Malware Analysis Report

2025-01-18 21:20

Sample ID 240324-ar3cdshd5x
Target RobloxPlayerInstaller.exe
SHA256 4e51c3c2d137c03478fb5baccd01fea368c9af1d6140947be5c959f2b7ff132e
Tags
adware discovery evasion persistence stealer trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

4e51c3c2d137c03478fb5baccd01fea368c9af1d6140947be5c959f2b7ff132e

Threat Level: Likely malicious

The file RobloxPlayerInstaller.exe was found to be: Likely malicious.

Malicious Activity Summary

adware discovery evasion persistence stealer trojan

Modifies RDP port number used by Windows

Downloads MZ/PE file

Drops desktop.ini file(s)

Modifies Installed Components in the registry

Sets file execution options in registry

Installs/modifies Browser Helper Object

Adds Run key to start application

Checks whether UAC is enabled

Suspicious use of NtSetInformationThreadHideFromDebugger

Suspicious use of NtCreateThreadExHideFromDebugger

Drops file in System32 directory

Drops file in Windows directory

Checks installed software on the system

Registers COM server for autorun

Checks system information in the registry

Loads dropped DLL

Drops file in Program Files directory

Executes dropped EXE

Enumerates physical storage devices

Suspicious use of UnmapMainImage

Suspicious behavior: GetForegroundWindowSpam

Suspicious behavior: AddClipboardFormatListener

Modifies Internet Explorer settings

Suspicious behavior: EnumeratesProcesses

Uses Task Scheduler COM API

Enumerates system info in registry

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

System policy modification

Modifies data under HKEY_USERS

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Checks processor information in registry

Suspicious use of AdjustPrivilegeToken

Modifies registry class

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-03-24 00:27

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-03-24 00:27

Reported

2024-03-24 00:58

Platform

win11-20240221-en

Max time kernel

1792s

Max time network

1800s

Command Line

"C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe"

Signatures

Modifies RDP port number used by Windows

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\!BCILauncher = "\"C:\\Windows\\Temp\\MUBSTemp\\BCILauncher.EXE\" bgaupmi=4BEFA8EAE6924B1BAC56B85E43B7EB21" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C5C8F3E3-9DA5-4E0B-8C50-64302E278BC3}\BGAUpdate.exe N/A

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A

Downloads MZ/PE file

Drops desktop.ini file(s)

Description Indicator Process Target
File opened for modification C:\Users\Admin\Videos\Captures\desktop.ini C:\Windows\system32\svchost.exe N/A

Installs/modifies Browser Helper Object

stealer adware
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A

Modifies Installed Components in the registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\122.0.2365.92\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A

Sets file execution options in registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EUAB85.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EUAB85.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A

Suspicious use of NtCreateThreadExHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe N/A

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe N/A

Checks installed software on the system

discovery

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EUAB85.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EUDCDE.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EUDCDE.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EUAB85.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\content\studio_svg_textures\Shared\InsertableObjects\Dark\Standard\[email protected] C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\textures\ui\LuaChat\9-slice\[email protected] C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\GameInvite\Http.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\content\textures\AnimationEditor\button_control_play.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\content\studio_svg_textures\Lua\Terrain\Dark\Large\[email protected] C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\ExtraContent\textures\ui\LuaApp\icons\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\scripts\CoreScripts\Modules\Common\RagdollRigging.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\scripts\CoreScripts\Modules\Common\Flags\GetFFlagContactListEnabled.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\scripts\CoreScripts\Modules\InGameMenu\Components\PageContainer.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\LuaPackages\Packages\_Index\NetworkingPresence-96003ad7-0.8.0\NetworkingPresence\createRequestThunks.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\LuaPackages\Packages\_Index\RoduxFriends-948a3386-02a3ea83\RoduxFriends\Selectors\getSortedByRankRecommendationIds.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\content\textures\Debugger\Breakpoints\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\content\textures\StudioToolbox\AssetConfig\selected.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\GraphQlShared\SystemInfoProtocol.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\InviteLinkExpiredModal\Dev\JestConfigs.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\LuaPackages\Packages\_Index\RoduxFriends-f5bcbc0c-f336d473\RoduxFriends\Reducers\Friends\friendsRankByUserId.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\App\Loading\LoadingSpinner.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\content\studio_svg_textures\Shared\Navigation\Light\Standard\[email protected] C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\IdentityProtocol\MessageBus.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\TenFootUiEngagementScreen\RoactUtils.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\content\textures\AnimationEditor\img_forwardslash.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\content\textures\Debugger\Breakpoints\[email protected] C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\Qml\QtQuick\Controls.2\designer\images\[email protected] C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\content\studio_svg_textures\Shared\Debugger\Dark\Standard\[email protected] C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\content\studio_svg_textures\Shared\InsertableObjects\Dark\Large\Trail.png C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\LuaPackages\Packages\_Index\GraphQL\GraphQL\luaUtils\keyMapOrdered.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\LuaPackages\Packages\_Index\SocialLibraries\SocialLibraries\RoactPaginator\loadPreviousSymbol.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\App\Template\DetailsPage\validateDetailsPageComponentList.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\content\textures\ui\Controls\DefaultController\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\Qml\QtQuick\Controls\Styles\Base\images\editbox.png C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\TenFootUiSharedComponents\SharedFlags.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\LuaPackages\Packages\_Index\Expect-edcba0e9-2.4.1\JestMatcherUtils.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\scripts\CoreScripts\Modules\Settings\Resources\MicrophoneDevicePermissionsLogging.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\scripts\CoreScripts\Modules\TrustAndSafety\Actions\CloseReportMenu.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\122.0.2365.92\Locales\et.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\content\studio_svg_textures\Lua\StyleEditor\Dark\Standard\[email protected] C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\content\studio_svg_textures\Lua\TerrainEditor\Light\Large\[email protected] C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\LuaPackages\Packages\_Index\GraphQL\GraphQL\validation\__tests__\ExecutableDefinitionsRule.spec.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.53\Locales\en-US.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A3CBA13D-086A-4A72-8FD6-E03B9E792CD0}\EDGEMITMP_A7DE7.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\Locales\pl.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0F03C2-95D3-40FF-B295-22507EDBEF4E}\EDGEMITMP_D2F8D.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\scripts\CoreScripts\Modules\InGameMenu\Components\ControlsPage\ControlLayouts\GamepadControls.spec.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\scripts\CoreScripts\Modules\InspectAndBuy\Components\AvatarViewport.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\scripts\CoreScripts\Modules\VR\SafetyBubble.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\LuaPackages\Packages\_Index\LuauPolyfill-2fca3173-0.3.4\LuauPolyfill\Object\seal.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\GameTile\t.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.53\Locales\zh-CN.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A3CBA13D-086A-4A72-8FD6-E03B9E792CD0}\EDGEMITMP_A7DE7.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\content\textures\TagEditor\trianglesmall.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\content\studio_svg_textures\Lua\Notifications\Dark\Large\[email protected] C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\textures\ui\LuaApp\graphic\FTUXTutorial.png C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\LuaPackages\Packages\_Index\GraphQL\GraphQL\validation\rules\ValuesOfCorrectTypeRule.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\content\studio_svg_textures\Shared\InsertableObjects\Dark\Standard\[email protected] C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\content\studio_svg_textures\Shared\WidgetIcons\Dark\Standard\[email protected] C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\content\studio_svg_textures\Lua\Notifications\Dark\Large\[email protected] C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\scripts\CoreScripts\Modules\PurchasePrompt\Reducers\Reducer.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\content\textures\StudioSharedUI\RoundedLeftBackground.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\content\textures\ui\VoiceChat\New\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\scripts\CoreScripts\Modules\Server\FreeCamera\FreeCamera.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\scripts\CoreScripts\Modules\Settings\Components\ReportConfirmation\ReportConfirmationContainer.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\content\textures\R15Migrator\ic-blue-arrow.png C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\content\studio_svg_textures\Shared\WidgetIcons\Light\Large\[email protected] C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\scripts\CoreScripts\Modules\InGameMenu\Components\LeaveGameDialog.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\scripts\CoreScripts\Modules\InGameMenu\Network\Requests\GetPlaceInfos.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\LuaPackages\Packages\_Index\Expect-edcba0e9-3.5.0\Expect\print.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\ExtraContent\LuaPackages\Packages\_Index\JestRunner\ChalkLua.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_964315551\manifest.json C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_964315551\manifest.fingerprint C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_513594502\Part-IT C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A3CBA13D-086A-4A72-8FD6-E03B9E792CD0}\EDGEMITMP_A7DE7.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_513594502\Part-ZH C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_1760543704\manifest.fingerprint C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\setuperr.log C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_1760543704\ct_config.pb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_513594502\Filtering Rules-CA C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_624107568\keys.json C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_584458731\manifest.fingerprint C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_964315551\protocols.json C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_314907682\manifest.json C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_1885559245\crl-set C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_314907682\Microsoft.CognitiveServices.Speech.core.dll C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_513594502\adblock_snippet.js C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_624107568\LICENSE C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\setuperr.log C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\diagerr.xml C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_513594502\Filtering Rules C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_513594502\manifest.json C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A3CBA13D-086A-4A72-8FD6-E03B9E792CD0}\EDGEMITMP_A7DE7.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_1760543704\manifest.json C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_1885559245\manifest.fingerprint C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_1760543704\crs.pb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\diagwrn.xml C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_1885559245\manifest.json C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_513594502\Part-RU C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_584458731\manifest.json C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_513594502\LICENSE C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_513594502\Part-FR C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\diagwrn.xml C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A3CBA13D-086A-4A72-8FD6-E03B9E792CD0}\EDGEMITMP_A7DE7.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0F03C2-95D3-40FF-B295-22507EDBEF4E}\EDGEMITMP_D2F8D.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_513594502\Filtering Rules-AA C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\diagerr.xml C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A3CBA13D-086A-4A72-8FD6-E03B9E792CD0}\EDGEMITMP_A7DE7.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0F03C2-95D3-40FF-B295-22507EDBEF4E}\EDGEMITMP_D2F8D.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_1760543704\kp_pinslist.pb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_513594502\Part-ES C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_624107568\_metadata\verified_contents.json C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\setupact.log C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A3CBA13D-086A-4A72-8FD6-E03B9E792CD0}\EDGEMITMP_A7DE7.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_513594502\Part-DE C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0F03C2-95D3-40FF-B295-22507EDBEF4E}\EDGEMITMP_D2F8D.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_624107568\manifest.json C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_624107568\manifest.fingerprint C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A3CBA13D-086A-4A72-8FD6-E03B9E792CD0}\EDGEMITMP_A7DE7.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0F03C2-95D3-40FF-B295-22507EDBEF4E}\EDGEMITMP_D2F8D.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_513594502\Part-NL C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0F03C2-95D3-40FF-B295-22507EDBEF4E}\EDGEMITMP_D2F8D.tmp\setup.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUDCDE.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A3CBA13D-086A-4A72-8FD6-E03B9E792CD0}\MicrosoftEdge_X64_123.0.2420.53.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A3CBA13D-086A-4A72-8FD6-E03B9E792CD0}\EDGEMITMP_A7DE7.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A3CBA13D-086A-4A72-8FD6-E03B9E792CD0}\EDGEMITMP_A7DE7.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_C3E81\RobloxStudioInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0F03C2-95D3-40FF-B295-22507EDBEF4E}\MicrosoftEdge_X64_123.0.2420.53.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0F03C2-95D3-40FF-B295-22507EDBEF4E}\EDGEMITMP_D2F8D.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0F03C2-95D3-40FF-B295-22507EDBEF4E}\EDGEMITMP_D2F8D.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_F73DF\RobloxStudioInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2D5544CD-5AFB-4BE5-92FC-AD8DB720A01E}\MicrosoftEdgeUpdateSetup_X86_1.3.185.21.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUAB85.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C5C8F3E3-9DA5-4E0B-8C50-64302E278BC3}\BGAUpdate.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUDCDE.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A

Registers COM server for autorun

persistence
Description Indicator Process Target
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\122.0.2365.92\\notification_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\122.0.2365.92\\BHO\\ie_to_edge_bho_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\122.0.2365.92\\PdfPreview\\PdfPreviewHandler.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\122.0.2365.92\\notification_click_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\122.0.2365.92\\notification_helper.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio-auth C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\PROTOCOLEXECUTE\ROBLOX-STUDIO C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\122.0.2365.92\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio-auth\WarnOnOpen = "0" C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\122.0.2365.92\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge\InstallerPinned = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ = "IPolicyStatusValue" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.CoreMachineClass" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachine\CLSID\ = "{B5977F34-9264-4AC3-9B31-1224827FF6E8}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{08D832B9-D2FD-481F-98CF-904D00DF63CC}\VersionIndependentProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\ie_to_edge_bho.IEToEdgeBHO.1\CLSID\ = "{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\AppID = "{CECDDD22-2E72-4832-9606-A9B0E5E344B2}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\Elevation\Enabled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-player\URL Protocol C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Roblox.Place\shell\Open C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ = "IPolicyStatus" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\Elevation\IconReference = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\msedgeupdate.dll,-1004" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\MicrosoftEdgeUpdateOnDemand.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ = "IAppBundleWeb" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods\ = "5" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{31575964-95F7-414B-85E4-0E9A93699E13} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\ProxyStubClsid32\ = "{983A8821-FE45-462A-919F-41A3B80645B2}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgeMHT\AppUserModelId = "MSEdge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusSvc\CurVer\ = "MicrosoftEdgeUpdate.PolicyStatusSvc.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\NumMethods\ = "7" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ = "IGoogleUpdate3" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreMachineClass\ = "Microsoft Edge Update Core Class" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreClass C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ = "IGoogleUpdate3WebSecurity" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassSvc\CLSID\ = "{A6B716CB-028B-404D-B72C-50E153DD68DA}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachine.1.0\ = "Microsoft Edge Update Broker Class Factory" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\NumMethods\ = "17" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\NumMethods\ = "11" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\shell\open\command\version = "version-1c901af996da417b" C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\ie_to_edge_bho.dll\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.xhtml\OpenWithProgIds\MSEdgeHTM C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}\ProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\122.0.2365.92\\notification_click_helper.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ = "IApp2" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ = "IAppVersion" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{08D832B9-D2FD-481F-98CF-904D00DF63CC}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.ProcessLauncher" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods\ = "26" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUDCDE.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUDCDE.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUDCDE.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUDCDE.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUAB85.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUAB85.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of UnmapMainImage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 760 wrote to memory of 1280 N/A C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
PID 760 wrote to memory of 1280 N/A C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
PID 760 wrote to memory of 1280 N/A C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
PID 1280 wrote to memory of 936 N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe
PID 1280 wrote to memory of 936 N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe
PID 1280 wrote to memory of 936 N/A C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe
PID 936 wrote to memory of 2264 N/A C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 936 wrote to memory of 2264 N/A C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 936 wrote to memory of 2264 N/A C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 936 wrote to memory of 2192 N/A C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 936 wrote to memory of 2192 N/A C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 936 wrote to memory of 2192 N/A C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 2192 wrote to memory of 4012 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
PID 2192 wrote to memory of 4012 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
PID 2192 wrote to memory of 3976 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
PID 2192 wrote to memory of 3976 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
PID 2192 wrote to memory of 2956 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
PID 2192 wrote to memory of 2956 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
PID 936 wrote to memory of 2404 N/A C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 936 wrote to memory of 2404 N/A C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 936 wrote to memory of 2404 N/A C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 936 wrote to memory of 1804 N/A C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 936 wrote to memory of 1804 N/A C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 936 wrote to memory of 1804 N/A C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 1564 wrote to memory of 2488 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 1564 wrote to memory of 2488 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 1564 wrote to memory of 2488 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 4536 wrote to memory of 3096 N/A C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe
PID 4536 wrote to memory of 3096 N/A C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe
PID 4536 wrote to memory of 3096 N/A C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe
PID 3096 wrote to memory of 1120 N/A C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
PID 3096 wrote to memory of 1120 N/A C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
PID 3096 wrote to memory of 1120 N/A C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
PID 1120 wrote to memory of 4784 N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe C:\Program Files (x86)\Microsoft\Temp\EUDCDE.tmp\MicrosoftEdgeUpdate.exe
PID 1120 wrote to memory of 4784 N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe C:\Program Files (x86)\Microsoft\Temp\EUDCDE.tmp\MicrosoftEdgeUpdate.exe
PID 1120 wrote to memory of 4784 N/A C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe C:\Program Files (x86)\Microsoft\Temp\EUDCDE.tmp\MicrosoftEdgeUpdate.exe
PID 4784 wrote to memory of 3804 N/A C:\Program Files (x86)\Microsoft\Temp\EUDCDE.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 4784 wrote to memory of 3804 N/A C:\Program Files (x86)\Microsoft\Temp\EUDCDE.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 4784 wrote to memory of 3804 N/A C:\Program Files (x86)\Microsoft\Temp\EUDCDE.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 4784 wrote to memory of 1612 N/A C:\Program Files (x86)\Microsoft\Temp\EUDCDE.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 4784 wrote to memory of 1612 N/A C:\Program Files (x86)\Microsoft\Temp\EUDCDE.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 4784 wrote to memory of 1612 N/A C:\Program Files (x86)\Microsoft\Temp\EUDCDE.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 4784 wrote to memory of 1924 N/A C:\Program Files (x86)\Microsoft\Temp\EUDCDE.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 4784 wrote to memory of 1924 N/A C:\Program Files (x86)\Microsoft\Temp\EUDCDE.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 4784 wrote to memory of 1924 N/A C:\Program Files (x86)\Microsoft\Temp\EUDCDE.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 3416 wrote to memory of 4652 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3416 wrote to memory of 4652 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3416 wrote to memory of 576 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3416 wrote to memory of 576 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3416 wrote to memory of 576 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3416 wrote to memory of 576 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3416 wrote to memory of 576 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3416 wrote to memory of 576 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3416 wrote to memory of 576 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3416 wrote to memory of 576 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3416 wrote to memory of 576 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3416 wrote to memory of 576 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3416 wrote to memory of 576 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3416 wrote to memory of 576 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3416 wrote to memory of 576 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3416 wrote to memory of 576 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3416 wrote to memory of 576 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3416 wrote to memory of 576 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3416 wrote to memory of 576 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

System policy modification

evasion
Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe N/A

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe

"C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe"

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe

"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc

C:\Windows\System32\oobe\UserOOBEBroker.exe

C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding

C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RUNBQjkxNjgtRENFNC00OThCLTk0NTctOEQzNjlGRjgwRkI4fSIgdXNlcmlkPSJ7QjEyM0MwQkMtNzEwNS00MkZFLUJCN0ItNTQyRjA0QjkxODJGfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins4N0JCMEFFMS0yQUI3LTQyRTgtOTM3NS1CRTRBRkExNjcyRkJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSJEQURZIiBwcm9kdWN0X25hbWU9IlN0YW5kYXJkIFBDIChRMzUgKyBJQ0g5LCAyMDA5KSIvPjxleHAgZXRhZz0iIi8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNDMuNTciIG5leHR2ZXJzaW9uPSIxLjMuMTcxLjM5IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIj48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI0ODYyNjA4MzY3IiBpbnN0YWxsX3RpbWVfbXM9IjM1NyIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{ECAB9168-DCE4-498B-9457-8D369FF80FB8}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RUNBQjkxNjgtRENFNC00OThCLTk0NTctOEQzNjlGRjgwRkI4fSIgdXNlcmlkPSJ7QjEyM0MwQkMtNzEwNS00MkZFLUJCN0ItNTQyRjA0QjkxODJGfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InsxM0IyNDgzQS0yNDBELTQ0N0ItQkI2NS03NEQ3MDI4MDZDMjd9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSJEQURZIiBwcm9kdWN0X25hbWU9IlN0YW5kYXJkIFBDIChRMzUgKyBJQ0g5LCAyMDA5KSIvPjxleHAgZXRhZz0iIi8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjEwNi4wLjUyNDkuMTE5IiBuZXh0dmVyc2lvbj0iMTA2LjAuNTI0OS4xMTkiIGxhbmc9ImVuIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSI1IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI0ODY1Njg4NDQxIi8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe

"C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe"

C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe

C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_27127\RobloxStudioInstaller.exe -relaunch

C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files (x86)\Microsoft\Temp\EUDCDE.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EUDCDE.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /healthcheck

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OTZDM0I0NzctRENFOS00Q0I1LUJFNDMtREQ1QkY4NEUzMjk5fSIgdXNlcmlkPSJ7QjEyM0MwQkMtNzEwNS00MkZFLUJCN0ItNTQyRjA0QjkxODJGfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins0NURGMDkzMi0zRTkxLTQxMEEtQjg0Ny0zQTM0RkM1MTJBMDh9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSJEQURZIiBwcm9kdWN0X25hbWU9IlN0YW5kYXJkIFBDIChRMzUgKyBJQ0g5LCAyMDA5KSIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU0ODMwODgzODUiIGluc3RhbGxfdGltZV9tcz0iODMiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{96C3B477-DCE9-4CB5-BE43-DD5BF84E3299}" /silent

C:\Windows\System32\oobe\UserOOBEBroker.exe

C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding

C:\Windows\system32\SystemSettingsAdminFlows.exe

"C:\Windows\system32\SystemSettingsAdminFlows.exe" RemoteDesktopTurnOnRdp

C:\Windows\system32\SystemSettingsAdminFlows.exe

"C:\Windows\system32\SystemSettingsAdminFlows.exe" RemoteDesktopSelectUsers

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc96ee3cb8,0x7ffc96ee3cc8,0x7ffc96ee3cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1856,3846532414841485152,2786740820473593041,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1868 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1856,3846532414841485152,2786740820473593041,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2496 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1856,3846532414841485152,2786740820473593041,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2588 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,3846532414841485152,2786740820473593041,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,3846532414841485152,2786740820473593041,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,3846532414841485152,2786740820473593041,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4872 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,3846532414841485152,2786740820473593041,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4060 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1856,3846532414841485152,2786740820473593041,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5312 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1856,3846532414841485152,2786740820473593041,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3356 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,3846532414841485152,2786740820473593041,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5356 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,3846532414841485152,2786740820473593041,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5380 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,3846532414841485152,2786740820473593041,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4896 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,3846532414841485152,2786740820473593041,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4128 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,3846532414841485152,2786740820473593041,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5376 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,3846532414841485152,2786740820473593041,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1856,3846532414841485152,2786740820473593041,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5676 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1856,3846532414841485152,2786740820473593041,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5668 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,3846532414841485152,2786740820473593041,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5440 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,3846532414841485152,2786740820473593041,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2016 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,3846532414841485152,2786740820473593041,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4052 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,3846532414841485152,2786740820473593041,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5716 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,3846532414841485152,2786740820473593041,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5448 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,3846532414841485152,2786740820473593041,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4956 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,3846532414841485152,2786740820473593041,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5076 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,3846532414841485152,2786740820473593041,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3600 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,3846532414841485152,2786740820473593041,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5540 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,3846532414841485152,2786740820473593041,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6164 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A3CBA13D-086A-4A72-8FD6-E03B9E792CD0}\MicrosoftEdge_X64_123.0.2420.53.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A3CBA13D-086A-4A72-8FD6-E03B9E792CD0}\MicrosoftEdge_X64_123.0.2420.53.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A3CBA13D-086A-4A72-8FD6-E03B9E792CD0}\EDGEMITMP_A7DE7.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A3CBA13D-086A-4A72-8FD6-E03B9E792CD0}\EDGEMITMP_A7DE7.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A3CBA13D-086A-4A72-8FD6-E03B9E792CD0}\MicrosoftEdge_X64_123.0.2420.53.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A3CBA13D-086A-4A72-8FD6-E03B9E792CD0}\EDGEMITMP_A7DE7.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A3CBA13D-086A-4A72-8FD6-E03B9E792CD0}\EDGEMITMP_A7DE7.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.59 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A3CBA13D-086A-4A72-8FD6-E03B9E792CD0}\EDGEMITMP_A7DE7.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.53 --initial-client-data=0x244,0x248,0x24c,0x1e8,0x250,0x7ff71a58baf8,0x7ff71a58bb04,0x7ff71a58bb10

