7a
SHA512 1075cb4d73e9060eee21583a75883bf5616cc6cf665d4da68f1b4803eec122a5369691abe8082af8bfe07394161cb14ebefe6cc76c22baae67ca580d81f58482

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 d93d02969f5125bb1dd46a45ef0d3497
SHA1 ef807596550690e76a54165c20dd4302630a0de3
SHA256 ba42d3fc66b0f450a7da906ae79c8e7b385ad8396905c19e749fa7fffdb07e72
SHA512 570cf681e12da2904f664554320c2a635a8cd7285b30f8dacd6aae0dd176e0ce785c48a43d8cca588726537c689536284f93e0b10fac6f14fc403bf23a2742d9

C:\Users\Admin\AppData\Local\Temp\scoped_dir2976_2008708607\CRX_INSTALL\dasherSettingSchema.json

MD5 4ec1df2da46182103d2ffc3b92d20ca5
SHA1 fb9d1ba3710cf31a87165317c6edc110e98994ce
SHA256 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6
SHA512 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

C:\Users\Admin\AppData\Local\Temp\scoped_dir2976_2008708607\CRX_INSTALL\_locales\en_CA\messages.json

MD5 558659936250e03cc14b60ebf648aa09
SHA1 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825
SHA256 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b
SHA512 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

C:\Users\Admin\AppData\Local\Temp\scoped_dir2976_2008708607\CRX_INSTALL\manifest.json

MD5 9aaf263712da64f3d25c3590cc1bb25f
SHA1 ee37307feb5fc24012c690e3dc6cd1785f81cd06
SHA256 eb10517d6ac10eb4a0dc967eb2773a06a74bfa270e48d146bf5db5071bd7714a
SHA512 00e2e3afe26eaeefc58a92569b5391124250781b40cab9fa8abbbfb2a1b080c232998aef42d532ac1163c4128ae4cb4fab5daf8bb7a7c530d4889f08a72f8ed3

C:\Users\Admin\AppData\Local\Temp\scoped_dir2976_2008708607\CRX_INSTALL\_locales\en_US\messages.json

MD5 64eaeb92cb15bf128429c2354ef22977
SHA1 45ec549acaa1fda7c664d3906835ced6295ee752
SHA256 4f70eca8e28541855a11ec7a4e6b3bc6dd16c672ff9b596ecfb7715bb3b5898c
SHA512 f63ee02159812146eee84c4eb2034edfc2858a287119cc34a8b38c309c1b98953e14ca1ca6304d6b32b715754b15ba1b3aa4b46976631b5944d50581b2f49def

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 a9509793d9099a175d80af460fc4e5a6
SHA1 cd3d86b7048230b9d0e85553b58305be15cb3042
SHA256 51404daf268ec93b098183f31fc3e1c89a8c3d56ae66413ddf535cce490ffc33
SHA512 2368ac41f4607e19a87a87eac341cfea25f13b2ae52950f29aed92605e1eaece90ce1458fa82d55fc7257d4347e926a16986f2d9cd4fb9c80de268fb4fcd72d0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 58d2b7559e99722a99b84dd01c938bce
SHA1 57d8eb5d492d0211020168c0f3f27d7eb3971b12
SHA256 1becac82c9a79571966e6579a5cad485fb58c6111c2d4b350b50c6117eb8c208
SHA512 404cbefa70eec2d1837572962a043a760d72a0713fecb8a1764749ba9b61aa1c711f73eefcda782979081238a89492d24d04181728c951384e07a5a0d7c573e9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3c0ffba28a3b13b66f5c0e8fae4853d2
SHA1 6e659f7d839ef28c300e0eb1187dfda235b77f15
SHA256 2c7b350408cc0b41ab3e4ecb1df055250bff96d2f3ea00242ffea73adb693b41
SHA512 a6760a465a3f0e85fb85710963e9c05abd3f1093020387267cff3f42af2c05abdad84f63088b646f28cd4d0c583fd95d3bad0a751d9c9e77b4aaaae245d1a774

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 cca7dfec25987914557582b9b8c3fcd9
SHA1 604ec143ed21d95790474e550d09b9d533867c4f
SHA256 b98d946085f0ee9992009f8ce9fb462713e345a53cc3ef83568151454b158517
SHA512 7c648d4ec09fd2c97262a694d2927ea910c7fb07f61357934b4ab48913d0be9b664f2a6bdb33684afc177fa5709b5ff878a3e340daabe494378f3ff31e765233

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 25bfc2410ef7839dce290441a2bc2f37
SHA1 9073c00dca558a8b9b4c706ffb2a7ab93cfd3496
SHA256 0b353164dce37593f5452fc4416925cf8c2a1773c48a31ca86c4350941eced7c
SHA512 2ea0a5cde2c7d566f4bfb9b09730c28bb23f82955d590f16c1bcde96a71c8e5ceda9c5d27d20fa44839ca64cb4cd04e4431c56d1951ea8cee95db88ea749f943

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe585fbf.TMP

MD5 9cf328719984a5122bcdbdf3db458397
SHA1 9540dd7fddab31834432c9ee113c81f163f22c35
SHA256 bc7f02ca5dbfebfd62181b1bf0a0aec64ebdbe165c0e0d3904fe1426dff51438
SHA512 1997f6ab82fed01806ec4ec09d0c9c16f9818e19c6966983ae53d093fba24f1925d05281c54007863479f89ec038551ef52a592ef77cbabb84977ca1b72e9a7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 695bbd25f40b5489ff4fcc7945175cae
SHA1 35ecc15b90d5a84d3a8d264cd0daf0b37174cfd0
SHA256 c5d0cf0346e3e18ffcab917928ff8f68cb0ba9e50435a66ba1ef393a373c961e
SHA512 5dcb763367e07c033db757be7bd03403aaefd3f74b24a1ada5f4a58b3814af9f1f79293fbea90f346c35e9b1a046e7bd0990d445c3109100f83a3012b40e8923

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\IndexedDB\indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt

MD5 a7a2f6dbe4e14a9267f786d0d5e06097
SHA1 5513aebb0bda58551acacbfc338d903316851a7b
SHA256 dd9045ea2f3beaf0282320db70fdf395854071bf212ad747e8765837ec390cbc
SHA512 aa5d81e7ee3a646afec55aee5435dc84fe06d84d3e7e1c45c934f258292c0c4dc2f2853a13d2f2b37a98fe2f1dcc7639eacf51b09e7dcccb2e29c2cbd3ba1835

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt~RFe5897a7.TMP

MD5 30fa52109b5a9a99d3ba3cfb233efc61
SHA1 4fbee4c9a3d985d85bfe8ff24643c21c58abb71d
SHA256 9ec8cf9e2600197c942be564d76daabb26489854ae95fdb4e903a43a09ee422e
SHA512 e89055f57c93ff7e6749b004a68677db96df053e4e1b79111906603f4c31ff6c92ddc34d332d7427e98f14be6f630ac7843e7658434148111de0be5243dacbcd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.93.1_0\_locales\en_US\messages.json

MD5 578215fbb8c12cb7e6cd73fbd16ec994
SHA1 9471d71fa6d82ce1863b74e24237ad4fd9477187
SHA256 102b586b197ea7d6edfeb874b97f95b05d229ea6a92780ea8544c4ff1e6bc5b1
SHA512 e698b1a6a6ed6963182f7d25ac12c6de06c45d14499ddc91e81bdb35474e7ec9071cfebd869b7d129cb2cd127bc1442c75e408e21eb8e5e6906a607a3982b212

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.93.1_0\_locales\en\messages.json

MD5 07ffbe5f24ca348723ff8c6c488abfb8
SHA1 6dc2851e39b2ee38f88cf5c35a90171dbea5b690
SHA256 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c
SHA512 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 56324746bfe94da1567ca5edd263274c
SHA1 a0d359d0aa3e6bf344f65707361742b26725bb7a
SHA256 9d691181da7bb8f538d97e19149e520c6b10d8c8c4ca0d5c482ad3307719cbae
SHA512 c508f1814a3d8697f4ab28cf51da86407ab597061e102686862e43f37492313920d95cf783bdea431c92f3afe4ff8be2c8f198ae77fa6bb8660610b58b12c347

