Malware Analysis Report

2025-01-18 21:46

Sample ID 240414-p9kmmagg45
Target King of the Seven Seas.mp3
SHA256 e8662e595e233c34bb84edec44c2d55946409d7d3b6e2dd7ebe1193e9ada3ac7
Tags
adware discovery evasion persistence stealer trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

e8662e595e233c34bb84edec44c2d55946409d7d3b6e2dd7ebe1193e9ada3ac7

Threat Level: Likely malicious

The file King of the Seven Seas.mp3 was found to be: Likely malicious.

Malicious Activity Summary

adware discovery evasion persistence stealer trojan

Sets file execution options in registry

Downloads MZ/PE file

Modifies Installed Components in the registry

Executes dropped EXE

Loads dropped DLL

Checks computer location settings

Registers COM server for autorun

Checks installed software on the system

Enumerates connected drives

Checks whether UAC is enabled

Installs/modifies Browser Helper Object

Adds Run key to start application

Checks system information in the registry

Suspicious use of NtSetInformationThreadHideFromDebugger

Suspicious use of NtCreateThreadExHideFromDebugger

Drops file in System32 directory

Drops file in Program Files directory

Enumerates physical storage devices

Suspicious use of AdjustPrivilegeToken

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

System policy modification

Modifies registry class

Modifies data under HKEY_USERS

Suspicious use of SendNotifyMessage

NTFS ADS

Suspicious behavior: EnumeratesProcesses

Suspicious use of FindShellTrayWindow

Enumerates system info in registry

Suspicious use of UnmapMainImage

Suspicious behavior: GetForegroundWindowSpam

Modifies Internet Explorer settings

Checks processor information in registry

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-04-14 13:01

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-14 13:01

Reported

2024-04-14 13:31

Platform

win10v2004-20240412-en

Max time kernel

1797s

Max time network

1800s

Command Line

"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:6 /Open "C:\Users\Admin\AppData\Local\Temp\King of the Seven Seas.mp3"

Signatures

Downloads MZ/PE file

Modifies Installed Components in the registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A

Sets file execution options in registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU1D9E.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU1D9E.tmp\MicrosoftEdgeUpdate.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-259785868-298165991-4178590326-1000\Control Panel\International\Geo\Nation C:\Windows\system32\rundll32.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-259785868-298165991-4178590326-1000\Control Panel\International\Geo\Nation C:\Windows\system32\rundll32.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-259785868-298165991-4178590326-1000\Control Panel\International\Geo\Nation C:\Windows\system32\rundll32.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-259785868-298165991-4178590326-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\MicrosoftEdgeUpdate.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{30EEBCC7-C2C6-40EE-BC41-32B200A4A45D}\MicrosoftEdge_X64_123.0.2420.97.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{30EEBCC7-C2C6-40EE-BC41-32B200A4A45D}\EDGEMITMP_97288.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{30EEBCC7-C2C6-40EE-BC41-32B200A4A45D}\EDGEMITMP_97288.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E41C32E5-971E-4EBB-86A8-4ED80F6E5EA7}\BGAUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{ED6BCA0A-7501-4C53-8BE3-AEF15A00FE16}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU1D9E.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\MicrosoftEdge_X64_123.0.2420.97.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU1D9E.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A

Registers COM server for autorun

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\notification_click_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\notification_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\notification_helper.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\PdfPreview\\PdfPreviewHandler.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\EBWebView\\x64\\EmbeddedBrowserWebView.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\BHO\\ie_to_edge_bho_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\!BCILauncher = "\"C:\\Windows\\Temp\\MUBSTemp\\BCILauncher.EXE\" bgaupmi=B0E21576431C4BF88AB2A4A5752C2C9B" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E41C32E5-971E-4EBB-86A8-4ED80F6E5EA7}\BGAUpdate.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\E: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\L: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\P: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\V: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\U: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\A: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\G: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\H: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\K: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\N: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\S: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\T: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\Y: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\Z: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\B: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\J: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\Q: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\I: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\M: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\O: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\R: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\W: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\X: C:\Windows\system32\unregmp2.exe N/A

Installs/modifies Browser Helper Object

stealer adware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU1D9E.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU1D9E.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A

Suspicious use of NtCreateThreadExHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\WindControl\ArrowUp.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\XboxController\ButtonLS.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaChatV2\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\configs\GameControllerConfigs\gamecontrollerdb.txt C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Settings\Help\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\CollisionGroupsEditor\assign-hover.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\xboxRS.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\StudioToolbox\AssetPreview\magnifier_ph.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\TopBar\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\InspectMenu\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaChat\9-slice\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\VisualElements\SmallLogoCanary.png C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\TerrainTools\mtrl_slate.png C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\PluginManagement\back.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\CollisionGroupsEditor\manage.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Chat\ToggleChat.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\xboxView.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\DraftsWidget\newSource.png C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\TerrainTools\button_pressed.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AssetImport\btn_dark_resetcam_28x28.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\particles\fire_sparks_color.dds C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Settings\LeaveGame\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\DraftsWidget\deletedSource.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\AppImageAtlas\img_set_1x_6.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\sky\clouds.dds C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\StudioToolbox\EndorsedBadge.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\fonts\families\Inconsolata.json C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\DesignSystem\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\LegacyRbxGui\LogSide.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\PlayerList\developer.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\localizationUIScrapingOff.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\TextureViewer\refresh_dark_theme.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AnimationEditor\image_keyframe_constant_unselected.png C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\VoiceChat\SpeakerDark\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Emotes\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU1D9E.tmp\msedgeupdateres_iw.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{ED6BCA0A-7501-4C53-8BE3-AEF15A00FE16}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AnimationEditor\FaceCaptureUI\MoreButton.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\ImageSet\AE\img_set_2x_3.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\DeveloperFramework\checkbox_unchecked_dark.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU1D9E.tmp\MicrosoftEdgeUpdateSetup.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{ED6BCA0A-7501-4C53-8BE3-AEF15A00FE16}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AvatarImporter\img_dark_R15.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Lobby\Buttons\glow_nine_slice.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerLauncher.exe C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaChat\graphic\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaApp\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU1D9E.tmp\msedgeupdateres_et.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{ED6BCA0A-7501-4C53-8BE3-AEF15A00FE16}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AnimationEditor\icon_showmore.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\DeveloperFramework\Votes\rating_small.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\9SliceEditor\HorizontalDragger.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\particles\explosion_alpha.dds C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\common\robux_small.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\XboxController\ButtonB.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Locales\zh-CN.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\MaterialManager\Gradient_DT.png C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\fonts\zekton_rg.ttf C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\PurchasePrompt\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AnimationEditor\button_radio_background.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\localizationUIScrapingOn.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\advCursor-default.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Trust Protection Lists\Mu\Analytics C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaChatV2\actions_notificationOff.png C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\LayeredClothingEditor\Default_Preview_Clothing.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaApp\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\System32\sdiagnhost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\System32\sdiagnhost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\System32\sdiagnhost.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\BIOS C:\Windows\System32\sdiagnhost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU C:\Windows\System32\sdiagnhost.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\PROTOCOLEXECUTE\ROBLOX C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\PROTOCOLEXECUTE\ROBLOX-PLAYER C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\PROTOCOLEXECUTE\ROBLOX-PLAYER C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\PROTOCOLEXECUTE\ROBLOX-PLAYER C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\PROTOCOLEXECUTE\ROBLOX C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\PROTOCOLEXECUTE\ROBLOX C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\PROTOCOLEXECUTE\ROBLOX C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge\InstallerPinned = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ = "IAppBundle" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{08D832B9-D2FD-481F-98CF-904D00DF63CC}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\MicrosoftEdgeUpdateOnDemand.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\ELEVATION C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\NumMethods\ = "17" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A}\AppID = "{A6B716CB-028B-404D-B72C-50E153DD68DA}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\MSEdgePDF\shell\runas C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C9C2B807-7731-4F34-81B7-44FF7779522B}\ = "Interface {C9C2B807-7731-4F34-81B7-44FF7779522B}" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ = "IAppVersionWeb" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-player\shell\open\command\version = "version-8950870ea20941f9" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ = "IJobObserver2" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3COMClassService\CLSID\ = "{CECDDD22-2E72-4832-9606-A9B0E5E344B2}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreMachineClass\CLSID\ = "{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{69E11C9D-4974-41A2-B067-9F26953CF52A}\InprocHandler32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}\Elevation\IconReference = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\msedgeupdate.dll,-1004" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ = "IPolicyStatus" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ = "IPolicyStatus4" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\NumMethods\ = "43" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\Elevation\Enabled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-player\shell\open C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A}\PROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ = "IPolicyStatus" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\ = "IAppCommandWeb" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\NumMethods\ = "41" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\.xht C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{08D832B9-D2FD-481F-98CF-904D00DF63CC}\ProgID\ = "MicrosoftEdgeUpdate.ProcessLauncher.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{5F6A18BB-6231-424B-8242-19E5BB94F8ED} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ = "ICoCreateAsyncStatus" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.Update3WebMachineFallback" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\NumMethods\ = "10" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ = "ICoCreateAsyncStatus" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ = "ICredentialDialog" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebMachine.1.0\ = "Microsoft Edge Update Broker Class Factory" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{5F6A18BB-6231-424B-8242-19E5BB94F8ED}\ = "Microsoft Edge Update CredentialDialog" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebMachineFallback\CurVer\ = "MicrosoftEdgeUpdate.Update3WebMachineFallback.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\roblox\shell\open\command C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreClass.1\CLSID\ = "{8F09CD6C-5964-4573-82E3-EBFF7702865B}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 713442.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 43340.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 831660.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 281540.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Windows\System32\sdiagnhost.exe N/A
N/A N/A C:\Windows\System32\sdiagnhost.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Windows\System32\msdt.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Windows\System32\msdt.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of UnmapMainImage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 516 wrote to memory of 1012 N/A C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Program Files (x86)\Windows Media Player\setup_wm.exe
PID 516 wrote to memory of 1012 N/A C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Program Files (x86)\Windows Media Player\setup_wm.exe
PID 516 wrote to memory of 1012 N/A C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Program Files (x86)\Windows Media Player\setup_wm.exe
PID 516 wrote to memory of 3792 N/A C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Windows\SysWOW64\unregmp2.exe
PID 516 wrote to memory of 3792 N/A C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Windows\SysWOW64\unregmp2.exe
PID 516 wrote to memory of 3792 N/A C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Windows\SysWOW64\unregmp2.exe
PID 3792 wrote to memory of 2160 N/A C:\Windows\SysWOW64\unregmp2.exe C:\Windows\system32\unregmp2.exe
PID 3792 wrote to memory of 2160 N/A C:\Windows\SysWOW64\unregmp2.exe C:\Windows\system32\unregmp2.exe
PID 2476 wrote to memory of 4848 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 4848 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 1012 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 1012 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2476 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

System policy modification

evasion
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe N/A

Processes

C:\Program Files (x86)\Windows Media Player\wmplayer.exe

"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:6 /Open "C:\Users\Admin\AppData\Local\Temp\King of the Seven Seas.mp3"

C:\Program Files (x86)\Windows Media Player\setup_wm.exe

"C:\Program Files (x86)\Windows Media Player\setup_wm.exe" /RunOnce:"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:6 /Open "C:\Users\Admin\AppData\Local\Temp\King of the Seven Seas.mp3"

C:\Windows\SysWOW64\unregmp2.exe

"C:\Windows\System32\unregmp2.exe" /AsyncFirstLogon

C:\Windows\system32\unregmp2.exe

"C:\Windows\SysNative\unregmp2.exe" /AsyncFirstLogon /REENTRANT

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefaultde5e7d81h905eh4c3chb972he43cfabd1086

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffdcd0f46f8,0x7ffdcd0f4708,0x7ffdcd0f4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,2077045492413337926,4920960047723981387,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,2077045492413337926,4920960047723981387,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2344 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2072,2077045492413337926,4920960047723981387,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2888 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdcd0f46f8,0x7ffdcd0f4708,0x7ffdcd0f4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2196 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2252 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2964 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3388 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3404 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5052 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5324 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3628 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4116 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3564 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4180 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5504 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5504 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5560 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5500 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3672 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2980 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5812 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6008 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6040 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5640 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaFoundationService --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=6260 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2704 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6100 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5992 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6652 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7288 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7180 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QjhBNTYzNjktMTQ2QS00NzFCLUJGNjMtODIyRUVCNjc3QzFEfSIgdXNlcmlkPSJ7RDIwMkU4MEMtNENGMi00RERGLTg0OUMtQjc3MjYxNjgyREQzfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins1NjgxOTVCQy1EODgxLTQzRTEtOTU0MS1DNTZFMjdFQUMzQzl9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7KzBqVW1ZZUt0WkFGNUMzZzIycEJCNUYwUnlkdGYxU0g3Ym53c25vVStmaz0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4NS4yOSIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjY2NjYxMDE3NzgiIGluc3RhbGxfdGltZV9tcz0iNDkyIi8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{B8A56369-146A-471B-BF63-822EEB677C1D}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QjhBNTYzNjktMTQ2QS00NzFCLUJGNjMtODIyRUVCNjc3QzFEfSIgdXNlcmlkPSJ7RDIwMkU4MEMtNENGMi00RERGLTg0OUMtQjc3MjYxNjgyREQzfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntENDU1MEVGRi1CRjQzLTQ1M0ItOTFBNy1EODYyRkRCNzk0MTZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTEwLjAuNTQ4MS4xMDQiIG5leHR2ZXJzaW9uPSIxMTAuMC41NDgxLjEwNCIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9IjY2NzA2NjE1MTEiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3096 /prefetch:2

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{30EEBCC7-C2C6-40EE-BC41-32B200A4A45D}\MicrosoftEdge_X64_123.0.2420.97.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{30EEBCC7-C2C6-40EE-BC41-32B200A4A45D}\MicrosoftEdge_X64_123.0.2420.97.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{30EEBCC7-C2C6-40EE-BC41-32B200A4A45D}\EDGEMITMP_97288.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{30EEBCC7-C2C6-40EE-BC41-32B200A4A45D}\EDGEMITMP_97288.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{30EEBCC7-C2C6-40EE-BC41-32B200A4A45D}\MicrosoftEdge_X64_123.0.2420.97.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{30EEBCC7-C2C6-40EE-BC41-32B200A4A45D}\EDGEMITMP_97288.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{30EEBCC7-C2C6-40EE-BC41-32B200A4A45D}\EDGEMITMP_97288.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.123 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{30EEBCC7-C2C6-40EE-BC41-32B200A4A45D}\EDGEMITMP_97288.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.97 --initial-client-data=0x22c,0x230,0x234,0x208,0x238,0x7ff67926baf8,0x7ff67926bb04,0x7ff67926bb10

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QjhBNTYzNjktMTQ2QS00NzFCLUJGNjMtODIyRUVCNjc3QzFEfSIgdXNlcmlkPSJ7RDIwMkU4MEMtNENGMi00RERGLTg0OUMtQjc3MjYxNjgyREQzfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntFQkFFNENCMS1EMzFGLTQ5RDktOTdCRC0xNjE3MzBEQThCRkN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTIzLjAuMjQyMC45NyIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9Ii0xIiBpbnN0YWxsZGF0ZT0iLTEiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNjY4NTg0MTc1NSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjY2ODU5ODE1NDIiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI3MTAyMzExNjgyIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy8xYzFmYzhmZS1mMjUwLTRhM2EtOTFlYy05ZjkwZTMxYjgyNjU_UDE9MTcxMzcwNDczNiZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1Jc0d3RU9VY29KRUxIeUpjRmVpQjFwQ2VUeGhpZ2VQQWVLbjkwVEhOYXRrbW5ybXVwaWFSbXpoTkY5Uk9jdHlPNlU4S21lbkJVWjElMmZZaXQ5SVlHU2FnJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTcyMDc2MDg4IiB0b3RhbD0iMTcyMDc2MDg4IiBkb3dubG9hZF90aW1lX21zPSIzNTUxNiIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjcxMDIzNzE1NTEiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI3MTE2NzIxNDg2IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI3NTU4MTkxNTMxIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iOTA0IiBkb3dubG9hZF90aW1lX21zPSI0MTYxMCIgZG93bmxvYWRlZD0iMTcyMDc2MDg4IiB0b3RhbD0iMTcyMDc2MDg4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI0NDE0NCIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" -app -isInstallerLaunch

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" -app -isInstallerLaunch

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7144 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:Aq8AcnY4Jzy3RXlqD8rG-GzJ4Qm357CD-KGBSlD9EFF6ve2oqSIOILa7DPI8YHrIlchkHc3WZXYq7kzM5x9bZPOHj-RKzhQCHkm4SPbt1VEF-FkDC9MkhQCFmxD5f-c-V9X_b871fHZ0X8z8zZ45hdE7aZBYdO3a8iSt8ir_CRLKiQ6Dbn7pPfmcCa_KFiUw_vhMOzpQXJ7WAPKYB5NQU3Yfy3rvziHy3m9pALPpfo4+launchtime:1713099891166+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1713099847103016%26placeId%3D15532962292%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D438ea6ec-f5c4-440e-bc5a-08d085cf735c%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1713099847103016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1380 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:MjICvt35tp_jQTHauzv-3k5WltqiugYm9-hN6Xz7tvtS8RVyh7H-xqZq_7ausk12uRS4j3SU9eGlJln9trNrj3pbGoAPiFplEXMeIOhTHh2slxycbOIq6d3wWlzGUVJira0FUyDgeAShX5FWpoJgTY8NIAH2Rx4AsBvCRf000M6O0TF4GJooKlJ9gcpUTzxHIfkkbo-Vo_aBw0OhVUyyF_iUqvxQg1oUoDrpiMStQXk+launchtime:1713099891166+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1713099847103016%26placeId%3D15532962292%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D438ea6ec-f5c4-440e-bc5a-08d085cf735c%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1713099847103016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7440 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:N6vBoF8LLEaEGncrEDw3P4PHM7mB5ybFrdaFONo3_3mt7S_AbZZYymhwuEmXg2HdQEkspYh3KZsCimt8OXOfDxRCGWpkNLtsozDmvU4UVNpNq_ZkRqkc_NcgZKSZeWe8q4umaa-mUJOPZcCY0CMohZBENeRlGtQWQpVTZCzBdN7HTVXa7CofXXf51cV1cWH-NQt43BDCKMQTPA2lW34rEhr9RP-pdwlZ-5CpGH4mI7M+launchtime:1713099891166+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1713099847103016%26placeId%3D15532962292%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D438ea6ec-f5c4-440e-bc5a-08d085cf735c%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1713099847103016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6956 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:qoRRcTk0pa_u2ROS7V_bIb1_RKiqtTo3k2pIonxwPndw-dk_nLqTW_bgOJzl769k7Jy2HZh4XzDO2DI9SeoZexTDtjYhCiSiWzTPu3avVdSWDuoPfNkR6aLgNHCJdf6lOBgqYMHR8eNO_XP1HtVFbmiFBWXQJb7LwDczlNhbl_gP_yf_DBuQDwFCR3euPgWtWGyDIDFwQ51m2sofR5Apph6_Q0_xuwmUlfIKHRMRkzs+launchtime:1713099891166+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1713099847103016%26placeId%3D15532962292%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D438ea6ec-f5c4-440e-bc5a-08d085cf735c%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1713099847103016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6644 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:7zhmVAt9jMH_mrUWT9Gm10Rnr6AZX_3hhy63T4MEwR1Y7KBWddF-89XENp_plWoun1t-aQnwiSDD6BYvHt_5Es_VFVnlpt8LZFUzSXZyrjk-hQa5iyJZayAH6S3nopXVoiddLiqYKugnwTPB-bGRYcdcq4YL5idH_JvP_mgZzbSJjtVn9SPuHS7-mq11A5bXZaV_nFa60h-hqlDg2jz_UcPmWNh1fLn0dvTOmiCFJdg+launchtime:1713100124615+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1713099847103016%26placeId%3D15532962292%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3De43c687d-f383-4c59-945c-dd6f9145ead0%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1713099847103016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5168 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:YZTEUekfxWLTYpBlKGIR3EBgWKKi6kdE_cJ5hR5YSK5e4CFnbKjBwBprNUy-l9te5g9mgQBuOgqG3p5b7HHKzzqik0DxRLCgLZR07RJqmVi_tvQ1d1EwGNFpAE_qKrowubjWaUu4J94S5Z2HQqzcT5jfg9iLfEQVI9pwW8woV8DaphTQYDv-JSvdpTxqymxgK-Tj_3KFA0KR2fqxD9K9E7BdJfUctk4xR1ffk9WagdU+launchtime:1713100138860+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1713099847103016%26placeId%3D15532962292%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D5dd6aca7-1b81-4b6e-836b-0154eced45c9%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1713099847103016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7632 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4092 /prefetch:8