C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe

"C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe"

C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_C3E81\RobloxStudioInstaller.exe

C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_C3E81\RobloxStudioInstaller.exe -relaunch

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0F03C2-95D3-40FF-B295-22507EDBEF4E}\MicrosoftEdge_X64_123.0.2420.53.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0F03C2-95D3-40FF-B295-22507EDBEF4E}\MicrosoftEdge_X64_123.0.2420.53.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RUNBQjkxNjgtRENFNC00OThCLTk0NTctOEQzNjlGRjgwRkI4fSIgdXNlcmlkPSJ7QjEyM0MwQkMtNzEwNS00MkZFLUJCN0ItNTQyRjA0QjkxODJGfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins5QkQ4MzY1OS1CQjdELTQ1RDUtODgxMi05QUIyMTIzODZDODJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSJEQURZIiBwcm9kdWN0X25hbWU9IlN0YW5kYXJkIFBDIChRMzUgKyBJQ0g5LCAyMDA5KSIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTIzLjAuMjQyMC41MyIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNDg3NzcwODQyOSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjQ4Nzc3Mjg0MDQiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI2OTc2NTA4Njc4IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy85YjQzZDMzYi00MTAwLTQ2NmMtYmRmNS0wNTMwOWU5MTFlODg_UDE9MTcxMTg0NDkzOCZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1QNlE0dHZ0TXVYTXFwTlJpNEhXbm9FTCUyYno1aVNFUVNFayUyZmtNR1kzT0JRWVM2b0t6eU1aYWJSb1VFU1NqejRtZFolMmJuZzZiTVhKM252Z1dZeDI5dUE0USUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE3MTcxMTAzMiIgdG90YWw9IjE3MTcxMTAzMiIgZG93bmxvYWRfdGltZV9tcz0iMjAzNDgxIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNjk3NjYwODU3OSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjY5OTIzMjg2ODgiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY3NTciIHN5c3RlbV91cHRpbWVfdGlja3M9Ijc0NjY0Njg3MTEiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSI2NzciIGRvd25sb2FkX3RpbWVfbXM9IjIwOTg4NCIgZG93bmxvYWRlZD0iMTcxNzExMDMyIiB0b3RhbD0iMTcxNzExMDMyIiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI0NzQxMiIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe" -app -isInstallerLaunch

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0F03C2-95D3-40FF-B295-22507EDBEF4E}\EDGEMITMP_D2F8D.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0F03C2-95D3-40FF-B295-22507EDBEF4E}\EDGEMITMP_D2F8D.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0F03C2-95D3-40FF-B295-22507EDBEF4E}\MicrosoftEdge_X64_123.0.2420.53.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0F03C2-95D3-40FF-B295-22507EDBEF4E}\EDGEMITMP_D2F8D.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0F03C2-95D3-40FF-B295-22507EDBEF4E}\EDGEMITMP_D2F8D.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.59 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0F03C2-95D3-40FF-B295-22507EDBEF4E}\EDGEMITMP_D2F8D.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.53 --initial-client-data=0x244,0x248,0x24c,0x220,0x250,0x7ff726d7baf8,0x7ff726d7bb04,0x7ff726d7bb10

C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe

"C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe"

C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_F73DF\RobloxStudioInstaller.exe

C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_F73DF\RobloxStudioInstaller.exe -relaunch

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OTZDM0I0NzctRENFOS00Q0I1LUJFNDMtREQ1QkY4NEUzMjk5fSIgdXNlcmlkPSJ7QjEyM0MwQkMtNzEwNS00MkZFLUJCN0ItNTQyRjA0QjkxODJGfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins2RDI0NjA5MS1DOUE0LTQ5MjUtOEMwQi1DQjIxNzM3RjdCMjF9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSJEQURZIiBwcm9kdWN0X25hbWU9IlN0YW5kYXJkIFBDIChRMzUgKyBJQ0g5LCAyMDA5KSIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTIzLjAuMjQyMC41MyIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNTQ5MjY0ODU1NSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU0OTI3MDg0MTIiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI3MTAyMjU5MDI4IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy85YjQzZDMzYi00MTAwLTQ2NmMtYmRmNS0wNTMwOWU5MTFlODg_UDE9MTcxMTg0NTAwMCZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1PaDNjR3JCRWdaVEpkeXRiNDFtUUd5aGhmZE4xZWtzREFJT0lFWmU4VzBGYm5oN1VNWlYwYzlIRGZISnVIblRJQkoyTk5RTTNVUmtvZzU3Mkp3d0c5ZyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE3MTcxMTAzMiIgdG90YWw9IjE3MTcxMTAzMiIgZG93bmxvYWRfdGltZV9tcz0iMTU4NDk3Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNzEwMjQwOTA2MSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijc0NjY1Njg0MjkiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY3NTciIHN5c3RlbV91cHRpbWVfdGlja3M9Ijc4MzA2OTg0MTMiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSI2MzgiIGRvd25sb2FkX3RpbWVfbXM9IjE2MDk2NiIgZG93bmxvYWRlZD0iMTcxNzExMDMyIiB0b3RhbD0iMTcxNzExMDMyIiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSIzNjQwNiIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe" -startEvent www.roblox.com/robloxQTStudioStartedEvent -firstLaunch

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Windows\System32\GameBarPresenceWriter.exe

"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 617, 0, 6170654" --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --enable-features=MojoIpcz --mojo-named-platform-channel-pipe=6072.3488.11639071235012246198

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.59 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=123.0.2420.53 --initial-client-data=0x17c,0x180,0x184,0x158,0x18c,0x7ffc926c4e48,0x7ffc926c4e54,0x7ffc926c4e60

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 617, 0, 6170654" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1792,i,16830949270577367025,5492029726355741933,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=1788 /prefetch:2

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 617, 0, 6170654" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --field-trial-handle=1944,i,16830949270577367025,5492029726355741933,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=1904 /prefetch:3

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 617, 0, 6170654" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --field-trial-handle=2000,i,16830949270577367025,5492029726355741933,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=2628 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 617, 0, 6170654" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3424,i,16830949270577367025,5492029726355741933,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3440 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 617, 0, 6170654" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3564,i,16830949270577367025,5492029726355741933,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3816 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 617, 0, 6170654" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3964,i,16830949270577367025,5492029726355741933,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3676 /prefetch:1

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.roblox.com/account/signupredir?ReturnUrl=https%3A%2F%2Fapis.roblox.com%2Foauth%2Fv1%2Fauthorize%3Fclient_id%3D7968549422692352298%26response_type%3Dcode%26redirect_uri%3Droblox-studio-auth%253a%252f%26scope%3Dopenid%2Bcredentials%2Bprofile%2Bage%2Broles%2Bpremium%26state%3DeyJyYW5kb21fc3RyaW5nIjoiX0hVMkZXRVhvbTRGOVZsamNmTFA0RXk0XzVNcDM1TkFySGtlam1yVFlqNCIsInBpZCI6IjYwNzIifQ%253d%253d%26nonce%3Did-roblox%26code_challenge%3DK16lfH2uqYkNShtKZjCn59rFP5OYbhtv1lk3NbJU6q8%26code_challenge_method%3DS256%26rlt%3DkFnEIMVEgFDiOCcxVqeHfXfC0JyKqDMCw0lrEQL6L-vEy4hMvltk3CGuBWmtCsE2aQ9JEBjdVdpeJj765-b8i7SKQvT3x_BMEhdCy8MbOna3qzTDN1mLc84LV0opB7CefHyRVakPB4eI2tRrsSn19Q

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffc96ee3cb8,0x7ffc96ee3cc8,0x7ffc96ee3cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2008,16877724444866719665,11176580428929855553,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2044 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2008,16877724444866719665,11176580428929855553,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2008,16877724444866719665,11176580428929855553,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2724 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,16877724444866719665,11176580428929855553,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3652 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,16877724444866719665,11176580428929855553,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3660 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,16877724444866719665,11176580428929855553,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4964 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2008,16877724444866719665,11176580428929855553,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5472 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=2008,16877724444866719665,11176580428929855553,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5228 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,16877724444866719665,11176580428929855553,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5132 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,16877724444866719665,11176580428929855553,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5280 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,16877724444866719665,11176580428929855553,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4276 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,16877724444866719665,11176580428929855553,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5020 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 617, 0, 6170654" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --field-trial-handle=2248,i,16830949270577367025,5492029726355741933,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=4644 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2D5544CD-5AFB-4BE5-92FC-AD8DB720A01E}\MicrosoftEdgeUpdateSetup_X86_1.3.185.21.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2D5544CD-5AFB-4BE5-92FC-AD8DB720A01E}\MicrosoftEdgeUpdateSetup_X86_1.3.185.21.exe" /update /sessionid "{873C8A53-60C8-45F5-B8E2-7C4DB37059AA}"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,16877724444866719665,11176580428929855553,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5912 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7ODczQzhBNTMtNjBDOC00NUY1LUI4RTItN0M0REIzNzA1OUFBfSIgdXNlcmlkPSJ7QjEyM0MwQkMtNzEwNS00MkZFLUJCN0ItNTQyRjA0QjkxODJGfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntBMDdDMkY3MS0zRjQ5LTREQTktODIzMS0zNDdFNTVBQkVGQzV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSJEQURZIiBwcm9kdWN0X25hbWU9IlN0YW5kYXJkIFBDIChRMzUgKyBJQ0g5LCAyMDA5KSIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xODUuMjEiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIwIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjEyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4NDA5MDYxOTc5IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijg0MDkyMzE4NDIiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDcwMjM4MzgiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijg2MjI3NTA1ODciIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImRvIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy9mZjVkZTJhMS01ZjRlLTRiMjItYWQ1MS1lMzlkMjE5YzI0YzU_UDE9MTcxMTg0NTI5MiZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1RY094ZUhOaEFWaHA3YkZDZHJpTkNUckh5Y3FId2tuUHBzVm5nVktFVU5pMzRSUlBBd2VtaldTOVhNUEQ5ZHZFdzBkTmdsOEVkb0t4TmtHb3hVc1BEUSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSIwIiBkb3dubG9hZF90aW1lX21zPSI4Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijg2MjI3OTA0NTQiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzL2ZmNWRlMmExLTVmNGUtNGIyMi1hZDUxLWUzOWQyMTljMjRjNT9QMT0xNzExODQ1MjkyJmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PVFjT3hlSE5oQVZocDdiRkNkcmlOQ1RySHljcUh3a25QcHNWbmdWS0VVTmkzNFJSUEF3ZW1qV1M5WE1QRDlkdkV3MGROZ2w4RWRvS3hOa0dveFVzUERRJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTYxNTk0NCIgdG90YWw9IjE2MTU5NDQiIGRvd25sb2FkX3RpbWVfbXM9IjIxMjMzIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijg2MjI4MTA2MjgiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODYyODE0MTE5MCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxwaW5nIHI9Ii0xIiByZD0iLTEiLz48L2FwcD48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iOTAuMC44MTguNjYiIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNTU3MTQwNDg2NjUyNzIwIj48dXBkYXRlY2hlY2svPjxwaW5nIGFjdGl2ZT0iMSIgYT0iLTEiIHI9Ii0xIiBhZD0iLTEiIHJkPSItMSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjMuMC4yNDIwLjUzIiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIHVwZGF0ZV9jb3VudD0iMSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNTU3MTQwNDAxODU0NzIwIj48dXBkYXRlY2hlY2svPjxwaW5nIGFjdGl2ZT0iMSIgYT0iLTEiIHI9Ii0xIiBhZD0iLTEiIHJkPSItMSIgcGluZ19mcmVzaG5lc3M9IntDMjFDMThFQS0yNThELTQyQzQtODJBOS02OTQ5QTdFQUU5MzB9Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\Temp\EUAB85.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EUAB85.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{873C8A53-60C8-45F5-B8E2-7C4DB37059AA}"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaService --field-trial-handle=2008,16877724444866719665,11176580428929855553,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=6264 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2008,16877724444866719665,11176580428929855553,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6484 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2008,16877724444866719665,11176580428929855553,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6496 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjEiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7ODczQzhBNTMtNjBDOC00NUY1LUI4RTItN0M0REIzNzA1OUFBfSIgdXNlcmlkPSJ7QjEyM0MwQkMtNzEwNS00MkZFLUJCN0ItNTQyRjA0QjkxODJGfSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7NjgwQUY3NDEtODkwNi00RDU0LTkyOTAtQUM5RTk4RUUzNDhCfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iREFEWSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNzEuMzkiIG5leHR2ZXJzaW9uPSIxLjMuMTg1LjIxIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMCIgaW5zdGFsbGRhdGV0aW1lPSIxNzExMjQwMTM2Ij48ZXZlbnQgZXZlbnR0eXBlPSIzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4NjUzMzY3MTY4Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-1c901af996da417b\RobloxStudioBeta.exe" roblox-studio-auth:/?code=mv-lwB5fwPp5wWqvOjxlzUBue2XGN5dPE0g-pYfe0e3tTAiHMHdyhN7KlGRJn4qMZhwEfOJ3MhXbA_vO-TXwVR8YVWBhuVGHlBdBZXRbOYdwace_grwEzYSNO2Iq4QjPtY8pQM8F6u5U-0oanUyvovvxiLx1a2JDTNDLIYDEfSDhUyO5F0XR9m0jE5J_zp64GpwobeTegCUbX1_tysclALFbaACihBTahV4ISIXVEUhg7R9Tbx7ndvPd9lBAir8NOUuHSxtJYp-3JLuUV242ecTgbQRaktRqn9TZSjkgFJOxNo4EPIVaVULZQSUn2PGKKBAKNz7GA06EpRQRMu3BaDTA6igNcp8RdpBHjwuiN9M&state=eyJyYW5kb21fc3RyaW5nIjoiX0hVMkZXRVhvbTRGOVZsamNmTFA0RXk0XzVNcDM1TkFySGtlam1yVFlqNCIsInBpZCI6IjYwNzIifQ%3d%3d

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 617, 0, 6170654" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --field-trial-handle=4752,i,16830949270577367025,5492029726355741933,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=4040 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 617, 0, 6170654" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --field-trial-handle=780,i,16830949270577367025,5492029726355741933,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=4688 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 617, 0, 6170654" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --field-trial-handle=4640,i,16830949270577367025,5492029726355741933,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=776 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 617, 0, 6170654" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --field-trial-handle=2684,i,16830949270577367025,5492029726355741933,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=4792 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 617, 0, 6170654" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --field-trial-handle=4868,i,16830949270577367025,5492029726355741933,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=4884 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 617, 0, 6170654" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4904,i,16830949270577367025,5492029726355741933,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=4900 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.53\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 617, 0, 6170654" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --field-trial-handle=4972,i,16830949270577367025,5492029726355741933,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=4896 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004E4 0x00000000000004C8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x104,0x108,0x10c,0xe0,0x110,0x7ffc96ee3cb8,0x7ffc96ee3cc8,0x7ffc96ee3cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2004,12327628964508205339,16415146867959766275,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2028 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2004,12327628964508205339,16415146867959766275,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2004,12327628964508205339,16415146867959766275,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2504 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,12327628964508205339,16415146867959766275,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,12327628964508205339,16415146867959766275,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,12327628964508205339,16415146867959766275,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4980 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,12327628964508205339,16415146867959766275,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5012 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2004,12327628964508205339,16415146867959766275,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5252 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,12327628964508205339,16415146867959766275,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,12327628964508205339,16415146867959766275,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5360 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,12327628964508205339,16415146867959766275,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=2004,12327628964508205339,16415146867959766275,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5608 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,12327628964508205339,16415146867959766275,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5384 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2004,12327628964508205339,16415146867959766275,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5636 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2004,12327628964508205339,16415146867959766275,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5332 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,12327628964508205339,16415146867959766275,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1704 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,12327628964508205339,16415146867959766275,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5040 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,12327628964508205339,16415146867959766275,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5840 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,12327628964508205339,16415146867959766275,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5364 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,12327628964508205339,16415146867959766275,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5800 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,12327628964508205339,16415146867959766275,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5900 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,12327628964508205339,16415146867959766275,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,12327628964508205339,16415146867959766275,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6368 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2004,12327628964508205339,16415146867959766275,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=5092 /prefetch:2

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjEiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MDZFRTcwQTYtNTUyNy00MUFELUJDRTktMTc3QkI0OTYyMDc4fSIgdXNlcmlkPSJ7QjEyM0MwQkMtNzEwNS00MkZFLUJCN0ItNTQyRjA0QjkxODJGfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7RUJCQjQ0NjMtNDA5Qi00MDFBLTk0NTUtQkZBQjQ1NjAxMUZGfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iREFEWSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiZxdW90O0RWMGpJL0tEbHhoSHVlMUw5S1JHR2NxT2hmM0gzaDNhY1NyRWFuUUtmZ1E9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjEwNi4wLjUyNDkuMTE5IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIzMSIgaW5zdGFsbGRhdGV0aW1lPSIxNzA4NTI4NjUwIiBvb2JlX2luc3RhbGxfdGltZT0iMTMzNTMwMzAyMjY0NTE4MDczIiBmaXJzdF9mcmVfc2Vlbl90aW1lPSIxMzM1NTcxMzg4OTc1ODUwOTgiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIyMTM1MjMiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExNjQ5Nzc3MzgwIi8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C5C8F3E3-9DA5-4E0B-8C50-64302E278BC3}\BGAUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C5C8F3E3-9DA5-4E0B-8C50-64302E278BC3}\BGAUpdate.exe" --edgeupdate-client --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjEiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MDZFRTcwQTYtNTUyNy00MUFELUJDRTktMTc3QkI0OTYyMDc4fSIgdXNlcmlkPSJ7QjEyM0MwQkMtNzEwNS00MkZFLUJCN0ItNTQyRjA0QjkxODJGfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins2Rjg5M0ZEMS03RTBCLTQwRTQtQjNEOS0xNkMyNjQ1NkM5NTB9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSJEQURZIiBwcm9kdWN0X25hbWU9IlN0YW5kYXJkIFBDIChRMzUgKyBJQ0g5LCAyMDA5KSIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7MUZBQjhDRkUtOTg2MC00MTVDLUE2Q0EtQUE3RDEyMDIxOTQwfSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMi4wLjAuMzIiIGxhbmc9IiIgYnJhbmQ9IkVVRkkiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iLTEiIGluc3RhbGxkYXRlPSItMSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMTY3MzAyNzM2MyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExNjczMTA3Mzk4IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDcwMjM4MzgiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyNjg2NTM5ODA3IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJkbyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvZjA0MmMwZTktMjYzZC00YzFhLWIzM2UtYTFmZTkwNmE5YmVmP1AxPTE3MTE4NDU2MTgmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9UFZER0p1eDJjajRYOW5jQkxGaDNXZmN4YyUyYmVBQTRwcjJBR3BNRjFFbVolMmJVR0o3Tmo2WnduYzZJRXpoOGtrWU1jalhRYjBGWVg1dTEyQzQ3b3Q1M0RBJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMCIgdG90YWw9IjAiIGRvd25sb2FkX3RpbWVfbXM9IjMiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjY4NjU3OTYxNiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvZjA0MmMwZTktMjYzZC00YzFhLWIzM2UtYTFmZTkwNmE5YmVmP1AxPTE3MTE4NDU2MTgmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9UFZER0p1eDJjajRYOW5jQkxGaDNXZmN4YyUyYmVBQTRwcjJBR3BNRjFFbVolMmJVR0o3Tmo2WnduYzZJRXpoOGtrWU1jalhRYjBGWVg1dTEyQzQ3b3Q1M0RBJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTgwNDgwMzIiIHRvdGFsPSIxODA0ODAzMiIgZG93bmxvYWRfdGltZV9tcz0iOTY4NTciLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjY4NjYxOTQ5MyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyNjkyNjYwMjU5IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTI2OTQ2Njk1MzAiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSIxNjMwIiBkb3dubG9hZF90aW1lX21zPSIxMDEzNDMiIGRvd25sb2FkZWQ9IjE4MDQ4MDMyIiB0b3RhbD0iMTgwNDgwMzIiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIwIiBpbnN0YWxsX3RpbWVfbXM9IjE5OCIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\MicrosoftEdge_X64_122.0.2365.92.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\MicrosoftEdge_X64_122.0.2365.92.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\MicrosoftEdge_X64_122.0.2365.92.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.129 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=122.0.2365.92 --initial-client-data=0x248,0x24c,0x250,0x224,0x254,0x7ff6e72479a8,0x7ff6e72479b4,0x7ff6e72479c0

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=3 --install-level=1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.129 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B02D27A7-8414-43F9-8535-1B91273CA167}\EDGEMITMP_FEA99.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=122.0.2365.92 --initial-client-data=0x248,0x24c,0x250,0x224,0x254,0x7ff6e72479a8,0x7ff6e72479b4,0x7ff6e72479c0