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6779d0b4fc170cd2b5133c2fa42c6d48
SHA1 2a6681d90e24f89c8b88a7b3fa33d5a8bb5f7ed9
SHA256 36d59e4bc636e625524deb5600aaa3f255545665825e2b50f6fed929890d9562
SHA512 4720ce5eea0066f36bc06384b49b5552c5c366c4b2c6b8e0dabd2897ee801efcc5edb061d4038a9374c0dd81d77a8756710873942adf7bd21c4e5278ad4f4df8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt

MD5 f21af943c617c7f6dbfa21d96c918847
SHA1 ff77cc9300e5c503083ccc001dfdda876e1fd355
SHA256 f5ff2a8170cb8bcfb9444c83bf2f07ad9f37e3fee51402830ebd333f9fd35c9e
SHA512 7e2a9be16030dab43cfbfde556d664fd39f4556b85d705a7f99826b223a745b9b85d830e604289c96d1dfc00ccd59ee2f7c94eb12da7ceb35773970cb059361d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 8789cbb37ed271eecbf67d1e5b9e54d8
SHA1 88a46e07dad84ca36bd49a4afbc3a037066e0ee0
SHA256 a1c58f334e80055c05679497d74ac2e31048c978e2f3fb75fc9cc0c138159877
SHA512 efcfd016de64d428881585c2c959a182c7956639613bffd02e15938d5c453b8a91e7ba6a3b23e23a4d57af1362d742b563a79cd42cceac5085969eda543d9b58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0926ac91671823b2edfa58935c3164b0
SHA1 4ded0b82d8d3a34cd113a31d4773c495f320e2ae
SHA256 24d1b4357ea485a6c6653c0668c05f54caccf4a83badf24d7f107bc874b8a298
SHA512 4c1c240c3552c5643c5e85c7387ecf8646fbdc0a6a05f3d7da014d7eca7e343357ffc836d4564039e53b6adcd397c784387ca92dfdcc008ccbd39f72b416e981

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 f7fc32e31d0ca69106f3ac1f9ff799b4
SHA1 be691bba74ea1b4fdc9132efdcc609e4df099f68
SHA256 4927f3fec064bfaacdfbbbc52be1f494433c9e9b6bdd1f723d078eb63290b9bf
SHA512 2d8a2830d51385829a6a73b282f9d8a26cb14bbf3bd9e6d3c492f551e4e0686ba6ac5dbc1ae16c700c5c9b7c9e2715b3800d243155ec485f15de27c51470aeea

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

MD5 7551ed9a10a339ab521b61a17cf99746
SHA1 fe7966e3b694cbce301ebf732c3e0bf226c0fabb
SHA256 8d0937c34416f3e9f138da6e06ee33d1795d80160aab6025de5a0d6075f5a7da
SHA512 b40ced41fbed714d25b9b3c2036d879e6888e51b948d83f28853a315d2f5716f362b31b1e5a73f7abb0dcbd9c2909bb8696f613749f416402cb8ea800c626401

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

MD5 023ce61482d576eb8317e452df99706c
SHA1 9b6a6202c3d696899f0bf3879897ac02711ff65e
SHA256 20b061f998967a2c00f582087d48da60837ea8f6ebe377bc4e7d8d1c740d481d
SHA512 58f5cd8aaf4369a2ea071de6d266576a260e5e9823ca5e7f85115c49652ab2dbc5b4e9bfa6db195bb0c850dcea135738cf4a44f967c79d9da9bec188ffaa3a43

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\OperationConfig

MD5 3bca8411b45106afaa963d562c371631
SHA1 78857d33a65e7061ca18a3540c304f01e7e85325
SHA256 4503345ee70aa9ca0f90012b665743d7c13ec7052e7a943222287973b752b9c7
SHA512 a6a7e9af6613a30730a0b87be76f87144a3483afb756445d462de7b22543027e5e8f5822e0337ba2d7b65e413e526da962783d05d226c0d13d113d57d28b56ff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\68fc0368-04e2-4f79-b157-56b0426a5859.tmp

MD5 9e90b81d2dad30e41f2c24238f056c95
SHA1 f16216d272a91f01793cdae1d376e69dff232740
SHA256 8ef5b7c3306868180e28d839b06d90feb6c7686ddd46e5e13144224d1a7487f1
SHA512 1e985081f5df539f678c9eab79c604b1735acc6f812c9b9e423815f479e909e3b79c044968f7525312b817cb47442424ccc7af9f5a7e8ce1e1f5d02f0df07b40

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 d92919585ca19c1fb9460130ad303f7f
SHA1 a8ef96dc467fd5fe80aacc0b60960f46af3e000a
SHA256 a60c169a596ccf1036c8f7c0f9a4e7f1034276efbc69760230d5c6e6d120859e
SHA512 8195f7519bba924034639e793d1203b3e023fc799775d8cec90d41e2ab4ac71b655b4392eaa5ea5727d37cedf3cc0b50207deba4e5070a5e782edc65eb811bd9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 cfaa618c3ce2c310630c1a92b9e218db
SHA1 da89fab25ed262bd78e9e6b86a8fa4c879dd0098
SHA256 da1e2af5c9b4e32d2718a66ff8cb4b3df734f38763d1ec623602eb788e241160
SHA512 0a7a87c96bbfb0fd0e61d2800b3c0e8f016e28d1baef0f99c63349d68240381c6886730e7b7b51e233f0e9615f17c36541b564f066cf48ee4772571d5d3ef1bc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

MD5 555d8ac47a80c9c5a88b0acb004cdd3e
SHA1 0afe173ff01713ba3ce590898195e28afa51a0fc
SHA256 baeaee7e6efb1bdecc6db96be280fbd58715114538b7e363c425b7087cfc46ae
SHA512 6a457eb23d6ca4111339aadb6efa42f34e7434982c90b76cc8da4c9b8bbf5873f7af3c5c73d6ddc52f048e6473ca4a8c4b35224595366d0c89106c620bcd9223

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000039

MD5 b56ff5514df86f3acacd79d697be9437
SHA1 e529e1ba8c850a9154f9f83bdf04031026bfd163
SHA256 d553a88797b2459d250a53601cd19b4db95cdcfaa5f660e128eb39a7a7fc8288
SHA512 4dddb79c74c86a90c0151414627b631be1ae4eeafa66ada88d0694ea3f581ab569b1e5feea4c253bba33f90491367fed563193f153b066e037e1ac67b1c38519

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003b

MD5 bd670bd33ee6ebf9c42842b2f3d01ea1
SHA1 2d97c4773770e6b0173646818633614ccf1dd302
SHA256 38157d65ab9b25d04098d438be2d095256871c0b3fc1e334af870702ca8dbb19
SHA512 1084919ea64b2350b3088e6cb2bf0bce003e5906c365a6a4604855d71c79dca04b2494fe20a9e5d8ac376074361e64af1b3da352dc5d50d12abe5b54e16129b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003e

MD5 e37004735e241c9a907e7cee67e635ed
SHA1 42cf6646caa1218aef419f1d9a88b694db8c411f
SHA256 58885ba5588dab382e96430df8e10ef9c78460cee4fd378890b097f948e0a2a4
SHA512 9a96fb9eb73afcaa3a755ea4b77cedbe98f7ef19c551fade9b3e25e5092aa22c48b87d250409ddc90d16336ef7a714dfb00bc1fe370f3375763653cb740df6f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000058

MD5 9945da203a5acc596319e92c04b7ef2c
SHA1 2792cddc2f80f71e451086839fc54bde554c4055
SHA256 986bbd7b3af529dc8f2b47147194c6731aea9ff3e62c026fad3ef361f20103f3
SHA512 3807e16b3da61995e5e12cce72c937db9c29d747d6d8448644a4f15a5f084ff21c56f377c028ee177cb74a9fa4a72016c66ae8b330f8d46bb0f80b5d5777b3d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005b

MD5 3cd369e6dfe1594f2c9fc79f6fcb6925
SHA1 9190f3c88a9684d69ec7d08989bfc8d4dd17548b
SHA256 02c7130e6a7305f84674488872064432c4dd7283e6cabefd5137a01a5fb6a7a0
SHA512 0bf91cce6ad06d66959ce86ee0ced6c00256a92c5df4238b0678b29e99387ea274a1b5db154cf0ecb9f7375543425793c95d7784b045f9eb5d5a86a232343940

