Malware Analysis Report

2025-01-18 21:39

Sample ID 240415-w26y8afd7z
Target RobloxPlayerLauncher.exe
SHA256 93580834e65af2f5a83aacef47a1ec3ef45fc6ab9683ec4df771bbea713ab38f
Tags
adware bootkit discovery evasion persistence spyware stealer trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

93580834e65af2f5a83aacef47a1ec3ef45fc6ab9683ec4df771bbea713ab38f

Threat Level: Likely malicious

The file RobloxPlayerLauncher.exe was found to be: Likely malicious.

Malicious Activity Summary

adware bootkit discovery evasion persistence spyware stealer trojan

Sets file execution options in registry

Downloads MZ/PE file

Modifies Installed Components in the registry

Executes dropped EXE

Reads user/profile data of web browsers

Loads dropped DLL

Checks computer location settings

Registers COM server for autorun

Checks installed software on the system

Legitimate hosting services abused for malware hosting/C2

Writes to the Master Boot Record (MBR)

Checks whether UAC is enabled

Installs/modifies Browser Helper Object

Adds Run key to start application

Drops file in System32 directory

Checks system information in the registry

Drops file in Program Files directory

Drops file in Windows directory

Enumerates physical storage devices

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Enumerates system info in registry

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Suspicious behavior: SetClipboardViewer

System policy modification

Modifies data under HKEY_USERS

Modifies registry class

Suspicious use of AdjustPrivilegeToken

Suspicious use of SendNotifyMessage

Checks SCSI registry key(s)

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: GetForegroundWindowSpam

Runs regedit.exe

Suspicious behavior: AddClipboardFormatListener

Modifies Internet Explorer settings

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-04-15 18:26

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-15 18:26

Reported

2024-04-15 18:49

Platform

win10v2004-20240412-en

Max time kernel

1106s

Max time network

1337s

Command Line

"C:\Users\Admin\AppData\Local\Temp\RobloxPlayerLauncher.exe"

Signatures

Downloads MZ/PE file

Modifies Installed Components in the registry

persistence
Description Indicator Process Target
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A

Sets file execution options in registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EUF669.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EUF669.tmp\MicrosoftEdgeUpdate.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-2288054676-1871194608-3559553667-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2288054676-1871194608-3559553667-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2288054676-1871194608-3559553667-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\RobloxPlayerLauncher.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8AC2D594-C4CD-4985-BE9E-7341E8E2382D}\MicrosoftEdge_X64_123.0.2420.97.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8AC2D594-C4CD-4985-BE9E-7341E8E2382D}\EDGEMITMP_49557.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8AC2D594-C4CD-4985-BE9E-7341E8E2382D}\EDGEMITMP_49557.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5D54B371-B849-4A49-A654-28EF4267704E}\BGAUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{F5AEE0E3-268D-47A3-8B98-76424608A832}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUF669.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\MicrosoftEdge_X64_123.0.2420.97.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUF669.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Reads user/profile data of web browsers

spyware stealer

Registers COM server for autorun

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\PdfPreview\\PdfPreviewHandler.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\notification_click_helper.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\notification_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\notification_helper.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\!BCILauncher = "\"C:\\Windows\\Temp\\MUBSTemp\\BCILauncher.EXE\" bgaupmi=F7E3991D8B4748FCA2D05626EC028570" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5D54B371-B849-4A49-A654-28EF4267704E}\BGAUpdate.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\AppData\Local\Temp\RobloxPlayerLauncher.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A

Installs/modifies Browser Helper Object

stealer adware
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A camo.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A

Writes to the Master Boot Record (MBR)

bootkit persistence
Description Indicator Process Target
File opened for modification \??\PhysicalDrive0 C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EUF669.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EUF669.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\System32\devmgmt.msc C:\Windows\system32\mmc.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
File opened for modification C:\Windows\System32\devmgmt.msc C:\Windows\system32\mmc.exe N/A
File opened for modification C:\Windows\System32\devmgmt.msc C:\Windows\system32\mmc.exe N/A
File opened for modification C:\Windows\System32\devmgmt.msc C:\Windows\system32\mmc.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\DeveloperFramework\checkbox_unchecked_hover_light.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\LegacyRbxGui\configIcon.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Settings\Players\FriendIcon.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\VoiceChat\MicLight\[email protected] C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\VoiceChat\SpeakerLight\[email protected] C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaApp\ExternalSite\twitter.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\Locales\ja.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8AC2D594-C4CD-4985-BE9E-7341E8E2382D}\EDGEMITMP_49557.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AnimationEditor\FaceCaptureUI\Background.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\DeveloperFramework\AssetPreview\more.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\DefaultController\Thumbstick2.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\VoiceChat\SpeakerNew\Unmuted0.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaApp\graphic\Auth\vn_agebadge.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\PivotEditor\SelectedPivot.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\VoiceChat\[email protected] C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaApp\category\ic-top rated.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\Locales\kn.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\TerrainTools\import_edit.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Slider.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\LegacyRbxGui\sandside.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\PlatformContent\pc\textures\foil\normaldetail.dds C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Locales\sl.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AnimationEditor\button_zoom_hoverpressed_left.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AnimationEditor\icon_warning_ik.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AnimationEditor\icon_whitetriangle_up.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\StudioSharedUI\TransparentWhiteImagePlaceholder.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\PlatformContent\pc\textures\sand\reflection.dds C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AvatarImporter\button_avatarType_border.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ViewSelector\back_zh_cn.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdateOnDemand.exe C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_en.dll C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Locales\ko.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AvatarImporter\icon_error.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\StudioToolbox\AssetConfig\copy_2x.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EUF669.tmp\msedgeupdateres_lv.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{F5AEE0E3-268D-47A3-8B98-76424608A832}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\GameSettings\Error.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\StudioToolbox\AssetConfig\pending.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\TerrainTools\locked.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\[email protected] C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Settings\Players\[email protected] C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaApp\graphic\[email protected] C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AvatarEditorImages\circle_blue.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\InGameMenu\TouchControls\d-pad.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_mt.dll C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EUF669.tmp\msedgeupdateres_vi.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{F5AEE0E3-268D-47A3-8B98-76424608A832}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\clb_robux_20.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\PlayerList\Report.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_ro.dll C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\Locales\ro.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8AC2D594-C4CD-4985-BE9E-7341E8E2382D}\EDGEMITMP_49557.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\PlayStationController\PS4\ButtonTouchpad.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\PlayerList\[email protected] C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\PlatformContent\pc\textures\cobblestone\normal.dds C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_el.dll C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\DeveloperInspector\Record.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\XboxController\[email protected] C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\VoiceChat\[email protected] C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\dpadRight.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaChat\icons\[email protected] C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaChat\icons\ic-notification.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\AppImageAtlas\img_set_3x_4.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaChat\icons\[email protected] C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\Cursors\Gamepad\PointerOver.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\DesignSystem\ButtonL1.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\VR\closeButtonPadded.png C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\Locales\sq.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8AC2D594-C4CD-4985-BE9E-7341E8E2382D}\EDGEMITMP_49557.tmp\setup.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\INF\digitalmediadevice.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsreplication.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\PerceptionSimulationSixDof.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_cashdrawer.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_receiptprinter.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fscompression.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fscontentscreener.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_linedisplay.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsquotamgmt.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_netdriver.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fscopyprotection.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\rawsilo.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\dc1-controller.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_diskdrive.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_processor.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_proximity.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_scmvolume.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_scmdisk.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fssecurityenhancer.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_extension.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_ucm.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsundelete.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_monitor.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_smrvolume.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fshsm.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_mcx.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsencryption.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\rdcameradriver.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsvirtualization.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_smrdisk.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fscontinuousbackup.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_barcodescanner.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fscfsmetadataserver.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_sslaccel.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsinfrastructure.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_firmware.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsopenfilebackup.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_magneticstripereader.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fssystemrecovery.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fssystem.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\xusb22.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\remoteposdrv.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_display.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_volume.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsantivirus.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_camera.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_computeaccelerator.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_media.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_apo.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_swcomponent.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsphysicalquotamgmt.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_holographic.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\oposdrv.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsactivitymonitor.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\wsdprint.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\miradisp.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\ts_generic.PNF C:\Windows\system32\mmc.exe N/A

Enumerates physical storage devices

Checks SCSI registry key(s)

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\FriendlyName C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\FriendlyName C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 C:\Windows\SysWOW64\Taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\SysWOW64\Taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\FriendlyName C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\system32\mmc.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2288054676-1871194608-3559553667-1000\SOFTWARE\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2288054676-1871194608-3559553667-1000\SOFTWARE\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2288054676-1871194608-3559553667-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2288054676-1871194608-3559553667-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\Locked = "1" C:\Windows\explorer.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\ProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{60355531-5BFD-45AB-942C-7912628752C7} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebMachine.1.0\ = "Microsoft Edge Update Broker Class Factory" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassSvc.1.0\CLSID\ = "{A6B716CB-028B-404D-B72C-50E153DD68DA}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\NumMethods\ = "11" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\NumMethods\ = "12" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\ELEVATION C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{69E11C9D-4974-41A2-B067-9F26953CF52A}\InprocHandler32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\LOCALSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\Implemented Categories\{59FB2056-D625-48D0-A944-1A85B5AB2640}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgePDF\shell\runas\command\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe\" --do-not-de-elevate --single-argument %1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\NumMethods\ = "16" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\NumMethods\ = "17" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\notification_click_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ = "IProcessLauncher2" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ = "IPolicyStatus3" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface\{C9C2B807-7731-4F34-81B7-44FF7779522B}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2288054676-1871194608-3559553667-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\DiagCpl.dll,-15#immutable1 = "Troubleshoot and fix common computer problems." C:\Windows\explorer.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\NumMethods\ = "10" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ = "IAppVersionWeb" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachine.1.0\CLSID\ = "{B5977F34-9264-4AC3-9B31-1224827FF6E8}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\ = "IPolicyStatus5" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ = "IAppVersionWeb" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\VERSIONINDEPENDENTPROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ = "IGoogleUpdate3Web" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\VersionIndependentProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ = "IAppVersion" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2288054676-1871194608-3559553667-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\autoplay.dll,-2#immutable1 = "Change default settings for CDs, DVDs, and devices so that you can automatically play music, view pictures, install software, and play games." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\NumMethods\ = "10" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\LocalizedString = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\msedgeupdate.dll,-3000" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\NumMethods\ = "24" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{C9C2B807-7731-4F34-81B7-44FF7779522B}\1.0\0\win64\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\elevation_service.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A

Runs regedit.exe

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\regedit.exe N/A
N/A N/A C:\Windows\SysWOW64\regedit.exe N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Windows\explorer.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: SetClipboardViewer

Description Indicator Process Target
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdate.exe N/A
Token: 33 N/A C:\Windows\system32\mmc.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\mmc.exe N/A
Token: 33 N/A C:\Windows\system32\mmc.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\mmc.exe N/A
Token: 33 N/A C:\Windows\system32\mmc.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\mmc.exe N/A
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: 33 N/A C:\Windows\system32\mmc.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\mmc.exe N/A
Token: 33 N/A C:\Windows\system32\mmc.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\mmc.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Microsoft\Temp\EUF669.tmp\MicrosoftEdgeUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Token: 33 N/A C:\Windows\system32\mmc.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\mmc.exe N/A
Token: 33 N/A C:\Windows\system32\mmc.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\mmc.exe N/A
Token: 33 N/A C:\Windows\system32\mmc.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\mmc.exe N/A
Token: 33 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\explorer.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\explorer.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Token: 33 N/A C:\Windows\system32\mmc.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\mmc.exe N/A
Token: 33 N/A C:\Windows\system32\mmc.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\mmc.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\SysWOW64\Taskmgr.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\SysWOW64\Taskmgr.exe N/A
Token: SeCreateGlobalPrivilege N/A C:\Windows\SysWOW64\Taskmgr.exe N/A
Token: 33 N/A C:\Windows\system32\mmc.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\mmc.exe N/A
Token: 33 N/A C:\Windows\system32\mmc.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\mmc.exe N/A
Token: 33 N/A C:\Windows\system32\mmc.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\mmc.exe N/A
Token: 33 N/A C:\Windows\system32\mmc.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\mmc.exe N/A
Token: 33 N/A C:\Windows\system32\mmc.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\mmc.exe N/A
Token: 33 N/A C:\Windows\system32\mmc.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\mmc.exe N/A
Token: 33 N/A C:\Windows\system32\mmc.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\mmc.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Windows\SysWOW64\mmc.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Windows\SysWOW64\mmc.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Windows\SysWOW64\mmc.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1584 wrote to memory of 2684 N/A C:\Users\Admin\AppData\Local\Temp\RobloxPlayerLauncher.exe C:\Users\Admin\AppData\Local\Temp\RobloxPlayerLauncher.exe
PID 1584 wrote to memory of 2684 N/A C:\Users\Admin\AppData\Local\Temp\RobloxPlayerLauncher.exe C:\Users\Admin\AppData\Local\Temp\RobloxPlayerLauncher.exe
PID 1584 wrote to memory of 2684 N/A C:\Users\Admin\AppData\Local\Temp\RobloxPlayerLauncher.exe C:\Users\Admin\AppData\Local\Temp\RobloxPlayerLauncher.exe
PID 1584 wrote to memory of 1548 N/A C:\Users\Admin\AppData\Local\Temp\RobloxPlayerLauncher.exe C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe
PID 1584 wrote to memory of 1548 N/A C:\Users\Admin\AppData\Local\Temp\RobloxPlayerLauncher.exe C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe
PID 1584 wrote to memory of 1548 N/A C:\Users\Admin\AppData\Local\Temp\RobloxPlayerLauncher.exe C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe
PID 1548 wrote to memory of 1676 N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe
PID 1548 wrote to memory of 1676 N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe
PID 1548 wrote to memory of 1676 N/A C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe
PID 3604 wrote to memory of 1424 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1424 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 3836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 3836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 3956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 3956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 3956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 3956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 3956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 3956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 3956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 3956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 3956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 3956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3604 wrote to memory of 3956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

System policy modification

evasion
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe N/A

Processes

C:\Users\Admin\AppData\Local\Temp\RobloxPlayerLauncher.exe

"C:\Users\Admin\AppData\Local\Temp\RobloxPlayerLauncher.exe"

C:\Users\Admin\AppData\Local\Temp\RobloxPlayerLauncher.exe

C:\Users\Admin\AppData\Local\Temp\RobloxPlayerLauncher.exe --crashpad --no-rate-limit --database=C:\Users\Admin\AppData\Local\Temp\crashpad_roblox --metrics-dir=C:\Users\Admin\AppData\Local\Temp\crashpad_roblox --url=https://upload.crashes.rbxinfra.com/post --annotation=RobloxChannel=production --annotation=RobloxGitHash=3b50cd7a1711a7bcc79000fcd87d819e29d4aca7 --annotation=UploadAttachmentKiloByteLimit=100 --annotation=UploadPercentage=100 --annotation=format=minidump --annotation=token=a2440b0bfdada85f34d79b43839f2b49ea6bba474bd7d126e844bc119271a1c3 --initial-client-data=0x7b8,0x7bc,0x7c0,0x758,0x7c8,0xe7eff4,0xe7f004,0xe7f014

C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe

"C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe"

C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe

C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe --crashpad --no-rate-limit --database=C:\Users\Admin\AppData\Local\Temp\crashpad_roblox --metrics-dir=C:\Users\Admin\AppData\Local\Temp\crashpad_roblox --url=https://uploads.backtrace.rbx.com/post --annotation=RobloxChannel=production --annotation=RobloxGitHash=30f9c8fbca8a2403452dc84f4c9fe2c1df095269 --annotation=UploadAttachmentKiloByteLimit=100 --annotation=UploadPercentage=100 --annotation=format=minidump --annotation=token=a2440b0bfdada85f34d79b43839f2b49ea6bba474bd7d126e844bc119271a1c3 --initial-client-data=0x5c4,0x5c8,0x5cc,0x5a4,0x5e4,0x1b9dcc8,0x1b9dcd8,0x1b9dce8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2032 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2500 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2720 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3424 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4120 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4712 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4964 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4964 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3512 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3564 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3500 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5484 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5824 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5408 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3540 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5420 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6288 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6492 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QTU1Nzg3OUYtQkM1NS00MDQ1LUJEM0QtRjJDQTUwRTRFQUM1fSIgdXNlcmlkPSJ7QkJBNTM0OUQtRTdCNy00NzhBLTk2MkQtRkUzQjIzODYxNzA5fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins2NTdCRDY2RC1EMzkxLTQwNzAtOUE3Ri0zQjcyQzIyQzk3RjR9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7KzBqVW1ZZUt0WkFGNUMzZzIycEJCNUYwUnlkdGYxU0g3Ym53c25vVStmaz0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4NS4yOSIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjUxNDk3MDU1MjEiIGluc3RhbGxfdGltZV9tcz0iNzQ2Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{A557879F-BC55-4045-BD3D-F2CA50E4EAC5}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QTU1Nzg3OUYtQkM1NS00MDQ1LUJEM0QtRjJDQTUwRTRFQUM1fSIgdXNlcmlkPSJ7QkJBNTM0OUQtRTdCNy00NzhBLTk2MkQtRkUzQjIzODYxNzA5fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InszNDQ2NzlERS0yQTM1LTRDODEtOEE5RC1DOTUyNEQ3NDlEMkZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTEwLjAuNTQ4MS4xMDQiIG5leHR2ZXJzaW9uPSIxMTAuMC41NDgxLjEwNCIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9IjUxNTQ5NjE5MTQiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6912 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6980 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6912 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8AC2D594-C4CD-4985-BE9E-7341E8E2382D}\MicrosoftEdge_X64_123.0.2420.97.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8AC2D594-C4CD-4985-BE9E-7341E8E2382D}\MicrosoftEdge_X64_123.0.2420.97.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8AC2D594-C4CD-4985-BE9E-7341E8E2382D}\EDGEMITMP_49557.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8AC2D594-C4CD-4985-BE9E-7341E8E2382D}\EDGEMITMP_49557.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8AC2D594-C4CD-4985-BE9E-7341E8E2382D}\MicrosoftEdge_X64_123.0.2420.97.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8AC2D594-C4CD-4985-BE9E-7341E8E2382D}\EDGEMITMP_49557.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8AC2D594-C4CD-4985-BE9E-7341E8E2382D}\EDGEMITMP_49557.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.123 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8AC2D594-C4CD-4985-BE9E-7341E8E2382D}\EDGEMITMP_49557.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.97 --initial-client-data=0x230,0x234,0x238,0x22c,0x208,0x7ff60fcdbaf8,0x7ff60fcdbb04,0x7ff60fcdbb10

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6944 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7136 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6940 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6984 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6872 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3864 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5428 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6612 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5148 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]

"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QTU1Nzg3OUYtQkM1NS00MDQ1LUJEM0QtRjJDQTUwRTRFQUM1fSIgdXNlcmlkPSJ7QkJBNTM0OUQtRTdCNy00NzhBLTk2MkQtRkUzQjIzODYxNzA5fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InszQ0I4QzU1Ny1DNUM4LTRENUMtOTVERS1EMEU0QTA4NTlGMzN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTIzLjAuMjQyMC45NyIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9Ii0xIiBpbnN0YWxsZGF0ZT0iLTEiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNTE3MTAzNDkxOCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjUxNzExMjQ5MTUiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1Mzk0NzQ0ODczIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy8xYzFmYzhmZS1mMjUwLTRhM2EtOTFlYy05ZjkwZTMxYjgyNjU_UDE9MTcxMzgxMDQ2NSZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1jRGVvaFIwTFklMmJJY3dwZWhka1dpcDQ0N3ElMmJOR2FjbENVJTJmRFdBNyUyZlI4WkUwVCUyZmNtSTRpYXcwWE0yRDZ6TXFZWUJoZFJDODRIbFdZZ21kdVd2Q3JQamclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNzIwNzYwODgiIHRvdGFsPSIxNzIwNzYwODgiIGRvd25sb2FkX3RpbWVfbXM9IjE1MzgyIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNTM5NDkxNTE2NSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU0MTAxNjQ4NjUiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY3NTciIHN5c3RlbV91cHRpbWVfdGlja3M9IjU5NTIwMzQ3MzkiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSIxMDE2IiBkb3dubG9hZF90aW1lX21zPSIyMjM3MSIgZG93bmxvYWRlZD0iMTcyMDc2MDg4IiB0b3RhbD0iMTcyMDc2MDg4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI1NDE3NiIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1076 /prefetch:2

C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]

"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]" /watchdog

C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]

"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]" /watchdog

C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]

"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]" /watchdog

C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]

"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]" /watchdog

C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]

"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]" /watchdog

C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]

"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]" /main

C:\Windows\SysWOW64\notepad.exe

"C:\Windows\System32\notepad.exe" \note.txt

C:\Windows\SysWOW64\mmc.exe

"C:\Windows\System32\mmc.exe"

C:\Windows\system32\mmc.exe

"C:\Windows\system32\mmc.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://answers.microsoft.com/en-us/protect/forum/protect_other-protect_scanning/memz-malwarevirus-trojan-completely-destroying/268bc1c2-39f4-42f8-90c2-597a673b6b45

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2264 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2920 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3400 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4916 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3684 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3688 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3740 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4944 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3740 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5104 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5584 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5584 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5620 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3528 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5164 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+get+money

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5732 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5888 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=vinesauce+meme+collection

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1844 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2292 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+2+remove+a+virus

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5988 /prefetch:1

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x2b4 0x2ec

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6172 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=g3t+r3kt

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5948 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2288 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pcoptimizerpro.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6564 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2276 /prefetch:2

C:\Windows\SysWOW64\mmc.exe

"C:\Windows\system32\mmc.exe" "C:\Windows\System32\devmgmt.msc"

C:\Windows\system32\mmc.exe

"C:\Windows\System32\devmgmt.msc" "C:\Windows\System32\devmgmt.msc"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5288 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6528 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+remove+memz+trojan+virus

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0x104,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6772 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6924 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=minecraft+hax+download+no+virus

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6560 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5576 /prefetch:1

C:\Windows\SysWOW64\cmd.exe

"C:\Windows\System32\cmd.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5D54B371-B849-4A49-A654-28EF4267704E}\BGAUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5D54B371-B849-4A49-A654-28EF4267704E}\BGAUpdate.exe" --edgeupdate-client --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NEQ1QTE4OEUtREY1NS00QUU3LTgyQzgtODVCOTNCRTA3NkYwfSIgdXNlcmlkPSJ7QkJBNTM0OUQtRTdCNy00NzhBLTk2MkQtRkUzQjIzODYxNzA5fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins1QTM2NTJBMC0xMUIyLTRGMzUtQjc0Ny03MTU5RkU0NzYwMDd9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7MUZBQjhDRkUtOTg2MC00MTVDLUE2Q0EtQUE3RDEyMDIxOTQwfSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMi4wLjAuMzMiIGxhbmc9IiIgYnJhbmQ9IkVVRkkiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iLTEiIGluc3RhbGxkYXRlPSItMSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4MTUyODY1OTA4IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODE1MjkwNTg4NCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ3MDIzODM4IiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4NTYzNTI4NTgzIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJkbyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvZGEwMTdkZWEtMzRmOC00YTlmLWEzZmQtMjdmMWI5NTM4NjAwP1AxPTE3MTM4MTA3NjMmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9QzBBazJ2MiUyYkZha3BiVG05JTJmRmU0TTlLdFZMQm9adnFzUkZUS1I4VnJuTCUyZlZ1aTJWNkxNRUxLTjdIZW1WdDBRQzgxYjkxMzNHeG1tQk4lMmZXZlVMN1hoQSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSIwIiBkb3dubG9hZF90aW1lX21zPSIyIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODU2MzU0ODM1MSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvZGEwMTdkZWEtMzRmOC00YTlmLWEzZmQtMjdmMWI5NTM4NjAwP1AxPTE3MTM4MTA3NjMmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9QzBBazJ2MiUyYkZha3BiVG05JTJmRmU0TTlLdFZMQm9adnFzUkZUS1I4VnJuTCUyZlZ1aTJWNkxNRUxLTjdIZW1WdDBRQzgxYjkxMzNHeG1tQk4lMmZXZlVMN1hoQSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE4MDQ3MDA4IiB0b3RhbD0iMTgwNDcwMDgiIGRvd25sb2FkX3RpbWVfbXM9IjM2NTcxIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODU2MzYwODIzOCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijg1Njk3MjQ1NDciIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4NTcxNjA1NjMzIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iNjY4IiBkb3dubG9hZF90aW1lX21zPSI0MTA0OCIgZG93bmxvYWRlZD0iMTgwNDcwMDgiIHRvdGFsPSIxODA0NzAwOCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iMTg3Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pcoptimizerpro.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6820 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=internet+explorer+is+the+best+browser