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,12327628964508205339,16415146867959766275,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,12327628964508205339,16415146867959766275,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6104 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,12327628964508205339,16415146867959766275,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4904 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjEiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OTc1NjZBMjYtNjM3NC00NDA1LTk2NzgtRjA4NTM0Rjk5NENFfSIgdXNlcmlkPSJ7QjEyM0MwQkMtNzEwNS00MkZFLUJCN0ItNTQyRjA0QjkxODJGfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9InsxMEIwQ0VBQS05RDYzLTRDNzctODA2Mi00QjA0QTZFNzFFMTl9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSJEQURZIiBwcm9kdWN0X25hbWU9IlN0YW5kYXJkIFBDIChRMzUgKyBJQ0g5LCAyMDA5KSIvPjxleHAgZXRhZz0iJnF1b3Q7RFYwakkvS0RseGhIdWUxTDlLUkdHY3FPaGYzSDNoM2FjU3JFYW5RS2ZnUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4NS4yMSIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJQcm9kdWN0c1RvUmVnaXN0ZXI9JTdCMUZBQjhDRkUtOTg2MC00MTVDLUE2Q0EtQUE3RDEyMDIxOTQwJTdEIiBpbnN0YWxsYWdlPSIwIiBjb2hvcnQ9InJyZkAwLjM0Ij48dXBkYXRlY2hlY2svPjxwaW5nIHJkPSI2MjkyIiBwaW5nX2ZyZXNobmVzcz0iezYzMkY4QzBGLUQxNTUtNEI2Ni04ODk2LUQzOUE5NEFDMkI4RX0iLz48L2FwcD48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iOTAuMC44MTguNjYiIG5leHR2ZXJzaW9uPSIxMjIuMC4yMzY1LjkyIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGlzX3Bpbm5lZF9zeXN0ZW09InRydWUiIGxhc3RfbGF1bmNoX2NvdW50PSIxIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1NTcxNDE4ODUxMzEzMjAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEzMDYyNzIzNTYzIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEzMDYyNzUzNTM5IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ3MDIzODM4IiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzM0OTk1OTI0NSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iZG8iIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzc0YzE1OGFkLWRhOGYtNGU4Ni05YWMxLTBmZGI0NzNhODVhZD9QMT0xNzExODQ1NzU3JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PWhTUmdnUElvN1Z1eGglMmZ4MEVqekxaWE1sTkNVTkdNSXJLbnhzTyUyYkJyYmxZcWVLQlp2eVl3QWpGVlE4Zk5PYWNsdzdzU290aEE1N2diMDJIbXo4eSUyYnN3JTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMCIgdG90YWw9IjAiIGRvd25sb2FkX3RpbWVfbXM9IjEiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTMzNTAwMDkyMTAiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzc0YzE1OGFkLWRhOGYtNGU4Ni05YWMxLTBmZGI0NzNhODVhZD9QMT0xNzExODQ1NzU3JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PWhTUmdnUElvN1Z1eGglMmZ4MEVqekxaWE1sTkNVTkdNSXJLbnhzTyUyYkJyYmxZcWVLQlp2eVl3QWpGVlE4Zk5PYWNsdzdzU290aEE1N2diMDJIbXo4eSUyYnN3JTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTcxODQ2MDg4IiB0b3RhbD0iMTcxODQ2MDg4IiBkb3dubG9hZF90aW1lX21zPSIyNjYwOCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzM1MDE4OTQxNiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzM2NDM5OTQyNCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTM5MTk2Mjk4MDMiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSIxMjY5IiBkb3dubG9hZF90aW1lX21zPSIyODczMCIgZG93bmxvYWRlZD0iMTcxODQ2MDg4IiB0b3RhbD0iMTcxODQ2MDg4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI1NTUxOSIvPjxwaW5nIGFjdGl2ZT0iMSIgYWQ9IjYyOTIiIHJkPSI2MjkyIiBwaW5nX2ZyZXNobmVzcz0iezVDNjE2NDRBLUE5RDEtNEZCRS1BQjY5LUI3RjhCRDFDQkNBRX0iLz48L2FwcD48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iMTIzLjAuMjQyMC41MyIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBjb2hvcnQ9InJyZkAwLjE2IiB1cGRhdGVfY291bnQ9IjEiIGxhc3RfbGF1bmNoX2NvdW50PSIxIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1NTcxNDA0MDE4NTQ3MjAiPjx1cGRhdGVjaGVjay8-PHBpbmcgYWN0aXZlPSIwIiByZD0iNjI5MiIgcGluZ19mcmVzaG5lc3M9Ins4ODM5MzFBNC01MTcxLTRBMkUtQkIwNy03OUY4NDA0NDg3OUJ9Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

Network

Country Destination Domain Proto
US 8.8.8.8:53 client-telemetry.roblox.com udp
NL 128.116.21.3:443 client-telemetry.roblox.com tcp
N/A 127.0.0.1:49755 tcp
US 8.8.8.8:53 3.21.116.128.in-addr.arpa udp
GB 184.28.176.73:443 tcp
US 20.189.173.1:443 browser.pipe.aria.microsoft.com tcp
GB 92.123.128.181:443 r.bing.com tcp
GB 92.123.128.181:443 r.bing.com tcp
GB 92.123.128.181:443 r.bing.com tcp
GB 92.123.128.181:443 r.bing.com tcp
GB 92.123.128.181:443 r.bing.com tcp
GB 92.123.128.181:443 r.bing.com tcp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
N/A 127.0.0.1:49769 tcp
NL 128.116.21.3:443 ecsv2.roblox.com tcp
GB 104.84.73.17:443 clientsettingscdn.roblox.com tcp
N/A 127.0.0.1:49772 tcp
FR 3.160.188.64:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:49775 tcp
FR 3.160.188.64:443 setup.rbxcdn.com tcp
FR 3.160.188.64:443 setup.rbxcdn.com tcp
US 52.108.8.254:443 wac-ring.msedge.net tcp
FR 152.199.21.118:443 static-ecst.licdn.com tcp
SE 20.91.200.215:443 fc1593c341deb94f9780940e5b83871a.azr.footprintdns.com tcp
US 8.8.8.8:53 118.21.199.152.in-addr.arpa udp
US 20.7.47.135:443 msedge.api.cdp.microsoft.com tcp
US 152.199.19.161:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
GB 92.123.128.169:443 www.bing.com tcp
GB 2.20.37.224:443 cxcs.microsoft.net tcp
NL 128.116.21.3:443 ecsv2.roblox.com tcp
NL 128.116.21.3:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:50063 tcp
N/A 127.0.0.1:50066 tcp
N/A 127.0.0.1:50071 tcp
NL 128.116.21.3:443 ecsv2.roblox.com tcp
NL 128.116.21.3:443 ecsv2.roblox.com tcp
GB 104.84.73.17:443 clientsettingscdn.roblox.com tcp
FR 3.160.188.64:443 setup.rbxcdn.com tcp
FR 3.160.188.64:443 setup.rbxcdn.com tcp
FR 3.160.188.64:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:50074 tcp
N/A 127.0.0.1:50077 tcp
N/A 127.0.0.1:50081 tcp
US 150.171.22.254:443 ln-ring.msedge.net tcp
US 8.8.8.8:53 spo-ring.msedge.net udp
US 13.107.136.254:443 spo-ring.msedge.net tcp
US 20.7.47.135:443 msedge.api.cdp.microsoft.com tcp
US 152.199.19.161:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
GB 2.20.37.224:443 cxcs.microsoft.net tcp
GB 92.123.128.169:443 www.bing.com tcp
GB 92.123.128.133:443 www.bing.com tcp
GB 184.28.176.73:443 tcp
N/A 224.0.0.251:5353 udp
GB 184.28.176.73:443 tcp
US 20.189.173.1:443 browser.pipe.aria.microsoft.com tcp
US 8.8.8.8:53 254.246.107.13.in-addr.arpa udp
US 152.199.19.161:443 fp-vp-nocache.azureedge.net tcp
US 150.171.22.254:443 ln-ring.msedge.net tcp
US 8.8.8.8:53 chrome.google.com udp
NL 142.250.179.206:80 chrome.google.com tcp
NL 142.250.179.206:80 chrome.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 206.179.250.142.in-addr.arpa udp
NL 142.250.179.196:80 www.google.com tcp
NL 142.250.179.196:80 www.google.com tcp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
GB 92.123.128.146:443 r.bing.com tcp
GB 92.123.128.146:443 r.bing.com tcp
GB 92.123.128.149:443 r.bing.com tcp
GB 92.123.128.149:443 r.bing.com tcp
US 8.8.8.8:53 146.128.123.92.in-addr.arpa udp
US 8.8.8.8:53 149.128.123.92.in-addr.arpa udp
US 8.8.8.8:53 login.microsoftonline.com udp
IE 40.126.31.69:443 login.microsoftonline.com tcp
US 8.8.8.8:53 69.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 services.bingapis.com udp
US 13.107.5.80:443 services.bingapis.com tcp
GB 88.221.134.136:443 aefd.nelreports.net tcp
US 8.8.8.8:53 80.5.107.13.in-addr.arpa udp
GB 88.221.134.136:443 aefd.nelreports.net udp
US 8.8.8.8:53 remotedesktop.google.com udp
NL 142.250.179.206:443 remotedesktop.google.com tcp
NL 142.250.179.206:443 remotedesktop.google.com tcp
US 8.8.8.8:53 136.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 140.32.126.40.in-addr.arpa udp
NL 142.250.179.206:443 remotedesktop.google.com udp
NL 216.58.214.14:443 apis.google.com tcp
US 8.8.8.8:53 3.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 35.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 14.214.58.216.in-addr.arpa udp
US 204.79.197.200:443 www2.bing.com tcp
IE 209.85.203.84:443 accounts.google.com tcp
IE 209.85.203.84:443 accounts.google.com tcp
IE 209.85.203.84:443 accounts.google.com udp
US 8.8.8.8:53 84.203.85.209.in-addr.arpa udp
NL 142.250.179.196:443 www.google.com tcp
NL 142.250.179.196:443 www.google.com tcp
NL 142.251.39.110:443 play.google.com tcp
US 8.8.8.8:53 110.39.251.142.in-addr.arpa udp
NL 142.251.39.110:443 play.google.com udp
NL 142.251.39.110:443 play.google.com udp
GB 88.221.134.136:443 aefd.nelreports.net udp
GB 184.28.176.73:443 tcp
GB 184.28.176.73:443 tcp
GB 92.123.26.49:443 ow1.res.office365.com tcp
US 8.8.8.8:53 arm-ring.msedge.net udp
US 4.150.240.254:443 arm-ring.msedge.net tcp
US 8.8.8.8:53 49.26.123.92.in-addr.arpa udp
US 8.8.8.8:53 afdxtest.z01.azurefd.net udp
US 13.107.246.64:443 afdxtest.z01.azurefd.net tcp
NL 128.116.21.3:443 ecsv2.roblox.com tcp
NL 128.116.21.3:443 ecsv2.roblox.com tcp
NL 128.116.21.3:443 ecsv2.roblox.com tcp
NL 128.116.21.3:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:51145 tcp
N/A 127.0.0.1:51148 tcp
N/A 127.0.0.1:51153 tcp
N/A 127.0.0.1:51156 tcp
GB 2.20.37.224:443 cxcs.microsoft.net tcp
GB 92.123.128.169:443 www.bing.com tcp
US 8.8.8.8:53 client-telemetry.roblox.com udp
NL 128.116.21.3:443 client-telemetry.roblox.com tcp
US 8.8.8.8:53 ecsv2.roblox.com udp
NL 128.116.21.3:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:51431 tcp
N/A 127.0.0.1:51440 tcp
N/A 127.0.0.1:51453 tcp
NL 128.116.21.3:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:51462 tcp
NL 128.116.21.3:443 ecsv2.roblox.com tcp
US 52.108.8.254:443 wac-ring.msedge.net tcp
US 8.8.8.8:53 teams-ring.msedge.net udp
US 52.113.196.254:443 teams-ring.msedge.net tcp
US 20.189.173.1:443 browser.pipe.aria.microsoft.com tcp
US 8.8.8.8:53 254.196.113.52.in-addr.arpa udp
NL 128.116.21.3:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:51581 tcp
NL 128.116.21.3:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:51693 tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
GB 104.84.73.17:443 clientsettingscdn.roblox.com tcp
N/A 127.0.0.1:51704 tcp
N/A 127.0.0.1:51712 tcp
US 8.8.8.8:53 ephemeralcounters.api.roblox.com udp
NL 128.116.21.4:443 ephemeralcounters.api.roblox.com tcp
N/A 127.0.0.1:51715 tcp
NL 128.116.21.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 apis.roblox.com udp
NL 128.116.21.4:443 apis.roblox.com tcp
US 8.8.8.8:53 4.21.116.128.in-addr.arpa udp
NL 128.116.21.3:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:51719 tcp
N/A 127.0.0.1:51723 tcp
US 8.8.8.8:53 apis.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
FR 52.222.144.65:443 js.rbxcdn.com tcp
FR 52.222.144.65:443 js.rbxcdn.com tcp
FR 52.222.144.65:443 js.rbxcdn.com tcp
FR 52.222.144.65:443 js.rbxcdn.com tcp
FR 52.222.144.65:443 js.rbxcdn.com tcp
FR 52.222.144.65:443 js.rbxcdn.com tcp
FR 18.161.97.44:443 images.rbxcdn.com tcp
FR 18.161.97.123:443 static.rbxcdn.com tcp
FR 18.161.97.123:443 static.rbxcdn.com tcp
FR 216.137.52.24:443 css.rbxcdn.com tcp
FR 216.137.52.24:443 css.rbxcdn.com tcp
FR 216.137.52.24:443 css.rbxcdn.com tcp
FR 216.137.52.24:443 css.rbxcdn.com tcp
FR 216.137.52.24:443 css.rbxcdn.com tcp
FR 216.137.52.24:443 css.rbxcdn.com tcp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
FR 216.137.52.24:443 css.rbxcdn.com tcp
US 172.64.154.86:443 roblox-api.arkoselabs.com tcp
US 172.64.154.86:443 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 123.97.161.18.in-addr.arpa udp
US 8.8.8.8:53 44.97.161.18.in-addr.arpa udp
US 8.8.8.8:53 24.52.137.216.in-addr.arpa udp
US 8.8.8.8:53 86.154.64.172.in-addr.arpa udp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 metrics.roblox.com udp
NL 128.116.21.4:443 metrics.roblox.com udp
NL 128.116.21.4:443 metrics.roblox.com tcp
US 8.8.8.8:53 apis.rbxcdn.com udp
US 8.8.8.8:53 apis.rbxcdn.com udp
GB 104.77.160.221:443 apis.rbxcdn.com tcp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
NL 128.116.21.4:443 auth.roblox.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
NL 128.116.21.3:443 ecsv2.roblox.com tcp
NL 128.116.21.4:443 auth.roblox.com udp
NL 128.116.21.3:443 ecsv2.roblox.com udp
US 8.8.8.8:53 221.160.77.104.in-addr.arpa udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.8.8:53 4.4.8.8.in-addr.arpa udp
US 8.8.4.4:443 dns.google udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
NL 128.116.21.4:443 www.roblox.com tcp
NL 128.116.21.4:443 www.roblox.com tcp
NL 128.116.21.4:443 www.roblox.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
FR 216.137.52.24:443 css.rbxcdn.com tcp
FR 216.137.52.24:443 css.rbxcdn.com tcp
FR 216.137.52.24:443 css.rbxcdn.com tcp
FR 216.137.52.24:443 css.rbxcdn.com tcp
FR 216.137.52.24:443 css.rbxcdn.com tcp
FR 216.137.52.24:443 css.rbxcdn.com tcp
FR 52.222.144.78:443 js.rbxcdn.com tcp
FR 52.222.144.78:443 js.rbxcdn.com tcp
FR 52.222.144.78:443 js.rbxcdn.com tcp
FR 52.222.144.78:443 js.rbxcdn.com tcp
FR 52.222.144.78:443 js.rbxcdn.com tcp
FR 52.222.144.78:443 js.rbxcdn.com tcp
FR 18.161.97.123:443 static.rbxcdn.com tcp
US 8.8.8.8:53 78.144.222.52.in-addr.arpa udp
US 8.8.8.8:53 23.97.161.18.in-addr.arpa udp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 104.18.33.170:443 roblox-api.arkoselabs.com tcp
NL 128.116.21.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 metrics.roblox.com udp
NL 128.116.21.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 apis.roblox.com udp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
US 8.8.8.8:53 locale.roblox.com udp
FR 216.137.52.24:443 css.rbxcdn.com tcp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
NL 128.116.21.4:443 auth.roblox.com udp
GB 104.77.160.221:443 apis.rbxcdn.com tcp
NL 128.116.21.4:443 auth.roblox.com udp
FR 18.161.97.59:443 images.rbxcdn.com tcp
FR 18.161.97.59:443 images.rbxcdn.com tcp
FR 18.161.97.59:443 images.rbxcdn.com tcp
FR 18.161.97.59:443 images.rbxcdn.com tcp
FR 18.161.97.59:443 images.rbxcdn.com tcp
FR 18.161.97.59:443 images.rbxcdn.com tcp
FR 216.137.52.24:443 css.rbxcdn.com tcp
FR 216.137.52.24:443 css.rbxcdn.com tcp
FR 216.137.52.24:443 css.rbxcdn.com tcp
US 8.8.8.8:53 59.97.161.18.in-addr.arpa udp
NL 128.116.21.3:443 ecsv2.roblox.com udp
NL 128.116.21.4:443 auth.roblox.com udp
US 8.8.8.8:53 ncs.roblox.com udp
NL 128.116.21.4:443 ncs.roblox.com udp
NL 128.116.21.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 20.7.47.135:443 msedge.api.cdp.microsoft.com tcp
GB 104.91.71.142:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 142.71.91.104.in-addr.arpa udp
NL 128.116.21.3:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:52597 tcp
US 8.8.4.4:443 dns.google udp
US 204.79.197.239:443 tcp
NL 128.116.21.4:443 assetgame.roblox.com udp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 8.8.8.8:53 auth.roblox.com udp
GB 104.91.71.146:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 146.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
GB 104.84.73.17:443 clientsettingscdn.roblox.com tcp
NL 128.116.21.4:443 auth.roblox.com tcp
NL 128.116.21.3:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:52858 tcp
N/A 127.0.0.1:52867 tcp
N/A 127.0.0.1:52870 tcp
US 204.79.197.239:443 tcp
US 8.8.4.4:443 dns.google udp
NL 128.116.21.3:443 ecsv2.roblox.com tcp
NL 128.116.21.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 8.8.4.4:443 dns.google udp
US 204.79.197.239:443 tcp
US 8.8.4.4:443 dns.google udp
NL 128.116.21.4:443 auth.roblox.com tcp
NL 128.116.21.4:443 auth.roblox.com tcp
NL 128.116.21.4:443 auth.roblox.com tcp
FR 18.161.97.44:443 images.rbxcdn.com tcp
NL 128.116.21.4:443 auth.roblox.com udp
NL 128.116.21.4:443 auth.roblox.com udp
NL 128.116.21.4:443 auth.roblox.com tcp
US 8.8.8.8:53 users.roblox.com udp
NL 128.116.21.4:443 users.roblox.com tcp
N/A 127.0.0.1:53382 tcp
N/A 127.0.0.1:53385 tcp
US 8.8.8.8:53 realtime-signalr.roblox.com udp
NL 128.116.21.4:443 users.roblox.com tcp
NL 128.116.21.4:443 users.roblox.com tcp
NL 128.116.21.4:443 users.roblox.com tcp
NL 128.116.21.4:443 users.roblox.com tcp
NL 128.116.21.3:443 realtime-signalr.roblox.com tcp
N/A 127.0.0.1:53401 tcp
NL 128.116.21.4:443 users.roblox.com tcp
NL 128.116.21.4:443 users.roblox.com tcp
NL 128.116.21.4:443 users.roblox.com tcp
US 8.8.8.8:53 develop.roblox.com udp
US 8.8.8.8:53 22.160.190.20.in-addr.arpa udp
NL 128.116.21.4:443 assetgame.roblox.com tcp
NL 128.116.21.4:443 assetgame.roblox.com tcp
NL 128.116.21.4:443 assetgame.roblox.com tcp
N/A 127.0.0.1:53408 tcp
N/A 127.0.0.1:53413 tcp
N/A 127.0.0.1:53415 tcp
NL 128.116.21.4:443 assetgame.roblox.com tcp
US 8.8.8.8:53 clientsettings.roblox.com udp
NL 128.116.21.4:443 clientsettings.roblox.com tcp
US 8.8.8.8:53 www.roblox.com udp
NL 128.116.21.4:443 www.roblox.com tcp
US 8.8.8.8:53 thumbnails.roblox.com udp
NL 128.116.21.4:443 thumbnails.roblox.com tcp
NL 128.116.21.4:443 thumbnails.roblox.com tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
GB 104.84.73.17:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 tr.rbxcdn.com udp
GB 104.91.71.132:443 tr.rbxcdn.com tcp
GB 104.91.71.132:443 tr.rbxcdn.com tcp
GB 104.91.71.132:443 tr.rbxcdn.com tcp
GB 104.91.71.132:443 tr.rbxcdn.com tcp
GB 104.91.71.132:443 tr.rbxcdn.com tcp
GB 104.91.71.132:443 tr.rbxcdn.com tcp
GB 104.91.71.132:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 t6.rbxcdn.com udp
US 8.8.8.8:53 t2.rbxcdn.com udp
FR 3.160.188.8:443 t6.rbxcdn.com tcp
FR 3.160.188.75:443 t2.rbxcdn.com tcp
FR 3.160.188.75:443 t2.rbxcdn.com tcp
US 8.8.8.8:53 132.71.91.104.in-addr.arpa udp
N/A 127.0.0.1:54683 tcp
N/A 127.0.0.1:54686 tcp
N/A 127.0.0.1:54798 tcp
N/A 127.0.0.1:54802 tcp
N/A 127.0.0.1:54811 tcp
N/A 127.0.0.1:54815 tcp
N/A 127.0.0.1:54822 tcp
N/A 127.0.0.1:54830 tcp
N/A 127.0.0.1:54844 tcp
N/A 127.0.0.1:54851 tcp
N/A 127.0.0.1:54893 tcp
N/A 127.0.0.1:54917 tcp
N/A 127.0.0.1:54919 tcp
N/A 127.0.0.1:54921 tcp
US 8.8.8.8:53 75.188.160.3.in-addr.arpa udp
GB 104.91.71.132:443 tr.rbxcdn.com tcp
N/A 127.0.0.1:55092 tcp
N/A 127.0.0.1:55094 tcp
NL 128.116.21.3:443 realtime-signalr.roblox.com tcp
NL 128.116.21.3:443 realtime-signalr.roblox.com tcp
US 20.42.73.29:443 nw-umwatson.events.data.microsoft.com tcp
GB 92.123.128.181:443 www.bing.com tcp
GB 92.123.128.181:443 www.bing.com tcp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
GB 92.123.128.149:443 r.bing.com tcp
GB 92.123.128.181:443 r.bing.com tcp
GB 92.123.128.181:443 r.bing.com tcp
GB 92.123.128.149:443 r.bing.com tcp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 testfamilysafety.bing.com udp
US 204.79.197.201:443 testfamilysafety.bing.com tcp
US 8.8.8.8:53 201.197.79.204.in-addr.arpa udp
NL 142.250.179.142:443 www.youtube.com tcp
NL 142.250.179.142:443 www.youtube.com tcp
NL 142.250.179.142:443 www.youtube.com udp
US 8.8.8.8:53 i.ytimg.com udp
NL 142.251.39.118:443 i.ytimg.com tcp
US 8.8.8.8:53 142.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
NL 142.250.179.162:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 static.doubleclick.net udp
US 8.8.8.8:53 yt3.ggpht.com udp
NL 142.250.179.138:443 jnn-pa.googleapis.com tcp
NL 142.250.179.193:443 yt3.ggpht.com tcp
NL 142.250.179.162:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 rr3---sn-5hne6nzs.googlevideo.com udp
NL 142.250.179.198:443 static.doubleclick.net tcp
NL 142.250.179.196:443 www.google.com udp
NL 74.125.8.104:443 rr3---sn-5hne6nzs.googlevideo.com tcp
NL 74.125.8.104:443 rr3---sn-5hne6nzs.googlevideo.com tcp
NL 142.250.179.138:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 138.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 193.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 198.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 104.8.125.74.in-addr.arpa udp
NL 74.125.8.104:443 rr3---sn-5hne6nzs.googlevideo.com udp
NL 142.250.179.193:443 yt3.ggpht.com udp
US 8.8.8.8:53 tse4.mm.bing.net udp
US 8.8.8.8:53 tse2.mm.bing.net udp
GB 92.123.128.181:443 www.bing.com tcp
NL 74.125.100.102:443 rr1---sn-5hnekn7z.googlevideo.com udp
NL 142.251.39.118:443 i.ytimg.com tcp
NL 142.250.179.142:443 www.youtube.com udp
NL 142.251.39.118:443 i.ytimg.com udp
US 8.8.8.8:53 rr1---sn-5hne6nz6.googlevideo.com udp
NL 74.125.100.198:443 rr1---sn-5hne6nz6.googlevideo.com udp
US 8.8.8.8:53 198.100.125.74.in-addr.arpa udp
US 8.8.8.8:53 42.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 rr2---sn-5hne6nz6.googlevideo.com udp
NL 74.125.100.199:443 rr2---sn-5hne6nz6.googlevideo.com udp
IE 209.85.203.84:443 accounts.google.com udp
IE 209.85.203.84:443 accounts.google.com tcp
US 8.8.8.8:53 rr2---sn-4g5ednz7.googlevideo.com udp
DE 74.125.173.231:443 rr2---sn-4g5ednz7.googlevideo.com udp
NL 142.250.179.162:443 googleads.g.doubleclick.net udp
NL 142.250.179.198:443 static.doubleclick.net udp
US 8.8.8.8:53 aefd.nelreports.net udp
US 8.8.8.8:53 csp.withgoogle.com udp
GB 88.221.134.80:443 aefd.nelreports.net udp
NL 142.250.179.177:443 csp.withgoogle.com tcp
NL 142.250.179.193:443 yt3.ggpht.com udp
GB 88.221.134.80:443 aefd.nelreports.net tcp
NL 142.250.179.177:443 csp.withgoogle.com udp
NL 142.250.179.196:443 www.google.com udp
US 8.8.8.8:53 80.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 177.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 youtube.com udp
NL 142.250.179.174:443 youtube.com tcp
US 8.8.8.8:53 174.179.250.142.in-addr.arpa udp
GB 92.123.128.169:443 www.bing.com tcp
US 8.8.8.8:53 play.google.com udp
NL 142.251.39.110:443 play.google.com udp
NL 142.251.39.110:443 play.google.com tcp
NL 142.251.39.110:443 play.google.com udp
NL 142.251.39.110:443 play.google.com tcp
US 8.8.8.8:53 i.ytimg.com udp
NL 142.251.39.118:443 i.ytimg.com udp
US 8.8.8.8:53 ephemeralcounters.api.roblox.com udp
NL 128.116.21.4:443 ephemeralcounters.api.roblox.com tcp
NL 128.116.21.4:443 ephemeralcounters.api.roblox.com tcp
N/A 127.0.0.1:56457 tcp
N/A 127.0.0.1:56459 tcp
NL 142.250.179.162:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 www.youtube.com udp
NL 172.217.23.206:443 www.youtube.com udp
US 8.8.8.8:53 206.23.217.172.in-addr.arpa udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 23.102.129.60:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 60.129.102.23.in-addr.arpa udp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
GB 104.91.71.146:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 13.67.191.143:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 8.8.8.8:53 143.191.67.13.in-addr.arpa udp
US 8.8.8.8:53 apis.roblox.com udp
NL 128.116.21.4:443 apis.roblox.com tcp
N/A 127.0.0.1:56596 tcp
US 8.8.8.8:53 www.youtube.com udp
NL 172.217.23.206:443 www.youtube.com udp
US 8.8.8.8:53 play.google.com udp
NL 142.251.39.110:443 play.google.com udp

