Analysis Overview
SHA256
93580834e65af2f5a83aacef47a1ec3ef45fc6ab9683ec4df771bbea713ab38f
Threat Level: Likely malicious
The file RobloxPlayerLauncher.exe was found to be: Likely malicious.
Malicious Activity Summary
Sets file execution options in registry
Downloads MZ/PE file
Modifies Installed Components in the registry
Executes dropped EXE
Reads user/profile data of web browsers
Loads dropped DLL
Checks computer location settings
Registers COM server for autorun
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
Writes to the Master Boot Record (MBR)
Checks whether UAC is enabled
Installs/modifies Browser Helper Object
Adds Run key to start application
Drops file in System32 directory
Checks system information in the registry
Drops file in Program Files directory
Drops file in Windows directory
Enumerates physical storage devices
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Enumerates system info in registry
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Suspicious behavior: SetClipboardViewer
System policy modification
Modifies data under HKEY_USERS
Modifies registry class
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Checks SCSI registry key(s)
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
Runs regedit.exe
Suspicious behavior: AddClipboardFormatListener
Modifies Internet Explorer settings
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-04-15 18:26
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-04-15 18:26
Reported
2024-04-15 18:49
Platform
win10v2004-20240412-en
Max time kernel
1106s
Max time network
1337s
Command Line
Signatures
Downloads MZ/PE file
Modifies Installed Components in the registry
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
Sets file execution options in registry
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EUF669.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EUF669.tmp\MicrosoftEdgeUpdate.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-2288054676-1871194608-3559553667-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2288054676-1871194608-3559553667-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2288054676-1871194608-3559553667-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\RobloxPlayerLauncher.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\PdfPreview\\PdfPreviewHandler.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ThreadingModel = "Apartment" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\notification_click_helper.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\notification_helper.exe\"" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\notification_helper.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\!BCILauncher = "\"C:\\Windows\\Temp\\MUBSTemp\\BCILauncher.EXE\" bgaupmi=F7E3991D8B4748FCA2D05626EC028570" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5D54B371-B849-4A49-A654-28EF4267704E}\BGAUpdate.exe | N/A |
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\RobloxPlayerLauncher.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
Installs/modifies Browser Helper Object
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EUF669.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EUF669.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\System32\devmgmt.msc | C:\Windows\system32\mmc.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| File opened for modification | C:\Windows\System32\devmgmt.msc | C:\Windows\system32\mmc.exe | N/A |
| File opened for modification | C:\Windows\System32\devmgmt.msc | C:\Windows\system32\mmc.exe | N/A |
| File opened for modification | C:\Windows\System32\devmgmt.msc | C:\Windows\system32\mmc.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\DeveloperFramework\checkbox_unchecked_hover_light.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\LegacyRbxGui\configIcon.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Settings\Players\FriendIcon.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\VoiceChat\MicLight\[email protected] | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\VoiceChat\SpeakerLight\[email protected] | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaApp\ExternalSite\twitter.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\Locales\ja.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8AC2D594-C4CD-4985-BE9E-7341E8E2382D}\EDGEMITMP_49557.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AnimationEditor\FaceCaptureUI\Background.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\DeveloperFramework\AssetPreview\more.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\DefaultController\Thumbstick2.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\VoiceChat\SpeakerNew\Unmuted0.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaApp\graphic\Auth\vn_agebadge.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\PivotEditor\SelectedPivot.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\VoiceChat\[email protected] | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaApp\category\ic-top rated.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\Locales\kn.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\TerrainTools\import_edit.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Slider.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\LegacyRbxGui\sandside.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\PlatformContent\pc\textures\foil\normaldetail.dds | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Locales\sl.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AnimationEditor\button_zoom_hoverpressed_left.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AnimationEditor\icon_warning_ik.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AnimationEditor\icon_whitetriangle_up.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\StudioSharedUI\TransparentWhiteImagePlaceholder.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\PlatformContent\pc\textures\sand\reflection.dds | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AvatarImporter\button_avatarType_border.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ViewSelector\back_zh_cn.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdateOnDemand.exe | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_en.dll | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Locales\ko.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AvatarImporter\icon_error.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\StudioToolbox\AssetConfig\copy_2x.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EUF669.tmp\msedgeupdateres_lv.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{F5AEE0E3-268D-47A3-8B98-76424608A832}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\GameSettings\Error.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\StudioToolbox\AssetConfig\pending.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\TerrainTools\locked.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\[email protected] | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Settings\Players\[email protected] | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaApp\graphic\[email protected] | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AvatarEditorImages\circle_blue.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\InGameMenu\TouchControls\d-pad.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_mt.dll | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EUF669.tmp\msedgeupdateres_vi.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{F5AEE0E3-268D-47A3-8B98-76424608A832}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\clb_robux_20.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\PlayerList\Report.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_ro.dll | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\Locales\ro.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8AC2D594-C4CD-4985-BE9E-7341E8E2382D}\EDGEMITMP_49557.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\PlayStationController\PS4\ButtonTouchpad.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\PlayerList\[email protected] | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\PlatformContent\pc\textures\cobblestone\normal.dds | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_el.dll | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\DeveloperInspector\Record.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\XboxController\[email protected] | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\VoiceChat\[email protected] | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\dpadRight.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaChat\icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaChat\icons\ic-notification.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\AppImageAtlas\img_set_3x_4.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaChat\icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\Cursors\Gamepad\PointerOver.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\DesignSystem\ButtonL1.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\VR\closeButtonPadded.png | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\Locales\sq.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8AC2D594-C4CD-4985-BE9E-7341E8E2382D}\EDGEMITMP_49557.tmp\setup.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\INF\digitalmediadevice.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsreplication.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\PerceptionSimulationSixDof.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_cashdrawer.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_receiptprinter.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fscompression.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fscontentscreener.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_linedisplay.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsquotamgmt.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_netdriver.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fscopyprotection.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\rawsilo.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\dc1-controller.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_diskdrive.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_processor.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_proximity.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_scmvolume.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_scmdisk.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fssecurityenhancer.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_extension.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_ucm.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsundelete.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_monitor.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_smrvolume.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fshsm.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_mcx.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsencryption.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\rdcameradriver.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsvirtualization.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_smrdisk.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fscontinuousbackup.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_barcodescanner.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fscfsmetadataserver.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_sslaccel.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsinfrastructure.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_firmware.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsopenfilebackup.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_magneticstripereader.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fssystemrecovery.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fssystem.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\xusb22.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\remoteposdrv.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_display.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_volume.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsantivirus.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_camera.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_computeaccelerator.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_media.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_apo.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_swcomponent.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsphysicalquotamgmt.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_holographic.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\oposdrv.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsactivitymonitor.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\wsdprint.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\miradisp.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\ts_generic.PNF | C:\Windows\system32\mmc.exe | N/A |
Enumerates physical storage devices
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2288054676-1871194608-3559553667-1000\SOFTWARE\Microsoft\Internet Explorer\ProtocolExecute\roblox-player | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2288054676-1871194608-3559553667-1000\SOFTWARE\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2288054676-1871194608-3559553667-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2288054676-1871194608-3559553667-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\Locked = "1" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" | C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\ProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{60355531-5BFD-45AB-942C-7912628752C7} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebMachine.1.0\ = "Microsoft Edge Update Broker Class Factory" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassSvc.1.0\CLSID\ = "{A6B716CB-028B-404D-B72C-50E153DD68DA}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\NumMethods\ = "11" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\NumMethods\ = "12" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\ELEVATION | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{69E11C9D-4974-41A2-B067-9F26953CF52A}\InprocHandler32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\LOCALSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\Implemented Categories\{59FB2056-D625-48D0-A944-1A85B5AB2640}\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgePDF\shell\runas\command\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe\" --do-not-de-elevate --single-argument %1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\NumMethods\ = "16" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\NumMethods\ = "17" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\notification_click_helper.exe\"" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ = "IProcessLauncher2" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ = "IPolicyStatus3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface\{C9C2B807-7731-4F34-81B7-44FF7779522B}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2288054676-1871194608-3559553667-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\DiagCpl.dll,-15#immutable1 = "Troubleshoot and fix common computer problems." | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\NumMethods\ = "10" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ = "IAppVersionWeb" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachine.1.0\CLSID\ = "{B5977F34-9264-4AC3-9B31-1224827FF6E8}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\ = "IPolicyStatus5" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ = "IAppVersionWeb" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\VERSIONINDEPENDENTPROGID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ = "IGoogleUpdate3Web" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\VersionIndependentProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ = "IAppVersion" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2288054676-1871194608-3559553667-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\autoplay.dll,-2#immutable1 = "Change default settings for CDs, DVDs, and devices so that you can automatically play music, view pictures, install software, and play games." | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\NumMethods\ = "10" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\LocalizedString = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\msedgeupdate.dll,-3000" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\NumMethods\ = "24" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{C9C2B807-7731-4F34-81B7-44FF7779522B}\1.0\0\win64\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\elevation_service.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