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6924 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7320 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{F5AEE0E3-268D-47A3-8B98-76424608A832}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{F5AEE0E3-268D-47A3-8B98-76424608A832}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe" /update /sessionid "{201DD439-449E-40FD-A547-911CF1205005}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MjAxREQ0MzktNDQ5RS00MEZELUE1NDctOTExQ0YxMjA1MDA1fSIgdXNlcmlkPSJ7QkJBNTM0OUQtRTdCNy00NzhBLTk2MkQtRkUzQjIzODYxNzA5fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntCNkE0OEY0My0xNzM5LTQwQ0ItOTdGNy05QzU3QTZFRUY3MjJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xODUuMjkiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iSXNPbkludGVydmFsQ29tbWFuZHNBbGxvd2VkPS10YXJnZXRfZGV2O1Byb2R1Y3RzVG9SZWdpc3Rlcj0lN0IxRkFCOENGRS05ODYwLTQxNUMtQTZDQS1BQTdEMTIwMjE5NDAlN0QiIGluc3RhbGxhZ2U9IjMiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijg5MjIwNzY5NjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODkyMjE4NjkzOSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMCIgZXJyb3Jjb2RlPSItMjE0NzAyMzgzOCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODkzMjkyMzMwNiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iZG8iIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzcyZWQ4MDg3LWVlOTgtNDI5Yy05MzMwLWNhM2MxOTNkNDFhZj9QMT0xNzEzODEwODQwJmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PUljZFF3JTJmc0xJb1Bua2FraVMwUjlkNEw2aHdabEJhM290dFlzOGxJTjlLYVM1c0JVTTFMSjBRSFY3UjVWSFJrc0M3TGROMmlpZHBCc2V0emtWZHBQS2clM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIwIiB0b3RhbD0iMCIgZG93bmxvYWRfdGltZV9tcz0iMSIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4OTMyOTMzMzAzIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy83MmVkODA4Ny1lZTk4LTQyOWMtOTMzMC1jYTNjMTkzZDQxYWY_UDE9MTcxMzgxMDg0MCZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1JY2RRdyUyZnNMSW9Qbmtha2lTMFI5ZDRMNmh3WmxCYTNvdHRZczhsSU45S2FTNXNCVU0xTEowUUhWN1I1VkhSa3NDN0xkTjJpaWRwQnNldHprVmRwUEtnJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTYzMDc5MiIgdG90YWw9IjE2MzA3OTIiIGRvd25sb2FkX3RpbWVfbXM9IjEwMDAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODkzMjk1MzIxNCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4OTM4MDc5NDcwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PHBpbmcgcj0iMyIgcmQ9IjYzMTEiIHBpbmdfZnJlc2huZXNzPSJ7RDFEMUZBNzctNEEwOC00NTE0LUJGQkYtMEI5QzgzOEYzQzRFfSIvPjwvYXBwPjxhcHAgYXBwaWQ9Ins1NkVCMThGOC1CMDA4LTRDQkQtQjZEMi04Qzk3RkU3RTkwNjJ9IiB2ZXJzaW9uPSI5Mi4wLjkwMi42NyIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSIzIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1NzY3OTYzNDE4NDc1ODAiPjx1cGRhdGVjaGVjay8-PHBpbmcgYWN0aXZlPSIxIiBhPSIzIiByPSIzIiBhZD0iNjMxMSIgcmQ9IjYzMTEiIHBpbmdfZnJlc2huZXNzPSJ7MTE4NERERUQtQjRFQy00RDU5LTlDRTUtNERCMzI4QkRFNjlDfSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjMuMC4yNDIwLjk3IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMCIgaW5zdGFsbGRhdGU9IjYzMTQiPjx1cGRhdGVjaGVjay8-PHBpbmcgcj0iLTEiIHJkPSItMSIgcGluZ19mcmVzaG5lc3M9Ins1OTlEQzYxNC0xQ0I3LTRERDEtQjBDRi1FMzA2RTY0MkI4MUJ9Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\Temp\EUF669.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EUF669.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{201DD439-449E-40FD-A547-911CF1205005}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MjAxREQ0MzktNDQ5RS00MEZELUE1NDctOTExQ0YxMjA1MDA1fSIgdXNlcmlkPSJ7QkJBNTM0OUQtRTdCNy00NzhBLTk2MkQtRkUzQjIzODYxNzA5fSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7RkRDN0I2QTEtM0Q4My00RUZFLTk0NzAtOTg5MjRBOTUyMURBfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNzEuMzkiIG5leHR2ZXJzaW9uPSIxLjMuMTg1LjI5IiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMyIgaW5zdGFsbGRhdGV0aW1lPSIxNzEyOTIxNTMwIj48ZXZlbnQgZXZlbnR0eXBlPSIzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4OTU5NzI3MDgxIi8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=my+computer+is+doing+weird+things+wtf+is+happenin+plz+halp

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xf8,0x12c,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6256 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2344 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=what+happens+if+you+delete+system32

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x12c,0x130,0x134,0xfc,0x100,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6716 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7560 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=batch+virus+download

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7428 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7868 /prefetch:1

C:\Windows\SysWOW64\regedit.exe

"C:\Windows\System32\regedit.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+code+a+virus+in+visual+basic

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7604 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6848 /prefetch:1

C:\Windows\SysWOW64\notepad.exe

"C:\Windows\System32\notepad.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+code+a+virus+in+visual+basic

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7544 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7968 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=facebook+hacking+tool+free+download+no+virus+working+2016

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8068 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8324 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=skrillex+scay+onster+an+nice+sprites+midi

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8580 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8912 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+get+money

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8868 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8308 /prefetch:1

C:\Windows\SysWOW64\calc.exe

"C:\Windows\System32\calc.exe"

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://softonic.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8464 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9132 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=the+memz+are+real

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x130,0x134,0x138,0x10c,0x13c,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8232 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9260 /prefetch:1

C:\Windows\SysWOW64\calc.exe

"C:\Windows\System32\calc.exe"

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=bonzi+buddy+download+free

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0xf8,0x130,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8560 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9428 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=batch+virus+download

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9376 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9396 /prefetch:1

C:\Windows\SysWOW64\cmd.exe

"C:\Windows\System32\cmd.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=montage+parody+making+program+2016

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xfc,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7756 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9812 /prefetch:1

C:\Windows\SysWOW64\regedit.exe

"C:\Windows\System32\regedit.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=john+cena+midi+legit+not+converted

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9348 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9624 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+remove+memz+trojan+virus

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0x98,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9356 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9828 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=batch+virus+download

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8468 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9824 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+download+memz

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10288 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9548 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=internet+explorer+is+the+best+browser

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10320 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10332 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=my+computer+is+doing+weird+things+wtf+is+happenin+plz+halp

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10200 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10896 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=half+life+3+release+date

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x120,0x124,0xc8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10356 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RDY3QjJDNjktQ0NCOS00Q0VGLUE0REMtODNGM0NGRTREQ0ZGfSIgdXNlcmlkPSJ7QkJBNTM0OUQtRTdCNy00NzhBLTk2MkQtRkUzQjIzODYxNzA5fSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7ODE3QUE0OTYtRkU0NS00REE5LUFDNjItRDIyNjBCRjE4MENDfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90OyswalVtWWVLdFpBRjVDM2cyMnBCQjVGMFJ5ZHRmMVNIN2Jud3Nub1UrZms9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjExMC4wLjU0ODEuMTA0IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIzIiBpbnN0YWxsZGF0ZXRpbWU9IjE3MTI5MjI1MDkiIG9vYmVfaW5zdGFsbF90aW1lPSIxMzM1NzM5NTEzMDAwMDAwMDAiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIyMTE0MzI0IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjIxNDcyMDcyOSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11104 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\MicrosoftEdge_X64_123.0.2420.97.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\MicrosoftEdge_X64_123.0.2420.97.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Windows\SysWOW64\mmc.exe

"C:\Windows\System32\mmc.exe"

C:\Windows\system32\mmc.exe

"C:\Windows\system32\mmc.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\MicrosoftEdge_X64_123.0.2420.97.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.123 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.97 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff7ad94baf8,0x7ff7ad94bb04,0x7ff7ad94bb10

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.123 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.97 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff7ad94baf8,0x7ff7ad94bb04,0x7ff7ad94bb10

C:\Windows\SysWOW64\explorer.exe

"C:\Windows\System32\explorer.exe"

C:\Windows\SysWOW64\control.exe

"C:\Windows\System32\control.exe"

C:\Windows\explorer.exe

C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+2+buy+weed

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10488 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11316 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=my+computer+is+doing+weird+things+wtf+is+happenin+plz+halp

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0x98,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11656 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11384 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+2+remove+a+virus

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11628 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11608 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RDY3QjJDNjktQ0NCOS00Q0VGLUE0REMtODNGM0NGRTREQ0ZGfSIgdXNlcmlkPSJ7QkJBNTM0OUQtRTdCNy00NzhBLTk2MkQtRkUzQjIzODYxNzA5fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntGMTdEM0JFMS1CODg3LTRGNTUtOTM2Qi0xMkNGOUY0N0JFRUV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4NS4yOSIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJJc09uSW50ZXJ2YWxDb21tYW5kc0FsbG93ZWQ9LXRhcmdldF9kZXY7UHJvZHVjdHNUb1JlZ2lzdGVyPSU3QjFGQUI4Q0ZFLTk4NjAtNDE1Qy1BNkNBLUFBN0QxMjAyMTk0MCU3RCIgaW5zdGFsbGFnZT0iMyIgY29ob3J0PSJycmZAMC41OCI-PHVwZGF0ZWNoZWNrLz48cGluZyByZD0iNjMxNCIgcGluZ19mcmVzaG5lc3M9IntBOEYyNzc2QS1FNjExLTQwMDYtODZCMy0yQjhCODVEQTlERjh9Ii8-PC9hcHA-PGFwcCBhcHBpZD0iezU2RUIxOEY4LUIwMDgtNENCRC1CNkQyLThDOTdGRTdFOTA2Mn0iIHZlcnNpb249IjkyLjAuOTAyLjY3IiBuZXh0dmVyc2lvbj0iMTIzLjAuMjQyMC45NyIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSIzIiBpc19waW5uZWRfc3lzdGVtPSJ0cnVlIiBsYXN0X2xhdW5jaF9jb3VudD0iMSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNTc2Nzk5Njc4MzI4OTgwIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjEyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjIzMDcwMDcwNCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjIzMDczMDgzNyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjI3MDkxMDU3OCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjI5MjQxNzQxNSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTI3OTc5MzcxMzgiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSIxMDMwIiBkb3dubG9hZGVkPSIxNzIwNzYwODgiIHRvdGFsPSIxNzIwNzYwODgiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIyIiBpbnN0YWxsX3RpbWVfbXM9IjUwNTQ5Ii8-PHBpbmcgYWN0aXZlPSIxIiBhZD0iNjMxNCIgcmQ9IjYzMTQiIHBpbmdfZnJlc2huZXNzPSJ7ODNEQzZCNkEtREY3Ny00NEMyLUJGQzktREZDNEU2MjU2QUU4fSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjMuMC4yNDIwLjk3IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMCIgaW5zdGFsbGRhdGU9IjYzMTQiIGNvaG9ydD0icnJmQDAuNTkiPjx1cGRhdGVjaGVjay8-PHBpbmcgcmQ9IjYzMTQiIHBpbmdfZnJlc2huZXNzPSJ7MDNCNjk2OEMtM0E0MC00MzIyLUFDNDQtRDgzQzRCOTBGRUFBfSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=montage+parody+making+program+2016

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0x9c,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10840 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11452 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+create+your+own+ransomware

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11132 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12116 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://play.clubpenguin.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12088 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12160 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10088 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=minecraft+hax+download+no+virus

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11516 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12104 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=minecraft+hax+download+no+virus

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10764 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12516 /prefetch:1

C:\Windows\SysWOW64\mmc.exe

"C:\Windows\system32\mmc.exe" "C:\Windows\System32\devmgmt.msc"

C:\Windows\system32\mmc.exe

"C:\Windows\System32\devmgmt.msc" "C:\Windows\System32\devmgmt.msc"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=john+cena+midi+legit+not+converted

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12268 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11148 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=is+illuminati+real

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12252 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12808 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=vinesauce+meme+collection

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xf8,0x12c,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12672 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13104 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+2+remove+a+virus

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0xf8,0x130,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12264 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13208 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+remove+memz+trojan+virus

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13016 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13472 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=mcafee+vs+norton

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13576 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13572 /prefetch:1

C:\Windows\SysWOW64\notepad.exe

"C:\Windows\System32\notepad.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+create+your+own+ransomware

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13128 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13916 /prefetch:1

C:\Windows\SysWOW64\notepad.exe

"C:\Windows\System32\notepad.exe"

C:\Windows\SysWOW64\Taskmgr.exe

"C:\Windows\System32\Taskmgr.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://motherboard.vice.com/read/watch-this-malware-turn-a-computer-into-a-digital-hellscape

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13652 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13920 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13084 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14260 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14380 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14936 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=half+life+3+release+date

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15180 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=mcafee+vs+norton

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15320 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15212 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15620 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pcoptimizerpro.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14740 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=vinesauce+meme+collection

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15980 /prefetch:1

C:\Windows\SysWOW64\mmc.exe

"C:\Windows\system32\mmc.exe" "C:\Windows\System32\devmgmt.msc"

C:\Windows\system32\mmc.exe

"C:\Windows\System32\devmgmt.msc" "C:\Windows\System32\devmgmt.msc"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+create+your+own+ransomware

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8376 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=dank+memz

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14760 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+send+a+virus+to+my+friend

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14876 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+code+a+virus+in+visual+basic

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xfc,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16028 /prefetch:1

C:\Windows\SysWOW64\mmc.exe

"C:\Windows\System32\mmc.exe"

C:\Windows\system32\mmc.exe

"C:\Windows\system32\mmc.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=dank+memz

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15496 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+code+a+virus+in+visual+basic

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0x11c,0x12c,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15196 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+2+remove+a+virus

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=stanky+danky+maymays

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x128,0x12c,0x130,0x104,0x134,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16008 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=half+life+3+release+date

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15744 /prefetch:1

C:\Windows\SysWOW64\mmc.exe

"C:\Windows\system32\mmc.exe" "C:\Windows\System32\devmgmt.msc"

C:\Windows\system32\mmc.exe

"C:\Windows\System32\devmgmt.msc" "C:\Windows\System32\devmgmt.msc"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://answers.microsoft.com/en-us/protect/forum/protect_other-protect_scanning/memz-malwarevirus-trojan-completely-destroying/268bc1c2-39f4-42f8-90c2-597a673b6b45

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14760 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15904 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14096 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=134 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14096 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15812 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=minecraft+hax+download+no+virus

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16084 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=batch+virus+download

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8352 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=g3t+r3kt

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=138 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13888 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://motherboard.vice.com/read/watch-this-malware-turn-a-computer-into-a-digital-hellscape

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x120,0x124,0xbc,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16108 /prefetch:1

C:\Windows\SysWOW64\notepad.exe

"C:\Windows\System32\notepad.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://softonic.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0x40,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15704 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+2+remove+a+virus

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=141 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15644 /prefetch:1

C:\Windows\SysWOW64\calc.exe

"C:\Windows\System32\calc.exe"

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+download+memz

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=142 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13592 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=virus+builder+legit+free+download

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=143 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16380 /prefetch:1

C:\Windows\SysWOW64\Taskmgr.exe

"C:\Windows\System32\Taskmgr.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+2+buy+weed

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=144 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11304 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=bonzi+buddy+download+free

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x11c,0xf8,0x120,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=145 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16284 /prefetch:1

C:\Windows\SysWOW64\mspaint.exe

"C:\Windows\System32\mspaint.exe"

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://play.clubpenguin.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=146 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15404 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=147 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11092 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://play.clubpenguin.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=148 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8052 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=149 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15956 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=150 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12808 /prefetch:1

C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe

"C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe"

C:\Windows\splwow64.exe

C:\Windows\splwow64.exe 12288

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k PrintWorkflow -s PrintWorkflowUserSvc

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=mcafee+vs+norton

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=151 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=the+memz+are+real

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0x120,0x124,0x11c,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=152 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15824 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+2+buy+weed

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=153 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6684 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=internet+explorer+is+the+best+browser

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=154 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15332 /prefetch:1

C:\Windows\SysWOW64\control.exe

"C:\Windows\System32\control.exe"

C:\Windows\SysWOW64\explorer.exe

"C:\Windows\System32\explorer.exe"

C:\Windows\SysWOW64\mmc.exe

"C:\Windows\System32\mmc.exe"

C:\Windows\system32\mmc.exe

"C:\Windows\system32\mmc.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+2+buy+weed

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xe0,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=155 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14848 /prefetch:1

C:\Windows\SysWOW64\mspaint.exe

"C:\Windows\System32\mspaint.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+send+a+virus+to+my+friend

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=156 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10992 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=my+computer+is+doing+weird+things+wtf+is+happenin+plz+halp

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=157 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16116 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=facebook+hacking+tool+free+download+no+virus+working+2016

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=montage+parody+making+program+2016

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Windows\SysWOW64\control.exe

"C:\Windows\System32\control.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=159 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6508 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=my+computer+is+doing+weird+things+wtf+is+happenin+plz+halp

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://softonic.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=160 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16192 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+send+a+virus+to+my+friend

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xf8,0x104,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://answers.microsoft.com/en-us/protect/forum/protect_other-protect_scanning/memz-malwarevirus-trojan-completely-destroying/268bc1c2-39f4-42f8-90c2-597a673b6b45