Files

C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe

MD5 19a1d445f5914eb9081663b3566201c4
SHA1 25342e8c2fcdba7f0751a50ec505d79737ff17bb
SHA256 1f3b6286c30c68b29ac97c833605f41ad2276844308eaa16e784dd8ef3b3f6c7
SHA512 95731632b6dc0c6945996793defa89955805c9057612645f714ecad2746d4b4edd2690d8a6722b465561011ef185c57d0bdfc74c33c792bb4ba27b5e06a3d6ae

C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\902abff44b3b5339ec2dd6c0ac11adf4

MD5 902abff44b3b5339ec2dd6c0ac11adf4
SHA1 a4d01b17188027dd9c38fe8b766dd3052012d6f2
SHA256 c95150acf914f63c5eea961c5c29f487b441a9a930c7c6f6a3f17161e4ba1fc9
SHA512 6579265b8187b6e611399faba78891c02c03f6fdaa058091b0b2e558dfed3bfd445d2953f97d0ce30b577861e78ef77a15ebd197853115baf06e34f40fc2a85b

C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MD5 610b1b60dc8729bad759c92f82ee2804
SHA1 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552
SHA256 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08
SHA512 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdate.exe

MD5 4dc57ab56e37cd05e81f0d8aaafc5179
SHA1 494a90728d7680f979b0ad87f09b5b58f16d1cd5
SHA256 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718
SHA512 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdate.dll

MD5 121a579b6a0c380ac3681055f6beab4f
SHA1 e8e49617dbfe39edf14a9292b8fb44fe7d314bf1
SHA256 b72ac9807b84fa05fd3dd3dff1845ad2d74cbcb339e345c3f7b1409f49b36781
SHA512 702583c45b113978f18f1fd870529ce666e3550fa8fe721f84807244f20f75cfdd18ccd50554a5d404ee8bc47b4ead0321afe2ed0994aeb4db51a94c2c55eb2a

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdate.dll

MD5 da1e30e3c2aed0ba0e7fb031ff225c12
SHA1 bc4485d177fabe0c08b0abc7468ed810c8936465
SHA256 2a5cd254259e4602f6318907774f8cf063e77ffd7468be462a69f347be56a8f5
SHA512 f4ea5c98214d92cad7647b08efcff8ebb7158e3dbc01970511d70671297ecad41a4dbeda18368de62984a5366470e6f51f0dde53de6192b17efd8f485e3f7a69

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_en.dll

MD5 4a1e3cf488e998ef4d22ac25ccc520a5
SHA1 dc568a6e3c9465474ef0d761581c733b3371b1cd
SHA256 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011
SHA512 ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdateCore.exe

MD5 6f5af7885f8c290a315c17d2992bd07b
SHA1 38f5e8f763204cc71f55c4a65181aaad9b38822f
SHA256 143943ce9902d4289fc705fe423aa5114d486051d6615e699e3b9082217d9cef
SHA512 5eadd6fd524815fcf0b6e8792d0323d43d0a6292be88935fa92454eb453faff18a2bffcf4e66963047223c4f167877662e2498ed17abe991d9d0c6902d28d141

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\NOTICE.TXT

MD5 6dd5bf0743f2366a0bdd37e302783bcd
SHA1 e5ff6e044c40c02b1fc78304804fe1f993fed2e6
SHA256 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5
SHA512 f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_as.dll

MD5 a8d3210e34bf6f63a35590245c16bc1b
SHA1 f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693
SHA256 3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766
SHA512 6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_bn.dll

MD5 7dc58c4e27eaf84ae9984cff2cc16235
SHA1 3f53499ddc487658932a8c2bcf562ba32afd3bda
SHA256 e32f77ed3067d7735d10f80e5a0aa0c50c993b59b82dc834f2583c314e28fa98
SHA512 bdec1300cf83ea06dfd351fe1252b850fecea08f9ef9cb1207fce40ce30742348db953107ade6cdb0612af2e774345faf03a8a6476f2f26735eb89153b4256dc

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_az.dll

MD5 7937c407ebe21170daf0975779f1aa49
SHA1 4c2a40e76209abd2492dfaaf65ef24de72291346
SHA256 5ab96e4e6e065dbce3b643c6be2c668f5570984ead1a8b3578bbd2056fbad4e9
SHA512 8670746941660e6573732077f5ed1b630f94a825cf4ac9dbe5018772eaac1c48216334757a2aeaa561034b4d907162a370b8f0bae83b34a09457fafe165fb5d7

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_ms.dll

MD5 51230a1b9ab0dad791e583b7ee57afe4
SHA1 957ba3e5d9b2df16ea3e099aab5b7e74d2055e46
SHA256 a47fc6a9a75875e75f3415f068c357dd499e533849381b875272d5994c163670
SHA512 5a3d754cefa1ab28748cb38021b5cbebd93fe513da0f4a7cbae98c0938acb10cdda939171d0842b09e97cb4c73f19272be665f767642ba1c5b25c709b5417edb

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_mr.dll

MD5 468a420700d239a0cd90b95896b0d6da
SHA1 ce57e3abf57c7ae13e99546b2a5e19dec03cb9b7
SHA256 24b304bd40f8e63848f8d2a1ca6ac8bc032b7a700161efad61ad445787650c87
SHA512 604c4cc8132c520da70c4870514610364648ec6446afa47128ac3aa8a9157932705da93e8ed4e33d56f5191d611b26b76aeba1514e9dff1a13dd32693cfddb8b

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 b9d0f58244268cd1c77553d118d90c8b
SHA1 8ea57f55b269f3939384ca0a03e333b25cf4e288
SHA256 0e485895ad64437f61476107f68e3d27c5b9123edc895c4887e1702af28ffef7
SHA512 e802ebbfbd58e6a0d763ad8a45ae552bfc32c5042c14e05b0e9ca22f0f63a7a406b96c23d2e1e86e28fd98d10bac213630d00caeda09ea5364ef380db6ef4289

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_ml.dll

MD5 7e90d4306c5768dfd1160ad9e2168a19
SHA1 4f7b17843ad226d51cfb0090235b55a29b5a674a
SHA256 8ebe88477b1493733140f1fced91903276ec69c7302deed3281054b49573eb3c
SHA512 f6d8b538915fa70bfb784ea7e6d4047759d8eecc822e4b76ac9666997a41901c8269a8185f29e5472bcfaa87e4b97483bd544f3fc8f656b60dca71d63b44d291

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_mk.dll

MD5 064035858a1df697913f06c972461901
SHA1 b6be99ae8e55207949076955389bc8fec81937fd
SHA256 4850260d2cbb4b4ff3490eb90ce55a412268ad699f946b1cd686ddf9f0403bd6
SHA512 9459056e919854213117b874e61b526af4ba35c3c3e195b204c5c3e59cc4dfa2b4a45c32551e1de144842844f246f5e0d025cdcc78dbf7265ba5e26e7209cd91

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_mi.dll

MD5 1866ddadd9397dbf01c82c73496b6bff
SHA1 b210a9df7d6a5e116fe7a9ff8d455b6cbfb5663b
SHA256 9b4bb2ca3366a1935b4869796efc0601f94356b45e8613d28e023dd516f48d17
SHA512 76fa5cade101d79d012e00904bf18692f85967ceea0ed7e81da4df65b85afc125a00127d9e06c8c59ffbfd2dcdc88488157b61922960559fa17d13dedca3ee59

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_lv.dll

MD5 30849a9c16061b9a46a66e8e7d42ff81
SHA1 2d0e86535d964acce8912c6bef3cc12346b22a6c
SHA256 b8075c09d33cc6b6ff22fdb29ccc3dd319ce867f4b77a1d165f6f8d8cb4977e9
SHA512 298ee10ff6cab7ff38d31e3a7826dedeab8e9ccc616eae4ca2e5ec333f42e5c6744650857031d8bf35034bd46c7c01a2646362ffbbef1f421995c73ba999ff0b

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_lt.dll

MD5 7071c732cf3e4b3144cf07c49d8eb44f
SHA1 3800bf304b44d9d27ac26bed6ccc899669dc3b4f
SHA256 9c75ef5c3f53c643d7bb8c5907a0cba6ca2d1d64e6bea39ce06b4ad5a20454b6
SHA512 be3a0942e2af843adeb8e9b6acc7cd8adec956b761f71d8eb0a02835ee5be115ac064fda7088b0813d40ec3a24e7bb77816e9b67ef0cbdce1562c36880b15049

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_lo.dll

MD5 864edbc77831a64a3e3ab972291233bb
SHA1 fa1f3eb3320c1b1a329cbe786abecf2a8e625cbe
SHA256 aecab1eb46075d1a1432b3e14537f860a2ded49a13ca82f17fac44b40ad2da51
SHA512 3d54efd01d6317fb4746b55db2c847a506f594cff055f0db84a72ede02dbe3aa03d8e65ea06c5ae365f44312a26cdbc45ad5f9a0de46d2b9c878aeeb24566b89

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_lb.dll

MD5 269e84b82973e7b9ee03a5b2ef475e4d
SHA1 4021af3bfde8c52040ad4f9390eb29ae2a69104b
SHA256 c3fb0cae3dc5cdd86518d60f998c3adec1c0c5804a74ffbb9a346a73d598af07
SHA512 db716e2f6527af2dfeba4c22ff00e159d7cc0b482fc126e87b8b3d35b714bb382676066097352b6ebb87c8dfe7f6144e83100f0c9a9990b0d23c810b6c575c21

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_kok.dll

MD5 ca3465347e57624ee2a5dd2299d4f4cd
SHA1 551a151a8d49489c90400e18c34633aa2c2b8a4b
SHA256 5b9509a1ae34d89c89c8e657742495037d28cd03e1cd48aef4dfaa7aeebe29f0
SHA512 a4bdd458a7628a9f0664e1000512e056718cc924510a21704ff8c69b0b251a5a1c7f6f267d66325cadda1536aaee78440348be128d082112c71732e485ac93f3

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_ko.dll

MD5 cf91a1f111762d2bc01f8a002bd9544d
SHA1 db2603af55b08538a41c51fc0676bc0ed041d284
SHA256 baa9fae4fb8939e0b5fe0c7f393ab1ca40b52534f37bf2158a9a36331a221e75
SHA512 9db864dbd194885b46f7bed9875f1e531e48f7644ce4494b8dc482c7516a6f783cd35129d2565b272dc674491a08c844a6da88bf9fa7843fcf89c96b4e0af799

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_kn.dll

MD5 60dfe673999d07f1a52716c57ba425a8
SHA1 019ce650320f90914e83010f77347351ec9958ab
SHA256 ef749f70e71424d7f548d5c12283be70a6d6c59cffb1c8101b74f37ecacb64af
SHA512 46bfe77a49f14293988863a8e4dd0543202b954b670940d9ad5dc6d2b46e46104d8d6206be08a941f7e02b8ff3e2e2366b7b795d02352cff18971f8d0df5fcdc

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_km.dll

MD5 2ea1200fdfb4fcc368cea7d0cdc32bc2
SHA1 4acb60908e6e974c9fa0f19be94cb295494ee989
SHA256 6fd21b94f62ee7474b3c3029590ddf06936105508f9bf3509620c42dc37486c3
SHA512 e63b80a5929200c85c7a30a3054bd51eee2f27e603501f105073868690906f4619a27a52e58c90ac2ab5d5c34a4739dfdd2a511574afeb7d0118de88c5544f42

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_kk.dll

MD5 bcb1c5f3ef6c633e35603eade528c0f2
SHA1 84fac96d72341dc8238a0aa2b98eb7631b1eaf4e
SHA256 fdd6bffdb9eca4542975f3afe3ac68feac190b8963f0a7244b4b8fa6382381d1
SHA512 ecd79ddd9f3e6db1d0471132c453c324ab55bdead21de77392f418281bc8a2dd43e9009912896ffa3d55d4d3ef17b0aa847a084369b619eb04a2d2313641d520

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_ka.dll

MD5 3bc0d9dd2119a72a1dc705d794dc6507
SHA1 5c3947e9783b90805d4d3a305dd2d0f2b2e03461
SHA256 4449ee24c676e34fea4d151b3a752e8d0e7c82f419884e80da60d4d4c1b0f8cb
SHA512 8df01ad484bf2924892129c59317f3da4f79611be2ca29e208114e5ed2cb96a63f753511dc4fe97e281417366246f2fb576cc6ef2618a67803ae7ac01be7b067

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_ja.dll

MD5 b507a146eb5de3b02271106218223b93
SHA1 0f1faddb06d775bcabbe8c7d83840505e094b8d6
SHA256 5f4234e2b965656e3d6e127660f52e370dc133632d451ef04975f3b70194b2ed
SHA512 54864e9130b91b6fd68b1947968c446f45a582f22714716bfd70b6dc814841fffe939bc2f573a257ec8c62b4ff939643211fb29cabc0c45b78a6cc70eaa3752c

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_iw.dll

MD5 45e971cdc476b8ea951613dbd96e8943
SHA1 8d87b4edfce31dfa4eebdcc319268e81c1e01356
SHA256 fd5ba39c8b319c6ba2febf896c6947a0a7bae6aa0b4957bd124d55589f41849d
SHA512 f1c9fccf742fa450be249dbbf7e551a426c050ae4af3d2e909f9750068a2bdc801f618eb77a6a82d13421d27949c9f2a9681a44bcb410ccdeec66b24a70f6a9a

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_it.dll

MD5 497ca0a8950ae5c8c31c46eb91819f58
SHA1 01e7e61c04de64d2df73322c22208a87d6331fc8
SHA256 abe2360a585b6671ec3a69d14077b43ae8f9e92b6077b80a147dfe36792bb1b7
SHA512 070398af980f193ff90b4afaecb3822534ef3171eca7228bce395af11ca38364bc47cab7df1e71187ef291f90978bdc37a8611d2992b1800cd1de6aa7fda09d9

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_id.dll

MD5 03d4c35b188204f62fc1c46320e80802
SHA1 07efb737c8b072f71b3892b807df8c895b20868c
SHA256 192585d7f4a8a0cd95e338863c14233cdd8150f9f6f7dd8a405da0670110ee95
SHA512 7e67ea953ea58ff43e049ce519ae077eec631325604896479526627d688f2fa3bfc855a55ac23a76b1c9ef8cd75274265b8238423b95a2437be7250db0db31b1

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_hu.dll

MD5 f4976c580ba37fc9079693ebf5234fea
SHA1 7326d2aa8f6109084728323d44a7fb975fc1ed3f
SHA256 b16755fdbcc796ef4eb937759fe2c3518c694f5d186970d55a5a5e5d906cb791
SHA512 e43636d8c947e981258e649712ad43f37c1aab01916539b93c082959fb5c6764c9c44979650092202839e812e6f252c6c3eaf66d3d195c1efd39c74c81ad1981

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_hr.dll

MD5 0b475965c311203bf3a592be2f5d5e00
SHA1 b5ff1957c0903a93737666dee0920b1043ddaf70
SHA256 65915ad11b9457d145795a1e8d151f898ec2dcb8b136967e6592884699867eb0
SHA512 bec513125f272c24477b9ddbaa5706d1e1bb958babac46829b28df99fa1dd82f3f1e3c7066dc2fe3e59118c536675a22fc2128de916ca4c478950b9992372007

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_hi.dll

MD5 34cbaeb5ec7984362a3dabe5c14a08ec
SHA1 d88ec7ac1997b7355e81226444ec4740b69670d7
SHA256 024c5eae16e45abe2237c2a5d868563550ac596f1f7d777e25234c17d9461dd9
SHA512 008c8443a3e93c4643a9e8735a1c59c24ba2f7a789606a86da54c921c34cbc0cb11c88594544d8509a8e71b6a287c043b1ffe2d39b90af53b4cde3847d891ba8

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_gu.dll

MD5 f9646357cf6ce93d7ba9cfb3fa362928
SHA1 a072cc350ea8ea6d8a01af335691057132b04025
SHA256 838ccd8243caa1a5d9e72eb1179ac8ae59d2acb453ed86be01e0722a8e917150
SHA512 654c4a5200f20411c56c59dbb30a63bfe2da27781c081e2049b31f0371a31d679e3c9378c7eb9cf0fb9166a3f0fba33a58c3268193119b06f91bebe164a82528

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_gl.dll

MD5 84a1cea9a31be831155aa1e12518e446
SHA1 670f4edd4dc8df97af8925f56241375757afb3da
SHA256 e4eb716f1041160fd323b0f229b88851e153025d5d79f49b7d6ecb7eb2442c57
SHA512 5f1318119102fcee1c828565737ce914493ff86e2a18a94f5ff2b6b394d584ace75c37258d589cce1d5afd8e37d617168a7d7372cfd68dd6a2afcd4577a0bc51

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_gd.dll

MD5 c90f33303c5bd706776e90c12aefabee
SHA1 1965550fe34b68ea37a24c8708eef1a0d561fb11
SHA256 e3acc61d06942408369c85365ac0d731c5f3c9bc26e3f1e3bb24226d0879ad9c
SHA512 b0c1a9d7df57d68e5daf527703f0b6154a2ef72af1a3933bda2804408f6684b5b09b822522193243fd0756f80f13d3ab0647c90d2bed1a57b4a9fea933b0aa9a

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_is.dll

MD5 5664c7a059ceb096d4cdaae6e2b96b8f
SHA1 bf0095cd7470bf4d7c9566ba0fd3b75c8b9e57ec
SHA256 a3a2947064267d17474c168d3189b0d372e36e53bf0efb9c228d314fc802d98e
SHA512 015dcb17b297a0aaad41c7b0b2199187e435855fd3977d16402be774622cc4f6b55d04ba9159a89e26e350c5602928c76dd9386be3974437b41888a0cfdddfa8

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_ga.dll

MD5 3b8a5301c4cf21b439953c97bd3c441c
SHA1 8a7b48bb3d75279de5f5eb88b5a83437c9a2014a
SHA256 abc9822ee193c9a98a21202648a48ecd69b0cb19ff31c9bbf0c79dab5f9609b0
SHA512 068166cfdf879caf4e54fe43c5265a692fcaf6a9dcbf151335fd054bbec06260bc5ed489de6d46ca3fc0044bc61fa1468fea85373c6c66349620618ee869383a

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_fr-CA.dll

MD5 b534e068001e8729faf212ad3c0da16c
SHA1 999fa33c5ea856d305cc359c18ea8e994a83f7a9
SHA256 445051ef15c6c872bed6d904169793837e41029a8578eaf81d78a4641ef53511
SHA512 e937d2e0f43ade3f4a5e9cdeb6dd8c8ad8b5b50a7b6b779bda727a4fe1ced93abd06720395cc69a274ce3b0f7c6b65e1eba1ecf069db64edb80d007fbb4eedbb

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_fr.dll

MD5 64c47a66830992f0bdfd05036a290498
SHA1 88b1b8faa511ee9f4a0e944a0289db48a8680640
SHA256 a9b72fcb3bdb5e021b8d23b2de0caeca80ddc50420088b988a5b7503f2d7c961
SHA512 426546310c12aeb80d56e6b40973a5f4dffef72e14d1ac79e3f267e4df2a0022b89e08bba8ab2ffa24f90b0c035a009bed3066201e30fe961d84ed854e48f9c5

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_fil.dll

MD5 7c66526dc65de144f3444556c3dba7b8
SHA1 6721a1f45ac779e82eecc9a584bcf4bcee365940
SHA256 e622823096fc656f63d5a7bbdf3744745ef389c92ec1b804d3b874578e18c89d
SHA512 dbc803c593ae0b18fd989fdc5e9e6aee8f16b893ae8d17e9d88436e2cd8cae23d06e32e4c8a8bf67fc5311b6f2a184c4e6795fed6d15b3d766ef5affc8923e2f

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_fi.dll

MD5 d45f2d476ed78fa3e30f16e11c1c61ea
SHA1 8c8c5d5f77cd8764c4ca0c389daee89e658dfd5e
SHA256 acf42b90190110ccf30bcfb2626dd999a14e42a72a3983928cba98d44f0a72e2
SHA512 2a876e0313a03e75b837d43e9c5bb10fcec385fbb0638faa984ee4bb68b485b04d14c59cd4ed561aaa7f746975e459954e276e73fc3f5f4605ae7f333ce85f1b