Runs regedit.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\regedit.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\regedit.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\mmc.exe | N/A |
| N/A | N/A | C:\Windows\system32\mmc.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected] | N/A |
| N/A | N/A | C:\Windows\system32\mmc.exe | N/A |
| N/A | N/A | C:\Windows\system32\mmc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious behavior: SetClipboardViewer
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\mmc.exe | N/A |
| N/A | N/A | C:\Windows\system32\mmc.exe | N/A |
| N/A | N/A | C:\Windows\system32\mmc.exe | N/A |
| N/A | N/A | C:\Windows\system32\mmc.exe | N/A |
| N/A | N/A | C:\Windows\system32\mmc.exe | N/A |
| N/A | N/A | C:\Windows\system32\mmc.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
System policy modification
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\RobloxPlayerLauncher.exe
"C:\Users\Admin\AppData\Local\Temp\RobloxPlayerLauncher.exe"
C:\Users\Admin\AppData\Local\Temp\RobloxPlayerLauncher.exe
C:\Users\Admin\AppData\Local\Temp\RobloxPlayerLauncher.exe --crashpad --no-rate-limit --database=C:\Users\Admin\AppData\Local\Temp\crashpad_roblox --metrics-dir=C:\Users\Admin\AppData\Local\Temp\crashpad_roblox --url=https://upload.crashes.rbxinfra.com/post --annotation=RobloxChannel=production --annotation=RobloxGitHash=3b50cd7a1711a7bcc79000fcd87d819e29d4aca7 --annotation=UploadAttachmentKiloByteLimit=100 --annotation=UploadPercentage=100 --annotation=format=minidump --annotation=token=a2440b0bfdada85f34d79b43839f2b49ea6bba474bd7d126e844bc119271a1c3 --initial-client-data=0x7b8,0x7bc,0x7c0,0x758,0x7c8,0xe7eff4,0xe7f004,0xe7f014
C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe
"C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe"
C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe
C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe --crashpad --no-rate-limit --database=C:\Users\Admin\AppData\Local\Temp\crashpad_roblox --metrics-dir=C:\Users\Admin\AppData\Local\Temp\crashpad_roblox --url=https://uploads.backtrace.rbx.com/post --annotation=RobloxChannel=production --annotation=RobloxGitHash=30f9c8fbca8a2403452dc84f4c9fe2c1df095269 --annotation=UploadAttachmentKiloByteLimit=100 --annotation=UploadPercentage=100 --annotation=format=minidump --annotation=token=a2440b0bfdada85f34d79b43839f2b49ea6bba474bd7d126e844bc119271a1c3 --initial-client-data=0x5c4,0x5c8,0x5cc,0x5a4,0x5e4,0x1b9dcc8,0x1b9dcd8,0x1b9dce8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2032 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2500 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2720 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3424 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4120 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4712 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4964 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4964 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3564 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3500 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5484 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5824 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5408 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3540 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5420 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6288 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6492 /prefetch:1
C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
MicrosoftEdgeWebview2Setup.exe /silent /install
C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QTU1Nzg3OUYtQkM1NS00MDQ1LUJEM0QtRjJDQTUwRTRFQUM1fSIgdXNlcmlkPSJ7QkJBNTM0OUQtRTdCNy00NzhBLTk2MkQtRkUzQjIzODYxNzA5fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins2NTdCRDY2RC1EMzkxLTQwNzAtOUE3Ri0zQjcyQzIyQzk3RjR9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7KzBqVW1ZZUt0WkFGNUMzZzIycEJCNUYwUnlkdGYxU0g3Ym53c25vVStmaz0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4NS4yOSIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjUxNDk3MDU1MjEiIGluc3RhbGxfdGltZV9tcz0iNzQ2Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{A557879F-BC55-4045-BD3D-F2CA50E4EAC5}" /silent
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QTU1Nzg3OUYtQkM1NS00MDQ1LUJEM0QtRjJDQTUwRTRFQUM1fSIgdXNlcmlkPSJ7QkJBNTM0OUQtRTdCNy00NzhBLTk2MkQtRkUzQjIzODYxNzA5fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InszNDQ2NzlERS0yQTM1LTRDODEtOEE5RC1DOTUyNEQ3NDlEMkZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTEwLjAuNTQ4MS4xMDQiIG5leHR2ZXJzaW9uPSIxMTAuMC41NDgxLjEwNCIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9IjUxNTQ5NjE5MTQiLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6980 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6912 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8AC2D594-C4CD-4985-BE9E-7341E8E2382D}\MicrosoftEdge_X64_123.0.2420.97.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8AC2D594-C4CD-4985-BE9E-7341E8E2382D}\MicrosoftEdge_X64_123.0.2420.97.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8AC2D594-C4CD-4985-BE9E-7341E8E2382D}\EDGEMITMP_49557.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8AC2D594-C4CD-4985-BE9E-7341E8E2382D}\EDGEMITMP_49557.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8AC2D594-C4CD-4985-BE9E-7341E8E2382D}\MicrosoftEdge_X64_123.0.2420.97.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8AC2D594-C4CD-4985-BE9E-7341E8E2382D}\EDGEMITMP_49557.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8AC2D594-C4CD-4985-BE9E-7341E8E2382D}\EDGEMITMP_49557.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.123 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8AC2D594-C4CD-4985-BE9E-7341E8E2382D}\EDGEMITMP_49557.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.97 --initial-client-data=0x230,0x234,0x238,0x22c,0x208,0x7ff60fcdbaf8,0x7ff60fcdbb04,0x7ff60fcdbb10
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6944 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7136 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6940 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3864 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5428 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6612 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5148 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]
"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QTU1Nzg3OUYtQkM1NS00MDQ1LUJEM0QtRjJDQTUwRTRFQUM1fSIgdXNlcmlkPSJ7QkJBNTM0OUQtRTdCNy00NzhBLTk2MkQtRkUzQjIzODYxNzA5fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InszQ0I4QzU1Ny1DNUM4LTRENUMtOTVERS1EMEU0QTA4NTlGMzN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTIzLjAuMjQyMC45NyIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9Ii0xIiBpbnN0YWxsZGF0ZT0iLTEiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNTE3MTAzNDkxOCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjUxNzExMjQ5MTUiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1Mzk0NzQ0ODczIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy8xYzFmYzhmZS1mMjUwLTRhM2EtOTFlYy05ZjkwZTMxYjgyNjU_UDE9MTcxMzgxMDQ2NSZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1jRGVvaFIwTFklMmJJY3dwZWhka1dpcDQ0N3ElMmJOR2FjbENVJTJmRFdBNyUyZlI4WkUwVCUyZmNtSTRpYXcwWE0yRDZ6TXFZWUJoZFJDODRIbFdZZ21kdVd2Q3JQamclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNzIwNzYwODgiIHRvdGFsPSIxNzIwNzYwODgiIGRvd25sb2FkX3RpbWVfbXM9IjE1MzgyIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNTM5NDkxNTE2NSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU0MTAxNjQ4NjUiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY3NTciIHN5c3RlbV91cHRpbWVfdGlja3M9IjU5NTIwMzQ3MzkiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSIxMDE2IiBkb3dubG9hZF90aW1lX21zPSIyMjM3MSIgZG93bmxvYWRlZD0iMTcyMDc2MDg4IiB0b3RhbD0iMTcyMDc2MDg4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI1NDE3NiIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1980,13728572357462611296,2863895499650071456,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1076 /prefetch:2
C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]
"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]" /watchdog
C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]
"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]" /watchdog
C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]
"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]" /watchdog
C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]
"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]" /watchdog
C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]
"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]" /watchdog
C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]
"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]" /main
C:\Windows\SysWOW64\notepad.exe
"C:\Windows\System32\notepad.exe" \note.txt
C:\Windows\SysWOW64\mmc.exe
"C:\Windows\System32\mmc.exe"
C:\Windows\system32\mmc.exe
"C:\Windows\system32\mmc.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://answers.microsoft.com/en-us/protect/forum/protect_other-protect_scanning/memz-malwarevirus-trojan-completely-destroying/268bc1c2-39f4-42f8-90c2-597a673b6b45
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2264 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2920 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4916 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3684 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3688 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4944 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5584 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5584 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5620 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3528 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+get+money
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5732 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=vinesauce+meme+collection
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2292 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+2+remove+a+virus
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5988 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2b4 0x2ec
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6172 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=g3t+r3kt
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5948 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2288 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pcoptimizerpro.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6564 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2276 /prefetch:2
C:\Windows\SysWOW64\mmc.exe
"C:\Windows\system32\mmc.exe" "C:\Windows\System32\devmgmt.msc"
C:\Windows\system32\mmc.exe
"C:\Windows\System32\devmgmt.msc" "C:\Windows\System32\devmgmt.msc"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5288 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6528 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+remove+memz+trojan+virus
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0x104,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6772 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6924 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=minecraft+hax+download+no+virus
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6560 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5576 /prefetch:1
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5D54B371-B849-4A49-A654-28EF4267704E}\BGAUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5D54B371-B849-4A49-A654-28EF4267704E}\BGAUpdate.exe" --edgeupdate-client --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NEQ1QTE4OEUtREY1NS00QUU3LTgyQzgtODVCOTNCRTA3NkYwfSIgdXNlcmlkPSJ7QkJBNTM0OUQtRTdCNy00NzhBLTk2MkQtRkUzQjIzODYxNzA5fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins1QTM2NTJBMC0xMUIyLTRGMzUtQjc0Ny03MTU5RkU0NzYwMDd9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7MUZBQjhDRkUtOTg2MC00MTVDLUE2Q0EtQUE3RDEyMDIxOTQwfSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMi4wLjAuMzMiIGxhbmc9IiIgYnJhbmQ9IkVVRkkiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iLTEiIGluc3RhbGxkYXRlPSItMSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4MTUyODY1OTA4IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODE1MjkwNTg4NCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ3MDIzODM4IiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4NTYzNTI4NTgzIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJkbyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvZGEwMTdkZWEtMzRmOC00YTlmLWEzZmQtMjdmMWI5NTM4NjAwP1AxPTE3MTM4MTA3NjMmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9QzBBazJ2MiUyYkZha3BiVG05JTJmRmU0TTlLdFZMQm9adnFzUkZUS1I4VnJuTCUyZlZ1aTJWNkxNRUxLTjdIZW1WdDBRQzgxYjkxMzNHeG1tQk4lMmZXZlVMN1hoQSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSIwIiBkb3dubG9hZF90aW1lX21zPSIyIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODU2MzU0ODM1MSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvZGEwMTdkZWEtMzRmOC00YTlmLWEzZmQtMjdmMWI5NTM4NjAwP1AxPTE3MTM4MTA3NjMmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9QzBBazJ2MiUyYkZha3BiVG05JTJmRmU0TTlLdFZMQm9adnFzUkZUS1I4VnJuTCUyZlZ1aTJWNkxNRUxLTjdIZW1WdDBRQzgxYjkxMzNHeG1tQk4lMmZXZlVMN1hoQSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE4MDQ3MDA4IiB0b3RhbD0iMTgwNDcwMDgiIGRvd25sb2FkX3RpbWVfbXM9IjM2NTcxIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODU2MzYwODIzOCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijg1Njk3MjQ1NDciIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4NTcxNjA1NjMzIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iNjY4IiBkb3dubG9hZF90aW1lX21zPSI0MTA0OCIgZG93bmxvYWRlZD0iMTgwNDcwMDgiIHRvdGFsPSIxODA0NzAwOCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iMTg3Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pcoptimizerpro.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6820 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=internet+explorer+is+the+best+browser
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6924 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7320 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{F5AEE0E3-268D-47A3-8B98-76424608A832}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{F5AEE0E3-268D-47A3-8B98-76424608A832}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe" /update /sessionid "{201DD439-449E-40FD-A547-911CF1205005}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MjAxREQ0MzktNDQ5RS00MEZELUE1NDctOTExQ0YxMjA1MDA1fSIgdXNlcmlkPSJ7QkJBNTM0OUQtRTdCNy00NzhBLTk2MkQtRkUzQjIzODYxNzA5fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntCNkE0OEY0My0xNzM5LTQwQ0ItOTdGNy05QzU3QTZFRUY3MjJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xODUuMjkiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iSXNPbkludGVydmFsQ29tbWFuZHNBbGxvd2VkPS10YXJnZXRfZGV2O1Byb2R1Y3RzVG9SZWdpc3Rlcj0lN0IxRkFCOENGRS05ODYwLTQxNUMtQTZDQS1BQTdEMTIwMjE5NDAlN0QiIGluc3RhbGxhZ2U9IjMiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijg5MjIwNzY5NjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODkyMjE4NjkzOSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMCIgZXJyb3Jjb2RlPSItMjE0NzAyMzgzOCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODkzMjkyMzMwNiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iZG8iIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzcyZWQ4MDg3LWVlOTgtNDI5Yy05MzMwLWNhM2MxOTNkNDFhZj9QMT0xNzEzODEwODQwJmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PUljZFF3JTJmc0xJb1Bua2FraVMwUjlkNEw2aHdabEJhM290dFlzOGxJTjlLYVM1c0JVTTFMSjBRSFY3UjVWSFJrc0M3TGROMmlpZHBCc2V0emtWZHBQS2clM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIwIiB0b3RhbD0iMCIgZG93bmxvYWRfdGltZV9tcz0iMSIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4OTMyOTMzMzAzIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy83MmVkODA4Ny1lZTk4LTQyOWMtOTMzMC1jYTNjMTkzZDQxYWY_UDE9MTcxMzgxMDg0MCZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1JY2RRdyUyZnNMSW9Qbmtha2lTMFI5ZDRMNmh3WmxCYTNvdHRZczhsSU45S2FTNXNCVU0xTEowUUhWN1I1VkhSa3NDN0xkTjJpaWRwQnNldHprVmRwUEtnJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTYzMDc5MiIgdG90YWw9IjE2MzA3OTIiIGRvd25sb2FkX3RpbWVfbXM9IjEwMDAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODkzMjk1MzIxNCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4OTM4MDc5NDcwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PHBpbmcgcj0iMyIgcmQ9IjYzMTEiIHBpbmdfZnJlc2huZXNzPSJ7RDFEMUZBNzctNEEwOC00NTE0LUJGQkYtMEI5QzgzOEYzQzRFfSIvPjwvYXBwPjxhcHAgYXBwaWQ9Ins1NkVCMThGOC1CMDA4LTRDQkQtQjZEMi04Qzk3RkU3RTkwNjJ9IiB2ZXJzaW9uPSI5Mi4wLjkwMi42NyIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSIzIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1NzY3OTYzNDE4NDc1ODAiPjx1cGRhdGVjaGVjay8-PHBpbmcgYWN0aXZlPSIxIiBhPSIzIiByPSIzIiBhZD0iNjMxMSIgcmQ9IjYzMTEiIHBpbmdfZnJlc2huZXNzPSJ7MTE4NERERUQtQjRFQy00RDU5LTlDRTUtNERCMzI4QkRFNjlDfSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjMuMC4yNDIwLjk3IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMCIgaW5zdGFsbGRhdGU9IjYzMTQiPjx1cGRhdGVjaGVjay8-PHBpbmcgcj0iLTEiIHJkPSItMSIgcGluZ19mcmVzaG5lc3M9Ins1OTlEQzYxNC0xQ0I3LTRERDEtQjBDRi1FMzA2RTY0MkI4MUJ9Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\Temp\EUF669.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EUF669.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{201DD439-449E-40FD-A547-911CF1205005}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MjAxREQ0MzktNDQ5RS00MEZELUE1NDctOTExQ0YxMjA1MDA1fSIgdXNlcmlkPSJ7QkJBNTM0OUQtRTdCNy00NzhBLTk2MkQtRkUzQjIzODYxNzA5fSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7RkRDN0I2QTEtM0Q4My00RUZFLTk0NzAtOTg5MjRBOTUyMURBfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNzEuMzkiIG5leHR2ZXJzaW9uPSIxLjMuMTg1LjI5IiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMyIgaW5zdGFsbGRhdGV0aW1lPSIxNzEyOTIxNTMwIj48ZXZlbnQgZXZlbnR0eXBlPSIzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4OTU5NzI3MDgxIi8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=my+computer+is+doing+weird+things+wtf+is+happenin+plz+halp