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0x120,0x124,0xfc,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=161 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15416 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=162 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6520 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=163 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3544 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
US 8.8.8.8:53 ephemeralcounters.api.roblox.com udp
PL 128.116.124.4:443 ephemeralcounters.api.roblox.com tcp
PL 128.116.124.4:443 ephemeralcounters.api.roblox.com tcp
US 8.8.8.8:53 setup.rbxcdn.qq.com udp
US 8.8.8.8:53 20.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 241.154.82.20.in-addr.arpa udp
US 8.8.8.8:53 233.69.68.104.in-addr.arpa udp
US 8.8.8.8:53 4.124.116.128.in-addr.arpa udp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 clientsettingscdn.roblox.qq.com udp
NL 23.62.61.194:443 www.bing.com tcp
US 8.8.8.8:53 setup.rbxcdn.com udp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
US 8.8.8.8:53 setup-ak.rbxcdn.com udp
US 8.8.8.8:53 setup-ll.rbxcdn.com udp
US 8.8.8.8:53 setup-cfly.rbxcdn.com udp
US 8.8.8.8:53 setup-hw.rbxcdn.com udp
US 8.8.8.8:53 233.38.18.104.in-addr.arpa udp
US 8.8.8.8:53 21.114.53.23.in-addr.arpa udp
US 8.8.8.8:53 194.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 www.roblox.com udp
PL 128.116.124.4:443 www.roblox.com tcp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 setup.rbxcdn.com udp
NL 23.63.101.171:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 171.101.63.23.in-addr.arpa udp
PL 128.116.124.4:443 www.roblox.com tcp
US 8.8.8.8:53 setup-ll.rbxcdn.com udp
PL 128.116.124.4:443 www.roblox.com tcp
US 8.8.8.8:53 setup-hw.rbxcdn.com udp
NL 23.63.101.171:443 setup.rbxcdn.com tcp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
NL 23.62.61.72:443 www.bing.com tcp
US 8.8.8.8:53 86.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 72.61.62.23.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
NL 23.62.61.155:443 th.bing.com tcp
US 8.8.8.8:53 21.121.18.2.in-addr.arpa udp
US 8.8.8.8:53 155.61.62.23.in-addr.arpa udp
NL 23.62.61.72:443 th.bing.com tcp
NL 23.62.61.72:443 th.bing.com tcp
NL 23.62.61.72:443 th.bing.com tcp
NL 23.62.61.72:443 th.bing.com tcp
NL 23.62.61.72:443 th.bing.com tcp
NL 23.62.61.72:443 th.bing.com tcp
NL 23.62.61.155:443 th.bing.com tcp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 login.microsoftonline.com udp
IE 20.190.159.73:443 login.microsoftonline.com tcp
IE 20.190.159.73:443 login.microsoftonline.com tcp
US 8.8.8.8:53 s28667145.weebly.com udp
US 74.115.51.8:443 s28667145.weebly.com tcp
US 74.115.51.8:443 s28667145.weebly.com tcp
US 8.8.8.8:53 apps.identrust.com udp
NL 23.63.101.171:80 apps.identrust.com tcp
US 8.8.8.8:53 73.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 8.51.115.74.in-addr.arpa udp
US 8.8.8.8:53 cdn2.editmysite.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 151.101.1.46:443 cdn2.editmysite.com tcp
US 151.101.1.46:443 cdn2.editmysite.com tcp
US 151.101.1.46:443 cdn2.editmysite.com tcp
US 151.101.1.46:443 cdn2.editmysite.com tcp
US 151.101.1.46:443 cdn2.editmysite.com tcp
US 151.101.1.46:443 cdn2.editmysite.com tcp
GB 172.217.16.234:443 ajax.googleapis.com tcp
US 8.8.8.8:53 services.bingapis.com udp
US 8.8.8.8:53 10.178.250.142.in-addr.arpa udp
US 13.107.5.80:443 services.bingapis.com tcp
US 8.8.8.8:53 46.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 234.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 fast.fonts.net udp
US 13.107.5.80:443 services.bingapis.com tcp
US 104.16.40.28:443 fast.fonts.net tcp
US 151.101.1.46:443 cdn2.editmysite.com udp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 80.5.107.13.in-addr.arpa udp
US 8.8.8.8:53 226.20.18.104.in-addr.arpa udp
US 8.8.8.8:53 smweebly.pixelbits.io udp
US 45.79.99.181:443 smweebly.pixelbits.io tcp
US 45.79.99.181:443 smweebly.pixelbits.io tcp
US 8.8.8.8:53 ssl.google-analytics.com udp
GB 216.58.204.72:443 ssl.google-analytics.com tcp
US 8.8.8.8:53 72.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 0.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 89.33.18.104.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 185.199.108.133:443 user-images.githubusercontent.com tcp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 154.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 collector.github.com udp
US 140.82.113.21:443 collector.github.com tcp
US 140.82.113.21:443 collector.github.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 21.113.82.140.in-addr.arpa udp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 20.114.58.89:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 89.58.114.20.in-addr.arpa udp
US 8.8.8.8:53 msedge.f.tlu.dl.delivery.mp.microsoft.com udp
NL 2.18.121.16:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 16.121.18.2.in-addr.arpa udp
US 74.115.51.8:443 s28667145.weebly.com tcp
US 74.115.51.8:443 s28667145.weebly.com tcp
NL 23.62.61.155:443 th.bing.com tcp
US 8.8.8.8:53 camo.githubusercontent.com udp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 185.199.111.133:443 raw.githubusercontent.com tcp
US 8.8.8.8:53 133.111.199.185.in-addr.arpa udp
PL 128.116.124.4:443 www.roblox.com tcp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 client-telemetry.roblox.com udp
PL 128.116.124.3:443 client-telemetry.roblox.com tcp
US 8.8.8.8:53 3.124.116.128.in-addr.arpa udp
US 8.8.8.8:53 answers.microsoft.com udp
GB 104.103.252.222:80 answers.microsoft.com tcp
GB 104.103.252.222:80 answers.microsoft.com tcp
GB 104.103.252.222:443 answers.microsoft.com tcp
US 8.8.8.8:53 222.252.103.104.in-addr.arpa udp
US 8.8.8.8:53 login.microsoftonline.com udp
IE 40.126.31.69:443 login.microsoftonline.com tcp
US 8.8.8.8:53 aadcdn.msftauth.net udp
US 8.8.8.8:53 aadcdn.msauth.net udp
US 152.199.23.37:443 aadcdn.msftauth.net tcp
US 8.8.8.8:53 69.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 37.23.199.152.in-addr.arpa udp
US 8.8.8.8:53 identity.nel.measure.office.net udp
BE 2.17.107.176:443 identity.nel.measure.office.net tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 answers-afd.microsoft.com udp
NL 72.246.173.187:443 www.microsoft.com tcp
US 13.107.246.64:443 answers-afd.microsoft.com tcp
US 13.107.246.64:443 answers-afd.microsoft.com tcp
US 13.107.246.64:443 answers-afd.microsoft.com tcp
US 13.107.246.64:443 answers-afd.microsoft.com tcp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 8.8.8.8:53 js.monitor.azure.com udp
NL 72.246.173.187:443 www.microsoft.com tcp
US 8.8.8.8:53 mem.gfx.ms udp
US 8.8.8.8:53 consentdeliveryfd.azurefd.net udp
US 13.107.246.64:443 consentdeliveryfd.azurefd.net tcp
US 13.107.246.64:443 consentdeliveryfd.azurefd.net tcp
US 13.107.246.64:443 consentdeliveryfd.azurefd.net tcp
US 8.8.8.8:53 68.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 176.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 13.107.246.64:443 consentdeliveryfd.azurefd.net tcp
US 8.8.8.8:53 answersstaticfilecdnv2.azureedge.net udp
US 13.107.246.64:443 consentdeliveryfd.azurefd.net tcp
US 13.107.246.64:443 consentdeliveryfd.azurefd.net tcp
US 152.199.21.175:443 answersstaticfilecdnv2.azureedge.net tcp
US 152.199.21.175:443 answersstaticfilecdnv2.azureedge.net tcp
US 152.199.21.175:443 answersstaticfilecdnv2.azureedge.net tcp
US 152.199.21.175:443 answersstaticfilecdnv2.azureedge.net tcp
US 152.199.21.175:443 answersstaticfilecdnv2.azureedge.net tcp
US 152.199.21.175:443 answersstaticfilecdnv2.azureedge.net tcp
US 152.199.21.175:443 answersstaticfilecdnv2.azureedge.net tcp
US 8.8.8.8:53 48.251.17.2.in-addr.arpa udp
US 8.8.8.8:53 175.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 acctcdn.msftauth.net udp
US 8.8.8.8:53 acctcdn.msauth.net udp
US 8.8.8.8:53 logincdn.msftauth.net udp
US 152.199.21.175:443 acctcdn.msftauth.net tcp
US 192.229.221.185:443 logincdn.msftauth.net tcp
US 8.8.8.8:53 acctcdnmsftuswe2.azureedge.net udp
US 13.107.246.64:443 acctcdnmsftuswe2.azureedge.net tcp
US 8.8.8.8:53 acctcdnvzeuno.azureedge.net udp
US 8.8.8.8:53 lgincdnmsftuswe2.azureedge.net udp
US 8.8.8.8:53 lgincdnvzeuno.azureedge.net udp
US 8.8.8.8:53 browser.events.data.microsoft.com udp
US 20.44.10.122:443 browser.events.data.microsoft.com tcp
US 8.8.8.8:53 185.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 122.10.44.20.in-addr.arpa udp
US 20.44.10.122:443 browser.events.data.microsoft.com tcp
US 8.8.8.8:53 google.co.ck udp
GB 172.217.16.228:80 google.co.ck tcp
GB 172.217.16.228:80 google.co.ck tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:80 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 support.google.com udp
US 8.8.8.8:53 228.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 4.178.250.142.in-addr.arpa udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
GB 172.217.16.228:80 google.co.ck tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 pcoptimizerpro.com udp
US 50.63.8.124:80 pcoptimizerpro.com tcp
US 50.63.8.124:80 pcoptimizerpro.com tcp
US 50.63.8.124:80 pcoptimizerpro.com tcp
US 50.63.8.124:80 pcoptimizerpro.com tcp
US 50.63.8.124:80 pcoptimizerpro.com tcp
US 50.63.8.124:80 pcoptimizerpro.com tcp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 20.7.47.135:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 135.47.7.20.in-addr.arpa udp
GB 172.217.16.228:80 google.co.ck tcp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
NL 2.18.121.24:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 24.121.18.2.in-addr.arpa udp
US 50.63.8.124:80 pcoptimizerpro.com tcp
US 50.63.8.124:80 pcoptimizerpro.com tcp
US 50.63.8.124:80 pcoptimizerpro.com tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 142.250.178.4:443 www.google.com udp
US 20.7.47.135:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 8.8.8.8:53 98.242.123.52.in-addr.arpa udp
GB 172.217.16.228:80 google.co.ck tcp
NL 52.142.223.178:80 tcp
US 8.8.8.8:53 79.121.231.20.in-addr.arpa udp
US 8.8.8.8:53 google.co.ck udp
US 8.8.8.8:53 www.google.com udp
GB 172.217.16.228:80 google.co.ck tcp
US 8.8.8.8:53 support.google.com udp
US 8.8.8.8:53 softonic.com udp
US 35.227.233.104:80 softonic.com tcp
US 35.227.233.104:80 softonic.com tcp
US 35.227.233.104:443 softonic.com tcp
US 8.8.8.8:53 104.233.227.35.in-addr.arpa udp
US 8.8.8.8:53 www.softonic.com udp
US 8.8.8.8:53 en.softonic.com udp
US 8.8.8.8:53 images.sftcdn.net udp
US 8.8.8.8:53 sdk.privacy-center.org udp
US 8.8.8.8:53 assets.sftcdn.net udp
BE 104.68.82.93:443 images.sftcdn.net tcp
BE 104.68.82.93:443 images.sftcdn.net tcp
BE 104.68.82.93:443 images.sftcdn.net tcp
BE 104.68.82.93:443 images.sftcdn.net tcp
BE 104.68.82.93:443 images.sftcdn.net tcp
BE 104.68.82.93:443 images.sftcdn.net tcp
US 151.101.1.91:443 assets.sftcdn.net tcp
US 151.101.1.91:443 assets.sftcdn.net tcp
US 151.101.1.91:443 assets.sftcdn.net tcp
DE 54.230.206.91:443 sdk.privacy-center.org tcp
US 151.101.1.91:443 assets.sftcdn.net udp
US 8.8.8.8:53 8.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 91.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 93.82.68.104.in-addr.arpa udp
US 8.8.8.8:53 91.206.230.54.in-addr.arpa udp
US 8.8.8.8:53 56.92.85.52.in-addr.arpa udp
US 151.101.1.91:443 assets.sftcdn.net udp
US 8.8.8.8:53 notix.io udp
NL 139.45.197.227:443 notix.io tcp
DE 54.230.206.91:443 sdk.privacy-center.org udp
US 8.8.8.8:53 static.site24x7rum.eu udp
DE 54.230.206.57:443 static.site24x7rum.eu tcp
US 8.8.8.8:53 ampcid.google.com udp
GB 142.250.180.14:443 ampcid.google.com tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 227.197.45.139.in-addr.arpa udp
US 8.8.8.8:53 178.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 57.206.230.54.in-addr.arpa udp
US 8.8.8.8:53 14.180.250.142.in-addr.arpa udp
BE 64.233.167.156:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 156.167.233.64.in-addr.arpa udp
US 8.8.8.8:53 identity.nel.measure.office.net udp
BE 2.17.107.224:443 identity.nel.measure.office.net tcp
US 8.8.8.8:53 224.107.17.2.in-addr.arpa udp
GB 172.217.16.228:80 google.co.ck tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 172.217.16.228:80 google.co.ck tcp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 20.7.47.135:443 msedge.api.cdp.microsoft.com tcp
GB 142.250.178.4:443 www.google.com udp
GB 172.217.16.228:80 google.co.ck tcp
US 8.8.8.8:53 play.clubpenguin.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 play.clubpenguin.com udp
US 8.8.8.8:53 google.co.ck udp
US 8.8.8.8:53 www.google.com udp
GB 172.217.16.228:80 google.co.ck tcp
US 8.8.8.8:53 support.google.com udp
US 8.8.8.8:53 motherboard.vice.com udp
US 151.101.2.133:80 motherboard.vice.com tcp
US 151.101.2.133:80 motherboard.vice.com tcp
US 151.101.2.133:443 motherboard.vice.com tcp
US 8.8.8.8:53 www.vice.com udp
US 8.8.8.8:53 133.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 vice-web-statics-cdn.vice.com udp
US 8.8.8.8:53 htlbid.com udp
GB 3.162.20.84:443 htlbid.com tcp
US 151.101.2.133:443 vice-web-statics-cdn.vice.com tcp
US 151.101.2.133:443 vice-web-statics-cdn.vice.com tcp
US 8.8.8.8:53 sourcepoint.mgr.consensu.org udp
US 8.8.8.8:53 native.sharethrough.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 84.20.162.3.in-addr.arpa udp
GB 3.162.20.123:443 native.sharethrough.com tcp
GB 172.217.16.226:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 vice-dev-web-statics-cdn.vice.com udp
US 8.8.8.8:53 gum.criteo.com udp
US 8.8.8.8:53 vice-sundry-assets-cdn.vice.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 api.amplitude.com udp
US 8.8.8.8:53 oembed.vice.com udp
US 8.8.8.8:53 images.vice.com udp
US 35.161.42.1:443 api.amplitude.com tcp
US 8.8.8.8:53 video-images.vice.com udp
US 8.8.8.8:53 www.npttech.com udp
US 104.21.66.34:443 www.npttech.com tcp
US 8.8.8.8:53 cdn.privacy-mgmt.com udp
GB 18.165.160.7:443 cdn.privacy-mgmt.com tcp
US 8.8.8.8:53 ccpa.sp-prod.net udp
US 8.8.8.8:53 widgets.outbrain.com udp
GB 23.37.1.130:443 widgets.outbrain.com tcp
GB 54.230.10.94:443 ccpa.sp-prod.net tcp
US 8.8.8.8:53 widget.sellwild.com udp
US 8.8.8.8:53 static.anonymised.io udp
US 8.8.8.8:53 123.20.162.3.in-addr.arpa udp
US 8.8.8.8:53 226.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 1.42.161.35.in-addr.arpa udp
US 8.8.8.8:53 34.66.21.104.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
US 34.107.217.107:443 static.anonymised.io tcp
US 8.8.8.8:53 7.160.165.18.in-addr.arpa udp
US 8.8.8.8:53 segment-data.zqtk.net udp
GB 18.172.89.126:443 widget.sellwild.com tcp
GB 18.165.160.7:443 cdn.privacy-mgmt.com tcp
FR 172.234.63.226:443 segment-data.zqtk.net tcp
GB 216.58.212.238:443 www.youtube.com tcp
GB 216.58.212.238:443 www.youtube.com tcp
US 8.8.8.8:53 sourcepoint.vice.com udp
US 8.8.8.8:53 pub.doubleverify.com udp
GB 18.172.89.14:443 sourcepoint.vice.com tcp
FR 172.234.63.226:443 segment-data.zqtk.net tcp
US 8.8.8.8:53 silo50.p7cloud.net udp
US 8.8.8.8:53 cdn.confiant-integrations.net udp
US 8.8.8.8:53 launchpad-wrapper.privacymanager.io udp
US 8.8.8.8:53 scdn.cxense.com udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 104.18.166.224:443 pub.doubleverify.com tcp
GB 13.224.81.28:443 silo50.p7cloud.net tcp
GB 18.172.89.9:443 launchpad-wrapper.privacymanager.io tcp
GB 3.162.21.19:443 c.amazon-adsystem.com tcp
US 172.64.144.166:443 cdn.confiant-integrations.net tcp
BE 104.68.95.245:443 scdn.cxense.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.200.22:443 i.ytimg.com tcp
GB 216.58.212.238:443 www.youtube.com udp
US 8.8.8.8:53 sdk.snapkit.com udp
GB 54.230.10.62:443 sdk.snapkit.com tcp
US 8.8.8.8:53 secure.quantserve.com udp
US 8.8.8.8:53 tag.aticdn.net udp
US 8.8.8.8:53 trinitymedia.ai udp
US 34.107.217.107:443 static.anonymised.io udp
US 3.218.57.113:443 trinitymedia.ai tcp
GB 172.217.16.226:443 securepubads.g.doubleclick.net udp
GB 3.162.20.84:443 tag.aticdn.net tcp
DE 91.228.74.200:443 secure.quantserve.com tcp
US 172.64.144.166:443 cdn.confiant-integrations.net udp
US 8.8.8.8:53 widget-pixels.outbrain.com udp
US 8.8.8.8:53 130.1.37.23.in-addr.arpa udp
US 8.8.8.8:53 94.10.230.54.in-addr.arpa udp
US 8.8.8.8:53 107.217.107.34.in-addr.arpa udp
US 8.8.8.8:53 226.63.234.172.in-addr.arpa udp
US 8.8.8.8:53 126.89.172.18.in-addr.arpa udp
US 8.8.8.8:53 238.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 224.166.18.104.in-addr.arpa udp
US 8.8.8.8:53 14.89.172.18.in-addr.arpa udp
US 8.8.8.8:53 28.81.224.13.in-addr.arpa udp
US 8.8.8.8:53 166.144.64.172.in-addr.arpa udp
US 8.8.8.8:53 9.89.172.18.in-addr.arpa udp
US 8.8.8.8:53 19.21.162.3.in-addr.arpa udp
US 8.8.8.8:53 245.95.68.104.in-addr.arpa udp
US 8.8.8.8:53 22.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 62.10.230.54.in-addr.arpa udp
US 8.8.8.8:53 200.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 ccpa-service.sp-prod.net udp
GB 142.250.200.34:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 launchpad.privacymanager.io udp
US 34.228.3.229:443 ccpa-service.sp-prod.net tcp
US 104.18.166.224:443 pub.doubleverify.com udp
GB 13.224.81.122:443 launchpad.privacymanager.io tcp
US 8.8.8.8:53 api.cxense.com udp
US 8.8.8.8:53 tag.bounceexchange.com udp
US 8.8.8.8:53 ams-pageview-public.s3.amazonaws.com udp
US 8.8.8.8:53 material.anonymised.io udp
US 8.8.8.8:53 aegis.anonymised.io udp
US 8.8.8.8:53 api.snapkit.com udp
GB 142.250.200.34:443 googleads.g.doubleclick.net udp
DE 167.235.124.23:443 api.cxense.com tcp
US 34.117.250.57:443 material.anonymised.io tcp
US 8.8.8.8:53 yield-manager.browsiprod.com udp
US 8.8.8.8:53 static.doubleclick.net udp
US 35.190.43.134:443 api.snapkit.com tcp
US 34.107.217.107:443 aegis.anonymised.io tcp
US 8.8.8.8:53 cdn.browsiprod.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
US 8.8.8.8:53 yt3.ggpht.com udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
US 34.120.253.250:443 tag.bounceexchange.com tcp
US 54.231.165.113:443 ams-pageview-public.s3.amazonaws.com tcp
US 34.117.250.57:443 material.anonymised.io udp
US 8.8.8.8:53 live.primis.tech udp
US 8.8.8.8:53 rules.quantcount.com udp
GB 18.172.93.140:443 aax.amazon-adsystem.com tcp
GB 142.250.187.225:443 yt3.ggpht.com tcp
GB 142.250.187.202:443 jnn-pa.googleapis.com tcp
GB 3.162.20.127:443 cdn.browsiprod.com tcp
GB 142.250.179.230:443 static.doubleclick.net tcp
US 13.33.52.7:443 config.aps.amazon-adsystem.com tcp
US 8.8.8.8:53 js.gumgum.com udp
US 8.8.8.8:53 vd.trinitymedia.ai udp
US 8.8.8.8:53 cdn.id5-sync.com udp
GB 13.224.81.62:443 yield-manager.browsiprod.com tcp
GB 172.217.16.238:443 fundingchoicesmessages.google.com tcp
US 8.8.8.8:53 113.57.218.3.in-addr.arpa udp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 229.3.228.34.in-addr.arpa udp
GB 142.250.179.230:443 static.doubleclick.net tcp
GB 3.162.20.127:443 cdn.browsiprod.com tcp
GB 13.224.81.62:443 yield-manager.browsiprod.com tcp
US 8.8.8.8:53 122.81.224.13.in-addr.arpa udp
GB 142.250.187.202:443 jnn-pa.googleapis.com tcp
US 34.107.217.107:443 aegis.anonymised.io udp
US 8.8.8.8:53 geo.privacymanager.io udp
US 8.8.8.8:53 logws1330.ati-host.net udp
US 8.8.8.8:53 pd.cdnwidget.com udp
GB 142.250.187.225:443 yt3.ggpht.com tcp
US 13.33.52.7:443 config.aps.amazon-adsystem.com tcp
GB 18.172.93.140:443 aax.amazon-adsystem.com tcp
GB 172.217.16.238:443 fundingchoicesmessages.google.com tcp
US 8.8.8.8:53 api.bounceexchange.com udp
US 8.8.8.8:53 assets.bounceexchange.com udp
GB 54.192.34.136:443 logws1330.ati-host.net tcp
US 35.190.43.134:443 api.snapkit.com udp
GB 18.172.89.18:443 rules.quantcount.com tcp
US 8.8.8.8:53 data.cdnbasket.net udp
US 34.111.8.32:443 api.bounceexchange.com tcp
US 34.149.130.207:443 pd.cdnwidget.com tcp
GB 13.224.81.105:443 geo.privacymanager.io tcp
US 8.8.8.8:53 events.bouncex.net udp
GB 18.165.160.95:443 js.gumgum.com tcp
US 104.22.53.86:443 cdn.id5-sync.com tcp
GB 18.172.89.42:443 live.primis.tech tcp
GB 143.244.38.136:443 vd.trinitymedia.ai tcp
GB 142.250.187.202:443 jnn-pa.googleapis.com udp
US 34.98.72.95:443 assets.bounceexchange.com tcp
US 8.8.8.8:53 events.browsiprod.com udp
US 8.8.8.8:53 page.cdnbasket.net udp
US 8.8.8.8:53 view.cdnbasket.net udp
US 54.69.143.81:443 events.browsiprod.com tcp
US 54.69.143.81:443 events.browsiprod.com tcp
GB 172.217.16.238:443 fundingchoicesmessages.google.com udp
US 54.69.143.81:443 events.browsiprod.com tcp
GB 3.162.20.127:443 cdn.browsiprod.com tcp
US 54.69.143.81:443 events.browsiprod.com tcp
US 8.8.8.8:53 g2.gumgum.com udp
US 8.8.8.8:53 c.gumgum.com udp
US 34.98.72.95:443 assets.bounceexchange.com udp
US 13.33.52.15:443 aba.gumgum.com tcp
US 8.8.8.8:53 gumgum.com udp
GB 54.230.10.26:443 c.gumgum.com tcp
GB 18.165.160.95:443 js.gumgum.com tcp
IE 52.17.97.65:443 g2.gumgum.com tcp
US 8.8.8.8:53 23.124.235.167.in-addr.arpa udp
GB 3.162.20.54:443 gumgum.com tcp
US 8.8.8.8:53 57.250.117.34.in-addr.arpa udp
US 8.8.8.8:53 134.43.190.35.in-addr.arpa udp
US 8.8.8.8:53 250.253.120.34.in-addr.arpa udp
US 8.8.8.8:53 113.165.231.54.in-addr.arpa udp
US 8.8.8.8:53 225.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 230.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 140.93.172.18.in-addr.arpa udp
US 8.8.8.8:53 7.52.33.13.in-addr.arpa udp
US 8.8.8.8:53 127.20.162.3.in-addr.arpa udp
US 8.8.8.8:53 62.81.224.13.in-addr.arpa udp
US 8.8.8.8:53 136.34.192.54.in-addr.arpa udp
US 8.8.8.8:53 32.8.111.34.in-addr.arpa udp
US 8.8.8.8:53 207.130.149.34.in-addr.arpa udp
US 8.8.8.8:53 18.89.172.18.in-addr.arpa udp
US 8.8.8.8:53 136.38.244.143.in-addr.arpa udp
US 8.8.8.8:53 105.81.224.13.in-addr.arpa udp
US 8.8.8.8:53 86.53.22.104.in-addr.arpa udp
US 8.8.8.8:53 95.160.165.18.in-addr.arpa udp
US 8.8.8.8:53 42.89.172.18.in-addr.arpa udp
US 8.8.8.8:53 95.72.98.34.in-addr.arpa udp
US 8.8.8.8:53 81.143.69.54.in-addr.arpa udp
US 8.8.8.8:53 15.52.33.13.in-addr.arpa udp
US 8.8.8.8:53 26.10.230.54.in-addr.arpa udp
US 8.8.8.8:53 65.97.17.52.in-addr.arpa udp
US 8.8.8.8:53 ai.browsiprod.com udp
GB 3.162.20.5:443 ai.browsiprod.com tcp
GB 3.162.20.5:443 ai.browsiprod.com tcp
US 8.8.8.8:53 demand-engine.browsiprod.com udp
GB 3.162.20.113:443 demand-engine.browsiprod.com tcp
GB 172.217.16.228:80 google.co.ck tcp
US 8.8.8.8:53 5.20.162.3.in-addr.arpa udp
US 8.8.8.8:53 54.20.162.3.in-addr.arpa udp
US 8.8.8.8:53 113.20.162.3.in-addr.arpa udp
US 54.69.143.81:443 events.browsiprod.com tcp
US 8.8.8.8:53 comcluster.cxense.com udp
DE 167.235.124.59:443 comcluster.cxense.com tcp
US 54.69.143.81:443 events.browsiprod.com tcp
GB 143.244.38.136:443 vd.trinitymedia.ai tcp
US 8.8.8.8:53 59.124.235.167.in-addr.arpa udp
GB 172.217.16.238:443 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 ua.p7cloud.net udp
GB 18.172.89.12:443 ua.p7cloud.net tcp
US 8.8.8.8:53 226.179.250.142.in-addr.arpa udp
US 104.18.166.224:443 pub.doubleverify.com udp
US 8.8.8.8:53 d2tbszkvx1p56e.cloudfront.net udp
US 8.8.8.8:53 depart.trinitymedia.ai udp
GB 52.84.136.49:443 d2tbszkvx1p56e.cloudfront.net tcp
DE 18.185.185.216:443 depart.trinitymedia.ai tcp
US 8.8.8.8:53 location.p7cloud.net udp
GB 3.162.20.33:443 location.p7cloud.net tcp
US 8.8.8.8:53 12.89.172.18.in-addr.arpa udp
US 8.8.8.8:53 49.136.84.52.in-addr.arpa udp
US 8.8.8.8:53 216.185.185.18.in-addr.arpa udp
US 8.8.8.8:53 js-agent.newrelic.com udp
US 162.247.243.39:443 js-agent.newrelic.com tcp
US 162.247.243.39:443 js-agent.newrelic.com tcp
US 8.8.8.8:53 33.20.162.3.in-addr.arpa udp
US 8.8.8.8:53 39.243.247.162.in-addr.arpa udp
US 8.8.8.8:53 bam.nr-data.net udp
US 162.247.243.29:443 bam.nr-data.net tcp
US 8.8.8.8:53 29.243.247.162.in-addr.arpa udp
US 8.8.8.8:53 synchrobox.adswizz.com udp
US 8.8.8.8:53 playerservices.live.streamtheworld.com udp
US 8.8.8.8:53 entravision.deliveryengine.adswizz.com udp
US 8.8.8.8:53 audioad.zenomedia.com udp
US 8.8.8.8:53 yieldopt.spreaker.com udp
US 8.8.8.8:53 optimized-by.rubiconproject.com udp
US 8.8.8.8:53 api.tsbluebox.com udp
US 8.8.8.8:53 cmod587.live.streamtheworld.com udp
US 8.8.8.8:53 vast.adtonos.com udp
IE 34.248.31.5:443 synchrobox.adswizz.com tcp
CA 15.235.86.240:443 audioad.zenomedia.com tcp
GB 18.165.160.62:443 yieldopt.spreaker.com tcp
GB 3.162.20.24:443 entravision.deliveryengine.adswizz.com tcp
IE 54.170.32.25:443 api.tsbluebox.com tcp
GB 54.38.209.27:443 vast.adtonos.com tcp
CA 192.173.29.77:443 playerservices.live.streamtheworld.com tcp
DE 3.126.222.23:443 optimized-by.rubiconproject.com tcp
FR 192.173.31.108:443 cmod587.live.streamtheworld.com tcp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 prebid.a-mo.net udp
US 35.227.252.103:443 rtb.openx.net tcp
NL 213.19.162.21:443 fastlane.rubiconproject.com tcp
DE 3.126.222.23:443 optimized-by.rubiconproject.com tcp
NL 145.40.97.67:443 prebid.a-mo.net tcp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
IE 52.17.97.65:443 g2.gumgum.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
GB 13.224.81.46:443 hb.yellowblue.io tcp
US 8.8.8.8:53 5.31.248.34.in-addr.arpa udp
US 8.8.8.8:53 27.209.38.54.in-addr.arpa udp
US 8.8.8.8:53 62.160.165.18.in-addr.arpa udp
US 8.8.8.8:53 24.20.162.3.in-addr.arpa udp
US 8.8.8.8:53 77.29.173.192.in-addr.arpa udp
US 8.8.8.8:53 240.86.235.15.in-addr.arpa udp
US 8.8.8.8:53 103.252.227.35.in-addr.arpa udp
US 8.8.8.8:53 67.97.40.145.in-addr.arpa udp
US 8.8.8.8:53 108.31.173.192.in-addr.arpa udp
US 8.8.8.8:53 23.222.126.3.in-addr.arpa udp
US 8.8.8.8:53 21.162.19.213.in-addr.arpa udp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 46.81.224.13.in-addr.arpa udp
CA 192.173.29.77:443 playerservices.live.streamtheworld.com tcp
US 8.8.8.8:53 vast-adapter.adtonos.com udp
GB 54.38.209.28:443 vast-adapter.adtonos.com tcp
US 8.8.8.8:53 timmedia.deliveryengine.adswizz.com udp
US 8.8.8.8:53 play.adtonos.com udp
GB 18.172.89.52:443 timmedia.deliveryengine.adswizz.com tcp
GB 51.89.155.117:443 play.adtonos.com tcp
US 8.8.8.8:53 delivery-cdn-cf.adswizz.com udp
US 8.8.8.8:53 yield-op-idsync.live.streamtheworld.com udp
GB 13.224.81.126:443 delivery-cdn-cf.adswizz.com tcp
CA 192.173.29.84:443 yield-op-idsync.live.streamtheworld.com tcp
US 34.111.8.32:443 events.bouncex.net tcp
US 8.8.8.8:53 52.89.172.18.in-addr.arpa udp
US 8.8.8.8:53 28.209.38.54.in-addr.arpa udp
US 8.8.8.8:53 126.81.224.13.in-addr.arpa udp
US 8.8.8.8:53 117.155.89.51.in-addr.arpa udp
US 8.8.8.8:53 84.29.173.192.in-addr.arpa udp
US 8.8.8.8:53 firebaseremoteconfig.googleapis.com udp
US 8.8.8.8:53 synchroscript.deliveryengine.adswizz.com udp
GB 3.162.20.127:443 synchroscript.deliveryengine.adswizz.com tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 8.8.8.8:53 ads.pubmatic.com udp
GB 23.37.0.235:443 ads.pubmatic.com tcp
US 8.8.8.8:53 firebaselogging.googleapis.com udp
US 8.8.8.8:53 check.analytics.rlcdn.com udp
US 8.8.8.8:53 api.rlcdn.com udp
US 8.8.8.8:53 id5-sync.com udp
GB 54.230.10.87:443 check.analytics.rlcdn.com tcp
US 34.120.133.55:443 api.rlcdn.com tcp
DE 162.19.138.118:443 id5-sync.com tcp
US 8.8.8.8:53 87.10.230.54.in-addr.arpa udp
US 8.8.8.8:53 235.0.37.23.in-addr.arpa udp
US 8.8.8.8:53 55.133.120.34.in-addr.arpa udp
US 8.8.8.8:53 118.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 pcoptimizerpro.com udp
US 50.63.8.124:80 pcoptimizerpro.com tcp
US 50.63.8.124:80 pcoptimizerpro.com tcp
US 50.63.8.124:80 pcoptimizerpro.com tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.187.206:443 play.google.com tcp
GB 142.250.187.206:443 play.google.com tcp
GB 142.250.187.206:443 play.google.com udp
US 8.8.8.8:53 206.187.250.142.in-addr.arpa udp
GB 142.250.187.206:443 play.google.com udp
DE 18.185.185.216:443 depart.trinitymedia.ai tcp
GB 18.165.160.62:443 yieldopt.spreaker.com udp
FR 192.173.31.108:443 cmod587.live.streamtheworld.com tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 8.8.8.8:53 silo50.p7cloud.net udp
GB 13.224.81.28:443 silo50.p7cloud.net tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 142.250.178.4:80 www.google.com tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
GB 13.224.81.28:443 silo50.p7cloud.net tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 142.250.178.4:80 www.google.com tcp
GB 172.217.16.228:80 google.co.ck tcp
US 162.247.243.29:443 bam.nr-data.net tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 142.250.178.4:80 www.google.com tcp
GB 13.224.81.28:443 silo50.p7cloud.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 142.250.178.4:80 www.google.com tcp
GB 142.250.200.34:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 answers.microsoft.com udp
GB 104.103.252.222:443 answers.microsoft.com tcp
US 8.8.8.8:53 answersstaticfilecdnv2.azureedge.net udp
US 152.199.21.175:443 answersstaticfilecdnv2.azureedge.net tcp
US 8.8.8.8:53 login.microsoftonline.com udp
IE 20.190.159.73:443 login.microsoftonline.com tcp
US 8.8.8.8:53 browser.events.data.microsoft.com udp
US 20.189.173.4:443 browser.events.data.microsoft.com tcp
US 20.189.173.4:443 browser.events.data.microsoft.com tcp
US 8.8.8.8:53 acctcdn.msftauth.net udp
US 8.8.8.8:53 acctcdn.msauth.net udp
US 8.8.8.8:53 logincdn.msftauth.net udp
US 8.8.8.8:53 4.173.189.20.in-addr.arpa udp
US 152.199.21.175:443 acctcdn.msftauth.net tcp
US 13.107.246.64:443 acctcdn.msauth.net tcp
US 192.229.221.185:443 logincdn.msftauth.net tcp
US 8.8.8.8:53 acctcdnvzeuno.azureedge.net udp
US 8.8.8.8:53 lgincdnmsftuswe2.azureedge.net udp
US 8.8.8.8:53 acctcdnmsftuswe2.azureedge.net udp
US 8.8.8.8:53 lgincdnvzeuno.azureedge.net udp
US 8.8.8.8:53 mem.gfx.ms udp
GB 172.217.16.228:80 google.co.ck tcp
GB 172.217.16.228:80 google.co.ck tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:80 www.google.com tcp
US 20.189.173.4:443 browser.events.data.microsoft.com tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 142.250.178.4:80 www.google.com tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 142.250.178.4:80 www.google.com tcp
US 8.8.8.8:53 motherboard.vice.com udp
US 151.101.2.133:443 motherboard.vice.com tcp
US 8.8.8.8:53 www.vice.com udp
US 8.8.8.8:53 sourcepoint.mgr.consensu.org udp
US 8.8.8.8:53 native.sharethrough.com udp
GB 172.217.16.226:443 securepubads.g.doubleclick.net udp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 api.amplitude.com udp
GB 3.162.20.48:443 native.sharethrough.com tcp
US 151.101.2.133:443 www.vice.com tcp
US 8.8.8.8:53 images.vice.com udp
US 44.239.181.141:443 api.amplitude.com tcp
US 8.8.8.8:53 vice-web-statics-cdn.vice.com udp
US 8.8.8.8:53 vice-dev-web-statics-cdn.vice.com udp
US 8.8.8.8:53 vice-sundry-assets-cdn.vice.com udp
US 8.8.8.8:53 htlbid.com udp
US 151.101.2.133:443 vice-sundry-assets-cdn.vice.com tcp
US 8.8.8.8:53 oembed.vice.com udp
GB 3.162.20.126:443 htlbid.com tcp
US 8.8.8.8:53 trinitymedia.ai udp
US 52.7.64.36:443 trinitymedia.ai tcp
US 8.8.8.8:53 cdn.privacy-mgmt.com udp
GB 18.165.160.7:443 cdn.privacy-mgmt.com tcp
US 8.8.8.8:53 widgets.outbrain.com udp
US 8.8.8.8:53 48.20.162.3.in-addr.arpa udp
US 8.8.8.8:53 141.181.239.44.in-addr.arpa udp
US 8.8.8.8:53 126.20.162.3.in-addr.arpa udp
US 8.8.8.8:53 sourcepoint.vice.com udp
US 8.8.8.8:53 pub.doubleverify.com udp
GB 18.172.89.15:443 sourcepoint.vice.com tcp
US 8.8.8.8:53 api.snapkit.com udp
FR 172.234.63.226:443 segment-data.zqtk.net tcp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 8.8.8.8:53 silo50.p7cloud.net udp
US 104.18.166.224:443 pub.doubleverify.com udp
GB 13.224.81.39:443 silo50.p7cloud.net tcp
US 35.190.43.134:443 api.snapkit.com udp
GB 216.58.212.238:443 www.youtube.com udp
GB 3.162.21.19:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 i.ytimg.com udp
US 104.18.166.224:443 pub.doubleverify.com udp
GB 142.250.200.22:443 i.ytimg.com udp
US 104.18.166.224:443 pub.doubleverify.com tcp
US 8.8.8.8:53 material.anonymised.io udp
US 34.107.217.107:443 aegis.anonymised.io udp
US 34.107.217.107:443 aegis.anonymised.io tcp
GB 142.250.200.34:443 googleads.g.doubleclick.net udp
US 34.117.250.57:443 material.anonymised.io udp
US 8.8.8.8:53 36.64.7.52.in-addr.arpa udp
US 8.8.8.8:53 15.89.172.18.in-addr.arpa udp
US 8.8.8.8:53 39.81.224.13.in-addr.arpa udp
GB 142.250.187.202:443 firebaselogging.googleapis.com udp
US 8.8.8.8:53 logws1330.ati-host.net udp
US 8.8.8.8:53 events.browsiprod.com udp
GB 54.192.34.136:443 logws1330.ati-host.net tcp
DE 167.235.124.23:443 api.cxense.com tcp
US 8.8.8.8:53 yield-manager.browsiprod.com udp
US 54.68.245.50:443 events.browsiprod.com tcp
GB 172.217.16.238:443 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
GB 13.224.81.62:443 yield-manager.browsiprod.com tcp
US 8.8.8.8:53 live.primis.tech udp
US 8.8.8.8:53 ams-pageview-public.s3.amazonaws.com udp
US 8.8.8.8:53 tag.bounceexchange.com udp
GB 3.162.16.219:443 aax.amazon-adsystem.com tcp
GB 3.162.16.219:443 aax.amazon-adsystem.com tcp
GB 18.172.89.123:443 live.primis.tech udp
US 8.8.8.8:53 ccpa-service.sp-prod.net udp
US 8.8.8.8:53 g2.gumgum.com udp
US 34.120.253.250:443 tag.bounceexchange.com udp
US 8.8.8.8:53 aba.gumgum.com udp
US 8.8.8.8:53 c.gumgum.com udp
US 52.216.205.179:443 ams-pageview-public.s3.amazonaws.com tcp
US 52.216.205.179:443 ams-pageview-public.s3.amazonaws.com tcp
US 13.33.52.15:443 aba.gumgum.com tcp
GB 54.230.10.47:443 c.gumgum.com tcp
US 8.8.8.8:53 gumgum.com udp
US 34.228.3.229:443 ccpa-service.sp-prod.net tcp
US 8.8.8.8:53 js.gumgum.com udp
US 34.228.3.229:443 ccpa-service.sp-prod.net tcp
GB 18.165.160.95:443 js.gumgum.com tcp
IE 34.240.94.244:443 g2.gumgum.com tcp
GB 3.162.20.56:443 gumgum.com tcp
US 34.149.130.207:443 pd.cdnwidget.com tcp
US 8.8.8.8:53 api.bounceexchange.com udp
US 8.8.8.8:53 50.245.68.54.in-addr.arpa udp
US 8.8.8.8:53 219.16.162.3.in-addr.arpa udp
US 8.8.8.8:53 123.89.172.18.in-addr.arpa udp
US 8.8.8.8:53 47.10.230.54.in-addr.arpa udp
US 8.8.8.8:53 179.205.216.52.in-addr.arpa udp
US 8.8.8.8:53 assets.bounceexchange.com udp
US 34.111.8.32:443 api.bounceexchange.com tcp
US 8.8.8.8:53 56.20.162.3.in-addr.arpa udp
US 8.8.8.8:53 244.94.240.34.in-addr.arpa udp
US 8.8.8.8:53 depart.trinitymedia.ai udp
DE 18.185.185.216:443 depart.trinitymedia.ai tcp
US 8.8.8.8:53 ai.browsiprod.com udp
US 8.8.8.8:53 demand-engine.browsiprod.com udp
GB 3.162.20.5:443 ai.browsiprod.com tcp
GB 3.162.20.111:443 demand-engine.browsiprod.com tcp
US 8.8.8.8:53 bam.nr-data.net udp
US 162.247.243.29:443 bam.nr-data.net tcp
US 8.8.8.8:53 111.20.162.3.in-addr.arpa udp
GB 172.217.16.238:443 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 csi.gstatic.com udp
US 142.250.189.227:443 csi.gstatic.com tcp
US 8.8.8.8:53 227.189.250.142.in-addr.arpa udp
US 20.189.173.4:443 browser.events.data.microsoft.com tcp
GB 51.89.155.117:443 play.adtonos.com tcp
US 8.8.8.8:53 synchrobox.adswizz.com udp
IE 34.248.31.5:443 synchrobox.adswizz.com tcp
CA 192.173.29.77:443 playerservices.live.streamtheworld.com tcp
US 8.8.8.8:53 synchroscript.deliveryengine.adswizz.com udp
GB 3.162.20.77:443 synchroscript.deliveryengine.adswizz.com tcp
US 8.8.8.8:53 77.20.162.3.in-addr.arpa udp
US 8.8.8.8:53 yield-op-idsync.live.streamtheworld.com udp
US 208.80.55.239:443 yield-op-idsync.live.streamtheworld.com tcp
IE 34.240.94.244:443 g2.gumgum.com tcp
GB 18.165.160.7:443 js.gumgum.com tcp
US 8.8.8.8:53 239.55.80.208.in-addr.arpa udp
US 8.8.8.8:53 prebid.a-mo.net udp
US 35.227.252.103:443 rtb.openx.net udp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
US 8.8.8.8:53 hb.yellowblue.io udp
IE 34.240.94.244:443 g2.gumgum.com tcp
NL 213.19.162.21:443 fastlane.rubiconproject.com tcp
NL 145.40.97.66:443 prebid.a-mo.net tcp
GB 13.224.81.52:443 hb.yellowblue.io tcp
US 8.8.8.8:53 66.97.40.145.in-addr.arpa udp
US 8.8.8.8:53 52.81.224.13.in-addr.arpa udp
US 34.111.8.32:443 api.bounceexchange.com udp
US 8.8.8.8:53 ads.pubmatic.com udp
DE 162.19.138.118:443 id5-sync.com tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 8.8.8.8:53 softonic.com udp
US 35.227.233.104:443 softonic.com udp
US 8.8.8.8:53 www.softonic.com udp
US 8.8.8.8:53 en.softonic.com udp
US 8.8.8.8:53 sdk.privacy-center.org udp
US 8.8.8.8:53 images.sftcdn.net udp
GB 18.165.160.52:443 sdk.privacy-center.org udp
BE 104.68.82.93:443 images.sftcdn.net tcp
US 8.8.8.8:53 52.160.165.18.in-addr.arpa udp
US 8.8.8.8:53 notix.io udp
NL 139.45.197.253:443 notix.io tcp
US 8.8.8.8:53 static.site24x7rum.eu udp
GB 18.165.160.95:443 static.site24x7rum.eu tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
BE 64.233.167.157:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 253.197.45.139.in-addr.arpa udp
US 8.8.8.8:53 157.167.233.64.in-addr.arpa udp
US 54.68.245.50:443 events.browsiprod.com tcp
US 162.247.243.29:443 bam.nr-data.net tcp
DE 167.235.124.59:443 comcluster.cxense.com tcp
GB 13.224.81.39:443 silo50.p7cloud.net tcp
US 54.68.245.50:443 events.browsiprod.com tcp
GB 13.224.81.39:443 silo50.p7cloud.net tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 142.250.178.4:80 www.google.com tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
GB 13.224.81.39:443 silo50.p7cloud.net tcp
GB 142.250.187.206:443 play.google.com udp
US 162.247.243.29:443 bam.nr-data.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 142.250.178.4:80 www.google.com tcp
GB 13.224.81.39:443 silo50.p7cloud.net tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 142.250.178.4:80 www.google.com tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
GB 13.224.81.39:443 silo50.p7cloud.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 142.250.178.4:80 www.google.com tcp
US 8.8.8.8:53 silo50.p7cloud.net udp
GB 13.224.81.68:443 silo50.p7cloud.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 8.8.8.8:53 68.81.224.13.in-addr.arpa udp
US 162.247.243.29:443 bam.nr-data.net tcp
GB 13.224.81.68:443 silo50.p7cloud.net tcp
US 8.8.8.8:53 150.1.37.23.in-addr.arpa udp
US 162.247.243.29:443 bam.nr-data.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
GB 13.224.81.68:443 silo50.p7cloud.net tcp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 play.clubpenguin.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 162.247.243.29:443 bam.nr-data.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
GB 13.224.81.68:443 silo50.p7cloud.net tcp
US 8.8.8.8:53 play.clubpenguin.com udp
US 162.247.243.29:443 bam.nr-data.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 8.8.8.8:53 google.co.ck udp
GB 142.250.178.4:80 www.google.com tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 172.217.16.228:80 google.co.ck tcp
US 8.8.8.8:53 support.google.com udp
GB 142.250.178.4:443 www.google.com udp
GB 172.217.16.228:80 google.co.ck tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 142.250.178.4:80 www.google.com tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
GB 13.224.81.68:443 silo50.p7cloud.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
GB 13.224.81.68:443 silo50.p7cloud.net tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 142.250.178.4:80 www.google.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 216.58.212.194:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 194.212.58.216.in-addr.arpa udp
US 162.247.243.29:443 bam.nr-data.net tcp
US 8.8.8.8:53 silo50.p7cloud.net udp
GB 13.224.81.15:443 silo50.p7cloud.net tcp
US 8.8.8.8:53 15.81.224.13.in-addr.arpa udp
US 162.247.243.29:443 bam.nr-data.net tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 142.250.178.4:80 www.google.com tcp
US 162.247.243.29:443 bam.nr-data.net tcp
GB 13.224.81.15:443 silo50.p7cloud.net tcp
US 8.8.8.8:53 depart.trinitymedia.ai udp
DE 3.71.141.200:443 depart.trinitymedia.ai tcp
US 8.8.8.8:53 200.141.71.3.in-addr.arpa udp
GB 172.217.16.228:80 google.co.ck tcp
GB 172.217.16.228:80 google.co.ck tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:80 www.google.com tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 142.250.178.4:80 www.google.com tcp
US 162.247.243.29:443 bam.nr-data.net tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 142.250.178.4:80 www.google.com tcp
GB 142.250.178.4:80 www.google.com tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
GB 13.224.81.15:443 silo50.p7cloud.net tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 142.250.178.4:80 www.google.com tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 8.8.8.8:53 softonic.com udp
US 35.227.233.104:443 softonic.com udp
US 35.227.233.104:443 softonic.com udp
US 35.227.233.104:443 softonic.com udp
US 8.8.8.8:53 assets.sftcdn.net udp
US 151.101.1.91:443 assets.sftcdn.net udp
US 8.8.8.8:53 sdk.privacy-center.org udp
US 8.8.8.8:53 images.sftcdn.net udp
BE 104.68.82.93:443 images.sftcdn.net tcp
GB 18.165.160.104:443 sdk.privacy-center.org udp
NL 139.45.197.253:443 notix.io tcp
US 8.8.8.8:53 static.site24x7rum.eu udp
GB 18.165.160.95:443 static.site24x7rum.eu tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
BE 64.233.167.156:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 104.160.165.18.in-addr.arpa udp
US 162.247.243.29:443 bam.nr-data.net tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 172.217.16.228:80 google.co.ck tcp
GB 142.250.178.4:80 www.google.com tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 8.8.8.8:53 answers.microsoft.com udp
CZ 104.64.172.89:443 answers.microsoft.com tcp
US 8.8.8.8:53 89.172.64.104.in-addr.arpa udp
US 152.199.21.175:443 acctcdnvzeuno.azureedge.net tcp
US 8.8.8.8:53 login.microsoftonline.com udp
NL 20.190.160.17:443 login.microsoftonline.com tcp
US 8.8.8.8:53 17.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 browser.events.data.microsoft.com udp
US 20.189.173.8:443 browser.events.data.microsoft.com tcp
US 8.8.8.8:53 136.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 8.173.189.20.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UWH9JMJW\PCClientBootstrapper[1].json

