Malware Analysis Report

2025-01-18 21:36

Sample ID 240415-lqvrpsbd55
Target vitutal machine.txt
SHA256 f2cbc0eb801c258d1edeb4ac4c18481994a82fd4a81794b5f11d223f95c1de07
Tags
adware discovery evasion persistence stealer trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

f2cbc0eb801c258d1edeb4ac4c18481994a82fd4a81794b5f11d223f95c1de07

Threat Level: Likely malicious

The file vitutal machine.txt was found to be: Likely malicious.

Malicious Activity Summary

adware discovery evasion persistence stealer trojan

Modifies Installed Components in the registry

Sets file execution options in registry

Downloads MZ/PE file

Registers COM server for autorun

Loads dropped DLL

Executes dropped EXE

Installs/modifies Browser Helper Object

Checks whether UAC is enabled

Adds Run key to start application

Checks installed software on the system

Checks system information in the registry

Suspicious use of NtSetInformationThreadHideFromDebugger

Suspicious use of NtCreateThreadExHideFromDebugger

Drops file in System32 directory

Drops file in Program Files directory

Drops file in Windows directory

Enumerates physical storage devices

Suspicious use of SendNotifyMessage

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of SetWindowsHookEx

Suspicious use of FindShellTrayWindow

Suspicious use of AdjustPrivilegeToken

Modifies data under HKEY_USERS

Suspicious use of WriteProcessMemory

NTFS ADS

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Modifies system certificate store

Suspicious use of UnmapMainImage

Modifies registry class

Modifies Internet Explorer settings

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

System policy modification

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-04-15 09:44

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-15 09:44

Reported

2024-04-15 10:06

Platform

win11-20240412-en

Max time kernel

1298s

Max time network

1302s

Command Line

cmd /c "C:\Users\Admin\AppData\Local\Temp\vitutal machine.txt"

Signatures

Downloads MZ/PE file

Modifies Installed Components in the registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A

Sets file execution options in registry

persistence
Description Indicator Process Target
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU5986.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU6EB1.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU6EB1.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU5986.tmp\MicrosoftEdgeUpdate.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU6EB1.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\MicrosoftEdge_X64_123.0.2420.97.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\EDGEMITMP_D129A.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\EDGEMITMP_D129A.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{74567A55-5B71-42D5-8984-6CF74C4E012E}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU5986.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{89F6CD62-225A-4552-9086-140D060B6A08}\BGAUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\MicrosoftEdge_X64_123.0.2420.97.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU6EB1.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU5986.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Registers COM server for autorun

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\notification_click_helper.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\EBWebView\\x64\\EmbeddedBrowserWebView.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\notification_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\notification_helper.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\PdfPreview\\PdfPreviewHandler.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\notification_click_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\!BCILauncher = "\"C:\\Windows\\Temp\\MUBSTemp\\BCILauncher.EXE\" bgaupmi=33C6F98B9D3A42AA843D3F4F8D0E3C77" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{89F6CD62-225A-4552-9086-140D060B6A08}\BGAUpdate.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Installs/modifies Browser Helper Object

stealer adware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU5986.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU6EB1.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU6EB1.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU5986.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Settings\DropDown\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\VoiceChat\MicDark\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\identity_proxy\win10\identity_helper.Sparse.Stable.msix C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\PlayerList\ViewAvatar.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\Trust Protection Lists\Mu\Cryptomining C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\EDGEMITMP_D129A.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\Locales\sk.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Locales\et.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\transformFiveDegrees.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaApp\ExternalSite\youtube.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\Locales\gl.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\EDGEMITMP_D129A.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\resources.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU5986.tmp\msedgeupdateres_pt-BR.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{74567A55-5B71-42D5-8984-6CF74C4E012E}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\models\ViewSelector\ViewSelector.rbxm C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\xboxLT.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Settings\Slider\Less.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaApp\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU6EB1.tmp\psmachine_arm64.dll C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\Locales\hr.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\EDGEMITMP_D129A.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Locales\da.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\DeveloperFramework\button_arrow_down.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\StudioUIEditor\icon_rotate6.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\XboxController\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\VoiceChat\New\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\avatar\heads\headJ.mesh C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AvatarImporter\img_light_RthroNarrow.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Settings\Radial\Bottom.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaApp\icons\ic-more-catalog.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\advancedMoveResize.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AnimationEditor\fbximportlogo.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\icon_intern-16.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\advClosed-hand-weld.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\StudioToolbox\AssetPreview\rating_small.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\XboxController\ButtonRB.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\XboxController\DPadRight.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU6EB1.tmp\MicrosoftEdgeUpdateOnDemand.exe C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\VisualElements\SmallLogoBeta.png C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\EDGEMITMP_D129A.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AnimationEditor\icon_warning_ik.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\StudioToolbox\AssetConfig\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\DesignSystem\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\PlayStationController\PS4\ButtonOptions.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\avatar\heads\headN.mesh C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\fonts\Jura-Regular.ttf C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\sky\moon.jpg C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU6EB1.tmp\msedgeupdate.dll C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\fonts\families\SpecialElite.json C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\notification_helper.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\EDGEMITMP_D129A.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\Trust Protection Lists\Sigma\Analytics C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\EDGEMITMP_D129A.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\Trust Protection Lists\Sigma\Content C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\EDGEMITMP_D129A.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\CompositorDebugger\sequence.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\Trust Protection Lists\Sigma\Fingerprinting C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\EDGEMITMP_D129A.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\Locales\hu.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\msedge_elf.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\EDGEMITMP_D129A.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\identity_proxy\win10\identity_helper.Sparse.Canary.msix C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\EDGEMITMP_D129A.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AvatarImporter\button_avatarType_border.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\TagEditor\VisibilityOnLightTheme.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\DefaultController\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\vccorlib140.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\EDGEMITMP_D129A.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Notifications\SoftLandingAssetDark.gif C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\Debugger\debugger_arrow.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\StudioToolbox\AssetConfig\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\DefaultController\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU6EB1.tmp\msedgeupdateres_km.dll C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
File created C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\EDGEMITMP_D129A.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\EDGEMITMP_D129A.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\EDGEMITMP_D129A.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\EDGEMITMP_D129A.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\EDGEMITMP_D129A.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\EDGEMITMP_D129A.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\EDGEMITMP_D129A.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\EDGEMITMP_D129A.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133576479158368191" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassSvc\CurVer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA}\InprocHandler32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}\Elevation\IconReference = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\msedgeupdate.dll,-1004" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\VERSIONINDEPENDENTPROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\NumMethods\ = "11" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.ProcessLauncher\ = "Microsoft Edge Update Process Launcher Class" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\NumMethods\ = "12" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\ = "PSFactoryBuffer" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ProgID\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\NumMethods\ = "17" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\NumMethods\ = "11" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods\ = "5" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.Update3COMClassService" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A}\VersionIndependentProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3COMClassService\CurVer\ = "MicrosoftEdgeUpdate.Update3COMClassService.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ = "IAppBundle" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\ = "Microsoft Edge Update Legacy On Demand" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\MSEdgePDF C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\NumMethods\ = "24" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ = "IGoogleUpdate3" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{C9C2B807-7731-4F34-81B7-44FF7779522B}\1.0\0\win32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\elevation_service.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusSvc.1.0\ = "Google Update Policy Status Class" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\ = "IAppCommand" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachineFallback\CLSID\ = "{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\NumMethods\ = "24" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{69E11C9D-4974-41A2-B067-9F26953CF52A}\InprocHandler32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\Elevation C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\NumMethods\ = "24" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1734202354-1504186683-2192872036-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\1\0\MRUListEx = ffffffff C:\Windows\system32\OpenWith.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ = "IPolicyStatus2" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1734202354-1504186683-2192872036-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\GroupByKey:PID = "0" C:\Windows\system32\NOTEPAD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebSvc.1.0\CLSID\ = "{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Modifies system certificate store

evasion spyware trojan
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A\Blob = 0f00000001000000140000000f6aad4c3fe04619cdc8b2bd655aa1a26042e6500b000000010000005400000053007400610072006600690065006c006400200043006c00610073007300200032002000430065007200740069006600690063006100740069006f006e00200041007500740068006f007200690074007900000053000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c009000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b060105050703016200000001000000200000001465fa205397b876faa6f0a9958e5590e40fcc7faa4fb7c2c8677521fb5fb658140000000100000014000000bf5fb7d1cedd1f86f45b55acdcd710c20ea988e71d000000010000001000000090c4f4233b006b7bfaa6adcd8f577d77030000000100000014000000ad7e1c28b064ef8f6003402014c3d0e3370eb58a2000000001000000130400003082040f308202f7a003020102020100300d06092a864886f70d01010505003068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137333931365a170d3334303632393137333931365a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100b732c8fee971a60485ad0c1164dfce4defc80318873fa1abfb3ca69ff0c3a1dad4d86e2b5390fb24a43e84f09ee85fece52744f528a63f7bdee02af0c8af532f9eca0501931e8f661c39a74dfa5ab673042566eb777fe759c64a99251454eb26c7f37f19d530708fafb0462affadeb29edd79faa0487a3d4f989a5345fdb43918236d9663cb1b8b982fd9c3a3e10c83bef0665667a9b19183dff71513c302e5fbe3d7773b25d066cc323569a2b8526921ca702b3e43f0daf087982b8363dea9cd335b3bc69caf5cc9de8fd648d1780336e5e4a5d99c91e87b49d1ac0d56e1335235edf9b5f3defd6f776c2ea3ebb780d1c42676b04d8f8d6da6f8bf244a001ab020103a381c53081c2301d0603551d0e04160414bf5fb7d1cedd1f86f45b55acdcd710c20ea988e73081920603551d2304818a3081878014bf5fb7d1cedd1f86f45b55acdcd710c20ea988e7a16ca46a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100059d3f889dd1c91a55a1ac69f3f359da9b01871a4f57a9a179092adbf72fb21eccc75e6ad88387a197ef49353e7706415862bf8e58b80a673fecb3dd21661fc954fa72cc3d4c40d881af779e837abba2c7f534178ed91140f4fc2c2a4d157fa7625d2e25d3000b201a1d68f917b8f4bd8bed2859dd4d168b1783c8b265c72d7aa5aabc53866ddd57a4caf820410b68f0f4fb74be565d7a79f5f91d85e32d95bef5719043cc8d1f9a000a8729e95522580023eae31243295b4708dd8c416a6506a8e521aa41b4952195b97dd134ab13d6adbcdce23d39cdbd3e7570a1185903c922b48f9cd55e2ad7a5b6d40a6df8b74011469a1f790e62bf0f97ece02f1f1794 C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe\:Zone.Identifier:$DATA C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
File opened for modification C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Users\Admin\Downloads\WaveTrial.rar:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Windows\system32\OpenWith.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 5004 wrote to memory of 3048 N/A C:\Windows\system32\cmd.exe C:\Windows\system32\NOTEPAD.EXE
PID 5004 wrote to memory of 3048 N/A C:\Windows\system32\cmd.exe C:\Windows\system32\NOTEPAD.EXE
PID 1172 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3660 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3660 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

System policy modification

evasion
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe N/A

Processes

C:\Windows\system32\cmd.exe

cmd /c "C:\Users\Admin\AppData\Local\Temp\vitutal machine.txt"

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\vitutal machine.txt

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffb1a05ab58,0x7ffb1a05ab68,0x7ffb1a05ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1532 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2208 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3068 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3124 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4260 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4268 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4504 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4648 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4788 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3984 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4176 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4780 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3944 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4588 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5060 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5016 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=3276 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=3820 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=4904 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5228 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=4252 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5112 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=4576 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=4648 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=1180 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x0000000000000480 0x0000000000000494

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5808 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=5860 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=5760 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5648 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=3440 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=5552 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=4464 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4556 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=3528 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=5820 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=4800 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=6260 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=6276 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=6512 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=6764 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=6968 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=6988 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=7192 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=7504 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=7660 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=7812 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=7992 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=8012 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=8036 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=8044 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=7936 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=8380 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=8568 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=8584 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=8600 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=8740 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=5520 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=8928 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=8944 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=9092 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=9280 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=9292 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=9740 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=9748 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=10008 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=10036 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=10060 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=10076 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=10340 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --mojo-platform-channel-handle=10356 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --mojo-platform-channel-handle=11812 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --mojo-platform-channel-handle=12312 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --mojo-platform-channel-handle=12236 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --mojo-platform-channel-handle=10284 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --mojo-platform-channel-handle=9440 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --mojo-platform-channel-handle=11928 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --mojo-platform-channel-handle=10096 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --mojo-platform-channel-handle=12664 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --mojo-platform-channel-handle=12696 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --mojo-platform-channel-handle=12820 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --mojo-platform-channel-handle=12980 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --mojo-platform-channel-handle=9072 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --mojo-platform-channel-handle=13472 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --mojo-platform-channel-handle=13512 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --mojo-platform-channel-handle=13120 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=8064 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --mojo-platform-channel-handle=9328 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --mojo-platform-channel-handle=13104 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --mojo-platform-channel-handle=4320 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4504 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=9404 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --mojo-platform-channel-handle=11224 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=9780 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=8096 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --mojo-platform-channel-handle=9176 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --mojo-platform-channel-handle=8864 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --mojo-platform-channel-handle=5168 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --mojo-platform-channel-handle=8808 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --mojo-platform-channel-handle=8580 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --mojo-platform-channel-handle=12888 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=8660 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=8032 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7856 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=8668 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=12900 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --mojo-platform-channel-handle=9860 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --mojo-platform-channel-handle=9804 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --mojo-platform-channel-handle=8228 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --mojo-platform-channel-handle=6872 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --mojo-platform-channel-handle=10744 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --mojo-platform-channel-handle=9616 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --mojo-platform-channel-handle=13524 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --mojo-platform-channel-handle=13220 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5656 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5444 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=13216 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4184 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=13792 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=13828 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --mojo-platform-channel-handle=10772 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe

"C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --mojo-platform-channel-handle=13176 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" --app -channel production

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10808 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe

"C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe"

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" --app -channel production

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --mojo-platform-channel-handle=3860 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=14136 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --mojo-platform-channel-handle=14276 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=14324 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=13796 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=8204 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --mojo-platform-channel-handle=9772 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --mojo-platform-channel-handle=8180 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8240 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=13340 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=13196 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4932 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=13968 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10036 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files (x86)\Microsoft\Temp\EU6EB1.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU6EB1.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MzIyRjhCQTItMDNFQy00QjM2LTlCREItRTNEMUZCNTQxNDA4fSIgdXNlcmlkPSJ7RTgzNzE0MzAtMkY3OS00NzEwLThGRjItQTI2RTdGNzQyQjRFfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins2NkExMTk5Qy1FOEIwLTREREQtQTQ3Ny1FQ0JFMUE0MjJCNTB9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE0My41NyIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijk4MTY4NjU3MDAiIGluc3RhbGxfdGltZV9tcz0iMTMzMSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{322F8BA2-03EC-4B36-9BDB-E3D1FB541408}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MzIyRjhCQTItMDNFQy00QjM2LTlCREItRTNEMUZCNTQxNDA4fSIgdXNlcmlkPSJ7RTgzNzE0MzAtMkY3OS00NzEwLThGRjItQTI2RTdGNzQyQjRFfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntEMDhDNUM0Qi1BQzgxLTQyRjctQUQxMy02NjY0RkUzQjNDOTV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9Ins4QTY5RDM0NS1ENTY0LTQ2M2MtQUZGMS1BNjlEOUU1MzBGOTZ9IiB2ZXJzaW9uPSIxMTAuMC41NDgxLjEwNCIgbmV4dHZlcnNpb249IjExMC4wLjU0ODEuMTA0IiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIj48ZXZlbnQgZXZlbnR0eXBlPSIzMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iNSIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTgyNTI5NDExMyIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\MicrosoftEdge_X64_123.0.2420.97.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\MicrosoftEdge_X64_123.0.2420.97.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\EDGEMITMP_D129A.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\EDGEMITMP_D129A.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\MicrosoftEdge_X64_123.0.2420.97.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\EDGEMITMP_D129A.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\EDGEMITMP_D129A.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.123 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C678B24F-D6A4-4329-A938-941F86A87312}\EDGEMITMP_D129A.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.97 --initial-client-data=0x244,0x248,0x24c,0x220,0x250,0x7ff66b2abaf8,0x7ff66b2abb04,0x7ff66b2abb10

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MzIyRjhCQTItMDNFQy00QjM2LTlCREItRTNEMUZCNTQxNDA4fSIgdXNlcmlkPSJ7RTgzNzE0MzAtMkY3OS00NzEwLThGRjItQTI2RTdGNzQyQjRFfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntERDhDODQ3MC1BRTMzLTQ5ODctQjBGNS1FQ0M0NTU3Mjk5RDZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIxMjMuMC4yNDIwLjk3IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5ODM4MDEzNjA2IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTgzODE0MzQ2NiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwMDgzOTgzNTY1IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy8xYzFmYzhmZS1mMjUwLTRhM2EtOTFlYy05ZjkwZTMxYjgyNjU_UDE9MTcxMzc3OTYxNCZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1ZU0hZaENKVlRLclFMR0o5bUFISTk1Zk9YOTlYVTdTNkNZUCUyYmg2SU0xclNPZTJXZzlVV1RZNWttbnVXRHdRN0ltZ2NWNEdFd2RNM2RPVFFxN21yazlnJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTcyMDc2MDg4IiB0b3RhbD0iMTcyMDc2MDg4IiBkb3dubG9hZF90aW1lX21zPSIxNTYyNyIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwMDg0MzczNTI4IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTAxMDgwMDM2OTAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY3NTciIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwNzQ0NTgzNjE5IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iNjcyIiBkb3dubG9hZF90aW1lX21zPSIyNDU1NyIgZG93bmxvYWRlZD0iMTcyMDc2MDg4IiB0b3RhbD0iMTcyMDc2MDg4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI2MzYwMyIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" -app -isInstallerLaunch

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --mojo-platform-channel-handle=11972 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{74567A55-5B71-42D5-8984-6CF74C4E012E}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{74567A55-5B71-42D5-8984-6CF74C4E012E}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe" /update /sessionid "{5805A454-2740-4F05-BE68-D89C7BF9B780}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NTgwNUE0NTQtMjc0MC00RjA1LUJFNjgtRDg5QzdCRjlCNzgwfSIgdXNlcmlkPSJ7RTgzNzE0MzAtMkY3OS00NzEwLThGRjItQTI2RTdGNzQyQjRFfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntCMURERTEwQy03QzJGLTRDQ0YtOEIwQy03RjdGOUY4ODU2MDZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTcxLjM5IiBuZXh0dmVyc2lvbj0iMS4zLjE4NS4yOSIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEzMDI2MzAzMjk0IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEzMDI2NTQzMjkwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ3MDIzODM4IiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzY2MzYxMzQ2MCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iZG8iIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzcyZWQ4MDg3LWVlOTgtNDI5Yy05MzMwLWNhM2MxOTNkNDFhZj9QMT0xNzEzNzc5OTMzJmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PW5veHdLVERNZ0lZR2JDbUIlMmJBbndQRjNsRzR6Tm80TkpvRkh4QXF1d3FaSERKbnlwOExZTFI4YnhtbXJaQnREUHlOUG1XSHdZeWpFU0lReFl3WTNyUlElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIwIiB0b3RhbD0iMCIgZG93bmxvYWRfdGltZV9tcz0iOCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzY2MzgyMzgyMyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNzJlZDgwODctZWU5OC00MjljLTkzMzAtY2EzYzE5M2Q0MWFmP1AxPTE3MTM3Nzk5MzMmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9bm94d0tURE1nSVlHYkNtQiUyYkFud1BGM2xHNHpObzROSm9GSHhBcXV3cVpIREpueXA4TFlMUjhieG1tclpCdERQeU5QbVdId1l5akVTSVF4WXdZM3JSUSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE2MzA3OTIiIHRvdGFsPSIxNjMwNzkyIiBkb3dubG9hZF90aW1lX21zPSI1ODkyNSIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzY2MzkwMzY5MSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzY2OTUzNDg0MCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxwaW5nIHI9Ii0xIiByZD0iLTEiLz48L2FwcD48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iOTAuMC44MTguNjYiIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNTc0MDc5ODQyODEzMjcwIj48dXBkYXRlY2hlY2svPjxwaW5nIGFjdGl2ZT0iMSIgYT0iLTEiIHI9Ii0xIiBhZD0iLTEiIHJkPSItMSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjMuMC4yNDIwLjk3IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgdXBkYXRlX2NvdW50PSIxIj48dXBkYXRlY2hlY2svPjxwaW5nIHI9Ii0xIiByZD0iLTEiIHBpbmdfZnJlc2huZXNzPSJ7MzJBRDYzOEQtM0E0MS00ODE5LUI1QUUtQUVDRjA2QzdBQkExfSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\Temp\EU5986.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU5986.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{5805A454-2740-4F05-BE68-D89C7BF9B780}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NTgwNUE0NTQtMjc0MC00RjA1LUJFNjgtRDg5QzdCRjlCNzgwfSIgdXNlcmlkPSJ7RTgzNzE0MzAtMkY3OS00NzEwLThGRjItQTI2RTdGNzQyQjRFfSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7NkJFMEFDOEMtNkU0NS00RTY1LUJENTktRjUyREI2RDE1MTg1fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xODUuMjkiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIwIiBpbnN0YWxsZGF0ZXRpbWU9IjE3MTMxNzQ4MTAiPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEzNjkxOTQ0MTE0Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --mojo-platform-channel-handle=216 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=141 --mojo-platform-channel-handle=12352 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe

"C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe"

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" --app -channel production

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=142 --mojo-platform-channel-handle=14104 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=143 --mojo-platform-channel-handle=6192 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=144 --mojo-platform-channel-handle=7356 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=145 --mojo-platform-channel-handle=6776 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=146 --mojo-platform-channel-handle=12168 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=147 --mojo-platform-channel-handle=7460 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=148 --mojo-platform-channel-handle=12964 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=149 --mojo-platform-channel-handle=11356 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=150 --mojo-platform-channel-handle=13996 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=151 --mojo-platform-channel-handle=14012 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=152 --mojo-platform-channel-handle=4224 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=153 --mojo-platform-channel-handle=5104 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=154 --mojo-platform-channel-handle=11024 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=155 --mojo-platform-channel-handle=11796 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=156 --mojo-platform-channel-handle=12192 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=157 --mojo-platform-channel-handle=6632 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=158 --mojo-platform-channel-handle=13384 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=159 --mojo-platform-channel-handle=11456 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=160 --mojo-platform-channel-handle=11748 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=161 --mojo-platform-channel-handle=7272 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=162 --mojo-platform-channel-handle=7260 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x0000000000000480 0x0000000000000494

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10552 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=164 --mojo-platform-channel-handle=7432 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=165 --mojo-platform-channel-handle=14152 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=166 --mojo-platform-channel-handle=6416 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11076 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files\7-Zip\7zG.exe

"C:\Program Files\7-Zip\7zG.exe" "C:\Users\Admin\Downloads\WaveTrial.rar"

C:\Program Files\7-Zip\7zG.exe

"C:\Program Files\7-Zip\7zG.exe" "C:\Users\Admin\Downloads\WaveTrial.rar"