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xf8,0x12c,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6256 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2344 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=what+happens+if+you+delete+system32
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x12c,0x130,0x134,0xfc,0x100,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6716 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7560 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=batch+virus+download
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7428 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7868 /prefetch:1
C:\Windows\SysWOW64\regedit.exe
"C:\Windows\System32\regedit.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+code+a+virus+in+visual+basic
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6848 /prefetch:1
C:\Windows\SysWOW64\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+code+a+virus+in+visual+basic
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7544 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=facebook+hacking+tool+free+download+no+virus+working+2016
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8324 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=skrillex+scay+onster+an+nice+sprites+midi
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+get+money
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8868 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8308 /prefetch:1
C:\Windows\SysWOW64\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://softonic.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8464 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9132 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=the+memz+are+real
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x130,0x134,0x138,0x10c,0x13c,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9260 /prefetch:1
C:\Windows\SysWOW64\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=bonzi+buddy+download+free
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0xf8,0x130,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8560 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9428 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=batch+virus+download
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9376 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9396 /prefetch:1
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=montage+parody+making+program+2016
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xfc,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7756 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9812 /prefetch:1
C:\Windows\SysWOW64\regedit.exe
"C:\Windows\System32\regedit.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=john+cena+midi+legit+not+converted
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9624 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+remove+memz+trojan+virus
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0x98,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9356 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9828 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=batch+virus+download
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8468 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9824 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+download+memz
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10288 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9548 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=internet+explorer+is+the+best+browser
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=my+computer+is+doing+weird+things+wtf+is+happenin+plz+halp
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10896 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=half+life+3+release+date
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x120,0x124,0xc8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10356 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RDY3QjJDNjktQ0NCOS00Q0VGLUE0REMtODNGM0NGRTREQ0ZGfSIgdXNlcmlkPSJ7QkJBNTM0OUQtRTdCNy00NzhBLTk2MkQtRkUzQjIzODYxNzA5fSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7ODE3QUE0OTYtRkU0NS00REE5LUFDNjItRDIyNjBCRjE4MENDfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90OyswalVtWWVLdFpBRjVDM2cyMnBCQjVGMFJ5ZHRmMVNIN2Jud3Nub1UrZms9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjExMC4wLjU0ODEuMTA0IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIzIiBpbnN0YWxsZGF0ZXRpbWU9IjE3MTI5MjI1MDkiIG9vYmVfaW5zdGFsbF90aW1lPSIxMzM1NzM5NTEzMDAwMDAwMDAiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIyMTE0MzI0IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjIxNDcyMDcyOSIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11104 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\MicrosoftEdge_X64_123.0.2420.97.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\MicrosoftEdge_X64_123.0.2420.97.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
C:\Windows\SysWOW64\mmc.exe
"C:\Windows\System32\mmc.exe"
C:\Windows\system32\mmc.exe
"C:\Windows\system32\mmc.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\MicrosoftEdge_X64_123.0.2420.97.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.123 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.97 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff7ad94baf8,0x7ff7ad94bb04,0x7ff7ad94bb10
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.123 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.97 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff7ad94baf8,0x7ff7ad94bb04,0x7ff7ad94bb10
C:\Windows\SysWOW64\explorer.exe
"C:\Windows\System32\explorer.exe"
C:\Windows\SysWOW64\control.exe
"C:\Windows\System32\control.exe"
C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+2+buy+weed
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10488 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=my+computer+is+doing+weird+things+wtf+is+happenin+plz+halp
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0x98,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11656 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11384 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+2+remove+a+virus
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11628 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11608 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RDY3QjJDNjktQ0NCOS00Q0VGLUE0REMtODNGM0NGRTREQ0ZGfSIgdXNlcmlkPSJ7QkJBNTM0OUQtRTdCNy00NzhBLTk2MkQtRkUzQjIzODYxNzA5fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntGMTdEM0JFMS1CODg3LTRGNTUtOTM2Qi0xMkNGOUY0N0JFRUV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4NS4yOSIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJJc09uSW50ZXJ2YWxDb21tYW5kc0FsbG93ZWQ9LXRhcmdldF9kZXY7UHJvZHVjdHNUb1JlZ2lzdGVyPSU3QjFGQUI4Q0ZFLTk4NjAtNDE1Qy1BNkNBLUFBN0QxMjAyMTk0MCU3RCIgaW5zdGFsbGFnZT0iMyIgY29ob3J0PSJycmZAMC41OCI-PHVwZGF0ZWNoZWNrLz48cGluZyByZD0iNjMxNCIgcGluZ19mcmVzaG5lc3M9IntBOEYyNzc2QS1FNjExLTQwMDYtODZCMy0yQjhCODVEQTlERjh9Ii8-PC9hcHA-PGFwcCBhcHBpZD0iezU2RUIxOEY4LUIwMDgtNENCRC1CNkQyLThDOTdGRTdFOTA2Mn0iIHZlcnNpb249IjkyLjAuOTAyLjY3IiBuZXh0dmVyc2lvbj0iMTIzLjAuMjQyMC45NyIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSIzIiBpc19waW5uZWRfc3lzdGVtPSJ0cnVlIiBsYXN0X2xhdW5jaF9jb3VudD0iMSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNTc2Nzk5Njc4MzI4OTgwIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjEyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjIzMDcwMDcwNCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjIzMDczMDgzNyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjI3MDkxMDU3OCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjI5MjQxNzQxNSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTI3OTc5MzcxMzgiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSIxMDMwIiBkb3dubG9hZGVkPSIxNzIwNzYwODgiIHRvdGFsPSIxNzIwNzYwODgiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIyIiBpbnN0YWxsX3RpbWVfbXM9IjUwNTQ5Ii8-PHBpbmcgYWN0aXZlPSIxIiBhZD0iNjMxNCIgcmQ9IjYzMTQiIHBpbmdfZnJlc2huZXNzPSJ7ODNEQzZCNkEtREY3Ny00NEMyLUJGQzktREZDNEU2MjU2QUU4fSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjMuMC4yNDIwLjk3IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMCIgaW5zdGFsbGRhdGU9IjYzMTQiIGNvaG9ydD0icnJmQDAuNTkiPjx1cGRhdGVjaGVjay8-PHBpbmcgcmQ9IjYzMTQiIHBpbmdfZnJlc2huZXNzPSJ7MDNCNjk2OEMtM0E0MC00MzIyLUFDNDQtRDgzQzRCOTBGRUFBfSIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=montage+parody+making+program+2016
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0x9c,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10840 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11452 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+create+your+own+ransomware
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11132 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12116 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://play.clubpenguin.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12088 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10088 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=minecraft+hax+download+no+virus
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11516 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=minecraft+hax+download+no+virus
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12516 /prefetch:1
C:\Windows\SysWOW64\mmc.exe
"C:\Windows\system32\mmc.exe" "C:\Windows\System32\devmgmt.msc"
C:\Windows\system32\mmc.exe
"C:\Windows\System32\devmgmt.msc" "C:\Windows\System32\devmgmt.msc"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=john+cena+midi+legit+not+converted
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=is+illuminati+real
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12808 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=vinesauce+meme+collection
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xf8,0x12c,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12672 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+2+remove+a+virus
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0xf8,0x130,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12264 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13208 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+remove+memz+trojan+virus
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13472 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=mcafee+vs+norton
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13576 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13572 /prefetch:1
C:\Windows\SysWOW64\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+create+your+own+ransomware
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13128 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13916 /prefetch:1
C:\Windows\SysWOW64\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\SysWOW64\Taskmgr.exe
"C:\Windows\System32\Taskmgr.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://motherboard.vice.com/read/watch-this-malware-turn-a-computer-into-a-digital-hellscape
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13652 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14380 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14936 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=half+life+3+release+date
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=mcafee+vs+norton
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15620 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pcoptimizerpro.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=vinesauce+meme+collection
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15980 /prefetch:1
C:\Windows\SysWOW64\mmc.exe
"C:\Windows\system32\mmc.exe" "C:\Windows\System32\devmgmt.msc"
C:\Windows\system32\mmc.exe
"C:\Windows\System32\devmgmt.msc" "C:\Windows\System32\devmgmt.msc"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+create+your+own+ransomware
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8376 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=dank+memz
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+send+a+virus+to+my+friend
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+code+a+virus+in+visual+basic
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xfc,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16028 /prefetch:1
C:\Windows\SysWOW64\mmc.exe
"C:\Windows\System32\mmc.exe"
C:\Windows\system32\mmc.exe
"C:\Windows\system32\mmc.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=dank+memz
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15496 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+code+a+virus+in+visual+basic
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0x11c,0x12c,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15196 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+2+remove+a+virus
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=stanky+danky+maymays
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x128,0x12c,0x130,0x104,0x134,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16008 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=half+life+3+release+date
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15744 /prefetch:1
C:\Windows\SysWOW64\mmc.exe
"C:\Windows\system32\mmc.exe" "C:\Windows\System32\devmgmt.msc"
C:\Windows\system32\mmc.exe
"C:\Windows\System32\devmgmt.msc" "C:\Windows\System32\devmgmt.msc"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://answers.microsoft.com/en-us/protect/forum/protect_other-protect_scanning/memz-malwarevirus-trojan-completely-destroying/268bc1c2-39f4-42f8-90c2-597a673b6b45
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15904 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14096 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=134 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14096 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=minecraft+hax+download+no+virus
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=batch+virus+download
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=g3t+r3kt
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=138 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://motherboard.vice.com/read/watch-this-malware-turn-a-computer-into-a-digital-hellscape
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x120,0x124,0xbc,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16108 /prefetch:1
C:\Windows\SysWOW64\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://softonic.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0x40,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+2+remove+a+virus
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=141 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15644 /prefetch:1
C:\Windows\SysWOW64\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+download+memz
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=142 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13592 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=virus+builder+legit+free+download
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=143 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16380 /prefetch:1
C:\Windows\SysWOW64\Taskmgr.exe
"C:\Windows\System32\Taskmgr.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+2+buy+weed
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=144 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11304 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=bonzi+buddy+download+free
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x11c,0xf8,0x120,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=145 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16284 /prefetch:1