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005a

MD5 f837d382a885a07c34a3d4bf4f49373d
SHA1 68ddceef1d164a48d9d01d4a74f26b7897323229
SHA256 dd05e326cf8eac3b55acecf29c842ed73e6e6dd06491cf47f7e8800680ab3e33
SHA512 ef010d89971c4f69af7bf541430364c56245a5b63ed730fe628e49f48fa9e201c7f42b1e104eb14c3193bf79dd7ce20244f6b963e9996eb8308c0d61f444ece6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000059

MD5 3714175d15f37e385c0d80f1c8f4fb42
SHA1 51e26e670e609c5940946aa0e750529a86648f5a
SHA256 aac638f7503cebb084ec494cf00f75f7d8260d50c2f4e7820bccabba09626a3a
SHA512 2330466d763875da4362098860689b77192eaaf805b06b6af90c9bfe9fd9c4ba0b39fff32b20809f773defce1cb2beb00972bc66dcfc395690c08d7004def865

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005c

MD5 1a164aff971d8f9eb2722b9159401d36
SHA1 761aaeceba41e6bfc2999566f8f7508a265b323e
SHA256 09f020479e507411f5791349b62ac7db9f9cd57d2cf9836b4c756beed321fdcd
SHA512 0bab59db0fb7f1aed44332d9483fa7f08ac62f3cefee7c7ddc68539e94ac494d7f0aeb6548cddeabdc806c515fd15b0dfa7c0ef258d56a8cafc51c1795774d94

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000051

MD5 b05ded925399315733c9c0b4b8b1c2be
SHA1 5b4910acbddd0f3f4e9bd79d771b5400cad27da3
SHA256 83458c4a5d296d4e72cde9986bd493bc6f977f1caba0fb6afc6177dfa622d758
SHA512 9e1cda99ad51d2076bdf41695a45853fb5e7478173ff4505e760364b079a0d4dbbefc6e952a8ba62a746e1e65b52bc0370340c536fad43bdbefc1e057ebc81dc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000055

MD5 86644fae63ae88bcab22d9bdb9cc652b
SHA1 95756909e70c61db44cb4bfd0c7626686befc7bc
SHA256 dd22b5f9ce8f9dc2a348f187707d4bbbe01c1674426155411b3344aedc52c0a2
SHA512 a4da1c8e1921173cb1dd972485303cb67ca075432736d8e94090e23c4b6b8ad073932f3950eb4f7f74f26a9d768076cd6888dca463cc2796bc7c64ea24d6add7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3b142dcd1144c8810dd9747a259ef819
SHA1 abb13c2ac1c7e18d0dd5bc8ef7fb8dc677b220e3
SHA256 7083c871fd502f6c627730c374181f26efbbc4c3bcf1c16adc98417872df1ab6
SHA512 3fe7f8a1ad5736435be74c18ae761b2c27ed377dfb2d622d6fbccc9f7af675f0945ea165a3fef2b98bb9590569197c83c2b33626ea3cba0244e62d36b6c39641

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000061

MD5 0878b9344d4edd107a9df7839ad57409
SHA1 aaa1cde1c05aa4926a8d7b74933a167a593ccf06
SHA256 6ca72687b0f4a625b18fe7d3aefdbca45e889fb7b4267ac752c7f91f50535fba
SHA512 723174fd5ced78de21cfe8f586514417476c0cd8c27a453b3deb249411b5bf34df2c938968fba9afff90fd9c8218cf214e61cd0bbffb14d6943aba490601b9a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 34e563fac927dd8add357b61b8e1d441
SHA1 2b33d4cdd19660819c721d0e7575543f06ade134
SHA256 5ee98af1d7df1d3605d8933182e58ecaf0dfd6e45c504685cdb54c22f93ee895
SHA512 89db5aaec099a012fe6f8c3fbd0b7a891b4ec9da88c0aba3abfbe954e22ce22c6d4fd982d55da20ab19c525f0367fcdfb183d10a86cd6aefd6f72b738a65bdad

C:\Program Files\chrome_Unpacker_BeginUnzipping4976_107240589\manifest.json

MD5 e0909520982fc48e47a6451443b11741
SHA1 0e46425274933c153ebf5a03f25e693267a8cea2
SHA256 2e9e6138305d702f3c9b89d6e9dc4931b548c69bb86db64e585fa2e37b8ef654
SHA512 3fdf504cb0bf39a807fa15a8ec31a6efd8083888692935ec31d70b4ef6eef89b8527c6a75a46bf7ae3efeeaa507ac3c7cccda5246a2f073ac603a7ffa10d20a8

C:\Program Files\chrome_Unpacker_BeginUnzipping4976_107240589\LICENSE

MD5 ee002cb9e51bb8dfa89640a406a1090a
SHA1 49ee3ad535947d8821ffdeb67ffc9bc37d1ebbb2
SHA256 3dbd2c90050b652d63656481c3e5871c52261575292db77d4ea63419f187a55b
SHA512 d1fdcc436b8ca8c68d4dc7077f84f803a535bf2ce31d9eb5d0c466b62d6567b2c59974995060403ed757e92245db07e70c6bddbf1c3519fed300cc5b9bf9177c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a

MD5 ece1c1f93febf7a4195a4d9a9cf18dd7
SHA1 bd2e09b9bf5f1465ea6c3ddf1916d14ac59da22a
SHA256 7e2c38dc244d5aa07c4d52b24071230e91df420b59af580ecb67426214924146
SHA512 b249998aeaa658f084311448588ef5893c62d0f92db87778080279eae1891fdf7f3696b57b96fa1b2e6b1435ae2c60648e8edc61b2c8c3923f483e92fbdefe27

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002b

MD5 ebab60cc64ee21e7030383138f441a08
SHA1 47fb9d85c4b12e79b3ddb15d85459d61fe5e5c42
SHA256 0615689d1d3b39a17eed33d7a972bd6a0ae17a0cb1bc0da766b2da58e349a784
SHA512 a1721b371f86ae269165c4a2f8f7e4d5206613705ebcbb9166e2099d088f9606efb6309c233e5e7d9ed5add32e5406f5ab79fa5131a5251489e415dde2118ff2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0a7de9fc6863e207d9f7e74eddf93935
SHA1 b8fa1e5e70cc0c33caff26265745a615adb03c4c
SHA256 06603b00d5095206680c12542b72da19d3a6961e51b31a36d1bfb6ba4c5727e1
SHA512 6e5c170b5c4335bfb930afd9140bd2b92765e27d365b0d16cfec46686b10f79c835ce0ec2c58cc7bfc735c6d3bb2d45025af35282362239f822ffa95bf7625bc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000086

MD5 83266658f29f5cb762001d5d9f6985a7
SHA1 9ff52157193e1e798944e6a3172d938183f5e550
SHA256 60072b4eb6fc5f1f1214a34fcd55b3cbd1d05eddf778f85611f9b352c4c6452d
SHA512 60b2a8749bb597b71c6cb7113c4ea6c430ab90c6f6a5f78a36ab5fbd2676fbc173ade236be939e862569c786fbdc8e0aa984f1ae4263e91de2ba681cc8ce5d66

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\fb711ba7-b012-463e-97d5-eb3f7b75df1c.tmp

MD5 bc70caad204f0bb8b1fdc5c1f4d3c374
SHA1 75befba7cba04b9da9fc18d4f6285438d9c34e1a
SHA256 db8dc0d613020ec2c9f50a8bbef1d70829e7f0d69041a0390851a35b4b2e40a6
SHA512 506f4e1ba06895837f3fe8bf5503b8ea59eaf334cd8a850ff1e53a7804ad8939855931701c753bdaf213c8a62830b34d0d2b3effb26a14ae239799a253d9323b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000089

MD5 214d62ec365492f0f183dbd59bad1fc6
SHA1 0f493cd1f70a1a3f44f558abddfd01edd96fb0fe
SHA256 cea593d905539843f4a1797b5e07276167140ed5da6dc84bfdd8c5ab0a99fddd
SHA512 e3d48a4e0d97decff0724e28742fce95af1f3111d1a04c3f53e46d295ea807fc73df090ee302e1367057047b713f5c02185669f17f465f7ff0346aa3b60ad0d5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000090

MD5 4cb40455bc072e019cfe0108fd33b5fa
SHA1 51291e10540945c11368e934114ba7f6304fd030
SHA256 9525be97c37d8fcd8b3638a40adb0dc5964fce19970f9ea48c7fb5c0ea697644
SHA512 5e5bc37bd1e3b48ace229d9f0b25683e238d6e0f3e5808f8a039b41e3eff9d24c1643d4da4c939edd08fb89cad7d9ae19cdc6907cd84fab7b33b67c8ddffa116