C:\Program Files\7-Zip\7zG.exe

"C:\Program Files\7-Zip\7zG.exe" "C:\Users\Admin\AppData\Local\Temp\Temp1_WaveTrial.zip\WaveTrial.rar"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7Njg2QjAwQUItRTY0NS00Mjc1LTk5MzQtODlGQjY5M0U5QTkxfSIgdXNlcmlkPSJ7RTgzNzE0MzAtMkY3OS00NzEwLThGRjItQTI2RTdGNzQyQjRFfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7Q0I2NkQwOUYtOTMwRS00OTFDLUE4MjgtRDhCNzM5ODZBNjk1fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7KzBqVW1ZZUt0WkFGNUMzZzIycEJCNUYwUnlkdGYxU0g3Ym53c25vVStmaz0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTEwLjAuNTQ4MS4xMDQiIG5leHR2ZXJzaW9uPSIiIGxhbmc9ImVuIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjIiIGluc3RhbGxkYXRldGltZT0iMTcxMjkzMjg1NCIgb29iZV9pbnN0YWxsX3RpbWU9IjEzMzU3NDMwMzkxMTYxNTgxNiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjIxMTQwNjgiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE2NjkxMTI4MTc4Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{89F6CD62-225A-4552-9086-140D060B6A08}\BGAUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{89F6CD62-225A-4552-9086-140D060B6A08}\BGAUpdate.exe" --edgeupdate-client --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7Njg2QjAwQUItRTY0NS00Mjc1LTk5MzQtODlGQjY5M0U5QTkxfSIgdXNlcmlkPSJ7RTgzNzE0MzAtMkY3OS00NzEwLThGRjItQTI2RTdGNzQyQjRFfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9InszMkY2OTJFOS1BMzBELTRFODYtODI3OC0yRjUyNzMxRjZGRDR9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9InsxRkFCOENGRS05ODYwLTQxNUMtQTZDQS1BQTdEMTIwMjE5NDB9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIyLjAuMC4zMyIgbGFuZz0iIiBicmFuZD0iRVVGSSIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSItMSIgaW5zdGFsbGRhdGU9Ii0xIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjkiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE2NzA4MTc3ODI1IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTY3MDg1Mjg2MjMiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMCIgZXJyb3Jjb2RlPSItMjE0NzAyMzgzOCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTcwMjY1NzY0MjYiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImRvIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy9kYTAxN2RlYS0zNGY4LTRhOWYtYTNmZC0yN2YxYjk1Mzg2MDA_UDE9MTcxMzc4MDMwMSZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1nTWpleGlnWG5EUm0wRDNRdVVINmVwa1hnaThUYTc4Ulp1UGl3a0QwJTJmZjdMR0Y5REIzS1BoTHJDRWxYTmZvQWtpWllrNHNtTWxyRlBJUEMzcFhjTk53JTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMCIgdG90YWw9IjAiIGRvd25sb2FkX3RpbWVfbXM9IjIzIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTcwMjY2NzYzODQiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzL2RhMDE3ZGVhLTM0ZjgtNGE5Zi1hM2ZkLTI3ZjFiOTUzODYwMD9QMT0xNzEzNzgwMzAxJmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PWdNamV4aWdYbkRSbTBEM1F1VUg2ZXBrWGdpOFRhNzhSWnVQaXdrRDAlMmZmN0xHRjlEQjNLUGhMckNFbFhOZm9Ba2laWWs0c21NbHJGUElQQzNwWGNOTnclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxODA0NzAwOCIgdG90YWw9IjE4MDQ3MDA4IiBkb3dubG9hZF90aW1lX21zPSIyNjQyOSIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE3MDI2NzY2NTAzIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTcwMzQxODYzNzUiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNzAzOTQ2NjE4NSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjEwMjAiIGRvd25sb2FkX3RpbWVfbXM9IjMxODAwIiBkb3dubG9hZGVkPSIxODA0NzAwOCIgdG90YWw9IjE4MDQ3MDA4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI1MjMiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Documents\vitutal machine.bat" "

C:\Windows\system32\cmd.exe

cmd.exe

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\MicrosoftEdge_X64_123.0.2420.97.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\MicrosoftEdge_X64_123.0.2420.97.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\MicrosoftEdge_X64_123.0.2420.97.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.123 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.97 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff66bc7baf8,0x7ff66bc7bb04,0x7ff66bc7bb10

C:\Windows\system32\shutdown.exe

shutdown

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe -k AppReadiness -p -s AppReadiness

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=168 --mojo-platform-channel-handle=6464 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=169 --mojo-platform-channel-handle=10552 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6156 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1612 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6784 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=10272 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=3 --install-level=1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.123 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.97 --initial-client-data=0x254,0x258,0x25c,0x230,0x260,0x7ff66bc7baf8,0x7ff66bc7bb04,0x7ff66bc7bb10

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=174 --mojo-platform-channel-handle=12372 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe" --msedge --channel=stable --register-package-identity --verbose-logging --system-level

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=175 --mojo-platform-channel-handle=13368 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7208 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=13340 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=12792 --field-trial-handle=1812,i,191429040428456997,1802501707520175051,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.123 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.97 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff70a3bbaf8,0x7ff70a3bbb04,0x7ff70a3bbb10