C:\Windows\SysWOW64\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://play.clubpenguin.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=146 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15404 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=147 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://play.clubpenguin.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=148 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8052 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=149 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15956 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=150 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12808 /prefetch:1
C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
"C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe"
C:\Windows\splwow64.exe
C:\Windows\splwow64.exe 12288
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k PrintWorkflow -s PrintWorkflowUserSvc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=mcafee+vs+norton
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=151 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=the+memz+are+real
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0x120,0x124,0x11c,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=152 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15824 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+2+buy+weed
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=153 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6684 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=internet+explorer+is+the+best+browser
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=154 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15332 /prefetch:1
C:\Windows\SysWOW64\control.exe
"C:\Windows\System32\control.exe"
C:\Windows\SysWOW64\explorer.exe
"C:\Windows\System32\explorer.exe"
C:\Windows\SysWOW64\mmc.exe
"C:\Windows\System32\mmc.exe"
C:\Windows\system32\mmc.exe
"C:\Windows\system32\mmc.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+2+buy+weed
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xe0,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=155 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14848 /prefetch:1
C:\Windows\SysWOW64\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+send+a+virus+to+my+friend
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=156 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10992 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=my+computer+is+doing+weird+things+wtf+is+happenin+plz+halp
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=157 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16116 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=facebook+hacking+tool+free+download+no+virus+working+2016
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=montage+parody+making+program+2016
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Windows\SysWOW64\control.exe
"C:\Windows\System32\control.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=159 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=my+computer+is+doing+weird+things+wtf+is+happenin+plz+halp
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://softonic.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=160 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16192 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+send+a+virus+to+my+friend
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xf8,0x104,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://answers.microsoft.com/en-us/protect/forum/protect_other-protect_scanning/memz-malwarevirus-trojan-completely-destroying/268bc1c2-39f4-42f8-90c2-597a673b6b45
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0x120,0x124,0xfc,0x128,0x7ffb626846f8,0x7ffb62684708,0x7ffb62684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=161 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=162 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6520 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,7769338099882069609,17762998026772925354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=163 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3544 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | ephemeralcounters.api.roblox.com | udp |
| PL | 128.116.124.4:443 | ephemeralcounters.api.roblox.com | tcp |
| PL | 128.116.124.4:443 | ephemeralcounters.api.roblox.com | tcp |
| US | 8.8.8.8:53 | setup.rbxcdn.qq.com | udp |
| US | 8.8.8.8:53 | 20.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.154.82.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.69.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.124.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.qq.com | udp |
| NL | 23.62.61.194:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| US | 8.8.8.8:53 | setup-ak.rbxcdn.com | udp |
| US | 8.8.8.8:53 | setup-ll.rbxcdn.com | udp |
| US | 8.8.8.8:53 | setup-cfly.rbxcdn.com | udp |
| US | 8.8.8.8:53 | setup-hw.rbxcdn.com | udp |
| US | 8.8.8.8:53 | 233.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.114.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| PL | 128.116.124.4:443 | www.roblox.com | tcp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| NL | 23.63.101.171:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 171.101.63.23.in-addr.arpa | udp |
| PL | 128.116.124.4:443 | www.roblox.com | tcp |
| US | 8.8.8.8:53 | setup-ll.rbxcdn.com | udp |
| PL | 128.116.124.4:443 | www.roblox.com | tcp |
| US | 8.8.8.8:53 | setup-hw.rbxcdn.com | udp |
| NL | 23.63.101.171:443 | setup.rbxcdn.com | tcp |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| NL | 23.62.61.72:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.61.62.23.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| NL | 23.62.61.155:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 21.121.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.61.62.23.in-addr.arpa | udp |
| NL | 23.62.61.72:443 | th.bing.com | tcp |
| NL | 23.62.61.72:443 | th.bing.com | tcp |
| NL | 23.62.61.72:443 | th.bing.com | tcp |
| NL | 23.62.61.72:443 | th.bing.com | tcp |
| NL | 23.62.61.72:443 | th.bing.com | tcp |
| NL | 23.62.61.72:443 | th.bing.com | tcp |
| NL | 23.62.61.155:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 20.190.159.73:443 | login.microsoftonline.com | tcp |
| IE | 20.190.159.73:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | s28667145.weebly.com | udp |
| US | 74.115.51.8:443 | s28667145.weebly.com | tcp |
| US | 74.115.51.8:443 | s28667145.weebly.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| NL | 23.63.101.171:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 73.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.51.115.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn2.editmysite.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 151.101.1.46:443 | cdn2.editmysite.com | tcp |
| US | 151.101.1.46:443 | cdn2.editmysite.com | tcp |
| US | 151.101.1.46:443 | cdn2.editmysite.com | tcp |
| US | 151.101.1.46:443 | cdn2.editmysite.com | tcp |
| US | 151.101.1.46:443 | cdn2.editmysite.com | tcp |
| US | 151.101.1.46:443 | cdn2.editmysite.com | tcp |
| GB | 172.217.16.234:443 | ajax.googleapis.com | tcp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | 46.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fast.fonts.net | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 104.16.40.28:443 | fast.fonts.net | tcp |
| US | 151.101.1.46:443 | cdn2.editmysite.com | udp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | smweebly.pixelbits.io | udp |
| US | 45.79.99.181:443 | smweebly.pixelbits.io | tcp |
| US | 45.79.99.181:443 | smweebly.pixelbits.io | tcp |
| US | 8.8.8.8:53 | ssl.google-analytics.com | udp |
| GB | 216.58.204.72:443 | ssl.google-analytics.com | tcp |
| US | 8.8.8.8:53 | 72.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.33.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 185.199.108.133:443 | user-images.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.113.21:443 | collector.github.com | tcp |
| US | 140.82.113.21:443 | collector.github.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 21.113.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 20.114.58.89:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 89.58.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.f.tlu.dl.delivery.mp.microsoft.com | udp |
| NL | 2.18.121.16:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 16.121.18.2.in-addr.arpa | udp |
| US | 74.115.51.8:443 | s28667145.weebly.com | tcp |
| US | 74.115.51.8:443 | s28667145.weebly.com | tcp |
| NL | 23.62.61.155:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | camo.githubusercontent.com | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 133.111.199.185.in-addr.arpa | udp |
| PL | 128.116.124.4:443 | www.roblox.com | tcp |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | client-telemetry.roblox.com | udp |
| PL | 128.116.124.3:443 | client-telemetry.roblox.com | tcp |
| US | 8.8.8.8:53 | 3.124.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | answers.microsoft.com | udp |
| GB | 104.103.252.222:80 | answers.microsoft.com | tcp |
| GB | 104.103.252.222:80 | answers.microsoft.com | tcp |
| GB | 104.103.252.222:443 | answers.microsoft.com | tcp |
| US | 8.8.8.8:53 | 222.252.103.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 40.126.31.69:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | aadcdn.msftauth.net | udp |
| US | 8.8.8.8:53 | aadcdn.msauth.net | udp |
| US | 152.199.23.37:443 | aadcdn.msftauth.net | tcp |
| US | 8.8.8.8:53 | 69.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.23.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | identity.nel.measure.office.net | udp |
| BE | 2.17.107.176:443 | identity.nel.measure.office.net | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | answers-afd.microsoft.com | udp |
| NL | 72.246.173.187:443 | www.microsoft.com | tcp |
| US | 13.107.246.64:443 | answers-afd.microsoft.com | tcp |
| US | 13.107.246.64:443 | answers-afd.microsoft.com | tcp |
| US | 13.107.246.64:443 | answers-afd.microsoft.com | tcp |
| US | 13.107.246.64:443 | answers-afd.microsoft.com | tcp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | js.monitor.azure.com | udp |
| NL | 72.246.173.187:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | mem.gfx.ms | udp |
| US | 8.8.8.8:53 | consentdeliveryfd.azurefd.net | udp |
| US | 13.107.246.64:443 | consentdeliveryfd.azurefd.net | tcp |
| US | 13.107.246.64:443 | consentdeliveryfd.azurefd.net | tcp |
| US | 13.107.246.64:443 | consentdeliveryfd.azurefd.net | tcp |
| US | 8.8.8.8:53 | 68.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 13.107.246.64:443 | consentdeliveryfd.azurefd.net | tcp |
| US | 8.8.8.8:53 | answersstaticfilecdnv2.azureedge.net | udp |
| US | 13.107.246.64:443 | consentdeliveryfd.azurefd.net | tcp |
| US | 13.107.246.64:443 | consentdeliveryfd.azurefd.net | tcp |
| US | 152.199.21.175:443 | answersstaticfilecdnv2.azureedge.net | tcp |
| US | 152.199.21.175:443 | answersstaticfilecdnv2.azureedge.net | tcp |
| US | 152.199.21.175:443 | answersstaticfilecdnv2.azureedge.net | tcp |
| US | 152.199.21.175:443 | answersstaticfilecdnv2.azureedge.net | tcp |
| US | 152.199.21.175:443 | answersstaticfilecdnv2.azureedge.net | tcp |
| US | 152.199.21.175:443 | answersstaticfilecdnv2.azureedge.net | tcp |
| US | 152.199.21.175:443 | answersstaticfilecdnv2.azureedge.net | tcp |
| US | 8.8.8.8:53 | 48.251.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.21.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | acctcdn.msftauth.net | udp |
| US | 8.8.8.8:53 | acctcdn.msauth.net | udp |
| US | 8.8.8.8:53 | logincdn.msftauth.net | udp |
| US | 152.199.21.175:443 | acctcdn.msftauth.net | tcp |
| US | 192.229.221.185:443 | logincdn.msftauth.net | tcp |
| US | 8.8.8.8:53 | acctcdnmsftuswe2.azureedge.net | udp |
| US | 13.107.246.64:443 | acctcdnmsftuswe2.azureedge.net | tcp |
| US | 8.8.8.8:53 | acctcdnvzeuno.azureedge.net | udp |
| US | 8.8.8.8:53 | lgincdnmsftuswe2.azureedge.net | udp |
| US | 8.8.8.8:53 | lgincdnvzeuno.azureedge.net | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 20.44.10.122:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 185.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.10.44.20.in-addr.arpa | udp |
| US | 20.44.10.122:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | google.co.ck | udp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:80 | www.google.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | support.google.com | udp |
| US | 8.8.8.8:53 | 228.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.178.250.142.in-addr.arpa | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | pcoptimizerpro.com | udp |
| US | 50.63.8.124:80 | pcoptimizerpro.com | tcp |
| US | 50.63.8.124:80 | pcoptimizerpro.com | tcp |
| US | 50.63.8.124:80 | pcoptimizerpro.com | tcp |
| US | 50.63.8.124:80 | pcoptimizerpro.com | tcp |
| US | 50.63.8.124:80 | pcoptimizerpro.com | tcp |
| US | 50.63.8.124:80 | pcoptimizerpro.com | tcp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 20.7.47.135:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 135.47.7.20.in-addr.arpa | udp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| NL | 2.18.121.24:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 24.121.18.2.in-addr.arpa | udp |
| US | 50.63.8.124:80 | pcoptimizerpro.com | tcp |
| US | 50.63.8.124:80 | pcoptimizerpro.com | tcp |
| US | 50.63.8.124:80 | pcoptimizerpro.com | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 20.7.47.135:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | 98.242.123.52.in-addr.arpa | udp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 79.121.231.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | google.co.ck | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | support.google.com | udp |
| US | 8.8.8.8:53 | softonic.com | udp |
| US | 35.227.233.104:80 | softonic.com | tcp |
| US | 35.227.233.104:80 | softonic.com | tcp |
| US | 35.227.233.104:443 | softonic.com | tcp |
| US | 8.8.8.8:53 | 104.233.227.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.softonic.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | images.sftcdn.net | udp |
| US | 8.8.8.8:53 | sdk.privacy-center.org | udp |
| US | 8.8.8.8:53 | assets.sftcdn.net | udp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| US | 151.101.1.91:443 | assets.sftcdn.net | tcp |
| US | 151.101.1.91:443 | assets.sftcdn.net | tcp |
| US | 151.101.1.91:443 | assets.sftcdn.net | tcp |
| DE | 54.230.206.91:443 | sdk.privacy-center.org | tcp |
| US | 151.101.1.91:443 | assets.sftcdn.net | udp |
| US | 8.8.8.8:53 | 8.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.82.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.206.230.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.92.85.52.in-addr.arpa | udp |
| US | 151.101.1.91:443 | assets.sftcdn.net | udp |
| US | 8.8.8.8:53 | notix.io | udp |
| NL | 139.45.197.227:443 | notix.io | tcp |
| DE | 54.230.206.91:443 | sdk.privacy-center.org | udp |
| US | 8.8.8.8:53 | static.site24x7rum.eu | udp |
| DE | 54.230.206.57:443 | static.site24x7rum.eu | tcp |
| US | 8.8.8.8:53 | ampcid.google.com | udp |
| GB | 142.250.180.14:443 | ampcid.google.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 227.197.45.139.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.206.230.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| BE | 64.233.167.156:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 156.167.233.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | identity.nel.measure.office.net | udp |
| BE | 2.17.107.224:443 | identity.nel.measure.office.net | tcp |
| US | 8.8.8.8:53 | 224.107.17.2.in-addr.arpa | udp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 20.7.47.135:443 | msedge.api.cdp.microsoft.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | play.clubpenguin.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | play.clubpenguin.com | udp |
| US | 8.8.8.8:53 | google.co.ck | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | support.google.com | udp |
| US | 8.8.8.8:53 | motherboard.vice.com | udp |
| US | 151.101.2.133:80 | motherboard.vice.com | tcp |
| US | 151.101.2.133:80 | motherboard.vice.com | tcp |
| US | 151.101.2.133:443 | motherboard.vice.com | tcp |
| US | 8.8.8.8:53 | www.vice.com | udp |
| US | 8.8.8.8:53 | 133.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | vice-web-statics-cdn.vice.com | udp |
| US | 8.8.8.8:53 | htlbid.com | udp |
| GB | 3.162.20.84:443 | htlbid.com | tcp |
| US | 151.101.2.133:443 | vice-web-statics-cdn.vice.com | tcp |
| US | 151.101.2.133:443 | vice-web-statics-cdn.vice.com | tcp |
| US | 8.8.8.8:53 | sourcepoint.mgr.consensu.org | udp |
| US | 8.8.8.8:53 | native.sharethrough.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 84.20.162.3.in-addr.arpa | udp |