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000087

MD5 fcf61b9cc1af4fdbd8177ec75c3cc4a4
SHA1 d68a70670bd3cc6f2d694704f00f6f5f0b75dcb9
SHA256 79c1a60b72bf2eef9cf59aec041b8b63b628fb95ab891347fac0128d31e13d13
SHA512 410f4009fd10f7549d854a751ddb9de43e55d60791453c84a5032d808d37fc9458fa0771416d2e32d0b90380d14aa2cc08f575b4c38c47c984b64c5177e82926

C:\Program Files\chrome_Unpacker_BeginUnzipping4976_885509452\manifest.json

MD5 89217e000f3145a2523e43f947208e79
SHA1 cd7915d003ee87f2babc9ee9add12841022710ac
SHA256 6722a860c855cf94a54fd1ffdd3801c4c949f5b67d8601ad300264931057f2bb
SHA512 385257ef9c67d80006eb350ac79718f30e08d810a1568454806f2505b482e0093f784d0d4cd24078317f863db500898343ce69391c0ae7fc767697f6da38eeaf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\TrustTokenKeyCommitments\2025.5.15.1\keys.json

MD5 03f15dff10ac451682f8a308674ddf77
SHA1 c723e23c49bed8a52b8f947b2cb8879a110fc94b
SHA256 f967e18d5b1839ba801212f032e7e6dd92f7ba6958bc3ae9b122d9fadf2b1bf4
SHA512 df8fdc89cc1e6f2edce49b41bd9f71dc7f7a8daab40f1355415119f9c0a0d5067337d966472ad49f855ecb9a89bee8d1711d8a869589a03e469530ee8d7e0f3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 328fd4590859b3a31b2a79e68bb40d03
SHA1 65c36cb9559a93df3628e792b82e7dc52c2109f4
SHA256 970867ebd9cf07e8634c53554cf7a4618ce0985fb8a64a099111ac0987caa52c
SHA512 8601a7fca4a123e8c5ce56ca070aea520fb536892a2c9ab213aad3b1e94563250787bbb9a15d6395afc2704b5706e3f7cc4cf5293266eb42e743e07032fb6b6f

C:\Users\Admin\Downloads\OperaSetup.exe

MD5 2cc288afb47962ba362a0171a5d979dd
SHA1 d1f2340a2137df09fb6447f79ee8896970fb3be1
SHA256 a884d785f494715a088f901becda25c88aaac89e69100682e82a3edea81df4c1
SHA512 e04b2da6f3b9a4b57577bffb9aefa21a2eddac77bdd7fd0456bbe5eeaa4c7fd9e6a043c9e55e17164029e3eb3a7cda3a4b86e51b88fa0e3c3d01d4a2412cb06b

C:\Users\Admin\AppData\Local\Temp\Opera_installer_2506301804443127316.dll

MD5 2b834b274908a2430bcce47999d7e563
SHA1 767bec23644f8d426afb1c67da46dc0b24e21d09
SHA256 0598bc898a637644e4f3f09f1d0a0e4eb7dd7d020a7455e732c6d4c1cc3662d8
SHA512 4dd95fdab87d23994fa70f97b55e14642f92e5f61d400d84f97e880c75a60df3a8e1034075b08b5a10bc9e034255e3f8bf9da7aa9d2e14e1df050222339a6cb1

C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\setup.exe

MD5 87bf1725b3000a6ecdf13311ee84c309
SHA1 6ae16f7820b26d5e64947c768a7e26335bf3b8d6
SHA256 64dd3c24b6d4ec90c9a41c3e0cb4259489403694462f7b9af32bd5639f89b9c8
SHA512 90fd3b77741376fb71beb742512a8fc30d8fd6a36d3e7976ebd290878f2f27341890cb7dbd98b076fcf8cb7f899272c157cd53281faa79f0ce3c235ec0502f63

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 a302cef9a787b7fafd57043d49997311
SHA1 91008ac5b06cba29505591caba521da7bd8ba006
SHA256 005b118b5e83c4da07a8b285ebb1b600e50f26c46e92eebc4203f61239d38f85
SHA512 dff69234fe101ab413783bb5a813a7ca658cbbd185116a37c482a59a4345459391d464a230ec1422449d3b188d6c1923684388637951568d710d28bb5b8577c5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Shared Dictionary\cache\index-dir\the-real-index

MD5 967cffb5e40a24a9f2661249d41a941b
SHA1 593eed4d12bd56d3b4c43e0a0a4dc71970296beb
SHA256 8fbec0b34285bf48362b68f77e4a5841bb7180a2af53152b97521ec08da9047a
SHA512 3dd37252335abee0cb2d605cbc14d2f8604e2fdbce03e512ea1e3e4fb777d0b781aff261231713c09d1afb355f1251750cf79db089388b63181805bfd68ef371

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00009c

MD5 b31d6c3a52ee38ee4d969480c712cf93
SHA1 0cf2958ba2caf005c6666372d65a955b56bbf450
SHA256 1a37f663403fdd7b5d9c6577ded75fdce0bf8b8be3ceedf3839dbffd419e08cf
SHA512 1dc117306dda82ad7820b17674685ee8172bc054c92da58ef62091470965d5b72b5fc167a1de1ce5ba32b728d86ad88169f5c388bc46e6e8b35de4819e32d56e

C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202506301804441\additional_file0.tmp

MD5 4125c9a1d68d6f095316d878dce498c3
SHA1 d5a9de9d1d21dfbc6de97f2e7c34629f165f139a
SHA256 1faa84af9c9ee61d4550dc8a279434c3f0c9ebea44e6af27c5743af7c59e9ec3
SHA512 5dedc6658d786e572438a39a6aa2845881b0469620d2ffa1c228a2fed5b98aa25070bf9e263c25859519427371f7aff7c43705148e11c3f0b54832015813e1f9

C:\Users\Admin\Downloads\Unconfirmed 437726.crdownload

MD5 08e42764571804aa3e27530b03dd5d99
SHA1 82ca6c9c8b0cf59f8dce178352360abcb99637ac
SHA256 b66d89ee13a48e9c8d4a7aa2e3e1cb2b79f0b95e4f74f4184b85628656281588
SHA512 90fdb4f191a1a26e04fcc2df045d74fec998b968506d7e8f16ec6f5cca7068093de106b9de4009ba6ebe085e9036358553d19af1b7ed4202f86ba3d2aaa7a62d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 073733d13951c15d97a0baa56a931bbf
SHA1 3f226fe7867af2b63b01bbfca8f3cb155c1971b2
SHA256 8d5f72d7d9b506a3d8d1aa51acf8ed37a757d1c2a1679a810df60e138631255b
SHA512 52aec4f6281a71505fc007c133408c9253eacb21dc933c14fa1f6975fb56eb2ec850f17dfd34bd4b3745953e638bc89764e164dff53dd01edefd6e0de107b49f

C:\Program Files\chrome_Unpacker_BeginUnzipping4976_1252496826\manifest.json

MD5 e7314184e67b4501f5048c2e5f181d96
SHA1 f741a8a1b8c18c8d4974f937ef589b134dde5419
SHA256 7bd96fc0239229d64cc38693c64f2524d95711534c606b2b39957af8411d870a
SHA512 773ff8228cc87677e3f74667b61db59decfccb6ca4da80a5ac5e0aff0e3102e08e6c1561df35b9ed64c8b7db8dc8ed27210c2ca0139ec85d17f9e3f57018a086

memory/8140-3870-0x0000000004DB0000-0x0000000004DE4000-memory.dmp

memory/8140-3872-0x0000000004F00000-0x0000000004FAE000-memory.dmp

memory/8140-3874-0x0000000004FB0000-0x000000000505A000-memory.dmp

memory/8140-3876-0x0000000004E30000-0x0000000004E5C000-memory.dmp

memory/8140-3878-0x0000000004E60000-0x0000000004E76000-memory.dmp

memory/8140-3882-0x0000000005840000-0x0000000005DE4000-memory.dmp

memory/8140-3883-0x0000000005180000-0x0000000005212000-memory.dmp

memory/8140-3885-0x0000000005120000-0x000000000512A000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 03f008dd6f0c308aba10efef79649748
SHA1 6aaf79b1d873a9beb483ed856973e89270994a35
SHA256 5835cd49d7076b30649e174d323b4fc5212ddbd88ee53fc244b739d39d849875
SHA512 64b3fa40f7580281cd5bb08a5232f1e424c6027b4bfa61d3afa0c00c3f7445bfe2f1392e5a6bf233ee8804fc7371255d6d534fd30c541543d85149b409659ec4