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" -app -isInstallerLaunch

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7124 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:TMPN3tfW8lnybm5-3OClnk6RIs_y8bndrNxPRNQnuPaOiVJhLq_XIgQj5cfivUbBe7g-LhGAlalcYsNMQHwGFvqHzerfKQ_6aQ2KzBVCHj7ufry7LYW96OAnUDizZ8h9_24y8ObNaBQM5Cbou-IiMBlEhBKbXDLXsh4jLNAGa6uk3z9V1E1sAtuV75C_wu_7Q1SKBvuiw_ubDG0uzT4jWCzSfqYgKxh-VHOURxKu8nI+launchtime:1713100138860+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1713099847103016%26placeId%3D15532962292%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D5dd6aca7-1b81-4b6e-836b-0154eced45c9%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1713099847103016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4196 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:Uh9sHJb2iBFd66IA96Q9gIrRIxkxtEU91CJzUFSrBBZQ0A4YDbowgPytT1oIdXzUqIQES3cb-hixSIsVpGO9fFCV-ZLMPYwF7eiC9uQ_LsVe54Hex1dza_xfFDra7Zo12CyRkQoFAWG6HN7uxvYpocp4IdDG4AK2iXFZp1yPNjCX3papSQML7ca_VXl_pyyzQs8TG4FVSieGsoK3NzGe7kslaHuOji8xAxZubb8IKhw+launchtime:1713100229084+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1713099847103016%26placeId%3D15532962292%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D47e71398-f7a6-4f91-8dea-e7864de29422%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1713099847103016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6868 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E41C32E5-971E-4EBB-86A8-4ED80F6E5EA7}\BGAUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E41C32E5-971E-4EBB-86A8-4ED80F6E5EA7}\BGAUpdate.exe" --edgeupdate-client --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MDZERTk1QUYtQ0FBQy00QTVELUFGNUItQjJDN0ZEQkVDMzhFfSIgdXNlcmlkPSJ7RDIwMkU4MEMtNENGMi00RERGLTg0OUMtQjc3MjYxNjgyREQzfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntBOUYyNTk5OS03RDFDLTQyNzEtODU0Ni01ODhGQzBGNzEzRDV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7MUZBQjhDRkUtOTg2MC00MTVDLUE2Q0EtQUE3RDEyMDIxOTQwfSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMi4wLjAuMzMiIGxhbmc9IiIgYnJhbmQ9IkVVRkkiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iLTEiIGluc3RhbGxkYXRlPSItMSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5Njc1ODc3NTAzIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTY3NTk5NzM1NyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ3MDIzODM4IiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDAwNDMwOTM1MyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iZG8iIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzL2RhMDE3ZGVhLTM0ZjgtNGE5Zi1hM2ZkLTI3ZjFiOTUzODYwMD9QMT0xNzEzNzA1MDM1JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PWhDb1FGbW9sb1klMmYlMmJtd3NudUJSakhlbVN6RXNqeHBKZ2daaEJIbVJhTjV4c3hFYTFNUkRhRnVLaGROT1lYOEJRV21aazhXMVUzY3lPYmptODMyZkVEdyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSIwIiBkb3dubG9hZF90aW1lX21zPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTAwMDQ0NjU3NjUiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzL2RhMDE3ZGVhLTM0ZjgtNGE5Zi1hM2ZkLTI3ZjFiOTUzODYwMD9QMT0xNzEzNzA1MDM1JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PWhDb1FGbW9sb1klMmYlMmJtd3NudUJSakhlbVN6RXNqeHBKZ2daaEJIbVJhTjV4c3hFYTFNUkRhRnVLaGROT1lYOEJRV21aazhXMVUzY3lPYmptODMyZkVEdyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE4MDQ3MDA4IiB0b3RhbD0iMTgwNDcwMDgiIGRvd25sb2FkX3RpbWVfbXM9IjI4Mzg2Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTAwMDQ2MjE3ODEiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDAxMDU2MDEzNCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwMDEyMTIxOTc5IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iOTYzIiBkb3dubG9hZF90aW1lX21zPSIzMjg1NiIgZG93bmxvYWRlZD0iMTgwNDcwMDgiIHRvdGFsPSIxODA0NzAwOCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iMTU2Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Windows\system32\pcwrun.exe

C:\Windows\system32\pcwrun.exe "C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe" ContextMenu

C:\Windows\System32\msdt.exe

C:\Windows\System32\msdt.exe -path C:\Windows\diagnostics\index\PCWDiagnostic.xml -af C:\Users\Admin\AppData\Local\Temp\PCWCABB.xml /skip TRUE

C:\Windows\System32\sdiagnhost.exe

C:\Windows\System32\sdiagnhost.exe -Embedding

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe

"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\d2y50xre\d2y50xre.cmdline"

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RESD0F5.tmp" "c:\Users\Admin\AppData\Local\Temp\d2y50xre\CSC80B6C9EBBD694B44AA4A8673313A5226.TMP"

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe

"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\kx2ihs5l\kx2ihs5l.cmdline"

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RESD1B1.tmp" "c:\Users\Admin\AppData\Local\Temp\kx2ihs5l\CSC418537771D97489C90BBD293BEA3F.TMP"

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe

"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\ef2ihqbq\ef2ihqbq.cmdline"

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RESD625.tmp" "c:\Users\Admin\AppData\Local\Temp\ef2ihqbq\CSC6D05F9E8260402C855E8D1E15762D7A.TMP"

C:\Windows\system32\rundll32.exe

"C:\Windows\system32\rundll32.exe" C:\Windows\system32\pcwutl.dll,LaunchApplication "C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" -app -isInstallerLaunch

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{ED6BCA0A-7501-4C53-8BE3-AEF15A00FE16}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{ED6BCA0A-7501-4C53-8BE3-AEF15A00FE16}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe" /update /sessionid "{A916F834-75D2-4C2C-B410-9BA178B3DD9E}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QTkxNkY4MzQtNzVEMi00QzJDLUI0MTAtOUJBMTc4QjNERDlFfSIgdXNlcmlkPSJ7RDIwMkU4MEMtNENGMi00RERGLTg0OUMtQjc3MjYxNjgyREQzfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins2NUU2MjI0Qy0zQUUyLTRGMTEtOTk3MC05QkYyMjNEQTQwQzJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xODUuMjkiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iSXNPbkludGVydmFsQ29tbWFuZHNBbGxvd2VkPS10YXJnZXRfZGV2O1Byb2R1Y3RzVG9SZWdpc3Rlcj0lN0IxRkFCOENGRS05ODYwLTQxNUMtQTZDQS1BQTdEMTIwMjE5NDAlN0QiIGluc3RhbGxhZ2U9IjIiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwMzI3MjU5OTY2IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwMzI3MzY5Njk4IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ3MDIzODM4IiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDM0MzI0OTkwMiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iZG8iIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzcyZWQ4MDg3LWVlOTgtNDI5Yy05MzMwLWNhM2MxOTNkNDFhZj9QMT0xNzEzNzA1MTAwJmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PWpmMkVzSkJ6OENUeXlqdmFHWSUyZjcwd1VKY3FPMjBjZk1rdlQ1R2JGaXJBdUMyJTJmMUJkNVhOTFR5ODIxa2NaM2NxQWJOZU03RGxxSVNWelR5amM0VlA1dyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSIwIiBkb3dubG9hZF90aW1lX21zPSIyNSIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDM0MzI2MDAwNSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNzJlZDgwODctZWU5OC00MjljLTkzMzAtY2EzYzE5M2Q0MWFmP1AxPTE3MTM3MDUxMDAmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9amYyRXNKQno4Q1R5eWp2YUdZJTJmNzB3VUpjcU8yMGNmTWt2VDVHYkZpckF1QzIlMmYxQmQ1WE5MVHk4MjFrY1ozY3FBYk5lTTdEbHFJU1Z6VHlqYzRWUDV3JTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTYzMDc5MiIgdG90YWw9IjE2MzA3OTIiIGRvd25sb2FkX3RpbWVfbXM9IjEzOTEiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTAzNDMyODk4ODIiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTAzNDg0Njk3NTciIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48cGluZyByPSIyIiByZD0iNjMxMSIgcGluZ19mcmVzaG5lc3M9IntEMzE3RTA3Qy1GNDlELTQzMUMtQkVDNi01NTQyNjdEOTczQ0R9Ii8-PC9hcHA-PGFwcCBhcHBpZD0iezU2RUIxOEY4LUIwMDgtNENCRC1CNkQyLThDOTdGRTdFOTA2Mn0iIHZlcnNpb249IjkyLjAuOTAyLjY3IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9IjIiIGxhc3RfbGF1bmNoX3RpbWU9IjEzMzU3NTczNDM1NzUzODkxMCI-PHVwZGF0ZWNoZWNrLz48cGluZyBhY3RpdmU9IjEiIGE9IjIiIHI9IjIiIGFkPSI2MzExIiByZD0iNjMxMSIgcGluZ19mcmVzaG5lc3M9IntCNkM2MzhCRS0yM0QyLTRFNzgtQUM5RS00Q0I1NzU0OUE2RTB9Ii8-PC9hcHA-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IjEyMy4wLjI0MjAuOTciIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIwIiBpbnN0YWxsZGF0ZT0iNjMwNyI-PHVwZGF0ZWNoZWNrLz48cGluZyByPSItMSIgcmQ9Ii0xIiBwaW5nX2ZyZXNobmVzcz0iezMxMUY5Q0FGLTc5MTMtNDc2NS1CODhGLUYwODkyNzE3MzZGNH0iLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\Temp\EU1D9E.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU1D9E.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{A916F834-75D2-4C2C-B410-9BA178B3DD9E}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QTkxNkY4MzQtNzVEMi00QzJDLUI0MTAtOUJBMTc4QjNERDlFfSIgdXNlcmlkPSJ7RDIwMkU4MEMtNENGMi00RERGLTg0OUMtQjc3MjYxNjgyREQzfSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7RURFNjQ4NEItMjhERC00QzNGLUIyMjItMjZFQzBBNTc0QzVGfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNzEuMzkiIG5leHR2ZXJzaW9uPSIxLjMuMTg1LjI5IiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMiIgaW5zdGFsbGRhdGV0aW1lPSIxNzEyOTIxNTA4Ij48ZXZlbnQgZXZlbnR0eXBlPSIzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDM1ODk5OTk0MiIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1836 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:tjUfe-9E_8VSXAjl4ZhCPYdKHbKyfdm2J1mow9kCsYSN7tEb6Sn1jfiHNajp9axscGwN6aF198DB8q0RixadYzHZOPAkzv3XZVa0P38YogI5VRZ1n1cWqBFWovmYySUcm-pR2Eu_qstItv1_mOPvIREtUihkLqXao6gLMnO8I1kuTLbrnYnquHDYk1dApqv8ojf3AlsPPOsvozrT9sBdwhg9FipoXQJmM0RQHOMoJ7U+launchtime:1713100229084+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1713099847103016%26placeId%3D15532962292%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D47e71398-f7a6-4f91-8dea-e7864de29422%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1713099847103016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7688 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:8AAZCsbABFdlJmpQgOqO9WjdlAFUftMZPSZwzWWmZ246BM41kjIxJTkjv5xBQVuT8EAUFrHTigTJQip_XF9WuFqVHvMoa4fHKDVXOgbXPTAUbnDODoP7VRM7v2dYxKMGu4RXnsXUhMNAdjmYdbCfq-D4nMPB6L2POGCoc6xd_ll0FgEyeMa1Wl2baA6X1oNHULCl02wGkREQgFD7b8M4X1LifnjhVQaUL3I3ro31ygU+launchtime:1713100351345+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1713099847103016%26placeId%3D15532962292%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D6983559c-7918-4f9f-9d50-6616c46b9b23%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1713099847103016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Windows\system32\rundll32.exe

"C:\Windows\system32\rundll32.exe" C:\Windows\system32\pcwutl.dll,LaunchApplication "C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" -app -isInstallerLaunch

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4252 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:gs8tgS95VR1aslNU73fk-sQUA7lzPPMo6A1C7S_WbolY-CGEI21LDVObbN3d-HQzAAH-DzZB2FoyAAA4BYBuMx4ZL8Zu2n0xTpgJg6R8HbHdorOcBbaOTHxCWPMUdO6-GoMRjN4BL7aVMC-bzBXwRJdhBxn3VnkbrQhLObe5_vXLoxkgrH184pIpljcSUbAy4pPbODz7T5aj7CoAbxeoblj4WQJYAloOtcJGR4GsxEs+launchtime:1713100571106+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1713099847103016%26placeId%3D15532962292%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D1dede7ea-ada8-46d9-ac10-92d268363e9a%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1713099847103016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Windows\system32\rundll32.exe

"C:\Windows\system32\rundll32.exe" C:\Windows\system32\pcwutl.dll,LaunchApplication "C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" -app -isInstallerLaunch

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OUVENTQ2NjgtQUI4RC00QTI0LUFFQ0MtMEM0OTkwRjhDMzQ3fSIgdXNlcmlkPSJ7RDIwMkU4MEMtNENGMi00RERGLTg0OUMtQjc3MjYxNjgyREQzfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7M0ZDODAyNUMtRDU3Qy00QkFGLUI5N0UtMDQyMjc3Mzg2NUNCfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90OyswalVtWWVLdFpBRjVDM2cyMnBCQjVGMFJ5ZHRmMVNIN2Jud3Nub1UrZms9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjExMC4wLjU0ODEuMTA0IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIyIiBpbnN0YWxsZGF0ZXRpbWU9IjE3MTI5MjI0NjIiIG9vYmVfaW5zdGFsbF90aW1lPSIxMzM1NzM5NTEwODAwMDAwMDAiIGZpcnN0X2ZyZV9zZWVuX3RpbWU9IjEzMzU3NTczNDcxNTU2MjgyMiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjIzMTExODgiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEzNjcwMDA1MjY4Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\MicrosoftEdge_X64_123.0.2420.97.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\MicrosoftEdge_X64_123.0.2420.97.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\MicrosoftEdge_X64_123.0.2420.97.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.123 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.97 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff63adebaf8,0x7ff63adebb04,0x7ff63adebb10

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.123 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.97 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff63adebaf8,0x7ff63adebb04,0x7ff63adebb10

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4016 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:eekvhoi8rMl_vgepGWpPcGbSkdLwhPALjFrhaqUxgyIpCcpWKrEvcFxyxZXSRgzvntAptQaKevK9UjYiA1cYJ-8C6ZOMyjPJh4ism0rbblBuuT7utZ2E9Z6iaB6xZPMgJWY38fLoujj71M-9fXA9njsA90I32gSsYi3ISYGwytYLmAOG97cyxAS-rv3PcO3hX-MDGSiRBvxZEERFy1_wweZmmYvxr3EdQC8bLA6RpYE+launchtime:1713100641674+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1713099847103016%26placeId%3D15532962292%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3Df324efc9-1748-4845-b014-46a93a24e3f0%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1713099847103016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OUVENTQ2NjgtQUI4RC00QTI0LUFFQ0MtMEM0OTkwRjhDMzQ3fSIgdXNlcmlkPSJ7RDIwMkU4MEMtNENGMi00RERGLTg0OUMtQjc3MjYxNjgyREQzfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9InsxNjAyMzY3Mi0yRDAwLTQxNjgtQkNCNi0wNkQ5OTZFMjBBNzZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4NS4yOSIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJJc09uSW50ZXJ2YWxDb21tYW5kc0FsbG93ZWQ9LXRhcmdldF9kZXY7UHJvZHVjdHNUb1JlZ2lzdGVyPSU3QjFGQUI4Q0ZFLTk4NjAtNDE1Qy1BNkNBLUFBN0QxMjAyMTk0MCU3RCIgaW5zdGFsbGFnZT0iMiIgY29ob3J0PSJycmZAMC4zNCI-PHVwZGF0ZWNoZWNrLz48cGluZyByZD0iNjMxMyIgcGluZ19mcmVzaG5lc3M9Ins4MzVDM0IwOS0xMTUxLTRDODAtQTgxRS01Mjg2Q0Q4MUEzMDB9Ii8-PC9hcHA-PGFwcCBhcHBpZD0iezU2RUIxOEY4LUIwMDgtNENCRC1CNkQyLThDOTdGRTdFOTA2Mn0iIHZlcnNpb249IjkyLjAuOTAyLjY3IiBuZXh0dmVyc2lvbj0iMTIzLjAuMjQyMC45NyIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSIyIiBpc19waW5uZWRfc3lzdGVtPSJ0cnVlIiBsYXN0X2xhdW5jaF9jb3VudD0iMSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNTc1NzM0MzU3NTM4OTEwIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjEyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzY3ODkxMjIxOCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzY3ODk5OTgxOSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzcwNTI0OTg2MSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzcxOTYwMDYwNiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTQwNzQ4MDYyMDEiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSI0MDYiIGRvd25sb2FkZWQ9IjE3MjA3NjA4OCIgdG90YWw9IjE3MjA3NjA4OCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjIiIGluc3RhbGxfdGltZV9tcz0iMzU1MjEiLz48cGluZyBhY3RpdmU9IjEiIGFkPSI2MzEzIiByZD0iNjMxMyIgcGluZ19mcmVzaG5lc3M9IntCQkZERjQ2OC1ENjVDLTRGMTQtODNFQi1GRkJDMEUyNDJGMkV9Ii8-PC9hcHA-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IjEyMy4wLjI0MjAuOTciIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIwIiBpbnN0YWxsZGF0ZT0iNjMwNyIgY29ob3J0PSJycmZAMC43MiI-PHVwZGF0ZWNoZWNrLz48cGluZyByZD0iNjMxMyIgcGluZ19mcmVzaG5lc3M9Ins2MjQ3MDRBMC0yRUQwLTQ5NDMtOUQ0Ni0zRTMxRUQ0NzQ2N0N9Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3620 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1796 /prefetch:8

C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe

"C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe"