| GB | 3.162.20.123:443 | native.sharethrough.com | tcp |
| GB | 172.217.16.226:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | vice-dev-web-statics-cdn.vice.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | vice-sundry-assets-cdn.vice.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 8.8.8.8:53 | oembed.vice.com | udp |
| US | 8.8.8.8:53 | images.vice.com | udp |
| US | 35.161.42.1:443 | api.amplitude.com | tcp |
| US | 8.8.8.8:53 | video-images.vice.com | udp |
| US | 8.8.8.8:53 | www.npttech.com | udp |
| US | 104.21.66.34:443 | www.npttech.com | tcp |
| US | 8.8.8.8:53 | cdn.privacy-mgmt.com | udp |
| GB | 18.165.160.7:443 | cdn.privacy-mgmt.com | tcp |
| US | 8.8.8.8:53 | ccpa.sp-prod.net | udp |
| US | 8.8.8.8:53 | widgets.outbrain.com | udp |
| GB | 23.37.1.130:443 | widgets.outbrain.com | tcp |
| GB | 54.230.10.94:443 | ccpa.sp-prod.net | tcp |
| US | 8.8.8.8:53 | widget.sellwild.com | udp |
| US | 8.8.8.8:53 | static.anonymised.io | udp |
| US | 8.8.8.8:53 | 123.20.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.42.161.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.66.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 34.107.217.107:443 | static.anonymised.io | tcp |
| US | 8.8.8.8:53 | 7.160.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | segment-data.zqtk.net | udp |
| GB | 18.172.89.126:443 | widget.sellwild.com | tcp |
| GB | 18.165.160.7:443 | cdn.privacy-mgmt.com | tcp |
| FR | 172.234.63.226:443 | segment-data.zqtk.net | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | sourcepoint.vice.com | udp |
| US | 8.8.8.8:53 | pub.doubleverify.com | udp |
| GB | 18.172.89.14:443 | sourcepoint.vice.com | tcp |
| FR | 172.234.63.226:443 | segment-data.zqtk.net | tcp |
| US | 8.8.8.8:53 | silo50.p7cloud.net | udp |
| US | 8.8.8.8:53 | cdn.confiant-integrations.net | udp |
| US | 8.8.8.8:53 | launchpad-wrapper.privacymanager.io | udp |
| US | 8.8.8.8:53 | scdn.cxense.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 104.18.166.224:443 | pub.doubleverify.com | tcp |
| GB | 13.224.81.28:443 | silo50.p7cloud.net | tcp |
| GB | 18.172.89.9:443 | launchpad-wrapper.privacymanager.io | tcp |
| GB | 3.162.21.19:443 | c.amazon-adsystem.com | tcp |
| US | 172.64.144.166:443 | cdn.confiant-integrations.net | tcp |
| BE | 104.68.95.245:443 | scdn.cxense.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.200.22:443 | i.ytimg.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | sdk.snapkit.com | udp |
| GB | 54.230.10.62:443 | sdk.snapkit.com | tcp |
| US | 8.8.8.8:53 | secure.quantserve.com | udp |
| US | 8.8.8.8:53 | tag.aticdn.net | udp |
| US | 8.8.8.8:53 | trinitymedia.ai | udp |
| US | 34.107.217.107:443 | static.anonymised.io | udp |
| US | 3.218.57.113:443 | trinitymedia.ai | tcp |
| GB | 172.217.16.226:443 | securepubads.g.doubleclick.net | udp |
| GB | 3.162.20.84:443 | tag.aticdn.net | tcp |
| DE | 91.228.74.200:443 | secure.quantserve.com | tcp |
| US | 172.64.144.166:443 | cdn.confiant-integrations.net | udp |
| US | 8.8.8.8:53 | widget-pixels.outbrain.com | udp |
| US | 8.8.8.8:53 | 130.1.37.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.10.230.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.217.107.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.63.234.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.89.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.166.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.89.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.81.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.144.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.89.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.21.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 245.95.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.10.230.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ccpa-service.sp-prod.net | udp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | launchpad.privacymanager.io | udp |
| US | 34.228.3.229:443 | ccpa-service.sp-prod.net | tcp |
| US | 104.18.166.224:443 | pub.doubleverify.com | udp |
| GB | 13.224.81.122:443 | launchpad.privacymanager.io | tcp |
| US | 8.8.8.8:53 | api.cxense.com | udp |
| US | 8.8.8.8:53 | tag.bounceexchange.com | udp |
| US | 8.8.8.8:53 | ams-pageview-public.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | material.anonymised.io | udp |
| US | 8.8.8.8:53 | aegis.anonymised.io | udp |
| US | 8.8.8.8:53 | api.snapkit.com | udp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | udp |
| DE | 167.235.124.23:443 | api.cxense.com | tcp |
| US | 34.117.250.57:443 | material.anonymised.io | tcp |
| US | 8.8.8.8:53 | yield-manager.browsiprod.com | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 35.190.43.134:443 | api.snapkit.com | tcp |
| US | 34.107.217.107:443 | aegis.anonymised.io | tcp |
| US | 8.8.8.8:53 | cdn.browsiprod.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 34.120.253.250:443 | tag.bounceexchange.com | tcp |
| US | 54.231.165.113:443 | ams-pageview-public.s3.amazonaws.com | tcp |
| US | 34.117.250.57:443 | material.anonymised.io | udp |
| US | 8.8.8.8:53 | live.primis.tech | udp |
| US | 8.8.8.8:53 | rules.quantcount.com | udp |
| GB | 18.172.93.140:443 | aax.amazon-adsystem.com | tcp |
| GB | 142.250.187.225:443 | yt3.ggpht.com | tcp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | tcp |
| GB | 3.162.20.127:443 | cdn.browsiprod.com | tcp |
| GB | 142.250.179.230:443 | static.doubleclick.net | tcp |
| US | 13.33.52.7:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | js.gumgum.com | udp |
| US | 8.8.8.8:53 | vd.trinitymedia.ai | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| GB | 13.224.81.62:443 | yield-manager.browsiprod.com | tcp |
| GB | 172.217.16.238:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | 113.57.218.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.3.228.34.in-addr.arpa | udp |
| GB | 142.250.179.230:443 | static.doubleclick.net | tcp |
| GB | 3.162.20.127:443 | cdn.browsiprod.com | tcp |
| GB | 13.224.81.62:443 | yield-manager.browsiprod.com | tcp |
| US | 8.8.8.8:53 | 122.81.224.13.in-addr.arpa | udp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | tcp |
| US | 34.107.217.107:443 | aegis.anonymised.io | udp |
| US | 8.8.8.8:53 | geo.privacymanager.io | udp |
| US | 8.8.8.8:53 | logws1330.ati-host.net | udp |
| US | 8.8.8.8:53 | pd.cdnwidget.com | udp |
| GB | 142.250.187.225:443 | yt3.ggpht.com | tcp |
| US | 13.33.52.7:443 | config.aps.amazon-adsystem.com | tcp |
| GB | 18.172.93.140:443 | aax.amazon-adsystem.com | tcp |
| GB | 172.217.16.238:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | api.bounceexchange.com | udp |
| US | 8.8.8.8:53 | assets.bounceexchange.com | udp |
| GB | 54.192.34.136:443 | logws1330.ati-host.net | tcp |
| US | 35.190.43.134:443 | api.snapkit.com | udp |
| GB | 18.172.89.18:443 | rules.quantcount.com | tcp |
| US | 8.8.8.8:53 | data.cdnbasket.net | udp |
| US | 34.111.8.32:443 | api.bounceexchange.com | tcp |
| US | 34.149.130.207:443 | pd.cdnwidget.com | tcp |
| GB | 13.224.81.105:443 | geo.privacymanager.io | tcp |
| US | 8.8.8.8:53 | events.bouncex.net | udp |
| GB | 18.165.160.95:443 | js.gumgum.com | tcp |
| US | 104.22.53.86:443 | cdn.id5-sync.com | tcp |
| GB | 18.172.89.42:443 | live.primis.tech | tcp |
| GB | 143.244.38.136:443 | vd.trinitymedia.ai | tcp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | udp |
| US | 34.98.72.95:443 | assets.bounceexchange.com | tcp |
| US | 8.8.8.8:53 | events.browsiprod.com | udp |
| US | 8.8.8.8:53 | page.cdnbasket.net | udp |
| US | 8.8.8.8:53 | view.cdnbasket.net | udp |
| US | 54.69.143.81:443 | events.browsiprod.com | tcp |
| US | 54.69.143.81:443 | events.browsiprod.com | tcp |
| GB | 172.217.16.238:443 | fundingchoicesmessages.google.com | udp |
| US | 54.69.143.81:443 | events.browsiprod.com | tcp |
| GB | 3.162.20.127:443 | cdn.browsiprod.com | tcp |
| US | 54.69.143.81:443 | events.browsiprod.com | tcp |
| US | 8.8.8.8:53 | g2.gumgum.com | udp |
| US | 8.8.8.8:53 | c.gumgum.com | udp |
| US | 34.98.72.95:443 | assets.bounceexchange.com | udp |
| US | 13.33.52.15:443 | aba.gumgum.com | tcp |
| US | 8.8.8.8:53 | gumgum.com | udp |
| GB | 54.230.10.26:443 | c.gumgum.com | tcp |
| GB | 18.165.160.95:443 | js.gumgum.com | tcp |
| IE | 52.17.97.65:443 | g2.gumgum.com | tcp |
| US | 8.8.8.8:53 | 23.124.235.167.in-addr.arpa | udp |
| GB | 3.162.20.54:443 | gumgum.com | tcp |
| US | 8.8.8.8:53 | 57.250.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.43.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 250.253.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.165.231.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.93.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.52.33.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 127.20.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.81.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.34.192.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.8.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.130.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.89.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.38.244.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.81.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.53.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.160.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.89.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.72.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.143.69.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.52.33.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.10.230.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.97.17.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ai.browsiprod.com | udp |
| GB | 3.162.20.5:443 | ai.browsiprod.com | tcp |
| GB | 3.162.20.5:443 | ai.browsiprod.com | tcp |
| US | 8.8.8.8:53 | demand-engine.browsiprod.com | udp |
| GB | 3.162.20.113:443 | demand-engine.browsiprod.com | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | 5.20.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.20.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.20.162.3.in-addr.arpa | udp |
| US | 54.69.143.81:443 | events.browsiprod.com | tcp |
| US | 8.8.8.8:53 | comcluster.cxense.com | udp |
| DE | 167.235.124.59:443 | comcluster.cxense.com | tcp |
| US | 54.69.143.81:443 | events.browsiprod.com | tcp |
| GB | 143.244.38.136:443 | vd.trinitymedia.ai | tcp |
| US | 8.8.8.8:53 | 59.124.235.167.in-addr.arpa | udp |
| GB | 172.217.16.238:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | ua.p7cloud.net | udp |
| GB | 18.172.89.12:443 | ua.p7cloud.net | tcp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| US | 104.18.166.224:443 | pub.doubleverify.com | udp |
| US | 8.8.8.8:53 | d2tbszkvx1p56e.cloudfront.net | udp |
| US | 8.8.8.8:53 | depart.trinitymedia.ai | udp |
| GB | 52.84.136.49:443 | d2tbszkvx1p56e.cloudfront.net | tcp |
| DE | 18.185.185.216:443 | depart.trinitymedia.ai | tcp |
| US | 8.8.8.8:53 | location.p7cloud.net | udp |
| GB | 3.162.20.33:443 | location.p7cloud.net | tcp |
| US | 8.8.8.8:53 | 12.89.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.136.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.185.185.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | js-agent.newrelic.com | udp |
| US | 162.247.243.39:443 | js-agent.newrelic.com | tcp |
| US | 162.247.243.39:443 | js-agent.newrelic.com | tcp |
| US | 8.8.8.8:53 | 33.20.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.243.247.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bam.nr-data.net | udp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 8.8.8.8:53 | 29.243.247.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | synchrobox.adswizz.com | udp |
| US | 8.8.8.8:53 | playerservices.live.streamtheworld.com | udp |
| US | 8.8.8.8:53 | entravision.deliveryengine.adswizz.com | udp |
| US | 8.8.8.8:53 | audioad.zenomedia.com | udp |
| US | 8.8.8.8:53 | yieldopt.spreaker.com | udp |
| US | 8.8.8.8:53 | optimized-by.rubiconproject.com | udp |
| US | 8.8.8.8:53 | api.tsbluebox.com | udp |
| US | 8.8.8.8:53 | cmod587.live.streamtheworld.com | udp |
| US | 8.8.8.8:53 | vast.adtonos.com | udp |
| IE | 34.248.31.5:443 | synchrobox.adswizz.com | tcp |
| CA | 15.235.86.240:443 | audioad.zenomedia.com | tcp |
| GB | 18.165.160.62:443 | yieldopt.spreaker.com | tcp |
| GB | 3.162.20.24:443 | entravision.deliveryengine.adswizz.com | tcp |
| IE | 54.170.32.25:443 | api.tsbluebox.com | tcp |
| GB | 54.38.209.27:443 | vast.adtonos.com | tcp |
| CA | 192.173.29.77:443 | playerservices.live.streamtheworld.com | tcp |
| DE | 3.126.222.23:443 | optimized-by.rubiconproject.com | tcp |
| FR | 192.173.31.108:443 | cmod587.live.streamtheworld.com | tcp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 35.227.252.103:443 | rtb.openx.net | tcp |
| NL | 213.19.162.21:443 | fastlane.rubiconproject.com | tcp |
| DE | 3.126.222.23:443 | optimized-by.rubiconproject.com | tcp |
| NL | 145.40.97.67:443 | prebid.a-mo.net | tcp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| IE | 52.17.97.65:443 | g2.gumgum.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| GB | 13.224.81.46:443 | hb.yellowblue.io | tcp |
| US | 8.8.8.8:53 | 5.31.248.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.209.38.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.160.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.20.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.29.173.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.86.235.15.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.252.227.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.97.40.145.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.31.173.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.222.126.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.162.19.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.81.224.13.in-addr.arpa | udp |
| CA | 192.173.29.77:443 | playerservices.live.streamtheworld.com | tcp |
| US | 8.8.8.8:53 | vast-adapter.adtonos.com | udp |
| GB | 54.38.209.28:443 | vast-adapter.adtonos.com | tcp |
| US | 8.8.8.8:53 | timmedia.deliveryengine.adswizz.com | udp |
| US | 8.8.8.8:53 | play.adtonos.com | udp |
| GB | 18.172.89.52:443 | timmedia.deliveryengine.adswizz.com | tcp |
| GB | 51.89.155.117:443 | play.adtonos.com | tcp |
| US | 8.8.8.8:53 | delivery-cdn-cf.adswizz.com | udp |
| US | 8.8.8.8:53 | yield-op-idsync.live.streamtheworld.com | udp |
| GB | 13.224.81.126:443 | delivery-cdn-cf.adswizz.com | tcp |
| CA | 192.173.29.84:443 | yield-op-idsync.live.streamtheworld.com | tcp |
| US | 34.111.8.32:443 | events.bouncex.net | tcp |
| US | 8.8.8.8:53 | 52.89.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.209.38.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.81.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.155.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.29.173.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | firebaseremoteconfig.googleapis.com | udp |
| US | 8.8.8.8:53 | synchroscript.deliveryengine.adswizz.com | udp |
| GB | 3.162.20.127:443 | synchroscript.deliveryengine.adswizz.com | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| GB | 23.37.0.235:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | firebaselogging.googleapis.com | udp |
| US | 8.8.8.8:53 | check.analytics.rlcdn.com | udp |
| US | 8.8.8.8:53 | api.rlcdn.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| GB | 54.230.10.87:443 | check.analytics.rlcdn.com | tcp |
| US | 34.120.133.55:443 | api.rlcdn.com | tcp |
| DE | 162.19.138.118:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | 87.10.230.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 235.0.37.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.133.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pcoptimizerpro.com | udp |
| US | 50.63.8.124:80 | pcoptimizerpro.com | tcp |
| US | 50.63.8.124:80 | pcoptimizerpro.com | tcp |
| US | 50.63.8.124:80 | pcoptimizerpro.com | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| DE | 18.185.185.216:443 | depart.trinitymedia.ai | tcp |
| GB | 18.165.160.62:443 | yieldopt.spreaker.com | udp |
| FR | 192.173.31.108:443 | cmod587.live.streamtheworld.com | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 8.8.8.8:53 | silo50.p7cloud.net | udp |
| GB | 13.224.81.28:443 | silo50.p7cloud.net | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 142.250.178.4:80 | www.google.com | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| GB | 13.224.81.28:443 | silo50.p7cloud.net | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 142.250.178.4:80 | www.google.com | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 142.250.178.4:80 | www.google.com | tcp |