MD5 3408487b371d99d352f929d68b280d35
SHA1 ab8ec8d5adaa7bb2e060daf9b446c842d0305d11
SHA256 afd47f1fdd335e83a28b433ecdb7e6f826072980625596087292464d46f7267c
SHA512 91b7abca268e21da50ec5ca9f4aec2076863eb3f318b8fb07d7fe2a010fe876d541111560e754e015ce546a4a98309d64165f5cb5ea6746aa97be7acf1cf2df6

C:\Users\Admin\AppData\Local\Temp\crashpad_roblox\settings.dat

MD5 9417b96552624becd79d2cba0cd26d8b
SHA1 a9289973dfdf26f8de148af9ddfd0bd8807b3927
SHA256 15ddcf0cd03d731a5b9ae3564bcdae323e127a2d543e21d2dbf02e130e81a9b9
SHA512 9edfc497ff200485226d996c31bc38f7804466be8979c0e9f0e35b0e4f255f8733f1fa4095c85e3cc85c159ba89949e84e79579567a442389d04b996eab60c70

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B2FAF7692FD9FFBD64EDE317E42334BA_D7393C8F62BDE4D4CB606228BC7A711E

MD5 8d4355513fb93cf593c4424b6612117c
SHA1 1aa6714d01fbf97324c53afbc2f47654aa44b260
SHA256 50fcb7233d4f8d0ea75ff5e94edbc0e93b55c72a6bbd4a7ebd0adc3929b47379
SHA512 bdb65e0b8e2ce0c42b2deb289f71bdb3d4476eac2e4c3c01d072f48af243058989f1ecbff5e8ad705089d9064aa6dca3943820b095c03f69af02a6f490e48b3f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_D7393C8F62BDE4D4CB606228BC7A711E

MD5 0eaaf3aecca91ddced85269e36a636d5
SHA1 7d7b0b4292e941549066c6c4af145300309a393a
SHA256 be72880f1e4a634fa97cdb53b112ff5e3d37c3b85e0bb1a8c2290753256f4cd1
SHA512 edbe0bfcd1c1e517e852671963bf6cffcfae3cd0f5a0872e0898cf02ae8157b775e6d62bd92f4d410c06558cd7024cef5b6ad905478663d6edda5f4946080757

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\07CEF2F654E3ED6050FFC9B6EB844250_BACC6CD2B29F18349081C9FD2343833B

MD5 9c7cbb469bd81560fcf86f79dd9171a5
SHA1 03f817056e75d10ed8a0d1fdf1533cbd268a960e
SHA256 8a18474d6aeb13070e491bd63392017664bb61008b73578669f8407aefb7e965
SHA512 b0afda6195fe20412ec70b35a0cef114aecd578470c6e1b35b8a56a85f5fbe631c448e51e50b2a7f8f2dae81d957b18bf59002628de518c1f9260b5fcdca8ae9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\07CEF2F654E3ED6050FFC9B6EB844250_BACC6CD2B29F18349081C9FD2343833B

MD5 2fd3f7e21e238ee9fc40d1e65ea25c95
SHA1 fa89f7c197b8a732666c4c72dbb53b09be1ad9fe
SHA256 4e9cf2c832260e9c433020719b5d6e41f3f6432acffc78bf408751f4b58d0964
SHA512 4582b08bd25378583b56a5fbaadd93efe5dfcb34a8d77a7ca8ef7bb84a438bc80d0c828d4fcf290fb8c24a091db739b14e0477a515bfcbd0758f8231ba490ce6

C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\ZYT37G6S\BatchIncrement[1].json

MD5 bedbf7d7d69748886e9b48f45c75fbbe
SHA1 aa0789d89bfbd44ca1bffe83851af95b6afb012c
SHA256 b4a55cfd050f4a62b1c4831ca0ab6ffadde1fe1c3f583917eade12f8c6726f61
SHA512 7dde268af9a2c678be8ec818ea4f12619ecc010cba39b4998d833602b42de505d36371393f33709c2eca788bc8c93634a4fd6bec29452098dbb2317f4c8847f6

C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe

MD5 f3b8e82c20c4bb3f94a2d7bcd2a82cd1
SHA1 89618596be7cb90317eaaf2d09b05d522d008260
SHA256 7de6a5a45227b0f21ac7dd50af250e37f20b8bf2d6f4aa53a7f643d77515bd07
SHA512 82f15e37366efd29879add4f50cedbdc27d4eb885e190dd54c8e89787b51d59ccc21473f431292da679c7e8aa7cf2d0ce7219e1503d59a0f356e078f9feece55

C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\ITM01P8V\WindowsPlayer[1].json

MD5 f47298efbd3da58c579bee4a37a85411
SHA1 8a73b0aa7568170ec895fc60cb50788cf6332f10
SHA256 f533385bd2d50355d9b2b83b81fb12ac534058675d9793d45735920e9d8fd975
SHA512 b7329ba6ca54109e3bc6afc7455fe808e4b9c52522051dd7b4c521276c859a8e702b507de23d4420ce0b9d1e726755ead840b195be4f8a3b0aa70f56abd097c0

C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\ZYT37G6S\version-8950870ea20941f9-rbxPkgManifest[1].txt

MD5 65403352c25601afb3dfe6e6c6da6b1d
SHA1 d5a579bb91f1d8ea55b0681df83a72fb783bf1db
SHA256 819a02c39d3c07e4dfa43830bfd2be2deab7a1846e0f2651c954b633e8a173e4
SHA512 90113893bdf21e2705fe9ea640270cd181704ffc24eeffcd7d8dfc099418665251726c88bfe0f4434d593752ad76e1b069d4759a0147397a26ec2d5f55c10c71

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04

MD5 17965f5ac37a3d2a0e07c0d41f7d4196
SHA1 b82ccf16459772f471d2fe330dd3376d09bb6eec
SHA256 819ce2088812aa36c3ab0ad9884d57ce81db03be13aa1200c9ea6abe06d5f9d1
SHA512 0b84bbac81ace00a670ad65cc73edb6cd87234dc795d03263f1d4dacef440fbc424544ab1d3fa97b8766b01b44fdcef92f2ac9b0b258059fc223175b8f497492

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04

MD5 0da787cddd7d10fb7c1069423ab54f9d
SHA1 d38e08464207635deecb7fceec22c9012d1e13b6
SHA256 f3553824bf4eee3f0be08361c9595241d353e522b9aa9fbbdd5d5780d62b0727
SHA512 b3432b8b95112bbf6eced14cc713eebd592071910bb4d4a8158d30d5229e5fae378bc9f0ad6e6c906e6e6870b0327ce5a123372253aaaa00d661d1814f588b99

C:\Program Files (x86)\Roblox\Versions\RobloxStudioLauncherBeta.exe

MD5 683557dea845051b786f8f8818002db2
SHA1 f5e16d11d50e715f076f586e2ce2cfa62b831768
SHA256 55e21bdf93c14690e0c93a4170b115faabee5c3f84eaeee63d69bf0e4bf7736e
SHA512 f037bfec058e52b7be997b7a60b04d0c3abbd4bfbe1fc07ce98e31647f61bec8fde2288f79b197ce438470f1d684be2068f942444a1ed7a36dc9d31e3847dd25

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 7e0880992c640aca08737893588a0010
SHA1 6ceec5cb125a52751de8aeda4bab7112f68ae0fe
SHA256 8649a39877c190ec740a5422284ec5f9ff509b30b2d7896635476873dd8824e2
SHA512 52bd0a38ca7f43b26731966035045b1cbd8b60b2d81bdf9aad791cf444da8af8b722ebf3cb364a6e660bebdf23084eb0e30bc23562575b704801669817549f8a

\??\pipe\LOCAL\crashpad_3604_IDAREMMKLIOTNRQQ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 5e2f0fe48e7ee1aad1c24db5c01c354a
SHA1 5bfeb862e107dd290d87385dc9369bd7a1006b36
SHA256 f13b3ebe8d71bd0086d5bb82364c35f59a95d32b39753af251e8639360e291a9
SHA512 140d026437fd5e8a874cd00b03950c8f010e1a0732a0a1cc5bdde477e7f8315ccb95790bb4c15b8dbaab9468ad532eb885b6c429300a64e39412d976d079324e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e7486ab749fc4ffffe527296306d9b1c
SHA1 991d28e776478ac78ed19733096aaff787b3cb31
SHA256 fbfa09a0eab258c77b9dfe6c4cfb0af774fc7d0ebef4e8f5ee6a888e2ca796d7
SHA512 ef33274ea169b10f66a54a7ff4846215e3c21ac2f0e84746d30e441ef247286918e9f70b388e6f506c54a0b85e83809322a816dbfb314e9d577ef3638ad77fa1

