Technical Information
- <Current directory>\chromedriver.zip
- %WINDIR%\syswow64\profile\default\application cache\cache\f_000002
- %WINDIR%\syswow64\profile\default\indexeddb\https_www.google.com_0.indexeddb.leveldb\000003.log
- %WINDIR%\syswow64\profile\default\indexeddb\https_www.google.com_0.indexeddb.leveldb\log
- %WINDIR%\syswow64\profile\default\indexeddb\https_www.google.com_0.indexeddb.leveldb\000001.dbtmp
- %WINDIR%\syswow64\profile\default\indexeddb\https_www.google.com_0.indexeddb.leveldb\manifest-000001
- %WINDIR%\syswow64\profile\default\cache\f_000001
- %WINDIR%\syswow64\profile\default\application cache\cache\f_000001
- %WINDIR%\syswow64\profile\default\application cache\cache\data_3
- %WINDIR%\syswow64\profile\default\application cache\cache\data_2
- %WINDIR%\syswow64\profile\default\application cache\cache\data_1
- %WINDIR%\syswow64\profile\default\application cache\cache\data_0
- %WINDIR%\syswow64\profile\default\application cache\cache\index
- %WINDIR%\syswow64\profile\default\current session
- %WINDIR%\syswow64\profile\default\extension state\000003.log
- %WINDIR%\syswow64\profile\default\extension state\log
- %WINDIR%\syswow64\profile\default\extension state\000001.dbtmp
- %WINDIR%\syswow64\profile\default\extension state\manifest-000001
- %WINDIR%\syswow64\profile\default\quotamanager-journal
- %TEMP%\etilqs_vzdkjqwh7ciizsc
- %WINDIR%\syswow64\profile\default\databases\databases.db-journal
- %TEMP%\etilqs_zkqyxjp5ab55cqn
- %WINDIR%\syswow64\profile\default\cache\f_000006
- %WINDIR%\syswow64\profile\default\cache\f_000005
- %WINDIR%\syswow64\profile\default\session storage\000003.log
- %WINDIR%\syswow64\profile\default\session storage\log
- %WINDIR%\syswow64\profile\default\b80b.tmp
- %WINDIR%\syswow64\profile\default\session storage\000001.dbtmp
- %WINDIR%\syswow64\profile\default\session storage\manifest-000001
- %WINDIR%\syswow64\profile\default\cache\f_000004
- %WINDIR%\syswow64\profile\ab19.tmp
- %WINDIR%\syswow64\profile\default\ab1a.tmp
- %WINDIR%\syswow64\profile\default\cache\f_000003
- %WINDIR%\syswow64\profile\default\application cache\index
- %TEMP%\etilqs_rfeudxfxuinhtwj
- %WINDIR%\syswow64\profile\default\application cache\index-journal
- %WINDIR%\syswow64\profile\default\cache\f_000002
- %TEMP%\etilqs_u07jlmnmwguocjh
- %WINDIR%\syswow64\profile\default\databases\databases.db
- %WINDIR%\syswow64\profile\default\quotamanager
- %WINDIR%\syswow64\profile\d895.tmp
- %WINDIR%\syswow64\profile\default\origin bound certs
- %TEMP%\etilqs_rcujbshgmpxias7
- %WINDIR%\syswow64\profile\default\origin bound certs-journal
- %WINDIR%\syswow64\profile\default\top sites-journal
- %TEMP%\etilqs_caftmj7sqoz3v11
- %WINDIR%\syswow64\profile\default\history-journal
- %WINDIR%\syswow64\profile\default\web data
- %TEMP%\etilqs_u2e2pimajx1ol00
- %WINDIR%\syswow64\profile\default\web data-journal
- %WINDIR%\syswow64\profile\default\extension rules\log
- %WINDIR%\syswow64\profile\default\extension rules\000001.dbtmp
- %WINDIR%\syswow64\profile\default\extension rules\manifest-000001
- %TEMP%\scoped_dir1400_30961\internal\manifest.json
- %TEMP%\scoped_dir1400_30961\internal\background.js
- %TEMP%\scoped_dir1400_30961\internal.zip
- %WINDIR%\syswow64\profile\first run
- %WINDIR%\syswow64\profile\local state
- %WINDIR%\syswow64\profile\default\preferences
- <SYSTEM32>\profile\default\cookies
- <Current directory>\chromedriver.exe
- %TEMP%\etilqs_t1dgmukyijbzavj
- %WINDIR%\syswow64\profile\default\history
- %WINDIR%\syswow64\profile\default\top sites
- %WINDIR%\syswow64\profile\default\favicons-journal
- %WINDIR%\syswow64\profile\default\cache\data_2
- %WINDIR%\syswow64\profile\default\cache\data_1
- %WINDIR%\syswow64\profile\default\cache\data_0
- %WINDIR%\syswow64\profile\default\cache\index