| GB | 13.224.81.28:443 | silo50.p7cloud.net | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 142.250.178.4:80 | www.google.com | tcp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | answers.microsoft.com | udp |
| GB | 104.103.252.222:443 | answers.microsoft.com | tcp |
| US | 8.8.8.8:53 | answersstaticfilecdnv2.azureedge.net | udp |
| US | 152.199.21.175:443 | answersstaticfilecdnv2.azureedge.net | tcp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 20.190.159.73:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 20.189.173.4:443 | browser.events.data.microsoft.com | tcp |
| US | 20.189.173.4:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | acctcdn.msftauth.net | udp |
| US | 8.8.8.8:53 | acctcdn.msauth.net | udp |
| US | 8.8.8.8:53 | logincdn.msftauth.net | udp |
| US | 8.8.8.8:53 | 4.173.189.20.in-addr.arpa | udp |
| US | 152.199.21.175:443 | acctcdn.msftauth.net | tcp |
| US | 13.107.246.64:443 | acctcdn.msauth.net | tcp |
| US | 192.229.221.185:443 | logincdn.msftauth.net | tcp |
| US | 8.8.8.8:53 | acctcdnvzeuno.azureedge.net | udp |
| US | 8.8.8.8:53 | lgincdnmsftuswe2.azureedge.net | udp |
| US | 8.8.8.8:53 | acctcdnmsftuswe2.azureedge.net | udp |
| US | 8.8.8.8:53 | lgincdnvzeuno.azureedge.net | udp |
| US | 8.8.8.8:53 | mem.gfx.ms | udp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:80 | www.google.com | tcp |
| US | 20.189.173.4:443 | browser.events.data.microsoft.com | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 142.250.178.4:80 | www.google.com | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 142.250.178.4:80 | www.google.com | tcp |
| US | 8.8.8.8:53 | motherboard.vice.com | udp |
| US | 151.101.2.133:443 | motherboard.vice.com | tcp |
| US | 8.8.8.8:53 | www.vice.com | udp |
| US | 8.8.8.8:53 | sourcepoint.mgr.consensu.org | udp |
| US | 8.8.8.8:53 | native.sharethrough.com | udp |
| GB | 172.217.16.226:443 | securepubads.g.doubleclick.net | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| GB | 3.162.20.48:443 | native.sharethrough.com | tcp |
| US | 151.101.2.133:443 | www.vice.com | tcp |
| US | 8.8.8.8:53 | images.vice.com | udp |
| US | 44.239.181.141:443 | api.amplitude.com | tcp |
| US | 8.8.8.8:53 | vice-web-statics-cdn.vice.com | udp |
| US | 8.8.8.8:53 | vice-dev-web-statics-cdn.vice.com | udp |
| US | 8.8.8.8:53 | vice-sundry-assets-cdn.vice.com | udp |
| US | 8.8.8.8:53 | htlbid.com | udp |
| US | 151.101.2.133:443 | vice-sundry-assets-cdn.vice.com | tcp |
| US | 8.8.8.8:53 | oembed.vice.com | udp |
| GB | 3.162.20.126:443 | htlbid.com | tcp |
| US | 8.8.8.8:53 | trinitymedia.ai | udp |
| US | 52.7.64.36:443 | trinitymedia.ai | tcp |
| US | 8.8.8.8:53 | cdn.privacy-mgmt.com | udp |
| GB | 18.165.160.7:443 | cdn.privacy-mgmt.com | tcp |
| US | 8.8.8.8:53 | widgets.outbrain.com | udp |
| US | 8.8.8.8:53 | 48.20.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.181.239.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.20.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sourcepoint.vice.com | udp |
| US | 8.8.8.8:53 | pub.doubleverify.com | udp |
| GB | 18.172.89.15:443 | sourcepoint.vice.com | tcp |
| US | 8.8.8.8:53 | api.snapkit.com | udp |
| FR | 172.234.63.226:443 | segment-data.zqtk.net | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | silo50.p7cloud.net | udp |
| US | 104.18.166.224:443 | pub.doubleverify.com | udp |
| GB | 13.224.81.39:443 | silo50.p7cloud.net | tcp |
| US | 35.190.43.134:443 | api.snapkit.com | udp |
| GB | 216.58.212.238:443 | www.youtube.com | udp |
| GB | 3.162.21.19:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 104.18.166.224:443 | pub.doubleverify.com | udp |
| GB | 142.250.200.22:443 | i.ytimg.com | udp |
| US | 104.18.166.224:443 | pub.doubleverify.com | tcp |
| US | 8.8.8.8:53 | material.anonymised.io | udp |
| US | 34.107.217.107:443 | aegis.anonymised.io | udp |
| US | 34.107.217.107:443 | aegis.anonymised.io | tcp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | udp |
| US | 34.117.250.57:443 | material.anonymised.io | udp |
| US | 8.8.8.8:53 | 36.64.7.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.89.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.81.224.13.in-addr.arpa | udp |
| GB | 142.250.187.202:443 | firebaselogging.googleapis.com | udp |
| US | 8.8.8.8:53 | logws1330.ati-host.net | udp |
| US | 8.8.8.8:53 | events.browsiprod.com | udp |
| GB | 54.192.34.136:443 | logws1330.ati-host.net | tcp |
| DE | 167.235.124.23:443 | api.cxense.com | tcp |
| US | 8.8.8.8:53 | yield-manager.browsiprod.com | udp |
| US | 54.68.245.50:443 | events.browsiprod.com | tcp |
| GB | 172.217.16.238:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| GB | 13.224.81.62:443 | yield-manager.browsiprod.com | tcp |
| US | 8.8.8.8:53 | live.primis.tech | udp |
| US | 8.8.8.8:53 | ams-pageview-public.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | tag.bounceexchange.com | udp |
| GB | 3.162.16.219:443 | aax.amazon-adsystem.com | tcp |
| GB | 3.162.16.219:443 | aax.amazon-adsystem.com | tcp |
| GB | 18.172.89.123:443 | live.primis.tech | udp |
| US | 8.8.8.8:53 | ccpa-service.sp-prod.net | udp |
| US | 8.8.8.8:53 | g2.gumgum.com | udp |
| US | 34.120.253.250:443 | tag.bounceexchange.com | udp |
| US | 8.8.8.8:53 | aba.gumgum.com | udp |
| US | 8.8.8.8:53 | c.gumgum.com | udp |
| US | 52.216.205.179:443 | ams-pageview-public.s3.amazonaws.com | tcp |
| US | 52.216.205.179:443 | ams-pageview-public.s3.amazonaws.com | tcp |
| US | 13.33.52.15:443 | aba.gumgum.com | tcp |
| GB | 54.230.10.47:443 | c.gumgum.com | tcp |
| US | 8.8.8.8:53 | gumgum.com | udp |
| US | 34.228.3.229:443 | ccpa-service.sp-prod.net | tcp |
| US | 8.8.8.8:53 | js.gumgum.com | udp |
| US | 34.228.3.229:443 | ccpa-service.sp-prod.net | tcp |
| GB | 18.165.160.95:443 | js.gumgum.com | tcp |
| IE | 34.240.94.244:443 | g2.gumgum.com | tcp |
| GB | 3.162.20.56:443 | gumgum.com | tcp |
| US | 34.149.130.207:443 | pd.cdnwidget.com | tcp |
| US | 8.8.8.8:53 | api.bounceexchange.com | udp |
| US | 8.8.8.8:53 | 50.245.68.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 219.16.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.89.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.10.230.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 179.205.216.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | assets.bounceexchange.com | udp |
| US | 34.111.8.32:443 | api.bounceexchange.com | tcp |
| US | 8.8.8.8:53 | 56.20.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.94.240.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | depart.trinitymedia.ai | udp |
| DE | 18.185.185.216:443 | depart.trinitymedia.ai | tcp |
| US | 8.8.8.8:53 | ai.browsiprod.com | udp |
| US | 8.8.8.8:53 | demand-engine.browsiprod.com | udp |
| GB | 3.162.20.5:443 | ai.browsiprod.com | tcp |
| GB | 3.162.20.111:443 | demand-engine.browsiprod.com | tcp |
| US | 8.8.8.8:53 | bam.nr-data.net | udp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 8.8.8.8:53 | 111.20.162.3.in-addr.arpa | udp |
| GB | 172.217.16.238:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| US | 142.250.189.227:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | 227.189.250.142.in-addr.arpa | udp |
| US | 20.189.173.4:443 | browser.events.data.microsoft.com | tcp |
| GB | 51.89.155.117:443 | play.adtonos.com | tcp |
| US | 8.8.8.8:53 | synchrobox.adswizz.com | udp |
| IE | 34.248.31.5:443 | synchrobox.adswizz.com | tcp |
| CA | 192.173.29.77:443 | playerservices.live.streamtheworld.com | tcp |
| US | 8.8.8.8:53 | synchroscript.deliveryengine.adswizz.com | udp |
| GB | 3.162.20.77:443 | synchroscript.deliveryengine.adswizz.com | tcp |
| US | 8.8.8.8:53 | 77.20.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | yield-op-idsync.live.streamtheworld.com | udp |
| US | 208.80.55.239:443 | yield-op-idsync.live.streamtheworld.com | tcp |
| IE | 34.240.94.244:443 | g2.gumgum.com | tcp |
| GB | 18.165.160.7:443 | js.gumgum.com | tcp |
| US | 8.8.8.8:53 | 239.55.80.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 35.227.252.103:443 | rtb.openx.net | udp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| IE | 34.240.94.244:443 | g2.gumgum.com | tcp |
| NL | 213.19.162.21:443 | fastlane.rubiconproject.com | tcp |
| NL | 145.40.97.66:443 | prebid.a-mo.net | tcp |
| GB | 13.224.81.52:443 | hb.yellowblue.io | tcp |
| US | 8.8.8.8:53 | 66.97.40.145.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.81.224.13.in-addr.arpa | udp |
| US | 34.111.8.32:443 | api.bounceexchange.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| DE | 162.19.138.118:443 | id5-sync.com | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 8.8.8.8:53 | softonic.com | udp |
| US | 35.227.233.104:443 | softonic.com | udp |
| US | 8.8.8.8:53 | www.softonic.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | sdk.privacy-center.org | udp |
| US | 8.8.8.8:53 | images.sftcdn.net | udp |
| GB | 18.165.160.52:443 | sdk.privacy-center.org | udp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| US | 8.8.8.8:53 | 52.160.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | notix.io | udp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| US | 8.8.8.8:53 | static.site24x7rum.eu | udp |
| GB | 18.165.160.95:443 | static.site24x7rum.eu | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| BE | 64.233.167.157:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.197.45.139.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.167.233.64.in-addr.arpa | udp |
| US | 54.68.245.50:443 | events.browsiprod.com | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| DE | 167.235.124.59:443 | comcluster.cxense.com | tcp |
| GB | 13.224.81.39:443 | silo50.p7cloud.net | tcp |
| US | 54.68.245.50:443 | events.browsiprod.com | tcp |
| GB | 13.224.81.39:443 | silo50.p7cloud.net | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 142.250.178.4:80 | www.google.com | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| GB | 13.224.81.39:443 | silo50.p7cloud.net | tcp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 142.250.178.4:80 | www.google.com | tcp |
| GB | 13.224.81.39:443 | silo50.p7cloud.net | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 142.250.178.4:80 | www.google.com | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| GB | 13.224.81.39:443 | silo50.p7cloud.net | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 142.250.178.4:80 | www.google.com | tcp |
| US | 8.8.8.8:53 | silo50.p7cloud.net | udp |
| GB | 13.224.81.68:443 | silo50.p7cloud.net | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 8.8.8.8:53 | 68.81.224.13.in-addr.arpa | udp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| GB | 13.224.81.68:443 | silo50.p7cloud.net | tcp |
| US | 8.8.8.8:53 | 150.1.37.23.in-addr.arpa | udp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| GB | 13.224.81.68:443 | silo50.p7cloud.net | tcp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | play.clubpenguin.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| GB | 13.224.81.68:443 | silo50.p7cloud.net | tcp |
| US | 8.8.8.8:53 | play.clubpenguin.com | udp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 8.8.8.8:53 | google.co.ck | udp |
| GB | 142.250.178.4:80 | www.google.com | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | support.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 142.250.178.4:80 | www.google.com | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| GB | 13.224.81.68:443 | silo50.p7cloud.net | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| GB | 13.224.81.68:443 | silo50.p7cloud.net | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 142.250.178.4:80 | www.google.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 216.58.212.194:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 194.212.58.216.in-addr.arpa | udp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 8.8.8.8:53 | silo50.p7cloud.net | udp |
| GB | 13.224.81.15:443 | silo50.p7cloud.net | tcp |
| US | 8.8.8.8:53 | 15.81.224.13.in-addr.arpa | udp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 142.250.178.4:80 | www.google.com | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| GB | 13.224.81.15:443 | silo50.p7cloud.net | tcp |
| US | 8.8.8.8:53 | depart.trinitymedia.ai | udp |
| DE | 3.71.141.200:443 | depart.trinitymedia.ai | tcp |
| US | 8.8.8.8:53 | 200.141.71.3.in-addr.arpa | udp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:80 | www.google.com | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 142.250.178.4:80 | www.google.com | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 142.250.178.4:80 | www.google.com | tcp |
| GB | 142.250.178.4:80 | www.google.com | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| GB | 13.224.81.15:443 | silo50.p7cloud.net | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 142.250.178.4:80 | www.google.com | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 8.8.8.8:53 | softonic.com | udp |
| US | 35.227.233.104:443 | softonic.com | udp |
| US | 35.227.233.104:443 | softonic.com | udp |
| US | 35.227.233.104:443 | softonic.com | udp |
| US | 8.8.8.8:53 | assets.sftcdn.net | udp |
| US | 151.101.1.91:443 | assets.sftcdn.net | udp |
| US | 8.8.8.8:53 | sdk.privacy-center.org | udp |
| US | 8.8.8.8:53 | images.sftcdn.net | udp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| GB | 18.165.160.104:443 | sdk.privacy-center.org | udp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| US | 8.8.8.8:53 | static.site24x7rum.eu | udp |
| GB | 18.165.160.95:443 | static.site24x7rum.eu | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| BE | 64.233.167.156:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 104.160.165.18.in-addr.arpa | udp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 142.250.178.4:80 | www.google.com | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 8.8.8.8:53 | answers.microsoft.com | udp |
| CZ | 104.64.172.89:443 | answers.microsoft.com | tcp |
| US | 8.8.8.8:53 | 89.172.64.104.in-addr.arpa | udp |
| US | 152.199.21.175:443 | acctcdnvzeuno.azureedge.net | tcp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| NL | 20.190.160.17:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 17.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 20.189.173.8:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 136.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.173.189.20.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UWH9JMJW\PCClientBootstrapper[1].json
| MD5 | 3408487b371d99d352f929d68b280d35 |
| SHA1 | ab8ec8d5adaa7bb2e060daf9b446c842d0305d11 |
| SHA256 | afd47f1fdd335e83a28b433ecdb7e6f826072980625596087292464d46f7267c |
| SHA512 | 91b7abca268e21da50ec5ca9f4aec2076863eb3f318b8fb07d7fe2a010fe876d541111560e754e015ce546a4a98309d64165f5cb5ea6746aa97be7acf1cf2df6 |
C:\Users\Admin\AppData\Local\Temp\crashpad_roblox\settings.dat
| MD5 | 9417b96552624becd79d2cba0cd26d8b |
| SHA1 | a9289973dfdf26f8de148af9ddfd0bd8807b3927 |
| SHA256 | 15ddcf0cd03d731a5b9ae3564bcdae323e127a2d543e21d2dbf02e130e81a9b9 |
| SHA512 | 9edfc497ff200485226d996c31bc38f7804466be8979c0e9f0e35b0e4f255f8733f1fa4095c85e3cc85c159ba89949e84e79579567a442389d04b996eab60c70 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B2FAF7692FD9FFBD64EDE317E42334BA_D7393C8F62BDE4D4CB606228BC7A711E
| MD5 | 8d4355513fb93cf593c4424b6612117c |
| SHA1 | 1aa6714d01fbf97324c53afbc2f47654aa44b260 |
| SHA256 | 50fcb7233d4f8d0ea75ff5e94edbc0e93b55c72a6bbd4a7ebd0adc3929b47379 |
| SHA512 | bdb65e0b8e2ce0c42b2deb289f71bdb3d4476eac2e4c3c01d072f48af243058989f1ecbff5e8ad705089d9064aa6dca3943820b095c03f69af02a6f490e48b3f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_D7393C8F62BDE4D4CB606228BC7A711E
| MD5 | 0eaaf3aecca91ddced85269e36a636d5 |
| SHA1 | 7d7b0b4292e941549066c6c4af145300309a393a |
| SHA256 | be72880f1e4a634fa97cdb53b112ff5e3d37c3b85e0bb1a8c2290753256f4cd1 |
| SHA512 | edbe0bfcd1c1e517e852671963bf6cffcfae3cd0f5a0872e0898cf02ae8157b775e6d62bd92f4d410c06558cd7024cef5b6ad905478663d6edda5f4946080757 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\07CEF2F654E3ED6050FFC9B6EB844250_BACC6CD2B29F18349081C9FD2343833B
| MD5 | 9c7cbb469bd81560fcf86f79dd9171a5 |
| SHA1 | 03f817056e75d10ed8a0d1fdf1533cbd268a960e |
| SHA256 | 8a18474d6aeb13070e491bd63392017664bb61008b73578669f8407aefb7e965 |
| SHA512 | b0afda6195fe20412ec70b35a0cef114aecd578470c6e1b35b8a56a85f5fbe631c448e51e50b2a7f8f2dae81d957b18bf59002628de518c1f9260b5fcdca8ae9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\07CEF2F654E3ED6050FFC9B6EB844250_BACC6CD2B29F18349081C9FD2343833B
| MD5 | 2fd3f7e21e238ee9fc40d1e65ea25c95 |
| SHA1 | fa89f7c197b8a732666c4c72dbb53b09be1ad9fe |
| SHA256 | 4e9cf2c832260e9c433020719b5d6e41f3f6432acffc78bf408751f4b58d0964 |
| SHA512 | 4582b08bd25378583b56a5fbaadd93efe5dfcb34a8d77a7ca8ef7bb84a438bc80d0c828d4fcf290fb8c24a091db739b14e0477a515bfcbd0758f8231ba490ce6 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\ZYT37G6S\BatchIncrement[1].json