C:\Users\Admin\AppData\Local\Temp\MSI31795\EmbeddedUI.config

MD5 c9c40af1656f8531eaa647caceb1e436
SHA1 907837497508de13d5a7e60697fc9d050e327e19
SHA256 1a67f60962ca1cbf19873b62a8518efe8c701a09cd609af4c50ecc7f0b468bb8
SHA512 0f7033686befa3f4acf3ed355c1674eaa6e349fba97e906446c8a7000be6876f157bc015bf5d3011fbbdc2c771bcbaea97918b8d24c064cbbd302741cc70cbc7

memory/8140-3897-0x0000000007210000-0x000000000723C000-memory.dmp

memory/8140-3898-0x0000000007300000-0x000000000731C000-memory.dmp

memory/8140-3900-0x0000000007340000-0x0000000007348000-memory.dmp

memory/8140-3901-0x0000000007350000-0x0000000007358000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 e3032881ad1fc88e861e4e9ccc740d24
SHA1 63c754fe8e8e9fd03a034c93edcf123ca068d3b3
SHA256 98ec3190ffc7b496f90ca1f33d224817e9fd3739e9804ca662466ce229bfae8b
SHA512 a1a02d4b2728e3c214c281b3a8b745823e16b49838e1af2b5b1ae45a85659d33ca3aac122402e016f92118342f5bd74504f7b414cf0be95cc2b7dbfb5fbea6ec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007a

MD5 3b8834a7dbd06589c877b716986e4c59
SHA1 f8b496d9e7d646813559b7507531e088ef55c249
SHA256 6056af3ecd269e46405acd6a6f1b6fe44656a1593d4328556e32966e7fa7c0eb
SHA512 010a5b662b677d1b5ed0872fba67de8a5f74b0c6c93d4b56ea2cb06e4a93e03fdf030f2a05399338561d79bac1073789e50e864b5782fdb984ff42e30d2ba435

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007f

MD5 1bf4ca63d97a7667eb3528ed2ccbd71a
SHA1 8cbfff0227b1e1d53ebc1e338bd3c85418051747
SHA256 a5305b0e370b4177bfd5f11abe9eb20eef7f65f52b23f7a89edb9a04d4158889
SHA512 202b3411bf32e6548c1f5352ecae00fd8c5c6aae5b6144b22c86b308986dc16b6f0c9828f740a488f70e07653187814d971685eb5ed6d05516e3dccca63d381b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000080

MD5 bc045e41540439b3a98a368a4c8868e5
SHA1 04bf55dae49feb4cae5dba34137e3b7998be1d11
SHA256 9bd1d90cf5c2baca327f34fe841dddd6636c73819b4bb79263d0558b06793b2c
SHA512 23a2ce036527f9d4ec64d01d19d0220651430bc7b4e495c2f98bfccfb7057880ecbd4eaecfcbc3bb2304f8ede544501731e6fc25370f27f249458248edbd380e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006e

MD5 b0337a74c7942f190eeba3bef9ee605b
SHA1 e56e33d6ab5a0fd61ba3beb7595799e5b4a22165
SHA256 8428190b821c0600c3063ce1bb13080f44e9032e7e6ae29961dab4af2777ddc1
SHA512 5f2b9e0f694503aa991dc169c235581dea99b128bf7663f7dcb95781c321f6613972ec2978fb4afd5e34c70b2a12ac1d81c39e5418c180ab0cb657df3bf90a3d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007b

MD5 6eec6355a4ab665e1c8c22c2b40bdc5d
SHA1 540e82216caaaab91dc029a486aeac9ac88e0f0d
SHA256 a783b7eb3569ed3b119aa0d588a0e6a93f8203f505dc1fd4a97e00c4977af163
SHA512 3284912b46ef953f21135f5c782563c47a60ceee557b87d59c8ead5b0477b9d6ffc911be23fb437d3d0c55ef3c56801af79773af7a10973fd52b854709c6e223

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000070

MD5 1a8d2e6c071e6ebd41e2f8851dd4d912
SHA1 c12e0c8de14b218dac205bedec4500436238a31a
SHA256 def8db3d0393b41c222c29e372c8ce57f9696a7afd5e93ccbcb225e4277e6b96
SHA512 4a304a05b7fc18c93ddfc3aa2a4473b7145163c756bcba010ec8549dce90993722841f41c465a1c0d717774a6e394322a949d78706c423a0a9ac87fdff175fe7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000071

MD5 68c477c4c76baab3a8d1ef6a55aa986f
SHA1 4af50379e13514558dd53d123db8ea101ec5e24c
SHA256 0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac
SHA512 92b34fe3b7f82f10cf6de8027ac08f4a5b8764fb4e0b31c93da6e3d5bd08e0bc83b79fd70b8207a1066b689583e0b6976fa3c885b0c067ea343e6f2031d55d25

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000078

MD5 910de35100967be1aa3ba6054c3c42db
SHA1 dfb5be55acb37ceea867f558717f3b6c91275730
SHA256 070a4fd13f01ce73898a9a48b3466ca47d689f210f2b218b5e814c2d420554f8
SHA512 7b4ff63c19f927202ad6748c3762f65e6b183c1a757160b5ff6351b0f2d8c65a9e55133d3e9f9b82e7f07cc46a3520030b309a26940f6441ac13f0cdc9962719

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000079

MD5 ce55b74f341c04d561ebe1716bae542e
SHA1 3a2b6d5a955dacc9a971a5f2834405a4cf18f183
SHA256 8232edda6a9b0928081f6129b7ab390b225fe3b03c1a81fc37d279212f74202b
SHA512 3fb94046dcbbf8fe2d00d32d7ed45acfe8041318c538789f7eeeeb358f9f54a38c08f7dfa5f1f246f90c2f2d71c30ca883fd14c307a17b28f4edd01ceacbe93b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006d

MD5 6e7d13899c76e68a09b2105dfea5ab46
SHA1 50ed7fd272819920deac6d13cbff007db1e84875
SHA256 91ceab09b3c740b703e8610f291cd5dee96cf4d8d85c775e2198ea494e5f6f14
SHA512 dffc21d76392204388bb7fb8b9d7cf6d1023c0c805cb38a1a5a090ce11c5e5ffd5137e9868defff5dec5be0a1fb798d999c0aadcdaf998981086f88ca31fe3fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006c

MD5 7232c0e4ce14a3328416c48ea0f48fdf
SHA1 2aaafb2b75aee3b67d64704392c90d586847772b
SHA256 773c42f33dd8a490281cc11738767e7ea4c8fdb47c7adb0f73871eb453d825a7
SHA512 a1b461611b527f2482af70f1999bb1543abb83fda8039f61bc35456a8a04fd2acedd64cfac4c1964f191aed946bf4e91abd6afefd1f44cef11b012ff29eac743

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000073

MD5 02c227e0e93a20c5b776686c571edaa0
SHA1 2b9698233cd20f915844adcb07eaf7cbee942f23
SHA256 01c0b0fade24cefedd730dfba5fa09f3a3f29c90d680f3eeb4a32e5a40fca946
SHA512 093afbd2d3214bf1ead1ea434895d6081e6d13f4b418b369c876a92f5c6eabb15e18d2f24eb725297f0dd8d0880946f651c70c5ea2e09a4d6247d3a6822a7360

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007c

MD5 7ac8c70f0e96ae113eafc6717269462b
SHA1 3adaa5cb295538e6a4e5917ff4511144f8b5804a
SHA256 aa8ec048eccd7dee8fb1f6bd9ce4b04295131aa1a9487dced4e143bb28fb6d68
SHA512 fde8611965916d0607fdb492f4f1fecc1921b662e9075db29921bf7e84edfc3395f2fff8dd5caf19919f1d8fb97f520c987d49c1c2358f4a1ce43ca7fdcf9f3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007e