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" -app -isInstallerLaunch

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,14602302266261821344,15885132041276622602,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1064 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:Sq8xSy3Ka6Qb0VCxPPdU6QB4ZcpKlUr8zlaVUIRrRsVXmY_DulQdcZWtjgcA09eDxt8occEi_CL19QirkS6UUCo53iQrjbqKob0TGA8nM7OzA5attix-5e96fnsbfLNGWpJ6BobIcACnizhRxybfHNizjuoV4qCJH5CP1AxYb_FJB9aSmHuv8fDrJLxn5k7-s_Vhk2PkIXtioe89f0b_hkdHgoBJpzyu5DoK2rbyMVE+launchtime:1713100804236+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1713099847103016%26placeId%3D15532962292%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3De8855863-97c4-42b8-9f49-dc2c78aacb48%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1713099847103016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 133.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 241.154.82.20.in-addr.arpa udp
US 8.8.8.8:53 21.114.53.23.in-addr.arpa udp
US 8.8.8.8:53 cxcs.microsoft.net udp
NL 23.62.61.115:443 www.bing.com tcp
BE 104.68.66.114:443 cxcs.microsoft.net tcp
US 8.8.8.8:53 115.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 114.66.68.104.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 134.71.91.104.in-addr.arpa udp
NL 23.62.61.115:443 www.bing.com tcp
NL 23.62.61.115:443 www.bing.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
NL 23.62.61.89:443 r.bing.com tcp
NL 23.62.61.192:443 r.bing.com tcp
NL 23.62.61.192:443 r.bing.com tcp
NL 23.62.61.89:443 r.bing.com tcp
US 8.8.8.8:53 192.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 89.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 aefd.nelreports.net udp
US 2.17.251.5:443 aefd.nelreports.net tcp
US 8.8.8.8:53 login.microsoftonline.com udp
IE 20.190.159.2:443 login.microsoftonline.com tcp
US 2.17.251.5:443 aefd.nelreports.net udp
US 8.8.8.8:53 services.bingapis.com udp
US 13.107.5.80:443 services.bingapis.com tcp
US 8.8.8.8:53 5.251.17.2.in-addr.arpa udp
US 8.8.8.8:53 2.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 80.5.107.13.in-addr.arpa udp
US 13.107.5.80:443 services.bingapis.com tcp
US 8.8.8.8:53 89.33.18.104.in-addr.arpa udp
US 8.8.8.8:53 www.roblox.com udp
GB 128.116.119.4:443 www.roblox.com tcp
GB 128.116.119.4:443 www.roblox.com tcp
US 8.8.8.8:53 4.119.116.128.in-addr.arpa udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
BE 2.17.107.217:443 static.rbxcdn.com tcp
BE 2.17.107.217:443 static.rbxcdn.com tcp
NL 18.239.83.105:443 css.rbxcdn.com tcp
NL 18.239.83.105:443 css.rbxcdn.com tcp
NL 18.239.83.105:443 css.rbxcdn.com tcp
NL 18.239.83.105:443 css.rbxcdn.com tcp
NL 18.239.83.105:443 css.rbxcdn.com tcp
NL 18.239.83.105:443 css.rbxcdn.com tcp
NL 18.65.39.26:443 js.rbxcdn.com tcp
NL 18.65.39.26:443 js.rbxcdn.com tcp
NL 18.65.39.26:443 js.rbxcdn.com tcp
NL 18.65.39.26:443 js.rbxcdn.com tcp
NL 18.65.39.26:443 js.rbxcdn.com tcp
NL 18.65.39.26:443 js.rbxcdn.com tcp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
NL 18.239.83.105:443 css.rbxcdn.com tcp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
US 172.64.154.86:443 roblox-api.arkoselabs.com tcp
US 8.8.8.8:53 metrics.roblox.com udp
GB 128.116.119.3:443 ecsv2.roblox.com tcp
NL 18.239.94.64:443 images.rbxcdn.com tcp
NL 18.239.94.64:443 images.rbxcdn.com tcp
US 8.8.8.8:53 apis.roblox.com udp
GB 128.116.119.4:443 apis.roblox.com tcp
US 8.8.8.8:53 217.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 105.83.239.18.in-addr.arpa udp
US 8.8.8.8:53 26.39.65.18.in-addr.arpa udp
US 8.8.8.8:53 8.39.65.18.in-addr.arpa udp
US 8.8.8.8:53 86.154.64.172.in-addr.arpa udp
US 8.8.8.8:53 3.119.116.128.in-addr.arpa udp
US 8.8.8.8:53 64.94.239.18.in-addr.arpa udp
US 8.8.8.8:53 apis.rbxcdn.com udp
US 8.8.8.8:53 lms.roblox.com udp
BE 23.14.90.81:443 apis.rbxcdn.com tcp
US 8.8.8.8:53 mia2-128-116-127-3.roblox.com udp
US 8.8.8.8:53 silver.roblox.com udp
US 8.8.8.8:53 mia4-128-116-45-3.roblox.com udp
US 8.8.8.8:53 syd1-128-116-51-3.roblox.com udp
US 8.8.8.8:53 pulsar.roblox.com udp
US 8.8.8.8:53 aws-ap-east-1b-lms.rbx.com udp
US 8.8.8.8:53 fra2-128-116-123-3.roblox.com udp
US 8.8.8.8:53 sea1-128-116-115-3.roblox.com udp
US 8.8.8.8:53 aws-us-east-2c-lms.rbx.com udp
US 8.8.8.8:53 roblox-poc.global.ssl.fastly.net udp
US 128.116.127.3:443 mia2-128-116-127-3.roblox.com tcp
US 128.116.45.3:443 mia4-128-116-45-3.roblox.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
US 18.217.161.32:443 aws-us-east-2c-lms.rbx.com tcp
GB 128.116.119.3:443 silver.roblox.com tcp
DE 128.116.123.3:443 fra2-128-116-123-3.roblox.com tcp
HK 16.163.212.88:443 aws-ap-east-1b-lms.rbx.com tcp
US 151.101.1.194:443 roblox-poc.global.ssl.fastly.net tcp
US 128.116.115.3:443 sea1-128-116-115-3.roblox.com tcp
PL 128.116.124.3:443 pulsar.roblox.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
HK 16.163.212.88:443 aws-ap-east-1b-lms.rbx.com tcp
US 8.8.8.8:53 thumbnails.roblox.com udp
US 8.8.8.8:53 81.90.14.23.in-addr.arpa udp
US 8.8.8.8:53 194.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 3.123.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.124.116.128.in-addr.arpa udp
US 8.8.8.8:53 32.161.217.18.in-addr.arpa udp
US 8.8.8.8:53 3.127.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.45.116.128.in-addr.arpa udp
US 8.8.8.8:53 226.20.18.104.in-addr.arpa udp
US 8.8.8.8:53 3.115.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.51.116.128.in-addr.arpa udp
US 8.8.8.8:53 friends.roblox.com udp
US 8.8.8.8:53 tr.rbxcdn.com udp
GB 104.91.71.146:443 tr.rbxcdn.com tcp
GB 104.91.71.146:443 tr.rbxcdn.com tcp
GB 104.91.71.146:443 tr.rbxcdn.com tcp
GB 104.91.71.146:443 tr.rbxcdn.com tcp
GB 104.91.71.146:443 tr.rbxcdn.com tcp
GB 104.91.71.146:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 88.212.163.16.in-addr.arpa udp
US 8.8.8.8:53 146.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 locale.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 assetgame.roblox.com udp
US 8.8.8.8:53 realtime-signalr.roblox.com udp
US 8.8.8.8:53 chat.roblox.com udp
US 8.8.8.8:53 contacts.roblox.com udp
US 8.8.8.8:53 notifications.roblox.com udp
US 8.8.8.8:53 accountsettings.roblox.com udp
US 8.8.8.8:53 economy.roblox.com udp
US 8.8.8.8:53 privatemessages.roblox.com udp
US 8.8.8.8:53 trades.roblox.com udp
US 8.8.8.8:53 sin4-128-116-50-3.roblox.com udp
US 8.8.8.8:53 lax2-128-116-116-3.roblox.com udp
US 8.8.8.8:53 sin2-128-116-97-3.roblox.com udp
US 8.8.8.8:53 bom1-128-116-104-4.roblox.com udp
US 8.8.8.8:53 atl1-128-116-99-3.roblox.com udp
US 8.8.8.8:53 aws-eu-west-2c-lms.rbx.com udp
US 8.8.8.8:53 aws-ap-northeast-1c-lms.rbx.com udp
US 8.8.8.8:53 c0aws.rbxcdn.com udp
SG 128.116.50.3:443 sin4-128-116-50-3.roblox.com tcp
US 128.116.99.3:443 atl1-128-116-99-3.roblox.com tcp
IN 128.116.104.4:443 bom1-128-116-104-4.roblox.com tcp
SG 128.116.97.3:443 sin2-128-116-97-3.roblox.com tcp
US 128.116.116.3:443 lax2-128-116-116-3.roblox.com tcp
GB 35.177.120.45:443 aws-eu-west-2c-lms.rbx.com tcp
JP 54.248.171.206:443 aws-ap-northeast-1c-lms.rbx.com tcp
NL 108.156.60.42:443 c0aws.rbxcdn.com tcp
SG 128.116.50.3:443 sin4-128-116-50-3.roblox.com tcp
SG 128.116.97.3:443 sin2-128-116-97-3.roblox.com tcp
JP 54.248.171.206:443 aws-ap-northeast-1c-lms.rbx.com tcp
US 8.8.8.8:53 presence.roblox.com udp
US 8.8.8.8:53 45.120.177.35.in-addr.arpa udp
US 8.8.8.8:53 42.60.156.108.in-addr.arpa udp
US 8.8.8.8:53 3.99.116.128.in-addr.arpa udp
US 8.8.8.8:53 4.104.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.116.116.128.in-addr.arpa udp
US 8.8.8.8:53 206.171.248.54.in-addr.arpa udp
US 8.8.8.8:53 3.97.116.128.in-addr.arpa udp
US 151.101.1.194:443 roblox-poc.global.ssl.fastly.net tcp
US 8.8.8.8:53 followings.roblox.com udp
US 8.8.8.8:53 games.roblox.com udp
US 8.8.8.8:53 js.stripe.com udp
US 8.8.8.8:53 badges.roblox.com udp
US 151.101.0.176:443 js.stripe.com tcp
US 8.8.8.8:53 lga2-128-116-32-3.roblox.com udp
US 8.8.8.8:53 cdg1-128-116-122-3.roblox.com udp
US 8.8.8.8:53 ams2-128-116-21-3.roblox.com udp
US 8.8.8.8:53 ord2-128-116-101-3.roblox.com udp
US 8.8.8.8:53 aws-ap-northeast-1d-lms.rbx.com udp
US 8.8.8.8:53 lax4-128-116-63-3.roblox.com udp
US 8.8.8.8:53 aws-eu-west-2a-lms.rbx.com udp
NL 128.116.21.3:443 ams2-128-116-21-3.roblox.com tcp
FR 128.116.122.3:443 cdg1-128-116-122-3.roblox.com tcp
US 128.116.101.3:443 ord2-128-116-101-3.roblox.com tcp
US 128.116.32.3:443 lga2-128-116-32-3.roblox.com tcp
US 128.116.63.3:443 lax4-128-116-63-3.roblox.com tcp
GB 18.133.14.21:443 aws-eu-west-2a-lms.rbx.com tcp
JP 52.197.53.113:443 aws-ap-northeast-1d-lms.rbx.com tcp
JP 52.197.53.113:443 aws-ap-northeast-1d-lms.rbx.com tcp
US 8.8.8.8:53 voice.roblox.com udp
US 8.8.8.8:53 m.stripe.network udp
US 8.8.8.8:53 176.0.101.151.in-addr.arpa udp
US 8.8.8.8:53 3.21.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.122.116.128.in-addr.arpa udp
US 8.8.8.8:53 21.14.133.18.in-addr.arpa udp
US 8.8.8.8:53 3.32.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.101.116.128.in-addr.arpa udp
US 8.8.8.8:53 113.53.197.52.in-addr.arpa udp
US 8.8.8.8:53 3.63.116.128.in-addr.arpa udp
US 8.8.8.8:53 m.stripe.com udp
US 44.238.18.217:443 m.stripe.com tcp
US 8.8.8.8:53 217.18.238.44.in-addr.arpa udp
US 8.8.8.8:53 setup.rbxcdn.com udp
NL 18.239.94.12:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 12.94.239.18.in-addr.arpa udp
US 8.8.8.8:53 ncs.roblox.com udp
US 8.8.8.8:53 client-telemetry.roblox.com udp
GB 128.116.119.3:443 client-telemetry.roblox.com tcp
US 8.8.8.8:53 ecsv2.roblox.com udp
GB 128.116.119.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
N/A 127.0.0.1:53185 tcp
N/A 127.0.0.1:53189 tcp
N/A 127.0.0.1:53192 tcp
N/A 127.0.0.1:53195 tcp
US 8.8.8.8:53 setup.rbxcdn.com udp
NL 18.239.94.12:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 233.69.68.104.in-addr.arpa udp
NL 18.239.94.12:443 setup.rbxcdn.com tcp
NL 18.239.94.12:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 13.67.191.143:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 143.191.67.13.in-addr.arpa udp
US 8.8.8.8:53 msedge.f.tlu.dl.delivery.mp.microsoft.com udp
GB 104.91.71.146:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 91.16.208.104.in-addr.arpa udp
GB 128.116.119.3:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:50853 tcp
GB 128.116.119.3:443 ecsv2.roblox.com tcp
GB 128.116.119.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 setup.rbxcdn.com udp
NL 18.239.94.78:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:50876 tcp
N/A 127.0.0.1:50879 tcp
N/A 127.0.0.1:50882 tcp
N/A 127.0.0.1:50889 tcp
US 8.8.8.8:53 78.94.239.18.in-addr.arpa udp
GB 128.116.119.4:443 ncs.roblox.com tcp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 setup.rbxcdn.com udp
GB 128.116.119.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 setup.rbxcdn.com udp
NL 18.239.94.12:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:57022 tcp
N/A 127.0.0.1:57025 tcp
N/A 127.0.0.1:57038 tcp
GB 128.116.119.3:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:57152 tcp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 23.102.129.60:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 60.129.102.23.in-addr.arpa udp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
GB 92.123.142.59:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 59.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 8.8.8.8:53 setup.rbxcdn.com udp
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
N/A 127.0.0.1:57624 tcp
US 8.8.8.8:53 client-telemetry.roblox.com udp
GB 128.116.119.3:443 client-telemetry.roblox.com tcp
US 8.8.8.8:53 ecsv2.roblox.com udp
GB 128.116.119.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
N/A 127.0.0.1:57627 tcp
US 8.8.8.8:53 setup.rbxcdn.com udp
NL 18.239.94.78:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:57630 tcp
N/A 127.0.0.1:57639 tcp
US 23.102.129.60:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
GB 128.116.119.3:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:58263 tcp
N/A 127.0.0.1:58266 tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
N/A 127.0.0.1:58275 tcp
US 8.8.8.8:53 setup.rbxcdn.com udp
NL 23.63.101.170:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 170.101.63.23.in-addr.arpa udp
GB 128.116.119.3:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:58381 tcp
US 8.8.8.8:53 auth.roblox.com udp
GB 128.116.119.4:443 auth.roblox.com tcp
GB 128.116.119.4:443 auth.roblox.com tcp
GB 128.116.119.4:443 auth.roblox.com tcp
US 8.8.8.8:53 client-telemetry.roblox.com udp
GB 128.116.119.3:443 client-telemetry.roblox.com tcp
US 8.8.8.8:53 ecsv2.roblox.com udp
GB 128.116.119.3:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:62368 tcp
N/A 127.0.0.1:62371 tcp
N/A 127.0.0.1:62374 tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 setup.rbxcdn.com udp
NL 18.239.94.108:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 108.94.239.18.in-addr.arpa udp
N/A 127.0.0.1:62394 tcp
IE 20.166.2.191:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 191.2.166.20.in-addr.arpa udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 setup.rbxcdn.com udp
GB 128.116.119.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 setup.rbxcdn.com udp
NL 18.239.94.78:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:63139 tcp
N/A 127.0.0.1:63142 tcp
N/A 127.0.0.1:63149 tcp
GB 128.116.119.3:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:63273 tcp
US 8.8.8.8:53 presence.roblox.com udp
GB 128.116.119.4:443 presence.roblox.com tcp

Files

C:\Users\Admin\AppData\Local\Temp\wmsetup.log

MD5 3eb94cc0fc28531ff16d3b6f0240e056
SHA1 acfad90a19477264e3188e586d44bc78fc59ed34
SHA256 0b0ebea453d5bfccd25d92202950d3a79a47469f56223555e39c09b21f3dea63
SHA512 c3a86d93d29bf5c2d6d6ffd7db6b057455e37f080c25470d0cf7f3e615da30039091f89e3d8d0de18f719538f87dd29d9d1b311aca6fb289c9b6fc516bc9e607

C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNS.XML

MD5 7050d5ae8acfbe560fa11073fef8185d
SHA1 5bc38e77ff06785fe0aec5a345c4ccd15752560e
SHA256 cb87767c4a384c24e4a0f88455f59101b1ae7b4fb8de8a5adb4136c5f7ee545b
SHA512 a7a295ac8921bb3dde58d4bcde9372ed59def61d4b7699057274960fa8c1d1a1daff834a93f7a0698e9e5c16db43af05e9fd2d6d7c9232f7d26ffcff5fc5900b

C:\Users\Admin\AppData\Local\Microsoft\Media Player\CurrentDatabase_400.wmdb

MD5 987a07b978cfe12e4ce45e513ef86619
SHA1 22eec9a9b2e83ad33bedc59e3205f86590b7d40c
SHA256 f1a4a978ce1c4731df1594043135cf58d084fdf129dd1c8e4507c9e06eac5ea8
SHA512 39b86540e4d35c84609ef66537b5aa02058e3d4293f902127c7d4eac8ffc65920cb5c69a77552fc085687eed66e38367f83c177046d0ecb8e6d135463cc142aa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 dc629a750e345390344524fe0ea7dcd7
SHA1 5f9f00a358caaef0321707c4f6f38d52bd7e0399
SHA256 38b634f3fedcf2a9dc3280aa76bd1ea93e192200b8a48904664fac5c9944636a
SHA512 2a941fe90b748d0326e011258fa9b494dc2f47ac047767455ed16a41d523f04370f818316503a5bad0ff5c5699e92a0aaf3952748b09287c5328354bfa6cc902

\??\pipe\LOCAL\crashpad_2476_KDWDNVDNQMJOTIWL

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 f70fb1e1b9e51ec2f79c476edd3c2654
SHA1 0fe786f14f8eea16dea6b8337e461a4202a9fa4c
SHA256 50ce13b114904e5583b2bfea2ff578819dc5db88e5c4d124d655ee888a3e5865
SHA512 8456b458246fecbda6f285b61b2c1b78a04b3ad00f30d09e8a24f0a4fb3ad2946f88642dbcf9c10b53d44f526117e0932438407315267694ee05f5011dcc62ca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b52224d2e8185753ea18fb94249b08e1
SHA1 cd9137ab6939653213327431f0ba5020b3c01511
SHA256 56e33fe246f25aeabc3e1c982d4edd887091bce606de5e3dc0a806314f96ab39
SHA512 241ab2414c25f8939654da92ce1ffca3d7eeb40f0cf444485e5c8b3bb6a43280749a9b9f36d6e91fc359eff53031403f068b57c5b654ba9fc0f1716371e04ef1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 cff358b013d6f9f633bc1587f6f54ffa
SHA1 6cb7852e096be24695ff1bc213abde42d35bb376
SHA256 39205cdf989e3a86822b3f473c5fc223d7290b98c2a3fb7f75e366fc8e3ecbe9
SHA512 8831c223a1f0cf5f71fa851cdd82f4a9f03e5f267513e05b936756c116997f749ffa563623b4724de921d049de34a8f277cc539f58997cda4d178ea205be2259

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

MD5 838a7b32aefb618130392bc7d006aa2e
SHA1 5159e0f18c9e68f0e75e2239875aa994847b8290
SHA256 ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa
SHA512 9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

MD5 619bca744db9e8d39cc6056297a4028d
SHA1 ea1498a9cfc0f8a63afe0844282bcdcec9584109
SHA256 30879fffbb2ae9d3dcc7c0ffb863e9a817c8b9211bc88ec8d439a9a03d510180
SHA512 f97614366ff8dc6e7c3035c95ab09150396a6c9263c69790f66facbaff71556cccb3c57b0b09d011d37dd801ee6dba5fc7713a63962f6d17204c9bc45af32606

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

MD5 cbcbff103eab258f233854b0582de6e2
SHA1 ba1d67a527d234b15bdfcdfaecc96ad44980d162
SHA256 388129f411fe7fcecf5184326e214949161db3e4c07bc93f9f361c30e1ed1d58
SHA512 26295966a39a785122990c655bf36f64f5a409df722c3a24a8cd27d45d5126f04e4bf5d9e43806f398e53876928bf02c47c2554af66c2aa2fcc9f1f5cd1b133a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 437835c2639dbb0f827af8e45cfe1620
SHA1 1671498e80173c1791564ccc431855c51bf8cc01
SHA256 a82b5de6243b1b8bfce152d12c520564634a657cda9fae1c42274ac1254bed53
SHA512 78c728f5e76bcfddc32f61e8f00db7fbbe5a43fcbffb744741b1aad552e8ad88d9449b41180f85e0939c712a65da03847c4dbbc0eb0419a8b4c41acb6ed31617