C:\Windows\system32\shutdown.exe

shutdown -s

C:\Windows\System32\PickerHost.exe

C:\Windows\System32\PickerHost.exe -Embedding

Network

Country Destination Domain Proto
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
GB 142.250.178.4:443 www.google.com udp
US 104.21.25.219:443 loot-link.com tcp
US 104.21.25.219:443 loot-link.com tcp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
US 104.17.245.203:443 unpkg.com tcp
US 104.21.25.219:443 loot-link.com udp
PL 18.66.231.9:443 dfh48z16zqvm6.cloudfront.net tcp
US 104.17.245.203:443 unpkg.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 8.8.8.8:53 203.245.17.104.in-addr.arpa udp
US 8.8.8.8:53 10.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 9.231.66.18.in-addr.arpa udp
US 8.8.8.8:53 226.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 gforanopportu.info udp
GB 216.58.204.66:443 googleads.g.doubleclick.net tcp
US 172.67.134.236:443 gforanopportu.info tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 172.67.134.236:443 gforanopportu.info udp
PL 18.244.96.95:443 d1wzdj81h1hubn.cloudfront.net tcp
PL 18.244.96.95:443 d1wzdj81h1hubn.cloudfront.net tcp
GB 172.217.16.238:443 www.youtube.com udp
GB 172.217.16.238:443 www.youtube.com tcp
N/A 224.0.0.251:5353 udp
US 104.21.19.208:443 2.entlysearchin.info tcp
US 104.21.19.208:443 2.entlysearchin.info tcp
DE 18.196.89.56:443 phythmrequal.com tcp
DE 18.196.89.56:443 phythmrequal.com tcp
DE 18.245.60.12:443 ometothepoint.info tcp
DE 18.196.89.56:443 phythmrequal.com tcp
DE 18.196.89.56:443 phythmrequal.com tcp
US 141.193.213.10:443 thedailywobble.com tcp
US 141.193.213.10:443 thedailywobble.com tcp
US 141.193.213.10:443 thedailywobble.com udp
US 152.199.21.70:443 cdn.adpushup.com tcp
US 151.101.1.44:443 cdn.taboola.com tcp
DE 18.196.89.56:443 phythmrequal.com tcp
US 152.199.21.70:443 cdn.adpushup.com tcp
DE 18.196.89.56:443 phythmrequal.com tcp
US 151.101.1.44:443 cdn.taboola.com tcp
GB 172.217.169.42:443 content-autofill.googleapis.com tcp
GB 163.70.151.21:443 connect.facebook.net tcp
US 192.0.77.48:443 s.w.org tcp
US 192.0.77.48:443 s.w.org tcp
US 104.21.19.208:443 2.entlysearchin.info udp
US 151.101.130.137:443 code.jquery.com tcp
US 151.101.130.137:443 code.jquery.com tcp
GB 163.70.151.21:443 connect.facebook.net udp
US 172.67.134.236:443 gforanopportu.info udp
NL 178.250.1.11:443 gum.criteo.com tcp
US 34.149.66.130:443 http-intake.logs.us5.datadoghq.com tcp
US 172.67.180.69:443 darkmodz.online tcp
US 172.67.180.69:443 darkmodz.online tcp
US 172.67.180.69:443 darkmodz.online udp
GB 172.217.16.226:443 securepubads.g.doubleclick.net tcp
PL 18.244.149.66:443 c.amazon-adsystem.com tcp
NL 23.97.225.52:443 e3.adpushup.com tcp
NL 23.97.225.52:443 e3.adpushup.com tcp
GB 142.250.200.14:443 www.youtube.com tcp
GB 161.35.33.197:443 paste-drop.com tcp
GB 142.250.200.14:443 www.youtube.com udp
GB 199.232.56.157:443 platform.twitter.com tcp
US 192.124.249.176:443 social-unlock.com tcp
GB 161.35.33.197:443 paste-drop.com tcp
US 192.124.249.176:443 social-unlock.com tcp
GB 142.250.187.202:443 jnn-pa.googleapis.com tcp
GB 142.250.187.202:443 jnn-pa.googleapis.com tcp
US 172.64.146.152:443 cd.connatix.com tcp
GB 216.58.212.246:443 i.ytimg.com tcp
US 8.8.8.8:53 246.212.58.216.in-addr.arpa udp
GB 142.250.187.202:443 jnn-pa.googleapis.com udp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
GB 151.101.62.167:443 embed.twitch.tv tcp
US 104.17.25.14:443 cdnjs.cloudflare.com udp
NL 23.109.87.182:443 kiaughsviner.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com udp
US 8.8.8.8:53 182.87.109.23.in-addr.arpa udp
GB 216.58.204.78:443 youtu.be tcp
GB 216.58.204.78:443 youtu.be tcp
GB 142.250.180.14:443 consent.youtube.com tcp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.180.14:443 consent.youtube.com udp
NL 173.194.69.84:443 accounts.google.com udp
GB 216.58.204.66:443 googleads.g.doubleclick.net tcp
GB 216.58.204.66:443 googleads.g.doubleclick.net udp
US 74.125.3.199:443 rr2---sn-q4fl6nsk.googlevideo.com tcp
US 74.125.3.199:443 rr2---sn-q4fl6nsk.googlevideo.com tcp
GB 172.217.169.42:443 content-autofill.googleapis.com udp
GB 142.250.187.193:443 yt3.googleusercontent.com udp
US 74.125.3.199:443 rr2---sn-q4fl6nsk.googlevideo.com tcp
US 74.125.3.199:443 rr2---sn-q4fl6nsk.googlevideo.com tcp
GB 216.58.212.246:443 i.ytimg.com udp
US 74.125.3.199:443 rr2---sn-q4fl6nsk.googlevideo.com tcp
US 74.125.3.199:443 rr2---sn-q4fl6nsk.googlevideo.com tcp
GB 216.58.204.78:443 youtu.be udp
GB 216.58.212.234:443 jnn-pa.googleapis.com tcp
GB 142.250.179.230:443 static.doubleclick.net tcp
GB 216.58.212.234:443 jnn-pa.googleapis.com udp
NL 74.125.8.70:443 rr1---sn-5hneknee.googlevideo.com tcp
NL 74.125.8.70:443 rr1---sn-5hneknee.googlevideo.com tcp
NL 209.85.226.7:443 rr2---sn-5hnekn76.googlevideo.com udp
NL 74.125.100.8:443 rr3---sn-5hnekn7l.googlevideo.com udp
GB 216.58.204.66:443 googleads.g.doubleclick.net udp
GB 142.250.187.225:443 yt3.ggpht.com tcp
GB 142.250.187.225:443 yt3.ggpht.com tcp
GB 142.250.187.225:443 yt3.ggpht.com tcp
GB 142.250.187.225:443 yt3.ggpht.com udp
GB 142.250.187.202:443 jnn-pa.googleapis.com udp
US 104.17.25.14:443 cdnjs.cloudflare.com udp
DE 13.32.27.88:443 gleagainedam.info tcp
DE 13.32.27.88:443 gleagainedam.info tcp
US 54.225.185.110:443 xfghv.nailsandothesa.org tcp
NL 173.194.69.84:443 accounts.google.com udp
GB 163.70.151.35:443 www.facebook.com tcp
US 8.8.8.8:53 35.151.70.163.in-addr.arpa udp
US 67.199.248.11:443 bit.ly tcp
US 172.67.73.172:443 modsfire.com tcp
US 104.18.10.207:443 stackpath.bootstrapcdn.com tcp
RU 88.212.202.52:443 counter.yadro.ru tcp
GB 143.244.38.136:443 kumo.network-n.com tcp
US 104.18.10.207:443 stackpath.bootstrapcdn.com udp
US 8.8.8.8:53 172.73.67.172.in-addr.arpa udp
US 8.8.8.8:53 207.10.18.104.in-addr.arpa udp
GB 143.244.38.136:443 kumo.network-n.com tcp
US 104.22.34.123:443 static.kueezrtb.com tcp
US 23.53.113.212:443 z.moatads.com tcp
US 8.8.8.8:53 boot.pbstck.com udp
PL 18.66.233.113:443 cdn.privacy-mgmt.com tcp
US 172.67.41.60:443 btloader.com tcp
US 172.64.146.86:443 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app tcp
US 104.22.0.93:443 boot.pbstck.com tcp
US 151.101.1.229:443 cdn.jsdelivr.net udp
GB 172.217.16.226:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 212.113.53.23.in-addr.arpa udp
US 8.8.8.8:53 86.146.64.172.in-addr.arpa udp
US 8.8.8.8:53 60.41.67.172.in-addr.arpa udp
US 8.8.8.8:53 113.233.66.18.in-addr.arpa udp
US 8.8.8.8:53 93.0.22.104.in-addr.arpa udp
PL 18.244.149.66:443 c.amazon-adsystem.com tcp
PL 18.66.233.113:443 cdn.privacy-mgmt.com tcp
US 104.22.34.123:443 track.kueezrtb.com tcp
US 130.211.23.194:443 api.btloader.com tcp
US 104.22.35.123:443 track.kueezrtb.com tcp
US 104.22.34.123:443 track.kueezrtb.com tcp
US 172.67.69.19:443 ad-delivery.net tcp
US 172.67.69.19:443 ad-delivery.net tcp
US 104.22.34.123:443 track.kueezrtb.com tcp
US 130.211.23.194:443 api.btloader.com udp
GB 141.147.81.223:443 mb.moatads.com tcp
US 104.22.1.93:443 cdn.pbstck.com tcp
US 104.22.1.93:443 cdn.pbstck.com tcp
US 192.178.49.163:443 beacons.gcp.gvt2.com tcp
US 192.178.49.163:443 beacons.gcp.gvt2.com tcp
US 172.67.25.151:443 cdn.pbstck.com udp
PL 18.244.102.2:443 sb.scorecardresearch.com tcp
NL 185.89.210.141:443 ib.adnxs.com tcp
US 35.241.9.51:443 00917082-71e9-498e-8343-00c3df06b798.prmutv.co tcp
PL 18.66.233.115:443 config.aps.amazon-adsystem.com tcp
PL 18.66.233.34:443 live.primis.tech tcp
PL 18.244.95.68:443 aax.amazon-adsystem.com tcp
US 172.67.75.241:443 script.4dex.io tcp
US 8.8.8.8:53 tag.wknd.ai udp
US 8.8.8.8:53 cdn.hadronid.net udp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 8.8.8.8:53 cdn.permutive.com udp
US 34.120.253.250:443 tag.wknd.ai tcp
NL 23.218.48.210:443 secure.cdn.fastclick.net tcp
PL 18.244.146.14:443 tags.crwdcntrl.net tcp
US 104.22.53.86:443 cdn.id5-sync.com tcp
US 104.17.119.17:443 cdn.permutive.com tcp
US 34.107.254.252:443 api.permutive.com tcp
US 34.107.254.252:443 api.permutive.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
US 172.64.153.78:443 mp.4dex.io tcp
DE 3.78.168.176:443 tlx.3lift.com tcp
US 142.93.62.157:443 exchange.kueezrtb.com tcp
US 142.93.62.157:443 exchange.kueezrtb.com tcp
US 142.93.62.157:443 exchange.kueezrtb.com tcp
US 8.8.8.8:53 141.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 34.233.66.18.in-addr.arpa udp
US 8.8.8.8:53 241.75.67.172.in-addr.arpa udp
US 8.8.8.8:53 68.95.244.18.in-addr.arpa udp
US 8.8.8.8:53 250.253.120.34.in-addr.arpa udp
US 8.8.8.8:53 17.119.17.104.in-addr.arpa udp
US 8.8.8.8:53 252.254.107.34.in-addr.arpa udp
US 8.8.8.8:53 210.48.218.23.in-addr.arpa udp
US 8.8.8.8:53 14.146.244.18.in-addr.arpa udp
US 8.8.8.8:53 2.102.244.18.in-addr.arpa udp
US 172.67.36.110:443 cdn.hadronid.net tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
US 35.186.253.211:443 rtb.openx.net tcp
PL 18.244.102.41:443 hb.yellowblue.io tcp
US 104.22.53.86:443 cdn.id5-sync.com tcp
US 34.149.130.207:443 pd.cdnwidget.com tcp
US 34.111.8.32:443 events.bouncex.net tcp
US 34.98.72.95:443 assets.bounceexchange.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
IE 67.220.224.150:443 aax-eu.amazon-adsystem.com tcp
US 172.67.75.241:443 script.4dex.io tcp
US 104.18.23.145:443 cadmus.script.ac tcp
US 104.22.4.69:443 id.hadron.ad.gt tcp
PL 18.66.233.34:443 live.primis.tech udp
IE 52.49.90.166:443 bcp.crwdcntrl.net tcp
NL 46.228.174.117:443 sync.1rx.io tcp
US 34.98.72.95:443 assets.bounceexchange.com udp
DE 91.228.74.208:443 secure.quantserve.com tcp
US 8.8.8.8:53 95.72.98.34.in-addr.arpa udp
US 8.8.8.8:53 8.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 150.224.220.67.in-addr.arpa udp
US 8.8.8.8:53 145.23.18.104.in-addr.arpa udp
US 8.8.8.8:53 69.4.22.104.in-addr.arpa udp
US 8.8.8.8:53 166.90.49.52.in-addr.arpa udp
US 8.8.8.8:53 117.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 208.74.228.91.in-addr.arpa udp
US 34.95.102.126:443 data.cdnbasket.net tcp
US 34.149.101.92:443 page.cdnbasket.net tcp
US 34.95.69.217:443 view.cdnbasket.net tcp
US 104.22.5.69:443 id.hadron.ad.gt tcp
US 172.67.25.151:443 cdn.pbstck.com udp
PL 18.66.233.99:443 rules.quantcount.com tcp
US 23.53.112.234:443 ads.pubmatic.com tcp
US 35.244.159.8:443 u.openx.net tcp
US 3.223.7.70:443 cs-server-s2s.yellowblue.io tcp
US 35.244.159.8:443 u.openx.net udp
NL 35.214.232.231:443 csync.loopme.me tcp
US 34.230.195.204:443 mb9eo.publishers.tremorhub.com tcp
DE 3.75.62.37:443 ups.analytics.yahoo.com tcp
US 76.223.111.18:443 eb2.3lift.com tcp
NL 213.19.162.90:443 pixel.rubiconproject.com tcp
US 172.64.151.101:443 ssum-sec.casalemedia.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 23.220.112.27:443 cs.media.net tcp
IE 54.74.90.126:443 ap.lijit.com tcp
US 8.8.8.8:53 234.112.53.23.in-addr.arpa udp
US 8.8.8.8:53 98.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 231.232.214.35.in-addr.arpa udp
US 8.8.8.8:53 70.7.223.3.in-addr.arpa udp
US 8.8.8.8:53 18.111.223.76.in-addr.arpa udp
US 8.8.8.8:53 101.151.64.172.in-addr.arpa udp
US 8.8.8.8:53 37.62.75.3.in-addr.arpa udp
US 8.8.8.8:53 90.162.19.213.in-addr.arpa udp
US 8.8.8.8:53 91.149.214.35.in-addr.arpa udp
US 8.8.8.8:53 204.195.230.34.in-addr.arpa udp
US 8.8.8.8:53 27.112.220.23.in-addr.arpa udp
US 8.8.8.8:53 ads.stickyadstv.com udp
NL 154.57.158.25:443 ads.stickyadstv.com tcp
US 172.64.151.101:443 ssum-sec.casalemedia.com udp
GB 185.64.190.78:443 image6.pubmatic.com tcp
GB 142.250.180.1:443 5c3f9210b0e5739c20a0596af4c8d2ae.safeframe.googlesyndication.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
NL 81.17.55.170:443 ssbsync-global.smartadserver.com tcp
US 80.77.87.166:443 cs.admanmedia.com tcp
DK 37.157.5.132:443 cm.adform.net tcp
US 34.149.40.38:443 u.4dex.io tcp
GB 172.217.169.66:443 cm.g.doubleclick.net tcp
US 34.149.40.38:443 u.4dex.io udp
DE 18.197.199.178:443 match.sharethrough.com tcp
PL 18.244.102.64:443 images.rbxcdn.com tcp
PL 18.244.102.64:443 images.rbxcdn.com tcp
US 52.223.40.198:443 match.adsrvr.org tcp
US 147.182.169.116:443 sync.kueezrtb.com tcp
GB 142.250.200.33:443 tpc.googlesyndication.com tcp
NL 178.250.1.3:443 static.criteo.net tcp
GB 142.250.200.33:443 tpc.googlesyndication.com tcp
GB 172.217.169.66:443 cm.g.doubleclick.net udp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 8.8.8.8:53 170.55.17.81.in-addr.arpa udp
US 8.8.8.8:53 38.40.149.34.in-addr.arpa udp
US 8.8.8.8:53 132.5.157.37.in-addr.arpa udp
US 8.8.8.8:53 166.87.77.80.in-addr.arpa udp
IE 52.30.158.183:443 pr-bh.ybp.yahoo.com tcp
US 54.197.158.229:443 sync.srv.stackadapt.com tcp
US 54.197.158.229:443 sync.srv.stackadapt.com tcp
US 54.197.158.229:443 sync.srv.stackadapt.com tcp
US 8.8.8.8:53 198.40.223.52.in-addr.arpa udp
US 13.107.42.14:443 px.ads.linkedin.com tcp
GB 142.250.178.1:443 cdn.ampproject.org tcp
GB 142.250.178.1:443 cdn.ampproject.org tcp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.200.33:443 tpc.googlesyndication.com tcp
GB 87.248.205.1:443 cdn.issigpen.com tcp
GB 142.250.200.33:443 tpc.googlesyndication.com tcp
GB 142.250.200.33:443 tpc.googlesyndication.com tcp
GB 142.250.200.33:443 tpc.googlesyndication.com tcp
IE 34.246.85.235:443 match.prod.bidr.io tcp
US 50.31.142.223:443 b1sync.zemanta.com tcp
PL 108.138.51.82:443 s.ad.smaato.net tcp
GB 87.248.205.1:443 cdn.issigpen.com tcp
PL 18.244.102.64:443 images.rbxcdn.com udp
US 34.160.20.10:443 ids.cdnwidget.com tcp
US 34.107.254.252:443 api.permutive.com udp
IE 34.240.94.244:443 rtb.gumgum.com tcp
GB 216.58.201.106:443 imasdk.googleapis.com tcp
NL 178.250.1.11:443 gum.criteo.com tcp
GB 142.250.200.33:443 tpc.googlesyndication.com udp
NL 178.250.1.9:443 dis.criteo.com tcp
US 34.111.8.32:443 contextual-analytics.wunderkind.co tcp
NL 72.246.173.47:443 eus.rubiconproject.com tcp
US 8.8.8.8:53 244.94.240.34.in-addr.arpa udp
US 8.8.8.8:53 9.1.250.178.in-addr.arpa udp
DE 85.114.159.93:443 dsp.adfarm1.adition.com tcp
IE 67.220.224.150:443 aax-eu.amazon-adsystem.com tcp
NL 193.0.160.130:443 p.rfihub.com tcp
NL 82.145.213.8:443 t.adx.opera.com tcp
US 151.101.2.49:443 sync-tm.everesttech.net tcp
NL 35.204.158.49:443 um.simpli.fi tcp
DK 37.157.2.229:443 c1.adform.net tcp
US 34.111.129.221:443 cr.frontend.weborama.fr tcp
IE 52.209.193.199:443 a.audrte.com tcp
SE 213.155.156.181:443 d5p.de17a.com tcp
NL 185.184.8.90:443 creativecdn.com tcp
NL 89.207.16.137:443 pubmatic-match.dotomi.com tcp
NL 46.228.164.11:443 ad.turn.com tcp
NL 64.227.64.62:443 match.adsby.bidtheatre.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
NL 35.214.232.231:443 csync.loopme.me tcp
SI 195.5.165.20:443 core.iprom.net tcp
US 35.186.193.173:443 ipac.ctnsnet.com tcp
NL 64.158.223.140:443 amazon-tam-match.dotomi.com tcp
IE 54.217.169.137:443 sync-amz.ads.yieldmo.com tcp
GB 172.217.16.226:443 securepubads.g.doubleclick.net udp
NL 208.93.169.131:443 bh.contextweb.com tcp
IE 52.18.116.194:443 cs-tam.yellowblue.io tcp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
US 3.224.77.118:443 ssp.disqus.com tcp
SG 35.186.154.107:443 cm-supply-web.gammaplatform.com tcp
US 34.195.75.194:443 compass-v2.deliverimp.com tcp
IE 54.217.19.5:443 cm.adgrx.com tcp
US 104.18.25.173:443 a.tribalfusion.com tcp
DE 162.19.138.116:443 id5-sync.com tcp
US 34.120.133.55:443 api.rlcdn.com tcp
GB 172.217.169.70:443 s0.2mdn.net tcp
SG 35.186.154.107:443 cm-supply-web.gammaplatform.com tcp
US 8.8.8.8:53 181.156.155.213.in-addr.arpa udp
US 8.8.8.8:53 90.8.184.185.in-addr.arpa udp
US 8.8.8.8:53 137.16.207.89.in-addr.arpa udp
US 8.8.8.8:53 150.216.36.34.in-addr.arpa udp
US 8.8.8.8:53 62.64.227.64.in-addr.arpa udp
US 8.8.8.8:53 11.164.228.46.in-addr.arpa udp
US 8.8.8.8:53 116.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 55.133.120.34.in-addr.arpa udp
US 8.8.8.8:53 70.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 5.19.217.54.in-addr.arpa udp
US 8.8.8.8:53 173.25.18.104.in-addr.arpa udp
US 8.8.8.8:53 194.75.195.34.in-addr.arpa udp
US 8.8.8.8:53 118.77.224.3.in-addr.arpa udp
US 8.8.8.8:53 194.116.18.52.in-addr.arpa udp
NL 198.47.127.205:443 simage2.pubmatic.com tcp
GB 216.58.201.106:443 imasdk.googleapis.com udp
GB 185.64.191.210:443 image2.pubmatic.com tcp
US 52.46.155.104:443 s.amazon-adsystem.com tcp
US 34.111.8.32:443 contextual-analytics.wunderkind.co udp
DE 18.197.118.154:443 rtb.mfadsrvr.com tcp
GB 185.64.191.210:443 image2.pubmatic.com tcp
NL 198.47.127.205:443 simage2.pubmatic.com tcp
GB 185.64.191.210:443 image2.pubmatic.com tcp
GB 185.64.190.81:443 simage4.pubmatic.com tcp
NL 198.47.127.20:443 image4.pubmatic.com tcp
NL 198.47.127.205:443 simage2.pubmatic.com tcp
NL 198.47.127.205:443 simage2.pubmatic.com tcp
NL 198.47.127.205:443 simage2.pubmatic.com tcp
US 34.111.129.221:443 cr.frontend.weborama.fr udp
US 80.77.87.108:443 eexsync.com tcp
NL 89.207.16.201:443 triplelift-match.dotomi.com tcp
IE 52.18.69.148:443 ads.yieldmo.com tcp
DE 162.19.138.118:443 lb.eu-1-id5-sync.com tcp
NL 35.214.232.231:443 csync.loopme.me tcp
GB 87.248.205.1:443 cdn.marphezis.com tcp
US 185.184.10.30:443 us.creativecdn.com tcp
US 34.96.71.22:443 s.company-target.com tcp
US 44.206.22.2:443 rtb.adentifi.com tcp
GB 23.73.139.40:443 hb.yahoo.net tcp
IE 52.19.64.114:443 pm.w55c.net tcp
DE 51.89.9.254:443 onetag-sys.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
BE 104.68.78.171:443 secure-assets.rubiconproject.com tcp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 52.46.155.104:443 s.amazon-adsystem.com tcp
DE 37.252.171.85:443 secure.adnxs.com tcp
NL 213.19.162.90:443 pixel-eu.rubiconproject.com tcp
GB 185.64.190.79:443 image8.pubmatic.com tcp
GB 185.64.190.79:443 image8.pubmatic.com tcp
NL 72.246.172.22:443 contextual.media.net tcp
NL 81.17.55.172:443 rtb-csync.smartadserver.com tcp
NL 213.19.162.90:443 pixel-eu.rubiconproject.com tcp
GB 185.64.190.79:443 image8.pubmatic.com tcp
US 8.8.8.8:53 2.22.206.44.in-addr.arpa udp
US 8.8.8.8:53 254.9.89.51.in-addr.arpa udp
US 8.8.8.8:53 171.78.68.104.in-addr.arpa udp
US 8.8.8.8:53 79.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 85.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 22.172.246.72.in-addr.arpa udp
US 8.8.8.8:53 172.55.17.81.in-addr.arpa udp
US 216.200.232.249:443 sync.mathtag.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
DE 51.89.9.254:443 onetag-sys.com udp
IE 34.247.233.198:443 usersync.gumgum.com tcp
NL 213.19.162.80:443 pixel-eu.rubiconproject.com tcp
US 104.22.50.98:443 mwzeom.zeotap.com tcp
DE 162.55.120.196:443 matching.truffle.bid tcp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
US 34.111.131.239:443 idsync.frontend.weborama.fr tcp
FR 141.94.242.206:443 green.erne.co tcp
DK 77.243.51.121:443 uipglob.semasio.net tcp
DK 77.243.51.121:443 uipglob.semasio.net tcp
US 34.111.131.239:443 idsync.frontend.weborama.fr tcp
FR 141.94.242.206:443 green.erne.co tcp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
DE 162.55.120.196:443 matching.truffle.bid tcp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
FR 141.94.170.64:443 pixel-eu.onaudience.com tcp
JP 211.120.53.204:443 tg.socdm.com tcp
NL 35.214.132.90:443 u.ipw.metadsp.co.uk tcp
US 8.43.72.98:443 pixel-us-east.rubiconproject.com tcp
JP 211.120.53.204:443 tg.socdm.com tcp
NL 35.214.132.90:443 u.ipw.metadsp.co.uk udp
US 54.197.158.229:443 sync.srv.stackadapt.com tcp
GB 142.250.187.206:443 www.youtube.com tcp
GB 142.250.187.206:443 www.youtube.com udp
CA 51.222.80.231:443 pixel.onaudience.com tcp
US 34.117.4.53:443 ssp.wknd.ai tcp
DE 3.122.214.165:443 ps.eyeota.net tcp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
US 54.162.112.116:443 sync.ipredictive.com tcp
US 169.197.150.7:443 match.deepintent.com tcp
NL 213.19.162.80:443 pixel-eu.rubiconproject.com tcp
NL 213.19.162.80:443 pixel-eu.rubiconproject.com tcp
IE 34.247.233.198:443 usersync.gumgum.com tcp
NL 213.19.162.90:443 pixel-eu.rubiconproject.com tcp
NL 46.228.164.13:443 d.turn.com tcp
IE 34.247.233.198:443 usersync.gumgum.com tcp
NL 213.19.162.90:443 pixel-eu.rubiconproject.com tcp
IE 18.200.139.81:443 ce.lijit.com tcp
NL 147.75.84.158:443 prebid.a-mo.net tcp
US 34.111.113.62:443 pixel.tapad.com tcp
US 34.111.113.62:443 pixel.tapad.com udp
US 216.239.32.3:443 csi.gstatic.com tcp
US 216.239.32.3:443 csi.gstatic.com udp
NL 173.194.69.84:443 accounts.google.com udp
NL 173.194.69.84:443 accounts.google.com tcp
US 104.200.26.234:443 greasyfork.org tcp
US 104.200.26.234:443 greasyfork.org tcp
GB 216.58.204.66:443 googleads.g.doubleclick.net udp
GB 172.217.16.238:443 clients2.google.com tcp
NL 46.228.164.11:443 r.turn.com tcp
US 174.137.133.49:443 dsp.adkernel.com tcp
GB 172.217.16.238:443 clients2.google.com udp
NL 178.250.1.9:443 dis.criteo.com tcp
US 34.96.105.8:443 tr.blismedia.com tcp
GB 172.217.16.238:443 clients2.google.com udp
GB 216.58.212.195:443 id.google.com tcp
GB 142.250.200.10:443 content-autofill.googleapis.com udp
DE 46.4.58.236:443 www.tampermonkey.net tcp
DE 46.4.58.236:443 www.tampermonkey.net tcp
DE 5.9.16.218:443 a.tampermonkey.net tcp
DE 46.4.58.236:443 www.tampermonkey.net tcp
US 104.18.11.248:443 cdn.snigelweb.com tcp
US 104.18.11.248:443 cdn.snigelweb.com tcp
GB 172.217.169.70:443 s0.2mdn.net udp
BE 23.14.90.89:443 cdn.doubleverify.com tcp
GB 172.217.169.2:443 googleads4.g.doubleclick.net tcp
IE 52.19.103.132:443 d.agkn.com tcp
GB 172.217.169.2:443 googleads4.g.doubleclick.net tcp
NL 185.89.210.141:443 ib.adnxs.com tcp
US 172.64.151.101:443 ssum-sec.casalemedia.com udp
US 130.211.44.5:443 rtbc-ew1.doubleverify.com tcp
GB 172.217.169.2:443 googleads4.g.doubleclick.net udp
GB 142.250.200.2:443 www.googletagservices.com tcp
GB 142.250.200.2:443 www.googletagservices.com udp
GB 172.217.169.70:443 s0.2mdn.net udp
GB 216.58.213.14:443 img.youtube.com tcp
GB 216.58.213.14:443 img.youtube.com udp
GB 142.250.179.227:443 ssl.gstatic.com tcp
GB 142.250.200.33:443 tpc.googlesyndication.com udp
GB 216.58.201.110:443 apis.google.com udp
US 130.211.44.5:443 rtbc-ew1.doubleverify.com tcp
GB 142.250.187.206:443 www.youtube.com udp
GB 142.250.187.206:443 www.youtube.com udp
GB 142.250.187.234:443 content-autofill.googleapis.com tcp
GB 142.250.187.234:443 content-autofill.googleapis.com udp
GB 142.250.179.227:443 ssl.gstatic.com udp
GB 142.250.200.33:443 tpc.googlesyndication.com udp
GB 172.217.16.238:443 clients2.google.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 34.125.80.210:443 e2c30.gcp.gvt2.com tcp
US 192.178.48.227:443 beacons.gvt2.com tcp
PL 18.66.233.27:443 live.primis.tech udp
PL 18.244.102.84:443 video.primis.tech udp
GB 142.250.178.4:443 www.google.com udp
NL 89.149.192.65:443 prg.smartadserver.com tcp
BE 23.14.90.112:443 csync.smartadserver.com tcp
BE 23.14.90.105:443 ced-ns.sascdn.com tcp
US 34.98.64.218:443 eu-u.openx.net udp
NL 81.17.55.172:443 rtb-csync.smartadserver.com tcp
NL 46.228.164.11:443 r.turn.com tcp
US 172.64.151.101:443 ssum-sec.casalemedia.com udp
NL 81.17.55.172:443 rtb-csync.smartadserver.com tcp
US 52.223.40.198:443 match.adsrvr.org tcp
GB 142.250.200.34:443 cm.g.doubleclick.net udp
NL 64.158.223.137:443 openx2-match.dotomi.com tcp
US 54.144.230.52:443 sync.srv.stackadapt.com tcp
US 34.128.133.112:443 ads.avads.net tcp
US 34.128.133.112:443 ads.avads.net udp
FR 45.137.176.88:443 sync.adotmob.com tcp
US 34.96.71.22:443 s.company-target.com udp
US 35.186.253.211:443 rtb.openx.net udp
DE 37.252.171.85:443 secure.adnxs.com tcp
US 8.8.8.8:53 88.176.137.45.in-addr.arpa udp
US 8.8.8.8:53 137.223.158.64.in-addr.arpa udp
US 8.8.8.8:53 ad4m.at udp
US 8.8.8.8:53 cms.quantserve.com udp
US 172.67.74.129:443 ad4m.at tcp
DE 91.228.74.159:443 cms.quantserve.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
NL 185.89.210.141:443 ib.adnxs.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
DK 77.243.51.121:443 uipglob.semasio.net tcp
US 50.31.142.223:443 b1sync.zemanta.com tcp
DE 3.125.70.222:443 ps.eyeota.net tcp
FR 185.255.84.152:443 visitor.omnitagjs.com tcp
IE 52.18.157.212:443 match.prod.bidr.io tcp
NL 35.214.232.231:443 csync.loopme.me tcp
US 80.77.87.166:443 cs.admanmedia.com tcp
DE 18.194.46.99:443 match.sharethrough.com tcp
DE 57.129.18.121:443 wt.rqtrk.eu tcp
NL 173.194.69.84:443 accounts.google.com udp
US 104.131.69.64:443 openuserjs.org tcp
US 104.131.69.64:443 openuserjs.org tcp
US 104.131.69.64:443 openuserjs.org tcp
US 104.131.69.64:443 openuserjs.org tcp
US 104.131.69.64:443 openuserjs.org tcp
US 104.131.69.64:443 openuserjs.org tcp
FR 162.19.58.158:443 i.ibb.co tcp
GB 142.250.200.10:443 content-autofill.googleapis.com udp
US 104.21.89.193:443 lootdest.com tcp
US 104.21.89.193:443 lootdest.com tcp
US 151.101.1.229:443 cdn.jsdelivr.net udp
US 104.21.89.193:443 lootdest.com udp
GB 216.58.204.66:443 googleads.g.doubleclick.net udp
US 172.67.134.236:443 gforanopportu.info udp
US 172.67.134.236:443 gforanopportu.info udp
US 104.21.19.208:443 0.entlysearchin.info tcp
US 54.225.185.110:443 wilyr.nailsandothesa.org tcp
US 54.225.185.110:443 wilyr.nailsandothesa.org tcp
NL 173.194.69.84:443 accounts.google.com udp
GB 163.70.151.35:443 www.facebook.com udp
US 54.225.185.110:443 wilyr.nailsandothesa.org tcp
US 54.225.185.110:443 wilyr.nailsandothesa.org tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
GB 142.250.187.209:443 csp.withgoogle.com tcp
US 216.239.36.117:443 beacons2.gvt2.com tcp
GB 142.250.187.209:443 csp.withgoogle.com udp
US 216.239.36.117:443 beacons2.gvt2.com udp
FR 52.84.174.125:443 askdomainad.com tcp
FI 95.216.74.110:443 img.cdn.house tcp
FI 95.216.74.110:443 img.cdn.house tcp
NL 108.156.60.54:443 funjoobpolicester.info tcp
US 54.225.185.110:443 wilyr.nailsandothesa.org tcp
US 104.21.19.208:443 0.entlysearchin.info udp
US 172.67.134.236:443 gforanopportu.info udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.133:443 objects.githubusercontent.com tcp
US 185.199.108.133:443 objects.githubusercontent.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 140.82.114.22:443 collector.github.com tcp
US 140.82.114.22:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
FI 95.216.74.110:443 img.cdn.house tcp
US 54.225.185.110:443 wilyr.nailsandothesa.org tcp
GB 216.58.213.14:443 img.youtube.com udp
NL 173.194.69.84:443 accounts.google.com udp
IT 34.154.74.59:443 e2c59.gcp.gvt2.com tcp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
FI 95.216.74.110:443 img.cdn.house tcp
US 54.225.185.110:443 wilyr.nailsandothesa.org tcp
US 54.225.185.110:443 wilyr.nailsandothesa.org tcp
FR 178.32.197.48:443 prg.smartadserver.com tcp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
PL 18.244.146.64:443 setup.rbxcdn.com tcp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
DE 78.46.76.54:443 img.cdn.house tcp
DE 78.46.76.54:443 img.cdn.house tcp
US 54.225.185.110:443 wilyr.nailsandothesa.org tcp
GB 20.26.156.210:443 api.github.com tcp
GB 216.58.213.14:443 img.youtube.com udp
US 216.239.32.116:443 beacons4.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
DE 78.46.76.54:443 img.cdn.house tcp
US 54.225.185.110:443 wilyr.nailsandothesa.org tcp
US 54.225.185.110:443 wilyr.nailsandothesa.org tcp
DE 78.46.76.54:443 img.cdn.house tcp
US 54.225.185.110:443 wilyr.nailsandothesa.org tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 173.214.243.188:443 us.clickcdn.co tcp
US 104.21.0.122:443 imcdn.pro tcp
US 104.21.0.122:443 imcdn.pro udp
US 54.225.185.110:443 wilyr.nailsandothesa.org tcp
DE 176.9.17.3:443 img.cdn.house tcp
US 54.225.185.110:443 wilyr.nailsandothesa.org tcp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
GB 20.26.156.210:443 api.github.com tcp
PL 18.244.146.60:443 setup.rbxcdn.com tcp
GB 216.58.212.246:443 i.ytimg.com udp
US 104.21.0.122:443 imcdn.pro udp
US 173.214.243.188:443 us.clickcdn.co tcp
US 54.225.185.110:443 wilyr.nailsandothesa.org tcp
GB 142.250.178.4:443 www.google.com udp
GB 216.58.212.195:443 id.google.com udp
GB 128.116.119.4:443 www.roblox.com tcp
GB 128.116.119.4:443 www.roblox.com tcp
PL 18.244.146.81:443 static.rbxcdn.com tcp
PL 18.66.233.42:443 js.rbxcdn.com tcp
PL 18.66.233.42:443 js.rbxcdn.com tcp
PL 18.66.233.42:443 js.rbxcdn.com tcp
PL 18.66.233.42:443 js.rbxcdn.com tcp
PL 18.66.233.42:443 js.rbxcdn.com tcp
PL 18.66.233.42:443 js.rbxcdn.com tcp
PL 18.66.233.118:443 css.rbxcdn.com tcp
PL 18.66.233.118:443 css.rbxcdn.com tcp
PL 18.66.233.118:443 css.rbxcdn.com tcp
PL 18.66.233.118:443 css.rbxcdn.com tcp
PL 18.66.233.118:443 css.rbxcdn.com tcp
PL 18.66.233.118:443 css.rbxcdn.com tcp
PL 18.244.102.127:443 images.rbxcdn.com tcp
GB 128.116.119.4:443 www.roblox.com tcp
BE 23.14.90.81:443 apis.rbxcdn.com tcp
PL 18.66.233.118:443 css.rbxcdn.com tcp
GB 128.116.119.3:443 ecsv2.roblox.com tcp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
GB 128.116.119.3:443 ecsv2.roblox.com tcp
GB 128.116.119.4:443 www.roblox.com tcp
PL 18.244.146.81:443 static.rbxcdn.com tcp
PL 18.66.233.42:443 js.rbxcdn.com tcp
PL 18.66.233.118:443 css.rbxcdn.com tcp
PL 18.244.146.60:443 setup.rbxcdn.com tcp
PL 18.244.102.127:443 images.rbxcdn.com tcp
US 3.161.82.40:443 askdomainad.com tcp
N/A 127.0.0.1:60360 tcp
GB 128.116.119.3:443 ecsv2.roblox.com tcp
DE 176.9.17.3:443 img.cdn.house tcp
N/A 127.0.0.1:60365 tcp
GB 128.116.119.3:443 ecsv2.roblox.com tcp
GB 18.245.253.108:443 funjoobpolicester.info tcp
US 54.225.185.110:443 wilyr.nailsandothesa.org tcp
N/A 127.0.0.1:60370 tcp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
PL 18.244.146.60:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:60379 tcp
PL 18.244.146.60:443 setup.rbxcdn.com tcp
PL 18.244.146.60:443 setup.rbxcdn.com tcp
FR 185.86.139.96:443 prg.smartadserver.com tcp
US 54.225.185.110:443 wilyr.nailsandothesa.org tcp
US 20.7.47.135:443 msedge.api.cdp.microsoft.com tcp
US 199.232.210.172:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
DE 78.46.76.54:443 img.cdn.house tcp
US 54.225.185.110:443 wilyr.nailsandothesa.org tcp
QA 34.18.10.222:443 e2c62.gcp.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
US 199.232.210.172:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
US 192.178.48.227:443 beacons.gvt2.com udp
DE 78.46.76.54:443 img.cdn.house tcp
US 192.178.48.227:443 beacons.gvt2.com tcp
US 34.195.224.242:443 wilyr.nailsandothesa.org tcp
US 173.214.243.188:443 us.clickcdn.co tcp
US 104.21.0.122:443 imcdn.pro udp
US 34.195.224.242:443 wilyr.nailsandothesa.org tcp
US 34.195.224.242:443 wilyr.nailsandothesa.org tcp
FR 52.84.174.125:443 askdomainad.com tcp
DE 178.63.48.167:443 img.cdn.house tcp
GB 18.245.253.38:443 funjoobpolicester.info tcp
US 34.195.224.242:443 wilyr.nailsandothesa.org tcp
GB 216.58.213.14:443 img.youtube.com udp
NL 81.17.55.161:443 prg.smartadserver.com tcp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 173.214.243.188:443 us.clickcdn.co tcp
US 104.21.0.122:443 imcdn.pro udp
US 34.195.224.242:443 wilyr.nailsandothesa.org tcp
DE 178.63.48.167:443 img.cdn.house tcp
N/A 127.0.0.1:60838 tcp
GB 128.116.119.3:443 ecsv2.roblox.com tcp
DE 178.63.48.167:443 img.cdn.house tcp
US 34.195.224.242:443 wilyr.nailsandothesa.org tcp
GB 216.58.213.14:443 img.youtube.com udp
DE 5.9.197.87:443 img.cdn.house tcp
US 34.195.224.242:443 wilyr.nailsandothesa.org tcp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 34.195.224.242:443 wilyr.nailsandothesa.org tcp
DE 5.9.197.87:443 img.cdn.house tcp
US 34.195.224.242:443 wilyr.nailsandothesa.org tcp
US 34.107.254.252:443 api.permutive.com udp
US 34.107.254.252:443 api.permutive.com tcp
DE 176.9.17.3:443 img.cdn.house tcp
US 34.195.224.242:443 wilyr.nailsandothesa.org tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 34.195.224.242:443 wilyr.nailsandothesa.org tcp
GB 216.58.213.14:443 img.youtube.com udp
DE 176.9.17.3:443 img.cdn.house tcp
US 34.195.224.242:443 wilyr.nailsandothesa.org tcp
US 173.214.243.188:443 us.clickcdn.co tcp
US 34.195.224.242:443 wilyr.nailsandothesa.org tcp
DE 148.251.85.93:443 img.cdn.house tcp
US 34.195.224.242:443 wilyr.nailsandothesa.org tcp
NL 81.17.55.99:443 prg.smartadserver.com tcp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 34.195.224.242:443 wilyr.nailsandothesa.org tcp
US 172.67.150.242:443 imcdn.pro udp
US 34.195.224.242:443 wilyr.nailsandothesa.org tcp
IE 20.166.2.191:443 msedge.api.cdp.microsoft.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
GB 87.248.204.0:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
DE 5.9.110.111:443 img.cdn.house tcp
US 54.225.185.110:443 wilyr.nailsandothesa.org tcp
US 8.8.8.8:53 beacons3.gvt2.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
DE 5.9.110.111:443 img.cdn.house tcp
US 54.225.185.110:443 wilyr.nailsandothesa.org tcp
US 173.214.243.188:443 us.clickcdn.co tcp
US 54.225.185.110:443 wilyr.nailsandothesa.org tcp
FR 185.86.139.58:443 prg.smartadserver.com tcp
HK 216.58.203.67:443 beacons2.gvt2.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
DE 148.251.85.93:443 img.cdn.house tcp
US 54.225.185.110:443 wilyr.nailsandothesa.org tcp
DE 148.251.85.93:443 img.cdn.house tcp
US 54.225.185.110:443 wilyr.nailsandothesa.org tcp
GB 92.123.128.162:443 tcp
NL 23.62.61.115:443 r.bing.com tcp
NL 23.62.61.115:443 r.bing.com tcp
NL 23.62.61.115:443 r.bing.com tcp
NL 23.62.61.115:443 r.bing.com tcp
NL 23.62.61.115:443 r.bing.com tcp
NL 23.62.61.115:443 r.bing.com tcp
PL 18.66.233.27:443 live.primis.tech udp
US 8.8.8.8:53 browser.pipe.aria.microsoft.com udp
IE 20.50.73.9:443 browser.pipe.aria.microsoft.com tcp
GB 142.250.187.206:443 play.google.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
GB 20.26.156.210:443 api.github.com tcp
PL 18.244.146.64:443 setup.rbxcdn.com tcp
DE 46.4.115.66:443 img.cdn.house tcp
US 54.225.185.110:443 wilyr.nailsandothesa.org tcp
US 8.8.8.8:53 rtb.primis.tech udp
PL 18.66.233.27:443 rtb.primis.tech udp
DE 3.78.168.176:443 tlx.3lift.com tcp
PL 18.66.233.19:443 rtb.primis.tech udp
US 8.8.8.8:53 bit.ly udp
US 34.107.254.252:443 api.permutive.com udp
US 8.8.8.8:53 events.bouncex.net udp
US 172.67.73.172:443 modsfire.com tcp
US 34.111.8.32:443 events.bouncex.net udp
US 67.199.248.10:443 bit.ly udp
US 34.107.254.252:443 api.permutive.com udp
US 34.111.8.32:443 events.bouncex.net tcp
US 104.18.10.207:443 stackpath.bootstrapcdn.com udp
PL 18.244.149.66:443 c.amazon-adsystem.com tcp
US 104.22.1.93:443 cdn.pbstck.com udp
PL 18.66.233.101:443 cdn.privacy-mgmt.com tcp
RU 88.212.201.204:443 counter.yadro.ru tcp
US 172.67.215.118:443 cekgsyc.com tcp
US 172.67.215.118:443 cekgsyc.com udp
US 104.21.85.92:443 ctrtrk.com tcp
GB 172.217.16.226:443 securepubads.g.doubleclick.net udp
US 172.67.177.214:443 youradexchange.com tcp
US 104.22.35.123:443 track.kueezrtb.com tcp
US 104.22.34.123:443 track.kueezrtb.com tcp
US 104.22.35.123:443 track.kueezrtb.com tcp
US 104.21.8.108:443 pubtrky.com tcp
US 104.22.75.216:443 btloader.com tcp
US 172.64.146.86:443 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app tcp
US 8.8.8.8:53 214.177.67.172.in-addr.arpa udp
US 8.8.8.8:53 108.8.21.104.in-addr.arpa udp
US 8.8.8.8:53 216.75.22.104.in-addr.arpa udp
GB 141.147.81.223:443 mb.moatads.com tcp
US 104.22.1.93:443 cdn.pbstck.com udp
US 104.26.2.70:443 ad-delivery.net tcp
US 130.211.23.194:443 api.btloader.com udp
PL 18.66.233.101:443 cdn.privacy-mgmt.com tcp
PL 18.244.102.2:443 sb.scorecardresearch.com tcp
PL 18.66.233.115:443 config.aps.amazon-adsystem.com tcp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
GB 18.244.138.116:443 aax.amazon-adsystem.com tcp
US 104.26.8.169:443 script.4dex.io tcp
NL 23.218.48.210:443 secure.cdn.fastclick.net tcp
US 104.22.53.173:443 cdn.hadronid.net tcp
US 34.120.253.250:443 tag.wknd.ai udp
US 8.8.8.8:53 exchange.kueezrtb.com udp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
US 35.186.253.211:443 rtb.openx.net udp
PL 18.244.102.59:443 hb.yellowblue.io tcp
US 138.197.53.255:443 exchange.kueezrtb.com tcp
US 35.186.253.211:443 rtb.openx.net tcp
PL 18.66.233.102:443 rules.quantcount.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
US 172.64.153.78:443 mp.4dex.io tcp
US 172.67.174.130:443 trk.glasssmash.site tcp
US 172.67.174.130:443 trk.glasssmash.site tcp
US 104.21.8.108:443 pubtrky.com udp
US 104.21.5.72:443 nowforfile.com tcp
NL 178.250.1.11:443 gum.criteo.com tcp
US 34.149.130.207:443 pd.cdnwidget.com tcp
US 172.67.177.214:443 youradexchange.com udp
IE 67.220.228.203:443 aax-eu.amazon-adsystem.com tcp
US 8.8.8.8:53 130.174.67.172.in-addr.arpa udp
US 8.8.8.8:53 72.5.21.104.in-addr.arpa udp
US 8.8.8.8:53 203.228.220.67.in-addr.arpa udp
US 8.8.8.8:53 102.233.66.18.in-addr.arpa udp
US 104.26.2.174:443 yourjsdelivery.com tcp
GB 142.250.187.202:443 ajax.googleapis.com udp
IE 34.249.188.79:443 match.prod.bidr.io tcp
PL 108.138.51.82:443 s.ad.smaato.net tcp
NL 63.215.202.169:443 amazon-tam-match.dotomi.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
IE 52.210.2.133:443 nostop.go2cloud.org tcp
US 52.46.128.147:443 s.amazon-adsystem.com tcp
US 52.46.128.147:443 s.amazon-adsystem.com tcp
NL 193.3.178.3:443 u-ams03.e-planning.net tcp
US 104.26.8.169:443 script.4dex.io tcp
NL 64.158.223.140:443 pulsepoint-match.dotomi.com tcp
US 104.21.5.72:443 nowforfile.com udp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
US 172.67.23.234:443 id.hadron.ad.gt tcp
NL 193.3.178.1:443 s.e-planning.net tcp
US 104.18.36.155:443 dsum.casalemedia.com tcp
DE 51.89.9.254:443 onetag-sys.com tcp
US 172.67.40.173:443 spl.zeotap.com tcp
DE 37.252.171.53:443 ib.adnxs.com tcp
US 8.8.8.8:53 234.23.67.172.in-addr.arpa udp
US 8.8.8.8:53 1.178.3.193.in-addr.arpa udp
US 8.8.8.8:53 155.36.18.104.in-addr.arpa udp
US 8.8.8.8:53 173.40.67.172.in-addr.arpa udp
US 23.53.112.234:443 ads.pubmatic.com tcp
US 3.217.59.243:443 cookies.nextmillmedia.com tcp
US 34.149.40.38:443 u.4dex.io udp
US 54.211.215.248:443 i.liadm.com tcp
US 104.18.36.155:443 dsum-sec.casalemedia.com udp
NL 193.3.178.3:443 u-ams03.e-planning.net tcp
NL 193.3.178.3:443 u-ams03.e-planning.net tcp
DE 3.71.149.231:443 cms.analytics.yahoo.com tcp
BE 104.68.78.171:443 secure-assets.rubiconproject.com tcp
NL 72.246.173.47:443 eus.rubiconproject.com tcp
US 34.111.113.62:443 pixel.tapad.com udp
NL 46.228.174.117:443 sync.1rx.io tcp
DK 37.157.4.28:443 dmp.adform.net tcp
NL 154.57.158.25:443 ads.stickyadstv.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 52.223.40.198:443 match.adsrvr.org tcp
GB 18.134.84.26:443 1f2e7.v.fwmrm.net tcp
NL 63.215.202.137:443 casale-match.dotomi.com tcp
US 151.101.1.44:443 trc.taboola.com tcp
NL 145.40.97.66:443 prebid.a-mo.net tcp
PL 18.244.146.21:443 tags.crwdcntrl.net tcp
GB 142.250.180.1:443 5dbfb0844a6baa4271da34cc59815af1.safeframe.googlesyndication.com tcp
US 3.231.143.14:443 dmp.v.fwmrm.net tcp
IE 52.209.240.50:443 pr-bh.ybp.yahoo.com tcp
US 8.8.8.8:53 137.202.215.63.in-addr.arpa udp
US 8.8.8.8:53 26.84.134.18.in-addr.arpa udp
US 8.8.8.8:53 66.97.40.145.in-addr.arpa udp
US 8.8.8.8:53 21.146.244.18.in-addr.arpa udp
US 8.8.8.8:53 14.143.231.3.in-addr.arpa udp
US 8.8.8.8:53 50.240.209.52.in-addr.arpa udp
GB 185.64.190.78:443 image6.pubmatic.com tcp
US 34.95.81.168:443 euexchangesync.digitaleast.mobi tcp
US 18.206.144.25:443 rtb.adentifi.com tcp
IE 52.16.115.188:443 dpm.demdex.net tcp
IE 34.254.143.3:443 loadeu.exelator.com tcp
GB 142.250.178.4:443 www.google.com udp
DE 51.89.9.254:443 onetag-sys.com udp
NL 213.19.162.80:443 token.rubiconproject.com tcp
DE 85.114.159.118:443 dsp.adfarm1.adition.com tcp
NL 213.19.162.90:443 token.rubiconproject.com tcp
US 34.111.131.239:443 idsync.frontend.weborama.fr udp
NL 213.19.162.80:443 token.rubiconproject.com tcp
FR 51.178.195.217:443 sync.smartadserver.com tcp
IE 52.49.69.142:443 bcp.crwdcntrl.net tcp
US 34.193.192.4:443 compass-v2.deliverimp.com tcp
GB 172.217.16.226:443 cm.g.doubleclick.net udp
DE 18.184.48.164:443 aa.agkn.com tcp
US 34.160.236.64:443 odr.mookie1.com tcp
DE 162.55.236.225:443 sync.richaudience.com tcp
US 8.8.8.8:53 64.236.160.34.in-addr.arpa udp
US 8.8.8.8:53 sync-tm.everesttech.net udp
US 151.101.2.49:443 sync-tm.everesttech.net tcp
GB 142.250.200.33:443 tpc.googlesyndication.com udp
GB 87.248.205.1:443 cdn.marphezis.com tcp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
BE 23.55.96.210:443 tags.bluekai.com tcp
US 54.144.222.135:443 sync.ipredictive.com tcp
US 35.244.159.8:443 us-u.openx.net udp
IE 52.51.218.146:443 obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com tcp
US 3.220.241.189:443 cs-server-s2s.yellowblue.io tcp
GB 216.58.201.98:443 pubads.g.doubleclick.net udp
GB 216.58.201.98:443 pubads.g.doubleclick.net tcp
NL 213.19.162.90:443 token.rubiconproject.com tcp
US 23.220.112.27:443 cs.media.net tcp
US 80.77.87.166:443 cs.admanmedia.com tcp
NL 35.214.232.231:443 csync.loopme.me tcp
US 76.223.111.18:443 eb2.3lift.com tcp
NL 178.250.1.11:443 gum.criteo.com tcp
DE 18.159.11.249:443 match.sharethrough.com tcp
FR 91.134.110.133:443 ssbsync-global.smartadserver.com tcp
IE 54.217.33.48:443 ap.lijit.com tcp
US 3.233.2.13:443 mb9eo.publishers.tremorhub.com tcp
US 76.223.111.18:443 eb2.3lift.com tcp
DK 37.157.2.229:443 cm.adform.net tcp
GB 216.58.201.98:443 pubads.g.doubleclick.net udp
US 157.230.216.160:443 sync.kueezrtb.com tcp
US 3.233.2.13:443 mb9eo.publishers.tremorhub.com tcp
DE 141.95.98.64:443 lb.eu-1-id5-sync.com tcp
NL 188.42.189.231:443 ads.betweendigital.com tcp
IE 52.212.51.154:443 ice.360yield.com tcp
US 8.8.8.8:53 189.241.220.3.in-addr.arpa udp
US 8.8.8.8:53 48.33.217.54.in-addr.arpa udp
US 8.8.8.8:53 133.110.134.91.in-addr.arpa udp
US 8.8.8.8:53 249.11.159.18.in-addr.arpa udp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
AU 54.79.174.216:443 sasinator.realestate.com.au tcp
US 8.2.110.206:443 cs.mobfox.com tcp
NL 193.0.160.130:443 p.rfihub.com tcp
US 35.244.174.68:443 idsync.rlcdn.com tcp
NL 35.204.158.49:443 um.simpli.fi tcp
NL 154.59.122.79:443 ums.acuityplatform.com tcp
US 34.96.105.8:443 tr.blismedia.com udp
US 35.244.174.68:443 idsync.rlcdn.com udp
AU 54.79.174.216:443 sasinator.realestate.com.au tcp
DE 3.72.203.236:443 btlr.sharethrough.com tcp
DE 162.19.138.82:443 lb.eu-1-id5-sync.com tcp
IE 108.128.182.29:443 pm.w55c.net tcp
NL 178.250.1.9:443 dis.criteo.com tcp
US 104.18.41.104:443 capi.connatix.com tcp
US 8.8.8.8:53 154.51.212.52.in-addr.arpa udp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
US 8.8.8.8:53 206.110.2.8.in-addr.arpa udp
US 8.8.8.8:53 79.122.59.154.in-addr.arpa udp
US 8.8.8.8:53 216.174.79.54.in-addr.arpa udp
US 8.8.8.8:53 236.203.72.3.in-addr.arpa udp
US 8.8.8.8:53 82.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 29.182.128.108.in-addr.arpa udp
US 8.8.8.8:53 104.41.18.104.in-addr.arpa udp
US 54.197.158.229:443 sync.srv.stackadapt.com tcp
US 192.132.33.67:443 bttrack.com tcp
DE 91.228.74.208:443 cms.quantserve.com tcp
DE 141.95.98.64:443 lb.eu-1-id5-sync.com tcp
NL 213.19.162.90:443 token.rubiconproject.com tcp
US 34.111.8.32:443 contextual-analytics.wunderkind.co udp
NL 46.228.164.11:443 ad.turn.com tcp
NL 213.19.162.90:443 token.rubiconproject.com tcp
NL 185.89.211.116:443 secure.adnxs.com tcp
NL 213.19.162.90:443 token.rubiconproject.com tcp
NL 213.19.162.90:443 token.rubiconproject.com tcp
US 34.149.50.64:443 s.seedtag.com tcp
US 67.202.105.24:443 ssc-cms.33across.com tcp
IE 54.76.130.62:443 cs.minutemedia-prebid.com tcp
US 34.107.140.113:443 s2s.t13.io tcp
GB 172.217.169.70:443 s0.2mdn.net udp
GB 216.58.201.106:443 content-autofill.googleapis.com udp
US 216.239.32.3:443 csi.gstatic.com udp
PL 18.244.146.21:443 tags.crwdcntrl.net tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
NL 35.214.132.90:443 u.ipw.metadsp.co.uk tcp
NL 213.19.162.71:443 prebid-server.rubiconproject.com tcp
NL 198.47.127.20:443 image4.pubmatic.com tcp
NL 34.147.21.42:443 tracking.pretrackings.com tcp
NL 34.147.21.42:443 tracking.pretrackings.com tcp
US 104.18.38.233:80 crt.sectigo.com tcp
US 104.21.22.36:443 topewesusa.com tcp
US 104.21.22.36:443 topewesusa.com udp
US 172.67.184.145:443 t.rtbadshubmy.com tcp
US 172.67.72.9:443 sdk.ocmhood.com tcp
US 104.21.5.19:443 cdn.ocmtag.com tcp
US 104.26.6.228:443 sdk.ocmhood.com tcp
US 104.26.6.228:443 sdk.ocmhood.com tcp
US 104.21.2.127:443 goget.monster tcp
US 104.21.2.127:443 goget.monster tcp
US 104.21.2.127:443 goget.monster udp
US 151.101.2.137:443 code.jquery.com tcp
US 188.114.97.2:443 confidence-x.com tcp
GB 216.58.212.202:443 content-autofill.googleapis.com udp
DE 3.72.203.236:443 btlr.sharethrough.com tcp
FI 65.21.205.104:443 s12.modsfire.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
GB 216.58.213.14:443 chromewebstore.google.com udp
US 104.21.8.108:443 pubtrky.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
PL 18.66.233.34:443 rtb.primis.tech udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 20.114.58.89:443 msedge.api.cdp.microsoft.com tcp
GB 23.73.139.35:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 20.7.47.135:443 msedge.api.cdp.microsoft.com tcp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.180.1:443 dfafc98503adb3ed3fece8823cbde290.safeframe.googlesyndication.com tcp
GB 142.250.180.1:443 dfafc98503adb3ed3fece8823cbde290.safeframe.googlesyndication.com udp
US 172.64.155.249:443 stackoverflow.com tcp
US 172.64.155.249:443 stackoverflow.com tcp
GB 142.250.187.202:443 content-autofill.googleapis.com udp
US 172.64.147.34:443 cdn.sstatic.net tcp
US 172.64.147.34:443 cdn.sstatic.net tcp
US 172.64.147.34:443 cdn.sstatic.net tcp
US 172.64.147.34:443 cdn.sstatic.net tcp
US 172.64.147.34:443 cdn.sstatic.net tcp
US 104.19.177.52:443 cdn.cookielaw.org tcp
NL 173.194.69.84:443 accounts.google.com udp
US 192.0.73.2:443 www.gravatar.com tcp
US 192.0.73.2:443 www.gravatar.com tcp
US 192.0.73.2:443 www.gravatar.com tcp
US 192.0.73.2:443 www.gravatar.com tcp
US 192.0.73.2:443 www.gravatar.com tcp
GB 146.75.72.193:443 i.stack.imgur.com tcp
GB 146.75.72.193:443 i.stack.imgur.com tcp
GB 146.75.72.193:443 i.stack.imgur.com tcp
GB 146.75.72.193:443 i.stack.imgur.com tcp
GB 146.75.72.193:443 i.stack.imgur.com tcp
US 104.19.177.52:443 cdn.cookielaw.org tcp
US 104.18.167.224:443 pub.doubleverify.com tcp
GB 216.58.212.202:443 content-autofill.googleapis.com udp
US 104.18.167.224:443 pub.doubleverify.com udp
US 104.18.32.137:443 geolocation.onetrust.com tcp
US 104.18.167.224:443 pub.doubleverify.com udp
NL 173.194.69.84:443 accounts.google.com udp
GB 142.250.200.14:443 google.com udp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 172.217.16.226:443 cm.g.doubleclick.net udp
GB 142.250.180.1:443 dfafc98503adb3ed3fece8823cbde290.safeframe.googlesyndication.com tcp
GB 142.250.200.33:443 tpc.googlesyndication.com udp
GB 172.217.169.70:443 s0.2mdn.net udp
GB 172.217.16.226:443 cm.g.doubleclick.net udp