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_eu.dll

MD5 a7e1f4f482522a647311735699bec186
SHA1 3b4b4b6e6a5e0c1981c62b6b33a0ca78f82b7bbd
SHA256 e5615c838a71b533b26d308509954907bcc0eb4032cdbaa3db621eede5e6bfa4
SHA512 22131600bbac8d9c2dab358e244ec85315a1aaebfc0fb62aaa1493c418c8832c3a6fbf24a6f8cf4704fdc4bc10a66c88839a719116b4a3d85264b7ad93c54d57

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_et.dll

MD5 b78cba3088ecdc571412955742ea560b
SHA1 bc04cf9014cec5b9f240235b5ff0f29dbdb22926
SHA256 f0a4cfd96c85f2d98a3c9ecfadd41c0c139fdb20470c8004f4c112dd3d69e085
SHA512 04c8ab8e62017df63e411a49fb6218c341672f348cb9950b1f0d2b2a48016036f395b4568da70989f038e8e28efea65ddd284dfd490e93b6731d9e3e0e0813cf

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_es-419.dll

MD5 28fefc59008ef0325682a0611f8dba70
SHA1 f528803c731c11d8d92c5660cb4125c26bb75265
SHA256 55a69ce2d6fc4109d16172ba6d9edb59dbadbc8af6746cc71dc4045aa549022d
SHA512 2ec71244303beac7d5ce0905001fe5b0fb996ad1d1c35e63eecd4d9b87751f0633a281554b3f0aa02ee44b8ceaad85a671ef6c34589055797912324e48cc23ed

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_es.dll

MD5 9db7f66f9dc417ebba021bc45af5d34b
SHA1 6815318b05019f521d65f6046cf340ad88e40971
SHA256 e652159a75cbab76217ecbb4340020f277175838b316b32cf71e18d83da4a819
SHA512 943d8fc0d308c5ccd5ab068fc10e799b92465a22841ce700c636e7ae1c12995d99c0a93ab85c1ae27fefce869eabadbeafee0f2f5f010ad3b35fa4f748b54952

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_en-GB.dll

MD5 d749e093f263244d276b6ffcf4ef4b42
SHA1 69f024c769632cdbb019943552bac5281d4cbe05
SHA256 fd90699e7f29b6028a2e8e6f3ae82d26cdc6942bd39c4f07b221d87c5dbbfe1e
SHA512 48d51b006ce0cd903154fa03d17e76591db739c4bfb64243725d21d4aa17db57a852077be00b9a51815d09664d18f9e6ad61d9bc41b3d013ed24aaec8f477ad9

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_fa.dll

MD5 cbe3454843ce2f36201460e316af1404
SHA1 0883394c28cb60be8276cb690496318fcabea424
SHA256 c66c4024847d353e9985eb9b2f060b2d84f12cc77fb6479df5ffc55dbda97e59
SHA512 f39e660f3bfab288871d3ec40135c16d31c6eb1a84136e065b54ff306f6f8016a788c713d4d8e46ad62e459f9073d2307a6ed650919b2dd00577bbfd04e5bd73

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_el.dll

MD5 ac275b6e825c3bd87d96b52eac36c0f6
SHA1 29e537d81f5d997285b62cd2efea088c3284d18f
SHA256 223d2db0bc2cc82bda04a0a2cd2b7f6cb589e2fa5c0471a2d5eb04d2ffcfcfa0
SHA512 bba581412c4297c4daf245550a2656cdc2923f77158b171e0eacf6e933c174eac84580864813cf6d75d73d1a58e0caf46170aee3cee9d84dc468379252b16679

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_de.dll

MD5 aab01f0d7bdc51b190f27ce58701c1da
SHA1 1a21aabab0875651efd974100a81cda52c462997
SHA256 061a7cdaff9867ddb0bd3de2c0760d6919d8d2ca7c7f889ec2d32265d7e7a75c
SHA512 5edbda45205b61ac48ea6e874411bb1031989001539650de6e424528f72ec8071bd709c037c956450bb0558ee37d026c26fdb966efceb990ed1219f135b09e6e

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_da.dll

MD5 d34380d302b16eab40d5b63cfb4ed0fe
SHA1 1d3047119e353a55dc215666f2b7b69f0ede775b
SHA256 fd98159338d1f3b03814af31440d37d15ab183c1a230e6261fbb90e402f85d5f
SHA512 45ce58f4343755e392037a9c6fc301ad9392e280a72b9d4b6d328866fe26877b2988c39e05c4e7f1d5b046c0864714b897d35285e222fd668f0d71b7b10e6538

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_cy.dll

MD5 34d991980016595b803d212dc356d765
SHA1 e3a35df6488c3463c2a7adf89029e1dd8308f816
SHA256 252b6f9bf5a9cb59ad1c072e289cc9695c0040b363d4bfbcc9618a12df77d18e
SHA512 8a6cbcf812af37e3ead789fbec6cba9c4e1829dbeea6200f0abbdae15efd1eda38c3a2576e819d95ed2df0aafd2370480daa24a3fe6aeb8081a936d5e1f8d8ed

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_cs.dll

MD5 16c84ad1222284f40968a851f541d6bb
SHA1 bc26d50e15ccaed6a5fbe801943117269b3b8e6b
SHA256 e0f0026ddcbeafc6c991da6ba7c52927d050f928dba4a7153552efcea893a35b
SHA512 d3018619469ed25d84713bd6b6515c9a27528810765ed41741ac92caf0a3f72345c465a5bda825041df69e1264aada322b62e10c7ed20b3d1bcde82c7e146b7e

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_ca-Es-VALENCIA.dll

MD5 2929e8d496d95739f207b9f59b13f925
SHA1 7c1c574194d9e31ca91e2a21a5c671e5e95c734c
SHA256 2726c48a468f8f6debc2d9a6a0706b640b2852c885e603e6b2dec638756160df
SHA512 ea459305d3c3fa7a546194f649722b76072f31e75d59da149c57ff05f4af8f38a809066054df809303937bbca917e67441da2f0e1ea37b50007c25ae99429957

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_ca.dll

MD5 39551d8d284c108a17dc5f74a7084bb5
SHA1 6e43fc5cec4b4b0d44f3b45253c5e0b032e8e884
SHA256 8dbd55ed532073874f4fe006ef456e31642317145bd18ddc30f681ce9e0c8e07
SHA512 6fa5013a9ce62deca9fa90a98849401b6e164bbad8bef00a8a8b228427520dd584e28cba19c71e2c658692390fe29be28f0398cb6c0f9324c56290bb245d06d2

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_bs.dll

MD5 e338dccaa43962697db9f67e0265a3fc
SHA1 4c6c327efc12d21c4299df7b97bf2c45840e0d83
SHA256 99b1b7e25fbc2c64489c0607cef0ae5ff720ab529e11093ed9860d953adeba04
SHA512 e0c15b166892433ef31ddf6b086680c55e1a515bed89d51edbdf526fcac71fb4e8cb2fadc739ac75ae5c2d9819fc985ca873b0e9e2a2925f82e0a456210898f9

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_bg.dll

MD5 8375b1b756b2a74a12def575351e6bbd
SHA1 802ec096425dc1cab723d4cf2fd1a868315d3727
SHA256 a12df15afac4eb2695626d7a8a2888bdf54c8db671043b0677180f746d8ad105
SHA512 aec4bb94fde884db79a629abcff27fd8afb7f229d055514f51fa570fb47a85f8dfc9a54a8f69607d2bcaf82fae1ec7ffab0b246795a77a589be11fad51b24d19

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_bn-IN.dll

MD5 a94cf5e8b1708a43393263a33e739edd
SHA1 1068868bdc271a52aaae6f749028ed3170b09cce
SHA256 5b01fe11016610d5606f815281c970c86025732fc597b99c031a018626cd9f3c
SHA512 920f7fed1b720afdb569aec2961bd827a6fc54b4598c0704f65da781d142b1707e5106a459f0c289e0f476b054d93c0b733806af036b68f46377dde0541af2e7

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_ar.dll

MD5 570efe7aa117a1f98c7a682f8112cb6d
SHA1 536e7c49e24e9aa068a021a8f258e3e4e69fa64f
SHA256 e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01
SHA512 5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_am.dll

MD5 f6c1324070b6c4e2a8f8921652bfbdfa
SHA1 988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf
SHA256 986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717
SHA512 63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\msedgeupdateres_af.dll

MD5 567aec2d42d02675eb515bbd852be7db
SHA1 66079ae8ac619ff34e3ddb5fb0823b1790ba7b37
SHA256 a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c
SHA512 3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\EdgeUpdate.dat

MD5 369bbc37cff290adb8963dc5e518b9b8
SHA1 de0ef569f7ef55032e4b18d3a03542cc2bbac191
SHA256 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3
SHA512 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe

MD5 60dba9b06b56e58f5aea1a4149c743d2
SHA1 a7e456acf64dd99ca30259cf45b88cf2515a69b3
SHA256 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112
SHA512 e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7

C:\Program Files (x86)\Microsoft\Temp\EUE927.tmp\MicrosoftEdgeComRegisterShellARM64.exe

MD5 7a160c6016922713345454265807f08d
SHA1 e36ee184edd449252eb2dfd3016d5b0d2edad3c6
SHA256 35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9
SHA512 c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

MD5 8e67c8bdca6420e07649575f269c8ec6
SHA1 0d13215793de212995c6027874d41cb1cb684071
SHA256 f7e1018bdfb553e4405e1aab755a07bed1f19093b7f43fa35521c08b59352ff4
SHA512 09c7fdb4415a0e1068e21e6b43c5f5313ed82d74d4ec921b91c73e24cf17e18f8db29fcd9e41c7609c5007846a7db622a70db685c352f3fcb2da0dcd56603f40

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

MD5 62e378dae9c1c76f3e45cfc7aa642bd2
SHA1 6e9b7c5007d3c676a9e3acae8991181eabd4d4ab
SHA256 b02204886fb5096d8bd0245136ab5042b08a5488023e9c0b5149a2b723bef72b
SHA512 79ab1a75145837edb0ebc009ce267077b9358788a9f884b29a90ff4802389facc3cc3e1fff236c84624767b0f915d4435de047d34a97ab5a94154823b244d90c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 656bb397c72d15efa159441f116440a6
SHA1 5b57747d6fdd99160af6d3e580114dbbd351921f
SHA256 770ed0fcd22783f60407cdc55b5998b08e37b3e06efb3d1168ffed8768751fab
SHA512 5923db1d102f99d0b29d60916b183b92e6be12cc55733998d3da36d796d6158c76e385cef320ec0e9afa242a42bfb596f7233b60b548f719f7d41cb8f404e73c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d497feb8575c8290ed591e83cff018a3
SHA1 587b043994a438a7cb5ff02ac5d2684fb07a91de
SHA256 b76a846f5098cd76f02eb7d1abca4233d5ae9b3d9123b74091dedca0e1663290
SHA512 968e83db216bc542333835f066586dcec8fb677b29d1445b59cdfa130fcfe52c778f8bd13d856f37efc29e95fe7dfd6bc85dbcda9c932b573612d1faa86c74e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 d459a8c16562fb3f4b1d7cadaca620aa
SHA1 7810bf83e8c362e0c69298e8c16964ed48a90d3a
SHA256 fa31bc49a2f9af06d325871104e36dd69bfe3847cd521059b62461a92912331a
SHA512 35cb00c21908e1332c3439af1ec9867c81befcc4792248ee392080b455b1f5ce2b0c0c2415e344d91537469b5eb72f330b79feb7e8a86eeb6cf41ec5be5dfd2f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6d82b7a91a383917332a5f0e2a2f7862
SHA1 c1aaeb70064318930e32d0b73486d174156f71ac
SHA256 2bdb8aea9f221a6e949396444a16098c74724d5c528a81c083ce576bca945719
SHA512 80f090f756e8011cc54760cde808abb73b76ccf6e0a9e961ddc6f5e9b5e99df14943c817da34898f158a3d86eb1049779e05606aa3d6b0c589552fc5342e4514

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 386e104ec12e363d9b84b640991f256f
SHA1 03a21c8bdc763fe44ff8af8c09488fc891684483
SHA256 86cbebaf0a549da66edd3a3e1e65ba9138689166b5339bc71b058923ba6ae23c
SHA512 fc47adfc4fe57e7e6a279980139c2d3ee30087e200ccd8b1c872e9f00759cf93f21f15187434fa8b494a12b28384a7fa1ae4c71799675ee49a3d15466f7f6442

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8ca1490e2d891e182601934ed5737acd
SHA1 21d1d61ea2139f31f8e93802ed71ee96de1ce6b2
SHA256 11f5376afc58e4ab97d0df5eb9a97e0fab9778947f2df861a91874972caf9206
SHA512 d6d746a0e338453b560b2d79d534f2a4e5d4b5a3da1128964ce10ea45f0e5542766df4ef997feea5397322fa09466931ab6f7e2e06e5c5bd29f8d53998600fb1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_remotedesktop.google.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\90f20c17e2bc11158145209b110cb75c09654d8b\index.txt

MD5 75040765836a163d15c49eb6efe517ea
SHA1 c737f0e7e0b908f68e04e49856520357321be0e5
SHA256 2e05509189d9980292f7717e9de6fd4f3f0433438bb21b504f4942cea425df00
SHA512 0ff8ff4055e7dd5dfd3c5a0eea2bb17a3e0aca0d9058f8335b42c42797ffad3bdede0f144fa38a1298a17497815d94dab5cb63b5f79668c8b9da1b1d701ea692

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

MD5 eb11bfb369775ff0739dabb3a5f379cc
SHA1 2eebaea2f7080c0b256fbfc70ab91473243af0f8
SHA256 2e0bdc192134bb3950a1ba4c1148901e39ebd8d2d01f64ef23106e90a9f771b0
SHA512 59e89752e932aade54d5b2b940e09f3c8b12a836f1c5eb515e82036a97492f42e12a4fb3dc156cb8d969d6cb4e8fd8f18b358715f972e12d4596ad390430cb21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 bdc73144f268b2cf3758620103d3deae
SHA1 691de4d8c0e3f1a04487b589260e968961ed5ffd
SHA256 ae869730d87fc3a089fe057f1d561e11eafd9c9252f00da9f73a7508e01de22c
SHA512 0dd854e49fa456265c7000f965a1f3ca66b82dd5ead1b6d4d19a92ed081cb459b0aedd06e893d07b2480d24d2c942494b9018aaa277b5ef9f2657be309dc9afa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

MD5 b05e9cde9bd08b018c82f399610bae3f
SHA1 dc8c94bd7d4b49f451d900851989e3eb998c1426
SHA256 f2778b11acdb9a2f2daf7f728caa70f1d3d10e2b37c81bd34afbdd6f3f6251d8
SHA512 ebdca698b66c1e98b0f72a81325456b71197e704c7f67bca64c44eda2b268af3c0134791a3529202a3d89f45eede04844cc6932ced186aa6339f5dfe3d05ec7c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5a8fbe.TMP

MD5 aa38df5ac11243c645a62c636740b7e9
SHA1 115d72a7c61dd74eb1b5912875e26c49dc9d3f3a
SHA256 e011f92a7fae9bf46cd5f5b1e900ba6483acd70b0349783caf5a02eaa82f0903
SHA512 4d0f959e91cd5f3e4e85969b7ecc7b38c53ef7fd6d179ed93c1cec9d168def22cce6515e3d5b78af005dbcf2b9db6d5a5989d7111e6a4feeb8b3ff9f4877a05b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 754a726271782a97dfe20c845028c790
SHA1 70a3cc9c748d58272aa53f5ff765d560ae2a082b
SHA256 5df3557e1f5988315e605b4dd045620c3aa0624367f69945c7e101d747547b66
SHA512 ac1ec0b41ee7268fd6247ec3283c7c94d1720297ff2f7fc7e58486d8905a11af88a266ff2d027e3ab77a6ff2cd3b2c869a10fe969a33676f2255a7bd33f075c4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 e805d41f83cc25a87cde473c0aa20519
SHA1 5083311d1a6d4c594d93b1b1935265e2c5855e7a
SHA256 924f27203fad6c5444669b0f2b9a5073e619f46682f1b53657a56512e09eaad4
SHA512 891ce0153658f3a872484a03ed2747d21bfa5c936f4acf8164a8c14bd15d14491fcfaa000bc16616f4860eae5393c2f7cfb20880a1a39f72c06c44bd2cea22e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5a922f.TMP

MD5 4d302c9cc2de1d37fa59f5be9728c2bc
SHA1 243fac049cd18df7254c5045b6fe4241e37211ea
SHA256 afe715bd9a1d27cb274ac20d24a984398fe160321bb3e141c7c345cac6cb8166
SHA512 cfc6f135bb57ac56c4d2fe177b8078b61a0073367e7f493f9dae66ca5c688eb07a37cdc54b8ce4fc2043b3e4cd879e2031a8283ef5e61ba066dc0798f8923fba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\90f20c17e2bc11158145209b110cb75c09654d8b\71a0df2c-ec9b-4731-a5bb-b6cf196c04ce\index-dir\the-real-index~RFe5a9462.TMP

MD5 2df9751c0a2712fea15a15c6456e1a5f
SHA1 bcbc904343b778e99a86755d755d67b923a2db59
SHA256 de29cbc318f767a43927284ecd0474bb6ae72a5adac1fd38f1994a7d1e07175a
SHA512 860d495673706ffa0050e51e8b7f5aa70ec10f33b387fd350e23194f40b7c01e19f770cd7fe74a385ffaea44df12f5e0639a8e249b98bf7da27827094af959c1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\90f20c17e2bc11158145209b110cb75c09654d8b\71a0df2c-ec9b-4731-a5bb-b6cf196c04ce\index-dir\the-real-index

MD5 6204c45e9815a2f6d6b5c1c66a0363ee
SHA1 389bd1b635a77abe91cdc04731064c951d501623
SHA256 f6bfe9eeae6bb09b1131d667bcf2078135473d1bf92c6e81577ad2ab3624bde4
SHA512 e9583c1d9fab2cb0386591ae8869e377eb1a64482255ff53a2cb066178e1d9441285bdc6741e3cb5e51365fc117672d5b366fd6180cdde59af634aaae34d1570

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\90f20c17e2bc11158145209b110cb75c09654d8b\index.txt

MD5 448bdd6f3a0137e6c07e56ef018f6904
SHA1 ea78b8caa5b1c0eb8be5ab77cea0574a7b036773
SHA256 e03cdbd2810b6d5ae23f40ed8e6ab34dd7c296da42589b073c4273a84d993351
SHA512 ca237c33b2d64f41c8c5ef0f1d98808a83768e54d92af9851f27f7ad8fa2a9acc461375a152aee9c91fb8621af7d6daa8019ac7b32ce56568e35b414c14b30ba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 438ba5d4f4f5691e45fcf5b81dd4b904
SHA1 46a2550a0a309cb560ed3a05b39d087578600d02
SHA256 4e89f7d8cf56cb51b34dd30bf1483906199e9038d8c1a0c20bf0ddc198b8450c
SHA512 99ba7418bdb26803482f1f3d4168eb4864f0eb3c9e095386af18106544d637b3f0ef9b6ee1d22c023978aa72bb2b400579090b75053016d8c8b97d2ea21489f1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 71e62e94c066de09b7a8812c2ff3e42b
SHA1 4f3f207eaa7615e48937f8b3439f2317f0da416c
SHA256 46b714b767ca61e45201776977f3fd36df80665278761eaca54a8b7edf5f6c07
SHA512 0c107fc1c00db6da3a7bf0eb0d0f24aae34b7d3c4f3f1a49946b7623abdacab9ff50988e1c4567ce16274e3ca61fb313fb3d81014e7fddebe42f949df51886fb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 84a760e5a768f0e5ff9a1d4c1e1f8493
SHA1 3c8b50f54932d05a6507e2dbc38ba836c023012c
SHA256 6743ffb6df66825a442999f692c9f399e2f89a20d27c61db2f627079c17aaff6
SHA512 2f508182ef0bd7b4f811a57966cadfc64a707f34d08d2c19720036cf3a900e9e0021945b49a8027a6513ab961e39813056bc027130277bbea187e6e7822100eb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 2a2b7e125c94f00c0ea89e160a53c16d
SHA1 70a142dce755e29a83b9227e0137671f31693c5c
SHA256 8a3855a4bdacb09c262956f18e36ef199fe94103c50facbef5303945d9a46c3f
SHA512 14788ec1e383f10fa863dcda76ce17daa6a8a825f303c4b449a34bad7506086c5eee21d52bff6185e6afd392d77c28217581f31ddb03f2254e288e153234e01e

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}\123.0.2420.53\MicrosoftEdge_X64_123.0.2420.53.exe

MD5 792ca8b8fdeb65f4a356733c37663563
SHA1 8f9cebbb0fc0d164b558910cf72a34e1e0dce927
SHA256 4d5f3043668c098ef934107620fd250b080ca70092629c76c42f9ffb01cc85a2
SHA512 6db2bf52fd53471eef145ab07081a8425dac477ccc554e550d5b3b4091622204669f13237f7984f8aac288a3a5d1bd1f10a8dbd0fde00447693ef4f93be1e31b

C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat

MD5 11347af9f1195d1d5f0c32e4a7bba6f5
SHA1 36e870c835ebe90c12a25106075936a90a04f887
SHA256 1c37cd0af079c5fd588618cd0819d02e75bd045ea44677328842f5f12db7d241
SHA512 d2ff746ac11c014e6a28a0376607490dcaa8aee8c2ffc728d1ffa31be975e2f436d8e25cc23c1d361fd96ca59453c19ee5d8728261617369aa6ca78ef8ca35b2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 01a85af377bfc7bd984f56d245243bdc
SHA1 4d07843470e69e7aa568e33d46f7fb167980a16f
SHA256 023d6c8b4a8b64f44daf0547ead721f5bcb9436e6257eb2f39e53007963c51d1
SHA512 e0bfcddd270d48e728b3faafa52b34d26f99f52de0035e1b6c19bd97147a27abe94ffcb7a15b1ac45bd1e1af69abc4f87b2a5331ff83348bf3a1b5e442db9b14

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9351a05fac7ff35090d8af815b9aefb9
SHA1 330371d68cc46cec380ff13f8b3be5e6956b3c1c
SHA256 f4c971eaa1b8e07646e78972a1b77a89f65be617bea421ff5e6af009d3da7d32
SHA512 31bf50dcd379c7e96acfd6b8cc204a23a68ca0066dc20a209b7df7386d5b87827eb533f294f79b224be90e1fdde3c51199a45a8e60708882a1411f3bf92915dd

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 7f3316dbc23cf3749bf2b04f9373a6f1
SHA1 770ca16b1c4f6ff53000c1b9ddec1c5584590660
SHA256 28a39b2ab8bfc00016701991cfa31c147851cdf5fc5a5028baa318ae1d2c0df3
SHA512 675692bd1dbf08e24c0704084407c14f5e49d0e57999ce5306a9a3916f621434c67d68f60a7bbe7f328e7449412c24f183e8e218c201f9b4ec08a9d3ef3fe548

C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.53\Installer\setup.exe

MD5 d400467338144a5ac8cba26c07696ccd
SHA1 c16f9c0da61b57da4141697f857592a085f4b864
SHA256 e2387ca95353a1f8fb310ba1d2429611f3004e0da91879600075fc0ed058a1b1
SHA512 7a00b740da00dd38c1a99d165b8a99e58d9150b5163859cc16e525c9895cf7322fd7347222f6585a2c00b5a412930e2f8cb12f5095037ecff4d9f256823ae1cd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8b7a6b049d6025fa940775c2b901b653
SHA1 b3baba4ae1d6307328fb3ba74884cc068a999537
SHA256 34d4335d8ee05823de54b1d4ced7a17e38f26e8474a4d53d2838ab4693576960
SHA512 00e5ee07a1dac60a443efbbac6c97c89402acac0fd5884adb48aa01af6dfc4021c53b4224cf36a861080e4687d18c58886c5d9aeeb2074dbf9a6aaba673749db