C:\Users\Admin\Desktop\Roblox Studio.lnk

MD5 2d9255fbe537e29e6d874b91d90cdbb1
SHA1 b72b30ffb0f5b92d52c8b8d461db2a1c1ac57664
SHA256 ebc6390b2131b24a0a4cd7c43d512987406de636b13d00bf24f60c820ad82780
SHA512 e608bdb052d6125c3c3949c613a98e512a44c662c53488e07a1b99609dcf9a5978b85592d4947dbf317682b9f1b41e663cc17eeb333db48eac5c5637033a49b7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a2641ae020c7e3e33ec1fcbab5a00a93
SHA1 269cae1c47d6f12f673c46d7842b7715db1f82e5
SHA256 5d6af8d571f6dac5efcecd58ec1a20eb860b31d912dcb6aa82ba9eddbf4f4bcf
SHA512 e037915cc0d1a0aab82271ce5ec36c7c17554627f54247fcba696e0e05f1e9f20503d80c106bba03a5b2fe632d02f3e1c55cd81c0796b470ae93a7089e06740c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c201b3e24d86e2ae756f484176827b7d
SHA1 0fdfe6b73a13f15d4feaa839aaca9e14d0f3081a
SHA256 57cf173effd8c5e44260c4ceeaae3f27c70307dccde8b5a987c81bfab5764038
SHA512 d9b742ffccfcfd0ea1ca20788b36f2532dd518900b5eec335457649476bbbf0df791a2bc88c1de604830c8da2cdaa24e8fe292f7375c1bcb37c5ddac3201fe49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4abcdb2d2fd0d548959c13bef873b6fd
SHA1 c87af7ddf180680c59c1100ff822d55f1227ddae
SHA256 25c26bc2ef7cb480f0a35ce0bed3e7a2aa25eeb95d35badd9010a6010cf582e1
SHA512 41e3ad557470453cebce2e4aafee9bf28ca4d5e08a48c6ac4266ecf1faba01cd339657f07026db6d516f5df4a01e3a5ff8eb3e4ab48f8f39905641c800f61cff

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerInstaller.exe

MD5 9fb66ffa1e1f4dedfd16eb3a8170bafd
SHA1 69b5d57ddda6b97adde820b9ceaddae9c33d53bd
SHA256 7953b28b736795aaa54e6cd5cb591e794e2f770c1045ca2e33af5ff19f480eaa
SHA512 4b141802e7a4cb6bd4a7498d30086a9d83c62d37f2137f4910ca7d3fb7009079d4dc59b95050849cfc720210b0cb44bf588d15c08e3ba830aae19c0a27e8e6d5

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MD5 610b1b60dc8729bad759c92f82ee2804
SHA1 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552
SHA256 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08
SHA512 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4

C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdate.exe

MD5 4dc57ab56e37cd05e81f0d8aaafc5179
SHA1 494a90728d7680f979b0ad87f09b5b58f16d1cd5
SHA256 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718
SHA512 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdate.dll

MD5 965b3af7886e7bf6584488658c050ca2
SHA1 72daabdde7cd500c483d0eeecb1bd19708f8e4a5
SHA256 d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19
SHA512 1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4

C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_da.dll

MD5 d34380d302b16eab40d5b63cfb4ed0fe
SHA1 1d3047119e353a55dc215666f2b7b69f0ede775b
SHA256 fd98159338d1f3b03814af31440d37d15ab183c1a230e6261fbb90e402f85d5f
SHA512 45ce58f4343755e392037a9c6fc301ad9392e280a72b9d4b6d328866fe26877b2988c39e05c4e7f1d5b046c0864714b897d35285e222fd668f0d71b7b10e6538

C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_cy.dll

MD5 34d991980016595b803d212dc356d765
SHA1 e3a35df6488c3463c2a7adf89029e1dd8308f816
SHA256 252b6f9bf5a9cb59ad1c072e289cc9695c0040b363d4bfbcc9618a12df77d18e
SHA512 8a6cbcf812af37e3ead789fbec6cba9c4e1829dbeea6200f0abbdae15efd1eda38c3a2576e819d95ed2df0aafd2370480daa24a3fe6aeb8081a936d5e1f8d8ed

C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_cs.dll

MD5 16c84ad1222284f40968a851f541d6bb
SHA1 bc26d50e15ccaed6a5fbe801943117269b3b8e6b
SHA256 e0f0026ddcbeafc6c991da6ba7c52927d050f928dba4a7153552efcea893a35b
SHA512 d3018619469ed25d84713bd6b6515c9a27528810765ed41741ac92caf0a3f72345c465a5bda825041df69e1264aada322b62e10c7ed20b3d1bcde82c7e146b7e

C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_ca-Es-VALENCIA.dll

MD5 2929e8d496d95739f207b9f59b13f925
SHA1 7c1c574194d9e31ca91e2a21a5c671e5e95c734c
SHA256 2726c48a468f8f6debc2d9a6a0706b640b2852c885e603e6b2dec638756160df
SHA512 ea459305d3c3fa7a546194f649722b76072f31e75d59da149c57ff05f4af8f38a809066054df809303937bbca917e67441da2f0e1ea37b50007c25ae99429957

C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_ca.dll

MD5 39551d8d284c108a17dc5f74a7084bb5
SHA1 6e43fc5cec4b4b0d44f3b45253c5e0b032e8e884
SHA256 8dbd55ed532073874f4fe006ef456e31642317145bd18ddc30f681ce9e0c8e07
SHA512 6fa5013a9ce62deca9fa90a98849401b6e164bbad8bef00a8a8b228427520dd584e28cba19c71e2c658692390fe29be28f0398cb6c0f9324c56290bb245d06d2

C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_bs.dll

MD5 e338dccaa43962697db9f67e0265a3fc
SHA1 4c6c327efc12d21c4299df7b97bf2c45840e0d83
SHA256 99b1b7e25fbc2c64489c0607cef0ae5ff720ab529e11093ed9860d953adeba04
SHA512 e0c15b166892433ef31ddf6b086680c55e1a515bed89d51edbdf526fcac71fb4e8cb2fadc739ac75ae5c2d9819fc985ca873b0e9e2a2925f82e0a456210898f9

C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_bn-IN.dll

MD5 a94cf5e8b1708a43393263a33e739edd
SHA1 1068868bdc271a52aaae6f749028ed3170b09cce
SHA256 5b01fe11016610d5606f815281c970c86025732fc597b99c031a018626cd9f3c
SHA512 920f7fed1b720afdb569aec2961bd827a6fc54b4598c0704f65da781d142b1707e5106a459f0c289e0f476b054d93c0b733806af036b68f46377dde0541af2e7

C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_bn.dll

MD5 7dc58c4e27eaf84ae9984cff2cc16235
SHA1 3f53499ddc487658932a8c2bcf562ba32afd3bda
SHA256 e32f77ed3067d7735d10f80e5a0aa0c50c993b59b82dc834f2583c314e28fa98
SHA512 bdec1300cf83ea06dfd351fe1252b850fecea08f9ef9cb1207fce40ce30742348db953107ade6cdb0612af2e774345faf03a8a6476f2f26735eb89153b4256dc

C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_bg.dll

MD5 8375b1b756b2a74a12def575351e6bbd
SHA1 802ec096425dc1cab723d4cf2fd1a868315d3727
SHA256 a12df15afac4eb2695626d7a8a2888bdf54c8db671043b0677180f746d8ad105
SHA512 aec4bb94fde884db79a629abcff27fd8afb7f229d055514f51fa570fb47a85f8dfc9a54a8f69607d2bcaf82fae1ec7ffab0b246795a77a589be11fad51b24d19

C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_az.dll

MD5 7937c407ebe21170daf0975779f1aa49
SHA1 4c2a40e76209abd2492dfaaf65ef24de72291346
SHA256 5ab96e4e6e065dbce3b643c6be2c668f5570984ead1a8b3578bbd2056fbad4e9
SHA512 8670746941660e6573732077f5ed1b630f94a825cf4ac9dbe5018772eaac1c48216334757a2aeaa561034b4d907162a370b8f0bae83b34a09457fafe165fb5d7

C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_as.dll

MD5 a8d3210e34bf6f63a35590245c16bc1b
SHA1 f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693
SHA256 3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766
SHA512 6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a

C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_ar.dll

MD5 570efe7aa117a1f98c7a682f8112cb6d
SHA1 536e7c49e24e9aa068a021a8f258e3e4e69fa64f
SHA256 e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01
SHA512 5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8

C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_am.dll

MD5 f6c1324070b6c4e2a8f8921652bfbdfa
SHA1 988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf
SHA256 986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717
SHA512 63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100

C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_af.dll

MD5 567aec2d42d02675eb515bbd852be7db
SHA1 66079ae8ac619ff34e3ddb5fb0823b1790ba7b37
SHA256 a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c
SHA512 3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3

C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\EdgeUpdate.dat

MD5 369bbc37cff290adb8963dc5e518b9b8
SHA1 de0ef569f7ef55032e4b18d3a03542cc2bbac191
SHA256 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3
SHA512 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1

C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\NOTICE.TXT

MD5 6dd5bf0743f2366a0bdd37e302783bcd
SHA1 e5ff6e044c40c02b1fc78304804fe1f993fed2e6
SHA256 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5
SHA512 f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e

C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeComRegisterShellARM64.exe

MD5 7a160c6016922713345454265807f08d
SHA1 e36ee184edd449252eb2dfd3016d5b0d2edad3c6
SHA256 35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9
SHA512 c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e

C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe

MD5 60dba9b06b56e58f5aea1a4149c743d2
SHA1 a7e456acf64dd99ca30259cf45b88cf2515a69b3
SHA256 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112
SHA512 e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7

C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdateCore.exe

MD5 c044dcfa4d518df8fc9d4a161d49cece
SHA1 91bd4e933b22c010454fd6d3e3b042ab6e8b2149
SHA256 9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2
SHA512 f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c

C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_en.dll

MD5 4a1e3cf488e998ef4d22ac25ccc520a5
SHA1 dc568a6e3c9465474ef0d761581c733b3371b1cd
SHA256 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011
SHA512 ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 327cbf55c615e99a1b23aad8b981bdd1
SHA1 a4f12a094136f833b665e26d19a39d162f327d26
SHA256 f640df87800e60ef344b6d1b931757772178b15ddeb7e0910789edb1f3631434
SHA512 162a5360914db3d2d9897d7703c8430054709aa06d1ecb21380487aab2c269f38c77a68f3ea3cf1069966525c42b6ecc40301a92001b3f23a089b449a2635e72

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b762f6da7402a6c9e07f705481b650ca
SHA1 9d3d258fbd3245b1e0331466cd9f0d54e6097f21
SHA256 cf609b2c94bc6caf1d52398d6feaf819c30e202142d3a124c859bb78d04b8b89
SHA512 cb148e50d1f782f1710ed20bdbf2c25b5c3d8fe9586e53a6cec66fa7fda1d21ab94d8fbf44ceb1f3415f2ae5654102b25512284b96c35e9510e5a434085ff8ab

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe584253.TMP

MD5 ec32b44725c65364f3b9a2edd0f17d0d
SHA1 f4f34afd59037a9d147ba527229c6e3108ccbb5a
SHA256 43e60cc64b9bb10eb7c51a5adf39afd6ce9f2b5d9ddad304ea5ab2e1053cf19b
SHA512 accfa0299e2d68e8457882524ac77d8b3d9ad9ce8a9f5622e8cadd3144df0fa08785fae55a17168fd3ca909a13a83f0b6cab653baa6770e48f9d579c237754ad

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b3619d849c068005f3c2ebb7cedcdce6
SHA1 8e7da97b418851a908b5d9a80f5c0f37877c011b
SHA256 19131696922973fa8554fd00f5317b3ede1b37b4df69f8880eb0815abc24be27
SHA512 bdddaa5e2cac7b76af1b3fe54633cd7dce27c6af040d7808d06275a14453062ff757d00c20a7fcf23640e848af0e828b08f59a83c17642f6b7b9e54556f3c6a9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

MD5 d6b36c7d4b06f140f860ddc91a4c659c
SHA1 ccf16571637b8d3e4c9423688c5bd06167bfb9e9
SHA256 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92
SHA512 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

MD5 aac57f6f587f163486628b8860aa3637
SHA1 b1b51e14672caae2361f0e2c54b72d1107cfce54
SHA256 0cda72f2d9b6f196897f58d5de1fe1b43424ce55701eac625e591a0fd4ce7486
SHA512 0622796aab85764434e30cbe78b4e80e129443744dd13bc376f7a124ed04863c86bb1dcd5222bb1814f6599accbd45c9ee2b983da6c461b68670ae59141a6c1a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

MD5 2e86a72f4e82614cd4842950d2e0a716
SHA1 d7b4ee0c9af735d098bff474632fc2c0113e0b9c
SHA256 c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f
SHA512 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 1548c5f675f1d1fb0e51d7c1f506aa78
SHA1 4170f4215c2c9ea4eadcf3770dac2ced5e11f413
SHA256 2149403b038e0b92af4544cabd1b5b0cebe5b3caf3bfd17b0a4d8fe96fb3bc48
SHA512 b724040d3d6228f9b08c3f4a94148585ce385ee25af0eb83ccb78edbaaaf4efb94a81e19e27770adc5f34f34a8fd5ef90234e02f25d773aa09b4fd3f13c2664e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

MD5 710d7637cc7e21b62fd3efe6aba1fd27
SHA1 8645d6b137064c7b38e10c736724e17787db6cf3
SHA256 c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b
SHA512 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

MD5 b38fbbd0b5c8e8b4452b33d6f85df7dc
SHA1 386ba241790252df01a6a028b3238de2f995a559
SHA256 b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd
SHA512 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

MD5 d404b61450122b2ad393c3ece0597317
SHA1 d18809185baef8ec6bbbaca300a2fdb4b76a1f56
SHA256 03551254e2231ecd9c7ee816b488ecbde5d899009cd9abbe44351d98fbf2f5fb
SHA512 cb1a2867cc53733dc72cd294d1b549fa571a041d72de0fa4d7d9195bcac9f8245c2095e6a6f1ece0e55279fa26337cdcc82d4c269e1dd186cbbd2b974e2d6a70

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7b8a687757aec49c679575326ea9f810
SHA1 9cbfac66c8b28bcac1f41f85980833f95d0a2bbb
SHA256 0870019e214204c18b563d1708e6b5d1e054ef683cb8c97884509ac0d3d7a3c2
SHA512 59e3b0c7b93241d57d6d0d1d4918a9488dc3ddbb1b6d8beae6fe7435450f9321d9d77da28f963084a8add557fce30d973570fe0820f01cfe90ade4d533147b38

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b74ddb9b415a96ebc2a476b0f99fb7bd
SHA1 ccca68ef50e76955ab6d437e8bf48ad0617e0890
SHA256 04a284284fe3157e6cce5af2acb783b244cf0a8f4535746a1b8568bd700a7616
SHA512 e061d4915c7b5d45b2842d8e26234383248fb9557f0b5ffd3a2ae01d64b914c0ec2bdef73d866bbd01fbdc96c1adec28c5cfbbc6c23d3adc416054bc61c5e497

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}\123.0.2420.97\MicrosoftEdge_X64_123.0.2420.97.exe

MD5 300df46436ba5d076b227c32967ada91
SHA1 de9d47ef0c61fb04b7309875e2f03c8fa37d19f4
SHA256 1614eb0c2697d74f2a05f8c973b2055e9cc158d94b19105e3a9d450adc9e333b
SHA512 ba3053085da062ec32f87aec43f527624248a81b702c8cdb359c0fba7194556658b49aca8ef98d885de5da5b9b2eab3f1fac2c99891f91949d1b9a155e4a6971

C:\Program Files\MsEdgeCrashpad\settings.dat

MD5 eb09e2014f7e8811ff2124d9f57ef804
SHA1 913b92c0ca808fac8b59eaabb04710ba1267c9ff
SHA256 5bbe897e60fdb9a6905e9c8606a7520eb54aa6a251c48eb7b8d69e70d78cf353
SHA512 98befee2bb8da22c7b1a56775ccf1c04875fc2ec5e40e043a05103f8172f4951134f172aaaf693420a46887f2c9a580404317fa333ace2a28f5b758a071d9af9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c4ea3a6fa442bfc060444554d093cd8a
SHA1 664ef375b92ebed350a83f6d82d0ddf7c9264d36
SHA256 e97ffc2943cbc674e50a9397797a4cb48a1468eb41c07a07c362b231e80ce685
SHA512 0c8556e84afd26787cddf58ce0681279d710c44dfd07a55ac80bbd51cdccf0f1b33b5553874e4d6f028f9bcfbced01bfac2828fbef2c464b7fdd7486ec28201e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

MD5 3cd0f2f60ab620c7be0c2c3dbf2cda97
SHA1 47fad82bfa9a32d578c0c84aed2840c55bd27bfb
SHA256 29a3b99e23b07099e1d2a3c0b4cff458a2eba2519f4654c26cf22d03f149e36b
SHA512 ef6e3bbd7e03be8e514936bcb0b5a59b4cf4e677ad24d6d2dfca8c1ec95f134ae37f2042d8bf9a0e343b68bff98a0fd748503f35d5e9d42cdaa1dc283dec89fb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

MD5 bc9faa8bb6aae687766b2db2e055a494
SHA1 34b2395d1b6908afcd60f92cdd8e7153939191e4
SHA256 4a725d21a3c98f0b9c5763b0a0796818d341579817af762448e1be522bc574ed
SHA512 621386935230595c3a00b9c53ea25daa78c2823d32085e22363dc438150f1cb6b3d50be5c58665886fac2286ae63bf1f62c8803cb38a0cac201c82ee2db975c4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

MD5 8b2813296f6e3577e9ac2eb518ac437e
SHA1 6c8066353b4d463018aa1e4e9bb9bf2e9a7d9a86
SHA256 befb3b0471067ac66b93fcdba75c11d743f70a02bb9f5eef7501fa874686319d
SHA512 a1ed4d23dfbe981bf749c2008ab55a3d76e8f41801a09475e7e0109600f288aa20036273940e8ba70a172dec57eec56fe7c567cb941ba71edae080f2fdcc1e0c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

MD5 3051c1e179d84292d3f84a1a0a112c80
SHA1 c11a63236373abfe574f2935a0e7024688b71ccb
SHA256 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3
SHA512 df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

MD5 68f0a51fa86985999964ee43de12cdd5
SHA1 bbfc7666be00c560b7394fa0b82b864237a99d8c
SHA256 f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f
SHA512 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 d1d6087de5ce5ea3843d44fe84983c0b
SHA1 a0c4f13a6dd292127f2cbd2e9d6f1473081bff81
SHA256 a5098e9811c604b85a7c4c2c2fbe294d2d61e01f07345f63c6a3e7d038857468
SHA512 5950b04bb283b8d4aa622b2502e38c4fe8a939ba7631d2acd50ffe6c58bf3725a5205847ac8e153f471b64afc3e7e2808a315ca6f1f7a92acb1e57626607f1ec

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ad438da8c434c428e171f6729775c576
SHA1 6dce4d81897964dc4163571bc473e07757529fae
SHA256 8548b06e12dd3c32a0bcfa463756d367b76f1be2b27bd81b74519ef38740bab6
SHA512 5d37aea6db941f7db2f13a18592cd5ae72f7690331a2fee57e43284faa38eb25bda3913524614db7688a0b45f6f69c4d8544d69729d4bafff89fc5c766a3fc7c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1c307332d33b0053ebd0566b8aa82bd6
SHA1 a5f78bd7d41e72592743f81e06c4127ce9cba3d4
SHA256 e53b4e83b02701fc4ee62efc3dfa5639445478c298a14810e2449d494b5abb55
SHA512 b51c10a74dc5debd2ff6037e8397350468127066f74f406a060f74719386ecc0eaab5420e09291442be801941f30fe8cd4843f16dc2c5174c328b2c6c8f5b920

C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\Installer\setup.exe

MD5 31ddc9e1c11a44b88cf96c45b3551ffb
SHA1 811ccb9706f656e29d089e30a2ee1650302394e2
SHA256 46cb58faa60db59cb8d145bf6493f7c01a8ea8895f812d65512e3c7340a054da
SHA512 67e5a4ec4b030e48ac06bdf79bfb2b9bfe7778f046a739f23b7be65e143a7181954c7587eb6841636a6e667aabfa292d6831bab709cd798d1de01987bc99aaf8

C:\Users\Admin\Downloads\MEMZ.zip

MD5 69977a5d1c648976d47b69ea3aa8fcaa
SHA1 4630cc15000c0d3149350b9ecda6cfc8f402938a
SHA256 61ca4d8dd992c763b47bebb9b5facb68a59ff0a594c2ff215aa4143b593ae9dc
SHA512 ba0671c72cd4209fabe0ee241b71e95bd9d8e78d77a893c94f87de5735fd10ea8b389cf4c48462910042c312ddff2f527999cd2f845d0c19a8673dbceda369fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 60c8b6f46acc1a4bf23d5b6cf3dacf52
SHA1 e0fa9f8e22bb7642c9737cd3090b233ca182e5d1
SHA256 101aefa2b36061f0bc0ce81aee12bd77bc425c2a8824bb23f4973499bd3f18e2
SHA512 2361caa90f540e596df4496620288bd067b3c28a228c56caf15570e75a49b752ece3bebdab84f46f25c1f76cd9d702d126ca938f7292ddad1081c7ca58cdcae2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 0707b42543afda99d4d99641051cb9ed
SHA1 c33d2de6816c3d80dd4e3b77332192c61f979302
SHA256 75a88517e902d3a50994c40144623f2a73a7f522a68297e9e36d9e9343466f4e
SHA512 c50dfef9006b482f941374125caa40d68f7025db3840c880e158aceba488b90ff939bcd83fdda323c4f0a6653f1baa9906d263334e0837d609eee18c0741211e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b02493cd7e154d35fdbb4c317a9610e7
SHA1 e09ada7d3f5f009dfe465b3445a5b1003a8d119e
SHA256 c0b2293ef44a891f8f5c1af196a2297f8d3bfcb616b70247c0a2608e11e04f6a
SHA512 37b342391e741ab611548ed413fd2c85eec96eda0ffb1679cce3ea81c67d6fe44658d5f4093029117645c6748fb9894f47f405ae41a217e8caccca3796ee8692

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ca53a76501fba84bc6cf20da4b8b450f
SHA1 0b58c9f095bc73596838477e4600c38a6b01cd28
SHA256 88a2681d466e5fca2f040985c593381c2860cc0294102c064f903e8ccbe8d77b
SHA512 07732b93367347db0ebde3f84a0277fc63c5e432c982539124a3dcc15de422ffb78fda991df49cda19992d8a9df5cba6709e762a1b0175a8ee8963ffa7611457

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 50b316f445369c1c9803bfc5e5e9bad2
SHA1 246e32e174ca6dc8d2273443220efd2a41b58fff
SHA256 bc86a06c5a0d00782beb2e4c5c2460a54825e29268a20c27dcb0b3dc219144de
SHA512 732b0cd115f64df5d4ee1c673620933a730de633dbcaa770d76b1e41f48dbb7ec49f6418e2e651b38c53c4b0a90389f6cb7486e470edd2bf1d29d6f9a3b7b519

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 f97ee913b12529e98d02a6702afd3920
SHA1 6f11519eb38a2a68b40c6a7060975ba39291c585
SHA256 8de00822a7d47c24009fb330c099f69ef477f0f4e7d6386f955064b381cd4850
SHA512 f399bd7e4ea15bc21d8badd66d3e580c97b7e7f64087f509f4e41ed2988555125b3e8039bbe3cb230b00aac98a301293519272cbd90b6ed1aadb4cd434e41e68

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 f51c9b4bb78a2e8721ba851224d77377
SHA1 73c71cdc55628870f15d5dbed12801b5e2425bed
SHA256 f44bd7602c9754fb1accafd520b574e2ae4acf735a5ddf75ab681894cac1cf1f
SHA512 52825ee9bfa40e220a5d0ad971a72b330d54d8657b1ff6bdeab6190a777ab4ae4b27a85abd9695af968c71bb57ce382f9e6365870104dee3324120e302fef492

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 dbb87ca462224fd27159102f2cd8fc31
SHA1 f0d80bdced1d39931536958fa98891042d95f47c
SHA256 5d7959d4096f97cc04b99a7f4fd17640318f920e65b7715ad0677a8ff8a5817f
SHA512 d157bf29d6120231738b4168463fc79c8e775fce1aaeeb07a84bbd33a1a6a67ef3dd748b943230ff5dfec382a6a0c3ccf0eea168b8add16b487b1b36166c24b1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 fea59b968f270f030193d48bfea4df88
SHA1 714b4ca4433093982e14426034d486f3d7fb1c8c
SHA256 5aebb0b32b0346e1d13af8fb8e7cc304ddc968371c892251d5edc7d256210393
SHA512 030224a7163eafc444b8764675475f7457069348a95e7399d0cf4683f24e1283ab62b2607ce77a53aa10ab25832cdab807f67a8f5dbb88b7ecca1bb53697ef55

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 8d4bf27b7955aa23212ebe2f7f7c3873
SHA1 332e412622b7780c07521046d2ef26b769924a0c
SHA256 4be9c6b68d30029ba2b9b90885af310ba2a9674e94964991a73f70deef9233c6
SHA512 86a474671c910584eb54dc41c645a5943bd9520d0ddb7ed96d587bfdaa73e5ed546f1697a693616077eae12b85b0474670efed9e861342b221445a4de3ed2e4b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d7ef0539ccf5f0545aa328c82b272d83
SHA1 6d3d6a0387de71746caa63750337297ae6fd2fd3
SHA256 6aee8bc3706ea3f66bef4ed224cf46237448f0a4ccae31ab038c16aafc14f0bb
SHA512 3f1e03a5521bbfbfa0221049232da90338372be968007ea1d1e52ef39e284d606b7ffa198d3bc5a9cdb5a4e0012984685d97099329a7b0a0cee5ef5d5fc76cd0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 489cd67ec6b574fdef4038c1452773e8
SHA1 62a41dcf7a4122c9b44455968cad5938a8cb8c6d
SHA256 7bab58c02414ed5538db159bdf4d424eb417617083770c99862b947ece0be415
SHA512 1eadb41c31e897c7b3f5f9520423e65c53d82d42bcbce7be3411a493103a38a2d4c479f09d0edd1878c60a8263d79190e33206e0e6db87073ed79420e1a98587