- %WINDIR%\syswow64\profile\default\cookies
- %TEMP%\etilqs_autobgbffljmktf
- %WINDIR%\syswow64\profile\default\cookies-journal
- %WINDIR%\syswow64\profile\default\7d51.tmp
- %TEMP%\etilqs_wbbqly9rkjz6edl
- %WINDIR%\syswow64\profile\default\login data
- %WINDIR%\syswow64\profile\default\login data-journal
- %WINDIR%\syswow64\profile\default\network action predictor
- %WINDIR%\syswow64\profile\default\network action predictor-journal
- %WINDIR%\syswow64\profile\default\shortcuts
- %WINDIR%\syswow64\profile\default\shortcuts-journal
- %WINDIR%\syswow64\profile\default\visited links
- %WINDIR%\syswow64\profile\default\favicons
- %TEMP%\etilqs_u3nerxb1x72izqu
- %WINDIR%\syswow64\profile\default\cache\data_3
- %WINDIR%\syswow64\profile\48b5.tmp
- <Current directory>\chromedriver.zip
- %WINDIR%\syswow64\profile\default\7d51.tmp
- %WINDIR%\syswow64\profile\local state~rf13afbb.tmp
- %WINDIR%\syswow64\profile\default\preferences~rf13b895.tmp
- %WINDIR%\syswow64\profile\local state~rf13dd53.tmp
- %WINDIR%\syswow64\profile\local state~rf1448bf.tmp
- %TEMP%\scoped_dir1400_30961\internal\background.js
- %TEMP%\scoped_dir1400_30961\internal\manifest.json
- %TEMP%\scoped_dir1400_30961\internal.zip
- from <Current directory>\chromedriver.exe to <Current directory>\prvse.exe
- from %WINDIR%\syswow64\profile\default\extension rules\000001.dbtmp to %WINDIR%\syswow64\profile\default\extension rules\current
- from %WINDIR%\syswow64\profile\default\extension state\000001.dbtmp to %WINDIR%\syswow64\profile\default\extension state\current
- from %WINDIR%\syswow64\profile\default\indexeddb\https_www.google.com_0.indexeddb.leveldb\000001.dbtmp to %WINDIR%\syswow64\profile\default\indexeddb\https_www.google.com_0.indexeddb.leveldb\current
- from %WINDIR%\syswow64\profile\ab19.tmp to %WINDIR%\syswow64\profile\local state
- from %WINDIR%\syswow64\profile\local state to %WINDIR%\syswow64\profile\local state~rf13afbb.tmp
- from %WINDIR%\syswow64\profile\default\ab1a.tmp to %WINDIR%\syswow64\profile\default\secure preferences
- from %WINDIR%\syswow64\profile\default\session storage\000001.dbtmp to %WINDIR%\syswow64\profile\default\session storage\current
- from %WINDIR%\syswow64\profile\default\b80b.tmp to %WINDIR%\syswow64\profile\default\preferences
- from %WINDIR%\syswow64\profile\default\preferences to %WINDIR%\syswow64\profile\default\preferences~rf13b895.tmp
- from %WINDIR%\syswow64\profile\d895.tmp to %WINDIR%\syswow64\profile\local state
- from %WINDIR%\syswow64\profile\local state to %WINDIR%\syswow64\profile\local state~rf13dd53.tmp
- from %WINDIR%\syswow64\profile\48b5.tmp to %WINDIR%\syswow64\profile\local state
- from %WINDIR%\syswow64\profile\local state to %WINDIR%\syswow64\profile\local state~rf1448bf.tmp
- %WINDIR%\syswow64\profile\local state
- %WINDIR%\syswow64\profile\default\preferences
- http://lo###host:49176/json/version via localhost
- DNS ASK ch######iver.chromium.org
- DNS ASK ch########er.storage.googleapis.com
- DNS ASK google.com
- DNS ASK ss#.#static.com
- DNS ASK gs##tic.com
- DNS ASK apis.google.com
- ClassName: 'CicLoaderWndClass' WindowName: ''
- ClassName: 'Chrome_MessageWindow' WindowName: '<SYSTEM32>\profile'
- '<Current directory>\prvse.exe' --port=49175
- '%ProgramFiles(x86)%\google\chrome\application\chrome.exe' --disable-background-networking --disable-bundled-ppapi-flash --disable-client-side-phishing-detection --disable-default-apps --disable-gpu --disable-hang-monitor --disable-infobars --disable-p...
- '%ProgramFiles(x86)%\google\chrome\application\chrome.exe' --type=renderer --enable-logging --log-level=3 --no-sandbox --test-type=webdriver --enable-deferred-image-decoding --lang=en-US --force-fieldtrials=SiteIsolationExtensions/Control/ --user-data-...