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 88817b0475d3549d04a9c15969c03c81
SHA1 26b6d89f3ce0a5b2af55851465c61a29c98cad7b
SHA256 1cc19487f35e0e10d6251af472f96ad00d9cc4433f230d6ee10c022a6155ed34
SHA512 a44ac7d216c1a2c8e555d75a1fd4a58afa895aa9afdb33026995a39d787fdab86e6aa9d9453de58f77647700e876b70dec83ded7b6c50736db7e7f7b6b3ac72b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f765a6940cf488e46a3289a3b576f5ae
SHA1 c3e8cf8bbb1f6b35ee532be44c437e75ecd9526f
SHA256 204f0c07af28c8b9718952f78bad3fc892f617a2ca5aae75fcf8b47c73be17b8
SHA512 8aca29176cfd60de6af6bd5c064332b868441f9c54371fab7e7b85b8def40f0938fe7a23b9fa177c0836dbefc726c0d0694e322a30895c858432c78a8c57a95d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 f71b7ff4ce042471c2f68efa537d6cb7
SHA1 8a9ac5884b1926c8853b6730b4ed7a82c8704df8
SHA256 234b488506d083f019b8c9aa0ab9842f82aaf77147c24bd663b0481824165d77
SHA512 5348f8e0331772c4bea93634f563fea77cb47609de5ca8b640921e5ea6c7412b14acea9c77d3c9e5c470174b730ebed61acd8720bedbd37b366f0e6a1014aa0e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 bd66dd778d58b6c1bc21c8390ca38361
SHA1 862b42af4dd954f1bd928f90c860e126b5ccc73e
SHA256 da61cce897df06e19f79858f832db970f071064e41458f6c4df1b969af120d0f
SHA512 b9f49bb1dcd96bb165636b3bebd867938eeb13ae9b769707994e192f2d5b5586af3ccb3751171810b0b4b92c448569fe3f0afac95ac240c1e4942c9c7353a0b1

memory/5568-1256-0x0000024DDC190000-0x0000024DDC191000-memory.dmp

memory/5568-1257-0x00007FFCB7F00000-0x00007FFCB7F10000-memory.dmp

memory/5568-1258-0x00007FFCB7F00000-0x00007FFCB7F10000-memory.dmp

memory/5568-1259-0x00007FFCB8020000-0x00007FFCB8030000-memory.dmp

memory/5568-1262-0x00007FFCB8020000-0x00007FFCB8030000-memory.dmp

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0F03C2-95D3-40FF-B295-22507EDBEF4E}\EDGEMITMP_D2F8D.tmp\SETUP.EX_

MD5 7a1dc09b0075b8efa24484ecea034142
SHA1 80b90bc3cfe275ff767e04e6340e767304396361
SHA256 9e95642380bd5b75abc469cf040d66c7f211e0d725efa46ceec528a2391de598
SHA512 d1a6ac753c35d41134fb0470256770679c2e56b83fd07631fa12f4ff211d7aa4b70810a1ffcecd3fac7c07c1febdf71970b06c2b10444625192a62e1464ea1c0

memory/5568-1263-0x00007FFCB8070000-0x00007FFCB80A0000-memory.dmp

memory/5568-1269-0x00007FFCB8070000-0x00007FFCB80A0000-memory.dmp

memory/5568-1270-0x00007FFCB8070000-0x00007FFCB80A0000-memory.dmp

memory/5568-1271-0x00007FFCB8070000-0x00007FFCB80A0000-memory.dmp

memory/5568-1272-0x00007FFCB8070000-0x00007FFCB80A0000-memory.dmp

memory/5568-1273-0x00007FFCB8100000-0x00007FFCB8109000-memory.dmp

memory/5568-1274-0x00007FFCB68C0000-0x00007FFCB68D0000-memory.dmp

memory/5568-1275-0x00007FFCB68C0000-0x00007FFCB68D0000-memory.dmp

memory/5568-1276-0x00007FFCB6950000-0x00007FFCB6960000-memory.dmp

memory/5568-1277-0x00007FFCB6950000-0x00007FFCB6960000-memory.dmp

memory/5568-1278-0x00007FFCB6970000-0x00007FFCB6990000-memory.dmp

memory/5568-1279-0x00007FFCB6970000-0x00007FFCB6990000-memory.dmp

memory/5568-1280-0x00007FFCB6970000-0x00007FFCB6990000-memory.dmp

memory/5568-1281-0x00007FFCB6970000-0x00007FFCB6990000-memory.dmp

memory/5568-1283-0x00007FFCB6A60000-0x00007FFCB6A6C000-memory.dmp

memory/5568-1282-0x00007FFCB6970000-0x00007FFCB6990000-memory.dmp

memory/5568-1284-0x00007FFCB5460000-0x00007FFCB5470000-memory.dmp

memory/5568-1285-0x00007FFCB5460000-0x00007FFCB5470000-memory.dmp

memory/5568-1286-0x00007FFCB55D0000-0x00007FFCB55E0000-memory.dmp

memory/5568-1287-0x00007FFCB55D0000-0x00007FFCB55E0000-memory.dmp

memory/5568-1288-0x00007FFCB5780000-0x00007FFCB5790000-memory.dmp

memory/5568-1290-0x00007FFCB5780000-0x00007FFCB5790000-memory.dmp

memory/5568-1289-0x00007FFCB5780000-0x00007FFCB5790000-memory.dmp

memory/5568-1291-0x00007FFCB57A0000-0x00007FFCB57B0000-memory.dmp

memory/5568-1293-0x00007FFCB57A0000-0x00007FFCB57B0000-memory.dmp

memory/5568-1294-0x00007FFCB57A0000-0x00007FFCB57B0000-memory.dmp

memory/5568-1296-0x00007FFCB6800000-0x00007FFCB6810000-memory.dmp

memory/5568-1297-0x00007FFCB6800000-0x00007FFCB6810000-memory.dmp

memory/5568-1298-0x00007FFCB6870000-0x00007FFCB6880000-memory.dmp

memory/5568-1299-0x00007FFCB6870000-0x00007FFCB6880000-memory.dmp

memory/5568-1301-0x00007FFCB68B0000-0x00007FFCB68BD000-memory.dmp

memory/5568-1303-0x00007FFCB68B0000-0x00007FFCB68BD000-memory.dmp

memory/5568-1304-0x00007FFCB68B0000-0x00007FFCB68BD000-memory.dmp

memory/5568-1305-0x00007FFCB68B0000-0x00007FFCB68BD000-memory.dmp

memory/5568-1306-0x00007FFCB7820000-0x00007FFCB7830000-memory.dmp

memory/5568-1302-0x00007FFCB68B0000-0x00007FFCB68BD000-memory.dmp

memory/5568-1307-0x00007FFCB7820000-0x00007FFCB7830000-memory.dmp

memory/5568-1308-0x00007FFCB7820000-0x00007FFCB7830000-memory.dmp

memory/5568-1309-0x00007FFCB7840000-0x00007FFCB7849000-memory.dmp

memory/5568-1310-0x00007FFCB7840000-0x00007FFCB7849000-memory.dmp

memory/5568-1311-0x00007FFCB7840000-0x00007FFCB7849000-memory.dmp

memory/5568-1312-0x00007FFCB7840000-0x00007FFCB7849000-memory.dmp

memory/5568-1313-0x00007FFCB7840000-0x00007FFCB7849000-memory.dmp

memory/5568-1314-0x00007FFCB58B0000-0x00007FFCB58C0000-memory.dmp

memory/5568-1315-0x00007FFCB58B0000-0x00007FFCB58C0000-memory.dmp

memory/5568-1316-0x00007FFCB59C0000-0x00007FFCB59D0000-memory.dmp

memory/5568-1317-0x00007FFCB59C0000-0x00007FFCB59D0000-memory.dmp

memory/5568-1318-0x00007FFCB59F0000-0x00007FFCB5A10000-memory.dmp

memory/5568-1319-0x00007FFCB59F0000-0x00007FFCB5A10000-memory.dmp

memory/5568-1320-0x00007FFCB59F0000-0x00007FFCB5A10000-memory.dmp

memory/5568-1321-0x00007FFCB59F0000-0x00007FFCB5A10000-memory.dmp

memory/5568-1322-0x00007FFCB59F0000-0x00007FFCB5A10000-memory.dmp

memory/5568-1323-0x00007FFCB57E0000-0x00007FFCB5806000-memory.dmp

memory/5568-1324-0x00007FFCB57E0000-0x00007FFCB5806000-memory.dmp

memory/5568-1325-0x00007FFCB57E0000-0x00007FFCB5806000-memory.dmp

memory/5568-1327-0x00007FFCB57E0000-0x00007FFCB5806000-memory.dmp

memory/5568-1326-0x00007FFCB57E0000-0x00007FFCB5806000-memory.dmp

memory/5568-1328-0x00007FFCB7EF0000-0x00007FFCB7EF1000-memory.dmp

memory/5568-1329-0x00007FFCB8070000-0x00007FFCB80A0000-memory.dmp

memory/5568-1330-0x00007FFCB8070000-0x00007FFCB80A0000-memory.dmp

memory/5568-1653-0x0000024DDC190000-0x0000024DDC191000-memory.dmp

memory/6072-1765-0x0000027402A90000-0x0000027402AA0000-memory.dmp

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Sync Data\LevelDB\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad\settings.dat

MD5 6b25802bf6e8e35ebb6586f9cc6fc96a
SHA1 c8bb2d604a4997176a1ff7947be4890cbd7324fa
SHA256 c4f354c224243b362b060d7925078449fc438d51727d2922aee5ab4f2f922a88
SHA512 b59f2862b2c4f107c2bad55fb248ddabbf4a8893dda0e972bc4489513caa0de30bccf95d1d5387d7c802342dd564e5636ae11a8c293a9fdc6c4df4ea699d7136

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\ShaderCache\data_1

MD5 d0d388f3865d0523e451d6ba0be34cc4
SHA1 8571c6a52aacc2747c048e3419e5657b74612995
SHA256 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b
SHA512 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 fa20f6dc54216f021c3fffac3d4cc59d
SHA1 06143c9b99363fcf57dcd761e59c8b029c77ba57
SHA256 d56bf70ef46ac534f29cec3ecd30eceb5f9c8e635f906a4131dce721aa122843
SHA512 dee98b65a32e441403039aa584a4371e0e230009628e6a1976a7df01cab1a4d3a2a70a1410392518f7b58587527491c777afd5fe3557809678180b0433392ee9

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 3b892dff2c7c080081f583c9ab39937d
SHA1 fd707b8b74d30744e2215c4227833505ab3f0422
SHA256 170a51b2bb5f92dfd28608c76c87e58cb2e0fcfb3dff1920a98ced78a3c9ac6f
SHA512 b4cd8073113824d932bfe4ef428645a4ad67e61603e41b8b264b07887b20d22c8f6df745e9791a7461c0404e5628e48f4b392abc083c31d8aee604ba7887147d

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State~RFe5c8fc4.TMP

MD5 65d17734b269483f845ba328489502b9
SHA1 f5c9451c12a2c643f8baedf62a348c4b5d7ab080
SHA256 ae94c994a055d32749df36552524623d78dfdce2ee007cdcec8051d10bba8255
SHA512 b7286a04988381114b59efda68e45966a313e34626d6eeeffed2c12e9597d396133630482ecc44475d04399331e4271fe59dfe168b767a005c2968779d366559

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Shared Dictionary\cache\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GraphiteDawnCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\GPUCache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\GPUCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\Videos\Captures\desktop.ini

MD5 b0d27eaec71f1cd73b015f5ceeb15f9d
SHA1 62264f8b5c2f5034a1e4143df6e8c787165fbc2f
SHA256 86d9f822aeb989755fac82929e8db369b3f5f04117ef96fd76e3d5f920a501d2
SHA512 7b5c9783a0a14b600b156825639d24cbbc000f5066c48ce9fecc195255603fc55129aaaca336d7ce6ad4e941d5492b756562f2c7a1d151fcfc2dabac76f3946c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 86af856beeb89757d5b5229d99fecda0
SHA1 8d594137d1ce9ca8c202958985ef9b771831a77e
SHA256 376914f31372db5fb77ca7c2c14b4e8b1282a7f583e0bfe0af5d4777ada5403c
SHA512 a2d3a048e5d6f27047e57a212496eefb16d950cc498c5c6427538ca9eb5229ded67dd50b7ecefb457e73f1baa580f73783dba61726f2a4240ab2a00df978aa4b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 976f3703875dd11fa5cec1291d72325a
SHA1 cf6eb2076fa788487702ba8b6fd2e59cbb445124
SHA256 0a9cd9b3175a0ea8740552f495a980e3561398e9e437f57d065be01dbe5feea9
SHA512 eabeb19e6af3ea3672a6212acca55497e018b6f38cf6e6647bb4b36f68ed9d1c42b23351d1781a63176440d0beca0437094de68bd767ca0628c9dd02dc76be4a

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 a19ddc7e2a440a28c6e394be16d72996
SHA1 0ad1aa9d737fa56153b19e8252cda4c7e845108d
SHA256 317af1273469eadacab7c9d734d1c1d68674783712edefacb93d6bd378da1412
SHA512 4a3ac9359147f4d8b3501d7dd3446a6f56bdb94485dd83c4b0a5636f936e5e797c5ca10443a0a72fdba780438a70cee15af4177980a093414174c49e78ec4286

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 bf75f7201193de56cef2987de220866e
SHA1 093775bdee5e9dd118fa7f56ca405c30170333e3
SHA256 0c3e08e40f1d175cd9e0f9b4a51122e587b702d470081a7993569c3a3e084518
SHA512 e145787687552cd859ad9df8bb54e81d8b18d7ff0158c86722e57d691543bf0b94842aed373f26627fc5fb5655d04e65ba25702b0843a26e71032866c3720969

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2e33d9a07f862198ddf81a2148543f53
SHA1 ea505817f9a869195b011f5b9515659e8141ff0d
SHA256 bd13ccf0546d4000386a9a37f7440a52be1b82085b0e4b7a4c8eee13ad829e29
SHA512 d3ee09e364f537cc7dbb805ce6b09e6db6fc669b6556a72161687ee83751ae2eb3601e50d9a4bd6466f409871b7fd132c0517256aa144cec7f9188848fc10c27

memory/6072-2385-0x0000027402A90000-0x0000027402AA0000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 d300de4af9fd7e1936c446222b65e3c8
SHA1 e8caa256f070872dbeb264abb490bb2c4eb1675e
SHA256 b106ed7806edba3b88e2f859fa70b375f66d792e85c00e227868d75d0e829898
SHA512 ee3e0202f3529b6c4331946efb3ba2919e57fccf53b70fb57012f4f85a502d6e6f539f37a3b6de1b1a407fcdb37c81262631de8f2224640bd108d0cf42eacc76

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 233ff4fac6f014560909238bab1bcc25
SHA1 f2439d19146df97691e325163996a422a73f3818
SHA256 c3f610b2c5c5e4a89d3b7df07364ea74c3cb4be033993a8ebd3530581e0756b7
SHA512 8edf40a6812314cb45ca12c89eb796be7814c8b5973123347e70329139d97d2d019af08778a59979442f95f58728d7b8c2fd07faf4233d5383e1b69e0c52bfc9

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\7b6884bd-854d-439a-a880-4ffbd3a0331d.tmp

MD5 3111f3df5171993e01e205e58a4e1712
SHA1 6115066aa67a9d978bbaaaaf9d97f87732619797
SHA256 a7564873c5d76107aea8ca5e5dd6e6706030e76d3006e8266c49c249cc14893a
SHA512 d1df68078eb8fa7b9be2987a40d3780f846e9728dcb8466c2742602e2ed9970193aaf9b3d75e1135dc40e5cfbf10ad0a9a596357427ab7e2ae22e97fceddeaed

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity

MD5 f9e1844ee0a93d8c338c2dddd18df871
SHA1 ba457cb975444ce7a87dc422d39600147cfd003e
SHA256 6f945960402363b38a845627e6bea70af962169ed15bb2c17977ebc081bca9af
SHA512 5524124ba53c23a72171a30e001c44dcb9909c708fcd0b9411c400bef4769f5a76a0f5bab0e4362a5549f606a078e273c339f3fbc6d226bf0f0e1568c45852f6

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity~RFe5ce799.TMP

MD5 fad23b1d83c57583c3501d9942006dee
SHA1 de2d6cbba56202277db4a32eb164e71783ca021c
SHA256 aee483f570a074b98fa52a643815890fa5b98afddc3c8c888c02d574f3d61120
SHA512 cf8dd14f4ba592883c69d82662ac10a5e7ba25dcc9d3d5a1b6a1734869d3c7f1d57bb14b73834149967e46b5d70474d00da0c2afd629b1f9ce2fd24fd6f3b47c

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index

MD5 0b67e7aaf0c7497e926c2b0142704533
SHA1 347acedc24d80aa06b99cffbc669285ccac23e33
SHA256 3e529b7c552153cbcb9ff2445b34619e3f393496cabd88dff0d84016582b9c89
SHA512 5b1c640f4791524220c57fa895c935c404a09ba7ab11e3bf8c05958b4e5435ac8f8b5f9ee9b3a6b000656c97f3588fa72ea63c2e10d8b5bd62a5b28dab6155b7

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index~RFe5ce9cb.TMP

MD5 b4f54af742f686b7feb1dbca9f808e32
SHA1 12a874b6335e787dbe173510da20cae5b1b1b3bc
SHA256 ab5c150f8d201b28779a47a08182231e8902687e662645cf575fc6a5318126e9
SHA512 22e6bac029a411064d07111cc251f795b078aac19ab0f213f969ac7153cdb865be0ab48134539fc359ee501be02c7b4bfd022ee5c491bd80a4abd868f543884c

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 22884aabef33c49fa2cd8f3179f855c7
SHA1 78791a5b3f3d4d6805f0ea702424e9cbb4d5b8af
SHA256 320c96abdbd3c50cf6fac42e789f53437b47ca42af357e841d48a5668b288328
SHA512 61e49b57dffcab26a714623e72acfacee289b207273cd0de7192c7d4e6256e43f2d477601702e354d62a528a47593a1ac4b6225a2c0d5a00a62af8ca42228e6e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b4d4a1dd608e2eb01a1c8a8a2d0761ab
SHA1 60a4a3cb720adf53f663a2ee609f62adb344e777
SHA256 27046ef0312a56ba9d87c86360657689933d677f2444f6d95e9a0bbcf601a69b
SHA512 f7a0afd501af3e7e63f8b7fd96a70a505b54ea0e105beb9c64797e56b2fe00a0037a3c50cf5704fd02e896c7f8af519258220b2a6f63cffa4c503d11a8f6c3de

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 38f645d17069f63b06bf6f65e5dbecd2
SHA1 45432b28736258ecd569a104d0711b48e5608103
SHA256 4289dead82718a57a587d96b5186b6ae74a827c1784e68065b6066c8167cbea2
SHA512 c7c00a683bd53c5e9af2aea10bb85eff27a5a18c3be0b0f89157867ae0d2d0dbda7041ea7a32c2d05622fc3cfe2a77921bcd9437286e037741a212e44958f396

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\Network Persistent State

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\Network Persistent State~RFe5d351c.TMP

MD5 78bfcecb05ed1904edce3b60cb5c7e62
SHA1 bf77a7461de9d41d12aa88fba056ba758793d9ce
SHA256 c257f929cff0e4380bf08d9f36f310753f7b1ccb5cb2ab811b52760dd8cb9572
SHA512 2420dff6eb853f5e1856cdab99561a896ea0743fcff3e04b37cb87eddf063770608a30c6ffb0319e5d353b0132c5f8135b7082488e425666b2c22b753a6a4d73

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity

MD5 fde78cc5583c449ad1ee3b9467b242e2
SHA1 ec6cf7f8b2a02e344db83839c178b2aea0c1ac85
SHA256 8c2b0b3f643540a5f8f91859ff819de9cdf58d9e518c3e222dd01b99b1efe3c5
SHA512 ad22b6f7ef67eb3a52f54ee547b6edcd310fec621a840ce9445f274818747631668d19a4b71a637a4f73c201ba51ce0d075520d720ea9027814a54f71c360926

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 88fba4ff256ee6fa64997dd5850390e7
SHA1 13f1bbd7c2fcdebe37debc8b1e5d2fe2a872e33f
SHA256 c48ec0d2dd0ccdc7d59550fa48607912c5106be9cfebec7f8b2bcdf3eaba4107
SHA512 3a77fd09723692765e0c15ba6fcac96ccc884126b67b6ebb7cf47abd4e690e831f7702828c0046acfa14e4abcb4cb66fe61fe8154cbd0d1525df4c6bfb0e1251

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c947ae20c6a70d8c38fb1483a871aaf9
SHA1 c396383a543781fa47bf5afe017f791fafa4fce3
SHA256 8a8dd7d17a204d660668301c73ae82ba2c1ac6b4bcd6fc039f17849dbd9b2440
SHA512 5cb9edd2f445a1fe34bbe59484c8f1e9d6d50f7cb7626517512f01bcd0d7ffa59d7fa059580ae379b4c54d49dc50680f5f2bc91175ab31c8edcbd41aeddc23c1

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\Network Persistent State

MD5 774bf464880561d27549ca4a8648b3ff
SHA1 56507062125e87db54c00732f9b0ccab6f15a594
SHA256 9709a4df7246c15a82ceb93f68e85ae45804da60814fbdc47d0c06b103797518
SHA512 2dc4b6d8b3a9dd407d49736a6aba5508ce25c750476d3dcdaf268a656a148cdf60533fa0c884409722acad7525426d10dc41d0f7ab63b57c725d7433fd244047

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.185.21\MicrosoftEdgeUpdateSetup_X86_1.3.185.21.exe

MD5 631a39288f922faddc8602ddfe384fce
SHA1 cdc494459d946206275ec8e36520553be902f3b2
SHA256 d278b57be269d3839548445e9546b14ec44cbb12c4db37786b1703917e7f886e
SHA512 11c015fba63ea7ac9e73681e0b3518559d610655aef45b0bf2885c950f0112ca12c4995582a25b21cfae0a6c9a74567d6154df2acdd3e6e14f94b35d81223e27

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_964315551\manifest.json

MD5 58d3ca1189df439d0538a75912496bcf
SHA1 99af5b6a006a6929cc08744d1b54e3623fec2f36
SHA256 a946db31a6a985bdb64ea9f403294b479571ca3c22215742bdc26ea1cf123437
SHA512 afd7f140e89472d4827156ec1c48da488b0d06daaa737351c7bec6bc12edfc4443460c4ac169287350934ca66fb2f883347ed8084c62caf9f883a736243194a2

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_964315551\manifest.fingerprint

MD5 0c9218609241dbaa26eba66d5aaf08ab
SHA1 31f1437c07241e5f075268212c11a566ceb514ec
SHA256 52493422ac4c18918dc91ef5c4d0e50c130ea3aa99915fa542b890a79ea94f2b
SHA512 5d25a1fb8d9e902647673975f13d7ca11e1f00f3c19449973d6b466d333198768e777b8cae5becef5c66c9a0c0ef320a65116b5070c66e3b9844461bb0ffa47f