| MD5 | bedbf7d7d69748886e9b48f45c75fbbe |
| SHA1 | aa0789d89bfbd44ca1bffe83851af95b6afb012c |
| SHA256 | b4a55cfd050f4a62b1c4831ca0ab6ffadde1fe1c3f583917eade12f8c6726f61 |
| SHA512 | 7dde268af9a2c678be8ec818ea4f12619ecc010cba39b4998d833602b42de505d36371393f33709c2eca788bc8c93634a4fd6bec29452098dbb2317f4c8847f6 |
C:\Users\Admin\AppData\Local\Temp\RBX-0332FA83\RobloxPlayerLauncher.exe
| MD5 | f3b8e82c20c4bb3f94a2d7bcd2a82cd1 |
| SHA1 | 89618596be7cb90317eaaf2d09b05d522d008260 |
| SHA256 | 7de6a5a45227b0f21ac7dd50af250e37f20b8bf2d6f4aa53a7f643d77515bd07 |
| SHA512 | 82f15e37366efd29879add4f50cedbdc27d4eb885e190dd54c8e89787b51d59ccc21473f431292da679c7e8aa7cf2d0ce7219e1503d59a0f356e078f9feece55 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\ITM01P8V\WindowsPlayer[1].json
| MD5 | f47298efbd3da58c579bee4a37a85411 |
| SHA1 | 8a73b0aa7568170ec895fc60cb50788cf6332f10 |
| SHA256 | f533385bd2d50355d9b2b83b81fb12ac534058675d9793d45735920e9d8fd975 |
| SHA512 | b7329ba6ca54109e3bc6afc7455fe808e4b9c52522051dd7b4c521276c859a8e702b507de23d4420ce0b9d1e726755ead840b195be4f8a3b0aa70f56abd097c0 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\ZYT37G6S\version-8950870ea20941f9-rbxPkgManifest[1].txt
| MD5 | 65403352c25601afb3dfe6e6c6da6b1d |
| SHA1 | d5a579bb91f1d8ea55b0681df83a72fb783bf1db |
| SHA256 | 819a02c39d3c07e4dfa43830bfd2be2deab7a1846e0f2651c954b633e8a173e4 |
| SHA512 | 90113893bdf21e2705fe9ea640270cd181704ffc24eeffcd7d8dfc099418665251726c88bfe0f4434d593752ad76e1b069d4759a0147397a26ec2d5f55c10c71 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04
| MD5 | 17965f5ac37a3d2a0e07c0d41f7d4196 |
| SHA1 | b82ccf16459772f471d2fe330dd3376d09bb6eec |
| SHA256 | 819ce2088812aa36c3ab0ad9884d57ce81db03be13aa1200c9ea6abe06d5f9d1 |
| SHA512 | 0b84bbac81ace00a670ad65cc73edb6cd87234dc795d03263f1d4dacef440fbc424544ab1d3fa97b8766b01b44fdcef92f2ac9b0b258059fc223175b8f497492 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04
| MD5 | 0da787cddd7d10fb7c1069423ab54f9d |
| SHA1 | d38e08464207635deecb7fceec22c9012d1e13b6 |
| SHA256 | f3553824bf4eee3f0be08361c9595241d353e522b9aa9fbbdd5d5780d62b0727 |
| SHA512 | b3432b8b95112bbf6eced14cc713eebd592071910bb4d4a8158d30d5229e5fae378bc9f0ad6e6c906e6e6870b0327ce5a123372253aaaa00d661d1814f588b99 |
C:\Program Files (x86)\Roblox\Versions\RobloxStudioLauncherBeta.exe
| MD5 | 683557dea845051b786f8f8818002db2 |
| SHA1 | f5e16d11d50e715f076f586e2ce2cfa62b831768 |
| SHA256 | 55e21bdf93c14690e0c93a4170b115faabee5c3f84eaeee63d69bf0e4bf7736e |
| SHA512 | f037bfec058e52b7be997b7a60b04d0c3abbd4bfbe1fc07ce98e31647f61bec8fde2288f79b197ce438470f1d684be2068f942444a1ed7a36dc9d31e3847dd25 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 7e0880992c640aca08737893588a0010 |
| SHA1 | 6ceec5cb125a52751de8aeda4bab7112f68ae0fe |
| SHA256 | 8649a39877c190ec740a5422284ec5f9ff509b30b2d7896635476873dd8824e2 |
| SHA512 | 52bd0a38ca7f43b26731966035045b1cbd8b60b2d81bdf9aad791cf444da8af8b722ebf3cb364a6e660bebdf23084eb0e30bc23562575b704801669817549f8a |
\??\pipe\LOCAL\crashpad_3604_IDAREMMKLIOTNRQQ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 5e2f0fe48e7ee1aad1c24db5c01c354a |
| SHA1 | 5bfeb862e107dd290d87385dc9369bd7a1006b36 |
| SHA256 | f13b3ebe8d71bd0086d5bb82364c35f59a95d32b39753af251e8639360e291a9 |
| SHA512 | 140d026437fd5e8a874cd00b03950c8f010e1a0732a0a1cc5bdde477e7f8315ccb95790bb4c15b8dbaab9468ad532eb885b6c429300a64e39412d976d079324e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e7486ab749fc4ffffe527296306d9b1c |
| SHA1 | 991d28e776478ac78ed19733096aaff787b3cb31 |
| SHA256 | fbfa09a0eab258c77b9dfe6c4cfb0af774fc7d0ebef4e8f5ee6a888e2ca796d7 |
| SHA512 | ef33274ea169b10f66a54a7ff4846215e3c21ac2f0e84746d30e441ef247286918e9f70b388e6f506c54a0b85e83809322a816dbfb314e9d577ef3638ad77fa1 |
C:\Users\Admin\Desktop\Roblox Studio.lnk
| MD5 | 2d9255fbe537e29e6d874b91d90cdbb1 |
| SHA1 | b72b30ffb0f5b92d52c8b8d461db2a1c1ac57664 |
| SHA256 | ebc6390b2131b24a0a4cd7c43d512987406de636b13d00bf24f60c820ad82780 |
| SHA512 | e608bdb052d6125c3c3949c613a98e512a44c662c53488e07a1b99609dcf9a5978b85592d4947dbf317682b9f1b41e663cc17eeb333db48eac5c5637033a49b7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a2641ae020c7e3e33ec1fcbab5a00a93 |
| SHA1 | 269cae1c47d6f12f673c46d7842b7715db1f82e5 |
| SHA256 | 5d6af8d571f6dac5efcecd58ec1a20eb860b31d912dcb6aa82ba9eddbf4f4bcf |
| SHA512 | e037915cc0d1a0aab82271ce5ec36c7c17554627f54247fcba696e0e05f1e9f20503d80c106bba03a5b2fe632d02f3e1c55cd81c0796b470ae93a7089e06740c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c201b3e24d86e2ae756f484176827b7d |
| SHA1 | 0fdfe6b73a13f15d4feaa839aaca9e14d0f3081a |
| SHA256 | 57cf173effd8c5e44260c4ceeaae3f27c70307dccde8b5a987c81bfab5764038 |
| SHA512 | d9b742ffccfcfd0ea1ca20788b36f2532dd518900b5eec335457649476bbbf0df791a2bc88c1de604830c8da2cdaa24e8fe292f7375c1bcb37c5ddac3201fe49 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4abcdb2d2fd0d548959c13bef873b6fd |
| SHA1 | c87af7ddf180680c59c1100ff822d55f1227ddae |
| SHA256 | 25c26bc2ef7cb480f0a35ce0bed3e7a2aa25eeb95d35badd9010a6010cf582e1 |
| SHA512 | 41e3ad557470453cebce2e4aafee9bf28ca4d5e08a48c6ac4266ecf1faba01cd339657f07026db6d516f5df4a01e3a5ff8eb3e4ab48f8f39905641c800f61cff |
C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerInstaller.exe
| MD5 | 9fb66ffa1e1f4dedfd16eb3a8170bafd |
| SHA1 | 69b5d57ddda6b97adde820b9ceaddae9c33d53bd |
| SHA256 | 7953b28b736795aaa54e6cd5cb591e794e2f770c1045ca2e33af5ff19f480eaa |
| SHA512 | 4b141802e7a4cb6bd4a7498d30086a9d83c62d37f2137f4910ca7d3fb7009079d4dc59b95050849cfc720210b0cb44bf588d15c08e3ba830aae19c0a27e8e6d5 |
C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
| MD5 | 610b1b60dc8729bad759c92f82ee2804 |
| SHA1 | 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552 |
| SHA256 | 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08 |
| SHA512 | 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4 |
C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdate.exe
| MD5 | 4dc57ab56e37cd05e81f0d8aaafc5179 |
| SHA1 | 494a90728d7680f979b0ad87f09b5b58f16d1cd5 |
| SHA256 | 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718 |
| SHA512 | 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b |
C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdate.dll
| MD5 | 965b3af7886e7bf6584488658c050ca2 |
| SHA1 | 72daabdde7cd500c483d0eeecb1bd19708f8e4a5 |
| SHA256 | d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19 |
| SHA512 | 1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4 |
C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_da.dll
| MD5 | d34380d302b16eab40d5b63cfb4ed0fe |
| SHA1 | 1d3047119e353a55dc215666f2b7b69f0ede775b |
| SHA256 | fd98159338d1f3b03814af31440d37d15ab183c1a230e6261fbb90e402f85d5f |
| SHA512 | 45ce58f4343755e392037a9c6fc301ad9392e280a72b9d4b6d328866fe26877b2988c39e05c4e7f1d5b046c0864714b897d35285e222fd668f0d71b7b10e6538 |
C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_cy.dll
| MD5 | 34d991980016595b803d212dc356d765 |
| SHA1 | e3a35df6488c3463c2a7adf89029e1dd8308f816 |
| SHA256 | 252b6f9bf5a9cb59ad1c072e289cc9695c0040b363d4bfbcc9618a12df77d18e |
| SHA512 | 8a6cbcf812af37e3ead789fbec6cba9c4e1829dbeea6200f0abbdae15efd1eda38c3a2576e819d95ed2df0aafd2370480daa24a3fe6aeb8081a936d5e1f8d8ed |
C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_cs.dll
| MD5 | 16c84ad1222284f40968a851f541d6bb |
| SHA1 | bc26d50e15ccaed6a5fbe801943117269b3b8e6b |
| SHA256 | e0f0026ddcbeafc6c991da6ba7c52927d050f928dba4a7153552efcea893a35b |
| SHA512 | d3018619469ed25d84713bd6b6515c9a27528810765ed41741ac92caf0a3f72345c465a5bda825041df69e1264aada322b62e10c7ed20b3d1bcde82c7e146b7e |
C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_ca-Es-VALENCIA.dll
| MD5 | 2929e8d496d95739f207b9f59b13f925 |
| SHA1 | 7c1c574194d9e31ca91e2a21a5c671e5e95c734c |
| SHA256 | 2726c48a468f8f6debc2d9a6a0706b640b2852c885e603e6b2dec638756160df |
| SHA512 | ea459305d3c3fa7a546194f649722b76072f31e75d59da149c57ff05f4af8f38a809066054df809303937bbca917e67441da2f0e1ea37b50007c25ae99429957 |
C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_ca.dll
| MD5 | 39551d8d284c108a17dc5f74a7084bb5 |
| SHA1 | 6e43fc5cec4b4b0d44f3b45253c5e0b032e8e884 |
| SHA256 | 8dbd55ed532073874f4fe006ef456e31642317145bd18ddc30f681ce9e0c8e07 |
| SHA512 | 6fa5013a9ce62deca9fa90a98849401b6e164bbad8bef00a8a8b228427520dd584e28cba19c71e2c658692390fe29be28f0398cb6c0f9324c56290bb245d06d2 |
C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_bs.dll
| MD5 | e338dccaa43962697db9f67e0265a3fc |
| SHA1 | 4c6c327efc12d21c4299df7b97bf2c45840e0d83 |
| SHA256 | 99b1b7e25fbc2c64489c0607cef0ae5ff720ab529e11093ed9860d953adeba04 |
| SHA512 | e0c15b166892433ef31ddf6b086680c55e1a515bed89d51edbdf526fcac71fb4e8cb2fadc739ac75ae5c2d9819fc985ca873b0e9e2a2925f82e0a456210898f9 |
C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_bn-IN.dll
| MD5 | a94cf5e8b1708a43393263a33e739edd |
| SHA1 | 1068868bdc271a52aaae6f749028ed3170b09cce |
| SHA256 | 5b01fe11016610d5606f815281c970c86025732fc597b99c031a018626cd9f3c |
| SHA512 | 920f7fed1b720afdb569aec2961bd827a6fc54b4598c0704f65da781d142b1707e5106a459f0c289e0f476b054d93c0b733806af036b68f46377dde0541af2e7 |
C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_bn.dll
| MD5 | 7dc58c4e27eaf84ae9984cff2cc16235 |
| SHA1 | 3f53499ddc487658932a8c2bcf562ba32afd3bda |
| SHA256 | e32f77ed3067d7735d10f80e5a0aa0c50c993b59b82dc834f2583c314e28fa98 |
| SHA512 | bdec1300cf83ea06dfd351fe1252b850fecea08f9ef9cb1207fce40ce30742348db953107ade6cdb0612af2e774345faf03a8a6476f2f26735eb89153b4256dc |
C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_bg.dll
| MD5 | 8375b1b756b2a74a12def575351e6bbd |
| SHA1 | 802ec096425dc1cab723d4cf2fd1a868315d3727 |
| SHA256 | a12df15afac4eb2695626d7a8a2888bdf54c8db671043b0677180f746d8ad105 |
| SHA512 | aec4bb94fde884db79a629abcff27fd8afb7f229d055514f51fa570fb47a85f8dfc9a54a8f69607d2bcaf82fae1ec7ffab0b246795a77a589be11fad51b24d19 |
C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_az.dll
| MD5 | 7937c407ebe21170daf0975779f1aa49 |
| SHA1 | 4c2a40e76209abd2492dfaaf65ef24de72291346 |
| SHA256 | 5ab96e4e6e065dbce3b643c6be2c668f5570984ead1a8b3578bbd2056fbad4e9 |
| SHA512 | 8670746941660e6573732077f5ed1b630f94a825cf4ac9dbe5018772eaac1c48216334757a2aeaa561034b4d907162a370b8f0bae83b34a09457fafe165fb5d7 |
C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_as.dll
| MD5 | a8d3210e34bf6f63a35590245c16bc1b |
| SHA1 | f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693 |
| SHA256 | 3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766 |
| SHA512 | 6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a |
C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_ar.dll
| MD5 | 570efe7aa117a1f98c7a682f8112cb6d |
| SHA1 | 536e7c49e24e9aa068a021a8f258e3e4e69fa64f |
| SHA256 | e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01 |
| SHA512 | 5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8 |
C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_am.dll
| MD5 | f6c1324070b6c4e2a8f8921652bfbdfa |
| SHA1 | 988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf |
| SHA256 | 986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717 |
| SHA512 | 63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100 |
C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_af.dll
| MD5 | 567aec2d42d02675eb515bbd852be7db |
| SHA1 | 66079ae8ac619ff34e3ddb5fb0823b1790ba7b37 |
| SHA256 | a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c |
| SHA512 | 3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3 |
C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\EdgeUpdate.dat
| MD5 | 369bbc37cff290adb8963dc5e518b9b8 |
| SHA1 | de0ef569f7ef55032e4b18d3a03542cc2bbac191 |
| SHA256 | 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3 |
| SHA512 | 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1 |
C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\NOTICE.TXT
| MD5 | 6dd5bf0743f2366a0bdd37e302783bcd |
| SHA1 | e5ff6e044c40c02b1fc78304804fe1f993fed2e6 |
| SHA256 | 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5 |
| SHA512 | f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e |
C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeComRegisterShellARM64.exe
| MD5 | 7a160c6016922713345454265807f08d |
| SHA1 | e36ee184edd449252eb2dfd3016d5b0d2edad3c6 |
| SHA256 | 35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9 |
| SHA512 | c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e |
C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe
| MD5 | 60dba9b06b56e58f5aea1a4149c743d2 |
| SHA1 | a7e456acf64dd99ca30259cf45b88cf2515a69b3 |
| SHA256 | 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112 |
| SHA512 | e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7 |
C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\MicrosoftEdgeUpdateCore.exe
| MD5 | c044dcfa4d518df8fc9d4a161d49cece |
| SHA1 | 91bd4e933b22c010454fd6d3e3b042ab6e8b2149 |
| SHA256 | 9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2 |
| SHA512 | f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c |
C:\Program Files (x86)\Microsoft\Temp\EU27C7.tmp\msedgeupdateres_en.dll
| MD5 | 4a1e3cf488e998ef4d22ac25ccc520a5 |
| SHA1 | dc568a6e3c9465474ef0d761581c733b3371b1cd |
| SHA256 | 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011 |
| SHA512 | ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245 |
C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
| MD5 | 327cbf55c615e99a1b23aad8b981bdd1 |
| SHA1 | a4f12a094136f833b665e26d19a39d162f327d26 |
| SHA256 | f640df87800e60ef344b6d1b931757772178b15ddeb7e0910789edb1f3631434 |
| SHA512 | 162a5360914db3d2d9897d7703c8430054709aa06d1ecb21380487aab2c269f38c77a68f3ea3cf1069966525c42b6ecc40301a92001b3f23a089b449a2635e72 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b762f6da7402a6c9e07f705481b650ca |
| SHA1 | 9d3d258fbd3245b1e0331466cd9f0d54e6097f21 |
| SHA256 | cf609b2c94bc6caf1d52398d6feaf819c30e202142d3a124c859bb78d04b8b89 |
| SHA512 | cb148e50d1f782f1710ed20bdbf2c25b5c3d8fe9586e53a6cec66fa7fda1d21ab94d8fbf44ceb1f3415f2ae5654102b25512284b96c35e9510e5a434085ff8ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe584253.TMP
| MD5 | ec32b44725c65364f3b9a2edd0f17d0d |
| SHA1 | f4f34afd59037a9d147ba527229c6e3108ccbb5a |
| SHA256 | 43e60cc64b9bb10eb7c51a5adf39afd6ce9f2b5d9ddad304ea5ab2e1053cf19b |
| SHA512 | accfa0299e2d68e8457882524ac77d8b3d9ad9ce8a9f5622e8cadd3144df0fa08785fae55a17168fd3ca909a13a83f0b6cab653baa6770e48f9d579c237754ad |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b3619d849c068005f3c2ebb7cedcdce6 |
| SHA1 | 8e7da97b418851a908b5d9a80f5c0f37877c011b |
| SHA256 | 19131696922973fa8554fd00f5317b3ede1b37b4df69f8880eb0815abc24be27 |
| SHA512 | bdddaa5e2cac7b76af1b3fe54633cd7dce27c6af040d7808d06275a14453062ff757d00c20a7fcf23640e848af0e828b08f59a83c17642f6b7b9e54556f3c6a9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | d6b36c7d4b06f140f860ddc91a4c659c |
| SHA1 | ccf16571637b8d3e4c9423688c5bd06167bfb9e9 |
| SHA256 | 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92 |
| SHA512 | 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | aac57f6f587f163486628b8860aa3637 |
| SHA1 | b1b51e14672caae2361f0e2c54b72d1107cfce54 |
| SHA256 | 0cda72f2d9b6f196897f58d5de1fe1b43424ce55701eac625e591a0fd4ce7486 |
| SHA512 | 0622796aab85764434e30cbe78b4e80e129443744dd13bc376f7a124ed04863c86bb1dcd5222bb1814f6599accbd45c9ee2b983da6c461b68670ae59141a6c1a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | 2e86a72f4e82614cd4842950d2e0a716 |
| SHA1 | d7b4ee0c9af735d098bff474632fc2c0113e0b9c |
| SHA256 | c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f |
| SHA512 | 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | 1548c5f675f1d1fb0e51d7c1f506aa78 |
| SHA1 | 4170f4215c2c9ea4eadcf3770dac2ced5e11f413 |
| SHA256 | 2149403b038e0b92af4544cabd1b5b0cebe5b3caf3bfd17b0a4d8fe96fb3bc48 |
| SHA512 | b724040d3d6228f9b08c3f4a94148585ce385ee25af0eb83ccb78edbaaaf4efb94a81e19e27770adc5f34f34a8fd5ef90234e02f25d773aa09b4fd3f13c2664e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | 710d7637cc7e21b62fd3efe6aba1fd27 |
| SHA1 | 8645d6b137064c7b38e10c736724e17787db6cf3 |
| SHA256 | c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b |
| SHA512 | 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | b38fbbd0b5c8e8b4452b33d6f85df7dc |
| SHA1 | 386ba241790252df01a6a028b3238de2f995a559 |
| SHA256 | b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd |
| SHA512 | 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
| MD5 | d404b61450122b2ad393c3ece0597317 |
| SHA1 | d18809185baef8ec6bbbaca300a2fdb4b76a1f56 |
| SHA256 | 03551254e2231ecd9c7ee816b488ecbde5d899009cd9abbe44351d98fbf2f5fb |
| SHA512 | cb1a2867cc53733dc72cd294d1b549fa571a041d72de0fa4d7d9195bcac9f8245c2095e6a6f1ece0e55279fa26337cdcc82d4c269e1dd186cbbd2b974e2d6a70 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7b8a687757aec49c679575326ea9f810 |
| SHA1 | 9cbfac66c8b28bcac1f41f85980833f95d0a2bbb |