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

MD5 af932d86590bad18a02a0b260dd0285b
SHA1 0eb4b84e50b79b38e71ca7c797a3ba1f167ce7cf
SHA256 ad67a3d0ff8faea4a125163b01ae65fa01237354700f0e4269a4cc918e743409
SHA512 576b51ab312af328608815c441d683199c1015a8919e981a811fa631345dfd88dc49aef97e768819e979776b2112ee0205b3a6a68eb7840a975e160cc6872acf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b6b99ca00718503645c6ec69aa5ff168
SHA1 578b3552aba2671be6880da254bd2c2810380b9c
SHA256 e88870485c33cf46ac95f8ea65a9fa2b10506c3121efc168d190ea3e3dfe7c3b
SHA512 8a6a2c36795a8662a1252993a94a1e680cf57d477ccdca7954b89f01d8e2b81500b60c788c115149e4dd9156d4b48573a39ea4dd8cac1105a68cfc9b3e39c670

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 21b240c3044e828a1e6550093ae9b755
SHA1 5ed17b5a239288d4c8feda03eade8629611a8461
SHA256 a95725b171e5276e41d7688a680302f33ebdf1db076031f11fdce7c3bc2af64a
SHA512 4be25025484ca8978662ada51563ca148e9be8862d60f820b2173005f28920f6c49080e4339ffc73341c05d5923df70370f85fd2222f51fbea77bfb33c403168

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 05493e9548382b3c2eeb80b5267f8f94
SHA1 34ff5e61fb3b8a3573771b3484adaf81f727be2e
SHA256 dac5d5eba7b6b68d26edd7e9a843e08e43cc6b48bfb108bf1f352f4ae077500c
SHA512 cdd3b2be6329575c44affdfd4e33491e0b627ebfff51a8f87cc4fc8c027958c3de1edb2eb81f84698fb7fecb441c1ba9678c2b2597b2550dd0c03b9bd65377a9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 95e57a6b8a47121d9024d3d825161110
SHA1 d735ce32322371a0b43a02da6d2f36c71f91e7ea
SHA256 3e6cdb42a6ec5450218f2338513b07392c786b6d6b47d645f1f9cc91214fb237
SHA512 70c8011b69a799ec629ed2bd1a285a1f93e479d94eb9ade40f9a11540254b2ac81078cbfe696dee07faed2ecb1b6e8150a30532651ca8274b474a94df231c0b4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c948a03543df3a5c5d7c83f13254d136
SHA1 cf872f11116b83c01260e3c0e3ddbafbab965056
SHA256 978268635f43db566e5c072e3820b245b919058bf80e13d452c4e7f6c82966af
SHA512 18aa684f4a45176fa7af0b9919c19278f91077917cc12e0799dfcb51bf3cb3bae589f6cbf3eb96e9547a15f8c2a1e34740e90cb04f223d5beee4390c775f8f44

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe596150.TMP

MD5 ef20bb0587ad6f15e9ec13b22fa98bcb
SHA1 c7372855f62c5490f5f55fb080616a4340f39afb
SHA256 d7785385d4be6ed09a22e1867f581cb028d822a4c50a61753e05b6c6efdfa6e5
SHA512 f9995ee2ca25ff2944af7e7ace826fe2dbd051274bc1e8476375275c9786343fff526b470eeff0d1d668ef2dd1dc27d7eb955e49dac5e22cec3f9cebe5e13619

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 87851343375264a65ce6a09f99b0da06
SHA1 97bd7c2c26436449180432bad1d0aba51e572a5b
SHA256 51ba82518fe6961990d47c911c9170623cfed67ac7a7850c33ad8962d6f9450e
SHA512 71b7c63e3c2f600d7580c546a7d53edc848a38495c01451af0f3aa31cffad9fb862ae85d249ca7d7390821980bdc6adb250e5d0a874f41972db2a3c44a4a1f83

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

MD5 d170269951b86f585f899d21ae50e782
SHA1 e981cf3277587be2e230a211eeb4a64a77aaaf97
SHA256 ca08d2665294fd7036d1c5260dc3c7a280961e4097651ddf2cf950925a1f988f
SHA512 a1769e21b012fb39d9b625ce8d8173d306af510a05c3a377f9d6b7a4894ee53933a191aeda48a7850e7d057ab3d97a49854045f514aa75584da5a5fdaa5d670e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000090

MD5 588ee33c26fe83cb97ca65e3c66b2e87
SHA1 842429b803132c3e7827af42fe4dc7a66e736b37
SHA256 bbc4044fe46acd7ab69d8a4e3db46e7e3ca713b05fa8ecb096ebe9e133bba760
SHA512 6f7500b12fc7a9f57c00711af2bc8a7c62973f9a8e37012b88a0726d06063add02077420bc280e7163302d5f3a005ac8796aee97042c40954144d84c26adbd04

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 602377c1207de63df61470cb0253389c
SHA1 c38c487612e20b1076d0e81561a524347b2bb02f
SHA256 0d502d0b607630cbdac423f86e304aad8a8678e2c7d6c82f2e89826fa117a193
SHA512 810cfe768af9598953663ed72157d9b5720bba2247680290d28e66d750f07cc07a2e86121d34edc842fc46a322c8b689a47c38d2c78086e99995704919fec7da

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 491b1beea2a39c3e4b286dd7b6e7eb66
SHA1 ea9c5f15f1fd375841ee289477b56749394da4c1
SHA256 ddda647e97c7df09ccdd4ef3981897f099408392954598fd78ef83259c9e8171
SHA512 29aca144b902e15ecf1ed91f6590f6bce572173a5ddba13c7afe6665f770b90d0f7d01713582d90cc8752d6b8c53eded225e03fbaa8dbc82bebf7a8c6bc430c9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 244f54b5f4353906fcdf4bd9e0cf5f8b
SHA1 ba864e5c9a776a5f614ff32bd13157b3a0c59762
SHA256 5d6b40be200b54a0fc1a253949605d9a772d0611fb5ebf5e308cccc1d3447ca4
SHA512 499b00e0bb688bc2e567ed9e16d5167ba797e180da92165e66e47846d159d34b10a2002671e34e95b8794bb9580d9ef9ae4fd93c10e0cb3c86cc8e68e2e3be06

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e665880fdf4ac94b05a3725edddf195b
SHA1 5acfe9f39b9d9f06bd411995d67961335a4b6ab3
SHA256 64fc6cd26d049abaa42be5cb591ecbba708d27d05e42e28fa927f2127ce21623
SHA512 509395d14190820534a345a6a0cc137e229986be8564602d91a4a4ed1236d8ae187e341dcee4c2a8d6eca625c7da670710e0c15e50699135a0e365641ddd3ea4

C:\Users\Admin\Downloads\Unconfirmed 713442.crdownload

MD5 9fb66ffa1e1f4dedfd16eb3a8170bafd
SHA1 69b5d57ddda6b97adde820b9ceaddae9c33d53bd
SHA256 7953b28b736795aaa54e6cd5cb591e794e2f770c1045ca2e33af5ff19f480eaa
SHA512 4b141802e7a4cb6bd4a7498d30086a9d83c62d37f2137f4910ca7d3fb7009079d4dc59b95050849cfc720210b0cb44bf588d15c08e3ba830aae19c0a27e8e6d5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 8fdc5256bd4a87cf1e5a819e9c6ece21
SHA1 42f9b39ff64335ed50db79e9c0b88df6d1946648
SHA256 a9cab2026a915223f1d3797de34b4a4237cd69febf1d4ce1d766fb6e7f98327b
SHA512 15b5d1024429f28db3e85ffaa2f4c530b93df933c064c6f2f70c56e8b3052feb614a54dd34d97f11275cf49ae115448922cbef2d6e8ddbba565c7470726504fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d2738be3dc7f2b9acf6bf628d10a922f
SHA1 b25a0c14a7f4492f2a246e4f2ee474aa8a35220b
SHA256 508866f25aa13e4fe01335d6907bbc2824344a4530d958bc17920bfcdb9cfb74
SHA512 a3603194ff47e298d05d4818f7517d530bc72c7fad1e048f2f1ed8bcdb4c2a5b43df65e3958f2b85966fb4bdf52cced91b30e042292a8e61f9d4ff2402e8ea84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c237a660ac61c01cd22d450bed32222f
SHA1 b1bbcc6ad3a630718f3be708c9eff0bcd9dceee3
SHA256 499813c17866e158ed8af1e71e15f045a78efd383ea485498e3d75186dfd1556
SHA512 b27d4e74efc2bbe540ba6487003fa657a121039fd9e011a2ec923963068e392e982d62c71b8f9d95dc101401b07cac6f245df074fdf98cde598abc5a8cfa599e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 22e0f42fd1d19a731b6404b035986e38
SHA1 489a00ff03d140bfff7cb2e6eddd5e7bf92acdde
SHA256 52c723dcd138dcfd0173d4f7f4309afbfa9633dfe959afcf198e06899dbd489a
SHA512 ceebfe6661d5660a6be87e28a0bd3d31f09d599178a4c32ba774695e0dfb357d1701d4989eefb73d3a41ec0f1615c575250a633b90b309fcd109dc5fc0cfaf35

C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe

MD5 4f9d28edc0c431adbfcc19d8fa47702f
SHA1 37a6e145fec66acce633199ea7261bf5dd3d855b
SHA256 17e5cfe0cd5e01c1cf679b2fb7da7f3eae6cac2481c41f355c23df375ee0b48d
SHA512 bb7a5f33e2ef384347f8ffa09381aee5609a5b4997a205c972e7d431effa8c89f47e065b41f3acd86c2a395e0fdcd2fa656b57c84c3b94bb2fbde52ed2284dc3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 691359a99b86e74bb4df4aaf0ab91fd6
SHA1 3dbde917f030efb26c5e3f9bf0b76a0c470dc1ce
SHA256 a94771a1f32d34bcfe8a2b777dc6c9d7b79ad889a05453229ce9fda82d4c510f
SHA512 1a986160a788f41942c8154787a9c3b4c2f86429c87723d7f46f2418810a91a983c40e706388230191fd6c56b950749377e840cf8a8614db92dd9036cabd3dc5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 4028520a42ce2c7068c25c74bb893898
SHA1 1d96a3ba66de9c90a8f211a362d20cc4aa30bda3
SHA256 476a86ef464e7774a58d51216e81c82183186e7f6566f38c44d730c307752ca6
SHA512 bcd1a084bf53f0be31aeee9e0822b4ad7b504b8be52eb4c9e90f1e35da940e817cbbbea6c3727512eeb1a75fe3574b6644da71062b1134a56a90493a05ca9ccd

C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\f3b8e82c20c4bb3f94a2d7bcd2a82cd1

MD5 f3b8e82c20c4bb3f94a2d7bcd2a82cd1
SHA1 89618596be7cb90317eaaf2d09b05d522d008260
SHA256 7de6a5a45227b0f21ac7dd50af250e37f20b8bf2d6f4aa53a7f643d77515bd07
SHA512 82f15e37366efd29879add4f50cedbdc27d4eb885e190dd54c8e89787b51d59ccc21473f431292da679c7e8aa7cf2d0ce7219e1503d59a0f356e078f9feece55

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6c6cff50b8c97f8bc76cb72a921611ef
SHA1 e5d372b07c77c3bbb21380369408b6a77280a7aa
SHA256 3303944c16baacefe79d37dcb8d08efa35577d5468ce9bf8fa288a8bdf397ca5
SHA512 d02cc79330f11022d2c48426a0e6f8e9d5b8fd2518c21af7c43c1218a32ef60a6e4617466bc08b55d20fb5f7f6abec737ce077f86c23e09ab364018b3209beed

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MD5 610b1b60dc8729bad759c92f82ee2804
SHA1 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552
SHA256 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08
SHA512 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4

C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\MicrosoftEdgeUpdate.exe

MD5 4dc57ab56e37cd05e81f0d8aaafc5179
SHA1 494a90728d7680f979b0ad87f09b5b58f16d1cd5
SHA256 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718
SHA512 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\msedgeupdate.dll

MD5 965b3af7886e7bf6584488658c050ca2
SHA1 72daabdde7cd500c483d0eeecb1bd19708f8e4a5
SHA256 d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19
SHA512 1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4

C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\msedgeupdateres_en.dll

MD5 4a1e3cf488e998ef4d22ac25ccc520a5
SHA1 dc568a6e3c9465474ef0d761581c733b3371b1cd
SHA256 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011
SHA512 ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245

C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\MicrosoftEdgeUpdateCore.exe

MD5 c044dcfa4d518df8fc9d4a161d49cece
SHA1 91bd4e933b22c010454fd6d3e3b042ab6e8b2149
SHA256 9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2
SHA512 f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c

C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe

MD5 60dba9b06b56e58f5aea1a4149c743d2
SHA1 a7e456acf64dd99ca30259cf45b88cf2515a69b3
SHA256 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112
SHA512 e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7

C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\MicrosoftEdgeComRegisterShellARM64.exe

MD5 7a160c6016922713345454265807f08d
SHA1 e36ee184edd449252eb2dfd3016d5b0d2edad3c6
SHA256 35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9
SHA512 c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e

C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\NOTICE.TXT

MD5 6dd5bf0743f2366a0bdd37e302783bcd
SHA1 e5ff6e044c40c02b1fc78304804fe1f993fed2e6
SHA256 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5
SHA512 f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e

C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\msedgeupdateres_af.dll

MD5 567aec2d42d02675eb515bbd852be7db
SHA1 66079ae8ac619ff34e3ddb5fb0823b1790ba7b37
SHA256 a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c
SHA512 3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3

C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\msedgeupdateres_am.dll

MD5 f6c1324070b6c4e2a8f8921652bfbdfa
SHA1 988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf
SHA256 986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717
SHA512 63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100

C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\msedgeupdateres_ar.dll

MD5 570efe7aa117a1f98c7a682f8112cb6d
SHA1 536e7c49e24e9aa068a021a8f258e3e4e69fa64f
SHA256 e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01
SHA512 5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8

C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\msedgeupdateres_as.dll

MD5 a8d3210e34bf6f63a35590245c16bc1b
SHA1 f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693
SHA256 3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766
SHA512 6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a

C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\EdgeUpdate.dat

MD5 369bbc37cff290adb8963dc5e518b9b8
SHA1 de0ef569f7ef55032e4b18d3a03542cc2bbac191
SHA256 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3
SHA512 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1

C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\msedgeupdateres_az.dll

MD5 7937c407ebe21170daf0975779f1aa49
SHA1 4c2a40e76209abd2492dfaaf65ef24de72291346
SHA256 5ab96e4e6e065dbce3b643c6be2c668f5570984ead1a8b3578bbd2056fbad4e9
SHA512 8670746941660e6573732077f5ed1b630f94a825cf4ac9dbe5018772eaac1c48216334757a2aeaa561034b4d907162a370b8f0bae83b34a09457fafe165fb5d7

C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\msedgeupdateres_bn.dll

MD5 7dc58c4e27eaf84ae9984cff2cc16235
SHA1 3f53499ddc487658932a8c2bcf562ba32afd3bda
SHA256 e32f77ed3067d7735d10f80e5a0aa0c50c993b59b82dc834f2583c314e28fa98
SHA512 bdec1300cf83ea06dfd351fe1252b850fecea08f9ef9cb1207fce40ce30742348db953107ade6cdb0612af2e774345faf03a8a6476f2f26735eb89153b4256dc

C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\msedgeupdateres_bn-IN.dll

MD5 a94cf5e8b1708a43393263a33e739edd
SHA1 1068868bdc271a52aaae6f749028ed3170b09cce
SHA256 5b01fe11016610d5606f815281c970c86025732fc597b99c031a018626cd9f3c
SHA512 920f7fed1b720afdb569aec2961bd827a6fc54b4598c0704f65da781d142b1707e5106a459f0c289e0f476b054d93c0b733806af036b68f46377dde0541af2e7

C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\msedgeupdateres_bg.dll

MD5 8375b1b756b2a74a12def575351e6bbd
SHA1 802ec096425dc1cab723d4cf2fd1a868315d3727
SHA256 a12df15afac4eb2695626d7a8a2888bdf54c8db671043b0677180f746d8ad105
SHA512 aec4bb94fde884db79a629abcff27fd8afb7f229d055514f51fa570fb47a85f8dfc9a54a8f69607d2bcaf82fae1ec7ffab0b246795a77a589be11fad51b24d19

C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\msedgeupdateres_bs.dll

MD5 e338dccaa43962697db9f67e0265a3fc
SHA1 4c6c327efc12d21c4299df7b97bf2c45840e0d83
SHA256 99b1b7e25fbc2c64489c0607cef0ae5ff720ab529e11093ed9860d953adeba04
SHA512 e0c15b166892433ef31ddf6b086680c55e1a515bed89d51edbdf526fcac71fb4e8cb2fadc739ac75ae5c2d9819fc985ca873b0e9e2a2925f82e0a456210898f9

C:\Program Files (x86)\Microsoft\Temp\EU7A90.tmp\msedgeupdateres_ca.dll

MD5 39551d8d284c108a17dc5f74a7084bb5
SHA1 6e43fc5cec4b4b0d44f3b45253c5e0b032e8e884
SHA256 8dbd55ed532073874f4fe006ef456e31642317145bd18ddc30f681ce9e0c8e07
SHA512 6fa5013a9ce62deca9fa90a98849401b6e164bbad8bef00a8a8b228427520dd584e28cba19c71e2c658692390fe29be28f0398cb6c0f9324c56290bb245d06d2

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 870cc2c781d1d536a8f824f71d1c3e7e
SHA1 b0b24fded448151a694a609e468e6288273c5ed2
SHA256 0793a1cd4fbcd58fb63a46566e924fb4d54522ef4aa03f02b7504c112eb2932e
SHA512 9d86234a2558a83bf974d2b8d4104bd23fec5cd3481f46cbcb8d074ffad93d1d9af9093660acb1edf79d02bd14abb3ddb294bb7c4ee4ec2a4b73e63b828f9c3a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 93dc35b0df24a613860d456d73bb7a35
SHA1 fa142e2befca8b622db148ff4e65e0ce6a5b6e63
SHA256 817a33d87d3ebc0c9e637bd280755b4feb5f8c911ca6bb313342207e62aec97f
SHA512 11aa571ede0d11152e1e8257d1d5a55b2e2366d8eb84ca068e1c345682dac311ba561679e2122ef1fdb408fb3e861b1047b24b9ced7d047e1cfa1bdc4b6d4339

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 332e0e16510540559f56299383b947dd
SHA1 7fa0c8a0776e4244462148220d77d31e8d4b3cec
SHA256 3cc88126d6c79ae85abff3a8763dfe74981defb200254205398c63e4a4e5ca05
SHA512 833ae609f172a80fa43fb86a98b02601ff24b55fa4f461594a30c00fef87a11442b6b85d3afb0cfb924518e85b25f9f07f45262b587cc69c005647328c9f4b6a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 209f079939b8c191b3af4bd13c4e4164
SHA1 4035ecf1b15ca14aaf125b2610d2471525cb7491
SHA256 4cdab1dfa783a6889d5a26bcfeedd5976f2d2ad80f1aa5d9c38bcd7f8c572e1f
SHA512 5aa67e9e608518e8993847955d6521c2981e961bdd8798965de4bb9b159b19484d3d8f391ea9b0e3b5812e46cbb1e23d6bc2db700d3f44a5b6f12589ef9f0217

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6120486f2cd91ef2472d6c60ca386153
SHA1 e55099090f5925722a6467907c04e5f0a4d49954
SHA256 dbaa580f7ddbfc05df47cc12c440925f3bfe9d27382bb5a8d574a89635cf4e45
SHA512 373b772d1040a2d3f8fb61fbcf0f8d7b3a858d43eb49e5794eee77def7e0a767d069406219b7f4e6b06e03998f0b8d076f5d5f23782efda1c7caf3ce484b42e2