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 55d7bd96d18d1f82671787778855909a
SHA1 723d9fd218bd1500cd4fb0062496dae98da61acd
SHA256 55455c03663e276c4ba2df19441e7e97834396063f1505ba2c510e615d528346
SHA512 40bef9feb0431235d446b35e05b5cffe9ca0c7a6a5c78ec90727fd57f2e705497af5d86204da6fb869ba1878732a4c037aa9080a8a4a9dbdc9c23b70e717be2d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3304c12fa834e65352f49939ac45b112
SHA1 4fc9c5d254d92b69bd1e1bb19bf0aafd8379e2b2
SHA256 9e91ee92b274476ce0c347d8c39a55060d944b792e98f33aad1ff3a514534138
SHA512 03d9dfee398ad7442264e18010b4fd751d823321b38586b061b636215dbfff43cdb6c77a9013466346f77563a097a49298750e9af6c403712a8cdcd223347a67

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 6fdfe3db90fd39d545239751a91d2248
SHA1 ac6c9f9218e8384a0b2904fd26e42551a45a1058
SHA256 6e329f85148bafa1232e3006f11d9d3fc1599490f3a5260c7054ef9ba45d634f
SHA512 9145d0faa85846da2020bd0d41ca4c4b8f91db6995cb30c01c18bd97787d8bfe3237904861d7c9aa6e2a034b8f2c76932471a663cb4f774cd3b71a45ff94525f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004b

MD5 319e0c36436ee0bf24476acbcc83565c
SHA1 fb2658d5791fe5b37424119557ab8cee30acdc54
SHA256 f6562ea52e056b979d6f52932ae57b7afb04486b10b0ebde22c5b51f502c69d1
SHA512 ad902b9a010cf99bdedba405cad0387890a9ff90a9c91f6a3220cdceec1b08ecb97a326aef01b28d8d0aacb5f2a16f02f673e196bdb69fc68b3f636139059902

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 796b5f038ece9cd723dd1975ae94d884
SHA1 c360a368fb8bfea4060906d3b70dc95d9d327c15
SHA256 a0b531dbc75cca023d77223ba52bc8894ca6381369f1d0972160e8cf0a1914fd
SHA512 f8be766a1580074034f0a64b852ed549a2db5ded3f2497754172f08241c07b6ca3560665ab24515831c69c109b9c64bf6a96d6dad4c25cee2d538c24d450bd92

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 43b42084dad8e0af527b3fdcfcc73168
SHA1 089b3096d740bd1005400805c87dcf4b01ef6fc4
SHA256 eef953369a0fd5e3fc51911aa1042af4d69f6b94f4663ae51968ceaadeecb647
SHA512 5a82b4560732f90e62c6d8e4df61a28acf3030205db4b15b984a5022817cbbbfcea146cd06ce8f2150ef54b7a81a16548ebd61591a5b5b26b9491deb55b13f8c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ebce059d235e0242e1784a43667fc343
SHA1 cab9ac234e8093a4b42c806d5deb19620a6db030
SHA256 3acbce9fa3a402ecbf7bf21362425b32bcd26b7646bcf8143f9ce2c0ae1f15bf
SHA512 ba4b484fbe7995dd4e5f8e462473c4ab719fb813a297676d557ed2b685251a667576f938dfd5cdc0d59c09825d9dc0557827c5d11c43891e6bb9fa76cdeabef7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 462ef7e1996d1c9c0f2b6ef99b6cdca4
SHA1 4675fffd4531ec9c27d366a75b8b743c95fa8941
SHA256 2fd0986ac0abbd203b2432bd57f158f14fdc462fb600fdb814c4d6a8d4270add
SHA512 001ed0d2df1bc128c0a088dd743b61f2e417a78c4206983934ffcbcb5c43490c226d1b2d5c5ae6727f1f6e4b6b40b5f64eaea3ebb8923c57730780fb08e8d6ab

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\db4611bb-fecf-4d5b-a18e-c27b6f8be37d.tmp

MD5 c49e405633038199a2c932ba0b8a3330
SHA1 58c036c0d71bb623218661ddf91eb8fd412e0c88
SHA256 477d1c61f29f84f0f7e9edd0a0ac1f64f32b2781886cba3dac254dcc7c9956b1
SHA512 4403549b4accd49ff140a680401cc19e4868f6d5370bcf8774986c0b179516d17703899c823064d48e74af53fce60649bb7b46cc42f43d9a3c2c267f67859e67

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 eea8db6fe707108ae75f5f8c86594752
SHA1 551915140e2b73deaae565353952a20978b9202d
SHA256 2d5c36bf861bc57148faf1428de6bc1c1abb4d0ab7dbfea94d8286623f428a04
SHA512 4d33f626fe4b18e4b2937a835b6c44decf50f3f7bf5da0477676d51bf9d6628b6450355d9d6fead010d99735815f149f35123adb031358b0c77410c18e1e919e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 b8bc597007b8cf744e86196dbc94cf13
SHA1 2e5573332b08c8c18c57a426e53e557477fddbd3
SHA256 cd9f6c41982e2c183aed3067bb13831c743ebf0dcb86062cbe8e80476d258c55
SHA512 d07476e8841a51bfc76edfeae4aab654d54cb77b5a425bb87bbba2e3db3e4aa8b6610550633d956fc20cb2f21d69531d8fea6cbd5d455120a4122c81e250079c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c34addcee824321ee316c858b7658125
SHA1 01dedd2a59052b5306e2dd256797f51b3b03e426
SHA256 26331508cf33b904b09788f75eaf5c6002d93c4067067bd18c691fb7cb995ccd
SHA512 ebb01632d77ed316458296402596f21c6691bf408c215d2545112af6c72bf2545d9a441f8f7b9ff469793370d8c43ec141c6c22b5646a0d2a563da690f177967

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 852f76c47abaf69c3081eaa2aa62220e
SHA1 4cf87e15095d26cb13bb1166a07a9befbb8d1b0c
SHA256 5e8d6c72e514d0f06fca880aab6820b6fcf5b36dcd88a94d214c82630e8258b7
SHA512 2c58c8197ab7197db921eddec902cfe76917e0088f745a88a9117b854f386a404ab6e22cc2999c7d70cf001d9950b28c12906e814dc0b724f199ca9a9a1dd1a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6d004db6572fd3ff9b7167d1dffc0dee
SHA1 5dc9addeb5532110ffbc5fe66bcef4ac891f66bc
SHA256 63d8b1589ce56722aa3b88434dcac829dc7a054ef9616bbdcfa85715b7cce47b
SHA512 c713c1e5e7491fb1155c87106296e7737e88d34ef06044816aa2650a220c6d0c6f0c46d0a78519e234d206d61c80ff943f217260f6fde1e80937ccf69704d846

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8f498c55ec96e746069651051088190f
SHA1 162715d6143a1635ad6b555f58dafe74575b195d
SHA256 543096408d6abdb9c4f1f52687c329339f56a205ece6185965efccba2dcf803a
SHA512 7b4c8a2388473fca27ede4ae61d1acb7926f3ff9e14f2830b2b4e3cbfe0d6a691a789262d43d60e57e3f920dc1c271779ffe0243f69bb08221aca76d80c061c1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 fe2f8a29831f13d7076a7a8f5cdfd3b5
SHA1 5ab60fbdd5660e19ceddc893257507a669bdfdb3
SHA256 df7452b5397791d190fd9893e98c3dd2b49c6c4ce40c6176d11c42b8233fcdd3
SHA512 74476d09740b665a9d63c11c97ad5f975799a4c4ab373505647ab2f6801c8e41b72be80ffa9fccbc2f62823aba160738726a8052b2a7279769271fdca2003960

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ba0f95b7ce6427868ab31c0c65f06c70
SHA1 075cf8542e5dad1ee725a456ee5690cbacbd0dbd
SHA256 0f03f815a88ac5ceed7e80ff4fc3143bb0f923f06ec04006ac5a76cfa6431f48
SHA512 062a9a5c5cb20da7387b64c19ddc3db77574b0eceec2ff696e4eb62f5639ff7884675656b2e102f4c6a6b4c15f4c90e42b0ca74056104fbb6a708997472584cc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f70eb70eb53aff75_0

MD5 35b44685f9d01326f264b2a632ed1220
SHA1 7df2ae6b692419c21353c63b13e72b1a3311e5ea
SHA256 fd384208104ff43e6bf3faa9333e54600b7b8c945b2759ec2a64cce95fbd71b4
SHA512 77d828d9319605cab3837fe79be93d99dd36c97bc756e9e454912c4775b10f4449a0a296ba1fcb6c2fb1d14ba18a38fe0c6446a0bef097d0b310e361650e6d19

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a41a1c437e860c29_0

MD5 81ffa5f0423c28e2959b96483f090839
SHA1 deceb8d0e447fe7c22d08f5eed868a5e708fad19
SHA256 8e2fb0952c7418d6b5cb30fe437e55a079ba1d2d22d9402330d11ba9c7c82c4e
SHA512 1b595c23e6902fee8a728261c3aefab6d582668de9ac12fbe432afc9f496ea61f4b84c6dd03a2f69793733c57b454751fa9dcd1cca0caf2c5994a23aca0f79cb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3114cd685f7c1db75622d9b09bd0744e
SHA1 dd2a31e25836dbe26bebeea1c6ad52bdb53f6762
SHA256 953bc1d9af5aacfa55722c0f87a4bdcd108cee3e65160643b635e3f7b536011f
SHA512 f24a98602ff0c28d16c04a6660e94bea874628c8c389a146be7c1c8f05594c482778e00de33f414c0259a633c0006f029e83faee595d6dd1d8ee733d083e851b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 6ff2082e6641d37dc57967dab617172f
SHA1 542e0adcfaef95d84d4499a84625cd6a43cbdc0d
SHA256 136e597061edcc416e03d51b3fd90e498514fd2f59b8974a54035edc5402755e
SHA512 ad0335b431f11ed5d9520255162d036bb8b8506f4424d10d3cbf052d0b9230d704cda8c7ae78fe8477c438bef7bf29695eb46210794f8859df6193428a066247

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 92122bdd42d513827709cf12b27a6293
SHA1 906a715724297fec569a4301d331f31deb84caac
SHA256 6469bcd7f04241eb32845372f58a35b0849c7927b26ef0436b86216e934820e4
SHA512 f1bc66bfa7396472f6874a8fc89f217984ffe016349f78f76f54786317104fc1f371f893a85fbf0af45a8308ec09b3af7ee122c4ca9397063b4fbcb09373fc54

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{1FAB8CFE-9860-415C-A6CA-AA7D12021940}\2.0.0.33\BGAUpdate.exe

MD5 09fc5490d32c867927e960f673911ebf
SHA1 2ecbee3518fb701959d2539a88892391250dc010
SHA256 9014827c68fd6a31ccd7ec1c8f182cfeeb60962760391446b45c264e062daad6
SHA512 cd295d344bba456cdb2394fbe736c7b52c8f20e2776bb6b37c0ecd7068c841a646208e4bd0ebb4cb7880fc15caa8b18da485340ac8f88154e61cf76fb16e8162

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 c38762905a8bc0de8f6f5bc85f7a0c98
SHA1 f6e342df6ab1e5998d7ed897b751d216542a9acf
SHA256 9a18fecaba8042a5e6ba521ecccc3295465649c1a391ab26df62c36e1667a7b9
SHA512 c3b8f6ae2bd518fc3cc06ccd9666d57ef5755e6505621ecf4504e5f3092350b1e1b9036812d9a868e752b49c63614d371a643015f0d9424c2e08aff1693ddfc4

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.185.29\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe

MD5 b18c705b3c68cc49d9bf3649abc75c24
SHA1 6dc8963dea0f3185368790dee2a346301b4fa24c
SHA256 c2ca3135f3cafd79bf90d4cb3118943ca17f40e0d651d1fc32b1b3d22d1412aa
SHA512 7ac302c1e85c652bd897ce1af812950cd23a53c041af82fdcecb2314bbd1667bf2fc672dea40c21858e64befc9bf60190a4428f0b41c30317bb0e5ec7c00f71b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 be84e24f5569bb9e171c08d08cb7d4ab
SHA1 ccbdc9b1d02a39522c9b945fd3099c443f8f4cce
SHA256 ca38b488ab528e075cf0c8043570a4734af5d2c4284a7c153f740b1f448c1cbf
SHA512 baefb1da6ce7cdc0b5972ce88829beccb8e78cd46a11fd0afbafa74c8fe5adc1ac30477756d0927be4362719cc62f2333506c3bd7044a68391e3e33310625128

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6f4f14ede6a21a5f88cb79ba4d5b8dc8
SHA1 4a76ad7efb9bc7701673392e980646ac2ef8d10f
SHA256 88e572ec94a88e0e1139d62be086807a64b41ac6259d99707f43c8a2a938b64a
SHA512 4db375f7c1eb367d66cb803feed576668d339b5058ced0e3a01841511b1b7e5e6c81786b2e53b7e7412cbdbd62b7dce6b86441f62cbe18fcb0691e63c4c74eca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 bb8cf5323993749081b8fa599c126adf
SHA1 1c97c5bbc7154e05a17522b6522a115f3969c6cc
SHA256 66bb5216f6a55a05513f1653b9516dc6d8e713b582cd355e025c71afc326c547
SHA512 759ee5d4e6454884c0cbf22a7fe90ac5b4631fab276432c0620cace418af701909b8120f51dadcd88f3764339544ef82577d4e763c6c210391da6453af2702cd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3027a98d2cf9249ca01266496236d233
SHA1 e3ad531a805fd51ea5d3482abe48d0112d18a57c
SHA256 5b71f87ad8a1148bd362b3203de4ce97b1bcb5626dd781b6a2d3ff1db8d7a258
SHA512 2b13bd0033538cbe1a15e2a631881a968f5e26949a4c3b28a86539392d3108bead875d2854ddc8eea318bc1e77a3ad841a5e96056e3fed8de2e11a67cea2ad83

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 a173f22a23e3054c18b3b51f7a9f06a4
SHA1 07a64aa47de591cdbcf273527e880fc71f203df0
SHA256 155b16f306d9414441b9516aa7675c46899f3650de9c6a8e6388c90b4afa5554
SHA512 525147de6ca9f8fc2ebc4ebdd287be6d025f9613cb95af3c4b2ef065d824e5e24e2ff5e1529ea2004dfdb723572cc40041d708095243db5d3ad4707c2481c117

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 bf82c38e3e8560d0853ae327894a8c18
SHA1 bc8c131a4a3050a43eff8837414d366cbe84850b
SHA256 cab4d22ecc99c177198acb5ade39afd98da5be07983f505f279443138a575f7e
SHA512 b00a55b6e856456dcd145287d0782e3d18d8c80f5294bec339c0576ebd3f289f6591db583e70f5b4d139c099dd2080b1c4f61635d59e458aee535cf3342e1445

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6b9813073e57060fd9ff0e11351e1929
SHA1 6d4b8fbd65e88ccfc6e3cdd6f8ecfff7b86b75cd
SHA256 40d624939672cb421e7cb54ac4ac6994568839aaa9a5f06637bf4a413baf3e74
SHA512 9b02c0b199dadc59b230ddc28ab50d401861a0df739858202dc5c854aa695eb12783dfa09169900c08e5eac76866df2efd7d7b27d38f62c17021a523b9601a12

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 40ee4d2f793d3783280b1f0435d68617
SHA1 c8a90f93a0ea1992d5ccaa193a3becfe783d9eed
SHA256 c477f429b9c2b332b732281f8c6ff2df92c7b786b195bc7d7133a242a5ccbcc2
SHA512 abc2ff9e368c87d760b79f8faa4ecae9816838b1cc975dcfb6843d7fad367a1b46d370f6c515c32966e129ee005e55c2ff20bd23dde089d711b0d78f97c9d913

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa2d420e09fb0133_0

MD5 440c2aef2f18c10cd96daba6b98532f5
SHA1 d48c57381420b72f73a8e1f97e4097f0f87a4e50
SHA256 962c0de81c1de2f5900f6ffc7d78f8b8a5e2684931c4222d134b903131260a2b
SHA512 4b5320e51395492d7a7c4c8c86ab51c4dc97e552b9e0ece131dc4179077384ee0ba6647f1420ba14882f830cba7394e2ee3dc3c430019f19516609076e4f4d43

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3cb973fd027166546d536407b477e36d
SHA1 c34114657f31e587e5e7cb0d813a6c97bf4a9f7d
SHA256 9f1ce020645d6f1aad378d1863f3a950e185e047a260ea830342485ef00cd1ff
SHA512 33f7e2a35b10ac193bc274c849b708ac6ff8e71b7324b399987f37a9e8599be09a25c6b8db30a8250d0fed3e53e1ac91e6a4175ca7765e8e4ac35caaa1663637

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5c525a972af7f89d1c4f67453e2e0884
SHA1 760a7c382f49d6b5744ac6d99df385c7617fd7c4
SHA256 030d697ed4a2acba7724cf7f6f079c76555159f961b5a690af62236a5b98dcb7
SHA512 bbf7fb59706efd05082e392301df84262fc09887926d9bc1a18922b3a7ae5e5b0a1f3116bf4b903bafae7c56a41a326fe9a9b43edf847180037a5112a95bd997

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 7520647aaec883f8fdb2f776b51dd1d0
SHA1 ddc878a12cadf79622467aefd8eb1a7562846ca8
SHA256 cab64615bb46555beaa5e69704ac43e0bb08aa27f662a6188546e77c0017c522
SHA512 d34c02e5bb963bb842cacc5ad0086ebedb0237f46215c7bc875aa2969677f84e6cb5a1e94fbebd4480384b98d5f735bc23bd766fdffa9bd4080963b2b5cadd12

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 874f30ae275d935611cd70ddba3af277
SHA1 ce6ef78a6924152c3b7c80dfde3afdeebfb16234
SHA256 d3187f4632eef559d01da4b2de6d151da5729605c4dc5d35dbaec461f6ec6d49
SHA512 44621fe5160ede240f715d35fd7f567e4550d080c14a5384ddd3719e879f29c39c7d25a318fb54274c2108d6a8902b2f8ed6c11199120fb561eb2dace6992ce9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 45b973685c247879571f627893086ec5
SHA1 0dae71c12d167c9ebd53083eb386eba66ce8f5c5
SHA256 3a9867f9e01a30a5e7fd1ee4a3e6f71395be81d9f7b5f51e69fdd2d99299d6a6
SHA512 c8b5bb294aa7231aa875c9b42f98a1ad258e77e8e426842efaeaaef02b6a6023171adf585f63df60f8e6000f70c6b549c5e7b1f36858020c9d5d2b1fb834889b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7de1900fdddcb409841240afa8a05c53
SHA1 920f16a023ebcc2123abc7b22cbd93ad627759ad
SHA256 8c0e9d80712e9afafe71115801cf0d5ae39b008cac6f87189329fbd2cc2c7bd9
SHA512 d21444018f5a0cb13b78763480e54687668d01930eaf4e037285ad8e6f1a113d7f82d2193d6aa853918271c45560d06afaf4bb8a5ab590056cb24bad9f223b6c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c9f945463b428cdc2d2b69eb01e6eadc
SHA1 c39218588379f509d3535e791a10dcbe7ee381c6
SHA256 85e45bce727bd9f961fb3b4d3196d92f7bcd5c4f511c6582f4cf85d30de81031
SHA512 f43bae929a28a3c6e9eb00ea1f98a1e84ffb9c672cbadd0e840159e9a9aa41213d1e1e239611b6d07f94074391f95a17b154ed0cf0208378515762499e9081fe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 1190116c58bf1189f9de604c34c537e4
SHA1 a2cbc533c23d961cadac06701c7c58dd18a5cf29
SHA256 37de3ce9bdc8a860172a0e9acd537b46836b5e1fb8d7fb916963bc31dc8b803a
SHA512 b56aafb236bde5f63689a748db74b1fcf98a6c96c82250e767d98e0d1b6c8827b32807fa3a482b2bd6a6827ff1502fb0a12af3ed8be4279bb10d43956bf1c3cb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 99452fb619b8420639b8325d8dec9132
SHA1 481172bba66e5fed3bc8f912c0e126dc0781675a
SHA256 50ae28c06707b3cecd469aa4f1f41ed88b816e78874ca4c141568c0fe4767a66
SHA512 4a25b516f14f2c1606a0d67bc221743e35b9cb1c330c0395e8de74bc98cb5569b342f4d3d5d87e36e886702339d392b952a8e25f4a7e49118fc7defaf0e006d4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2c0cf0d8b8e10945a45fa3d31be7480f
SHA1 8ac334fbd9bb78b265627b3e183a593ae2a38a66
SHA256 46f44a1264f18d02ec9c5f72ae53660103602809392405d7b69f45a2ed2f8955
SHA512 f0e9b7274aa890e0aa52ef74e9efe7319faaef621be2bfef44a6d4041b49104c4abd4c88a2418efda709d0b78fa7c57b6f2143c2bce95e41ba93dc9f9b6cfed7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 30926f05ce02404143bb693d910194db
SHA1 76946e07ed6539437fe21d7da311c3e47cf1d369
SHA256 b3c66b0bff4dde90c183fedb54a33e710b349106c124cd638789c8c549ca2e9e
SHA512 10181a2405300e38f915626a9a08101190baa29b9663f9c37c7d1e6791ecf81a8d505653cc5a7e0d907fea73a3892124b02d5099400cd649f22959ada7982b83

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 2ce01f0b217a4e73469cdc1928a4176a
SHA1 074981be9e8cda905c8210489cf5cde098c4c5de
SHA256 60e7689b3491e87762c53c6775ed28b00f804803775450711bcfb7cfa87b433a
SHA512 5786993a3ec67d000999a07184b1ed031458651814a40e885518303cabaef724bde49cf08512339d549d6e3647cae435a849cb43c4407018df9f26ccfa8b4411

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e12ddee19d19c865be01e3a56e5a3617
SHA1 cd3c382e507957b927d74e87b6214be276ab1ac4
SHA256 840f494c93ce9dfc67081d5c8284b6d57e264974d6d80bcb52bad48b9e31b8ae
SHA512 0c10443d06520e6909e5d759c54daadc020403623890ae7b592e8c674bbad370d838b64fddeba280e9412ca97ecd2d163165115c8dfddaef4b715c713965f2fc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 bb4c2a472eefe8728cede3af191d444c
SHA1 2a1f25b5f8595ddefdf1aef3cc7c0af09e3c2dcb
SHA256 f9dad6a051ee94c874e2ba2e31f347449669b273e0742bfd555ef5d282612008
SHA512 c8a88e9e5ee420d746dca009824b41928917859361fd5106034d8333c31c822e3d93fdcf04b4a1c10574141c9970a24323b3009672cc128d43a0787c4ae1bcdf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 551198b726125a1e5b66836406c38f96
SHA1 8f517aa293c397406cc1c5dc5e63c4e322d7e225
SHA256 70e3311582f599015c036b6a6954b935f155c38c5a9a9114d40aa782442e4c62
SHA512 5bb458422f25b2105accfc6190232f69074b0078bdbf8641e8ec667ff932e8a08ef8c40f8646b2b5bc722b134cd173fc55fc83bde1762feed53b741e34ecc543

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d3f6fc33a1d97f2b7a9da84e0bbe2a6f
SHA1 d3b591f6277adc1c9a1be7084f87b6f7a7292844
SHA256 039194fbd4d442d6ebb88703cd0a8ac878a45d296b4daa63934911e87ed16dbf
SHA512 ba557d78724ae0bd28a1bcf43a90f1c8b30c3e32be56a7aa52912da1a9e553407fb35cf532d67666745938476f517277f052f5d6220f2a3aa73f21e3288a92a1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7fb77f6e6102410d959b49de8595d760
SHA1 bee6d55c79b263c37b258ff4b6eca5e2ac191fe4
SHA256 cc3b9427b0cd76e400dc2db558e88a80d5942f50c600b5546a185df272fa8405
SHA512 ff3bec58e7faa90e1f11049a5a77a4eeae9a9e7587a333a661c41741a80093d5e6ed6ab34a84f43774a233836c7c4fabe2d8e9a90cdd320d50d55f8dcf0565bc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 bcfafb704755ec86cc0a86f7caaf5282
SHA1 8d3f9df6a9048d709c0b2e0655b69407e84d9281
SHA256 03761c643569fab0a6f232af19cba8621386889af96a5494101b44ba8eac1488
SHA512 ea1309d37b9b6a7c31f50cc45c7b969aa4f4b679ac3b29b26b483fb5a4e20c531baf615a0c154a899e1641f9703929c22e251fc3c790782baa6b27ba071e6a96

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 58be02ae5680a69319d52056b7103790
SHA1 615df0e097a4620739bc4a7d8cdceeee691e54b9
SHA256 aad640c739380588e956eadb1abc65efbe979dee63682bc94017c03f8ca1261c
SHA512 993bdab0b2de6679d2beca22e69fb28c12fe0381c879d4cc7b5c78d0a76020b37ab9415764047ffd82d5a4bbaa873044ac4659a226445377710ddf6824a22f78