Files

\??\pipe\crashpad_1172_GXSYDQCUAPMFIJSB

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 678b9ebf054b2b64e7736f8f80a1472a
SHA1 2041798b9fbf611263a177fca10324d6041affca
SHA256 7c044b251068f07cc5192b882c79f1a0b21a9313a1470563ff09a5eafbe48101
SHA512 58bbbd2386921fb6eb7c00bf817e5f575e46b9cb9325527d167fabaf1820763c2d7ae801e97d254027dd474cfcee5d3ca726d13e11969a99d48fca14ebfb87dd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fd3c944d184e4f3e432f0d13f2de024a
SHA1 e106484562422b960f4de9a4eb2a93419dde192c
SHA256 a077da8b6c8623d8929f9e8b015b4ba990261660d111c835c74252a43c0f2fc3
SHA512 c3d48071a3940b50258c7eb1191ad2386771071f0ed1e652ec2e0fce14c998a29774d6dc00738a0fa06abe6f2d8894d8a7b5a58933c78abac8d92d90e7aa475c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4d8616089d25536ed685cb0cbb47d0de
SHA1 8dcc29a090748b6d47c772b7cbbeb69f00364a28
SHA256 2232e82c0925508e83476ac2041fe4e20915baa6625e52cc76bc736f7f945943
SHA512 68bf001857e46b7fe02a531bd8e4adbb1130d75e889e6a1571e1cf4f8f86508bf2099e5d4d43540902340cbd40f1329c4f0f726093cc299d42290d5e210a07a7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 17644d62e6cb0b0babecf5d4c2ac7e0e
SHA1 50f0d2681fa7833d6c8c3b7cd2848adffd0952d8
SHA256 661368e4abd967858fd0c6856ca9e1238f2c984c1acfb017cc5a1a0835c7d639
SHA512 6d259e7c79a3a65ce8576cfc255a04f6cace5c92f76d271973dc6b72e629b116936c6dd5c0848072af0d163741c2251f6288b543bb7da95930f7c28d8f851b1c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bc121bf553c51cf1f2661fdb3e838777
SHA1 1ec6721fd4515eec239b607608c2c32475ee2210
SHA256 d45eda8cc31211838cf764e9d6a348846d980aa693708e57c4b2b59ee0379a31
SHA512 6b50067e8184275a7852ce7a2a9cc0f42d6a453b756ea625ffc73f98065bf54345b3a6a80ee0b3398b8f3f78f6b675161e0dc9ea5aa065b1f9b68e58b6c8195c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 6a64f915fa3ffb63013dfbe9ce6a25d6
SHA1 5a57af4ae3c7f4ee7cc3f91706d8e6d73759489e
SHA256 a3defc2c6202d3d4d3275b72c3a5f07b33d289e2897a430ffca5f425347aa94c
SHA512 833db24c72736e25a5f5090ed66d28a6687ef626f1d7abca6af6d6521befade2887e403b6c4a6ad5c5ac0ed82b6471ea6790fa340d3a0876abc6f0d12ed77a13

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5d7c78e9cf9f4d3bb4d3b4f71883f284
SHA1 94f58c19f0c6872de753084d7586002b9800342f
SHA256 b22b6db8ea4720e5cbb434845b99eb20399fce8e2fc0c891afdbefa24f062b32
SHA512 dfa950928e38a035bd9c9a1650589f6ffcaea052c756e0ab58a73382cff70f58b6a735c9dc32eb29ca206fcf386cacb882f5afec722cfc4d0e80b547401570bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 c5cf113d59bd9accbc5504fb2f6ce69a
SHA1 6508b38ee35fd19c72f150244894473b40ca3fa1
SHA256 b987b31588244f04d10bb27c2c4cdd0c59df0dc4ea9dc7921783f83b2d439f53
SHA512 be1e620cd7fc19a0af7aab837083efb0cf06e8c6b4673c92abc4f2279c08a70c03608d9256f4b6fc39dbd279392d4fea45b9b34ed0e81b35c3dc00520ea86f09