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\AutoLaunchProtocolsComponent\1.0.0.8\protocols.json

MD5 6bbb18bb210b0af189f5d76a65f7ad80
SHA1 87b804075e78af64293611a637504273fadfe718
SHA256 01594d510a1bbc016897ec89402553eca423dfdc8b82bafbc5653bf0c976f57c
SHA512 4788edcfa3911c3bb2be8fc447166c330e8ac389f74e8c44e13238ead2fa45c8538aee325bd0d1cc40d91ad47dea1aa94a92148a62983144fdecff2130ee120d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 56b22c3f558619ccd6a83b0540b29a98
SHA1 d6466b0cf6a4583d5ef7619f7aebc3dfe3bfd6ab
SHA256 82bc38cfbbb2f44b3d6c4081f8f08d6f05e2a769a9b6ef0235e53ba42bc4e509
SHA512 22c577cddebb71d10b00aa70291be60e62faab7fe42a418413b01430cb046723757379be81658b05eaaf226fa8311d0e16bfc77d7a122f86876cb651d992424a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 6181a4155ac987ab23a8c191c0ee99ae
SHA1 08dde1ff5dc4ee8fba5fba27a7ac6e93e377bea2
SHA256 46db3dc826e5674d7ce438e7740c4ad1ad48d3d0f80cd782a3c1522b29da372b
SHA512 a8aa257e2aa87d8f48407db85d3b2ecf153ad81a97d7b8c34e36cc7e97de685e81851fba18c465fb963efffb42bd08c542c1117d17aca18fb4803c4e42cfcee1

memory/1448-2819-0x0000015E4CE60000-0x0000015E4CE70000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 633e01c0bef4c5d5115334e79398755f
SHA1 4fc46cc8c1436dd5dbb54555aa069cc8349a0521
SHA256 1c84956d52a4049eb63c49b9d1f6a33ed94ac86ce47eb19cfb4dbc6abd043621
SHA512 6080eaf02ff8e09e1d1f5cc18a52f12ab63fc44fe471612d3846236679ed98d7d6bf73edb8b175b7501c68042d86bd42cce22176f04d36f416d68a55427f3c64

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_314907682\manifest.json

MD5 ba25fcf816a017558d3434583e9746b8
SHA1 be05c87f7adf6b21273a4e94b3592618b6a4a624
SHA256 0d664bc422a696452111b9a48e7da9043c03786c8d5401282cff9d77bcc34b11
SHA512 3763bd77675221e323faa5502023dc677c08911a673db038e4108a2d4d71b1a6c0727a65128898bb5dfab275e399f4b7ed19ca2194a8a286e8f9171b3536546f

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_1885559245\manifest.json

MD5 b6911958067e8d96526537faed1bb9ef
SHA1 a47b5be4fe5bc13948f891d8f92917e3a11ebb6e
SHA256 341b28d49c6b736574539180dd6de17c20831995fe29e7bc986449fbc5caa648
SHA512 62802f6f6481acb8b99a21631365c50a58eaf8ffdf7d9287d492a7b815c837d6a6377342e24350805fb8a01b7e67816c333ec98dcd16854894aeb7271ea39062

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\CertificateRevocation\6498.2023.8.1\crl-set

MD5 d246e8dc614619ad838c649e09969503
SHA1 70b7cf937136e17d8cf325b7212f58cba5975b53
SHA256 9dd9fba7c78050b841643e8d12e58ba9cca9084c98039f1ebff13245655652e1
SHA512 736933316ee05520e7839db46da466ef94e5624ba61b414452b818b47d18dcd80d3404b750269da04912dde8f23118f6dfc9752c7bdf1afc5e07016d9c055fdb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 e77b8a69b34a8befea9a6ab657afd05c
SHA1 9f8eef60eda6b70aee0ea7dabc3331873aeb5cf8
SHA256 bdd631c23621d82b11a273fdb9eebe4dbe383638afb97924b0ce0b694eef12b7
SHA512 bb45f74171308defd9706d567c24f9ac1ee3d7041cb3fa6ae466ef41d27d09aea1e19ed8af279d32df15b28495230c22e8a1634228cb3fb90d3e471fb3825521

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_513594502\manifest.json

MD5 178174a0125d4ff3ed5211426f1ea113
SHA1 26f72c5a2f65c767c4edb04d8da62bdadc02e809
SHA256 64986dfeefa8855069e799b28e5523b35c9efcf2ea152a2b03461471c218da1f
SHA512 c0d1d9555f4cd7e9a4b0ee5fc1b069782638ba1680d18ba9c83f796746086b6afdf1400c80b7f586422c3a2a73e51bd04fb250e2db818ef723cb4f7a8b3b15a2

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Subresource Filter\Unindexed Rules\10.34.0.52\LICENSE

MD5 aad9405766b20014ab3beb08b99536de
SHA1 486a379bdfeecdc99ed3f4617f35ae65babe9d47
SHA256 ed0f972d56566a96fb2f128a7b58091dfbf32dc365b975bc9318c9701677f44d
SHA512 bd9bf257306fdaff3f1e3e1fccb1f0d6a3181d436035124bd4953679d1af2cd5b4cc053b0e2ef17745ae44ae919cd8fd9663fbc0cd9ed36607e9b2472c206852

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Subresource Filter\Unindexed Rules\10.34.0.52\Filtering Rules

MD5 a97ea939d1b6d363d1a41c4ab55b9ecb
SHA1 3669e6477eddf2521e874269769b69b042620332
SHA256 97115a369f33b66a7ffcfb3d67c935c1e7a24fc723bb8380ad01971c447cfa9f
SHA512 399cb37e5790effcd4d62b9b09f706c4fb19eb2ab220f1089698f1e1c6f1efdd2f55d9f4c6d58ddbcc64d7a7cf689ab0dbbfae52ce96d5baa53c43775e018279

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity

MD5 535db94924c61e23704ea3a3ddc14cd1
SHA1 668ac250993e871ec5ade9960f90f2d1e23ed79a
SHA256 a6e86207b3a20e96ecf2973861aaaa7893702ad84b6c777de048246e544c940f
SHA512 8fab7b77d4c9a949c8b309ffa3e78015e6bbd4f65fe8fc18ddeb694969c3f91092e456f0fd96e36183392e80ba028914f68ef32d7537d1a8aa9b9f3efa31208a

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_624107568\manifest.json

MD5 4e1b2d5730032b1c13793c389697c627
SHA1 567c6126d784e372129c4bc7df89b7f340e7e404
SHA256 d8e4ffe4f04eff1ad463d4edb68834fec19af48812df01617442cee05e095727
SHA512 e54bc1b05304eb88482741adc470784467d3610d8dafa3f345da8f87d4c7e1053965f54a94d575d2dd422006b45e08a9c5984410efcf54c786e32adbd2674f56

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\TrustTokenKeyCommitments\2024.1.2.1\keys.json

MD5 5468d2923653b99d9f9e8817e1f728e2
SHA1 f0146243181abd43f4ee52159417f713e3497934
SHA256 31a639ea1cbc77828b6b9adf9a17bf16d4074981f10019c8ea1b2f9bd6c1ccb7
SHA512 4dc42dac0ff2c6ee2f928a85a8624b623ba3b432c17543a26629f0382abe9ec43f726a3b49679ea6df11360e8a8a77f1b5d84bb09463d567e4dc16d693fd3289

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 40865c12a07aa86ced09b8110bd080f7
SHA1 fbe23ad16226b8f670599a808ab85e98227ec58a
SHA256 84d8e3f5374d024202bb4943a49f77cf18bebd5980e6b3ddecca9e6979a23a57
SHA512 73ad277b57fa4fac0bf3f33a2b5e6c6e48f2800a1273faa82948993e957ec26e0fdfa9ad19ff6105f56df65ea062c68c500da6c3462aa2b8abe2eec5f1b4904b

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 33bab6cc7c00b22e4b942f917f09067b
SHA1 12c79a0dc0c7d71e3060968d6b54e576c558bd62
SHA256 bf7268386c69b9ffd9ab90a7b9a25b992cee03d621c3146298efc2deb0de0a44
SHA512 e0bf15e59e5f115e9fc7ad0a6c87a83fdf2ed6230eea51722a06083c9dcfa17fe128c320af3c9d0e6ac6154d2c687a61fcac249cb28cc276514bdda08f25ecee

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 6fe13a2b4d6a073f6bc1aed454e0a9a4
SHA1 8497bcc8b27d87f50d81e450bf2b843680345113
SHA256 2fcc1dc52868908b7d4bdd802b6360733e3c4c875ece4c67130a3fc5aa235ecb
SHA512 d3cfc21668c79b7d965e6d41082a7737854ec110d19dc4a5192288c0a748c53067c58eea751b1d1ba36660ade8d15dab758e066d101ff392f48ccf72ded5c549

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 40a5e03511350a71519716f5b98b707c
SHA1 b88178bbadf4026fa77c45932c6b0e22e134e9c2
SHA256 6f17206728b4e186fc67ee5579568094a0c887ebe08b34eb95a3307bc1f4765d
SHA512 f9c07f942beb532cec1496745485e69116f5c12740e2e6a6c48209b48dd69d4928b41b179210fa15c57ae536bc14164b876cb006ae3eddd720f9dddac9d9f931

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 14869c0dbc625b29f88088d89ff951ff
SHA1 78e4be6c21afbd520216d2e4a9a830aa7f0a979e
SHA256 cdb4c67f5cbe900bc863b7df1252c2a4f7aea751fa4cd47892d245ddd1624d0d
SHA512 0c8a0de1a4b8fb1208e289854d4beb4d76854311a8361f5e29abda925f5b08d2da600182dfe1330aed61e87944e1df91eb4ff11fa9e799906af9833e10e6662c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 e1c689d401f189bc9bd524ecd5652006
SHA1 61de8e8b4a787fa1c89f3a15a78d8da6d1455114
SHA256 cfcbce6d7b3f746223f9f947fa18dd40b70519207fb4751cd76ca4097499987a
SHA512 276fbde9862377166acfb99b8156a3ba24ed405fd79380ee300c86eda6b7fb1d1f108db101dac7fae756515069595c0b5cad0f585893fe15e8460f7550f1d202

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_1760543704\manifest.json

MD5 1c539c68a00bd842136703d2cdc94235
SHA1 b39f04946e7da8380fa340ddf1baa757afb37df5
SHA256 bdd48d0d2e047e4816e1aa4dc248c095998cbda255b50db66b94bd7a42206aed
SHA512 eaf0cc24ecfbf8adc1b216a098fa72b95aebe6fbea9206860622c54f684e08447050cc9734fcf83f3eb2e15cb263dfed636539b24c5e4ba94b2ce309d651325b

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\PKIMetadata\11.0.0.0\crs.pb

MD5 5418f0d0f7d15ca9fbe5da74453722f5
SHA1 3ca9d7ae11a35a6c47d590b301602583add40e10
SHA256 251ad4f7aedd823ee97077e9764592188657aa831cd0948990fb549fd3e593e3
SHA512 4206c7c04eda629a2af109e35e48986e80fc16a2285ae3afc2e92f6a29651d7a06d1dc3d49f618fd33965f91e6cccc8b0dcbc34b4613eedabc7fbafc18783b7a

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\PKIMetadata\11.0.0.0\ct_config.pb

MD5 f86abfc2651f24867cf9aee405d95a07
SHA1 51531932b533a36a6ab41700f625f33ae7296825
SHA256 70c4568dcbf75e36879c75b068e67a2de7653cb5eff6c12697c3bbfead81d85a
SHA512 351a0a4e5b2b4800ef535d4ca1a9ebd65027543608df883a303a32ce37e110206da2555cd37853711bdf049e6a9df17005e6520ea0daadbe6d0fb08bd51b7020

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity

MD5 133b86c8980fca01b0a39f3747e9c5c2
SHA1 d73b173aa3644e36eb79cdd345b837d473c91559
SHA256 a3e32748bbeefa50a989b0f39e85715b982b94eb08d64eb824be1463595bf637
SHA512 63fbca66d430e57ce813ca978ab8d8631709fdf7a791f2d83b197e6d82c5d8bccf18d8d9ab2e60dfb6ee78011d035d96a3cc51b060ef00ce164168674b07f6bb

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 f79379ff59970497a039220895a89fd4
SHA1 bc0c240620ae1e924911949f98f16a9854e14810
SHA256 2f73e57474a2c51ed8315ee40e50834bd34fc002000f2f54831629d9de5b6ec2
SHA512 e037fe1bfb54cf16a417fb905d00fe3d67a04d5d80645934bf13dfd23bc67623962a857292bf666b2ba191aaea35fc1e394f210c4a471d41ff027676f7aae021

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity

MD5 18b917095639624d067067cf37a7c952
SHA1 33003b1b4526386b32378d61bee5d0ce53fd780d
SHA256 f9fce143859d25dd742dfe2ac32ed598e0f595870d9aecc8f299ccddd7fc7b8f
SHA512 27edc29305f21aa1f4e9d631772beda34f56a4ef3ad6d042b71119dbfa99e9744beb5cd9d81463f96e916f2843d26ec20c4ed915287cf3e6c070749829bab0c5

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4656_584458731\manifest.json

MD5 55cf847309615667a4165f3796268958
SHA1 097d7d123cb0658c6de187e42c653ad7d5bbf527
SHA256 54f5c87c918f69861d93ed21544aac7d38645d10a890fc5b903730eb16d9a877
SHA512 53c71b860711561015c09c5000804f3713651ba2db57ccf434aebee07c56e5a162bdf317ce8de55926e34899812b42c994c3ce50870487bfa1803033db9452b7

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences

MD5 5e612d7f0cc4d02d5926e43f5013cb31
SHA1 91484ea84a0494929ae1ece13383740bf0fd79e1
SHA256 b221c7f1dc5ca858b75dd46ac107e92545bcb9b7b84c71c449b7a1fd1a9ec413
SHA512 b408f3b5df284417ff121045ce40173cda98270f41d1383676e8b640a159402b5f911aeecf683621f1f757c91c53c29c1b0ddd98317514f146d22aa3badaf35a

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity

MD5 678eded8acfa7734df3845177f917966
SHA1 318d66688822522f499de245cc6defd04b31d25f
SHA256 a1b42293608161c61c7e62e5e2da5984713c54515e70a44e7a6c5f4971efcd26
SHA512 a27bdc5f4aeb12e85311d10393cc54b15a414009e21ed3acc61a143ce824f9bd90375f464ad550aeea041c789a543e0745dc995ddf62680dad0e483b99e0d217

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\3fc53665-1c5a-4c28-bd1e-cc217ab8f00d.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c2f5a767fcf82bb95e17a4d1a4834c12
SHA1 93770e8a56789a5a73a38d02b1deeb4b858025b2
SHA256 b623609a7b70e376f1d0375210516c2b5220cb7080acad8b7b7c2347d2f197f6
SHA512 00ce2d67895a847951fa120be0ce6699db7278eedad5e9dfba93ad6acd30762f3d8bb2a8036da6f4674700ce5d908aef33f6ddcda05696164fd4681afeb6fba2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 53f4d8399bf6ac79cf1d1c9c30567ae5
SHA1 2cc320df72c7f4d8fac50ba32b5960654f7ec688
SHA256 4e35a3c1ae912d47d3fbdd0606e92f0ab7f86cfbc5bb2db4c7fcdae65b70ebd7
SHA512 a92f6de207044f749fd0099e41d3f087845ca16c86779d09c4028d378cdc54b114b722927d0fd5d8481df1ee78e5e8d6f9fa7174119fce1bf7ac1cbccb9a0215

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 589c49f8a8e18ec6998a7a30b4958ebc
SHA1 cd4e0e2a5cb1fd5099ff88daf4f48bdba566332e
SHA256 26d067dbb5e448b16f93a1bb22a2541beb7134b1b3e39903346d10b96022b6b8
SHA512 e73566a037838d1f7db7e9b728eba07db08e079de471baca7c8f863c7af7beb36221e9ff77e0a898ce86d4ef4c36f83fb3af9c35e342061b7a5442ca3b9024d2

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Subresource Filter\Indexed Rules\36\10.34.0.52\Ruleset Data

MD5 16176aa639f8d0bf6c1a823f9d973d8c
SHA1 f1f365a4705a3fcab04bc4aa8f080ed7ae2f372c
SHA256 75da3c6add63a83efb735ae0f1f4e6578607ea33187753b0f65f750a1ab0ab34
SHA512 d8711e8a2d417f1f9b81a13d04951420460d1be2dd0459916a3226f364b65cd77fc0feb4be22412df3da0a2433cd924df7d0684fab04a2c6cf3a6e9715ea9f84

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\DawnCache\index

MD5 ef148aff9a1b08842251e2c58af1c763
SHA1 0a7d3335b70b3788e1519b3dd9bf73af755b1bc1
SHA256 6adc37c2da185a952548deb482366bc5177bae1a9c1e8a2618c3d34a3ac9e252
SHA512 c73335765978ef710e8439c111fbbc19f295787d1d3776ebb57db3b204456e012faca26bb896d838e2b5b28fd6bb3f8f4e311dcc6fef5ffdf8a5cd03bbbcd90b

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad\metadata

MD5 654bd5e4184fe762c1e7ef5509bcee31
SHA1 9d5421aa395061774ac7048317e4535747d88c26
SHA256 07a486481337b6b8670db113207cfe2547929490e12951ca9e59f21c549919cd
SHA512 e350b74488893ef1852171a97ae5811b7a7e37bb9da75ff5ed0c04163bad9592b6147bbed0f59c7b386dad27dd6228e5831066d6d55122c8194796fcc255f7de

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad\reports\1a109d85-3a88-4514-9551-3e630a8f4b54.dmp

MD5 14944d3a2fb88797b54e1b7c5938cca9
SHA1 4ff0dc049d6119db9cda2ca0d40173ac6183218e
SHA256 235148501d5c356dd88a9694147f2ae10a38de19bc719132e527626f763ce477
SHA512 6ae666eec1b620537277c7a9a41d78b2e39778c9d6741426d5039f02dcb183c75cf15b8920da983c24660d4ef77ca8af718071f3090a716b516ee092cafca9c1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 76cc59928890d7a0a5db130d6787ee1a
SHA1 42516a8913a5488af03a948719eb4357e8c6eb00
SHA256 735f764647396a649f6337e78ccfd38bd43ea9437bfbfd44e56daf6467c96e54
SHA512 cc083560988f0a4661559ffb1ee353109630e176ef2fd0289e89243aefbdda6a673a6b4264d24f7b78c8c26ef5e73ad194a36a1029b54de9e83563d8b402c868

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1a9105b761e06e8525530b8c9aa6c659
SHA1 1b84f9ac8abf599938224bd712af8ea27bf2b528
SHA256 da292492dd65d36abdb9fdb384bf0546361621befc388d44385503e5d24d408b
SHA512 2a2dbd78a1958a0ff3cac6939560156e672093e99d5299591e450a5a215ee18565ae6bb5c444cc3af567d98fb1e4e9f28f2b469089407981560769c9cc5c07eb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d5516cf727a3d4b8f633ad32af4506d4
SHA1 b79e88ccd98661e618c62febd64b1ec2f44b98c7
SHA256 288b60b024a38fa036d40591079aea5976d3af90ff5c4503cc5eda5e1fed5e0f
SHA512 97ccaaefcfe97638e82096bf346d606d548b07f557456400dc41fd1f9357fa28f0de869b2d45cb5aeaba89b92f69fddb0b392c7e3883775105903d3fcb8da79c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 902452cb1e9afebfb6c445c81b598ef5
SHA1 6a6e6039f9bfa97ae3d0e7efbba2c0faa28408fb
SHA256 5dc0895e97c40753e65354052110ab51d09fce2258f5a3badc51438c9010916a
SHA512 31b6bc2037c4ab1d081eddd8662f802b9e77a135a6a29ff8e7fd897aa564c29641fc7390f5142fbd2ff37e630c34a3632e9bab4874e2872f9e8c4be0eff9301a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5b43c0584b3cd33c1fd7191b0407a810
SHA1 cedc2e6da146a621714d044536df8420520aea8a
SHA256 f6374b844de16d2066ec693cf0cff6da171b1a5aea35d6d4badeeb7bb5dacec1
SHA512 ad4ee89320303178c988bc5349a17f3de0a3fd55030c2b61945dfd121b4cb3feb35a2cf8de72af8dcb0307aa324a20240dc8fb743c9b4de7196e9d6df00c7e3d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f89251fac2b69325_0

MD5 c81165dc714b467fc4afe0c33706b8bb
SHA1 b2f2744834b4c54e2cbe68ed6b6ad6c662c9bdc6
SHA256 ea3c83ae4e6a5e4de4ff62f341d76c71e005de1e601e3eabb6dd294eae706a9f
SHA512 7b203704ec0b693909fa7516b2314eb8b3c37ef265f34ea81292e5b7830e494d1ea870af2ad81744a0486aa780fc7932382cefdb9145f15c71823d988c7b071e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\25c90b4fb1c6ef85_0

MD5 2bdb9f6df716bba2d1fb366c4091b264
SHA1 a0cf2edf931784dfb08c93af95e229970708cf7e
SHA256 dad1bdfda76b6f3627eb7887e53f0ffe8634657f0068f63c239d81b01e618fd4
SHA512 fb1e4bd1e02d6f82962c007a4cb6b4f3892b5a23a62ca3b066ae012c66c95c549fdf2dff2b6baa53043c6b36b93c0f0a6c68e34826ba4743b88770c3ca82847b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8347f84f1ad716d5_0

MD5 a65c3cf6aeb40c2f759fd72b6d544f5b
SHA1 19c837baa67c73d0a0143c8718ce5e391a2459d1
SHA256 5781fa4ee5948cbe411a67a7e1f71ce9a37395fa2cf2d5236f615d9af5a12b0b
SHA512 53dd421a437ee5e768991de650aa902a0c26ee2a1fc6966300215c8c5d4691e22102f4ee5146874cba22ab2d68312b4afa19c2e5070f2737ebdcdf7553e1f32f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f078f5fb70fd150f_0

MD5 8c2c1fef17cc01d4a9c947a095f8bb45
SHA1 f4e372eced02061013924b002072af24c5d95df7
SHA256 7a85a3e1454761719d3d78d389e9eca64540ff81408c67304dd4d324bd73962f
SHA512 beebd73f6e981e4eea0feca4c0308c08703b48166083a95cc43e940b0c8a38978f528768a9451e4c94afd3214ed4a868351ef8dcaa2a6fe5dbd6fbd10c0e289a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e55f0a6d1b533c66_0

MD5 66b7876319b641eeff427379089b9668
SHA1 56df0f11ccef717e4ae2f675f97ace3c7ac9450e
SHA256 631aa574cab278c985aa28feffec20b7990ac8ec06177ea8394b305c7da7eeaf
SHA512 48085d0efda93d0410a957babaed50915493d1b3a2c45fa3861f809c595aa7d023a2674e2cc1aceff5350426fb451ed63e880f8ae9ec4e10cf5fb0d6579f3102

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\06450eb6a7b09545_0

MD5 c4edc8128dd3d72b1fb6cee4da5d6604
SHA1 e8cc06b242d91a174d03d8c22df78caceb2720cb
SHA256 96a94ac83399e9f7116b88a817d211010e8306206c98aabfe82b857b1b19800b
SHA512 85143ae40c12850fdc987b8a8f084962ad4be56a94e26e315b8495562243536aac1793ea0042be81de14022b5588fa1b503929e586375c488201233ccebc92cd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\733a2ebc15407e86_0