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 e5eb7b664651b8b11af5221ad63dd525
SHA1 0836562ad322107d7fdee32fc93ce278510d8407
SHA256 33b112e8b9f5fb81b33795ecf8e778ce584d523db1bd0651a878b7fb03b55c0d
SHA512 e8976cc0bb0567546553d0543eebec79e9c56ee03fd8efbc5f332bfbacbeff879bf321976280d9ee7d9e94de62406a9dce6a6b3d70643ce1b8545a9ada95a4e9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 f40363455769b806a3ed73f792bbe260
SHA1 0b94284081bf307b5a23f6b7c07a3cfb1fc538a8
SHA256 91193c3f881d88b8b224942e95d6db70ad9061617a74f6430214a45cd66351e9
SHA512 23761d8537ad8fdfd6ad6816289bbd0056775d5c45be3cdb3048afdbe79997dee4bf2d6a0947037ed04bfa94956340699294180d0c9740377fef995923d48ce4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c3eda75dfed12588deccd0d0e7c69ef9
SHA1 f1a4ce7cccded4ce3149d53ea158d6a98a845fa1
SHA256 0ec6507a261d65f1c13ea0e781d570130be9d7d1ec266a9b52ef0ec80ac1121c
SHA512 e731823d44c5f76a586edba1c6c8433132a3d066ac2837b3d182f47024fbc2effe2905dd0836b0587bb5317b259e210a495792ec00694bae240e75e6277d7c8f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b86872e76fd9ff8553f7b97fa226aec3
SHA1 27c1e277020f3e62d20dfb20796fc7e643176b7a
SHA256 15124d31bf6ecf3264c4d728f9fcd36fc75c36dfd026a0a5b648f11932052abc
SHA512 258156a2a7ee7bfaa23c834080b506d044ba380743ace296537c37e719404a5a9f6616ecce6dcad226c630d6e8fad16dd31f397e1c03a670e7fc0b628c6ea305

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d68f77aa1d9aba42851c23b3baafeb13
SHA1 396a80f3c60b147fd8e835a77997f5106cbb9618
SHA256 a13ec35cff9d4926717e681e1715bbad8e09646f07eea006d17907b0ba3679b1
SHA512 b0a2730c79da8c85cb914224fd205baff9c7acde6588d76113014a98b00c89fbc842362577c1a119a81507bac9fa0f621727b23598ce8f5766ce0cbd4de229be

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 388b9a2334f2fe54e1d108eb5514590b
SHA1 e1dca8c0903a273e2dd85873eb5c3dd919e370a9
SHA256 747e0258ea778e7867721c52fe9ab2eefff91759da32ec5e4aa6a021a2b9c20a
SHA512 9d079dee949d79dd0d22b2362a2c7d5002f9d697fe921c758bbbbd32467552891f9993b87efbcd354df827ffc9cef8652b7e9a38e315dfd37ab80161f15bfdae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6c3cab6c80c0072e641593b33750317f
SHA1 576aabaae616c59732aebda11cd88f5204d34f4c
SHA256 877077fb731de949dd5a5fd0c5952dc82ca75892697665286a86c1052ee90f37
SHA512 a3604f92b54958e070562b8da08f990d739fe999aea3668ce0cd0179dc1edc4fb39f0d3c2566e979ca09f43f9d59064c748397bdb288784f4311803fcd96dbef

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a7a5431a5b5c0a9d07da86869ff2b9c4
SHA1 349b2ee76ab989a9575ad9526758e776f4ee7e08
SHA256 1d2b9d1165c18b8b676b7a1ee0434ce4e4df4240a44c7448490b0d4c3ce8e3ce
SHA512 4da18dc0ffdc4d4b910285f9957a37fb19183bcc73abe66178b39dc13c034b0c6664933cbcc17aa5b2c2aa9058a7622826b15169b41c8b9ed84f57fa452f7f24

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 af57dd31e53ba8b6c5eb5f36ca2d73ff
SHA1 c6cca1626eb8486965939aa60db16bce76e34758
SHA256 63a2b8a2b082914944801e6b4d4792fa498d9c77418d697d28d6955f139f720e
SHA512 e3756aded194289a290a3e21c8a99804ca81ce3d6b5664075078278f10d3be27abf75005bb79adfefa1127dab4bbf86d50ef718e33869bd7eaf12afbb46d6edb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b6b9b72fb408f707192c70fbccf77188
SHA1 5dcf4d64f2d130178fc69d29a2912e2ee72f84a7
SHA256 7678bece8acc62eaaf112345715842d65e8de745a05293653322374947973a9a
SHA512 0db26a81cf5d1f53180585f808d15371bffb4161200f62f7b5638d46d385c20271ebfd3c593921934aa77ac2c406996c97bff1d1d520ec264769c59e2d09f81c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6fbf76a3eb3c136ce259fdff9b1fa45f
SHA1 0f564635a53a21ca24d7fe39c465f2067ef4b6ad
SHA256 11d4ca9f952ac52bcb24b4e1abf34f074c398019805371210f813f8832d1395d
SHA512 1b310f27338b1591384280e4e7ef88f3c72911a00ea64464e8201c7f3a9be2cdf133d1da4455df7e94f84e8e04a9c455389cff722a71732134fb1b93e5dc0ab8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 02b834a276c0f32bfe3e50765898fad2
SHA1 0c76ad1e45aec4ccfba560c8163d4f12d8b33ae0
SHA256 71926b5ea30a8828a04ff38c6f59127941f0f6c480e86b15bdba3907268fc263
SHA512 0a367e55357ce0c926c415dc3ba78f1ce444ed245f0b1f169220a787c31d4153029b335358e4a77e99d02a1bc4545d78be3fae03d33b6441695d5e0d6f253edc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1343d5fd873904d6966149111c0fca11
SHA1 4627f22645d692b2583fb53b99e8e211a06011e5
SHA256 ec0983f70bfbab51d1fea8a1c3ac60c9da56da1f2d79d508f28c2ac69dffdc5b
SHA512 947609ef5586c441fab50c7cf159e58d1e5daaf45f9628a5d5b7dd64129f998b6b3f90e0334fb269e04c973f6d1c65b35530a4a83c15b0b2eba54f5d70c66484

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 0262a58394e354fb1648636b91d42567
SHA1 16456557809b78ebf707320cc74e372546b9026c
SHA256 6e29c38126940e9165adb6558f218532e53efe2ff2f68cb39035324877179616
SHA512 cde7ed6e257c8dafce9b7ef183af5e8022ec2c439ddbdd55e87626f32e551455cc7a2ef15f4d5aa9d645ddf48ef02f871e246332428b477e48a47f31d5c47d11

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6f5938898ea1efed953af27a906eabcb
SHA1 f17e2bcf3bb1e89865426a8bff21ef056640f545
SHA256 3ed9c62228e0f7c3617f10d44c1d0d80e9e6d891eb73dfbb7626915b43db6028
SHA512 af8a2a934a4221b261f304d94bcf11c2e379a846e6527fb2e30d0667c0395b4f01e252b4c18f22288ff6773f3f0683765247adaf9c6ec2b2498d1efc674c48a0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8ce54c11be9a600482b500f656d2d467
SHA1 89b1f432f2f95b36653c22e6396d5316f887f170
SHA256 e3575424a69eded0d4ebc681eba8d527dda090e7b75c86a836d3bea6f285682a
SHA512 ea7da9dfaf066b4e079d87376586302b6835f85929bd8c12b3c2a0a959ba2d5538d718e0a3d61d75ffa238e367c229e858cf3daedac6ef7d0eec81815eb34418

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\SETUP.EX_

MD5 2415cb112f130a1382726afa58a0933e
SHA1 74ac041e6dc607e476dfeaff2d2bbf2b5c004b5c
SHA256 85679b3b17d42aa988b5c753b9cffe457c063d5186a94203b5e584f4156f2179
SHA512 a334cba72cb6ae4c4706ef3954e98771c4502ae5ee66d7b2d2dca759ac75890efe5a7fea46818760589a66f425a4bc9d463512bf359723685eba86ba4c1edd99

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8edd0f73dcd84c4097aab891dea0d07b
SHA1 fc7a083f044b7ba6d785644e1b40286c9b78a78f
SHA256 9c5a36b50466d8873b62eee0352edc46ac46112a7c5608d0ea11ba56069b5ece
SHA512 043821b8f525de0f9ed54ffed7b9921a4773375ff0eafef93ff7bd7b2560a5e573435c0778eea2c69011e3dac284952ed121bb2796d97b9e8ce80f7e0a8401a6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d0a599a982f8fdfda9b7f4f15d5c4aea
SHA1 000bd9b72e8bbe9f44b53ec8b9328c6fad89362d
SHA256 383b05d2cfabb27dafef5b9a508854da38d6332a59c6368dd9f212743193d950
SHA512 ea236d5dad938d3b4d7b33acfc8260eda30d1099f794bcad7ae1e8a035d305503c2e952bbb1eb3241b4fb771f9417b417124d0211c451d62ff5f5ec694c63ff2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6e67eb80e9e2ef1cd99ff9e92f40f2f5
SHA1 23725ff0d823cf8dedee48e030652eb6ae8fe079
SHA256 7e899ea84282cf60edd996f99be52a70a6218f148c214676a37dec1a976f0af4
SHA512 2786915df56bec68824ab1044ce2f1c863f2f46531324b347d7cfb45f5ecf6ba70a40384d3081b00392999c8a6bf362e742c742b1e416ec92800f9c0b5314001

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 be0754070cd305b0da47da1df265ff56
SHA1 711172083d80c46103779587efcd38592300ec0a
SHA256 061a67168d5d5a6b8f1b3191a0fff8fc1a9a48e1afb9480bf286c5b9702d7289
SHA512 5742879ac3d5e5226a0f9d72b5448c8d4ceb3cb440f5e2c782286b0c66624b6e4e20e081e2670834b4a56f941a8c1d051215d045dc7d30a1fd164bbfb0bec87e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2ffe51a73f481073b8b4eec6336d88fb
SHA1 056725217a22f866be33f6d2d8d04907b3076246
SHA256 3dd6933913b6fcdffa60f41c410184e5451f2da986d9260d1f4718e8a19af7bb
SHA512 b177a43e94cf643c48006a01d09430e8de5102364a08fad3069a787a919f5321958046355a8c83d48c56f4732ea85e48c0dc6bd024f3bbdf8d30f45e3571c129

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 405647088f9e7814d6d0eda3af0f2aa3
SHA1 9d0c047cf5863e156ac9cc61a22ebd4eb700d93f
SHA256 14b618d9c543dc32445f93ba75bd4d04602dfe0aa937217d236b16b81ee64bc3
SHA512 2c5378b3f7c619332b2126cfe0379cd0fd83fad33ff036c03c8bac3dfccfe04729b4d89aa805f3c7780b548c3fe54fb29f9ef30fff3e0ebf8e5498cb532efe1c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a9ba2d30a7bd657781912ab6765f9d8a
SHA1 1204f18faa999029f10a4795b6989ae5b745f028
SHA256 1be7cfa6b1dac7b93b60bfb5f6c3bb76d385527f0b53d86f48176cf3b2231167
SHA512 40a9646eda1a15726f490b143c663fcc9080cc54df51adb07d39da48798d8186c240008a03adfdf9c80b3fd82b5709f31f1e41f135ae97ff1b289a20473a8dca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2b299470e99aca253c8c43bf9267d303
SHA1 67051cd84c3b4b6853476ddb08c2cca213ae43c8
SHA256 ff378c6bdd1ec863bee85e38d236e934cd26facc9f67852d54e0ee8e7c1de94a
SHA512 d51ade7ef8b2ec1ebea86398d6a106baf674a3d708716abc78e01157e0536223518f462285c6567902d3f8690109cc90cea2be52d5ff60180477abc34107badf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 09d839899f73a7e10936644a966bde78
SHA1 16db4b0173001c320caabb011949feff6e23e09a
SHA256 e8cf1fa930246ae002639183125e7dbc259209c7a7d35f9ca41eefd128bc64e0
SHA512 9be17e76fb9f6e9262ffb977109a282cc29f4904c0aa49c907f99a99760c157d1818056a9f253d084a93d5c4c053631b943f19d17735380117495a167d2ec6d2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2944dd6759a14f078e370e36a4b46d42
SHA1 59614d2b73efd32ac04ced6916b38330b8c0a046
SHA256 0c66db6b718141622a7f788f2edb79302443f08d4c74bc62712e9edc9d6842a7
SHA512 4bd4c769e85c11aa76b4eba62a14dce4af8a525aaee6198e8d292a73dc2d08c1aed0d261877fab52943b35c19e01bc297fe5bfc585a012e63564a56e015e4f88

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3aa689e6a321913d35ada9d138e82164
SHA1 5710d5c761f8620fcdfd007c45fdb3aa4cc1694f
SHA256 34c84235fdd12ffb5eccab712aaf98a56120a1b8684fde07622c3794715e1710
SHA512 4d514d9f970fca6232a3ef56a1a764a8f82d7db66a1a2ec2fdc875bb9e1c579600f7082504781153657fcd871d3949a243ec1903d848175801bed9ecb0bf7d3a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 177694993e9ee770847e102241eb3741
SHA1 c7f390cc086013d66343652ad672212124dfe1b4
SHA256 4b90aca5d29b9f1568580bee2b4e9cabd6be3aa2fdb829ef623cf53ab3af6f7a
SHA512 d2bc498c988e38e5d61f837deaf242a60c0ece19e03b36c5fcc199b7bb0c38c2dc3460a773a71807499d827f75f96fa6c74d5758fe9fc5be15678ada199f07f9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f1ea59c0fac2c2d20048f814a63f3062
SHA1 db95ef911e218e60d565c2d99f34dc3956781328
SHA256 c4daf7b0ec52d544ade61cd4479d404ede967d38aa0eb4618c2ce33134bf604a
SHA512 97f1678b485b0ea9807164a11860f2bb6886a0c6f7e3c8cfcaa9b4aef1a6be458d3cc248d6ff4d8475c4f382b7d79b7925ffe0cd370a7f80436857bea09b7acf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 541ce62eeb08399b40d63dac27c0edf4
SHA1 aeae3de6c7d3d1a2cc95fdcb67c92de0b3bc653b
SHA256 867da4d2d82aa9ce52c5afbafbef09c5fbd287c3bcdafac89b79274858242847
SHA512 c791ed68abce2e63ed1839e6c47d325d96fdc78de715e2de721e61096a23d57ba55ec51b0a0994b51a8925ea104262ef0c72bc3adb79e31271650e6d43ff1512

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 aee5f5cbc102d117b4deccbdcc5b26c2
SHA1 c2eab422a3a8c69c48dff6db1534b63288c51b62
SHA256 d11308fcaa17572aadcccf943ec8427715dc5f72ff90669b9e639b4b1e6ca897
SHA512 1a97988ae256bcf69809421d4bb9f676a6e763161aca67c66a43d85943f71259ed98d108a122d282423f9760d052fccbbf62c8a68b075893fb927b06a1267092

memory/7016-4007-0x00000000052E0000-0x00000000052E1000-memory.dmp

memory/7016-4008-0x00000000052E0000-0x00000000052E1000-memory.dmp

memory/7016-4009-0x00000000052E0000-0x00000000052E1000-memory.dmp

memory/7016-4014-0x00000000052E0000-0x00000000052E1000-memory.dmp

memory/7016-4015-0x00000000052E0000-0x00000000052E1000-memory.dmp

memory/7016-4017-0x00000000052E0000-0x00000000052E1000-memory.dmp

memory/7016-4018-0x00000000052E0000-0x00000000052E1000-memory.dmp

memory/7016-4019-0x00000000052E0000-0x00000000052E1000-memory.dmp

memory/7016-4016-0x00000000052E0000-0x00000000052E1000-memory.dmp

memory/7016-4013-0x00000000052E0000-0x00000000052E1000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8174fb0a826dd65daf844c79989889c6
SHA1 e209b479b3e0721d5bb093702432c8662f20fafd
SHA256 02687609ad8c40d97e3c35f31ee1ca834c2cc6e53d0c791ee9ff6e24543d52c5
SHA512 3681dc0fd9a4246b8decd97592a3cc47b6caf0e83586e746884c15595f38fc781fb1f6cdb6d4859a9ff51a840257e4a4fde9909a90f1e93f96ce2899e922a663

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 cc345860844b580b6d4ad5fdb5e8ae53
SHA1 dce7c4bd1bc774685eb81315e6a04948e5335a87
SHA256 173e362db30883bfdd65985c6c75ad78e904e88665cdf5fc573d6aeff9cad83a
SHA512 a90926e507743ff1cb0f8c21a63e353ee7737c99fb5a182599ddb6303a8803467bebfdda809e4d7e65535fb1c5e3354cfa0681d74ce39a0cd4435528c0388aaf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 2892eee3e20e19a9ba77be6913508a54
SHA1 7c4ef82faa28393c739c517d706ac6919a8ffc49
SHA256 4f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2
SHA512 b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.vice.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 dc18993c3832eb61cdd9975709391a9e
SHA1 a587fb65d9032f1b6d6f559ee52cd18175ed72c2
SHA256 1ab8de67f7e95011169010f9309b883850c5798900cf9575d1a6b1b73313108c
SHA512 19f828f791ed0e0507c1097b0d7a1877f43a2aa90d457a17d4bf13eeb65f0feed65a4641d6b56e0744aadc5c53e3431112575d748502326b270f55350bbfc9ba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 eaa0648db1cb4ec0ad8efd432f9e1570
SHA1 b1af4c4c7e7676ebc20248007335bd41d286407a
SHA256 60643735110215e1812b13c543d00fa43ab65eb8d9f01648639a41070a4cd05e
SHA512 c4e0736abf47ace209b60f18e2340201461f7c3c8640721bf9a45c9039b080f6b02c15bd9d0642cad8c2495c51bc27686a927b9bd9d264b8a7ceb1f42cfd0e15

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e567b49c45942cf5ca03b225de128a34
SHA1 1a46e2ee0102365eb2af536d587f4978bcf37e90
SHA256 8f706b31b9e8030962960aa28b1f529a4e4a2572b49af9bcd0d0347205ff8fcd
SHA512 64204d68039e2179a2085892f83826c291ed42818cf82fbeba38aa34bc1bb06b214370457e61340597a1141a40ce20151300e62e864d2dfa60622cb9a3b9106e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8ebd3c884307b934c57e3469cfbd0fef
SHA1 88b183c2a063d6ad8d339f80c101aef5e9b69602
SHA256 e94042827ee56f41cb3654d8a0d21d0dddc705a46ffe18b3a52bc4030efd6e44
SHA512 8ad718ba3d425cf8c1a53c2d60342e97bae3d797427e164c71de53f99d445d9bf468ce00c8782b2368718ff039f760ec79ae5b671262393978038f54346f76ab

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 cffe52a67c7f6b829367841b0bd2e4c9
SHA1 74c4658c9a87fd0bb92afb7be2a069ced3d567d6
SHA256 d49e33521ace0892b77d9b7c4aa7d6401e2892ddbf7050c95defe0699c38ddab
SHA512 07528c4ad41305389586dd43bbca177f83b1567d3332ca400387b2854238576bd443f650493980b2259b19f990b2f26d485f842c2e3a084b946af6ee08f38f00

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 246b57d9b14b3f747f101760d8f2d995
SHA1 0dcb00eeb2fffd6c18efa313b33d5bcb4fa6c1e6
SHA256 5c6a0f8bfc8cd64418687882408890b81732109bdbd427df598231b72ae04057
SHA512 3c0bb50425c6596f13da38f63acbdc2e559f258ff0967a87d491ee102d65c1514d39b400cf56c1668b0ef40f6dffc10f643f727070de5b6ecde643a6c2a7a704

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe666a79.TMP

MD5 424fbd8cb2d5cd4b9ec2fc21b282d7a1
SHA1 867e7f758bc359d2dea592cac4e5524d2ee57146
SHA256 3f9f16e94f6b358de49dbedf4fa59f20d3d4ea1925fff2c4d6a9ebb7c71dac49
SHA512 68ba1d27bb827e0cb0ff1a3869b90bfb90f1f2533ad21cc344ec81e39d9b5632a8f29eac6e5222d87c6dc8d92fef86df8ddf9a4f8afb076eb89b3e62bd1a7bf7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6eb749f9679c854f1d5a4331273e65bc
SHA1 0ec9a938a0f22dc12540d44a94d47484f854e69a
SHA256 bc74b39416da00a26cdf947c01cad561d7cd7f528347fc044c9017a5f43fbc32
SHA512 2c92d02428545ea6f1cc4f3d8b119f615981aecb31b134a25e75903b338d8fe294e1d0f94460cffc4ecdffb5b9afcd53af5fdc1af75d6fd1c11ba663b31f807e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\df9f62d5-b887-4191-9fa8-c14cf9507962\index-dir\the-real-index

MD5 d8e6b5d8986769ab3c7e1e79b5291bbd
SHA1 00661b207c347392a203bbeb04b7828f80cbc59c
SHA256 c32991ca59c3d39a9ae96136571b90e5b9c7fff75dff7fca88f410ec0d8b42c6
SHA512 775aa760ea40b5c6285b0b3564ef7a00bebe5eee1ecf03d206f9430e2e1de00668d6d32c2278857a18678bdca072f1deb1f1686c630cbb12a0b77333d0cb8781

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\df9f62d5-b887-4191-9fa8-c14cf9507962\index-dir\the-real-index~RFe66866d.TMP

MD5 7a279ae3639a823e02c83a7c2de64723
SHA1 f013af76d7715102b636aee0d81f7f888bf71d69
SHA256 355db7aaaca282c3c58bdf10300a49d62fd28e628629d0150e336a5361768440
SHA512 83b8fc966e7ff2f4a8c897303c31e8edaf16f738218cb815eebcf93a2e8e814520ddf502d43287ad33978bd297d881f06dfdc7c6187cbe4b3970ca4ce1fa1b0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\index.txt

MD5 a3be13d05a10ec79d567688f37c99caa
SHA1 118d148245249378e986818fe3e38771d799e4ec
SHA256 255f674e1724a936636b12bc977acc9ae27d758d291e332e0b8168df8eda061b
SHA512 3b9ce531a7602435a86bdd0655662626bf0e7dd01075bee0486b0bda86bbf09eda901180801e74d5607ccc42e1a53bb40118ef009f6933af69bf7b84861e3f48

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\index.txt~RFe66866d.TMP

MD5 7333304e123164c545b96588c27d1f00
SHA1 32e692f29841c7bc7d392dbd1ae7bb378c31220a
SHA256 1484b9bc81c5f35e3681d1a5d297cb62c985420c30e4883835ca3fa30c706d53
SHA512 58276ad783ca38a665d9235d20f87f7c32801486d1bce65b2221c374b58ef9eda852ab1ac5cf3dc94da6547de1bea2eb596b655abceee03d6544a603e2d87fda

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 df54d0669a9650a2a6c43d1029748633
SHA1 fa30fe48958c1768818d30446cd392ac571ee44c
SHA256 f34066d6b3ff6a14e735609261c8a24b0b1f4a7105a6f3e20ba33a6d7c9fc668
SHA512 37db56c7c8bac6b65fc68e19c9fd462537cae508bcafacd87ff41df969712aa814c73aaa6a15eafc282837a9eb7fe490c2e314853c4ff3f8b70aadb43768398d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b427fc2ffb5d3c673dffc225bdfd583b
SHA1 6dfcddceba2f4c6ea4c3ff922a0b64b828bc7a92
SHA256 77e0002b465c91747ead522f60bd5b323f1298d6d7cbc13ab8070e4ec5b28a2f
SHA512 01f0bd50141bf7a95850e5d0d568c4493eb01ca4e1c16759f0f00a53759661e4dea9286da56402c3337cd40d4f07b797eb66e477188be2b3a483394f08fc9163

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 124608142189addf3e7a7ff0b42af455
SHA1 a116324dc9b7bc2900f3738fbb92c4c01cb7b7a0
SHA256 10dfb977bf03f76ec89228bf4bdc094d4337df0159fbd484ec7a9d24ab6d980c
SHA512 a20a794443ac8ed39658dacd18229ebf46bac7806a44e06b4f87747bf4ee41c04e3479569c54cb2bec84ce6f00bfab70098bcd468172c79e69a4c6b07a482c55

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 266a49923267a9a44325c17a05a614d8
SHA1 c917cee22fcbacbe9f55ea2a5e037f8005651a88
SHA256 af85a146b3cd53151b3e07b2f19e06e9a7c5a56caa2a223dcb63a68d7db60b39
SHA512 0a4e1ad8fdd2cfd7774c6608978bc2aae8105d9070498e711d7608974efbfc7f946fa86cb2bc1df291056c3cfd4ce4af2b26e9597ae94c8977f7052a758f8795

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 668ea54a9337ffd4ce064518c2732522
SHA1 868d0592c77b6f3da10d255176430a790d94e8e0
SHA256 c7d77d1a3a69b1dce52e503398bc24ba5484882ebcbf249f05d101f0ecd1e121
SHA512 903453e43a589c7b1f8d5f65644114a684eed062128631d58c8d258bcd5dbba583c952afcc77eb3e01433615f1011a90164a4b0d360602b476eb9074677b4c22

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 95b952635f06610e4c11e85090054619
SHA1 10463a65271cd6d2d86aaeb8d471a08537a15b84
SHA256 7e69108d6d0ab7224445642123ef2aeb2fb2a899ab2d5a66f16251d17ec4ff9d
SHA512 d8d6e5646772a854a129e05d68ab921e4798a686697a8a26d0dc7f29d11819446470d5c6ace487cb26eca8d7404c52556973ee111be20aa51067c2c9fa2ab954

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 052cde90c7352f12e1e58800edbb9999
SHA1 217312b3b845e09e2ed0e097e09eda44bdca6b96
SHA256 decb5ac3f57a1ac26af94af62347cdbcdf297345cb0413740b2385b7a13892fd
SHA512 298708c263464414146a9789cb6dd904db73cff66f127683ad379343b5fde96f2ce8ea5dba0e3350b1b9323b67cef1882b8dc315f1fc5b3108a5656d148c1456