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}\123.0.2420.97\MicrosoftEdge_X64_123.0.2420.97.exe

MD5 300df46436ba5d076b227c32967ada91
SHA1 de9d47ef0c61fb04b7309875e2f03c8fa37d19f4
SHA256 1614eb0c2697d74f2a05f8c973b2055e9cc158d94b19105e3a9d450adc9e333b
SHA512 ba3053085da062ec32f87aec43f527624248a81b702c8cdb359c0fba7194556658b49aca8ef98d885de5da5b9b2eab3f1fac2c99891f91949d1b9a155e4a6971

C:\Program Files\MsEdgeCrashpad\settings.dat

MD5 e392c1ca70649338456c18fd91d13b77
SHA1 346d160653b963aec5aeb062d0f9e1aa833529f8
SHA256 89342acc65ddc5c625f6e99ab148cda9c4a96a94dc9bf16ff7f36fc400a46a8d
SHA512 34b5578cc16e8deac3d64e6798ef6717c8d5e03389575604c13112836caee1fa3fec0b6875fab58892e1337045e084f2413797d01a7046a6a6d431ca4d4664f4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 68da9e99cb23cd7973e8095cf289308d
SHA1 4f09331c644d887cd9786c92c756d626536a7071
SHA256 53558718aa452ce3643f9a9671ce2097444b985d2efb47614d2eee691be54df3
SHA512 3181eca64f5546737203858fc3d117424f47ce2ff0b2a5bf9d10b3c28cc6b412f794c3f29b8d40aa2d43ddf3eeca2a744ed025987bc1ca1dfc320dae3ac75a86

C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\Installer\setup.exe

MD5 31ddc9e1c11a44b88cf96c45b3551ffb
SHA1 811ccb9706f656e29d089e30a2ee1650302394e2
SHA256 46cb58faa60db59cb8d145bf6493f7c01a8ea8895f812d65512e3c7340a054da
SHA512 67e5a4ec4b030e48ac06bdf79bfb2b9bfe7778f046a739f23b7be65e143a7181954c7587eb6841636a6e667aabfa292d6831bab709cd798d1de01987bc99aaf8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c04ed7bf5c9a6d34c45fdcf7119b68b8
SHA1 79bcf653ceb589d9a7c74d7069a3af8bb9a4ea1f
SHA256 f3303c35f2c7afc056aed9c715653e8517113d5d53438b91f724db27a6b803de
SHA512 d6c1d06c8d7036e9c503435917fc54f2c86610a7c372cba9cc9902cdfded9f612eb032eabfc7a56ef3b9a4239db97bb24edfbac267a1b86fe2d515ac3b8af29c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 72e06b7fa75685a28b24a3f017a292ec
SHA1 0c97f01a6606ba23487eaf7ebb36c4006b2af0a0
SHA256 c11932100082d7f8d76ad8f91dca11042a5764c449d3286a38fcbc724f013e96
SHA512 63b1f760256719cf769c86c7ba5512551a1ed7defe500511ad03d2920df916e15028e4013ad42e0b6a34f0a9e20421765dc24e099dcebb71202657bce8f7a15f

memory/4788-1792-0x000001CDE4EE0000-0x000001CDE4EE1000-memory.dmp

memory/4788-1793-0x00007FFDEBF70000-0x00007FFDEBF80000-memory.dmp

memory/4788-1794-0x00007FFDEBF70000-0x00007FFDEBF80000-memory.dmp

memory/4788-1795-0x00007FFDEC080000-0x00007FFDEC090000-memory.dmp

memory/4788-1796-0x00007FFDEC080000-0x00007FFDEC090000-memory.dmp

memory/4788-1798-0x00007FFDEC0D0000-0x00007FFDEC100000-memory.dmp

memory/4788-1797-0x00007FFDEC0D0000-0x00007FFDEC100000-memory.dmp

memory/4788-1800-0x00007FFDEC0D0000-0x00007FFDEC100000-memory.dmp

memory/4788-1799-0x00007FFDEC0D0000-0x00007FFDEC100000-memory.dmp

memory/4788-1801-0x00007FFDEC0D0000-0x00007FFDEC100000-memory.dmp

memory/4788-1802-0x00007FFDEC160000-0x00007FFDEC165000-memory.dmp

memory/4788-1803-0x00007FFDEBF60000-0x00007FFDEBF61000-memory.dmp

memory/4788-1804-0x00007FFDEBD80000-0x00007FFDEBD90000-memory.dmp

memory/4788-1805-0x00007FFDEBD80000-0x00007FFDEBD90000-memory.dmp

memory/4788-1806-0x00007FFDEBE10000-0x00007FFDEBE20000-memory.dmp

memory/4788-1807-0x00007FFDEBE10000-0x00007FFDEBE20000-memory.dmp

memory/4788-1809-0x00007FFDEBE30000-0x00007FFDEBE40000-memory.dmp

memory/4788-1808-0x00007FFDEBE30000-0x00007FFDEBE40000-memory.dmp

memory/4788-1810-0x00007FFDEBE30000-0x00007FFDEBE40000-memory.dmp

memory/4788-1812-0x00007FFDEBE30000-0x00007FFDEBE40000-memory.dmp

memory/4788-1811-0x00007FFDEBE30000-0x00007FFDEBE40000-memory.dmp

memory/4788-1814-0x00007FFDE9B00000-0x00007FFDE9B10000-memory.dmp

memory/4788-1813-0x00007FFDE9B00000-0x00007FFDE9B10000-memory.dmp

memory/4788-1815-0x00007FFDE9C10000-0x00007FFDE9C20000-memory.dmp

memory/4788-1816-0x00007FFDE9C10000-0x00007FFDE9C20000-memory.dmp

memory/4788-1817-0x00007FFDE9D80000-0x00007FFDE9DB0000-memory.dmp

memory/4788-1818-0x00007FFDE9D80000-0x00007FFDE9DB0000-memory.dmp

memory/4788-1819-0x00007FFDE9D80000-0x00007FFDE9DB0000-memory.dmp

memory/4788-1820-0x00007FFDE9D80000-0x00007FFDE9DB0000-memory.dmp

memory/4788-1821-0x00007FFDE9D80000-0x00007FFDE9DB0000-memory.dmp

memory/4788-1822-0x00007FFDEBC60000-0x00007FFDEBC70000-memory.dmp

memory/4788-1823-0x00007FFDEBC60000-0x00007FFDEBC70000-memory.dmp

memory/4788-1824-0x00007FFDEBD10000-0x00007FFDEBD1E000-memory.dmp

memory/4788-1825-0x00007FFDEBD10000-0x00007FFDEBD1E000-memory.dmp

memory/4788-1827-0x00007FFDEBD10000-0x00007FFDEBD1E000-memory.dmp

memory/4788-1826-0x00007FFDEBD10000-0x00007FFDEBD1E000-memory.dmp

memory/4788-1828-0x00007FFDEBD10000-0x00007FFDEBD1E000-memory.dmp

memory/4788-1830-0x00007FFDE9FC0000-0x00007FFDE9FD0000-memory.dmp

memory/4788-1829-0x00007FFDE9FC0000-0x00007FFDE9FD0000-memory.dmp

memory/4788-1832-0x00007FFDE9FE0000-0x00007FFDE9FEB000-memory.dmp

memory/4788-1831-0x00007FFDE9FE0000-0x00007FFDE9FEB000-memory.dmp

memory/4788-1833-0x00007FFDE9FE0000-0x00007FFDE9FEB000-memory.dmp

memory/4788-1834-0x00007FFDE9FE0000-0x00007FFDE9FEB000-memory.dmp

memory/4788-1835-0x00007FFDE9FE0000-0x00007FFDE9FEB000-memory.dmp

memory/4788-1836-0x00007FFDE9E60000-0x00007FFDE9E70000-memory.dmp

memory/4788-1837-0x00007FFDE9E60000-0x00007FFDE9E70000-memory.dmp

memory/4788-1839-0x00007FFDE9F60000-0x00007FFDE9F70000-memory.dmp

memory/4788-1838-0x00007FFDE9F60000-0x00007FFDE9F70000-memory.dmp

memory/4788-1840-0x00007FFDE9F90000-0x00007FFDE9FB6000-memory.dmp

memory/4788-1842-0x00007FFDE9F90000-0x00007FFDE9FB6000-memory.dmp

memory/4788-1841-0x00007FFDE9F90000-0x00007FFDE9FB6000-memory.dmp

memory/4788-1843-0x00007FFDE9F90000-0x00007FFDE9FB6000-memory.dmp

memory/4788-1844-0x00007FFDE9F90000-0x00007FFDE9FB6000-memory.dmp

memory/4788-1845-0x00007FFDE9970000-0x00007FFDE9997000-memory.dmp

memory/4788-1846-0x00007FFDE9970000-0x00007FFDE9997000-memory.dmp

memory/4788-1847-0x00007FFDE9970000-0x00007FFDE9997000-memory.dmp

memory/4788-1848-0x00007FFDE9970000-0x00007FFDE9997000-memory.dmp

memory/4788-1849-0x00007FFDE9970000-0x00007FFDE9997000-memory.dmp

memory/4788-1851-0x00007FFDE9970000-0x00007FFDE9997000-memory.dmp

memory/4788-1850-0x00007FFDE9970000-0x00007FFDE9997000-memory.dmp

memory/4788-1852-0x00007FFDE98A0000-0x00007FFDE98C2000-memory.dmp

memory/4788-1853-0x00007FFDE98A0000-0x00007FFDE98C2000-memory.dmp

memory/4788-1854-0x00007FFDE98A0000-0x00007FFDE98C2000-memory.dmp

memory/4788-1856-0x00007FFDE98A0000-0x00007FFDE98C2000-memory.dmp

memory/4788-1857-0x00007FFDEBF60000-0x00007FFDEBF61000-memory.dmp

memory/4788-1855-0x00007FFDE98A0000-0x00007FFDE98C2000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c2a0d5a5f17b6857aa9c0a4fdd6c402e
SHA1 fac082aea82bf60b837b2208f53cf54125b10609
SHA256 5deaa87606d6f4d333fe09a2a35fa3b5566afeeb1d98f83e59541bcd22d24355
SHA512 3afa908d8312c09a001e39b351a41ed11e8563cdb35822e6783acea93ee702258b7d99f3be94dc9c73afeb0dcbeb654825dc2696b86d898a8222fc1807e094b9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3b20435486069ae6f90caf4085650610
SHA1 f5c48bf142da4e1ab9bb7b6597f972fafcd3e058
SHA256 52de22c1af7664ee3c14b76fac6c6db58a531ee3f63e7c1ab4c769773b640529
SHA512 5791963e8e5d81ad0f245f4678722c8ddc73dd70b6b7670f3ff5ec61cc4e215850195890554785598738b5c9f08f610ff3e4a8b6580952f1a7563b1cd3334954

memory/4788-1893-0x000001CDE4EE0000-0x000001CDE4EE1000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 95469f700ed5591ddf16796c663e2e49
SHA1 dab0d673997e6d5fdea734d96bb0a4f3ac8368fc
SHA256 eaa2f8da2f0f29d25cae7ab36718ad9eb5efe0e7eb0c232341a9f75b0a59b780
SHA512 0edc848f95e3e1aff465d3f9da3b0edb3501aadb49b56465efd6d2ad9684ca38301269c382852613ac14a8395a03dffac16a5bef12d4fa156312393431498fab

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 273684a1a70f935e3a9713bd158db53e
SHA1 4410fd369fa38e2db0ae360066a49b9a543c0a96
SHA256 04ea53cf8d956c7fff12236722151ef3c23456c126bcc2747121b0283400ccae
SHA512 62cceadbe007e3498796ec90833f41aaecb8df9e7b64fbe3402704ce8d48442197b56e7b252766516352a5c15545c0b7ca9a632299a1f337101e111588255c90

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 735c8e050c6d70e97ccf8d550b456b28
SHA1 eb8014d8e2c7bd4621054bd859a49ff31c5141df
SHA256 96e04345225827777cf5149e5a55f5d220050ca10e6716d18f11d25c9f7ced3f
SHA512 b7e26a4dc9e2c80b3b884b1304b48f0435113b044cf458d72cce82e020a5916b2befb4b094edcd9480a6643faf92cbde0c7cd665b3603c4749100fbe8597f604

memory/2940-1930-0x00000249417E0000-0x00000249417E1000-memory.dmp

memory/2940-1955-0x00007FFDEBF60000-0x00007FFDEBF61000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 560e3ff54165a15dadadac8b2e9dec0f
SHA1 f8126f26c8b4b003bf526e85ec0c47f2f805eda8
SHA256 2b08f78d7d23451085af84a38d22ca6360f7e14bc457743212170b08c67195f3
SHA512 85fa706c81038ca0855cc2cf677a1a0066f47c8f83fc93279acb77ff3bbfccaf5a1213585ee86f2835eda751d0bc3b26ef9d667bf6b9b8f9a0eb9239134d7b2e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9a0d939a71377e2b40fc5d3e78ae0e48
SHA1 5541d4fa7dc7e3b0b2a44ed5cbf5ed3deefe203a
SHA256 fa548edde6e0dcc44bf8f3ffa13a6b2ccc22398563860fb1de451d7abc95975a
SHA512 98163ef7eeeabe85fb96e6ffc9114091abbffc0d98307e3e1bfb09fbbe4f2aa504aa9cd9c43bd247af157de80a33a2ed8b104f4c8c72d174b9f138ccbb097162

memory/3880-2054-0x00007FFDEBF60000-0x00007FFDEBF61000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1f20e2bc3b2e7b6a985d0132047e1d2f
SHA1 d3a1faea0b3bfb7fe868a5a055d72290f78077b2
SHA256 e2d54eba531a6947321c3374692581f0146a035a4171bae072d56232c82d8f75
SHA512 9a55c8c7e18f512ad9bc01057599c25a646e2eacf12ee2d14266eadd252efe21da777d404c0bf57f6569f884b980d3ebd0a409b0a5991133ee1216abb1292f77

memory/4212-2225-0x000002C5A8590000-0x000002C5A8591000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 222afd3b0b10ec918b6a9af75ad38ea9
SHA1 e75ccd6109eb1e2b1616bb0f8944e4a71f3c4f0d
SHA256 9f87dafe4dbc0cd33e8ce8fe541c9efe030aa01aeb6d219cc9af9f667aae89a3
SHA512 76abbe02c0cb90c84d407d0d4b2e00d6ef6d6fb937eab9c2783304caf930cd9c67fbd2f5a17e2fd1745ebc79fccee87c046c49e493df929d4eb6fee51b2e31d7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d79ccc07066bd9cbb8c7c1ee680a4996
SHA1 ff6f1d4d725b3cce35aa718cc361f02dbdf6ddf1
SHA256 2c43bdd1e27cbd3142a9de7eac4173c21ec4d32c90647539ed96a33880d78d64
SHA512 c17dc875c82b2d2242d7589aff1d6a87e695739433dc9813020ea99f3407c96f4716a1ca35c9f737bc1b0b43f76dbea1acd7f84142ec3d98fbb97752f22528af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 cbdf49227a7a44c25e4521d835f88ac8
SHA1 4029f5fef0bbd198683155ab63134ab921ff8e7b
SHA256 7159c5962eb6a33d1568779c5cb056ed2ba8be8e4e2706f259e4b498a92b2358
SHA512 ed34373f29f1dfa5b159cd039a9fdcb910a245ed41909da07bb2a79ac198df8f89106c99a8a28558e79a554a31776de97bbef23690bccd0f710a49d5a42d7128

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 db5e1788f1fdc81bac4cf756fe807ace
SHA1 fe8c7000f91b3c0473cc9f8704ca602b8c4b7c9a
SHA256 f3085dbe2b464cfe5d90dc98d051144da6e9354c8cfcaea3b906e4792d82aace
SHA512 1aeac395d717cdc642c325bde98e32a0a90176918a4bfe6ccacef95f86d11feb56ed78cf744e980fdd786ab502cd79c9bece9e55bb70cba800f3505d482f8b55

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 1519cf57637a22490d216450a8366e6e
SHA1 653bdf82287e8c3911d795d5cc952b3db162dd2b
SHA256 c43ad363e5787a7a1d6fefa6f920e3ddbae7982f065fed099262050f0705e1aa
SHA512 7ef78f94b7320aad6caeef9d64805ce8b3050976fa992faebbbd803c77958453b9768b8a36674d3c9a62fb2f7336dbeaf15ea7009353ace4e4230cb51af12aa1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5e076a1b0007c687b4744d0042a062ab
SHA1 f467011e93e384285182b2f6e2037305e3e60c9f
SHA256 cc2ba678478a007ccd3f3aa03041ebff00eb740e997f8e18f7ae05425b5640d4
SHA512 284ac5c0e75bbfb3e32a0601db6b4619112ccbe9f78c2e3bc53e50ec49e8ef4897ce83b8d0ca74d03792d5703ceda617d34c8cda66246e45a3c52dbc2d353a88

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e90a48b64afa2c5198a42216a68c6b86
SHA1 abbdd0e3c0537c920b90af13e785fc1b74081075
SHA256 13bfa90c285b296efbc5c0ebd396aa2ad31f3de7f533056dc68944a8a434624c
SHA512 eae91c3bf023f52ca06e1e3e904c1e96dd667771156aa0a9585802507d9bf1c8f6409073879a4902719642c4fe477e67bf734b6502db72ed172a78cecc249b60

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5b9ac403722cabd89d783cba94656e08
SHA1 c522223a078a1aa7bf2f5b7c245232b25bd12588
SHA256 1f21140a6869ddd62ebcbd5ca89ba064547d55afd0fe8b72e8771a32145660c1
SHA512 9b8fe142049661ad7ad07b160251be2222daeb92e54b2411abc3b0e6d3953a9dc57ab0823f36f27c51eb1fe5e0ef89631026f7b2681c9d2d60b4d8370c69864f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3d5bbd7efab079a1be073538d215fa29
SHA1 6b73c1d9cd6e633189f980bfe3dd8bc4e5a0eb39
SHA256 2590df7d119157e2897a1a1c2f4ffdfb1f16669293e97116d401c5f7f9123830
SHA512 19d67b6568cba2c7e49c79523e02fdfa2d50f71b392950d3439d6cb7ce9a0476f20505a46b21d1684a52a11ab106f3119e33a55afa03a1f67840a6023ffa2ae5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 1a83fbd111f7a5f9e6ef5bc284cdb359
SHA1 b7284d48aaea9e1e8183312fbdaef424faaf53c9
SHA256 cf0c760fff588559f3c6fc7417157a5eb7328a7db9d66337d8cfe98ecc0a7aaf
SHA512 88b80378a77a1f88f0eeb7f81543645f17c987e32f0c40ddfa5345af3401982833363c0790317312421819df1a778c88d725cc793ecc32d027669f3046d7998b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 067912b33c1b1afd9206ebada458216e
SHA1 c80fd44594754372a5137a02ad1e2d3d2f552354
SHA256 2877167983014d3730222a5c6e8959c4d7723700347bd7e33e0324a731a5e463
SHA512 034f3b9e24df4dc9c22765c9089d31b194024effd7781504ba14fbe38d93d7679b430887d50329313b3efe7eaacd08c0d66be9eaf09aa6b96404e0c1522cb67f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2a74a305bae42c7f5e7347ad761f7724
SHA1 21169672e89bc72282d3f19c9cec79a35af72793
SHA256 cbab412f930cdadae3c30c11fa3decc46391e0057e35622ac70ef1b94e2db86f
SHA512 e2317fa971fdeabf827d087c5c59dd3b9dceaf982d1a0153110bda7f33334575c470c6fd5dd7a285df7b75e251d11601f59b834a3aafa4a67fb16ad9a4110858

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d999c880ae9562b968d2944df46a8ad5
SHA1 6945c48bbd2bca70f1c618385381d136b5fda070
SHA256 4c26617ec9e61becafbdd72b353538ffd30eb34530740e92488b30c7f2f1c3c3
SHA512 313cfade9a204926aca1b528e7cecc0087efcf7e603a84548e1252c3d9df4f0707f97bc6bc3126a1802b48d9b5b8579d7b4551a355f94661317b81d83dabd067