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7ceaa9521b3fcbf190028baa6b6e062a
SHA1 b3814a46256aceb9e8aa016f2590600819492bd3
SHA256 72f02c33aed46455e9afee1e7f52c51c19ee1eb24d34e0945ffec4113097c0f9
SHA512 2b7d5f60e1ab7765dc0eb3ad47949f7f528e559fc0704bae867a18232fe1f7f47bd806f4c2385d8c5ec0a689aa1913d51843b1dfa165e09186446c52753d54c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 b8e407fc2ce007ebedb805315e742825
SHA1 4a220eea50f40e19e2c0530df983ea594ddc3cd7
SHA256 c9634dd4bc177baf37af47e478f7a59f0bead11ac5c7205a68923c6cca38cfe2
SHA512 b2894280beb8dae17547cc79c6f9ad7d4ef49ed01ae503fcf10350a0e7ff4f18d6ae42934f1741d0d143df8f053a15213c41f2cd1539aaaed19abc8fccce0b1a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 a7c5187e0469d74a9f36ffdcbcc9b577
SHA1 9691f0739e16c1af70806f8f6bdcf92091ba290a
SHA256 7289cbb4374b86f7bfe941299057c07a264fca293883715627618898a5d0734b
SHA512 d91c0ad50ecfd5a34581199edc1eaa3490e508c2325e1bcf00cf484b1a514d063be8833355ced845361dfa8b6a93107fd6ced3b98d159150df7b8ae84a003fed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a3da3ca978cb34b6707119e173a7060c
SHA1 2a8d167695b2d06c343cc95195e7c3126ede8c3f
SHA256 06f96f36566cedb378906fb2bd1cab1c93857e63f09334e8dcc07f1b10efd0df
SHA512 5decb8e223b05f66af727367f5b4cb7798a777205bb545f71a952b560c0439825106eec42d31b2c1cf4a8209b4abf28a41f9f5a41ba562f94fe97e661a866d3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 522c2141b419c28522def9587351a0e0
SHA1 d67a9987592de20031bf7abd37af7aebf8d7bc35
SHA256 168f479e4bc81d2538aef71af57305ca017ef61b710dfcc96019f53769a67a9f
SHA512 ceb4422bc407622eddc432d2c88276dc4fbe87b28dbaa5c4648d6dcbca8a08c1702fa7d626f52a0c64c834e11b558a2d9635229ac27bf9647f0a05eea0d93bcc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 005e3799a36aef6c5e5c91ac2978d759
SHA1 216e97f2ba2a63e89b4f8174b283519d37c6755f
SHA256 ade5af44a96f459a62ae653cd96313b6bac6ed08ce69615c7ff7095a85fa906f
SHA512 05d6defde65904e1a3081673f0635da6ec8382a4760bdd266bab80b0486b40969ceee5b83e14ef2c5f16d1afd74351b987eee7b0544db8321a10535c46c4d803

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 fcf0ca2b6ce26e2ffd6b5a230f1625be
SHA1 a81bd7483095e4726e58fed2d0abf22cb0a11dd1
SHA256 ae54a7e46417c0d824c90f60ea81a9397cd6a0ddb3c2da6a68b38d8a1a24508d
SHA512 3bf7496dc7a5770b6974789fb4c1a7759027361efaf94910e3a97df4a6c9c3137968e6f90a3bd723ba12309cc491001601a4cef7404a4906eeaff9555b7bcc97

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe58c01f.TMP

MD5 01314538a03f97ca7898573ceffed2fd
SHA1 2397c403edeac693b4b8632dd6e4a9ea3b6899bd
SHA256 3aaf29f1c7c483a91d0c15ea0137cbab01db7b4b2e562b6e459add32fc8d8201
SHA512 9bf79fdd608830a0665b041ed3e4a5b2979f44fee183517266a60dbe34c43d94e6b2d2ae4848bcdd10bba17ffbe147227cc0b09361b49ca5ad4d7780256da54f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 c7b3431e47072d5b592ae37797997e5d
SHA1 46c13092597b97a7dd1383a5c000e28ccbabefb3
SHA256 6b19243c2810e474d571e6feeb9f7643252489e78348cc497d1ee05e9562d8e5
SHA512 01fcdcd393fdf11cef4858de86153ab787dd638a37006fe7b17ca04d8be668be42ed29f6b57632a0c4d21d4d1e513beb562d1c58e0dce9a8301c734afe093249

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir1172_1767674737\Icons Monochrome\16.png

MD5 a4fd4f5953721f7f3a5b4bfd58922efe
SHA1 f3abed41d764efbd26bacf84c42bd8098a14c5cb
SHA256 c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3
SHA512 7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 9950e3c752c530c62984708bfe061e26
SHA1 af0f0a3bba9d58008d54f3294bd1ddb84fef89e7
SHA256 66196839b87b332f8f2ac7c3a56b56b257f75d2726f8a9d45aa7472d580a9e00
SHA512 a591cbde2a03493e4aa277c6cc3b89d803edb7999ac40fb036d3dd4efa49263c6b366e77239a49831db895a8ec037a130c7bff19d49be077daa65c8ec19fd629

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000046

MD5 0f49bb1b91100dfca4aa9527f09cb7fd
SHA1 1a9d1c5eeda4abcaa18694e5f0694e69ed13d147
SHA256 a8fc1cc23aaf6985814a81e2dc22ceb156cdaefc038374fafac1969b24e73c78
SHA512 7315d44ab0de3824fc228a9cc9b5249a548782872cc563db561a9a818d52a5f38293cd351f536984a2170cdcefafe8a0d6969ed1b6a8e3fbafd20c6bd363b628

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b35f3c667d394f754559df38500e2554
SHA1 3fa6d26ea132e5a71d466cf155a9a8801e91139e
SHA256 24667d8b69cfeeb4c378686e920aa7bf6ba486f644facbdf5e31715a7ec73a5c
SHA512 10b37e72f4889e1f1a410ea2a9550770192901ff62c22e4169c18931a6c21c00ffc243c7235ebfb816509c21186dda00a50d6d972db6e2d61356ff45276fdbc6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 83f833c2fa0f7ef4047382a306b1cbbb
SHA1 e02d782b25bf039f2ab2ace6aa9c695d48f46c46
SHA256 dad5f1430db39848bfd880298a149c4b4c244d315cdac0e9cb4904f6bebb8359
SHA512 49c29dde6d3afb0e9d8ba0e9115c49eb3a6b0e098105773d93d19fc61b9cd5bee54b4b58279184d9223a2f29c1fc0d1bfd44f5e84a8a5abd07295c1b32525b1e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000045

MD5 045937268a2acced894a9996af39f816
SHA1 dfbdbd744565fdc5722a2e5a96a55c881b659ed4
SHA256 cc05f08525e5eaf762d1c1c66bef78dec5f3517cf6f7e86e89368c6d4a1ef0cf
SHA512 71a025a421384ed1e88d0c5ffadc6450a9e1efd827fe929f5ef447d2901cd87572fccf13dfa8b2706c9fab8160163e3a0c80bfe1ab49d63ffbbcb0e4e591a84f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 48932f04cae93b187a38b67166c900a4
SHA1 f3a8b1b2dbfc6d7530de0d8c8d1defe2f2921539
SHA256 ec50b031da53eb28de7194c65fb4a25a0b8fbec6b79be9fed494ce9c239856c5
SHA512 0eafd7bac1685ebddea1f55ccdd2176d0c151e0ebf9f2bc4cb02301ad43efff5331cbb73af29f4dadfe71af518cab1ed0c0402cab6ebb635cf1ba27d5891f113

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 cf0721fe843a0065ccd3e401bb0d34dd
SHA1 9752b43255cbeea6ca2a806815086babdd78e6cc
SHA256 ca4045563e656d45b8ba8c8a93c22d0110ba5881a9a63f6559196def3fe4e7c6
SHA512 86eafb24bb6a63327ddcd5501a018cd5254d257a16d291321d9e30821f57a7144cfb275fe102c26e35a154c6b7e4e0bb8b69bf04d29127f6bb9cc3580025db06

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ec6eb970-be94-4e8c-86c6-befdd1f1704c\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 d0c54b72cb57dc703a82185056973c4c
SHA1 71d682a476dc82395c1b7eabc1ef0c86fd14d363
SHA256 b6f05099c87f70d419c74e2f91e6bc32a583270313dad82fd9e0a18acc20a4cb
SHA512 98708f1195fb09891a49acdf2bb0e8aa732f345108523238d0da3df563f0f3b64fb7ae99a318d91810c59c6e3aeb2d31be5feff4ed9ad43b10c9781d197bcff0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9fb7383308bea7cf43c1930d349a1c47
SHA1 094134ebba57f8bf694d1704c0c2699d00956ac7
SHA256 85747c8e4a8628d59c9b1b4acd6fa308ab72a58a47ac1cb501564ce5076cd884
SHA512 384ba3a103a2298d761bf4750fd286dbc46a8f31c3712c6bb2c381b7ddfaea2cbfce384d22b1a39314f24b2b2e0c4b13595c103b51fba8b3843999b4ea57e9fb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 458a0a2b31cb65e2ef84028aefd108ac
SHA1 0d9bfe893b4480203fd8c5e76ddd9216021b2689
SHA256 b7191815756a57f266f0a02747ea9048dfcd708c12e61460d8c6be4ef2ff2639
SHA512 a138cb720c4b2b55ea57f887f6d088b9c42f623300bedd11e5786e0d4a3ae9ffe698b6c554b69e4e445dcd0392e16bde292bc84ad7d74c6bf6eef7a04db4bd5e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 3af9969effe3ecc90efa31144be08b75
SHA1 b6c5edf5ec5a3659d0adcc6d3ac20cd99fb78427
SHA256 044d3814b53dba588b295fb7d6d7548c6742439b277a07184e713a77a216215c
SHA512 0080402316cbe09b52533b2c8c1add38b6449879f5d98ebd2a5e159e628ab3b25b6953ac00d5ee21ba30da35cc7fc539e7619afa90592bb6ef0bf73825393eb6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe591498.TMP

MD5 dd7ec194e41f189b202f4d005f344a41
SHA1 fde70db7458de40a9526b7211abbbe7412368201
SHA256 d78e4f2d3fcfecfea30de74d9b285b9f0585498b07da00e9afec8be38ecdc8c5
SHA512 6dcf51eeab974570dd0b14cd6ae7061312df0608970e9a0a0f3eff80b68540d5992dc7544ba32eed6901c52effb9c643b00595d819b4059485c8f2747b7832f5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 37195f81e0ce9b54701e46b22feb4529
SHA1 086101ef604ac628c00f97fecca20d406dd11e1b
SHA256 d48fb842543bcd46d0dd063ca766571c2b692e08104fb0ecac353d3d34a50cf8
SHA512 407127b999d99e1842dfe5342fb0ebaee153fdcacfbecfa62740fd599110f6bf9ef76193403fb4e9c9ec7de4ee4392bb70686cbec6579e86c2118ceab43e81e7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 0fcd630193e4c6d340895043368902a9
SHA1 f4e68551172bccffe16115eaab3d635cf16b91a4
SHA256 ff8b21e69caf7852e7dbb4df932dc6bca1b0a0b6e1d7258e4fc3753b9eb25595
SHA512 791dfb5360f22c046bd88c46b043a23d77c3dbb780c28d469f75b88b01890e1ecd289d39bbac9f0e9b8fdd8cd0dda35a2c976fa8a1855ca64a80e1c0db50dec0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe591db0.TMP

MD5 c2a828cc0d14625d8b5dad53d78fa871
SHA1 d52f47af688af7a10c349116467e4139a20b2239
SHA256 b5a48fb01017c18a78f43943a2df713e60b433382b59e1b49e4119d535356a46
SHA512 567d85ce628f288dc9b1c4f19bb409a940b063f7935d0a4f78a8f6c74dcbedc347791a3494793fae1280b4d3826866c58d6a2336b87d016dbd26b11d21be93e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\30cd27d7-3122-4164-8ca8-bd9801718fa1\index-dir\the-real-index~RFe59265a.TMP

MD5 fa1347c6e85df318ac256df270c030b5
SHA1 89379cc7b30f6a2312c6d95f01b9d73f55def599
SHA256 5664ebd6435bcb5ca117df6ad7636a2839b29c2cb282488bf9ec3ef15e9fecba
SHA512 379decdea507cc8cda1b2e48971f69140919d8af33dc0bfd54c6cfa0a44249fa50bcd4067e944cf088e175052ee911e0a864b31d22e7a88b50091413cce959c6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\30cd27d7-3122-4164-8ca8-bd9801718fa1\index-dir\the-real-index

MD5 9e1e6786ccb92e01bef01052d79fc6b2
SHA1 7280030cfb28af4c6ceac573464c370e1df4018e
SHA256 f3c069551cc4183d5786db93d969655626faebdb925f5fe3a913e9d4d9bd4e6f
SHA512 ceb98a0cc41d2dda955422cf11146e09498330461d63a74a4361b3a67691e7bfdf24ae8cf33729187481155fefdbed15019e3e9bc33b96f38ab3aeb60cdb89b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 586bda1fb663723e859559b116fadd20
SHA1 970588afb07d8d943d517a81d9759cf1bc80e8f8
SHA256 8f4b22a837627a7c6e08d2afe4323e0bfc051a09391056747a71ac16e8b88a8f
SHA512 4b77d8139def74f40c12629839546d58be389c4eff48ec1a4bf798be485180a31ca9115fce9916c850c960d0ad56e9d5e770e8aaa8be456af6449d26193f9023

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7459761f7990928aaf45316220a0c193
SHA1 83d60ad9ab731f9e931f4f761f1419d32a40b4d6
SHA256 12b038d777ed348f4800995fae5678f571d3d42e70b4dfea6a974bb992c0086b
SHA512 e3d6264a48d1469566a7886e588a00e33fee27fc0b5a5e21c192cc340a4fe372f19b809c1fefa10ece37bf6ee3cd4dc1ede314258b238ac3617d10a9759b171a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_modsfire.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 f9802a5e7d2e69cf9e768405c9c0bb17
SHA1 f4654ea48bcafac4ad86c6413d288b6cceb7ebe1
SHA256 3b628e7d0620d7bce57831b9cea5fce1a110c63214c06d4d6a611e289cbe18eb
SHA512 bf4f6d1cd43e3c1d46bb6fb62ab7de13b84f1619c88da0ad5a7ba8bedd9d28cc607e55558ed4ef5196613b5172123c844613d3769f3993cd8e4cf616262f9eed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\007fe75c-3f91-414a-9350-a8af04c29045\index-dir\the-real-index

MD5 252e2ab16178a4b939e97aaad6486902
SHA1 261d53a2f2fc2df06f3161190e68f2ef932917f1
SHA256 2c936e0cf7aa9b349e85be3a561f48009c4fdff7a030630d39c1f51c0439e31c
SHA512 f180487f019b6f1c7715897b26321ad1b9902f63ed315aebddc46e8dfaefd5162887085ead09a5957c30e55a1e82aaafead8289ac1f877cec339623b3d4dbb7b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 328e4bf5b976adeb3d12bd8d2889e1bd
SHA1 1154af7cbce39f79ab6c18412dc5172daf8a2480
SHA256 95b764205b0461d04d55d5deacbdcffe696738197600f270577011b7af3fe111
SHA512 633cccea6028f18c4156c94aba2a144027937eba2aac23c10215cd4e9532cd514e02fb6696b34368aabf4b08caf712f96183d00a7c0c1af384373639f48a5618

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\007fe75c-3f91-414a-9350-a8af04c29045\index-dir\the-real-index~RFe596bb0.TMP

MD5 9f4b9bed50ff7a4286d0fcd727773377
SHA1 3f09d8dfd20577545bff6ebcd6ba2c561077d901
SHA256 033c72ba0afc9412ab1921f4333fd3fc5594615f0de4df5952ffccf73f2542fc
SHA512 5b20d613711ec91dc7449f042cb75495c6aad4a836f3a99315f215a11a8bfc1d611c0e69b6e015f49af041c9246594f9ba2ae1102883c82a4e6c562811514566

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 e4c5c01f3c1085160548af0745a5f065
SHA1 b6a5a1dce134bb86f46cd77672c98b650c1dbfef
SHA256 077a4ad3cd32336b893094fac7bf387d7539fde56efb4e9095a82763abc61e59
SHA512 b060b68942ac07d2a31ac9a5f7ae8b5dd6023c4dbcbda4a0a38aacf1e264250ec63d222cf15fb96eccd9d7a9e4da5b5c464f7ee7bc0db1247030bf6986190ed3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\b2efc621-7764-4928-9577-48ec0cc4610e.tmp

MD5 f7267649e2a68b26e5f315f3569abd21
SHA1 08c618e55c2fdece8272f39db6e631f368a1f4f4
SHA256 689f96d6069998415942ece22b64a322f104a4a1b38646934a1aa2125f73f79a
SHA512 7ac516bc55d6d548c5fc1a3e94cb483f0573201dc0b8504c7a45c04b320047aeb5bf02197847d7879ef2ab85ef6caab4d26d11567a790b8dbac9e5e351e7fef2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 1f2fe338c58c3f01d25731a8569aa402
SHA1 19b874915132357be4b4bd8a32dfdc033a468afd
SHA256 47d59567652ec395cd706960822fc400a54577cc3af41dc2d9b70e2fc4899300
SHA512 9f0b9a430bbb817a6efec4d5272c03b508f309905f1e2926a304b4ae5f1fba0b21e78f1898bd79249d7ed433826c38962115f0e6b7be0757e8af803544371f8b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a12d7a0791619cbe139245900cde0f56
SHA1 517df278789046ec7f230955d561631e967ed3c6
SHA256 e800907a4e0cd6ea63187d311887da01e0747c13e9a2f9e4b37b3c68d1114bfa
SHA512 54287af9a2f76cd31d9b24af88995612083b3587274120d9d96394f7088dfa5ccd2cbaadfb33a575c92b2296475e40ed29ff829a41c9959a68f2c664ca558053

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 657499635915e0a6a11cfdc869689b84
SHA1 c46f2c4ca683ba87b5471f31ccb04c84c41e9b2f
SHA256 cb46f87a225632b7e60b8c8388a0a4405e1ff80cee83897ae9e3107ad132f7cd
SHA512 488eee0ad73a2c7d8b43d06ea53064cd813fe28c6ebe988e85dcc51c99117abb0e718366037f62b4c717450f7854cee62ad66259555ebd4e570fb9532cb9f141

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 8a5a786e31f6038534f7328b736a4257
SHA1 f78079679850c7ed6b0983a23fdc71f81ea99686
SHA256 b29868d674293e63888779f63818cc7154a3a2b4ab46cdeb75a78a1edc4c9453
SHA512 1def1bb8c4c5f4a9003861a78d263f9933d894c293e9bbc0dfb78d985e4bda3e1aa931727a7c60ddcc15e033c470d7d93cb3e6b4c0bce0e13f1e4f0ceea0a964

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2a76c2b9c3db4f49feb225687aa44d75
SHA1 8fb5f0be74be8ed2b0497c8dd00f1122ed55c185
SHA256 8e1b69753c7006fd1e8429d8a8727c6919e3eed9dbf56652abc41684d3817cd8
SHA512 aec1d89542c16556e4b00100bcff71d739ade756cbbb99211d30eb54db893e9ad3c4170354259d782cd27c05fcd40a5ba92683c327003c49eaec4bc1b9a8ad4f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ff90474e0dc7a4f59f76a9bea1a139db
SHA1 ea08770849d14796ab0597c930c6d131cf8c4af7
SHA256 726e5f676c4f57ee31603df67ae777f33467fb207f4fb517e6b4579dfa849633
SHA512 b16b7c04315907f158150633385e7ab4c279508fd9093c7907f8ff471589b340f78cbfabb8797a51f7fb666988ab03b905d81b1fea87004d2bfed619383bc196

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 4b368cfc22deb9dbc3df1213eb979673
SHA1 24441d18e65c92849976d3a12b799acd50a2007b
SHA256 1cc73fb0f098c4c30bc295ab8bcbd27a9c0abcb75689146cd548635ba875c2ca
SHA512 4048560fdf388f64f0d0a3b66e1583f435084217d99a6eae3445060cf2e7765cb66f7dc14583ab6a858ce1d2910fc42cbbe0f24fb8491558c0726ba47903cfb5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000bd

MD5 9d43bb045f7444664c73333b4fc58220
SHA1 bdcf0fc36256f6893fc367dac9e4e439a78cd370
SHA256 f9034ce9158cc96e9733081513717b58b14f843d82bc6b06e89e8e421f68f7da
SHA512 fd886e47eb0ba8401db2f8a8fca40a3d046922e6825f200f6cbebed7f8a79d09f8f8f65cbb9a3e8d2eb7e36470bac0f8c185898084cecdde59b4997ac1ac41af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2fb8919ef04824bad01db1c4c0bda2b6
SHA1 d5995b0f6c56ccb3d44c1e9820b30aff51d53a2d
SHA256 0d1472e028eea18fcbf9aa97a06aa388790917b0b0877bb7bf31a082fba01414
SHA512 c1d54ed10b1c1b33dca32c13b9f4902061a36416713c0775063597e8345cc61cd1ae3ed878bab2bc5954dcd8a5a813f20202c73f877c09eb01e661115c4cd06f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8593bd44c4a02d715b429a9bc01335ae
SHA1 bbc2ec20fd437824a1bd09f21e2c86ab10cf8089
SHA256 4c8eddbcedd348c85ca15676d0e20c83a686415e3363a568680a6642c1c24fc2
SHA512 27a54173a59ec6153122560f814c0cb39079f672113e635dc6c906e2886c12b2d45e60cf7e1aab53e077b78844b07ac8e18a9749f3741ee38b35baf9c97e23ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 0118f8851dbbc3ae0c8ecf7fd1ca37b1
SHA1 c289b52a2e547e33adf15fda133ced9cb6d9f368
SHA256 b02e5ead665b62e52654b6a4bd9518bf6992f8446e4891331efa3e934bae6cfd
SHA512 e167dcdcb7f50868b7838047ec0adb868fa18f1c55e10984d27f26e4d672a9525f930c2883db8e208ab0d293006ce01dce85507c4efe3afd192e829d27f7337c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 34dc97a26f7ce152aa0b5c5fbca79b74
SHA1 a0897188cd3e08b070811eafaa1f7d25c5a3e785
SHA256 c96f40af950a7eef8a917cb2be4bf468582cad455f21fec4a3519708dd168d2b
SHA512 aaff42175244d0314803b02c76b584e6b56582f77441c9a43e58fb75faed25663880d1fa31f1a9f2bf2507a008844b4d86dc248b40c42d4c7b8e2ad882d6d53c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 dd69fa507b43feb01ca7cd1881974286
SHA1 a7242b7c4d1ccd0fe6536a74b499ecbdea86820b
SHA256 26d06fe27b4310911e7d274d9fce8ef3b386c1ab836780221129deba1fc98013
SHA512 f4d7f40c03344e8525e20b0b8c7bf8b9ec2a97eb6c4fe269f58d793315c18e5482a527d758c51decd1c8318452a82160958585f97cb534ba432953c6de994643

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5979140ff0bfa3bc0d692311f4e046ab
SHA1 6b15b7548adaba86a0e65415cbd95aa8501f103e
SHA256 55d8d6ceb5fed66c0a3063b5cabf57aff8215d4e6bbe33e55262c63f5cf89f08
SHA512 44a07f893a0027d6d0e75951786862ca0b78cdf28cb5789858219a5c237340e0f2985dacd3905a1a44a47c574bfed0074518c0f7a487ddeb7cb7bca8e4630389