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 bfb063db4c97752ae4e8e597f7d8786c
SHA1 84c64811f645f070bb72350368a7a3de83799231
SHA256 fedae177843071480b0d6c29475c34af737d112190435c40b79c7166db054c53
SHA512 02e700c7a9ebd9f9a8542f61d51993e05a778097f89e1598703c646162ced279f5b56a59d71ba9f8209cec4b4a8ca6e1c0ece3adb469b18a6e70f5ba6c4c0d4b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 34c58f5017ee36194a0bc6ddb506edd8
SHA1 3b4516e61784ff97cc180fdd58ea34447516dfdc
SHA256 580f6fe2cd14047cedd1be005610778f5bd366e313e0068d88cc34d3ef29741b
SHA512 fd5a5df08823c3b5f539da8eb2c77b36e1a9973643a489a275c80d3f1e09710a943edd9bcab3778832563d5e1a06ca1bd6d62138228d421bfe9f6af0bf131e45

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d2b031fcc9632900b3291e15def41f65
SHA1 d939753bea993895dc4829086b1ca30d1807c3af
SHA256 6924727e6cf1de8c909782f55f10269c1648d93af6494ec00e806ac856206572
SHA512 418157243897fad22eb90ef201c05a0ed3dfcc12d3e3d7c99b678b3609884e1906954a615551c0e06ee996c5f0c43870ea8f294cd7263876d386233b33bcbcae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c09d637a924a9d5e5f93ce4e1bacfbaa
SHA1 a471365d2f5297ba03eaa404e3a519513e8c4517
SHA256 7f30cf331aefb43b624a7b75c9566d7d9ab781c2cb504ecd8e02fb9c8e0833b6
SHA512 d8270d62ac641f038e44dd15d66f849192558124de91c7639e270c4c881003c404b6a3d8eada11809affad00d677dff9222c249f4df79f692466133ac6fa1c43

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 8ee425f5785ba9c7d43c5e2b6e6376ea
SHA1 a9154d44889bf74ada48b0122e49e9273287944a
SHA256 01edb8849e1aed22b6c18db8a4057eaa8ca2ef5d0dc1a07c1769223318efdecf
SHA512 dd4fd387ca88af76c71be1487952e3c57b2aa7433bacd8f1f3b8a73640c63f719292e9cdd579728e8c21a4a0e12af6e3919c159387dc849512947d16e5b6708a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1da3740739df1c153b0989fd972f1432
SHA1 0381a951256c36199fb10ed10c80e410e3a5f0f8
SHA256 5d2f46a0fc4d589284144bb987746361b2fc12dfe879e4a9fe33f1dc403a7fbb
SHA512 6c75d9500263649487d26fd8284882498caa6c67bda3df8c87a1a3edd555fc1ac18d26071437a982fb8caa68bb7766339a95ef7956039f12d1fa951ff7783df9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\index.txt

MD5 3649a4e43d31e0f28ca4e9a6202caaf7
SHA1 e1c309d55d8ab71c80704df73839cf066a03f123
SHA256 2dfc3daced64cc11eb165e5dd66662b0433c8174a62dc3697b2a927ce6945802
SHA512 5189bc334dd573a0e0891f97c3068fa1e9ded02558148ca67714578df6728ee0587d1e4029bc53b0bdc536dff798b79a27862d6100c5f5514e6c5f5e3be43471

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\df9f62d5-b887-4191-9fa8-c14cf9507962\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\index.txt

MD5 04643b5089e7192d433a33e8ffa905e3
SHA1 94bafeebe668fd4aa72b6d33e01bdc46c4100ccc
SHA256 023867707b6ff82ac6f48c95944ed0440f395548cae2a4825644e88990e40ecb
SHA512 752bc3185087324a6db7076446f5a8b20a1b2af3dda15a8eec69fdd4a1ee7f29aa2c2af46ba609fb252e151546695a3345d58441fa3d4ad27ffbcce714f3948d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\index.txt

MD5 9382c80055d4593624ffc789bc6e4ee9
SHA1 54c908bcdbfd584fb5a1ddd5f46fe833c59d645e
SHA256 6acc9fab8f3eb014ae7e3bc2960e53c8463ea85cf7b6a5f4e1b88b812c1cf225
SHA512 439b8775e094e8504efb5cfcbfd9d02c698b629a0597b6d45c3822246ff95252d0227e62ea8b2f114d8af83147926c1b275bb73b13a68b3932807e038c61aee8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 7721f39183a6e0c5f7dbfae798ab6855
SHA1 70c50de30e8af19624b45aed1cb3c040524a384c
SHA256 99415b19cfcd584a2311802e962a7c59d6743ddba020e03fef5c7ee2ae7bfd23
SHA512 1fe9681ea5bfb992bf1306e37057136ae2d43b0d43682983e24e4bc5ef6c84367659c78f7fd1a3df275262699b65a629e19dcd3b18bb0e7eb6acf59182f2257d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0882ac238ea50ceaee6161973c17e924
SHA1 e6d0f1a2dfba60a5cefd035c0ff79ec38f42fe42
SHA256 aa1fe04e929e5163cc943aa9de83c97c10c341b691362c6f5634b458af0d5ff9
SHA512 680dae1a3974a433c9fddae6c9f0230896de2b168e8aa79d78e560c51f81408746414008d06dd3a2c553ee07a86b7be453f6ff17da9c5cf2b2121407a1c1998c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 96e316eb23b8e70fb8776965f75e189d
SHA1 75170817c55442ba44f8e3204466def8a8265739
SHA256 a4b2c07b022945fa83bae71b9f356d4623920a83723598aae3192b6dd9e2254c
SHA512 8c886b3c152f733b5150a339931d351fcb0dfc6f2d68b95dce7fd36f102acba8eff663998e4238b41e1c556c165252ad178d4081f7ded1b57e689df7b4374b67

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d32d20caff3275cd395456efe278cbf2
SHA1 066bb85b0dda6b56d7501b45c8189a80ef3aeb06
SHA256 1c2a9363151ccc94ca2bff097ab9f832f442d9abaf6d99148c738299de917af5
SHA512 5edd4de7893aaf6986c116bff96b2afb1e3d3e56a8d53efe054f5c63d7b17ce8d11cb4f812b66fd41bcdb13d077441d31ef42fc6694ca3ca562fa9bdbd20a2c4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b40a205417337133bee4de1e847574fd
SHA1 520e248c5e5501daea0475fb5bdbf8da352a551a
SHA256 58d918fd811891700f21b93d926ba8bcc08292950e89f977745ca79c6188bca0
SHA512 2530dd4bc98461288cfc235b20e5f75288d4fab0b3bab970e4c5847243d6260e8dec60cd5db029287f08614bb74e64d6947fbee884940d1b85920b8c84c35ed8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\0aa4377c-4933-4b6a-bc40-21183f40a8a9\index-dir\the-real-index

MD5 334ed9a251991e09f428370426d17a80
SHA1 adf0e579551141f604f01d1aca661a484075def6
SHA256 2b90da7d3e101e7e6eddb50b51035c2c9813692ee940756178984fec19a62e8f
SHA512 724d9cb49fcaa06fd2bf123aab0bf2847a9a65de9dba03dbf5fc52552b139eb65b63294556e7c13f4755816bcc42eddc50ec8b71b6e232cb6b7b9afbc68f9548

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\0aa4377c-4933-4b6a-bc40-21183f40a8a9\index-dir\the-real-index~RFe6896bf.TMP

MD5 fe5c974f09ed1806197107d15f081c42
SHA1 e1427bbe2f0f188f5f1c4e238de8ba98fd1bf6f2
SHA256 7d77037157203e2e721f80c47b10e8c17696633dbfcb543f702deb25b78fd54c
SHA512 6a66d43bf8416290bf32ae21b11d5a7be0b1bd102e71b0264ac76a6b723385d88ba66dd48d30ac33dccaf4776984e1e7028fd3b437ac8b2bcc0ce3661ce83ba1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\d378c0d7-a4a6-4b60-bd42-66857643b1a8\index-dir\the-real-index

MD5 6c7a5242838d01b720bc9b5d33d57db5
SHA1 659e8dc6ad8151efb1d73661310555b25a8d9f5c
SHA256 258de649a082b36bc60e75b4f430a9a09dad7f3782b9f0f8363e12b31d981fe1
SHA512 c7715bf57ef2662ffa8c0f0af6e839b05a70bc2e896e9a8e409d9c2f46a794c5ae14eaf65b4a951094cf622df86be821ab1b8696a2e6e6816b0328c7be3305bc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\d378c0d7-a4a6-4b60-bd42-66857643b1a8\index-dir\the-real-index~RFe68974c.TMP

MD5 b5a32991d1efaa50bca16b26b207149d
SHA1 bddfcf49b1ff35d22947072840f074444a9106a8
SHA256 79e0ae428be4f8f9de2a0ee0a99c53dc08eb28007f2f2cbc3cbb2be4980e3554
SHA512 ddea94c71e8c09f11616d90033aad90e2e42bad2152d9ec1b5db234a6c848027c398c6a370169cc2f593810ed5b42d2108d0b812858f099560273f01c1c33e53

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1e8768494515da3b0c24e65c48e8b020
SHA1 50adc567610460b40a72692575385abefd60dfe9
SHA256 663195c2b30e04eba9e4ab68b90683b30015e2408439d0bd6d84c065e222ea8c
SHA512 1494bc97305298fb144e158ea6b81a1c62a84496b6fc0a4e24cb9e15a828bad70b2e6341248b279f0685a150fe597157f4c4efb38b99b14f2e9d65fe235d0b37

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2d9c3fb2087806631e4373243bb346f5
SHA1 79b85ebcf7adbba488fe7d4b15856a491f4b3a91
SHA256 685cbd33bab4e3cc426b507ac2cba26ccabb4b614168151b2979bb85c0d9a8ce
SHA512 cda79bcaabd70b86b1f75db7eda92e032abcfc04344809cd1862eccdefa18d73e7d90a7600b18127b70956bbd4d49c0274e9f3bcb4c2dcf0ea22310726620ae1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\c1ae4240-7dfb-454b-ba01-1436459735df\index-dir\the-real-index

MD5 5c46f97c27a2538e252ceb2dc8ba31df
SHA1 8fc7705ca49bb40cfaf5c7ee16ea55b253b968e4
SHA256 e6ba274394f0ab8da161a20f0fa197abe1b181d3e8e6b01c0597037873934d09
SHA512 c29e4b7a4a41b3b758560a9d9a5c69025ce94f4611ece4540c706343bb9ee9f37352425f7976b5042c4b8a6d825f60da1d3b19bac806f9bd22d740c56db27a47

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\c1ae4240-7dfb-454b-ba01-1436459735df\index-dir\the-real-index~RFe68ca91.TMP

MD5 b80c35e971c422ed71655c13344c6349
SHA1 908e41af30c754668461b116386408d4b252f260
SHA256 60cbf770087fa135a07d3c3029a7c7f6fcc7b833dea10645d61134d1dbbfd542
SHA512 e1cf8349b795430d3d8587a0882b8b67bac6f709da33688ffa78393fdd4300bc15020f3b876d72e7ed3dea68c89647e878e894edbdcfb3aa26ad1572903aafd3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\index.txt

MD5 9971a43123627050980e4a5079f8b65d
SHA1 e19fc52e62c3649817d0737e23a887bac77fd871
SHA256 4dd547c6071889c544a0a86cba0d2850ced1eb7c9dd4bad9caf968d7de333765
SHA512 5446421a77676b583168ed6ef758b0bdd04df6e793b580dde8e135b3b98d18bd72cb6f028455de7bd6cf86faac7ec9729e733838df14f77fb944859988a02d5d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 12e729ee295e429b3db5cc4208159a2c
SHA1 afcc85207beac7cdb5246424fdbcc9477b2da19d
SHA256 0cb5be8cf584c7027363a6e8a6a8fccbeb75c2f0edadd2ca2b2398b121965507
SHA512 2fffa369098465aa1495ee801606d3fd84d33ab81f08f3fcad4cac7e5ad44e53e4f11f2e35ff87c0a7ba6c29613259def9169648e9fa82f6ced87168267760a9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 13d07908698f556f487eee78183cb329
SHA1 fe194ce98bbf037f9fdc89cdfbc9f8e28af3ae6c
SHA256 d858e6514decd9852d5c9b1997732debdad15257953ef219778c6d5df4ebe234
SHA512 0554ce2e272f7be1106561787b2168faa589d82eafd31986ad0998e470e102ba159584c2d2689af5949a57480027aa209b225094119ba010afcde387fe9d8f40

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 eda1e087826a1d6be37654fadee2df58
SHA1 ce1cfdcb684a1ea702895c598fcedafc1ee67f49
SHA256 18e4b8b8f46bccd472c32b8fc283280e0264592897e8cf37c99e8777ba29e057
SHA512 dee4f3fe522db9e017f2c257678c08cd5b99024a9d705ec3103f83302fee3a0220cdb78cc413fd1fd0da44982039bf88f165c976d2922f1437302ed05b220af4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 249da74d97a54427b5e84b71b7ad0059
SHA1 0ff43be82697776c6112bfcc55c1f236a6464978
SHA256 4ed64acb3fa863e32b0ae50333600a4e61ac75558026662e60fb045b39ee1e97
SHA512 98fbb8e14875ef864c1f005e8f557bf8923640ed815a3528dd5f5e48008f9043e37eacbfb76dce228bb908f2ba8a6f85786831a11b3169182d0902b38d948f3b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 ea8a1cc9ab4407467f7e4d9b40974897
SHA1 27fa9f5eb9ddc272b098552b5b0b449749ff3ca7
SHA256 eb2a1c3b1ae259d6b151e073762b689552f5910e178e53487512a8134d25869e
SHA512 1b0319d4fb95c805019b4e91761e6d6aa7a61e1c2bdf7797f4d9ef82afd98d8425c0de5aca7a4589fb1b84bbd39b4948c0fc42023446d5267f3925bc0bdac0ce

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c305341b42563d2e4137c4a2b75bd7f8
SHA1 54bbf767e64ff87e140cdbc62146c9da53bb360d
SHA256 086013efb91295f52a56c2d1c3bc715bbfd16397eb5bf4bebc183286bff4294d
SHA512 1b5ea05331ec82c140ba879d3ce4bdfc6c76b4aabb061836024ebf4b8c0e93c2d4730cb83540e647d1ffb651800480c26d051f26dc42ed39ecceb9945cf83192

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 ad4b4f42e888daf35454c339d7afe734
SHA1 79be64e20bcd4956b06db100f899d8f3157de1c8
SHA256 022c55e32739c971182ff82a7c314bc10b91150f49314ad11b79e2be8d70b3ba
SHA512 6ba15269a8b5e103581978ed4b4ce2510c6490830972b77bcdcc772ec278a6c259ec3d38770de159249fd3d32fcef2bd218801d938432a5766aa5afffcd27d2e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b76ed8ef50d3f52a01fcc598d9d650b6
SHA1 bf747a4d23236dd836d389b5cdd3aed625808fa2
SHA256 b4bb444b0e92893e5fa0bc664c89a2ff603b36e989c8a0bb4a9581f7fc9b0647
SHA512 e2df276d63385629f89591bfe9db8c7fcb4716b326d5fb871baf4cfc436f8b50890536180b9d5840471f25e506852fdb5a1fb27bbb8dadffd269e89150cdeb5e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4e7b29e905e00f858cedc6f8ccee46e0
SHA1 d94d1f4f5e24750252ea9b14a38373404ce2efaa
SHA256 7a3d1da1dfb7e0609d4557835db17db84d527b71d698c4ce3014ebc6990d60a2
SHA512 c35dfcb768f0e19d577226e9e84f8ca980eb1a6775df89b7d0bc4286b15f8b88333942ef55e2fc88d1bc46427e572776da076252eb333f776d4e9361a0230200

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 079ab9d597e4b8db2b7cc7e867758eb2
SHA1 85f47731b9247b0f0745a59917b8b362dcda5d47
SHA256 c7c158347bc433169a3edb1ed2bd0c919594effbbfff1e67c1d2263bdc93eed8
SHA512 335e20a3ec2aff982ca9547d6285f6f90a91966546ad6843984e780f4b995c93d7de1f0e2504cf96644c5cea7447656b57acbf0d3aaadadb5b4ee49872176b7c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 2f16a6a86518097b48ad676afe63cbed
SHA1 faa7987e76662568a76d57bbaff4d5d747873c5f
SHA256 d8035a63e8ffe3104a83ab85bd025d1f7f989187a827f2ddba93e15d668dee4c
SHA512 3993632bde64cb145c0f4b64281e72597295bdd5efaaa9b8dc07577ce979849c72f544cc88a3bfc2a32b77def679114916d2eb0d7864967290303556860ea358

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 35b3744c1bebf553cc037b25773b0fc6
SHA1 e66880060dc2fec6fa9daf06840ae2d8b330a6de
SHA256 07509af0c6da0cf870b29bd06f878b6635ffc1ab656c4dc0b772bf27cf79d23b
SHA512 f80163dbd0116abe477b6a3cb0bc7b92fff0fcc0d30c950fd8730c4359c0451afa1b34bd1273cfc091c5b001929bdeebacb949669fd9285df727f0b166deba76

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 55b26c7db072ff39fb3d836e3425779f
SHA1 cfc6e0b5348a53f34115f56fa8f041efbb03e934
SHA256 06a7f91c71d51c9beedd85a078e0601213c79c76bc553fc09b6d9ee3db3762bb
SHA512 793fb6fed0d5c61b97b39d2a6d9c427141963657523a1f88fde260a9e5b5078bc38898edc4cd710ecc0ee42b38eb8e5845c187492040cc72ace3c913a8d26fcd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 776dcce46305da00c39df10f9e5b584a
SHA1 1ff74c87620d10b131888bb8583a7f1be8733b60
SHA256 8363788b75e5039640b470e1cec092808d25c364af9c23769e461924368de929
SHA512 e36bc13456f63cce89f5b6a3b7ace9eb3cb06d05b5d45ad41e5dd3a3a09d27a308ababddb146c3908ead35ddf1bf5f310bf32713359b393db2be4cc39dd6c900

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 b3f5ab9dff0069a8cc6a583a28d4ec0f
SHA1 a3c67d627d1e99f4556bb601da62d412ca0a7221
SHA256 92dd0ad2b52e85106d2ddd4672f614e9466fb8a66592a290123ead1e6186de96
SHA512 abede283e14f35a4f659f5d3c9bdda9ed12c18eba3479bd553822a2694fdc73d0063426c8510533507bd5c60e0030e432f0c1ff93c0307f085fb9d3cc051ce2a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e7a313641d805d3a75631ed8f2dd85ea
SHA1 5da3b453c13575da93c5a58dc265bd3b4b7e1668
SHA256 e19b780dcfcc50872492be2e7dd20f6c3b4fb7f4668f799c008834c6e98fde3d
SHA512 20867c08dc31d804b46e23dfc511e3d9419394a1cbb238afafd6ade33ba03e105635e0b832a8276203a20a8ad49f4aac5b797d571a40d7de4729e789f49c3518

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000093

MD5 51970acf652853c2ca7afba17fdb64e3
SHA1 37f4a7dc94674bcbe60ac13ae186f23ce22edec5
SHA256 e2288f280cbb2de19c19e5b0bdee58fe1ac13ec87f576029272ea4ee4af92857
SHA512 798a39c7adca64ce4c1275ad125c6c530bb32c586dd2f350f8120d6a504a0d50ccef32a442ee3495762ba7af3719bdde297d1b97bfc3747ba1d5dab69974632f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004e

MD5 097c8d5a6824861ec989ec06e53b3df7
SHA1 0478b50edf88a19c2848f0bd1d9452480ef782cb
SHA256 e039c05623d6f7f1895ed6e049b01ef33b86ec5988e3104119face44f4ff12d9
SHA512 cb72032d58e6eeeb60704cc5e7e7f48faf09cba5dbf63a61dbf47e07dfc446d655f19a6ade67fb49b72ccf652e7d537510559445ffa2994cd590eb6bce4f88e0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004f

MD5 7329db207c726877f7087f266b76de33
SHA1 9698b47033c33b687da7421bc1dab9a0dfdf49ab
SHA256 198f92a52fec081e25cf0a41d5a98d5471d6e463b6fb3599b0b64ce26d10bc45
SHA512 3914c388aa25ae08cffa9dfd84431dcdcb7fc933ff2f91e3b6bbd297ff9403653b583a49fae59822b364ed9ce942ca957971877d5ec3ee6ed324aa4511081385

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000056

MD5 16e6897aaaaeb8fa242815c20d259360
SHA1 f232f9742c8b42f3cc870cea297151016def6312
SHA256 8a73362db01e8adda6a81d4dc2a42746f90ff203691b92b0c917f22eac954b14
SHA512 be10a1121a0da961ab337cf6902bc8cc6779d80624a624c82ab69e969a867e7027fb4812f01c07b0d04c9da8a55dfc443dfbc5fc8468df5ccbe1f181229e29d0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000054

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000053

MD5 c0ae6666f9cba37590eddfeb9891a2ce
SHA1 64468bf8cd31a932aa0eec0b87f78848c0c2723e
SHA256 cb6557870f0da23eaf84af6746fa6619393a95bbf0f1dcb387e224408ec349b8
SHA512 358828316e5e71ff582acf08cc5964ede89e2ce8a49f7b658b1a2beda52178bb9e10de22189a44644ce29382ff643b5a6c311258f36ae9dc5a2e0c430858200c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000055

MD5 c4c54608b0e6f10c7581bb894e641ce0
SHA1 411b0a1b5fb4bdd0927abe67bb0815f5b0fadbad
SHA256 b82a276ec8d6e7fa023adddf87fb03bcdeed17934907c6be47646af89f5afc33
SHA512 152568eaee33e23615257e6868a6f803d729ae456daaca4601b2a1113605ae70caf65e7c9d9d7bbfd660e543a67d02ac82158eff004e377d63b8cef38281ff55

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000057

MD5 ce36ca62e278376eb0b03336d46c7b30
SHA1 7da160e62817fbaece4e7ec12cf3a459353b15ca
SHA256 eb74577d65417dc3fda1ccad67c76095b92c7be7f2a2001891ba48083530f0be
SHA512 0135b5c5e44ce6e08ea3df4a66eb801926c21dd15dd8f849fa7088d562f4afdee97b7b4c92301214faadb7d36ad1053abaadb2d0feaf649b6696399c9ba1640f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 bc851342c7f7b8d49971f354adad1b39
SHA1 e43fc5c375a3b1a7d727ff30fcc94140ee280dd5
SHA256 583156fa7a06487e70d8e57f5bc19a693ad6794063ccaf5a9c1bdea042ef4465
SHA512 ab1d4acfaf848939903820d6a6ea46043016acae28df160cb6a5bf6178f501a535de74a7c517724b64f36d211e0ab228444ff58cc2d40a14c804393e102fbe51

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 48cab53dd14a97caf70f5eb905dee0dc
SHA1 366f37da08a5a9694b34e251733e7e85673267b8
SHA256 f0b91cbb5a08e009a4bca52849e1c8409b3671601ad01c1dae4a816a6111cffa
SHA512 fa1594025e0750762d4adec7eafb11beb6d32469af161c17108100041f383737dfcba446c42e1f86a583263391f72dc637065fb437424d6f7753df4733d754cd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7080341beba1073e0b9c8487238a9d4d
SHA1 3d914957603f2edd8bc8c709078684ccc6573702
SHA256 5deb3e801dcfda26ecc45c67dfd87d95be35f8df63a14e2607171087362980e9
SHA512 1a97d7feef6c67d005c9d5e5af5259643b257737c592538dedb00dc8de21119ffb8517f9a5d9620de7d250d4ce677e214936c4ece66f213eb65310cbeb6b36ab

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036

MD5 9196e81f8ed7f223d765423c1f9bc8a7
SHA1 88f9d5c2a6908cf36b8daae803578ca9e1fd2929
SHA256 a4e2bcf7ef3c6c614c2142d3c1fd44caac4eafa86a1779ac31cba164e2d89cbe
SHA512 e7d23866fcac017762d2e2f18597124e9147f458d30038f78ba9f3a2bcbe479fe4792573894370ce2d6f93a00401231d9f01955fde351ff982a82ba87a8241f8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037

MD5 fca52241a7735ea5486b3db1b9a00387
SHA1 82fa35d863d484c0ffad0fb4754e10ec13d549bf
SHA256 ad0cb23e74fb15a7cde53a10efbe4eff76284fbf7d3dd43428a783d158418921
SHA512 7b012f74289b4b4ca03e324807ae1d7062c835476438b875f2db61b4f41e0f083b6140057f2d750458123ff791457cc8dfb02b877e2d075c54235398c9b51a03

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000044

MD5 3fa8c23b89d34fcc51359db6d0551837
SHA1 69750d3260f6f371a516bfddfe15ca26cf068f44
SHA256 4218aacba68899324cbb3f9b7e09967916e41477312ced5dfde41082c6e147e6
SHA512 27dfd1aa035ba829b8d76dd8f8012a98dcd06178a9bcafc32a82886b7b06affbd72afd2fb093749a719b43a61a966165d991a2a377a939da24649da288bc4688

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000042

MD5 41caba792bd0815c50d2586663a2f6e9
SHA1 8ba297073f4502b840d2c5f0a24ba9d515e2dd84
SHA256 8dcaaaa16bd33e6cfe7af170332ce93febfc6e8e7d1600d1465732e4405e08a3
SHA512 0a8753df627984de1cbde85ab8b8fbaf49f9b76a5728675eb7973a0f072d31f00a4b6df1b9a459d3bc6405ff92a70acf9d1b5393daa0c1a0d34742800cc9c9af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 57d73b00894c000b9522d4f5db1deb73
SHA1 2658e741a3cb4105dd1509ff901bb329877dfa39
SHA256 4ceba404890c1be54c152c471495c49187cf902b8144e481be1f5cb497469a1d
SHA512 356543ad9528df1b62843cb51b39ab9b1e38b332f002fd1df7bd1a36d7bed3a59895815529e2a0a29006ee1f3606a25358d5039f870562242a29d2dcb4d8567a