MD5 864be3ae1eddd83056648033c8e4eee0
SHA1 c1a7e7983416b86609c0e090fcae651201e25832
SHA256 23759b0df0fad41acc89281a104227b090c8e959797cfc02c2403e209b9c55b3
SHA512 dd44d41ed335ccf1497659331831ffe25882e62d8c7cc5a3a68e8b23c61d407f2f3cbca264979049c713f0a18c6fd58f5debbec95445b6292d21cea21c183fb8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007d

MD5 049c3a27c3267e95825c548ea637ce46
SHA1 1c313f0d248d2de81a7d45efd9cc97c783e26954
SHA256 06c0e5abe42372369dc94e21a08ef027ac1a1b8c5516d14a2de578b6a2b62fcb
SHA512 d120e33d4015b45797f83f4d7d68b5620c022a5361af10985edcf0e1975bb007208cb4244dce8e229164429e5f98a13c50d066a3839d90dab5437e2d64808c2e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000075

MD5 d3d27f9d999f051f6012597dc62dd2e2
SHA1 beabe27edf0127be7e8536c3afb191c5a66b8e9c
SHA256 df5d83e4e80fc558ec4612b914d2cbee288f487332487763f181f1fc6852ddcf
SHA512 7e5ef8661e4e47f4e8f95cfc49d4523fdef24c208f3f761d79528103c527d7be042dae8d841b5b537c6743944d875cecc4afd5229a8d548a82f0b0d1bfd53e4b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000081

MD5 76c9b66927ce87209c22e2755da66b87
SHA1 cdbec59b112656e0fad99ce200bd139cc9738a6d
SHA256 9afa9bc0fffd7ef59a11982be0fcb5426247f08736cd87a74a97c210347fcfa2
SHA512 cfbf418c58212c07ff7057ecb402ac0cbc7a29f5dc3bd6ed88e7077a12f3a1a2cb5baad0a00c6f6ddcb445b62f70d4c04240b320281f1a2fc5a30d32e7b3f610

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000076

MD5 0e2a56cf1b54d5c72465795569d7f88a
SHA1 2d77f91641a9bdf2d0f4034bb72e63b767aeecc6
SHA256 2717580dcffe44d9e9e4d1698168a8a2a0c6718b154bba1038566290b34f037c
SHA512 334bccb366aa3a1e960f601b5984d9ebcb81618cf0d5cce02a903fd8ff43d971d2dcec30e43e9fae0de3090918c83a1e935c03507824446123fa00d3f02cffeb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000083

MD5 017d6d70de6047e93b64a615b0cb4e07
SHA1 74e5a77cd564501a7db3188956fdf651e82703c1
SHA256 14a818ce3122e43c43bfe5268e1b9390202c88abf6212bc9ba8c72df5fecd4b4
SHA512 87b21e0dc066e3b213ce0c0bd41c0f137ddecacc83b992cfd2c983794616aa3bbd33894158ed20a5a2489c201d02e6a622db1e1942ea763f1811c29460a5211c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5d848d0ac8a2c4e445e16df194c65d1f
SHA1 1c83e03c828b84166b313e46d9188a338130e38d
SHA256 c408d1441e9f481f7b24603d0d8dad78bc478f50e81be72d8229c57c6879d85c
SHA512 d73c905f28d03b1b4d91b7a57b5ab371250ed6dc87dad3bc3b8f4d23d5d911ff22ee9eaa45f4c46f6723e817c1d01b261955117b25a2bb30b1c39accdfd346a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6ad808b8b08b890767aa573dffe15555
SHA1 2bf1eac93dc82df393e2fe743d8b6d122199eaf2
SHA256 2b640805b5553dda558e647a8982aeced10a287569919aedd304ac6bc7f56d13
SHA512 4920aa3f59120019c15d4277103f4549745bc85002deb7bdab575299482f7aaf1c31a636596a2a7bba1e1b7c5e5d7eeec62b8f4b60ba440e7d29dcfb0e96f2f2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.1.21\edge_autofill_global_block_list.json

MD5 1c865471f98902a3818e8bbf46360342
SHA1 932497309e942f67080b84dd37dbd634117135d4
SHA256 b3ed570caaa1e88ca7fdeaa6569b5ed172adcb64221766cc73fd7e6b07e0c65d
SHA512 d77791b1a55cbb09a6dd88911be0219c712d573238666e09b0c18f7b92573db2a54dc0525d3232851f1bb9c008c2ab542bb4fcefa09b7a4be50fcd8bad4e231e

C:\Program Files\chrome_Unpacker_BeginUnzipping4976_675712687\manifest.json

MD5 01cb8b111843d1f1dac11d249c24c8b7
SHA1 c4f1f6f219f325caee6363df7f459323109f2f6e
SHA256 b13947842a1d3e66e62bd32398a3780c18127a520e7212a4adbf006a9abfd74a
SHA512 075d54cdbd80078d4bf66f3c5814a055058f2535629cc7f5d88fa5c69d5c931dfd2c456a0bc634768d796af604ce4d585c7904c1924d35df7855dfd7e275d403

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.1.21\v1FieldTypes.json

MD5 c1a0d30e5eebef19db1b7e68fc79d2be
SHA1 de4ccb9e7ea5850363d0e7124c01da766425039c
SHA256 f3232a4e83ffc6ee2447aba5a49b8fd7ba13bcfd82fa09ae744c44996f7fcdd1
SHA512 f0eafae0260783ea3e85fe34cc0f145db7f402949a2ae809d37578e49baf767ad408bf2e79e2275d04891cd1977e8a018d6eeb5b95e839083f3722a960ccb57a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.1.21\autofill_bypass_cache_forms.json

MD5 8060c129d08468ed3f3f3d09f13540ce
SHA1 f979419a76d5abfc89007d91f35412420aeae611
SHA256 b32bfdb89e35959aaf3e61ae58d0be1da94a12b6667e281c9567295efdd92f92
SHA512 99d0d9c816a680d7c0a28845aab7e8f33084688b1f3be4845f9cca596384b7a0811b9586c86ba9152de54cafcdea5871a6febbee1d5b3df6c778cdcb66f42cfa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 dfb75114e114431679f235f7108e1521
SHA1 db32af55ac8b3520b3baba639bd55446b5bf7534
SHA256 be93417474bc66f6ae5a0ddcc37c9652ff1486faf05c8d902d3063c960c22fde
SHA512 1bb1e9668e5f40d01c6dc422c19c0a9e994c2565999f4c6b8cb925814866018b951d9da05db80b1193504746d2fa24a7798e979e3647304d3c1f21dd71274279

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0a4e27507c20b1e1543b15843733e63e
SHA1 39ee702a057f94aa3b1192c6bf78958a6d578913
SHA256 40badf1c04df1d556e2c564e254432a9e1ac4fff0d4f5deffff659256e8ef7e5
SHA512 d17f8da88534387a2eb5213f5188a0c404bcf00fd3a73643f53dc85666da0d3cc327bfa84fe636b2bc5929021a70ba1e9bf32f12bc02b53a0497cec0b1a1a0e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Shared Dictionary\cache\da07e9498b8f0647_0

MD5 7aa21a9bd27637e2e94e290355a75c07
SHA1 17fccfe6ac963bb72b249193aec88de32216839b
SHA256 9a5f5cca0a0059fdd60d40a18e478dea1eedc63a8dde75be1fed600f25f697dc
SHA512 532e56e3cf3572ac467ce953c23a9422d192765980eebabb656389e34afadf3b7b8eab3af1538ef21574d8b55e6e10d557a34fa6d1dfc252c87e52f33338945a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008f

MD5 b07da7aa3e4f363c5cdbc11312239e8c
SHA1 47bf5b2f24ea4a4caafccc89b9d2a6677ef9e3b8
SHA256 e44c11f4834bdd4d6b6da7b8ee5eaebc8acb41250cd6bce5cc82ea8262140eaa
SHA512 420729406b315d8af34b62b78f39e763f5cf33cbf94467457b393fde0573dd7ffc6a23f25680988f9b82a4a3b719876ff76f3e1db047ce82615f544fc3a82532

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8b494e2effb2f5ef07b16cdbddafc091
SHA1 d608a608e9f79ba68e10ff02714f1cc5d5c93b5a
SHA256 b611e23d7004754c0896f40f89a582ecd1e42e2fe798e830aad791a7d35ea9c0
SHA512 fb9e451787ceab556b10a40c25979f01df48956504408044df2e3a345c6c29adca49e10aec5339cfc37cc773266c42e4374b9e674a8df1966513cdca255ed509