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e83ae2f490710e860a57c12ab0c35b7a
SHA1 ed483c3b0a46105ebaf89708b1246ff6da6e2c99
SHA256 654785cf1b9cb668876d5dcef8f6fbd05d1e0b3972dd920a296f5b5e86c8660c
SHA512 edfd3cc6a372b5328cb25b8c71481c0453ecb2addcc5ebcacb856aa83d2475623a3b507f59c25d5cec4d915ae0e2b1a87f53f04fc8bb18ea7f4aff910ab400e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d4db96780f2e9d7282d205010740fea1
SHA1 4fdd35e1af62746758ad86bd8222c4d167ee33ff
SHA256 555f6dd0e8afc74693376064989b5996167c98a9500c81c13861150f73d76ce3
SHA512 988137508bfa2acfbbfb0638a8653538a4bb388bdc1908aab457875989ee1cd54adbf3f0e375806d9e648aa498e93043a796dbc0ae39ae07e428d078df5af9fb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 d21f6316f633da2396d7e4eb3cbee8a6
SHA1 671105355de626def9943c4f12312c7ff705713d
SHA256 eff391ed40fb05ee2e49db2e39e3084e2179dd4921dae992b18603f5691cb6d0
SHA512 f340b368e71d1697a2706d4ca8f0dc80ed5ac8d053805312dbca2c3f5b5e1772438edba934f8baa66886d3ba5b8414715d01b45607ee00cd66ac0cffabc5f87b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7c8d3e01c35595ea667ceec7f76fba5b
SHA1 ba42024fa038765d7370d7cc4382a15e4e3f4734
SHA256 5aa721f1336aeffcb20fb801e5413fbfe42e1cbe4b1e1768795ff1e776d7f77d
SHA512 a7bf2645a2d6c1c0211f75f32ea3e7d7020ad2ea87e4fb3863dbbfa42161142d8834e93217c6d99406cb3f43468122de448d2e1feb9ec3646a48581bc17baca5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 863f7f5c1f5596f9218d513303dbf556
SHA1 9151f9e6e4c49490dc33f75c09bc69725f3766bf
SHA256 d1e136e959979b4fdbf3304142b10c13e7758e1561a84dfe402d21f3b99b9552
SHA512 e4807141ed09d383bd410b8d73f5a56bd7444ef2c83c3e7c7515ace06db4137c6e1180c2b60446a5aadcb2bdd25d8d43a7b7594c5978e2e8e8255255434c2831

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 25b30bc2a4069c092db738f8943dbd7e
SHA1 8eb5c3704b745e6fc4d33ae36d9ab598fe2d602d
SHA256 19f55621672f73e942633afd39a91be01883e99d8e52bf31224a2350ac775b78
SHA512 89e1895feee4ec62c760e5ea19df869fa109cc0383c246c09d746b0dd087255ebb87e8b39ee68d7b6e19426ab0e7bcee6ff286a9c548d4e9489ec198739e37bc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 bdaf29e3878398e6b6d61e67353633cb
SHA1 f03643cba06074e198ceb393c4ce96b7524fdb22
SHA256 5a72a8671e259a0aef1dfded3e7992d1f32afde31373cdfc0588d680b506dda1
SHA512 d9ec1da205da0b376aa07b3ffc546b39a5600de08d96ecf562ad0d6c082efad73de66a425d52ec64e5d0c51e7786747a08df9b0ec31298901be960b4df9ada6a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 bab3db0e9954dced692d3c9fb6095fea
SHA1 45fb8ce0983948a440e3ee55c8054102f833fba6
SHA256 239a45dd9f6555f03818f5869a6e39c6a77d600c02f270a01d737b84e598baf1
SHA512 75dd5c27bdfa718bb8e9a812c7a4b2af9d134806ff44605cb45cb097dc8768d2208f02d0e8ce252ef0cc59af92d4f7a251f7b0c20245195489f5a6e861c3b21b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7e95ae304935a98cbc50b33ca66aa45d
SHA1 1cb7a0792d3b36cc30e619bf04a4745f4dc5deaf
SHA256 780ddfca65ae7b5958eaac411ba091511e6ec255c4159a9a2616a5caec17f733
SHA512 28171506b3914e07db307b4859f06fc29f838e1d5c49fc0d2cdcc616607b517b83fed8f8918cae74178976b4285161a431a9611247cb2283f77585f9775cfe5b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 be355cd3ec3ee4c160220a3f4cc90245
SHA1 bd64274fe335877cf810cf897f98d5ae6f2db7b1
SHA256 b62231e42452ad59d1a6ea5e5670641f3bfab97fd02a0d504040f82d1d4a8b2c
SHA512 e8d337cc9c53aab0a2e2ee879c3bd6e2f175c1dc9bd36d08dae1c2ce0303604762b62924963cd647024ec04e848a0a9581749721f760ccb90ae46fff9b455925

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 69103a8bec13204ebff984bd2aaa8f5a
SHA1 9a8274060af29490174e3899b11735ebcc2f1700
SHA256 41633f2e91315bc459e548a56048c2e0a79703f820ece4d5f22042ee97c16b8c
SHA512 f2ec65728c29ed5b1e0d308f7b5b77c4bf9d76b557edbbb651c48ad07666cb94b984146b0d2bda0a5631b9360d8a2260dfb45e8320d8bdcf607a81c6e694816e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 9114bf2aedc695dfd9c4acb606c3acb2
SHA1 41ab8f5b3d16a134344400e90103f649b7b791bc
SHA256 9d71d9f277f9db838b51bc9404f3cc42353ef73f29bab078bf47b1e451c1acdf
SHA512 cba1804db14b25df692266cce601ba95f134d10faa2770e0ff8a245433204bb8a5694ffaf0a390fc8a6e0df110c71c30f9b0afa1763e482ae0a3bd81c0a34592

C:\Users\Admin\Downloads\Unconfirmed 270531.crdownload

MD5 dbb820772caf0003967ef0f269fbdeb1
SHA1 31992bd4977a7dfeba67537a2da6c9ca64bc304c
SHA256 b2ac1e407ed3ecd7c7faa6de929a68fb51145662cf793c40b69eb59295bba6bc
SHA512 e8ac879c7198dffb78bc6ee4ad49b5de40a5a7dbbda53d427d0a034941487d13c8bb2b8d590a1fcdd81cd6abb8f21fdfcd52924eb00c45a42ee06c1e4b3d590f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 073a3b29ce407db05275bd995ac5a5ca
SHA1 52d595d13cbcf63db0c9e110696070e4867a1484
SHA256 424217d05e105267675984b183e9bd7dc27a4c5b7990de46287d46c1b479e690
SHA512 fdaf837b3809bc6f59459e22647834f80511e10cb7847b57ec91e60c0e004f7228b7c7c9e4a2725aa19fc985198d12c90f13cf8102a50c90a9e5f04a181bf183

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d9874a868c14d1b4944c2cb1aaa514d1
SHA1 906abae661034bb3ede9878a4cd3a02ac2c65db5
SHA256 c266dbb69291271e5a3f85ba58fc0809a6f8798746bf841f44912d8be5bdd165
SHA512 e9055035bf4b48bc6f2c93e431249adeb15f134d1ee5cb6901b1575d3a3d4d22d747d122ff76c0a37556601e485a3ca194bcf00ed9beeb4461a853f9c4104420

memory/4788-2423-0x00007FFB05B20000-0x00007FFB0601E000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0

MD5 2c67874527db3f974ed278a82a0a9d15
SHA1 6b41e5abfab880964716956bb53b754a57e9634c
SHA256 6cb4d46cf1bab5af2bf90465b66dfe2784dd48e0eaa5c9f74383108435c80910
SHA512 9bfb11f627f6dbc155617fe5f14c04a246e2cfa3dc5a7f467530e72d6e43e71a2fa8e293b11bc85f0d822f6bf58526ba460f7deb85dc54716a78919170f0ef06

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_0

MD5 0b66dc14f64e89e0e0751d612c180887
SHA1 020efa9ed11fb20de189b72c87141446f950efd3
SHA256 8e0177325345498cf5120b7f5212095cdfd1ae78e4973ae76804d3e4b7463df5
SHA512 c0fab0c51a94fb3e498b9998feaeae72fc2b4b5b5f903aa082b9823dac67cb48257e96c2ecb2906189b47fe45087b8484bfad6fc33e4a841efed5d72ae651a79

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b0eef693fdd7335786b4e53f3fa6b643
SHA1 3ed0ea13d2e0c496ef4e8db75cd4e13e6edb888b
SHA256 0cac6adc2c59c7164c85f95ba39554e535c25f9c9615b761e55c1bdd821d75b2
SHA512 3d26d27cac3102e22203cd1ae6517f6f543a30028a4259fd3eb06782d84f7e1b98c752a3c1a0c58af4ba766257dc3440f176948d013568d5ad62dbcb669e451d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 83fea93dad4700560da8c1d49f0208f4
SHA1 c7dbce90f0147ce6166348c8e4badd7892d5c2fa
SHA256 a14a4a2ea32a29e39290f9d31cfb8676de8b6538445d47aad252d45724919cad
SHA512 8678b7ae560a447b1c607d67bc31111cf8e96bd49adc4060f184370b64931e6824b96533a550c9f4f45f247f23204f7fb26848f33a10cebc0788b3aae9c1c7ad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c9f2973442d8d9c851e0673e4dde1774
SHA1 b39fc918753593ed352a67a678746e11be7a40bd
SHA256 ebd1e20f0316b17178149c05bcac04b030a919f39a6225347d29942d05fa6dca
SHA512 f3db7af4a7d41513ca1d09fe1dd595f7003d900b5726686926ad86c567d344e8d45ea662d8428db91e6aed324efe42284069377ea3c990b0804b527ce24ba192

memory/4788-2460-0x00007FFB05B20000-0x00007FFB0601E000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 020cee180eeb96c6623535d73585e81d
SHA1 1b4f3082d9f85a56ea9779ea8616269fb790a4ff
SHA256 be17d71c22e0c04a833e270164b0a54c07571561fb59ecea520994608213945d
SHA512 038eab401d4d926f3663b9cbea862572e48acf7afef53867241c166651ec6965f52084c891be258fd239b323ea8c59513d7cd4cea8117c32c8571ebbe01a769c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dd469df3a5b3b2c2ecd81871446d3890
SHA1 d238c1b4e5ccf18968cea320d160feee75e5464a
SHA256 730ee22c869b41bf2f7c15eb397aaa61e495cbc64baa34c4e1a26627357b7866
SHA512 e1d2aa011b9117057b4c059b329dfe9cd96202d09246fbf8b0a686e61d02542685a59a1b6635618e2f1e20cd3e345d15e8fdabd1469da8c631ae75ede36640ae

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\content\configs\DateTimeLocaleConfigs\zh-hans.json

MD5 fb6605abd624d1923aef5f2122b5ae58
SHA1 6e98c0a31fa39c781df33628b55568e095be7d71
SHA256 7b993133d329c46c0c437d985eead54432944d7b46db6ad6ea755505b8629d00
SHA512 97a14eda2010033265b379aa5553359293baf4988a4cdde8a40b0315e318a7b30feee7f5e14c68131e85610c00585d0c67e636999e3af9b5b2209e1a27a82223

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\content\configs\DateTimeLocaleConfigs\zh-tw.json

MD5 702c9879f2289959ceaa91d3045f28aa
SHA1 775072f139acc8eafb219af355f60b2f57094276
SHA256 a92a6988175f9c1d073e4b54bf6a31f9b5d3652eebdf6a351fb5e12bda76cbd5
SHA512 815a6bef134c0db7a5926f0cf4b3f7702d71b0b2f13eca9539cd2fc5a61eea81b1884e4c4bc0b3398880589bff809ac8d5df833e7e4aeda4a1244e9a875d1e97

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\content\textures\Cursors\KeyboardMouse\IBeamCursor.png

MD5 464c4983fa06ad6cf235ec6793de5f83
SHA1 8afeb666c8aee7290ab587a2bfb29fc3551669e8
SHA256 99fd7f104948c6ab002d1ec69ffd6c896c91f9accc499588df0980b4346ecbed
SHA512 f805f5f38535fe487b899486c8de6cf630114964e2c3ebc2af7152a82c6f6faef681b4d936a1867b5dff6566b688b5c01105074443cc2086b3fe71f7e6e404b1

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\content\textures\TerrainTools\checkbox_square.png

MD5 2cb16991a26dc803f43963bdc7571e3f
SHA1 12ad66a51b60eeaed199bc521800f7c763a3bc7b
SHA256 c7bae6d856f3bd9f00c122522eb3534d0d198a9473b6a379a5c3458181870646
SHA512 4c9467e5e2d83b778d0fb8b6fd97964f8d8126f07bfd50c5d68c256703f291ceaed56be057e8e2c591b2d2c49f6b7e099a2b7088d0bf5bdd901433459663b1f8

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\content\textures\StudioUIEditor\valueBoxRoundedRectangle.png

MD5 521fb651c83453bf42d7432896040e5e
SHA1 8fdbf2cc2617b5b58aaa91b94b0bf755d951cad9
SHA256 630303ec4701779eaf86cc9fbf744b625becda53badc7271cbb6ddc56e638d70
SHA512 8fa0a50e52a3c7c53735c7dd7af275ebc9c1843f55bb30ebe0587a85955a8da94ff993822d233f7ed118b1070a7d67718b55ba4a597dc49ed2bf2a3836c696f6

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\content\textures\StudioToolbox\Clear.png

MD5 fa8eaf9266c707e151bb20281b3c0988
SHA1 3ca097ad4cd097745d33d386cc2d626ece8cb969
SHA256 8cf08bf7e50fea7b38f59f162ed956346c55a714ed8a9a8b0a1ada7e18480bc2
SHA512 e29274300eab297c6de895bb39170f73f0a4ffa2a8c3732caeeeac16e2c25fb58bb401fdd5823cc62d9c413ec6c43d7c46861d7e14d52f8d9d8ff632e29f167c

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\PlatformContent\pc\textures\corrodedmetal\normaldetail.dds

MD5 f527b5859d7ca6c080ba954f3013883f
SHA1 3d00b598b1fb762ae0921bcc49ca189f05f417d2
SHA256 ff11c95774ee0405666fa313f1e53ebb46b1352bfff3456ac2b2caccdab07b4d
SHA512 e908a29c4316a15f5c16a005c69b402e0525b80e0c3284d6f19074ab8b05d62d079ecf43974b223a68d7c56cbf1789df69ab260553de1aab0edfbdad5e6d654d

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\content\textures\ui\Controls\XboxController\[email protected]

MD5 55b64987636b9740ab1de7debd1f0b2f
SHA1 96f67222ce7d7748ec968e95a2f6495860f9d9c9
SHA256 f4a6bb3347ee3e603ea0b2f009bfa802103bc434ae3ff1db1f2043fa8cace8fc
SHA512 73a88a278747de3fefbaabb3ff90c1c0750c8d6c17746787f17061f4eff933620407336bf9b755f4222b0943b07d8c4d01de1815d42ea65e78e0daa7072591e9

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\content\textures\ui\Controls\XboxController\[email protected]

MD5 83e9b7823c0a5c4c67a603a734233dec
SHA1 2eaf04ad636bf71afdf73b004d17d366ac6d333e
SHA256 3b5e06eb1a89975def847101f700f0caa60fe0198f53e51974ef1608c6e1e067
SHA512 e8abb39a1ec340ac5c7d63137f607cd09eae0e885e4f73b84d8adad1b8f574155b92fbf2c9d3013f64ebbb6d55ead5419e7546b0f70dcde976d49e7440743b0f

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\content\textures\ui\Controls\XboxController\Thumbstick2.png

MD5 a402aacac8be906bcc07d50669d32061
SHA1 9d75c1afbe9fc482983978cae4c553aa32625640
SHA256 62a313b6cc9ffe7dd86bc9c4fcd7b8e8d1f14a15cdf41a53fb69af4ae3416102
SHA512 d11567bcaad8bbd9e2b9f497c3215102c7e7546caf425e93791502d3d2b3f78dec13609796fcd6e1e7f5c7d794bac074d00a74001e7fe943d63463b483877546

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\content\textures\ui\Controls\XboxController\[email protected]

MD5 499333dae156bb4c9e9309a4842be4c8
SHA1 d18c4c36bdb297208589dc93715560acaf761c3a
SHA256 d35a74469f1436f114c27c730a5ec0793073bcf098db37f10158d562a3174591
SHA512 91c64173d2cdabc045c70e0538d45e1022cc74ec04989565b85f0f26fe3e788b700a0956a07a8c91d34c06fc1b7fad43bbdbb41b0c6f15b9881c3e46def8103e

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\content\textures\ui\Controls\XboxController\[email protected]

MD5 e8c88cf5c5ef7ae5ddee2d0e8376b32f
SHA1 77f2a5b11436d247d1acc3bac8edffc99c496839
SHA256 9607af14604a8e8eb1dec45d3eeca01fed33140c0ccc3e6ef8ca4a1f6219b5dd
SHA512 32f5a1e907705346a56fbddfe0d8841d05415ff7abe28ae9281ba46fedf8270b982be0090b72e2e32de0ce36e21934f80eaf508fd010f7ab132d39f5305fb68f

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\content\textures\ui\Controls\XboxController\Thumbstick1.png

MD5 2cbe38df9a03133ddf11a940c09b49cd
SHA1 6fb5c191ed8ce9495c66b90aaf53662bfe199846
SHA256 0835a661199a7d8df7249e8ae925987184efcc4fb85d9efac3cc2c1495020517
SHA512 dcef5baccef9fff632456fe7bc3c4f4a403363d9103a8047a55f4bd4c413d0c5f751a2e37385fe9eba7a420dbdb77ca2ff883d47fcdd35af222191cc5bd5c7a9

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaApp\graphic\shimmer_lightTheme.png

MD5 4f8f43c5d5c2895640ed4fdca39737d5
SHA1 fb46095bdfcab74d61e1171632c25f783ef495fa
SHA256 fc57f32c26087eef61b37850d60934eda1100ca8773f08e487191a74766053d1
SHA512 7aebc0f79b2b23a76fb41df8bab4411813ffb1abc5e2797810679c0eaa690e7af7561b8473405694bd967470be337417fa42e30f0318acbf171d8f31620a31aa

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaApp\graphic\[email protected]

MD5 3fec0191b36b9d9448a73ff1a937a1f7
SHA1 bee7d28204245e3088689ac08da18b43eae531ba
SHA256 1a03e6f6a0de045aa588544c392d671c040b82a5598b4246af04f5a74910dc89
SHA512 a8ab2bc2d937963af36d3255c6ea09cae6ab1599996450004bb18e8b8bdfbdde728821ac1662d8a0466680679011d8f366577b143766838fe91edf08a40353ce

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaDiscussions\buttonFill.png

MD5 81ce54dfd6605840a1bd2f9b0b3f807d
SHA1 4a3a4c05b9c14c305a8bb06c768abc4958ba2f1c
SHA256 0a6a5cafb4dee0d8c1d182ddec9f68ca0471d7fc820cf8dc2d68f27a35cd3386
SHA512 57069c8ac03dd0fdfd97e2844c19138800ff6f7d508c26e5bc400b30fe78baa0991cc39f0f86fa10cd5d12b6b11b0b09c1a770e5cb2fdca157c2c8986a09e5ff

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-8950870ea20941f9\content\sounds\ouch.ogg

MD5 9404c52d6f311da02d65d4320bfebb59
SHA1 0b5b5c2e7c631894953d5828fec06bdf6adba55f
SHA256 c9775e361392877d1d521d0450a5368ee92d37dc542bc5e514373c9d5003f317
SHA512 22aa1acbcdcf56f571170d9c32fd0d025c50936387203a7827dbb925f352d2bc082a8a79db61c2d1f1795ad979e93367c80205d9141b73d806ae08fa089837c4

C:\Users\Admin\AppData\Local\Bloxstrap\Modifications\ClientSettings\ClientAppSettings.json

MD5 636492f4af87f25c20bd34a731007d86
SHA1 22a5c237a739ab0df4ff87c9e3d79dbe0c89b56a
SHA256 22a1e85723295eeb854345be57f7d6fb56f02b232a95d69405bf9d9e67a0fa0d
SHA512 cd2e3a738f535eb1a119bd4c319555899bcd4ce1049d7f8591a1a68c26844f33c1bd1e171706533b5c36263ade5e275b55d40f5710e0210e010925969182cd0c

memory/8132-9555-0x00007FFB05B20000-0x00007FFB0601E000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d5c6155a3a4cba4d16af8b6f4da25d09
SHA1 50f5361a93076e26c49b9329930015a3651b074e
SHA256 677849c31094a6db4bbbd29d2b8509be75cd939a18e35e0fe5c3ce84f4687f38
SHA512 99b8ca855fc5aa4b817ff930258484382b982972c121f7a9d51cb8d6e75fa396dfe83bd2eddb52f2d1b6c4c50b579a0b29bc721bbfb3c17e7899b4cbcaa5e1bb