MD5 1828bb456e46621bee6cd6ffeaaaa561
SHA1 19927cb6ed976f3ba46259b62906a668212fad52
SHA256 d7023894934029423b30f0471cfc3289af62509a3e34c582b5f90375d74ac2e5
SHA512 d260394916e3f847aaa35d70d6ed91a08670563aa427200027cadf32d7dd996e0078ac01f8dbd3d8ecf1e47e9b64edd379379dcdeba76cefa6f1f8e9b5e19ad5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53ac5abc87e80789_0

MD5 717870573d19fe2a3ba6805660112354
SHA1 06de93ea6945cb5badd545a4b5d71b2226eceea6
SHA256 557cbaeab55cf932b88387f541d2401b5359c183706bae244b2b674eb12506bf
SHA512 d42e52f7274cf7fa1bb1f97872d7532c9ea70441cb1e46e2b6a93df848e5b2a9a5164b57e082d180304b73ed72fdada260d449384add37abe5f0e13973309c16

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9412c8b664751f90_0

MD5 14b3338d40c2c24c5b61180d8e8840c0
SHA1 395f24cff1d0bd5482e49dea48ac6decdbab74a0
SHA256 394c45df7134f8b97637453c73f78ac9783cc8eb034a9e0f1821a1b38f7c279d
SHA512 ca2f9ca9568f9e008e87145ef226ba29da9c3896d6dabf5495b6919d04e7e2d03acd523b4cc135481cdd67df54999951bed226772f805ea0709aa133f83ecaa6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45a16ff6d0d9ab5f_0

MD5 e99a36d4ac323f8822081325ae7fd82e
SHA1 ac2f8ba08105e5579d49eb83aeec8d051dd24ef3
SHA256 924906864c3c150985dfdd464f694e5acd9c27baa4a85694f18b651e821954fa
SHA512 22ba2fb3d398aa5c8ceb2d1cbd6114f6518e2fe1e616739cf7362858e16006a8e7d029abe9e8ea209dbc04219ab60911675e37c6db59a8abae0752f5f67a3e79

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\74b88724f60b0383_0

MD5 e381cfa995ea8ee0fa471fb188108a1c
SHA1 0cdaaf24edf40d6064461e4c06fe756e4a96bcb1
SHA256 dc80898bded7f3dcecc331ccf92b395f95f6085e5e1f90d9d8cae508c758574d
SHA512 24dad7de9f118b788aef7e0fb1d34713910aef636510976f32766ab79241f371cea3844950aa83df67c631d00bc26344e29d4c5c2dd113347665084e1a9b6e8e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cca6dff0f171f457_0

MD5 6de87bc1d06d29e10aa5c6c2c822e8ed
SHA1 269e3286e3c51df569aaa29b4800de4329ef3df8
SHA256 0c74b5c47a11ac06fc5f58ba1e57318030b8eac17156317e70e5db974a23d8ab
SHA512 569a6674198fd82b4bee05f5410bb78301b4e4e77339f0a23d6e6085867bfcff23bd9fe47df94c7c8bbd86e725cf92f6bc5898817e9e3eef9335e4e7cc0cd1ee

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3a1dad91a930de42_0

MD5 ac33e66e2c2af03a1d1f2ebb0e2a990a
SHA1 ebb62fcd6225354fbb8d43bb830b85f22cecb189
SHA256 2baa1953f0ca910cb558f3f516beb207b364de7a530abb5c00709d5e334ca6b0
SHA512 ab922d27132e2fcc5a476949925df0a8f7ef2258e56210aa923126ef493369b3539043d73e457565571f0661e0e0b3641d46afe0f36a3d8a0edbcdaa077e5bb3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d7a29efad91a1117_0

MD5 da99b4f66e1a1cdd54b29ae5f42cd374
SHA1 ab788cae78d37cca95edf58c30fd7b1ed5fca843
SHA256 e9975edc5126961740569626066d39a3154aaee8aabdfcd997f621993d445787
SHA512 8476f75db704c585ea470d8c481e0aad6727985db27f80d25fff682d21cbe26318730c009c7bb0cddd2e75dd358857d916de94df84a4a42893eab63faf5d56b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\94ebe1630900d094_0

MD5 d47471063dfcf81f7886f07d65363b9a
SHA1 0824e4f1c02679a7e6871fc490c3476614059ca4
SHA256 d4f2e1e3740323f07cae2861c9303409c82d8b15bb0f7be97f07e0d17393b556
SHA512 bbfb8963e17b286c29980fa2d00cf7ab84d5093bfade7ab4e41e874e9b1641fdcc12d9acb16463e1636df717845829f27cb02a8c2324ea0e8576bfd56a1f1178

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\695c42f61090a800_0

MD5 b2a5af7e92d78f223a3e47d7d7197c53
SHA1 81b44163454d576fe9fa420113b6754c4003226c
SHA256 b0f076a82ac69534d5815da9cec0e7d9204d66f2322146eca6083c31ded7663d
SHA512 d8f24338e3d6ed3c2b7bdddffb2aad9a6cbb77d60de45debc0eea8149d84fd3aea1821cc1ad8ccc5dc54272e9d2e54da291c58a4b816f14df0e3e9a2d5857a9a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0580a8e1646d7bcd_0

MD5 20b569ce9666373edcbdd78536ad7ea6
SHA1 86a6ffbf1753a28a689437b6f1b8450313e0948f
SHA256 11a4af348ba5360e437c022c8050028abeffba1ce31a7445dc295ada58c5b1df
SHA512 8620637f816c616fe87a0d1a99f403d5baedf22719cc877a190e321d074c3ddfe0084c854888c111eac99d4a56c1588e6fb4ecb46778bba738c645049c9a4e02

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4c693273baa0190b_0

MD5 4f39a23f076a21624c70d4c06ec764fa
SHA1 db90e2f8e04db78f23f31a2bb1062d31d4cc7fb5
SHA256 f91772e3797d5b5414036f4720cc213997b4fd965dd9b810822a91d6b3e1ca28
SHA512 d114722e24a28d078e31fa31688735f708c509880556c2ca5199c0a72d5f61c07e8077e3a3f6e62a256a978c9e9357da31e454b5a440b01c9a31e9b53a747e3e

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 da955e547a1922701c0dbf07ac388f58
SHA1 c7a6de20b59ca5b7f1048b874dd7ae44cf06a31f
SHA256 51e0caa10ad537a1b554e2aa7e5319d29c61af42bb697510ec0c65e2f17148fa
SHA512 b9c6a296996f362b98914eadac01c62cf11b75c73740fefe77e2d2aa1a6c23117b19fdb34b7dc118b22ebc830373f7d238744b6e896a5ba84a17f5795f292dfe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a089533a360b5146566d2bc5df56920c
SHA1 a96b4e03079fbce48ed61f82520064dc716442c7
SHA256 723f0e657bddaba928631693a23832be04d764ca1423fe0da524801795ff2285
SHA512 9be679df07d7a391bf7899315a034d2ed92ea1898cd6d16d08306ceeba38c1d9e35d429ca402f8cd7455cb8b01faa92f94b7332c0009a8fcbc3ce2bc6f6c5e6b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 88b5ceeaf22184b01e9fcadd6c5aeec8
SHA1 698e23c666abd2dcefc35831967cee33bf0fe9af
SHA256 ef2fec2a7c93cb8152f86c9cac7f2e7866751d6802144d70cf0debd7fee3c155
SHA512 5082acd3a6747365258d96c6117a908af2e582ba06b131e3c8d1c6e6f5a6376906372fc40a80af8675e0f2f312753952b87710eb939e4186bd76b7c7a1b42ca0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\75ffcd5862ddad45_0

MD5 eecb5909575af351ee53cd049f1dc0fd
SHA1 92a19c81c1594cb089df713f9ac3ebabcee4f311
SHA256 128e5e6fd609a95f41064c34d6005d20d61c88dc463d88bb705d6ae1f4e62c23
SHA512 7d675f7a6ad720b62138d62d1689e4482d44a2a1111f861ff4105573d6887fdbaf846c8b863ff1ba834f9fa9d73296b09f8b685ad72dbcd8a9a2e1c32b3d7cc7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\960f838b42b585c9_0

MD5 243e8883c6d18e3b9c52a706209887c0
SHA1 f0f280d73f0b12816c72bcdf6605d5dfe3945b5e
SHA256 82982592aa21f40793fbdd1a0f5c3d2d29dfe44bfc8291289b1df963f500c035
SHA512 6c78322506fe728bf7c72d60f02fa6f75be87b4725aafaa4492736a10db0b13324639f55b1e4af6d76603bb4788faa9c2c51d8a12ff80e6b841cfd2f8186ab37

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\71da22abe269277d_0

MD5 dc2c5f5d2e3da2061c661be1b9934568
SHA1 7a63779fda0550bca139e9b6661cf7e79af360f7
SHA256 caa838a7b4dd08ada1f1e4e1d5efe2d3d29c0268bd57c49974abef3b82af1489
SHA512 c5f4b88d1158e0c42920a313b323c2d6fc61c095fa3d3bbac2110f066aa54ed0ea0fc571038109e4775d29e6298f747dad52f87b5148755a7e7919515edaf0d3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5801d3329fb36c59_0

MD5 59a3fc4eea52a3daafb26984038b0912
SHA1 a24e11e1143c3ca530c550894522ee8d9c86bca4
SHA256 85beb3a03bf9f9a2c5c41ae4ee6a0454da9f1378a74a8c0596bc731edac614e6
SHA512 da07cac5a1ba7f3dcb5497566f42bb8dddc5655a06257a3e7ecbfb7ae69e5439367684e8fb3bd4b6b52a235edef02edd28ae6a34006eb3797f08289aa5e2a92a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\718aba49c9504085_0

MD5 869e692698bc94bd845d4efd2b9b5a89
SHA1 692c33ace3c2fa53ea58fc33ba63e677fa7041d0
SHA256 7ded1d8eab97ddf0389929524c21e3f3fdf844a6af5cb659a0817114588c9072
SHA512 959efcd7d4fe607a2bb85adbe8cf0a5ef57e748fb73f5a0cd34e5dbba49a68d5a4dbadc6a0a1d68074d6c3a53b90b6d07ec7ff97cd8fb659cb7c3f6707ce0867

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000081

MD5 c96bb38ca6650c5dd7b91707aa800641
SHA1 f4239097cf6f56b5bb0b314265e958ef03caa8ed
SHA256 d7fe4e9179e39587edb7aefeeeb7f8ffa6c1bf1ae262907183b3f4b4cdabf31a
SHA512 f71460d2bd5c88a9904b4d36ec1da8e1132f10e1cde914402d53ecc3f1667c8f7cc97b47ae31c59425be986c7ffe560a9abf4005be5a32f62c5da7c308d0d553

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000084

MD5 ad423ec6d79640148e29af1c496da5f1
SHA1 88403831fa182b5770ea501b4ef95bd699185846
SHA256 e41b60c6763e5d0a70dd3b031359b0b31f82e03c08390e854bc87c48bc7b8546
SHA512 74969e0b562e1466059b80220992f9c3f2efd3834373c6d31a2c02467196a5da8c1e415a5d93053e4b1b3b87cb59a6a16cf8e382579396fc41ca0f5d3ef318f9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000087

MD5 ce044f273566a41ebd13f4194e00d5ed
SHA1 03113d7c0c6907f786f89aec3fa147ab3fc3feb9
SHA256 d5c9440c4a62c72dd0f54ceb4411e674e9c8f158fcce381ed3145e9b70067198
SHA512 ae766ab169e5bbf2085c56f4a98d4f24627b7291dcac2de4cc18ad5681e038f6602e5cd5b5ff19492550bc3b1d028985c112b9671a57b39e0cfe8141b30dd95a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 49e166233a17c43c299ec0cb10d328c2
SHA1 4aa3af310f92b3cddcc4665a5a8c9a34e0764fef
SHA256 a0a595cb0cfca83ebd4c99bde60630669108d55f19194244545ea7a269fcb49a
SHA512 fefdd8483e305a0b6a0f0f85e20be157d3e93308645b62d5bb886c8ca7245310d24c6ba01ed628e6d85dc8b5cfd80383cb343466828d1146d4f83de13c4464e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 c64288125b32b7efe7d4c67e71da7e3d
SHA1 f6029f20bd68d10d7969a45f164bccc29c493af8
SHA256 6065b4fe5c904774e79db322dda7978da7386efa2ba4b7783332e71e969bfff9
SHA512 56dad75f76a424ac05aa4c2bb6f24f099705bbcfa062a69c75e36190d4f456999ce7b5c4a706ed3fdacc3c1ac0ad3052553301ecb8aafb05d0bd6058724df159

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 5064edc9e0a75e297176e378d1c14b19
SHA1 17885721b0afc00ddfe9aeb435bafc37bf8fb28f
SHA256 5e5b5d77b9736a833ddf31f385a1ee253933e1af7cd3ed81e14808bc9419f303
SHA512 f512202acd9cf7f6f8f97a067594077f76af59027e9354b8d0517b7997ab5c49b59a5998ca2b6cd36aa4de3a8706d4200e4db6ad5bbd77265b0116c696d0effa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008c

MD5 de6039c38231ee3ec4c27900ecbd7e92
SHA1 6488de318d613b326bf4e9849d07a862f1d05508
SHA256 ac45724756771b316182a777b6238d27e8cdbbc603a277753bf236d6b998b878
SHA512 0a72d77e1c9e5f0ef6c26850f03f1b92186c333a0de5fe6205439ab535b2fb598b7af9ea7481572a3db1fbdcb904a8ec76e74054ccad3bf72423fe7ad9c817e0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 9ac9e036d808bd61a900b1b0a54349c0
SHA1 e6a71a98cff8824777222465c8df7ee7e2d29f98
SHA256 b729e22c76b5dcde8598bae7f994c223667e7b57c82ffb8ee7bb4804921ef75b
SHA512 8c7577d4f67727a5a191cc8fbfe8b93bb18c267591d0f5d5578fcb463cfa8aa95f82145b974abc2c0c648bc9951e1671361ab89a74bb4b9b511dab51a6b041ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7e9b56451149fea88880c33de0a4dee7
SHA1 db22def186969dafa44f42012cadaa776a14d102
SHA256 7b24f4ba7f2ee161802a947528bc141b79e5022edfcffcb88d660b95061794db
SHA512 051f41fec839bccd7f3677372bc61d8dad662389e944ba62dd8ad1c000559dc334682dd70e4abb4e68b8cc1a2fc1660396cacab9526e4bf0d7927ec81016a365

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7a3910878333f9b9b74cdfd8a769b936
SHA1 041d514b787d612e96f061359cf3ee500f45910b
SHA256 8bd63ba04794f4a080a54a89a051cb285e33f738f931a83836f2379f74cbbf8e
SHA512 18a0270ddda6cc1acf4a96f384487f3c945456d536ce7a6681fca6a2861b28bd33ba324c9b7f6656138d3176eafe101db97b55ee33736b86747c602fd0713493

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 9d638b9aeaf8765fe9733d602aee5aa4
SHA1 1f7ee1814dc39f250e5bfe0f8401d307fd8c2bc3
SHA256 a80068cce4aca62d26ebeeffaecd4372cf2a5ab6f6cb885cc5cc53f2c7ae4a99
SHA512 8204e79e7dea79558102531b83b911a611872514adddc42efff54a8b9fa84eba208cac50a176dfa50d5cb5e665019685c3e8a02bbd5dd6b6911882a311554efe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4cd4f6642c6b042f647e4ea91d02e21c
SHA1 7281162c096c9450e29d0dc336e8e4e6e24c314e
SHA256 a24c984c90d9e4c4140a766c630ef02e4ffddf042657193298e6148c8053d0c9
SHA512 1b8ff50d73366173ffcdd30b5e70729578cfd97552f2c2cd7468512107793e10ace813c5717afd241af6cedcc6fcffecc974aa5fef0fe866c3e5e09a0b80c517

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2b8df2a12677b5442c5010e7340f708d
SHA1 aa0b2c0542ca78228bb4527713a1893ff832abe0
SHA256 bff53bdfd218cdb158866794c600ed15f56fc555364dfb9828b45fe63a3c7e92
SHA512 cdec800c5aa1750575449d451483f078f31a1ccaa40495ce37a23ab0b536d427dc9564876b19d839d8b72f05f04221a642ef5d0240c04539bdcd361bce6278ee

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 265b3dd8a3f63559d5a8c80f5e0a829e
SHA1 7d4d7808c165813fd3c493fc645bc3a77f7bfd78
SHA256 8e1bf20e0ff0129a343eda71f201c82ef19d627d08fbb7394f6c055b8fcd3d6a
SHA512 d2ba1ecd5cb139c95ca451be9b33ad7e2756d13a53ada9ca5142a1779586e05cc32058f9e5cb20ba1e93f496682a8c09b1e3da57413e22d2c346ff5d456100b3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 6ba52c5bbe4d3f5df6004e82e0580e09
SHA1 958ec3abc633e86856eada49cc29f0b8c827c70e
SHA256 996416e18ba78e47e23c1a167c825a78a54da54f1bbe600a2a68d9af5ff26f3b
SHA512 83cd7a937f0ab450acd153eecac1b6c5aa5fa182728def5169d8eb985f371c61acc13ed44a46474f0c80bb266b4f7dc9ded2b7453f119e328be6583581788bdb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 41c2258c2bcf2f5107cf244f090d4472
SHA1 5bda1a3b5cd5d0a24c2ef108ccf13968655fc33f
SHA256 90c28c14c67f714848c1ebd669bfdba3d997af7707386a70b2e35b6fd0e929ce
SHA512 d928db30e0e905d084cc8c5456a1df20fd3d50c65d22d9bd547809595ffce2f90308159df08c5b050a4c084551f5121a250df0d44d732b6de096a541b281e137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\1cde4e7d-6af7-4236-ad52-a91604fc2be0\index-dir\the-real-index~RFe6045e7.TMP

MD5 2bc7f2541614aeae3057edee37877e49
SHA1 80b3e484e28cedc4ce7ebc74882e363218370166
SHA256 2ea7a512d287d47cc4d55b8d640fe67fd70a27426605560dbcdaf395aafc1668
SHA512 49d6c94cb2ea8d990f4abbef1c1f51cbe4c6e317b232158fd267cb39da4bf0f612b2f3b7dd01356dd2fd15650568a0f4f6f134eaeced0a4c59b5fb8259575b4d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\1cde4e7d-6af7-4236-ad52-a91604fc2be0\index-dir\the-real-index

MD5 cc7b4233dbb06895cbbd268531008b7f
SHA1 5ba850eb5a06f0649d34464dc49a735ac7f3dd6b
SHA256 327cac5d508c5594ef2a0847b3457d78e350889ccb0e84939fbcab90e011d80c
SHA512 54d0b012891a45dcc85e99403be249b0f488b202763b0b57f311997d306d44538cea802b2a86a0130f9b1750ac905f52a2f137c4c8b39a45c38fd4aa85993239

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\be68ca0b-9746-4727-994b-3af4bc91d54f\index-dir\the-real-index

MD5 567b190b21fa095ca677bd1591fb5327
SHA1 9b50f4698e15333e88012a60e17dde7ad544285b
SHA256 47c7064a4c21992250d6fae6b7a72e39d133337610d7cf82d21a9c581ff1bb60
SHA512 45c5e4d5861e63094a0ed75f8bb5c006eddde487fece51d0dfaae30c82e3612daec78e83af38d9e3e62731992a2e7872a3b8cdd56194b0b1b0298d80ecce9575

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\be68ca0b-9746-4727-994b-3af4bc91d54f\index-dir\the-real-index~RFe607f08.TMP

MD5 9ef608a9d2181ff17066f60dec89f086
SHA1 5337b211bb16412625015074ba2044a136b4e703
SHA256 c9013caa4192cd99acfb16e8ef087e897789988222ca60f200f15e080863e3fd
SHA512 fff3d202b6a276bec5b107c14037e24496966323c6e30da12ba10fe952094d220229c1001cc1200ba40211de4d71ef473311b488c1a4c8af3deaa4bfec40913e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 1d70d8690b628da82ff006549984f613
SHA1 a2f8af5da71b1dad6b4adfeb6589717a05e2b520
SHA256 2c5c373271d50838b8343dcc889f6f2b2f2d36f24d57b376b2b808d08fddd066
SHA512 00f87f792241d1a68ce94462d9d3262a5ec15fabf2d42152802312be863de11b6627755a5e8e3a2853425ab07ede9823c312edc26596687aba5289d33178e4f4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 34e403cbb96b86a7031687668a1de642
SHA1 40ae3a269b08b7d385f16ad51d8d44e3f2e8f6de
SHA256 69a7b40b15dd0d6fd7c715cb4ebe50496bef1fdd95e92890adc1768278b2c0b9
SHA512 c98af3ac4881a2b3c4839c938689cbb0bf87bdc873533eeee39d4a96fd740bbccac6c32026c0f054df982276f42cafaae41c9c6dcabc9822a96712d77bb218e6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 e601881aa422dc09c393f00c9f378179
SHA1 cf5435cece34a40441c93b62544d67c02928bb29
SHA256 e5073450dddc4dbe032faa56acec62bbdf6e1daeef9fbd12a3d2b9c2d76ab138
SHA512 c9fdb460f035f3ccb0c8d5b1d8750eb08876d9347629eadd739efddd21d6d3b13da55fa7b53bf3397c27797ad523a1db177ea016997f528e8c24975774c4cae0

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{1FAB8CFE-9860-415C-A6CA-AA7D12021940}\2.0.0.32\BGAUpdate.exe

MD5 6fbe3053a922544f882eb2d8272040b6
SHA1 c684b59964c5f744379470a2a9a00f42aaa09ecc
SHA256 16fb49712b25fd04803d409c93cb03172c5e76b622796e7d301adb62d2f6cfaf
SHA512 3d1b7b782e8591a48d4a2ecf1bcde1575dc67166d001311d9a574038168d8c96519ea47bd081cf636f37cb1ba97fd295b00bc594e634572a5de2f990618a6351

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}\122.0.2365.92\MicrosoftEdge_X64_122.0.2365.92.exe

MD5 eaa50ebaecedcb43a19b312a9531ba20
SHA1 1823dc0f5c720c2bca1f7af634f23907e2e8cd55
SHA256 8b18ba6253575d8e32a57ce83e31b95b1cb760a6f90171c2eaafd9d6b7b81d74
SHA512 ab11a7121002bdcf2d4927590a7afaa89362c3a6728dd4f0292adab4fd70f62e4e0e5ab6414bf4e67a2ae8e54f4073843915d6aa2470974a2562b75d1ce4f9c4

C:\Program Files (x86)\Microsoft\EdgeCore\122.0.2365.92\Installer\setup.exe

MD5 e57d4e600d42e4c112b8a5f43297c37e
SHA1 0981c5251048f46cb425313d9c20f21cd51c4fd3
SHA256 ca273139b833de79d48b91263b81f3b37e164706e4dedbd1990c0e0d09ba3161
SHA512 c7a831349e02c5ca30b4b3c708828a595b05f54e51f7e4eedb316ab0d855fb6a78a39d97887fcaac55547bb229983c119f75feb53992e6f30c46c52035767b62