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Breadcrumbs

MD5 a5a2c7a5a38db928eb617443f5e1e4cc
SHA1 7d82dd70d4eb74954fa3be3248617b89d2651d01
SHA256 19127ff61ef273f37c0830ba6a9e0be81a7d5115b2aeccc9d29428d3e7e42add
SHA512 b93ca8e71276679c8ca5544a22ff1b1ac5f2f9f3dd576e274a2b0f6fbfc3496190beebbc364cab82ab86fb3492380746493916d28071402090180f6e9ee8c821

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 2b3b45458e8d17d730a132f0ec7d1ffc
SHA1 fd321b369849f66923009a03884b840ff62f3c8a
SHA256 9de6cd43e656936a40f6b1bec47970bdae67ea512daa9edc65960e30c467071b
SHA512 7321e4db4b73fd3cb9ed7dd762945b7ca1e8366029d17d73da599a847abab32491aac4d510f363c8ba3360a1342a6c99e3ce2dcbcabeb9d4595fcad016efe3c0

C:\Program Files\chrome_Unpacker_BeginUnzipping4976_1258786358\manifest.json

MD5 a30b19bb414d78fff00fc7855d6ed5fd
SHA1 2a6408f2829e964c578751bf29ec4f702412c11e
SHA256 9811cd3e1fbf80feb6a52ad2141fc1096165a100c2d5846dd48f9ed612c6fc9f
SHA512 66b6db60e9e6f3059d1a47db14f05d35587aa2019bc06e6cf352dfbb237d9dfe6dce7cb21c9127320a7fdca5b9d3eb21e799abe6a926ae51b5f62cf646c30490

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\SafetyTips\3057\safety_tips.pb

MD5 bd6846ffa7f4cf897b5323e4a5dcd551
SHA1 a6596cdc8de199492791faa39ce6096cf39295cd
SHA256 854b7eb22303ec3c920966732bc29f58140a82e1101dffe2702252af0f185666
SHA512 aa19b278f7211ffaf16b14b59d509ce6b80708e2bb5af87d98848747de4cba13b6626135dd3ec7aabd51b4c2cfb46ed96800a520d2dae8af8105054b6cd40e0b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\SafetyTips\3057\typosquatting_list.pb

MD5 17c10dbe88d84b9309e6d151923ce116
SHA1 9ad2553c061ddcc07e6f66ce4f9e30290c056bdf
SHA256 3ad368c74c9bb5da4d4750866f16d361b0675a6b6dc4e06e2edd72488663450e
SHA512 ad8ed3797941c9cad21ae2af03b77ce06a23931d9c059fe880935e2b07c08f85fc628e39873fb352c07714b4e44328799b264f4adb3513975add4e6b67e4a63c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 668eaad2f1ede72dfdc712dc57fb1c8a
SHA1 468fb060b2b4627ff89246d9c03eb082da320fbf
SHA256 2ca994ad02cafac90175dfcf6646d9cd02f34a2f4edc30f4f95929c6a68d4749
SHA512 9111a1ca566d868aa997babd0c36516f6c095e35dfb8123d142cf47c662f82ec2f143a7a569a51d1f80d36722ffe791a68ddea7d713150384ecee5d324b70aab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9c06a827def75629c071ddf5cdb542a6
SHA1 b350fb14b8d75711374e30298ccc39618d228901
SHA256 3dd3b1a9b3b3a54747afe2476612bcf5bacfbf8fb2d4abaa06a26cda249edd0a
SHA512 52a674cd1c4107790017bc19800789711b2767a4124f9449b20cb353ec376fa83951592f2f923af4856f6b67c548d2e15bdc45c33be96a13595bd08b029f66b9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\LOG.old

MD5 4963a4754bc6d05b7b45c08a906833a9
SHA1 f531253b1101e333ac676d3cdc6e8ba54018faa3
SHA256 cbde209b93c748d012c2810c58648c242d0c173be221592f396f4f788f73cfd6
SHA512 918ab49d51f469f83958686eb7402e02450cbfec87025dc9d103e66e6a2cc86b7d2680a09a6b49e6e94011554e5ff1545d27a2086100681fd8bfb6b896dd2ac7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\25e32d54b3b3f429_0

MD5 12a3fd21939c3a55c06370c24a1de914
SHA1 5947cfdcb5e81e70a2b61b20e16d4ee3ddbc7f8d
SHA256 bd1f7d49821825e52bd209a5e033513134daf4e77ad7b4255f7e97340a450287
SHA512 bad0978895801e726db70220ecce8b6224efd1bd3fba3a995ae5f7b0ba3ffd4129720670a81b5af04f53a300dc1e6daded8002b1442d440a5201e3d7e04b2929

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008a

MD5 fa5365739e760bb8e3705b2ab18a99d2
SHA1 c37d02a7987e1ee8e0e0ae19715f6c6722c2c456
SHA256 f8d40909b5582693dd1f96b7e9deaaf05cf2949d30f5e613e76333a3ad48c4ea
SHA512 4fcb8c8158e629aced11f18c9625ad81790c796a179347e004af8fdb1f51ddcd8875b67fe3629f88c475785f5a2af84c6bbb17af7f86d1b53a4235cd6edbf670

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008d

MD5 2e450436c615bd552d2f70245c66259f
SHA1 1063533e8c7da37302a7998f26020cbf32d22d7a
SHA256 905d3e553e4422c5222b8c1280ae28aa047aabb4c71fd4cf8b8517c45e87e9bf
SHA512 c9db525c1a5a3d848aba5306a4b5feb50f0dc284a09e4c55ec2abe9a1a2be30a428ec5bd14101b05e465142597059f002f4ce23885677305706199c30a7562ec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\537d69b4a50e94c5_0

MD5 b73fe025adafd5617ba06a0a5283de35
SHA1 888f2bf7a9923a7fc47512bb01cc36630e52971b
SHA256 f7b76764cd34acc17eec082ab5a2c517874f60c854eaaef1e175fd39977c9ee0
SHA512 ed86caab6a4a1ae4f0c4c9ecab38944ab2dcbc9772b59fa255c3a83407cd78dd92b5687b1283e13c81883979fe6e7f509c4fd3ff9b301ef7c382035d9bf2cb6c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\336a68eaaf209f48_0

MD5 5417c62db4bdc6bc07c095a41336c8c1
SHA1 7db510839b4be8c40efbf85d7ce164b55f9eadb4
SHA256 6d1d6f35a28b3e5ffb7a394afd62b615dba50da08278c7259874f8fd75b0f64b
SHA512 ec0a9233e052bcbf4242dfb26777bbbfb9fda05c2eb517381e5e021412462b41dc77011f6a7dca27a5598f8accaac40bc8af07f24a54ad3938489a3894c00e83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ba34effac6be3783_0

MD5 37e602859e6609727647dba5f927d955
SHA1 71a152d2e44355efe726cc33db2094c4db4a2762
SHA256 3e66013b3619054621a1d1f527287d6ad8004132cd2f525a4eed2ef579fec882
SHA512 1ffad511cd634a6f01798927fbc612e7e891976d78435abf21abdef30afa8b0ce373ee3262effef08e21b5c412c6d4bd8290260a1f16c0a394b20a1baf9474b7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\84ac71c423e880e4_0

MD5 b20986c4c69e787ad21831259c341810
SHA1 5ec7c283abc709390806de9e4742473740aa34f5
SHA256 4d4593ee35320b9befe40c78db081c27498ad097712275a58aa0fedc25f077fc
SHA512 1f675138071d840f6160a0caa4803ec73c94ac18062c564ea8de5402ad53a7df459bd363056a9134a1abe9d026efb4d73594132e1d45b5b771cf45aca42509d8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0babae05737db38a_0

MD5 c7ba03cddac1ead07f461b67eba6b6eb
SHA1 5ee0ce05cfb087de1e02398d43e9fcdfc167ed4d
SHA256 ab58a3f7ace2cdcc72d67f40ebe6c0c2eb9c699569300932146c414eed0ebf6d
SHA512 f89dcf3f4222e770dad696aa86c3c90997b3f076c50e85c738bd8b7e2a857fa5b8694118391affe4ad0dc9a57f0cf76303999acc9580c9d688c2b3bea1155b8f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0359e266efc55c35f7c06e5924370e1b
SHA1 742b4fe5adca412e35d79e22eced28a64cd60ce9
SHA256 a3c124fea5edc2118092f287314b44e8f93b9c1730d6abd6a1f764439e0ac248
SHA512 a2399a819b19a48c09f2cbb32d2e5015b26d0b4e5b81f9cb9c60bce07b357ab5a954da3ed0b17609cb49daf0e7a092d50ae258558822ee87a634fa589287e3e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Shared Dictionary\cache\ce32e668c49e5c3e_0