memory/8132-9566-0x00007FFB28C40000-0x00007FFB28C50000-memory.dmp

memory/8132-9567-0x00007FFB28D60000-0x00007FFB28D70000-memory.dmp

memory/8132-9565-0x00007FFB28C40000-0x00007FFB28C50000-memory.dmp

memory/8132-9568-0x00007FFB28D60000-0x00007FFB28D70000-memory.dmp

memory/8132-9569-0x00007FFB28DB0000-0x00007FFB28DE0000-memory.dmp

memory/8132-9570-0x00007FFB28DB0000-0x00007FFB28DE0000-memory.dmp

memory/8132-9571-0x00007FFB28DB0000-0x00007FFB28DE0000-memory.dmp

memory/8132-9572-0x00007FFB28DB0000-0x00007FFB28DE0000-memory.dmp

memory/8132-9573-0x00007FFB28DB0000-0x00007FFB28DE0000-memory.dmp

memory/8132-9574-0x00007FFB28E40000-0x00007FFB28E49000-memory.dmp

memory/8132-9575-0x00007FFB28C30000-0x00007FFB28C31000-memory.dmp

memory/8132-9576-0x00007FFB27780000-0x00007FFB27790000-memory.dmp

memory/8132-9577-0x00007FFB27780000-0x00007FFB27790000-memory.dmp

memory/8132-9578-0x00007FFB27810000-0x00007FFB27820000-memory.dmp

memory/8132-9579-0x00007FFB27810000-0x00007FFB27820000-memory.dmp

memory/8132-9580-0x00007FFB27830000-0x00007FFB27850000-memory.dmp

memory/8132-9582-0x00007FFB27830000-0x00007FFB27850000-memory.dmp

memory/8132-9583-0x00007FFB27830000-0x00007FFB27850000-memory.dmp

memory/8132-9581-0x00007FFB27830000-0x00007FFB27850000-memory.dmp

memory/8132-9584-0x00007FFB27830000-0x00007FFB27850000-memory.dmp

memory/8132-9585-0x00007FFB27920000-0x00007FFB2792C000-memory.dmp

memory/8132-9587-0x00007FFB26640000-0x00007FFB26650000-memory.dmp

memory/8132-9586-0x00007FFB26640000-0x00007FFB26650000-memory.dmp

memory/8132-9588-0x00007FFB267B0000-0x00007FFB267C0000-memory.dmp

memory/8132-9589-0x00007FFB267B0000-0x00007FFB267C0000-memory.dmp

memory/8132-9590-0x00007FFB26960000-0x00007FFB26970000-memory.dmp

memory/8132-9591-0x00007FFB26960000-0x00007FFB26970000-memory.dmp

memory/8132-9592-0x00007FFB26960000-0x00007FFB26970000-memory.dmp

memory/8132-9593-0x00007FFB26980000-0x00007FFB26990000-memory.dmp

memory/8132-9594-0x00007FFB26980000-0x00007FFB26990000-memory.dmp

memory/8132-9595-0x00007FFB26980000-0x00007FFB26990000-memory.dmp

memory/8132-9597-0x00007FFB26D00000-0x00007FFB26D10000-memory.dmp

memory/8132-9596-0x00007FFB26D00000-0x00007FFB26D10000-memory.dmp

memory/8132-9598-0x00007FFB26D70000-0x00007FFB26D80000-memory.dmp

memory/8132-9599-0x00007FFB26D70000-0x00007FFB26D80000-memory.dmp

memory/8132-9600-0x00007FFB26DB0000-0x00007FFB26DBD000-memory.dmp

memory/8132-9601-0x00007FFB26DB0000-0x00007FFB26DBD000-memory.dmp

memory/8132-9602-0x00007FFB26DB0000-0x00007FFB26DBD000-memory.dmp

memory/8132-9603-0x00007FFB26DB0000-0x00007FFB26DBD000-memory.dmp

memory/8132-9604-0x00007FFB26DB0000-0x00007FFB26DBD000-memory.dmp

memory/8132-9605-0x00007FFB26C90000-0x00007FFB26CA0000-memory.dmp

memory/8132-9606-0x00007FFB26C90000-0x00007FFB26CA0000-memory.dmp

memory/8132-9607-0x00007FFB26C90000-0x00007FFB26CA0000-memory.dmp

memory/8132-9609-0x00007FFB26CB0000-0x00007FFB26CB9000-memory.dmp

memory/8132-9608-0x00007FFB26CB0000-0x00007FFB26CB9000-memory.dmp

memory/8132-9611-0x00007FFB26CB0000-0x00007FFB26CB9000-memory.dmp

memory/8132-9612-0x00007FFB26CB0000-0x00007FFB26CB9000-memory.dmp

memory/8132-9610-0x00007FFB26CB0000-0x00007FFB26CB9000-memory.dmp

memory/8132-9613-0x00007FFB263E0000-0x00007FFB263F0000-memory.dmp

memory/8132-9614-0x00007FFB263E0000-0x00007FFB263F0000-memory.dmp

memory/8132-9615-0x00007FFB264F0000-0x00007FFB26500000-memory.dmp

memory/8132-9616-0x00007FFB264F0000-0x00007FFB26500000-memory.dmp

memory/8132-9618-0x00007FFB26520000-0x00007FFB26540000-memory.dmp

memory/8132-9619-0x00007FFB26520000-0x00007FFB26540000-memory.dmp

memory/8132-9620-0x00007FFB26520000-0x00007FFB26540000-memory.dmp

memory/8132-9617-0x00007FFB26520000-0x00007FFB26540000-memory.dmp

memory/8132-9621-0x00007FFB26520000-0x00007FFB26540000-memory.dmp

memory/8132-9622-0x00007FFB263B0000-0x00007FFB263D6000-memory.dmp

memory/8132-9624-0x00007FFB263B0000-0x00007FFB263D6000-memory.dmp

memory/8132-9626-0x00007FFB263B0000-0x00007FFB263D6000-memory.dmp

memory/8132-9627-0x00007FFB28C30000-0x00007FFB28C31000-memory.dmp

memory/8132-9625-0x00007FFB263B0000-0x00007FFB263D6000-memory.dmp

memory/8132-9623-0x00007FFB263B0000-0x00007FFB263D6000-memory.dmp

memory/8132-9628-0x00007FFB28DB0000-0x00007FFB28DE0000-memory.dmp

memory/8132-9629-0x00007FFB28DB0000-0x00007FFB28DE0000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 32e388a8d85fa4bac009c4401134c039
SHA1 6c2a2f5bbe6128b245e6cce7a5529a9a51e69d00
SHA256 3be7618f8d72f896419b6aa3dbc507be74bc4dfd3966c30c8b8c3ca0a4a32f3a
SHA512 e72019dabb5366a26915c52c6a802f6defa33bf86cffed71ec668da2c613d63195e0faa61d26fcad68d76e9642b0ba2f4e76073ca5046298758dc2e0a0ec4253

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_1

MD5 67dfe61563498fd372b697111354dfb0
SHA1 9f276a4df65389653b508972a120d4779af32d93
SHA256 b3f7c8079641b365f58d8876db49002c7231d1c2abb1356f2f6cdd6d16bebb02
SHA512 5e87bcee495c91d47b064e8eae916fc8212dc1b0996172a4eef7f46a3797e72b7d7aac42928dce0cf6af6a917c344f7e329c4f33b3c3e8a05540d5ed90bf1a6b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_1

MD5 3936aa4a9e0a16c75e782573de99a55b
SHA1 73734e90e9e92c5a8122e7b541f59c400535c8eb
SHA256 2c4208b0fbe3ca550a5c7b9bd80fc49456c40830a59a2034c80e0eeb071c5753
SHA512 9ddfea7d0a954f0cd600c2a2e018e71da1de95492c27dcd9af6a460750f88f1a1a2a963adf064cd275358ba048822e5b66cbd050595b17f157ebd9dc553ec8a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b127132281973a5618fee9392cedc962
SHA1 bc9ffa2017fe6db35e8cb363b815452486c62cf0
SHA256 c94a5795ca63329f2e8552dc7adbbab46668a410909d827a4cfc7b6e2c7dc7bf
SHA512 b7963215f27d811a93982cdfa2f5f8c058b99868502291116112168bbd8a16c5b73302a431b73fc1a886250ca9ff928fca70583f5fcbf09e95124a8748fda95f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 42000c9dea0ae2b88f9f6b816e300fbf
SHA1 0bf2cdcd9b56f10507125167844b73a2b64883a0
SHA256 a4238c1708981cb5c002c45eeae90681801c34a706b10300188ccb9506ff9214
SHA512 f7e5fd9b7ba8d3f3eea8bd43f0589af9130f81a4fc4da847e5dff156969fb42c4197bb59d1da0020f223f41debc137dc4cb0674ed300df10e09ad40f38083e15

memory/8132-9683-0x00007FFB05B20000-0x00007FFB0601E000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c7032dfe55a5043011a27730f0892d3e
SHA1 a1a86249688047fcb41c306e0b2a63e08c0a6837
SHA256 0a4467387f7d45151642a1339942e120113b28ddb4801bab48464990ff993cd4
SHA512 db091fb84db7aa4ce345a06c6fe179f150ae7cbca7697970a076feb6babaabe5db6451200b87320c6abe6b961e74acf2db9d2e7bc3571ff707d2fe91dce11a13

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f666964803dfe958bc0707027fe03806
SHA1 a9751c0f1afff5d9d5a2caa31f35db29744e19f9
SHA256 dded38f1180a0b2d10867091dd7919735ea65986fa26ddf6d1fa6c088304fb39
SHA512 9f321d6d2b3ceced3ec2057e05738c50201bfe84f73875d8603609b1c57155647e8d5c71d8531b2ee1c4047b12c63e622570860f79c6dd0eb2a57d0b8896de80

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4dcd18eaf622e6fe7b15dd9fcbc7fd17
SHA1 d2f2f6114922b302a2246a7332b87c00318cdb9d
SHA256 f6d243ad2ae32c27497974ce89f1a97f3ff79e5affc318a0dd7b24166a9d6aa5
SHA512 b60eb61cacf5903e7d52d23c04cef6f7db42cba2c7463af86f83867f73f0b9380723f780de16192a74637c1766079521efecb878019cbfd91afd776b405079f8

memory/10876-9724-0x00007FFB05B20000-0x00007FFB0601E000-memory.dmp

memory/11032-9728-0x00007FFB05B20000-0x00007FFB0601E000-memory.dmp

memory/11032-9749-0x00007FFB28C30000-0x00007FFB28C31000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 4bccac0a38a81cd9316a620ff91819c3
SHA1 de3791596f30f7d3b61e5e7923672b4732d09793
SHA256 4c855787d22b1924c1c2a40481d06b8aa46e4e45826aea5a62c022a14e7a3538
SHA512 9847f37bac72fbfb9654e5432c28295c0743701f542b5c8087b11037aa6847327b075b4145f59d22113a9616a39be3ac4a367ce73dd4d729d11218957aa42cc0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 efa44b13fda23bb24304e46fe96b51b3
SHA1 15e82fd1e4fcc48b9f1ff1449777624f963380e3
SHA256 d461436d0c0e828bc851db0f4606a018fb05d6ace6dc1ca2a6ab1b4d8708ef4d
SHA512 f70be110f312208c3061889859367d3d6b70cc27a7a603895f73bf49cc49ae89194ed5747bac8697e8e6d3f278cc9fae472eac3e7a280e7940f6aa65ce32e893

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 93ee5c7d96e29b1c28582c830ac28c7e
SHA1 e58b23f4fb6d998a2f030c8c16a0c08e782d8e5b
SHA256 a83a160db9aa60e2243e9ebc60240525c985dce7842a1fa6843c59e4fd88c427
SHA512 c0d2ed8f99b663140937e8b1beea832c1a9fc82d55bda1d3428353f4cec500ebe24e9861a7ef354d7e80df6ee3c57a5177282d465bf70723093b3d39e182e830

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008c

MD5 87c2b09a983584b04a63f3ff44064d64
SHA1 8796d5ef1ad1196309ef582cecef3ab95db27043
SHA256 d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0
SHA512 df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008d

MD5 6e802165991f1776b43c9e91851ffb94
SHA1 f9e0018db3292d7f4d33ddd9a326931acab62d11
SHA256 6ab5163cda6cb3883035d4f9fc85de1b4abe397025493c64febe46a428e335d6
SHA512 4417ec601068f7f5bad6ad2cfb554c7d48f8a6acf3b5b3133e481be4fdaa253dded60d050274ec1b0e009df020c8550eeee5c8ba196d74c5ce5a32da118869e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008e

MD5 5981b3e7bda3ebcf43ba247f1e5d2f2c
SHA1 a9dcb0b9e81304e57a64b8f7382fc8790dac1a06
SHA256 60b776623c5d84b6c7d160f5ae71f9dc95c203ba65cfe45f47a31d75ac00c151
SHA512 bc7d7fd7ec6cec532ccd7de70eee83656456d8e18a712159645619f03bdeaf82ebab437de20455619c1927cf5e15bb068f217598f0c18044f897dda0cd20c76c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008f

MD5 8a9b23cc7fb0af162ec6e9d9c5febec9
SHA1 0d8e31f4ecce563dc4cdf7b9875de763a2c1bf18
SHA256 7b38afe64db5787f398afd366e84f3ae6ed42ede77c8dd6bc4436ad52ebab865
SHA512 83d2a56acf2623b8c291db8eb65f8bc52decf21c39b33faf726a8a665c67cf2e05b79d2202bbc74cc546b2e17184b0c43bd8d463112c4a2e5061c12337ffdf00

memory/10876-10036-0x00007FFB05B20000-0x00007FFB0601E000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 4dc41dd8d39a6c28ba7255977d851507
SHA1 fb1b987b255be877dbf6593b8022bf8cf65ee3a8
SHA256 637b7844cad18288d7d3118aa583d32ea23c2bc88b0f3dac56dd7bab6e0c6f85
SHA512 b4586efa4ead95acb620d154e92f38a17d1e98bd7f1707ca099b0bae97cad2280663499fea9cc2e3fa014cbd8d7aad9177f1ad53793aa8ebd29244e65ae1dbd0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 65dfb6d0264b886c136b34659055e810
SHA1 896fe508d72062e7fef0a984a3ed39d809adcd64
SHA256 2bc3319b3b52a24b79a4a8c85b8409b9c41eae70761d5f7689f94d3d2baf734a
SHA512 fbff2cdc299957c05af9dec2f4f59ff7e697e373e29f8c566d1c98f7e4a71f0c69a256163d464cf2793e1cdfa19446164b2c3c5bb3d9e5248ec934369b2624ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\007fe75c-3f91-414a-9350-a8af04c29045\index-dir\the-real-index

MD5 62e1ef9c67ef9a56e1c5eb567292b508
SHA1 77867661c2919fba0b2a6faa88c13b3ec899b921
SHA256 ecbc8f727ffa639b4a6ffaa4d5eb842f0024bb5159af8a9cd8a5e9dbb479cda7
SHA512 2b51cb5c5ce5047561b457f9ac8f87122c362e64ce6fdb3b746740869a51c6e8a7056eb118b9cafb53a1fbd907a9fbecc77360447a1d37d6bde64b24daaac909

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 49410b73ed55a388f2762b1474ee19f3
SHA1 813015e424b0b58002eccffef484c7288fa4ae37
SHA256 691eb6c4bbb772e8586ca5584cee7298908e6dc45879cac742c985edc2c1c44e
SHA512 e4fb6570f8adca919dae07b52c8a1390edac8dc1e9ab3c6240ab9f24614b09848ef6dd3153b87d811f5a6439c7b3f5657a2c2318bdc57f4f5881164d2febbcc6

memory/11032-10101-0x00007FFB05B20000-0x00007FFB0601E000-memory.dmp

memory/11032-10105-0x00007FFB28C30000-0x00007FFB28C31000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\d1ad04c9-8817-4546-9273-2e24a1e1856b.tmp

MD5 8d1fde5e9ca3472a7658bda05e7d7cf5
SHA1 eb27b8e956eb33cf80585c5c658681a33f3b7037
SHA256 0d70c4af3471d104c805adf8917484cac0a1827790a02e541d405ebc575f73f8
SHA512 65136b96ff8a976835ae1165e1463346b4bbf6bf3db0419c023fa701ac001a97d9ec00f4b0b54c5b1080be7ecb044a8f732d401bb3211fc80625e59c8af69218

C:\Users\Admin\Downloads\Unconfirmed 691228.crdownload

MD5 9fb66ffa1e1f4dedfd16eb3a8170bafd
SHA1 69b5d57ddda6b97adde820b9ceaddae9c33d53bd
SHA256 7953b28b736795aaa54e6cd5cb591e794e2f770c1045ca2e33af5ff19f480eaa
SHA512 4b141802e7a4cb6bd4a7498d30086a9d83c62d37f2137f4910ca7d3fb7009079d4dc59b95050849cfc720210b0cb44bf588d15c08e3ba830aae19c0a27e8e6d5

memory/10876-10147-0x00007FFB05B20000-0x00007FFB0601E000-memory.dmp

memory/4788-10149-0x00007FFB05B20000-0x00007FFB0601E000-memory.dmp

C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe

MD5 4f9d28edc0c431adbfcc19d8fa47702f
SHA1 37a6e145fec66acce633199ea7261bf5dd3d855b
SHA256 17e5cfe0cd5e01c1cf679b2fb7da7f3eae6cac2481c41f355c23df375ee0b48d
SHA512 bb7a5f33e2ef384347f8ffa09381aee5609a5b4997a205c972e7d431effa8c89f47e065b41f3acd86c2a395e0fdcd2fa656b57c84c3b94bb2fbde52ed2284dc3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0ad4e421596bd2ff1607863caee820e0
SHA1 c2cbd65fdc4aff2bf05c8b75010a6f1d264443d5
SHA256 e49ed9160a2f0d2091e4148cda1661f6876bc476b8614d84a51250fc8f023c6a
SHA512 2e77b12b63c573e3bc2f037fc38263d6e574b5ca94cf14048c0e00291208ffaf554adfce47a26d523be394ec898678be8c265cc6f9c7166499e137964dfa8bd5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 dad63ed3d37427612d9d7b1414e09f5c
SHA1 0bcb9f98131433f997e7d3f4a650a9d36402207c
SHA256 6631483b854b6b1ac43d877c3a2664cddfe7ea0b0ca0ad59f4b9e80e1ea6dc2e
SHA512 360e135f48487aa9e5fadb771c60ccaefc862409dfc11cb68a6ad3b781673f47ac2283d87f50ca2a2573e13c4d17c5c3a1aa2afc03e049115fd169198816376a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cf564164a9e6cabcf20a0810a65afb17
SHA1 fa050782ca043f1bafb1d32e2b787e2d962e3fef
SHA256 316ee7ceaf27f4a01b81a95ae2f586f2f693d09a64367de2577051fc14036f9c
SHA512 7ad086f83068866601d4604987acea86d4555947836b198a5e291ef9dcfaf114f7dd99ad4c842413a482c8e083e1510fdfc0a42bce4fcd0a7c008e6a7fb17433

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 45d443fefeddafca5908b339ac7e4375
SHA1 11361b12d029a6f34dbe30c017585d1e3f6b5697
SHA256 31b61815010f3515957a4cd4ff04df050a032d36c223ad7400f077f40faf311a
SHA512 9d28b5e55ac987f44c6ba49a51e3653d4eba1931d29d121b799eaee23f5901c4d8180b5bea1d6813cfc555a21591cc2016b94603a9ef18a9cc06e848880ce77e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 535fd5462c84bbfaf8cfaae42c7d90e0
SHA1 5f5d21a1db6c929bb00f3f881995add9f4644072
SHA256 76cb2c5dab015b60804d0eb1e77950239e209ea4f5f691d12c78ce8121eccb14
SHA512 4d21858293a45a4b7cb8a96984b008763a7c9f4abbb774cc69d88a958fb9d53551e6b3739358e2f313c4210ca99d94f24edd359c8285a85f61cb2f3bd9ea3d4e

C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\f3b8e82c20c4bb3f94a2d7bcd2a82cd1

MD5 f3b8e82c20c4bb3f94a2d7bcd2a82cd1
SHA1 89618596be7cb90317eaaf2d09b05d522d008260
SHA256 7de6a5a45227b0f21ac7dd50af250e37f20b8bf2d6f4aa53a7f643d77515bd07
SHA512 82f15e37366efd29879add4f50cedbdc27d4eb885e190dd54c8e89787b51d59ccc21473f431292da679c7e8aa7cf2d0ce7219e1503d59a0f356e078f9feece55

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9b4bd1de58ca4c42bae3b92b5a6908de
SHA1 28d09d32233b373ce631ebc3a8b484e60e5b53e1
SHA256 92a7b637d47545bf5aaa665162513b76f970a97088878205031d5f8208605e89
SHA512 ef9f08cf71fa1d876d7d35ffc082aea021f05805b6e4819ba99ca7daa7599e82fea1748d7810f24715d0b498cc1d454ed926d4b846751b2c978913e9dbbdb9db

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

MD5 4dc57ab56e37cd05e81f0d8aaafc5179
SHA1 494a90728d7680f979b0ad87f09b5b58f16d1cd5
SHA256 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718
SHA512 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 e7b84246a1d9f67586133ebc594f6bc6
SHA1 02ed866bce414f74a1b2dc5590eb816ee21533d0
SHA256 6ea14a8a9a6032dc60eb0615977ec2523d7476cf4e18f4963b971e89df03412c
SHA512 0974010ee26e28bed7c12c085991efd933d25c27dc796b34f5b69e41b0fccf7ec4c1f5e0cca5b133eec957e48c3dab27b49b9ab19b403bc5ca3f3f86c18a7727

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8783ca76020da8fe961e8ce8971a1ab5
SHA1 f9ecf4c985cd5c5a9f3252c5b8ec1481ca4ade65
SHA256 a3467265e58c25ad5eddca24724e80f61ea18d997c9519c7fd00003d0ad105a1
SHA512 3fac4dfe68e9992bedf124a45642c661fd369e4e5e1ed162394866ef409fbed4aa859911ed66772a07628863cb3b6e8a5ff51f7df055bd3aa89684855581ab8f

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}\123.0.2420.97\MicrosoftEdge_X64_123.0.2420.97.exe

MD5 300df46436ba5d076b227c32967ada91
SHA1 de9d47ef0c61fb04b7309875e2f03c8fa37d19f4
SHA256 1614eb0c2697d74f2a05f8c973b2055e9cc158d94b19105e3a9d450adc9e333b
SHA512 ba3053085da062ec32f87aec43f527624248a81b702c8cdb359c0fba7194556658b49aca8ef98d885de5da5b9b2eab3f1fac2c99891f91949d1b9a155e4a6971

C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat

MD5 fd83fa1968184c4379856ac1761bf262
SHA1 67235b6beb6fcf18d498303f85c189b0de58e0d1
SHA256 7b3d864281eb5f6adcadcead27a5a14d6e4e56801d2e98f2ac9a9463a0fe2daa
SHA512 15b5b81a323a2c3a8aec98cd572bf9376a929e145aa7f5802c7d4114c629547634eee016eeda2cb234b58f7e5cf8bb116daf28d398b61b5106d1e130d16ec79e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000109

MD5 ab3cd37336cdfc59d7337d0187c7c319
SHA1 0a11806094b05dafe59e49b010971d82e4804f16
SHA256 2ca247afe1914052f407c2a0a335bcdf231566176bd66219c47969b14f97073c
SHA512 7c663574aea93bfe44ea99660fb6a77df761e738801f44024f01f0dd18b7a65ac95ee1bcfa394ea52c3a9d15adb3821698eac60063ee947886472caac6ebed37

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5fe44873a8fc2db4891457d3568eebc9
SHA1 d7aabc4be5f45f010b22c5cb875744f32a4d10b8
SHA256 64c991807782226a59627f5c4114f2e0f2102ed2cbccb1f065bc807b629cb647
SHA512 8a69d81673b435a0875f9f0bc4d74b90bbbbd05501ca5f4c84fed404e893a7a411dd4f1e4cac84137761f70e10c750cdcc6255dcd19643670bae3190ea0b553f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2c3dbea8725f50838e9a90690c4b105b
SHA1 bab5c5d7853507e649978af502035e53673e0eb9
SHA256 a510f273ae339235b981279b4f55bdbda49994fd70d80c72ef2504b3c37e5c16
SHA512 6da75282c8c70ab10535fae0d28e0086f18f42e2d8ecdc3f213a4e4a418be90db3dcbb1ef90b0e258cadab429d73edbc9f23501621995b61ccbbd161a8b1d006

C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\Installer\setup.exe

MD5 31ddc9e1c11a44b88cf96c45b3551ffb
SHA1 811ccb9706f656e29d089e30a2ee1650302394e2
SHA256 46cb58faa60db59cb8d145bf6493f7c01a8ea8895f812d65512e3c7340a054da
SHA512 67e5a4ec4b030e48ac06bdf79bfb2b9bfe7778f046a739f23b7be65e143a7181954c7587eb6841636a6e667aabfa292d6831bab709cd798d1de01987bc99aaf8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ee44f2f2bcde19c8d57a5f4053c41009
SHA1 05714f97a738912fd889f96d4138e063a5c30c01
SHA256 1ee0de4d710146ee662b6f6d68b1e9d021781c30df20bb36e10e51c08410168b
SHA512 3055db587af06b546507dbcafdaf6d92f50cc2d3c0d916537995cd74bbd21e9f36b4bcd415ec352eaef62d7185700466fe0e44b8c2fff9b1b5371944c0622582

memory/10324-10516-0x00007FFB28C30000-0x00007FFB28C31000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\b6c28cea6ed9dfc1_0

MD5 111db764962642b1d5e954ab03db3b16
SHA1 6492894b50b5e8adfa9d758fe9e859f81166618c
SHA256 0c94283c24b7785debb2fdd040ceadd11ea5c677baff7ce6287e2a0c0f80442a
SHA512 1c83b14ea378c33db5db3b2eed2eebe605ec741cfff4a46c771e9bee3b01acbab2996fa37c32780bd11632cb4681e87c2fc920c39f4afc63a55782d501efb964

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6ba7f299d603bdb33bdfb1b1846d9475
SHA1 80585bb4ea2e4171a6b4a65fad01d4c5a7700455
SHA256 3cafd07acb8d353a92cf5397bc4b9e97c8580ab4771ecc2b3058b79fe8074ef4
SHA512 6e0369d88a2ce830b1079c8a29e023a1f84cf06598ba5f48f46b9622fb63a7cc4e774186e7c8e625ab5d1492b87d4795b18159029278a3bea6efb30ec8f0aa55