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 800a84f4bda98e667805e19d96b377fd
SHA1 d891af50775fba9744c939e28ae615fad551f65c
SHA256 4418e819a704f6bbdb99613e4d3557ba3e85d732b0347d40fc773fe97df16ec7
SHA512 df31d36ca90b6f988ba1867681fb5a87c09b8ea1533e910e273acb9e8a615e12ce7d0f7ca77a0d70cd53a46b666d1b5c026b66991a2a2fbebbf3832110cc2cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 cd821d0e2360da11909552bf44fb04be
SHA1 fa0bbbb7334d1fa960f2e444db1c0369b30e94b5
SHA256 a3baa0ba16a0bb35b8d78642ead285ed9de735f34d434856b99fdfe97472ca1d
SHA512 d1a04eb6083b361af169e100676f8753badcf64517104e78defad1f50816436edd054d972c5c4a98231661116cece53525337cdb09c5c7c1cb160b2ba3062705

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 03269919515b1e65b40e36eb875f9834
SHA1 f98e7cbf7433d6cd19e189220a100da5200aba45
SHA256 6eb95eba727d4c3d49c599e3ae9618e4e6c5b94f7550aa79efedab9acb8f3d10
SHA512 2a41ee568ff825f1add600c8cd44a26171ff92bf2010f5435ea3ddfd5a246c2e121d552b9228b93cd132c969b4866ddc78c8494de556e2d0d4a9cd8ccec111ea

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{1FAB8CFE-9860-415C-A6CA-AA7D12021940}\2.0.0.33\BGAUpdate.exe

MD5 09fc5490d32c867927e960f673911ebf
SHA1 2ecbee3518fb701959d2539a88892391250dc010
SHA256 9014827c68fd6a31ccd7ec1c8f182cfeeb60962760391446b45c264e062daad6
SHA512 cd295d344bba456cdb2394fbe736c7b52c8f20e2776bb6b37c0ecd7068c841a646208e4bd0ebb4cb7880fc15caa8b18da485340ac8f88154e61cf76fb16e8162

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 64cefb8015a3f01aafb9b30a4e5c91b8
SHA1 e44fa823e76fee3f91d1f961aedca76cbaff6ea9
SHA256 7671ed2c3857e6b9c638bdd357cfc1b64386f933d25e31e8988fef2af545c232
SHA512 cc1bcd284340a4a1e6ddbbd232cb97034947c858cb1d8421b0ae374e21f59ef10978dd55f939b858199d912ed1896169c27d37327b4d3292ef8338b64a2604c5

C:\Windows\Temp\SDIAG_757e2306-cbd9-4f8d-8487-c9e57841259e\en-US\DiagPackage.dll.mui

MD5 d7309f9b759ccb83b676420b4bde0182
SHA1 641ad24a420e2774a75168aaf1e990fca240e348
SHA256 51d06affd4db0e4b37d35d0e85b8209d5fab741904e8d03df1a27a0be102324f
SHA512 7284f2d48e1747bbc97a1dab91fb57ff659ed9a05b3fa78a7def733e809c15834c15912102f03a81019261431e9ed3c110fd96539c9628c55653e7ac21d8478d

C:\Windows\Temp\SDIAG_757e2306-cbd9-4f8d-8487-c9e57841259e\DiagPackage.dll

MD5 79134a74dd0f019af67d9498192f5652
SHA1 90235b521e92e600d189d75f7f733c4bda02c027
SHA256 9d6e3ed51893661dfe5a98557f5e7e255bbe223e3403a42aa44ea563098c947e
SHA512 1627d3abe3a54478c131f664f43c8e91dc5d2f2f7ddc049bc30dfa065eee329ed93edd73c9b93cf07bed997f43d58842333b3678e61aceac391fbe171d8461a3

memory/1656-3065-0x00007FFDC87A0000-0x00007FFDC9261000-memory.dmp

memory/1656-3066-0x000002DB7A8A0000-0x000002DB7A8B0000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_syrxeahs.2xe.ps1

MD5 d17fe0a3f47be24a6453e9ef58c94641
SHA1 6ab83620379fc69f80c0242105ddffd7d98d5d9d
SHA256 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7
SHA512 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f89277763e2870ee1ccea22b129a1e3d
SHA1 2fc42ba735017b8cecdcaf23159bca02857faeff
SHA256 b33ff4cb483ff06531fa15b27fda33b1d78fca93b31cffe351059948d75c81f6
SHA512 7428b5e6057764f9c3d3467ee2d97a76c44fbb129c0c444be893b2d7bf22777790fea56577e2c3692dbb51a6a89b39e4254354ae907a3f8047c063a04938139f

memory/1656-3085-0x000002DB621B0000-0x000002DB621D2000-memory.dmp

memory/1656-3094-0x000002DB62050000-0x000002DB62058000-memory.dmp

memory/1656-3104-0x000002DB621E0000-0x000002DB621E8000-memory.dmp

memory/1656-3114-0x000002DB62240000-0x000002DB62248000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8d40b5f66cbf1f151413542479dc3030
SHA1 163c1121dcec1711edd2f7d395b26dd5760c029e
SHA256 b5364c89479e84e6ec732d013672aae52106c71159f758df8a98d32c9bc4bee0
SHA512 0d261c422c4fc9c7c902258895a174625881b5f7c85b5788cf19d5e8edcd0bcc11fde1340cb7792041b565b003d74f4d5ef04cb5481db72a5874c597213f71e7

memory/1656-3139-0x00007FFDC87A0000-0x00007FFDC9261000-memory.dmp

memory/4392-3140-0x00000232D8EC0000-0x00000232D8EC1000-memory.dmp

memory/4392-3151-0x00007FFDEBF60000-0x00007FFDEBF61000-memory.dmp

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.185.29\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe

MD5 b18c705b3c68cc49d9bf3649abc75c24
SHA1 6dc8963dea0f3185368790dee2a346301b4fa24c
SHA256 c2ca3135f3cafd79bf90d4cb3118943ca17f40e0d651d1fc32b1b3d22d1412aa
SHA512 7ac302c1e85c652bd897ce1af812950cd23a53c041af82fdcecb2314bbd1667bf2fc672dea40c21858e64befc9bf60190a4428f0b41c30317bb0e5ec7c00f71b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 fb9fe1d2ed205e81764e34467e749c59
SHA1 9013c8f2c991f58796fc01ed5ee610aad53acf85
SHA256 2339896795523703c2f088bd350af769c3b8b883a95231616d0b51092324e81b
SHA512 a686aae087761cf48ec8401bbe64c7d3ff5c28daed1bd10455be3964df30c93c78d968199fabf609d2c97eb63d903f375f03eb6d16286cdf4be2450d0bcd0c88

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 88f8aeb4de1ed2a70c841ddd5f8a72c8
SHA1 d859ba2ca2b0fa60168417662d2d3463190ffe29
SHA256 4c1a845002c994c3427e7f31cf42a75ed1e3a9f75831635d87d5075477dfae99
SHA512 c2dc1c2d67f03df7371a25e5db7d25d80f313db43a1f1b64ec7c8c17bc2a6adf0900707267f5b8587b8597902514831c89e813613e6cd5003025642a4490225d

memory/4392-3363-0x00007FFDEBF60000-0x00007FFDEBF61000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1c44d3937bc335c0e3ade32b707ac007
SHA1 c203872d26350020b01022b58db6dcee5f9b6e86
SHA256 7e45c3cff0f3c70190537da896ece1c99527b82bd05d77c38a50ab9d0dcdb9a6
SHA512 1021c3e99b5e337b8ad90361bba65792005e9768f5da9c0707ea27848810a510ce384434a2084130d0b190dea5f7f175a2ff43f06e34148f0acdb59ecc4e117b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 4db4764f9ff93c1c53a50a964ca74332
SHA1 5cb609f27a48240445e9c9ae620373a7fea40b17
SHA256 6027d70373e09b1d1559e9c4405d0355fe0ba11cb2fe62b3e241114070d7da4a
SHA512 b88e8afcfd97167fc44d73ffbadfc8f3f2c53284bd63bc822796bb80e912d5a99941c1ec58fef16253c5cf2b25e8eed0899a933cbd2a15c1a39ae9e41c514541

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1cf12925aefbd135ab61d418b4abcf8a
SHA1 49b6c6f465aa816b0934a2036d98023cce10c5e5
SHA256 b6db8b16b149abd5fe2dd6f13218fa28627b294e959da0fcaa079405e9a49c39
SHA512 21874b2155ecf9495e997dfcd1b467855bca1d4fd279a40f5ceca9dc6eeb85e325c6397854a6997a3abd6ec74d7dc6821d9161dd7a4776d34cc40f0eb022826c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\1069ef03-6b3f-4829-9eba-29ef169b557c.tmp

MD5 b4630c4e07f37ebb555933937b7487c7
SHA1 703d8ebdfe3c163bfc2684faac1cc9212e2620e7
SHA256 cc059f218013d413ce69e8e76afdca7cee753c1e9854106b0f234517adcfb9a8
SHA512 8442878a994425feb5ccccf911ee12f365a517eb60fa11b81aaffd0857a708fbff56b7fd5b3dd1391c38bca243184f85558b8202dfb6e3ff45f5be7375287be6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6a099b3eb5157c8a943172ca1460b3be
SHA1 8cc7584b0d9239184e27b4baaf85bd682e4621c0
SHA256 e838f03429224517e1c6c4121eb72d3adc5607bb28304f712adaf46af98b0bfe
SHA512 aee31d2902402f84c73de09823ff0ab4bbdb4b954297daeaabbb373ef30c4daa3b34b95e8c6944510fde1d70443cafd85fc503e775db6b83af8f300264ce101c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9d714e22f3cdff2a93419109c9b124e9
SHA1 0448168bbb7dcade438a12ce0e9ae3ff1acfdfe3
SHA256 abf4c4b9cef5e7c0c8cac4a25a28b50f3cca9d80747a1a9cbb3f9e043b9a4288
SHA512 8df9e1b64f3f6712b59afd710fb96deea6bc8f69d7367af55d5c1d80a1ff8d289cd5a0f6eded31a5dad56516fd1a186d07fe436d3137d11119ec5a9b97c00d95

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 695d0b0bef6f5a24e1c078ca4429c971
SHA1 1c6aff01ef01c9d8c2b383212f618dde0dcd3282
SHA256 65967d3f4bc41acbb519eb0a43dea63fb2f7dcd676af0e8b131c735c01dddfdb
SHA512 2bd9b64eae5df79ef81ae16568ca05767475e9bce65c656d7a2ca0ac04eaa79b2125b96e862dcff53335027d4ab5b12c4a7e647be4c252712487ec571fc59b55

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c6ffae0c1238887a1e451f1c201d24f8
SHA1 2989306dfb518fe90e8c263371e2d3fb40682e03
SHA256 317a73a816afc10098c61f3e2d5e059261c08a86f6dca19e595dd1d123682ba9
SHA512 15048df2961094ea6e97b6ff57efbe1401e24c1dc7107e3d47e4f69c7bbb5319dced62ae7615861d24f8c37cc17f549ed4d7ec172c8b125ab2d40481e99eea7e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d5c2a534cee879978737710c98b9ea55
SHA1 0c8618f1ddfc93c9d1a419a948a52d573e34079b
SHA256 50dddd047d0e76b0fb158b7837e60ae0f4e6233999c06bf323062ba1b2707cbc
SHA512 8d60473cb8ec65defe312e6a707441b6af4728d7dd8df6f9be9e5bc7a52e36047aaf60ba7aa14fb628885c9a9d7bd3104adfd484872424127722a452f0d05ef9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3f1ce70f12e4d95ea0c14af451aa262e
SHA1 b27584bcb53a099b625a90ec438b833c86b363ad
SHA256 6d39dd7c695cbf6de6dbd84fd15e7b32f4a46b6dd8259a445c68c5524e677df0
SHA512 d3cb301df263ab2041c0f72d9c605b300464d7db586e31f4bd44b66691d84f7fc46fa5a78db572f2be7be8a61bfc47ab995a3f3a90521ca4f7edeb9e9ab6b048

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 28e5014b581c36f5045a8b346a7b7108
SHA1 bda3d69b02bab0833788c201a63f11f7c7e4121d
SHA256 8ba77a9185cad936b4af9e272e6c17c913c10d428bc53cb7023f99a9e43bd2cd
SHA512 cef439ec1b0ca9b3f5e2fe5e40dfbbbcfd00aea05e61148e2d249f65aa4ce1be70eac2319178aef582109178d139c4c311f1f84f7c9fdeb7b8c30e4ae0a6a3f1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 be14f8b1232c803ca01a98c322f793df
SHA1 1b76dd2bfee55f93981cb5b3e7496aeac968d59f
SHA256 cce4839aeece13255d70917e6b54c0d383eb1e63f151b3db036b48f437d93253
SHA512 482ae31b86f192e1d0407aa50d87b6f8561a8f3a8e4e21cc3cec503bf7de512f84d664600301617742b2ead8fad1b789f0c0da785b590711b2c8a3a5ab1c97e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 81a07a49a4e847beb1cc6125e5ee239a
SHA1 41c8a859ee10d7238a90e277faee78802e01083b
SHA256 7810e7b9b83de6e0bcfc48e1e83471bd46d9721c43bfadc4c20e11de953fb5a2
SHA512 ab5124cc5bd7c8e996dddb57cf3f0769a5b7ddaf44a78b5be537e886d30dc7040719ff5c14b9fbde77db70719a22d162a2fccba45f615874bf3b18d3e1e38eda

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 4177a51cde1cb44d7400b460b38b59a8
SHA1 782deecd469505bfb4ed6cf675755612df92508f
SHA256 bc8d48199dd54f7e31735219e8da21ee44da18be51ef0114ff1a29dfee511ee0
SHA512 b79abe0801df9db0c1a1ae0cf3ba3f6add5ca4d4e14bf15acdf16c9fb55fbda00861096ea94047ffb10c758947a0418dcb42d5332f8e410a3d5e3fc139e57e95

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 b7abb2014e33e08ffe929bdbf5db400f
SHA1 03d31f3679d1a959e630aa5174ad7d7fc61c133c
SHA256 5628dbe63bc4498d72c62f0100a4f5ca596f47157b1ac658f177551cd91681b9
SHA512 dec2000fbe007f91d498c10e4d030c256d0d4acebee851b483a0b0835a48983fced4b94a728be861a10fcee97e9d4b185266b277fc0ab9d1b7ce48fe74157eec

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 69fe092aada197329c0170c48335a684
SHA1 02096fbe015ea58822c26fe25a963d7b0f219abe
SHA256 7b62f1eeae07b76a5d092634a9261ee2ba016b85652611e0effba889d4dabf36
SHA512 38dd9e51a4f8c7dda3b0db94fe125f6da26ea4f57c38a2c9c20bf9e50b7f681f0cc099bcc3b60b8cfb8ddd12040f7a145e388d04038096ca5f3c689f198c5995

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 886c575b3d4375ad84bd80445578c393
SHA1 d48eb9b188b5201f75ae5d2ae68f17f9d43ae7bf
SHA256 1f067aa7cf84ebb04bfa45f3b83bf9b079221f263d3a2b4d7c3c25fcf1cbd770
SHA512 d046808f224fb45dd2a157278ff2d170405d131dec53134372a04454ee4cc9b54a3b5c777dbe559fa1dea53c749020af577141b33787e9dedef2c76330ae777e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 68205a257cc83f240058e67ac1c02ee2
SHA1 91815d817571bab345ab1636c98ce787560b329e
SHA256 c283524bed6ad6739a7465b859ef697113fbb675cf46cab7fa38b258d1272745
SHA512 8feda806e6acb0be08e19caa65009f11cc3f838503e0979778b13b79494a7a662a8ae5409165ef95671f8b30178fbb4a28a7ba779e4367836dbd775a2d36a7df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e4e74f1595a119dfb57dfda49add10b3
SHA1 615996aadf890d5bdfae823a434a50154f12e09a
SHA256 363b6fe2bc3060702f736866f286e606d0cd318cc695e1a2ce0058ab506835d8
SHA512 a4c921ac069fe9a2e1c5c20a5a827938e6e25098016bb0aefef5c32255eb21827107a1e27a4ce6cd30fb186ba9064cdc4671bf5164696e4ba7bffb73eedfadcf

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\AppSettings.xml

MD5 431a6eb20932ec1c56682a1f60d231d3
SHA1 40bb32db040cabade103c21ba5b6f811dfb0773e
SHA256 d5de39863fe721668ce1e115e0fc55a7c733747daff6235d27dad3d160c84dbb
SHA512 0969b9484bb7c661d4e0452ff1c77396796333904b39f24c56d5a92ac4ed4ebde9b8981a985c6950b4af2852e8d9599e071a51ce4f9ef21ead778a2fdc76fcec

memory/1404-3762-0x0000019257770000-0x0000019257771000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 0ac50e0654cb7c057c57c1479204d6fe
SHA1 5e05a7740245906710db660d3b1c3146085fa1f5
SHA256 ecd67cbb83fe6f759e7339b91189960499fb044dcc389024e8155b10607b62c0
SHA512 bac23cebd7e5632e910619cb4de0bd1feda5348bf579e367cdce4b282d24f74722963bd55beac5470f19035e6f699dee241837239e1bfd998a42cea59fe995f6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f36018283ccf21b051fe3000113810f4
SHA1 71147afe9ced06b8177f6574a613056146416198
SHA256 d41d56ba99365738fe67790479f761d06f502e32e89ea4dfbff3096fab96b45e
SHA512 6a2d83142f647b16851d057ba78db848ad0337eba4c34483a44589fed534ae139e8dda1a1d739f179fbdc7cec8fcea9d66594b0d2e39dd8c3e15bc14c1a6b20d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5b66a8f44e27a647c1b6524e0bf99d60
SHA1 1b610362c871c6a8bfb9244b8e462d5b91ebc69e
SHA256 dea990e09cf341be432c365a2748de23107cce423b1fc9d0929b5929b8ab1a0e
SHA512 7c13d9af7eace15d0a215ecc1ba5276163ecc9f2f670ff18b0869c3dbf5b6849c490daa34d77be1421050f76658831d256b385727fc93481639d2f7d8fbf8f55

memory/4108-3869-0x0000025ED8220000-0x0000025ED8221000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8045f0754005797769482874c012d745
SHA1 ebd1eb53f1745d81454b5be612df86f5b6ac1e17
SHA256 a42a3be3c87085cbe667444791982f5b5dcf060cf0a831569446f9698c27f933
SHA512 9eb7dcfb6f84d3781871e7b932bf47d909af678f715b82b46b247a4ee156cba8576e76764dd0d643215e6257e8ceb53a5fb2ff2528f1ced8b4b4c9c25738bc56

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3d066b823180dc4f7c11835ffe1e62bd
SHA1 58f8d65b87c3da6b55c94e764bcd1f820129c699
SHA256 2cde974494fd27128a778edd1dcd9e0d707d9a65f1bebada6f908996c5299c0c
SHA512 f9ce238ae2033f8505858c73fd3d94965a113eb3436d0f45516aa15a109f465604b5fad6b5f6a530bcd92a874dd9294a0281716e903c1f1368e16487a38e01c1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 2f58552d45013afb23c16d7ebddc435b
SHA1 77a8d064b902c40b8de6d729329df917df12e493
SHA256 b580beedb53b11ce0e5e957b7b5441b6d701a065b89fab8f9914d05665215e08
SHA512 54660b6eabcb13d807d3f5dab180ee310bf608913afed39cbc32efeb445dec758de952f19beef25a7c7fbd6ceb3aec7567baf5bf8a042a81e9f2bfbbe8c81cf8

memory/2456-4010-0x0000021808470000-0x0000021808471000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\aad2460d-4033-49dc-8398-8d976cd432a5.tmp