MD5 7d4a71519b04b9efa6bed94d60296ac3
SHA1 fed4eccdd0a08520fd0b08717d233b7ace3ce0da
SHA256 01fcbbefd6266943e2f659987d6aaefd6d270a64022b2b4da134f9aba7a1a658
SHA512 fdb74541b20bcf090c5a92055c2884adfaa3bc84a240f297d5614f318a1619b11a5cc88e4129e417b3ec44dffb62c11f6f7a97a917c4beb9d3720d7cd986958f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0222bae34cfd6776_0

MD5 f1bc2254c44a7ae01b5e07c51db6b82d
SHA1 7d6504d4e5f5497a2ace6011f64b9c127e26f830
SHA256 f2fc2d4d9f1f7ae3c676fb73dbc72ef3472e9f661f29f9f6cdf50f32b6d6815d
SHA512 c2013eabf8bcb61f2f4af85c13723e6ddfad8af0d2b804d184a0206010f44064cc03acdbed1cb49efc95688afa2d63f4145ea4871294fbb38e0c9a428cd6b0d5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Shared Dictionary\cache\8a65ceda853a5cc0_0

MD5 6a9a2df3ffcb843c9ccbd6bf4b769b06
SHA1 bd5bad14822618e764d081103baa09ab09582d6c
SHA256 20116b6df67e1446732ce9acbaa0ad240442540621a9bff2260f36f494fbab1e
SHA512 a2856651be845b9f5058411a7bb50a979e4ceb25c798999b6ffac43fbdd38e511f952bea3a1647d8a8a67d68c6d5c883494b820d38281185f7ca9c2ff8508579

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\LOG

MD5 c55495caa3f921a5376f144d825a645f
SHA1 e10e02ee0d21a8ecdfef23bccb996a14e256eb5e
SHA256 bfc6e42af4f1443b0463edf9db62590c47a69f9fecaaf82ecc975530323e018b
SHA512 9f0f2a4afc7b550157cccc2f9257a65c0f370e859493b48435dcf1ce4924d77b5ba882971649d4c2d62e33d49e8506bcfad437f86615fbbe67f054435931d566

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7e9f870974c451416185b8a1e7c91de4
SHA1 3e7ddee4237ed2563a7adbf969e1f52bbc91ecef
SHA256 783c82540d93dfe5a4d1e300053bdecd1671e624399135637856dac32ea78aad
SHA512 1aab7323eaf11b2a81a6308acb4863a9e6c983a6450b5d2f8244cdaf55ee5723b8834469a549e9f94402b8471b6cff9a58013fa04b8f08f16a74bb8c71307cb9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a7

MD5 58a317e1654f115552e991486a1759d2
SHA1 a797d6ea5586c432dd151911d8c022628a510956
SHA256 2fd2ecd5e6ce63191e41a03d3c8ba2a1e854ec8f1f9230a912e3f5a45993f3ba
SHA512 6d191c2db959c29da7101f0b82fe7d436c4751bfffef09c135914400923765d01a7bba8d75bd99cfb42d3f32c32c88196b09083d6018cd18268998ec2666e41d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a6

MD5 2d7a84b3a5a81d8e5cb4a8336c95015e
SHA1 f4be6f8ce9ae6b7d595ce67d3a06d0f56cf87ef8
SHA256 9dfc62a53c63bd73f82a2333fe980103d2c79d9555bbd4fee86e23c2557fa9a8
SHA512 9fac72212f157f813c80978ee190280d97a5218d74a0d4203b63bd2760df7c378f2682c775de2814b0aa9b90ebb9cf0826ff5a0363a3fc7bedbfd7519da9c659

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Shared Dictionary\cache\index-dir\the-real-index

MD5 9cbdfe16c5d537204b900ffac4ed2df0
SHA1 310ddf682dce09eaa245b79da809b7f3fd0d2b94
SHA256 cdb3232ef535afb1cd69153e0b089af16fe5d3abd74ac9b03dfbc629bac55275
SHA512 b447bd21aaf2fb744b4610a83051a241d035eac0d8ab772f2a12a28f0fc0d6b6c5373f1f7409e17c8dbaca67afbc9aa47adebf44fec2728f2d582f756d432968

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 98ac4e8f029d3e7547ee37395c70d8b0
SHA1 8beaa2c8049f6dc47f03bb01e2886d3ee11b0e33
SHA256 83826cfa8e9d761b68ae829a689e09025bff2d61ae03015d7f5987f5572ec117
SHA512 4b69cdcfa982c17cc15b902826b948ad041aff59dff7f3186cd4ea6ea4c0998a952cf6d3830615559c23cad3fe4a8c80595e099f0f8802ca45b30ab6d3313f37

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 9a6f51e249e49dbab5c798b7ccd932c1
SHA1 f586b7e85f62e11778b246c773d708143cd30277
SHA256 4a27ec66112d56db3f0b8fa144e034b2f698ccaff6866c6d8fc61f9a0b8d0853
SHA512 15c9c6de5b0e0563de0e8271295e6fdc8a6bc54b6390aeff499b3964ab60d480496f2d2134b437b0a196c7e7b635373974a768fcade6e74b38965e8e0b78dbad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

MD5 9436affc97843765a966b3568fa7e5ec
SHA1 7bfda74bb30589c75d718fbc997f18c6d5cc4a0b
SHA256 7165713d3e1a610399471a5e93d5677508f62ef072c1151e72273bf4bd54f916
SHA512 473ec3a843c33e18d6d194651fe11353fcd03a7959225faeabf8c77484155ea6a7bccb72dbaf2093ed53c408faa3be9f6fc907f7a5ddf8223375f9d09b504456

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

MD5 f1bcd1fb1893afcab66a89b269e5a116
SHA1 e1003cc6a9c4ce7f66bab619834a54f4dc726e25
SHA256 09af32c02721ad59d33c3a4fcc9bc9c3fd17f586ae84f0e3c9812789db1c1bad
SHA512 729fd4e2d629fe3d113ceabb7c462f659dbf5e8bffb93a5ce035aa818d3c5b8cb8b2f3507f014458770b2d3321a1ff0925f79f4ad62ded82135385da59a33add

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f934abf13d74c076a11e82db9f84049a
SHA1 6c9356286811cff08d8d744f60b84ecb4206cad8
SHA256 71818309bf9eeae3445a98ebf53ef7db9f98ee0f71071de3bb5d0fa3c1a4cd1f
SHA512 cb31693629f620a6bf9ebc23e1da1d94c562f77cc95ddf81f3e7cd264a72107bbdbbb87f4470fb3fc08044e2f7e0bbe5d0d7f187d27c970bc518acac5b8c1ed0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 7c6da01a846672bb7f4d64352873d52e
SHA1 19681f329c7404b4de8e666e206fd2529dc1881a
SHA256 948c72ecb03af8a1bbf992b68b2993230fc4ac46b659cc1227f1e44ab8da9d10
SHA512 4f3b7da49cfefdae7ce993171748b4e43b31a55fc302a2c1764eafdff21e9ab53db3999c5013d5b0fff09e5f96a5472594e1d06962697dfb20adf605ed29d352

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6862af271872aceb096dd2636c303126
SHA1 4f80f412321a5494df116e073a3923268a7de1e7
SHA256 2c1cd0cc0ee978ccda33a0f8c3244c83fb33c1187e3a148fa930911f31b04241
SHA512 7b0c3b8bf57f843511f2e55e10ae137a38e59fea3c8254635fa083217d26bc3d55a86081a485a793039179927b0816680526c82129f71df78b1c964419415a2d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 f825578d5565a1a8cf8c3be448a59f33
SHA1 76af9e33608a852c4f0c388bf68c03b961ba20c7
SHA256 132d8c47885d82a3e3adb9ce027ba1007d9c4af53d68cd94c639dfccf66e9861
SHA512 1207479080899715dca891870d1390007abb0c4f394e1518123620dfa67ea2e43d59871585673b6e6cc57c4ed708b5d0f7bd4c12c509336c6927e2a2c771b70f