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1518953d53af1c547b268f0eb10b7b6a
SHA1 4df4da0a61bdcea067012403a4ae65382c063cf7
SHA256 3351a51d264e8c9758876c8948ef8d9b878508a26e30b54b653461bb186ded84
SHA512 104d73f25bcc9bae29c303976ffa13ab184acc0be24ad3662bcc3ff7133984f97958b0e9d0108bd03815c8eb1f52c2df96457684a44de23221021584678cb188

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 00f2b77684710e456e1e2c6eca471965
SHA1 bd0dd7c77e91cca74aed3f0d6d5284cf966c5250
SHA256 2a6f921544cedbfe75bc380b859129b1dc2989c469f5555ae5e848ff62ed8932
SHA512 bc59b400e960c176c1004365b5c94e3c92f02e2a551a42f547f96535f5b13fdf16e965671e5e3ff85792be8f432f34b39e0634771ea87e935c7994883a03223f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c6b53ee28389c9aa01c289cdeab45d61
SHA1 d3533cee69a2437a60ba2e038b48a2fd8b29b0ff
SHA256 91e1fbc9ddb85b267b8d9b25b5df8ea35671f8e7c8b9c1dab2f045b1b7226194
SHA512 abfd644cdc91450065c99ba3b00256e16e5008f1ab70b2b36aa311e9681dafee3ae0c58cb7a5aceae3d76306b351570b62020ce78f07a7cd6c6a512886ff3869

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 141e6eb12bae7ab3c2c72b82db8b4c5a
SHA1 6f193dbdffc29a9d39a4cc878ee4661b283568ae
SHA256 74efaecc39d9098cf258b1a6b3eb718bc811555fb70fcd571c90dab1ce8609dd
SHA512 d53a9aa70ac41b104edf584956feeb0b3f1ff192137b2d1c3360bc023cd542e34b7cad718c69a10382d35ab9927e9dc3aa6668bc4b3a39b439960214999f42f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2841d7f65cc9028a20939f49aeb1f919
SHA1 79523b14cf0405955842e680f93e0e8d0f28e739
SHA256 2f7ba5fd5626d70552a5a06c6e21e81a8f5bfc0cf0f7a9e5aafaa157b26f441e
SHA512 d7a030a455873633eecd1ac94266758bf9bebf84fc3759c1a0b2728b66261ce90b0ea122421488387e61d6961649f754b2c005d848ee1db03cbfcfdfc196e532

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1831530c3ee96a5e78c58460bd7ce0ca
SHA1 29e21a06e7cc9666ccf88abfbb7ffb96bcb98a10
SHA256 9ce8935ff51f1c4fb5486c1bc02dddabc5703cec62382c9c0d35f8d256c4ed08
SHA512 192c403b2b8c4a5ba8e9e119f928fbf8fb8c3b363ed1af54ebe89ad656fe385223b49cba9e2ec54b0a151659450d3f5023272126b8e2cce4c90fc7a24f3e3aa0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3ea2bb1da39e719e1dbb9029b6c23653
SHA1 346c9dfcf53f81a1a9ddfe06ac27c296a38db10a
SHA256 f99cb1073a8198cff2b225019f7636eb023d9c8c1a5abd73628d8706493de407
SHA512 e167eb81a46c5c9e272548b79efd70e1fa41aa621b7aee0369c6243731bfb50637516499003e3d28f0edfa6e8950c8b50f425187ccb258acba62562f51807ccb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8dcb2a66adb52d8cead7c036f2eb2a2f
SHA1 a715950862c5101b366d769b361e5a81dd25fbbf
SHA256 be1d12fb9f136ed1ce5cfa0760314b9f3159826b94637cb432b919b78f2f0b83
SHA512 945bfadc37193dd757667a4ed6c5fd4f5eacc299fafff2196e0b78ab730f50f58dfea3ce22b7fdd44b7526ff4b29caecc9c644538df0b4b68f416e3b7fc0094e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 40b3c1666efbbb9d419b8d79b09b6783
SHA1 56a91b4288c325b1e8673a13b7021cd170eb6d2a
SHA256 eaea44e9c074b529b14780cac52c5d1d17e93900f411994f0d01338c77c167b7
SHA512 16593d67a0c7d6893235a91c4673a365f8910f95ad9b3c41e6d164d3420fc697c794a69f625bbd0da7bc810023805474c1f577ee4269c4f97bab4f6d4ec1c3d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2feb701b2b0b8da1243295cdf07c25ec
SHA1 9d8c511abe9419259135b58dc3c1286fb2e147ac
SHA256 3406c5ad706bf8c8ebd8a3f54017dc17634857044b1965d5c74dce222e5545ba
SHA512 eb7d7b17017bfc5b59a73facda68b0f26b207754a58b185fa3f811e92e84322027b4877a31ab5816ded3d51679c57f3f390368ffea68c21c9a712df17224fdc5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 33676da97ebc6df251a4ec719533e898
SHA1 a6272e260e2a50540f7caee20bddb8a38f22bd77
SHA256 ae1186cbdcb306627cd0937ec481701a5c9fb4cf50e69776e737fef2ebcdcf74
SHA512 5cd204864af2b0219e755610ff4ceb982cd20f37ff62bf20f8b69276dc6b1e3c6d9e02160f0698848d8020a5ee8e7b09a3eafbca1b5ca678309b4c9d451cb434

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.185.29\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe

MD5 b18c705b3c68cc49d9bf3649abc75c24
SHA1 6dc8963dea0f3185368790dee2a346301b4fa24c
SHA256 c2ca3135f3cafd79bf90d4cb3118943ca17f40e0d651d1fc32b1b3d22d1412aa
SHA512 7ac302c1e85c652bd897ce1af812950cd23a53c041af82fdcecb2314bbd1667bf2fc672dea40c21858e64befc9bf60190a4428f0b41c30317bb0e5ec7c00f71b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\b6c28cea6ed9dfc1_1

MD5 793fa4dfe6085098c9f4a0d266156bff
SHA1 4a760d4855532366fc9119828ccb4327f17f1223
SHA256 145db5e6f9157c911373a8c333b5c13260174e7951409d5f2f0334831c589031
SHA512 b6265a0d6bd79234e539b1c839db521b5d047e115ad95782eeb8ef8521c9be7846ee62ce29b01024053deeea623fc9d08e2190ac4114e87f8065e28d48581870

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00012c

MD5 e143a7d7685c69ba5e41d168e89330e9
SHA1 3f87d277e060b2762c6b66085d3305efdd91a2e0
SHA256 099110de32755370ce97c92108b09dd1ce33ecaf99c3618d707269c74371b529
SHA512 963ad4517944a3103c47fb946eb8e2f57eb962323b3a8fdd339ede905d04183896add7d40c9b36d953e18ac5a924f062826c2afaa228eaedaee346391b4f302e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2d44744f37fb4c11465c488fee92bf1c
SHA1 9d7fe4b1a88138a9995f3b60dd40c7af3be51db7
SHA256 38c4e4e5954ac4c00028e4f33a6523b59011943c5eb527a2b3cd7c16f57d0819
SHA512 898937cd937dcd5ebcf39de3e3ef23cf1ee80c5093ba75492ed07f5ff0e06e89f018d70a8fdd79471c923cb936f594390933bf6c93def06dd1fa8b3a60426a91

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 592c798bfa7858e21d6752291bf0962c
SHA1 3195984272a60d3efbda0e2219fe6a013da33459
SHA256 372ca4b43feb827a97e407f7ac06af73cf14e9656651476ba364940d2a5da272
SHA512 03fabcbe5e558fc88b30d565904433d65ee4e59fc157d5064372f27308b16096fc2d3153acce7d8f3e88a048cd6481cdd83a3af76477ca28a123c8de333dda7d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0f8dec4ba0bd307fbbbd1435c1fb9e7c
SHA1 48fab1b7a0de0bdac1acda5ca32ecfef6e447d43
SHA256 e3150fa0675c365152050a65407f163fd7be85ceb632dc68bb3f7c27a15d7bd8
SHA512 4c979c75f55703e3ab066adae62f69708aace0738c3c69e6b1c770c9283979c7418c9679ecbd7edef64bf5e16df8f019ed6e03918299938c433608acb9d9e31b

memory/4920-10918-0x00007FFB048F0000-0x00007FFB04DEE000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c541d063d4dd81e00d176006f9c6a9bc
SHA1 0d06ab3acd50985aa8775dcbc36621d8b47b34f9
SHA256 57eec956c81acc68310c7d3d90e8b98a53e37dae3e89baecc57c0674d5b7b201
SHA512 d6c1e724c657160574ba40a51df815a2527d0db1f7cc0d00afd97de022a61828b75397e506f68c2b3b8db1175add334efd082d104fa4692d62237c8cb89fecfe

memory/10292-10931-0x00007FFB048F0000-0x00007FFB04DEE000-memory.dmp

memory/10292-10962-0x00007FFB28C30000-0x00007FFB28C31000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4ed156e1f59eebaccd0bf9d1132362a1
SHA1 9c1cea68178f1ea74e92d30f9082d2056d10d530
SHA256 f31524832a87c21232ee01b95c4bb308ed08d71c5b8246efb1d11e9cfe5aa5fc
SHA512 b7e11178fa96dad80350d7713ceb6d332176881343005f5b97bdeeb0c70a8c7862ffc2b5f82c86a6af896b4ccd7b388de6fa4a6f470058522dd6d89279ee277a

memory/4920-11021-0x00007FFB048F0000-0x00007FFB04DEE000-memory.dmp

memory/10292-11022-0x00007FFB048F0000-0x00007FFB04DEE000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005f

MD5 9a284409362eb815793192bf06fcd82f
SHA1 b0e5b521ad3576268288ea196f34b84b309bdd07
SHA256 1db1b32e898b6f3bd804909c4a550f18824b3cff040a3c1f7a36425116d96cf4
SHA512 43256066fa74c2ca781ca88958debe69f91756ba99fa1c47df8bf55b1764f2891e25493f457bc22ecd78c0f0d45332a6fa3d5a3ba627675424a15389f005537c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000061

MD5 a67faff4d8c833d598be78f4adb471ec
SHA1 880ce91cda46b7282848fe81c40ad9ec8fd75f7b
SHA256 673e21d7496bc8054e7beec6946a496312a1f63214074c34ea191dad493a4de9
SHA512 4cd9c5ac0ffb5218dcfdbaa2682090d082cc4da48bba9510d61819bc67871cc3ef73f597f0e75ea1406f2b645d4c4d97c71e453d0b303401508d801017dc7f5b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007c

MD5 d453eca18d366c4054d2efd57717cf9d
SHA1 c7b0dfc73bb89d8f0a94e2cde0eeba2b5e07d5c4
SHA256 be8f4fac2d40747a0adaecc6f1befe81b254a2b12bf25ce01d7194b374a457fc
SHA512 a6f770c9e4058e8c17f3f72a245f76075441e07507ef05d455108e1768ca2a93f851b92335b33c1de61cf941cf135b0be4698d3d551b54132b2d5c882fd34835

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007d

MD5 bcd140792a4934762c6034da0680b73d
SHA1 ea77262e2b72fda3409ee848f7fb6e24fa66cdda
SHA256 9308d28bfcf063742f96461076daae95c2b44b71b8ca7a13658ed3d562f9a68c
SHA512 b112b8975c17c0d49da6a48af80a066e478814a81ba72925be7b136e0ae27cf74962e8d4252d6d6cb79ae53569c4947830e4e599c78151516f247e553f08fce5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007e

MD5 a69ba5fb68ab609d80c17365000b58f0
SHA1 e71bd892f128aeedffdd9671bc765458a4a023ba
SHA256 2bcfff5006b95192b71075f6512b65b2203a31755fe0bb47226c77d328e83822
SHA512 df0eb52c9383736e855adbdacf4b8690087800714f5248549d5fbe822086df42fb5274eca20705a005469fb822faff2a69beff6edeb3383e2f6f4f2d09fd84ad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000083

MD5 c62b0db4e6773cde9ddaeb61b1790cd8
SHA1 c284aa0043a7c688b9ebdd5621622d62f7977696
SHA256 5a23d87da703ea4cc2ecdc4acc6319831c381313121a78a1d76b1e2349cea4be
SHA512 7768e09f6d2339288a6f9e8beea6e92e25aec1402f4c7a7b8bbcd167fd354cf3a985036bf1b96498bd73fe2824c0af2d8924e28b8536970e4583b6b2b36dd90c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000084

MD5 2faac9a0a55199c689f82d67b1b990ab
SHA1 3dc18296ce29bcf795b8c08446b0aedc2b707620
SHA256 03843aa7d784efcb935290ae63bbdd4402cf856ecb3dab3d7afe0c7c99c4b8cd
SHA512 9e44d4385a64e58f234bd9e53be6d7712ac2248b211417489b24b15691c3e43c4ab1e081bac67e1f125d82338944816c26956266af6cfdd3f91fa4375d089523

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000086

MD5 ba780d4b4d731d71bb65373801443f57
SHA1 64dffd2358873cc7839f537ec2d853a217eb8a1c
SHA256 ac8424ff0f2d8cf4f0f98c6a2f0c1ccdf97b978e24da542ccbe0f7030160906d
SHA512 a18335a944863f178aedb15e72d6368004cf26b89e425f2b98d806245db6bab8ed1c7f6a14163479bab1ac21c22179fa0ebb6671e7a454dcabf4ee1ab4604ed6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000089

MD5 386db89dfd8ac8ebb88c616ac30f271f
SHA1 edf0878f9ca9037c54a7af6f9252ba2699ad1d0a
SHA256 49a8cb10c45ccf006bf4e6a9723df089bce57e40974d99d49a334ea83d327b95
SHA512 22498068b3494bbfc08be20145accae8f7e9cc0ed1825cbfe1570f07e7bb80154f87398e0fb47d7e70428a450a9f3daabbbc7afa5cb0f0f0f366a168482e7fbd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00013d

MD5 d09152e2cae450bb9cdafae093374940
SHA1 d51856a94d6d12786ae8580e7cf695c525d4adbf
SHA256 525d0bf54a683a9324df84e0c31a8095531a5c55299fa2367924741e7929db6c
SHA512 d7544b69b77ad7999b1b6d7d6f2b90c258088fa81a2464320b55a3cf7ffe5fb93ce2825a5df6e6874d94fb9d2bd4285fcc23b272fb5391da960d2ed1d38df696

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 17e3e5d670c332091bf7cf2136ffd979
SHA1 5be49359ef1966254b4deee286c77b17b3d0636d
SHA256 e72f778d6fa6623aa2b0eeabce04b5d8fd104b4ab6bceeb12527f649ba62af6b
SHA512 77d8a1906e61d112e961f8a7ce4733c303499702b3d966ebf0a3c16a6acf89390dd191a7237106b516d878865562b0ed981f92b4b065389b0c1bcbdde5d41586

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1dead650fce6174937ed851194595d4d
SHA1 08dd8de88bd767ebfbf79115a98b05bab7ef6032
SHA256 3bd6cca90825a859d2f0d8c05045faa70d47c9042ca763f8af7c8d49b4050e36
SHA512 6ef4af4fd0c700954d3d361c0c9bfebd10573111d5e6ca89569dcbb6994f261aa1f7d9c12710248535497d50c8332c9e4d783e502e38a549073537f1ceab81b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e6

MD5 db5f8fc63e31a2bcba1f2465a25e51b9
SHA1 ee1effe0a9ab98ba35b558366eb7f11f0c4c71b3
SHA256 85ceb4ccad113c3cb36e607062ed8f4f239f4a6625ee998ba9d22e26f591d130
SHA512 db506986e39c2d48a0d9288cf662eb73c09a375f6eebf4c3fd33df914a9cdb9227fda642775f559e9ac0bf9bf03761e53b022014b7045369a979805de388c255

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e8

MD5 9ee464588e36acad718115bce8ec1664
SHA1 9ad91558fe5775009e9e828d44963952a1c2ac38
SHA256 43c227199c594824b7cc95f36b7dcc4022bdaf10b4dd825b131941c60357ee4e
SHA512 437d5bc76b73f8b5d724820d9fa035bd40743b4f0ec080d769b516b13ad7753aad2c00436c5a1934a73cd52c2245f05a164e74953e98dbd6df0de1daf79e8bf1

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 74d751574d59b1f2e5ed1a5f9ea9953f
SHA1 702575287b7fc5da26fd1a5466790d626101965c
SHA256 b98698c4e9a5ef2d0fbc40cca82615e7897d5de977b6ce981d6958b6606be15a
SHA512 b9cd86c45da31c78cba4ea758d5db0c8d8fce2efb4f800a1a2a554a0b102c1e544ca8d573b9f3e055689c28c2724dc6a7a569038173c667b061e4c1196ad10d9

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 afeee8870b479e56db4e8db9180c123c
SHA1 b2ed0591e78beeecfd6fdc2aa0280c7231f88fed
SHA256 11ac72adfba058d6bd1adaf9e56bd19a9af2e0825e4974f8e1ef3502978c296b
SHA512 e6c1183e79cd8686a1c072a5af4cee1c8d882a4a7de5b93554551a1781b8122a2e6c8c92747155da742237551772932c906f77874b78e516dc4c6f4a1b053e04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 97da989d921c63855864e5949c175147
SHA1 2c57b8d78d2a8b57272e62d1d8d1898cfa7aceab
SHA256 33bb0879ec60536f6d2377756e5266a7f000891192d0b4a71793c4cc2f46dbaa
SHA512 5e7cd3958ab2ac162a909dca20cce30d10873078b33e485fb1af16ada66f6934ad9bd7e453402528c55373051d91d55c1602180b13b8946a0bfca632c62d3c68

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 fd1d0fd5c8513eabaa4b2042014fae9d
SHA1 393b93753b0287f3991b619e35b1e474c6797a66
SHA256 b0b702b87f2d1929179917e4c30ca7d191484c69f37a0c9934e6b524d495d473
SHA512 48eb4afeae1a073f9fa24eed7f6ac795cae603a10e469def5ab7f9db84526c6c6f04dfe593b65a7c8a42bbd3d573580a96164baa65c275168a1a155b41756c1a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ed035bfb39b5412c870c13632643ecdc
SHA1 bb893428e6e37388420075b823f632b6025fe247
SHA256 b98f5fd36689c6acc2662c1692a374ad5a0d2ed50a7a3e79b90c611274cbf996
SHA512 45e5735b2ccec76bfe621472bbff7d058eebf81153d7387add8cb14dc142059596ead52345fcd3039f0cf7e9e4ad6ef209a9a1c1f0fa7ebe64a1022136c07845

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 564b698897d210b65083722bfd53203b
SHA1 ea79a30f4231a6c6b312189224f3200d6c711622
SHA256 65e40c86694470746edc6931d40737939a7aeb8f8d50ef0e9c9799895602821b
SHA512 ce61a81a48dc743a7c1778a800f9078f61704a51faf8950fefd87f7e3948f7b760483f84458a93fabcd89f400b06b03c8b8364cf3362253fe6792c5e50afd910

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\e923de53-9b11-4cd9-a8ae-74a1d0bb9afb.tmp

MD5 3ea134287fde01d0a72ae1c463e9f2e9
SHA1 2c8121a118dcc95241a728eee253294dbf955f19
SHA256 47e8f1b4a8e44866fbb78a369d6968a668f57889eac05df06218d2196afa51d2
SHA512 d166999e62296f3e5d60578765cebc79822b34ff5b6abdc2cf2f661a304c6ecb092843c21927cd02f6721349a42d741eebb2a28de4eab0513805da075b8e7ae9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b94150a758e3d821ddd9be49bf3b9131
SHA1 e95b8ea255f08db5bd9aed41bb0b928bd9b67e34
SHA256 3130b3f7227e207fb4e285c8d0957073f9c059fb9b1c9ea9e641810fd41f9e92
SHA512 430ddf0f98441e1a138dda120d2c80a889fb86c9674cc78772bc8505d9845e521bc5e906af5940f05eda1278dc565035fddb93f10c00c78c96e1f5d363956d5b

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{1FAB8CFE-9860-415C-A6CA-AA7D12021940}\2.0.0.33\BGAUpdate.exe

MD5 09fc5490d32c867927e960f673911ebf
SHA1 2ecbee3518fb701959d2539a88892391250dc010
SHA256 9014827c68fd6a31ccd7ec1c8f182cfeeb60962760391446b45c264e062daad6
SHA512 cd295d344bba456cdb2394fbe736c7b52c8f20e2776bb6b37c0ecd7068c841a646208e4bd0ebb4cb7880fc15caa8b18da485340ac8f88154e61cf76fb16e8162

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EAB587E6-135D-4902-B879-B02C85056B92}\EDGEMITMP_D6D63.tmp\SETUP.EX_

MD5 2415cb112f130a1382726afa58a0933e
SHA1 74ac041e6dc607e476dfeaff2d2bbf2b5c004b5c
SHA256 85679b3b17d42aa988b5c753b9cffe457c063d5186a94203b5e584f4156f2179
SHA512 a334cba72cb6ae4c4706ef3954e98771c4502ae5ee66d7b2d2dca759ac75890efe5a7fea46818760589a66f425a4bc9d463512bf359723685eba86ba4c1edd99

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000156

MD5 0dc97c92bf26f05b2eb3f5eb486b8d84
SHA1 21ab3f494aa7cbf218ad1a7a3f52564f46bc1796
SHA256 2d5f369d6f4f69f09166b345f810fa152a619d5a7ec824240ef15698aedf38d0
SHA512 1ba1ddd80f9a81b4376308efb1a6d84391d67b7770fa54a4d2d01d2407abdc0cb5ce952bf7c9631c36f7320547960d9f0456df87a1d4076048783399f4a03a6e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1057b0438190dd17f2eb3efa751801a8
SHA1 906bf10cdb3c74710e45147f907621870ae87c5e
SHA256 1b4986dbfffb51cdb82ff0773740c735294bf31fd85b59267f17b510da7ab88a
SHA512 4f4743e8f70a7d5408097673142f78e1c55a288587db0ca76fe6396db6f6db6db27892c835361bff7be664ad06adb31d011e00817091b322acafab897adfa34e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 776bfd5be849fa1a30d57f465ceed910
SHA1 51f79fd2780dd02d2d04bca67577e998229d1968
SHA256 c3747249cc6e1eb2831286a67c5b18df98482adca8926bd7e4bbccada01774be
SHA512 7855d5e288992a05bd268d6fdccbf803308425ff67f422d4181693d4e2921dedec3796d14cb4b251354ff4d608a9e06265aafa8966dc59acb52b23d987120b4b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 97fd7cf116c7cfeb0db5be6319000387
SHA1 9b3e9eebe928b2fb64fd25b899dc563ada654913
SHA256 1771750cbf96e4c0a3225b08462ba66dd3f4f092b63e8ad1e09b2a2bcac62b69
SHA512 49f95a00b179da043fd930508cd021b0392a709ddef685c01b277160ca4f4749ffe71ec4445f6f92773e09027a853804200035a4a613ed4db8b14a8390efb28e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00015d

MD5 34717ce01e946a0d385473ec97d2e845
SHA1 a369937730ed782bd4ff490db7168da743d24d65
SHA256 3cc6335d28f8eaed16356da8786fdd98b861605f34b685e1ab011b152b34f27f
SHA512 4e389044e0c2095f8365353aed53f25e3f5138622f1c34ec33d4b7f4c19c3f07df21435b1b23e2f97b562562ed02d92edfb6cee7cdf60c1c78d97988860095d4