MD5 92d5f6c675feef9b9fa77c3d6288a0d4
SHA1 46bea4c1cbdbef4361cbf5fffe432dbf0d57a658
SHA256 7aef5cb45b5d3a0a97d3a4d90c6bf3901b6a6ebae41c57a8cc15547d66c69284
SHA512 b7673fc7fdb3bcd793507d40bffd75f0392417b364979c674b03b4ba0332d119e9e386f8e0fd4b5bdb5ab6eaff4d0323ed56e34c39da184028e41846962b133b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ac72d20301a0ba442c050d29c6fb5913
SHA1 2174233499c85fc33b0d65f43e6988b5012649bd
SHA256 54af326c29d98805f421dffa0925b7caa531f387f57b0fb66bc91394fadc2215
SHA512 48ee05d0b3d11d51e93ce710d6465e3e73e6e500012910d2b10e5c7d459cf519861bd17abb82b9ceeefef8d8e60d7d698211da4d12da6e607dfba55a279be4ca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 93fe71d03fe200de023f88cb67ca3264
SHA1 cafcff2a8eec184c6075aa27f47b3b4feb8389dd
SHA256 715d3d047fcb62a6a50ce5c1cba03d8591263429978ec9d1605263cbcc760b1e
SHA512 f9e1bf75f588ac1884b01f73ff538c209a9c3c03293960265a81290a9fc745eff9b6b8aed957acd8e4d97bb47429d1dd850f935dc5093342abeb5e7003a4b09b

C:\Users\Admin\AppData\Local\ElevatedDiagnostics\733862231\2024041413.000\PCW.debugreport.xml

MD5 2b8c7fe6837f7742360580fa7d0eb5fd
SHA1 880228034640e27716d1590a298ec9bc4e8fce9b
SHA256 b51a80b7a295a66e1449aefa1913abc39429d0d4a76b9d2c1f2cb8ab725909c4
SHA512 953c1615be048aa868c95e32e9a2f7ee02614bcd9e7463b18c7aca3493d1eada7372dab480a3180ccc18185587a8a44d63a28f646b3e1bec086b6479d4970d1e

C:\Users\Admin\AppData\Local\ElevatedDiagnostics\733862231\2024041413.000\results.xsl

MD5 310e1da2344ba6ca96666fb639840ea9
SHA1 e8694edf9ee68782aa1de05470b884cc1a0e1ded
SHA256 67401342192babc27e62d4c1e0940409cc3f2bd28f77399e71d245eae8d3f63c
SHA512 62ab361ffea1f0b6ff1cc76c74b8e20c2499d72f3eb0c010d47dba7e6d723f9948dba3397ea26241a1a995cffce2a68cd0aaa1bb8d917dd8f4c8f3729fa6d244

memory/1656-4172-0x00007FFDC87A0000-0x00007FFDC9261000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d01efabae245ea81efc0958b24156aa3
SHA1 20d8df6f2ba164643aee8cc6f7436986e2fda78d
SHA256 0d5098e51480fc4d5df19715573f04486a096e35c50abc27305b1c4fdcefe98b
SHA512 d050f42792fdb0041d84cc363b424d5aba053f8a7232077a34ea3c25997f4245c188309da3085016c4cb74295f325b2d8d9f194d6ca1d00369859e853cb5e47a

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{806B8122-B24D-4838-96D4-93D383A1EFDA}\EDGEMITMP_B0B8A.tmp\SETUP.EX_

MD5 2415cb112f130a1382726afa58a0933e
SHA1 74ac041e6dc607e476dfeaff2d2bbf2b5c004b5c
SHA256 85679b3b17d42aa988b5c753b9cffe457c063d5186a94203b5e584f4156f2179
SHA512 a334cba72cb6ae4c4706ef3954e98771c4502ae5ee66d7b2d2dca759ac75890efe5a7fea46818760589a66f425a4bc9d463512bf359723685eba86ba4c1edd99

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 f98e94bb3f944743642441ae3d192f17
SHA1 8667f1326bf9a7a1642aed32a3b090c2703173d3
SHA256 f52a48ff3aecbd446d4c27a01876a6fbb005555d082154fade73539f60811cc2
SHA512 7c5a1711895d1e2c32e33337dcd6d3bf912846c76334718e75e7b27ab5cc2ff81bf1b11b4a617eed9dfd77ba6fec54ace5f50046d14e704a0672279459e8996c

memory/1592-4238-0x00000232918E0000-0x00000232918E1000-memory.dmp

memory/1592-4262-0x00007FFDEBF60000-0x00007FFDEBF61000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f638237382c5a75820e208e4161f6203
SHA1 e70e603b3647b14b27abf0dfdde80793e4e9e45f
SHA256 8034bba211b460817cf972830aeef0cc6e14a76df64013308befa028040fff62
SHA512 3caad504667d1106c0f917f6b5772c4a87f5e53626abe85ae8d813c295f2e25702ec5ad59e546b7f9e76bf8a655ee4a995a31248da66b884b3951ce2d299de7c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 92c6055d09ffd596eaa731fc113d556c
SHA1 de4c7659fa6347b760722282c05d7848e96b359a
SHA256 d1e0f32bbe3a6cf3ed638c881178b5398162941c243e9a679c233f2878f5ab72
SHA512 6310af1bbd8a4a5c0e837efa634c1ec062b06c1f607725a88c87d8571053c7aea7751a10c9d1a2e595582cbba4511d9fceca5d232df1b6f8bdc65a1af3c74be9

memory/1592-4639-0x00007FFDEBF60000-0x00007FFDEBF61000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 cddd17dc3a80eb7d32b040c3508b185d
SHA1 f50c9dea6d9f3f7e2ebd0896b03f538ed2b0c6af
SHA256 4d58c10e1265618f02fcd01cd92d94e9522f115eecd9326ef5b893b79e670756
SHA512 e7c1a828499fa14b23920407320d0c163f3712b364eeafc1f6fbb819a63c0420118dc5a142dab36ca7cb3a5059ee14ac1f0abc49091055d6c57d301eb6243738

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a975f7e74b39df5a29e00161708b9f72
SHA1 dfcc33c63c91072ce9dd947b85c7d44e15aed6da
SHA256 1d654b5eb439fec4ced3101ac83c1535a5432631c0a42d73a6490fe1ab97ac19
SHA512 f1af68bdd55fb10a07e436a8433c63d047b0b5fe14a5b7fa6838c751cc61c62b0c9c4ebe6d70f8c790767f81e950adcd0262d169778818aedb9092cd0c8b6cc4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 70c996887b14b99580da6b19650d95fe
SHA1 1149fdd93bda6ceccd09e24e19af981920760ca0
SHA256 3d2073f2471cd5d72a63b7782fd81da97712d83fc8dc12a6b36d579ebd431786
SHA512 fc4a311279c675211c2e61d60a2ced1e380259a9c8f62a5d4dbf8c62c5976c781039e5d4ed0cd6664774eed31a808b601e96cfe8ebc46d4712e60f96731614e5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a0ebe6ba591422196f2c8379a986cd1a
SHA1 6089136c3863b8439d97f984f8abd98359953d13
SHA256 774a6a7a84e5065c064d43790bcca587acc07ca8ecab458b5c9fc53c60edd917
SHA512 a414f75aa2dcedd4b468bbfc7e58c5c38b21d7333f4852be99b428bbc4e953978b5f1844ad94037d107dd77180f2020514c93702ac61315241dc4429195ac150

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b01e71dae227da9a1bfc990b989e6380
SHA1 adf02a76617c1719acbcc0f91bacec70a8331110
SHA256 a77e66692d48439113aed7c14409af0de85321eb677e574b18e27bfc6b27d413
SHA512 bd106f82a6f56103e8b95346bf4945bd3539ad6265bdad93de373664f82b93426d91cf3982fa92bcddcef419eb03fead93c3f28ed57a1622b01381486d024e99

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e1f0d8986613442732050ddeaa4040a6
SHA1 8926aa04d7637bcf3043d6fb6c3b31538a5b1556
SHA256 dfaf8b447e70070d17946b859834c3fdd8a16aab58ae0c46ed36b55dd2932168
SHA512 b9a4c317ede4e82a1221885a1610c67d73aed74b7834f41ebe6a2241b61385f41f6cfbb5128b50dbaac1e171957887fa94dca791731718f784e095a4ea76d687

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6d9d89c1f891c9c07b1edf1e6bbe24ea
SHA1 eba674fa2f57b98234653adae44b0f23ceba69ab
SHA256 fbbdcf19ef46ec50fe0502a7f68548e16d1411a125a18ca7f162e476de5347df
SHA512 d812d0f2ab807dbbca5f6b2c80851ab85ce921212872b470f0d94d6fc4b3d0da296bedb0c367c76f014a5bd69565b6d2494d2d664fb6756d0b1ab56c408a488b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6facb99ee4b54f859a1da01d9dca7e22
SHA1 d22a7b21a6889307271ddf77a33e7ec70d7d0a20
SHA256 f2d63405471bd9b27f7ba421975932339ab80a161834da32965daaed1ca2c1e5
SHA512 6a3efe5399a54ffe9ea906044fa91ad30af841821563e49d484d71f847f3c2bbc7189188daed0aee92d6f048698442ad4bcfe544eae84de9701c249f1cc13e66

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 65dcb22c325ddd4a3954e140d4977980
SHA1 01d286e081ca7d6812c7a0d3c29962945fde8f02
SHA256 529a11924f59efdfe976e1a12951cf6bb059edf8d6afff8750622e3c7dd9a980
SHA512 bb093be3ca0a24c572194c2e9ea9beab1233e80f6e91991a1ca9b5912b928d5fe46b6e8a32e0fb051feb9b3473a33297543c90ffb892a4d02c078ec074b3f875

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 aadf2a1c9bf13605ce8ab25dc624db8c
SHA1 d5999c203d57cd4cdb26166cd835e6456d380251
SHA256 9cf76d9d32dafc6f10c3afd883086a73eb85677ab31ff8f89ce9301d11353a37
SHA512 2bdf406884081d23084845f6a276c6603b0653942a739b6eca022c69fd4c55a0135fd05634aa2b8905be49e4e77afe8e73862deaec0671ba5caaff88f91362f2

memory/2964-4763-0x000002DCF3B00000-0x000002DCF3B01000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 4fea877e229f41cb9bb20e58b71b3ff6
SHA1 bdf509a08399892b6646595a4b2aaa584982e96d
SHA256 a7433d7189d8e981d12ee03a686e4bbcf2ca1e7a2126535db5271872d8003b72
SHA512 3ede398a36c9a0743d9b3574a24c4233c78a3ce15939963f20d3dd593ef1ce3e8eacff01d939c1201fcc39b4950518fd8a8a7e9f7891dda50d523a627d4144e0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2691f2faec18b4c1143a5944d11e28f7
SHA1 f42a28a7cd106e000121abac2390f900497794e0
SHA256 c15a9a84673de1dbbaebfd1a1781803368e1262855d7965a0c33e8ce350339cd
SHA512 6356f8a03463aeecfd05773b5b7eb7d6d51dd02c451b3473ee0f169b52b21d01f9bd97b01f6dfbf171c0b195ff2dbed4ea23ed020ee1ebc7609ae7fbbb6ae284

memory/2188-4876-0x000001C8CBA80000-0x000001C8CBA81000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 34bd407a5a7997ac400e76064140f93b
SHA1 653d15fa3cd4ec921e1a6340c310fbcbc07a60c3
SHA256 9a95ee279ec2b3058fbf463ad6370b457edca0a3a91d6e58f3c8e0ab17da8db2
SHA512 2bdcf19d69bc77be8407263515c46d97433629f267c89a8f949668ad3b00dc4203cc059497016adab16a61a0021906b519b97feda363a1d473f97f6cf9202d88

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c7f35380afdf1c9f0d82c48147c4857a
SHA1 a53f4a4634c70f295eb518b8d588010a7e14d052
SHA256 ef6ec75d60c44e6643dd76035b403deb2e26b1a0da0c1b246f0e8d8ce91d3b2f
SHA512 ecd912cf54cc621eb204d6f33bfea6fa09cc6577f7c295c5a13fea9a0220fce15d1bbd618d1a4c5d1c1d37584cc4b94873aacc0241264979164382e55d8a9a8c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9a32d313e5e8873681547ec5803428c1
SHA1 21da7237f310277386172137cbaf830bac27a027
SHA256 2e3179a7ab9aa2a984460df6c15f8f8cfbeb9f64589a986999873f42e508a07c
SHA512 5ab5b657b136c297ce2fa1580a50da17646b95ec5c179f4194a82105b3db78d29b146d03bd5286026b0d449d6aeb4bf3136bb1be9169916c40836797b3cfb022

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3556c523335550a3e79e2734b71d0d8a
SHA1 6e53409f22f33c68fa9f7f5b10888a3b9fd6812d
SHA256 736f097785573fa25eb3330e6a854a44cac08e69f99ed74461bd4637270b1729
SHA512 ce1f572895afde315e8337ac4f7ecedd15c7e551761afd24f9b1a9709bc038ab7926f9c5a89cbc766d0cff6ab3e94f9b39928cec50682bccecbbf9acbf01344d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d1918b73adb491096abcca37a13ac393
SHA1 a4e60918a9da86f6c46b3fdc26c74430fc3d7b10
SHA256 37b2bc79c3f3fd28992c85cea690f6815e20483aacceccbc8abae5575e6b1edf
SHA512 ae479fb3c2289cc5be28c6989169c1ac178772480c35cb57f12e344e5f0844fa86d412b45a07065c27663c19d5825ead839e45b86c3ac93c5ef8db2e29270001

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 68a6e6dcc620caf15c5fcdfe84768c70
SHA1 d67bd0585be5e662fa52cf4cd569992ac0bb3007
SHA256 7a3841eb03bdf18a8b57671725ee4c166502aa48e8c9da08d2ad0fd02b38e545
SHA512 1e247df61b68150d5734f89c614d6362d611869b6618dc80033702bde5811d930f7c67efdd12a073a27c514fa95818c81d1dbaf1abac3bb924443491e1c49916

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 0ec776f92aba47b3a8f1a13d8b4a0d7c
SHA1 b1b194d6e775e2eae1812a9e09394de40cf1b490
SHA256 f038c6615343d8ff39425cf568f78df136ff8beba28b05f028f444a62c87e66f
SHA512 df62510bb91a56cc627d320dd672946937f548efea9a869996a3b797a3e757a947f31617b973e870328d1db10db0ffa248330a7eeadb2f616aa755a6432531ce

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6d2b5ff1bb3adeef3c2ce74232b7dc13
SHA1 bbd79bacd5bc2f686de0b5b66cdad80279acbca4
SHA256 c83219f8860a703ee729876e30b0f8f92dcff7fe74e56e34e0a9a0c7d4afee96
SHA512 96345b74b9c3ff62a5c0f8cffbf0d4f32bfc6f69c28f3479929136545464543e1aea98cf57344ac152bdf98deb918b9849863fc052d74edddb1607c0487f080f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9cfa0ac5b3098601bf4d0c74695f0fef
SHA1 ed0774ac506c4fb2f24910d53413af1989928069
SHA256 1b9b863acb2bc0c2c86d79897c55df2ba4d8d18d1eda03dd3fd74ad49d892dad
SHA512 02e7cf309eaed4148a8fbcc9ef8543ead338bb6b905f235d3a030f9add65e4824a067b69d715d0f9f208c8eb42556dff7f300875ba445644472d564d83c93ccf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2433237fdaf2cd85ddf5811ccd6b6af0
SHA1 0556438dd60785945e3ce1dad0fe05a0bf8edf09
SHA256 46fa75394c27ff3c8deb86b8859b8d6e1e1409fb5d2e758e48fa1ea56522a5fb
SHA512 fa25a426dffc533f9a66e531a79c0ba4eb60498452fc90c4f78d9f424261bd1d5292b5bc465496c6c9cdec8944f9233d8d645d0bbd1251fdc7c578ace80b162f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c136fafc868be34b4353a1b31a281b04
SHA1 b97f47f8131898d49ce120b36ac4241abaaf1208
SHA256 46ad7aeb47cdb82b01de8875c989f617b7f682f952d82036b854965fe6d28d4c
SHA512 b626807341dd97bc62f46cba88b5eb690ddc9802153da4d2469d5acc2d507bea1a96249872fb2d24128a82dd60034924e119e911744240e6b7a09def827b937b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 00ede0b3a445aa022ebfa6d081f71a59
SHA1 455ac97ce5d12bd3a015b825b3abe010eb40d637
SHA256 24fcee1e86b925ecfe5e54bea16b4bdc52865b3e5b4016d1e5c65c7b809f5ea2
SHA512 1c37756158b1b9390c19a787ece20efad1829de82995869ef481f05d364dfa149d22395746a3876cc4f249fba76fb47034b84358234cff0d5e8498f96e52af7a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a1d565dcfc7b9eddb052cb29e0e7baec
SHA1 1a8b6f11004e010b0800298f2396eca2a6d7bcb2
SHA256 b4dbf2dcbe134228821cfce09e959da2ad496fdad2840fc68d24cf706d3607f0
SHA512 877f3ccc9d43c3928c30ab56628e25c6c050a045b64cd596d486036d5ec997d956b6584b32b174622f1dde22d6eb3b9d28d39a0a34b970901f43c69eff25cb75

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 568bbadfdb52b9c7d39168cc755ba5cf
SHA1 7243f04a412f8a51628708fdc028de76c60361e7
SHA256 9a3f40bda59411a51f394ed0885e715e94c9babe6c90184020caf0c2eb5e8c03
SHA512 550d9305507603faf15b61ba36bd4ae48b73d845df07b25031305606e49a74c374883b57bb1bcf22c41cf2c30b75afa6d944db62cfbfed4ac388fcd4ecbdffb9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6905fd827d9c9892589ff5cdc24c8510
SHA1 cf9619ef05e60152aa2a5d1773c24837a00ac220
SHA256 aed28c9be3070aa0421b6e30f51c0eb7d1182d4b533cbd69abef667255428fb1
SHA512 283d00723c2e699ebfa64618ef3e9e95f3c09b3f91b7bf545412f76ed0c98bf65701c43ce47ea281bfda8880d0e15965c9254ba8a7e8e7f3966ce0f12fcb78c0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c3412c9f4f154eb822ad89f3a5543849
SHA1 988a6b15364c53b52bbbc96a0642da76da4ef1c9
SHA256 7f55e2767f01eaf63773e33b35c6c74b4289c2831c51bf5445cca457df273898
SHA512 44bd97a9ec5ccf6cee27cae5ff1a9e63f78d19cbe268201551251b4ed016c6ce436f110e3e870ccf4efb416ccece8220376402bd6796cc80111c0256a8550551

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 63df3ced7cc27d5bdbdc8f7b554e110c
SHA1 c50d8495749d88b5dad8838c28819170b4d78ded
SHA256 96707fa44b432db9e66cf2dbc685f597f846d4d26c9712831bb1843be6b72115
SHA512 a9c8035e91c86be9e2b653d1f034d0c559a02b2f2a09f30c74411694c5053fab9f98fb248cc6cfd5f0e6fdef592b221eecad5c060c39ae58b7ec8b8c92b522e5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1ae15f1e36996131ded401c2a27fee3b
SHA1 3acd504bbe9264e8a214f25dfbc36c7d46ab0038
SHA256 658406b873fe211f934d3969a02905a8cae0e912431f90952d3db3b16eb01960
SHA512 34adf20bcabdf82d62157fa8127b9f427bd7443e0d28d034e561c2b3babe87a9abeb16dc370c4129eacce9d73666ec9f7b6ce96bc9f88f081e0a5f5e951889b9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5be35c8cce9ca44f28e58afe93b3fc8d
SHA1 ed6d110817d81a70d504105ce032a7db9ab2f2c4
SHA256 c339bae722ca7e92659955dcca296dba16070ab9927ce89322e404215bda0108
SHA512 5622573e35318e92c1642134d5b5352b677b7b8fb9e0888ee89f1ae9147f661ed7aad1b36dc77db063981e1745b82a977ef3dea68204340783aa1a900937d528

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1f84f8df313cebc6355f7890adafc58b
SHA1 619ebaabd5a943e0bc603833286da874494d356c
SHA256 901af963b21a5983077481c55974404055e0b94521ceeca816b57f51249ad83e
SHA512 80ada8124735d09c22ae755d98d0330c6635669efa84527cec1faad91040ab633f5f3029769244075d45068ceac327f8921568b7a05d5a8603ac90b560f54b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3bf2c0302c9820a7f4bab433f6a17edd
SHA1 fb6984c516acb4995d030a3b5ef8481261527e06
SHA256 7eb394bc1b389c43a03a378661daeb20e0a3451ff37a0b71e4d4aa43b4b07673
SHA512 bb1db1a00cd262e59cc7df5bbdeb62fc25a0616371862039cf941093875a75d19e631c86c5f6a2447601ba2db32025931d8f107569fbab6a4ea202662ac3bc08

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 497735a9ae6c1cbaddba96f7b17cf47e
SHA1 909a6ceef77b7fd9c21dc6e5ea25633b1c3280e1
SHA256 f17e8b24a4cbf096eb6a3f19fc20ca1d6fe773081f098b20fb3b17533e0ef4ff
SHA512 55d3a9faad402a8529f5af1f1309a64f9ad57bbf0d7192a088b755e54e280d557ab9338dcc6737dc9e3a2011911f08359b4a2e5a55bb41cf1553969ed2edbdd4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5ff9241b6e6ca2510569128fb15abf8f
SHA1 ee09007cb1c67e78a1ec11e10d76c296d3f4015f
SHA256 aede6aeb3987e1233e6c9bf276786f1195e8e8c3de2aadcbf6087d1ae16073bf
SHA512 79576e304ab46bd1ccacb66edca1079f3a7271448af5a398117c686d53e4964259b7504ef8cab64a793f8d346b0c1322be3489fdb7ef89d6389262499bba6f8a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b77a736797e6b5b8c143f6ccbeef6311
SHA1 56335a33151533b1545682b952515a6ac71ae437
SHA256 42ba1bbf46c314841ebd26bd22b0a0b41bd7e7c8c06316cd66f6f63829f6bd32
SHA512 b17006ffbab0d04307c747f4bf0944c9a1643a06096aea3ddd8178aac217623e8a573d749f43f64b62033b16dee537992fce987d4fea688f8dc869e44ad90b60

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d2a03843118b531fd0b6f9888367a655
SHA1 d61bd3cc7d6f6d5c686c16460def63af911cca36
SHA256 7766bfcfcd31be921a4f6ebafe5fd1ab8156e191428af7ad7e16123180e36012
SHA512 c3d48d3c06656c5519411e732ff1e5b8700d4de4e8463a01adbe8314f3aa22afb7ba5a695aec63b51e51b9b2298c960af8b0ff0e90c0df2db9a7f435001db85c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ba1e8c8e57b4e631ff201e5cb1d8ce91
SHA1 37e44c29d1d60a7d8125c1f32a6de9a23e2b2ca7
SHA256 dd08e45b7db9e3e8efad9d72aa63284bde323a4aa41bf24e252bb09a605912c7
SHA512 d1323ac861fc6249e22d58941258365288da4b4a1c9076e3f6b5ce146e569677aa6fd13a19b3845e22972f3e4d75732a4908804c27f41236d9c591c0aa35c2ff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9aecdfd22932fa72f37197b3c25e278b
SHA1 867fa47d3d086a0f5bb4484f77455705a530f3e6
SHA256 772c1b8c24c882b81e167032ff1bca5c703068a44aa82ea64eac33ba3941b717
SHA512 acf3869af4d039721dfaf92146827f79cb3c3cdcb27c38109803e3d9fe09596d0a818bc691a1ca7351e99be4651c850e8ea2c994982aa4e56497587a3b8394a7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c488a16139d3bfa291a8a512efd7ef6d
SHA1 67b20e5c91222468aa88a0dc464ea7f73ea69f15
SHA256 17985a1b43840ae4b3dc786d18e9865e992b78b5ecea1212fb566a0d8b80348e
SHA512 7fc0cec835ff974ce2a70bde24b4781f84baeaad1ca6f1ea91ce03874885de9b7afa6b697d7b0c033e241a4e611af8def0f1d446ec9af3ec89841841917e4a32

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7c5643b03905c6400a9343ba181dfcd4
SHA1 9ced11d9c25dc55122be7870388ca4e3d12a6e21
SHA256 58db8b47d906b83d108ec1eca9ff3555a9878720f36b3d0893e71453bb553ebc
SHA512 66be033c9aeb774464b6b0328a00c7d1991f33799cec7c19a3450a38ea7b238ce3eb84ac2d142b5114565b563f70a97467860293f1e3d28575df90c16e51fc31

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5d6cc8c75c5710340f398569e83c33ac
SHA1 a2cdacb8573527f0836914eeca41d2e1a0c0c1e1
SHA256 ea32e0e51592d20923a6516ebddec590cee22332da5f28a50947de1e905612ce
SHA512 e9e32f9fcb0c5bbe8ff578240f67fdf5776598e442398e2cd36fd3f6796e1902be6f5947e34b55f3e491183013d94dbb3fc2f230b849c59b0237cc30d931e706

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9a5df9c47df6fabf2df93ad492bbdc6e
SHA1 4ef41848d8a2497cebb1fbfd7977b05a22520630
SHA256 062f7713b111852ba1bdf652ebbf047fc303f9b29f0db2e0ea092bae4a38edde
SHA512 50a8eb90e5f96f58ea8261cb580b90798f39fb4b9ab29d68c20ce63b8c736e55c888ff4e30e09d5d2aa9ef368678417577f6886c1ee3fc3a3be34f321f4943e5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 24ef4ce36533b690cbaf0414b2793f13
SHA1 06651ee17512ce785be0d6fd4b44e3df4e26e2c6
SHA256 5f60b1ffcbd987fd57a2c6d62111ee2b7a5841745e0bbf053bafad69fe336cea
SHA512 5b31c6cd78cad60fedbab29425b89b6b9740e796a021369e2ca3cd9822884a0c8e51fd5204dab29a8636aa8645217a672bff8f22dc64ccecb451fbe39553fbcb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 ff9494dbe630b5a5ffae96e88a06a0df
SHA1 2c1dc7df7fc41e7189bdbd4550732d87f1b0798f
SHA256 963fdbd84b7244ea472eb389439b89103a5ec029717a050e28d476df7323dbe9
SHA512 d69a37b27e6632b253165007cfa6b320feb7d8e45ce7e9fbe180503d92f4e5498a2256c2caa7cd03fcd0785b74555026b2791df101bd7c3416419369d59b56fe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 26ae8e1b075f241cdf7171a6dc9d2a8b
SHA1 fcfc1b419dab6e182b7770169b0775b69d2c0110
SHA256 17206c59304b755a40c5628879bf5120b06e1c9348cb9bb805c8385bb273eda2
SHA512 b39276812ba6202cd9de749ce10ccb1d355e2c2b2d94f7139ca4738c37abe9ef7ebf4a7ec322a4a2bdde674083334f94f04bf8bbb6cfc93ff1eb49e1b34f3801

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d8c3521ba3d3ec1559ba6e42a05c2a4a
SHA1 351a49b94d710bc94442ca529d3fbc4af3de1c04
SHA256 3f54ed60845f6d122b0a7fe9640c486b193e53b809067ee58695082aff5f5f04
SHA512 a45a3d7c0a8b9a9486278fc8319b6030f652b12d02022dd445a36f4d8df36138765b94a38951080ab4ffc033f0f270a9495f0235517bf7b48b9d50b7563a5f8d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 79904a954228fd7d7b45bd2a248b38a8
SHA1 4774e9daff4b0644bf4754af9108b9f84f6073a5
SHA256 a0fa5dd66ae5cea260a26dd076af5882b9cfb51d5aca285cda8cfacb60862508
SHA512 61e4e8c214b00205b2372311508a1d583f889bdba18cc2826b0cbd6ce10d8f580f0b468edf37cdd7a0fd8f3c16b76820ae5218e9f779076452d4e0af2e729b51

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3ab84c9c18555b5d111661a64ff2a532
SHA1 f76b89b5222a20e4eec44c7893ec039a3f5d1a28
SHA256 9aef17304076b30de8734e5def143f62d64572a59f93977ca3dc024981682350
SHA512 a082419727381baa2b2dabe9450bdf131ba1e9efa13bf2ca7f243011573e2466e7aff48192e598b6dfe49c6992f1106540dbe46a1fa740f50c0a33d60d0c5b2c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 4cf27f38a5fb5778ffdb11d24ccc67c3
SHA1 fefe8fdf51d9cfd7722a0d8d4735cb52c65bf33e
SHA256 dd1f9f6c8ca90a0d2bf7ea69bfa7b51293a52bb7aec089d693820a4d173f7aba
SHA512 49dddcf50a37d2ec27661e59b6eb6ba526a2d1265ef4638ec925b58acdd96352da42329b552ae980ea6398c0f4e57defde2b17c9e2a7f6244098b49cb5b162ab

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e9afeb878da8a6ef043eb27d9dd28d53
SHA1 d5c54fb17abe2b4a2006b95890d755d28213a9aa
SHA256 94866090de033461d43390fe0768b21f77d55ba59d0e6368c27d0e7a422123dd
SHA512 b034eefbe7ab1b7b421c264bb9d36b6d9d95596a975b08ae196c79927702ae798e0788f1c98727f73200a72e7a60e3e0e638e0b441f3ea7bafe38c72f25e5828

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\a898003e-81d0-4537-a658-fcf434d809a7.tmp

MD5 cdc7a4282a95ca5d32801ba0e47c8273
SHA1 59d9d31bf06337b18501b68905fd24aca709c62d
SHA256 8d9546be79162e5336eeca73fae443a010444469fba64e1887ca204d8b4736fe
SHA512 c99d4f4393d2199bd4e9f002d5fa992daf1726af97b66d61d5842ffe0ccdb1cc4eb8395d0cfebcbaae4400e4789f847ca6c5b7f5e8dd4338d322c10a7ae52607

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ebda12586c3cc4ddda43587e3783dd99
SHA1 c3c4c8411be583ef16d6714b01b7022c09b606d3
SHA256 02cf6f5c8c832ca25a56e5b519f42c772550f1427d360a2ed33b333bf222ab88
SHA512 329a1377280552e7c3b07caaa2a3277f515517f7598feaf8e58243b02f846f0217fc99092437721d335d19165903c5d3a7f7e4ba57b9bbf3a74fc4aac5653568

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\de3f2023-35ab-451f-879f-9f31a29f7fe2.tmp

MD5 f9bbf18ac1d83e7d24efbfd91dd97064
SHA1 93b3d63d665cad40750873817e3a651c27ed78b1
SHA256 9cfdf32e17d59a236fb97cd59926c25058211e3001f205035106a166e725a7a6
SHA512 b8500cb313c999c890cad21d5d5dc93e38fc9dfa10834728fde21bd640f711f6d539c49042481ec2d633bccc4e1c6472471ce7f79522202b75b4900a0342537e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 4a086601a6df069e1c446d07717eaf67
SHA1 9be23c1299530fc9ab8a87ded7a568608e2e1ad5
SHA256 c7f3dfe8a38d10322125a8eb69cd8e8b8f9f87f9641706212061ed6d0a8e36b1
SHA512 f0a4c9e1f6fbc3b62cd880e53a3e59d5e95f311b3486d068a8ee68e43e4e48db06a8aef857d91fd189b2c31518b062a9ca1db3f22ca55ff384a56b8b3ec2a1c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ac9175fc943ce1022ec6ea02babb3f26
SHA1 c9e11240583d202c28c4ef662e26ae03e6961e14
SHA256 ecb7d51ea43a42a603d47c7b3ba1c7d9f1f9fe851e2550d1e544093cbaf9a93f
SHA512 ea9ad8f819136d96f5e1df6e6ef4ee0b373dd2c1fc05f0b981ff03555f137a7ab58e386aac04aed7cafe14fb5f7b74c930ff1cd6a86ec4a8a1caedac54d294cb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 70727d31d60fc489731515f19691d99c
SHA1 9e41bb98e3c983e0d449a373999122fa04762fb8
SHA256 19ba02aa2fc52d930acd59665c39a9e99e802d100de228330b2fa83e7a3cb02a
SHA512 292dd28003d50f7148c4034f507cae6e6eabe15f0d413d36869cff06785304e574d14797293221197b82d2a588cdd5bada19ee55dae93b00741dd7d28145823f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 87d5009b9d3eab6090f68223f4a5bf0b
SHA1 bb330625d3e839d761135259cd8243ec1490df6f
SHA256 b7108878ecf780453c244b887f37315378e6465e5100cfd7caa52a2fe908e23d
SHA512 3b8866ceac12c97439a2259c490f7e7faac655fb07ec820a1d595eddb67c3da3c0f78ace9f5db16763c2d625e2651a8a83cb7da9b520d15627098fd0fcfad19d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ca97491b116ad0e77af10c9cf108650c
SHA1 2b7944f881ea200c064e520927e023660aa3e3b4
SHA256 d0b1f7bdd95627e79140950269685eb93dbaa1e040b9ef333ca6f134a145e6a1
SHA512 e672a69f9ed9f3594e497e5c59530b4164dfe5a32fa889bd1d05d4e82039741c3e09b973b59ee0a8a73c98c85d83e673b6b6789e7169d57422e12d2fe3002e48

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f0214eff3eaae8a88dee099bd5a65bf4
SHA1 b9b6fa00584e4acb1abae95222bb00ca0811ea16
SHA256 80026c2dc662ccd7443c9ef417d5f886debd07e221689b723c1a183db55ca68d
SHA512 d17a554b4fc5b24af8e507107afcd936959f7c8697b668b98fe5ca46a4036084fd60f43e3912b88c866df2239bfbefe4b1474c98bba8024fc98c2472ea3f796d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c169ef6f45e8582e979cd077ece75e00
SHA1 e66440d61fc225fb3d07c211a503ef8504806af7
SHA256 60dee6a054b4e66511921a3fac1988cee57f00928a3850863a0fe97af7bc6d52
SHA512 b6b35cec5bcc6c04cbb22ad92cb6c2b355a05641798a2a7dfd242e38ca8c91b1ab2599f5f7169f738c20796a1b6f8e523f5f3fcae0f68ed5a146d681fbbbbeb5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 32ff5096cdb2d644ebbdae7657c0147f
SHA1 65225512f3e1e2e35397717edb080ba539bba746
SHA256 72da66dbb8c74157ee019887706b095a682920fb29db2fe6504809ac72bbf473
SHA512 70903e7510835bbd05bcc39317ba07ba1dcedab05163417330ec4833574970ffaf78ab78ab157e659f79d41f0c66844902caf159b9faa86e10b1bd2e30c3fbfc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8367ea728eca294ccdf50169b86d6882
SHA1 0a70373b2b581a46372d063919836e50d76a36b9
SHA256 454bf7aac01cf02cfe9573f6816d4a9159e691de245ef23278f9d069fbd8adaa
SHA512 d6922d207ba8a68f85136a8ea9a143797d85d4067b1a277cc6ee6f0a85d25ed10c87050551ab360abc833c1a3befbe6de43baf25a4f99468ba957ad7798b1cd5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6d871da971c22179098068ac3c99cd9c
SHA1 bf7d7d5626b25a1de220b2a1e5a941ba1d039c40
SHA256 366cfbf0886137b8e938934e6a74e4e907847e59f5f49ada691a88261f571132
SHA512 5bb28c3e985ff9ce995b455bc1f6dbbb816a1252500a2c9a9b47df631b54876c0d60f751667b442e8c514dda6f135d3570a1f05e9eca3a2ff8aff606b26ca0a1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 dd4ff9a10895c6c5015b0741ce364e6f
SHA1 77813afde55dfdd470496c787c98bb00139dfcc0
SHA256 cd8575727c218e6abcefe044d0b12eed0fe9f988fff0b8309f5885d88ef019a3
SHA512 86a6ad52981f5f79ecaf3f3ce2b187dd8f22c53edf8a0a208e6edc541841c37258c8d3ab632f2f0f8c6bf19aede153c85f29090c636ba931ca643057cb37a9a6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 23987dc0b985d8e95a43f2a9be84493e
SHA1 6d388c958973edfe54eec46984b6ca39b2e47426
SHA256 f13fe70b4cca1aaaa30046d58ce7988983faca6de275b2571ef998b2b4edf430
SHA512 9fa80f9d3119b1f54f66836be5627f650e86987e19f21d0358554c4a65a7caf46ff700f7c2e1337b995e2346a827cef14c77292b9aa77ce548c18ed56947da58

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a70f846b88f01be4119eebaafac7ac08
SHA1 38ab01ccbb6b5150093fc32effbdd1e483b2e872
SHA256 f7f075bb5911811a24a9dd6c3e60f11591f4d530c48b20f9e57d438736dcacb3
SHA512 d45c5f3ff3ca962927a456007ea89685f15aebf43ac43af6a5a4de138364c0cc2fa210695e440578f4201ca1d081664502e2d035d077a2edcbb1ebc9ca260236

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8e3f8fac23420c9fbf504e876c8bd71c
SHA1 7f0571c6e83a699eef9e224fc11ef9abe1b05c83
SHA256 faaf9d51ec4fffc6483de2f75ff0ac23b3a131b6aea4656d7d77d28a040c050e
SHA512 5243c33ed8ed9c57b2ffd37e2090ba4d1d52be276acb56ee2b8a4325dc68d58ce1759bcbb6cb0d9c68c60b395b963387bb721b5dc29cfcddf51297b0241fd19d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 bcc7b01192a46d968ecc1686fa501f85
SHA1 dd702372a36f5b8d7637573f326c7b5344ea8827
SHA256 bd89d232e28d9a2fd04d2b018fab60fa6f0e973e9f1de84d32422cdb069f4981
SHA512 238ef9fa59deed2e8cfc651e441a79e6420ccd0a3b66c18867ae16a0668c4705abf34390a3eee353dccc2149eed2f2b8f9dc649ef9cde16bdc769ee47011b272

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 47b95bea145a499f610b142e310c6720
SHA1 b4b03ca6674b1e6148d35cc8d6233fb59caa7dca
SHA256 40f34596678b8b0628b78e43a32f267ec49b3022d0be8c83903f8f22dc6d95a2
SHA512 aefeeb0d05d20e1d63a2e163acee76351e4d3ad491df86dbddb7db4a732c1fe06f8837d7be122cee9830ef9819466fbc8b68ce890c1e69668af2cc1fdf1f32a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3a573c9d23563cccfa17838ba6da1cd0
SHA1 8938a8d31033b9a33f8caff7d90ab0b046a05682
SHA256 7e7b0167fd6d56538528aa091c7af4ed510c8451d6746a1dad652a55967a3ac6
SHA512 b01a695cb76dfb5d7b8d938e01f5690dac566b527d79d778656ff45aa762c8938c6bb47efaea9afa8e9e1c490156f91e61f1a55a811475487762f1c09babd9db

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f34cd0fb071f8b11d98b2bea3a1c7f27
SHA1 29686b11fc85937e6a9f78dc1cde05ab7a043ea2
SHA256 3de5e8cc82008f7b036ef3188adb91038baa3b5d4413665e5e09ae3c5b37c8ea
SHA512 6fcaa38f6d69856d7d3fda03bd02d53241c2fe66c7820d529d4ba2a2830d89542c3f26bc27f3a4846effc93618748e74355cba271646a2ac87e38489acbc968b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f847d91fb3c92f290b3ef68ee70306be
SHA1 9c202181d1f6a15b3ea807106906fd703221b40b
SHA256 3dd6f2ec5e8605b8f2640b93d4f435a22de9173ca66506988ac8186d40039c16
SHA512 7bd6790a528328afa951cc3bac08d80bb5468f6fe7fbf5b98f82534c7b0465c7982b8b1d1f24578ae894b823010a18bd3bc471c781bb1de4cd8b651d18746521