| SHA256 | 0870019e214204c18b563d1708e6b5d1e054ef683cb8c97884509ac0d3d7a3c2 |
| SHA512 | 59e3b0c7b93241d57d6d0d1d4918a9488dc3ddbb1b6d8beae6fe7435450f9321d9d77da28f963084a8add557fce30d973570fe0820f01cfe90ade4d533147b38 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b74ddb9b415a96ebc2a476b0f99fb7bd |
| SHA1 | ccca68ef50e76955ab6d437e8bf48ad0617e0890 |
| SHA256 | 04a284284fe3157e6cce5af2acb783b244cf0a8f4535746a1b8568bd700a7616 |
| SHA512 | e061d4915c7b5d45b2842d8e26234383248fb9557f0b5ffd3a2ae01d64b914c0ec2bdef73d866bbd01fbdc96c1adec28c5cfbbc6c23d3adc416054bc61c5e497 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}\123.0.2420.97\MicrosoftEdge_X64_123.0.2420.97.exe
| MD5 | 300df46436ba5d076b227c32967ada91 |
| SHA1 | de9d47ef0c61fb04b7309875e2f03c8fa37d19f4 |
| SHA256 | 1614eb0c2697d74f2a05f8c973b2055e9cc158d94b19105e3a9d450adc9e333b |
| SHA512 | ba3053085da062ec32f87aec43f527624248a81b702c8cdb359c0fba7194556658b49aca8ef98d885de5da5b9b2eab3f1fac2c99891f91949d1b9a155e4a6971 |
C:\Program Files\MsEdgeCrashpad\settings.dat
| MD5 | eb09e2014f7e8811ff2124d9f57ef804 |
| SHA1 | 913b92c0ca808fac8b59eaabb04710ba1267c9ff |
| SHA256 | 5bbe897e60fdb9a6905e9c8606a7520eb54aa6a251c48eb7b8d69e70d78cf353 |
| SHA512 | 98befee2bb8da22c7b1a56775ccf1c04875fc2ec5e40e043a05103f8172f4951134f172aaaf693420a46887f2c9a580404317fa333ace2a28f5b758a071d9af9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c4ea3a6fa442bfc060444554d093cd8a |
| SHA1 | 664ef375b92ebed350a83f6d82d0ddf7c9264d36 |
| SHA256 | e97ffc2943cbc674e50a9397797a4cb48a1468eb41c07a07c362b231e80ce685 |
| SHA512 | 0c8556e84afd26787cddf58ce0681279d710c44dfd07a55ac80bbd51cdccf0f1b33b5553874e4d6f028f9bcfbced01bfac2828fbef2c464b7fdd7486ec28201e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
| MD5 | 3cd0f2f60ab620c7be0c2c3dbf2cda97 |
| SHA1 | 47fad82bfa9a32d578c0c84aed2840c55bd27bfb |
| SHA256 | 29a3b99e23b07099e1d2a3c0b4cff458a2eba2519f4654c26cf22d03f149e36b |
| SHA512 | ef6e3bbd7e03be8e514936bcb0b5a59b4cf4e677ad24d6d2dfca8c1ec95f134ae37f2042d8bf9a0e343b68bff98a0fd748503f35d5e9d42cdaa1dc283dec89fb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
| MD5 | bc9faa8bb6aae687766b2db2e055a494 |
| SHA1 | 34b2395d1b6908afcd60f92cdd8e7153939191e4 |
| SHA256 | 4a725d21a3c98f0b9c5763b0a0796818d341579817af762448e1be522bc574ed |
| SHA512 | 621386935230595c3a00b9c53ea25daa78c2823d32085e22363dc438150f1cb6b3d50be5c58665886fac2286ae63bf1f62c8803cb38a0cac201c82ee2db975c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023
| MD5 | 8b2813296f6e3577e9ac2eb518ac437e |
| SHA1 | 6c8066353b4d463018aa1e4e9bb9bf2e9a7d9a86 |
| SHA256 | befb3b0471067ac66b93fcdba75c11d743f70a02bb9f5eef7501fa874686319d |
| SHA512 | a1ed4d23dfbe981bf749c2008ab55a3d76e8f41801a09475e7e0109600f288aa20036273940e8ba70a172dec57eec56fe7c567cb941ba71edae080f2fdcc1e0c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c
| MD5 | 3051c1e179d84292d3f84a1a0a112c80 |
| SHA1 | c11a63236373abfe574f2935a0e7024688b71ccb |
| SHA256 | 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3 |
| SHA512 | df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d
| MD5 | 68f0a51fa86985999964ee43de12cdd5 |
| SHA1 | bbfc7666be00c560b7394fa0b82b864237a99d8c |
| SHA256 | f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f |
| SHA512 | 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | d1d6087de5ce5ea3843d44fe84983c0b |
| SHA1 | a0c4f13a6dd292127f2cbd2e9d6f1473081bff81 |
| SHA256 | a5098e9811c604b85a7c4c2c2fbe294d2d61e01f07345f63c6a3e7d038857468 |
| SHA512 | 5950b04bb283b8d4aa622b2502e38c4fe8a939ba7631d2acd50ffe6c58bf3725a5205847ac8e153f471b64afc3e7e2808a315ca6f1f7a92acb1e57626607f1ec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ad438da8c434c428e171f6729775c576 |
| SHA1 | 6dce4d81897964dc4163571bc473e07757529fae |
| SHA256 | 8548b06e12dd3c32a0bcfa463756d367b76f1be2b27bd81b74519ef38740bab6 |
| SHA512 | 5d37aea6db941f7db2f13a18592cd5ae72f7690331a2fee57e43284faa38eb25bda3913524614db7688a0b45f6f69c4d8544d69729d4bafff89fc5c766a3fc7c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1c307332d33b0053ebd0566b8aa82bd6 |
| SHA1 | a5f78bd7d41e72592743f81e06c4127ce9cba3d4 |
| SHA256 | e53b4e83b02701fc4ee62efc3dfa5639445478c298a14810e2449d494b5abb55 |
| SHA512 | b51c10a74dc5debd2ff6037e8397350468127066f74f406a060f74719386ecc0eaab5420e09291442be801941f30fe8cd4843f16dc2c5174c328b2c6c8f5b920 |
C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\Installer\setup.exe
| MD5 | 31ddc9e1c11a44b88cf96c45b3551ffb |
| SHA1 | 811ccb9706f656e29d089e30a2ee1650302394e2 |
| SHA256 | 46cb58faa60db59cb8d145bf6493f7c01a8ea8895f812d65512e3c7340a054da |
| SHA512 | 67e5a4ec4b030e48ac06bdf79bfb2b9bfe7778f046a739f23b7be65e143a7181954c7587eb6841636a6e667aabfa292d6831bab709cd798d1de01987bc99aaf8 |
C:\Users\Admin\Downloads\MEMZ.zip
| MD5 | 69977a5d1c648976d47b69ea3aa8fcaa |
| SHA1 | 4630cc15000c0d3149350b9ecda6cfc8f402938a |
| SHA256 | 61ca4d8dd992c763b47bebb9b5facb68a59ff0a594c2ff215aa4143b593ae9dc |
| SHA512 | ba0671c72cd4209fabe0ee241b71e95bd9d8e78d77a893c94f87de5735fd10ea8b389cf4c48462910042c312ddff2f527999cd2f845d0c19a8673dbceda369fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 60c8b6f46acc1a4bf23d5b6cf3dacf52 |
| SHA1 | e0fa9f8e22bb7642c9737cd3090b233ca182e5d1 |
| SHA256 | 101aefa2b36061f0bc0ce81aee12bd77bc425c2a8824bb23f4973499bd3f18e2 |
| SHA512 | 2361caa90f540e596df4496620288bd067b3c28a228c56caf15570e75a49b752ece3bebdab84f46f25c1f76cd9d702d126ca938f7292ddad1081c7ca58cdcae2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 0707b42543afda99d4d99641051cb9ed |
| SHA1 | c33d2de6816c3d80dd4e3b77332192c61f979302 |
| SHA256 | 75a88517e902d3a50994c40144623f2a73a7f522a68297e9e36d9e9343466f4e |
| SHA512 | c50dfef9006b482f941374125caa40d68f7025db3840c880e158aceba488b90ff939bcd83fdda323c4f0a6653f1baa9906d263334e0837d609eee18c0741211e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b02493cd7e154d35fdbb4c317a9610e7 |
| SHA1 | e09ada7d3f5f009dfe465b3445a5b1003a8d119e |
| SHA256 | c0b2293ef44a891f8f5c1af196a2297f8d3bfcb616b70247c0a2608e11e04f6a |
| SHA512 | 37b342391e741ab611548ed413fd2c85eec96eda0ffb1679cce3ea81c67d6fe44658d5f4093029117645c6748fb9894f47f405ae41a217e8caccca3796ee8692 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ca53a76501fba84bc6cf20da4b8b450f |
| SHA1 | 0b58c9f095bc73596838477e4600c38a6b01cd28 |
| SHA256 | 88a2681d466e5fca2f040985c593381c2860cc0294102c064f903e8ccbe8d77b |
| SHA512 | 07732b93367347db0ebde3f84a0277fc63c5e432c982539124a3dcc15de422ffb78fda991df49cda19992d8a9df5cba6709e762a1b0175a8ee8963ffa7611457 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 50b316f445369c1c9803bfc5e5e9bad2 |
| SHA1 | 246e32e174ca6dc8d2273443220efd2a41b58fff |
| SHA256 | bc86a06c5a0d00782beb2e4c5c2460a54825e29268a20c27dcb0b3dc219144de |
| SHA512 | 732b0cd115f64df5d4ee1c673620933a730de633dbcaa770d76b1e41f48dbb7ec49f6418e2e651b38c53c4b0a90389f6cb7486e470edd2bf1d29d6f9a3b7b519 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f97ee913b12529e98d02a6702afd3920 |
| SHA1 | 6f11519eb38a2a68b40c6a7060975ba39291c585 |
| SHA256 | 8de00822a7d47c24009fb330c099f69ef477f0f4e7d6386f955064b381cd4850 |
| SHA512 | f399bd7e4ea15bc21d8badd66d3e580c97b7e7f64087f509f4e41ed2988555125b3e8039bbe3cb230b00aac98a301293519272cbd90b6ed1aadb4cd434e41e68 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | f51c9b4bb78a2e8721ba851224d77377 |
| SHA1 | 73c71cdc55628870f15d5dbed12801b5e2425bed |
| SHA256 | f44bd7602c9754fb1accafd520b574e2ae4acf735a5ddf75ab681894cac1cf1f |
| SHA512 | 52825ee9bfa40e220a5d0ad971a72b330d54d8657b1ff6bdeab6190a777ab4ae4b27a85abd9695af968c71bb57ce382f9e6365870104dee3324120e302fef492 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | dbb87ca462224fd27159102f2cd8fc31 |
| SHA1 | f0d80bdced1d39931536958fa98891042d95f47c |
| SHA256 | 5d7959d4096f97cc04b99a7f4fd17640318f920e65b7715ad0677a8ff8a5817f |
| SHA512 | d157bf29d6120231738b4168463fc79c8e775fce1aaeeb07a84bbd33a1a6a67ef3dd748b943230ff5dfec382a6a0c3ccf0eea168b8add16b487b1b36166c24b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | fea59b968f270f030193d48bfea4df88 |
| SHA1 | 714b4ca4433093982e14426034d486f3d7fb1c8c |
| SHA256 | 5aebb0b32b0346e1d13af8fb8e7cc304ddc968371c892251d5edc7d256210393 |
| SHA512 | 030224a7163eafc444b8764675475f7457069348a95e7399d0cf4683f24e1283ab62b2607ce77a53aa10ab25832cdab807f67a8f5dbb88b7ecca1bb53697ef55 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 8d4bf27b7955aa23212ebe2f7f7c3873 |
| SHA1 | 332e412622b7780c07521046d2ef26b769924a0c |
| SHA256 | 4be9c6b68d30029ba2b9b90885af310ba2a9674e94964991a73f70deef9233c6 |
| SHA512 | 86a474671c910584eb54dc41c645a5943bd9520d0ddb7ed96d587bfdaa73e5ed546f1697a693616077eae12b85b0474670efed9e861342b221445a4de3ed2e4b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d7ef0539ccf5f0545aa328c82b272d83 |
| SHA1 | 6d3d6a0387de71746caa63750337297ae6fd2fd3 |
| SHA256 | 6aee8bc3706ea3f66bef4ed224cf46237448f0a4ccae31ab038c16aafc14f0bb |
| SHA512 | 3f1e03a5521bbfbfa0221049232da90338372be968007ea1d1e52ef39e284d606b7ffa198d3bc5a9cdb5a4e0012984685d97099329a7b0a0cee5ef5d5fc76cd0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 489cd67ec6b574fdef4038c1452773e8 |
| SHA1 | 62a41dcf7a4122c9b44455968cad5938a8cb8c6d |
| SHA256 | 7bab58c02414ed5538db159bdf4d424eb417617083770c99862b947ece0be415 |
| SHA512 | 1eadb41c31e897c7b3f5f9520423e65c53d82d42bcbce7be3411a493103a38a2d4c479f09d0edd1878c60a8263d79190e33206e0e6db87073ed79420e1a98587 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 55d7bd96d18d1f82671787778855909a |
| SHA1 | 723d9fd218bd1500cd4fb0062496dae98da61acd |
| SHA256 | 55455c03663e276c4ba2df19441e7e97834396063f1505ba2c510e615d528346 |
| SHA512 | 40bef9feb0431235d446b35e05b5cffe9ca0c7a6a5c78ec90727fd57f2e705497af5d86204da6fb869ba1878732a4c037aa9080a8a4a9dbdc9c23b70e717be2d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3304c12fa834e65352f49939ac45b112 |
| SHA1 | 4fc9c5d254d92b69bd1e1bb19bf0aafd8379e2b2 |
| SHA256 | 9e91ee92b274476ce0c347d8c39a55060d944b792e98f33aad1ff3a514534138 |
| SHA512 | 03d9dfee398ad7442264e18010b4fd751d823321b38586b061b636215dbfff43cdb6c77a9013466346f77563a097a49298750e9af6c403712a8cdcd223347a67 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6fdfe3db90fd39d545239751a91d2248 |
| SHA1 | ac6c9f9218e8384a0b2904fd26e42551a45a1058 |
| SHA256 | 6e329f85148bafa1232e3006f11d9d3fc1599490f3a5260c7054ef9ba45d634f |
| SHA512 | 9145d0faa85846da2020bd0d41ca4c4b8f91db6995cb30c01c18bd97787d8bfe3237904861d7c9aa6e2a034b8f2c76932471a663cb4f774cd3b71a45ff94525f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004b
| MD5 | 319e0c36436ee0bf24476acbcc83565c |
| SHA1 | fb2658d5791fe5b37424119557ab8cee30acdc54 |
| SHA256 | f6562ea52e056b979d6f52932ae57b7afb04486b10b0ebde22c5b51f502c69d1 |
| SHA512 | ad902b9a010cf99bdedba405cad0387890a9ff90a9c91f6a3220cdceec1b08ecb97a326aef01b28d8d0aacb5f2a16f02f673e196bdb69fc68b3f636139059902 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 796b5f038ece9cd723dd1975ae94d884 |
| SHA1 | c360a368fb8bfea4060906d3b70dc95d9d327c15 |
| SHA256 | a0b531dbc75cca023d77223ba52bc8894ca6381369f1d0972160e8cf0a1914fd |
| SHA512 | f8be766a1580074034f0a64b852ed549a2db5ded3f2497754172f08241c07b6ca3560665ab24515831c69c109b9c64bf6a96d6dad4c25cee2d538c24d450bd92 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 43b42084dad8e0af527b3fdcfcc73168 |
| SHA1 | 089b3096d740bd1005400805c87dcf4b01ef6fc4 |
| SHA256 | eef953369a0fd5e3fc51911aa1042af4d69f6b94f4663ae51968ceaadeecb647 |
| SHA512 | 5a82b4560732f90e62c6d8e4df61a28acf3030205db4b15b984a5022817cbbbfcea146cd06ce8f2150ef54b7a81a16548ebd61591a5b5b26b9491deb55b13f8c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ebce059d235e0242e1784a43667fc343 |
| SHA1 | cab9ac234e8093a4b42c806d5deb19620a6db030 |
| SHA256 | 3acbce9fa3a402ecbf7bf21362425b32bcd26b7646bcf8143f9ce2c0ae1f15bf |
| SHA512 | ba4b484fbe7995dd4e5f8e462473c4ab719fb813a297676d557ed2b685251a667576f938dfd5cdc0d59c09825d9dc0557827c5d11c43891e6bb9fa76cdeabef7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 462ef7e1996d1c9c0f2b6ef99b6cdca4 |
| SHA1 | 4675fffd4531ec9c27d366a75b8b743c95fa8941 |
| SHA256 | 2fd0986ac0abbd203b2432bd57f158f14fdc462fb600fdb814c4d6a8d4270add |
| SHA512 | 001ed0d2df1bc128c0a088dd743b61f2e417a78c4206983934ffcbcb5c43490c226d1b2d5c5ae6727f1f6e4b6b40b5f64eaea3ebb8923c57730780fb08e8d6ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\db4611bb-fecf-4d5b-a18e-c27b6f8be37d.tmp
| MD5 | c49e405633038199a2c932ba0b8a3330 |
| SHA1 | 58c036c0d71bb623218661ddf91eb8fd412e0c88 |
| SHA256 | 477d1c61f29f84f0f7e9edd0a0ac1f64f32b2781886cba3dac254dcc7c9956b1 |
| SHA512 | 4403549b4accd49ff140a680401cc19e4868f6d5370bcf8774986c0b179516d17703899c823064d48e74af53fce60649bb7b46cc42f43d9a3c2c267f67859e67 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | eea8db6fe707108ae75f5f8c86594752 |
| SHA1 | 551915140e2b73deaae565353952a20978b9202d |
| SHA256 | 2d5c36bf861bc57148faf1428de6bc1c1abb4d0ab7dbfea94d8286623f428a04 |
| SHA512 | 4d33f626fe4b18e4b2937a835b6c44decf50f3f7bf5da0477676d51bf9d6628b6450355d9d6fead010d99735815f149f35123adb031358b0c77410c18e1e919e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | b8bc597007b8cf744e86196dbc94cf13 |
| SHA1 | 2e5573332b08c8c18c57a426e53e557477fddbd3 |
| SHA256 | cd9f6c41982e2c183aed3067bb13831c743ebf0dcb86062cbe8e80476d258c55 |
| SHA512 | d07476e8841a51bfc76edfeae4aab654d54cb77b5a425bb87bbba2e3db3e4aa8b6610550633d956fc20cb2f21d69531d8fea6cbd5d455120a4122c81e250079c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c34addcee824321ee316c858b7658125 |
| SHA1 | 01dedd2a59052b5306e2dd256797f51b3b03e426 |
| SHA256 | 26331508cf33b904b09788f75eaf5c6002d93c4067067bd18c691fb7cb995ccd |
| SHA512 | ebb01632d77ed316458296402596f21c6691bf408c215d2545112af6c72bf2545d9a441f8f7b9ff469793370d8c43ec141c6c22b5646a0d2a563da690f177967 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 852f76c47abaf69c3081eaa2aa62220e |
| SHA1 | 4cf87e15095d26cb13bb1166a07a9befbb8d1b0c |
| SHA256 | 5e8d6c72e514d0f06fca880aab6820b6fcf5b36dcd88a94d214c82630e8258b7 |
| SHA512 | 2c58c8197ab7197db921eddec902cfe76917e0088f745a88a9117b854f386a404ab6e22cc2999c7d70cf001d9950b28c12906e814dc0b724f199ca9a9a1dd1a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6d004db6572fd3ff9b7167d1dffc0dee |
| SHA1 | 5dc9addeb5532110ffbc5fe66bcef4ac891f66bc |
| SHA256 | 63d8b1589ce56722aa3b88434dcac829dc7a054ef9616bbdcfa85715b7cce47b |
| SHA512 | c713c1e5e7491fb1155c87106296e7737e88d34ef06044816aa2650a220c6d0c6f0c46d0a78519e234d206d61c80ff943f217260f6fde1e80937ccf69704d846 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8f498c55ec96e746069651051088190f |
| SHA1 | 162715d6143a1635ad6b555f58dafe74575b195d |
| SHA256 | 543096408d6abdb9c4f1f52687c329339f56a205ece6185965efccba2dcf803a |
| SHA512 | 7b4c8a2388473fca27ede4ae61d1acb7926f3ff9e14f2830b2b4e3cbfe0d6a691a789262d43d60e57e3f920dc1c271779ffe0243f69bb08221aca76d80c061c1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | fe2f8a29831f13d7076a7a8f5cdfd3b5 |
| SHA1 | 5ab60fbdd5660e19ceddc893257507a669bdfdb3 |
| SHA256 | df7452b5397791d190fd9893e98c3dd2b49c6c4ce40c6176d11c42b8233fcdd3 |
| SHA512 | 74476d09740b665a9d63c11c97ad5f975799a4c4ab373505647ab2f6801c8e41b72be80ffa9fccbc2f62823aba160738726a8052b2a7279769271fdca2003960 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ba0f95b7ce6427868ab31c0c65f06c70 |
| SHA1 | 075cf8542e5dad1ee725a456ee5690cbacbd0dbd |
| SHA256 | 0f03f815a88ac5ceed7e80ff4fc3143bb0f923f06ec04006ac5a76cfa6431f48 |
| SHA512 | 062a9a5c5cb20da7387b64c19ddc3db77574b0eceec2ff696e4eb62f5639ff7884675656b2e102f4c6a6b4c15f4c90e42b0ca74056104fbb6a708997472584cc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f70eb70eb53aff75_0
| MD5 | 35b44685f9d01326f264b2a632ed1220 |
| SHA1 | 7df2ae6b692419c21353c63b13e72b1a3311e5ea |
| SHA256 | fd384208104ff43e6bf3faa9333e54600b7b8c945b2759ec2a64cce95fbd71b4 |
| SHA512 | 77d828d9319605cab3837fe79be93d99dd36c97bc756e9e454912c4775b10f4449a0a296ba1fcb6c2fb1d14ba18a38fe0c6446a0bef097d0b310e361650e6d19 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a41a1c437e860c29_0
| MD5 | 81ffa5f0423c28e2959b96483f090839 |
| SHA1 | deceb8d0e447fe7c22d08f5eed868a5e708fad19 |
| SHA256 | 8e2fb0952c7418d6b5cb30fe437e55a079ba1d2d22d9402330d11ba9c7c82c4e |
| SHA512 | 1b595c23e6902fee8a728261c3aefab6d582668de9ac12fbe432afc9f496ea61f4b84c6dd03a2f69793733c57b454751fa9dcd1cca0caf2c5994a23aca0f79cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3114cd685f7c1db75622d9b09bd0744e |
| SHA1 | dd2a31e25836dbe26bebeea1c6ad52bdb53f6762 |
| SHA256 | 953bc1d9af5aacfa55722c0f87a4bdcd108cee3e65160643b635e3f7b536011f |
| SHA512 | f24a98602ff0c28d16c04a6660e94bea874628c8c389a146be7c1c8f05594c482778e00de33f414c0259a633c0006f029e83faee595d6dd1d8ee733d083e851b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6ff2082e6641d37dc57967dab617172f |
| SHA1 | 542e0adcfaef95d84d4499a84625cd6a43cbdc0d |
| SHA256 | 136e597061edcc416e03d51b3fd90e498514fd2f59b8974a54035edc5402755e |
| SHA512 | ad0335b431f11ed5d9520255162d036bb8b8506f4424d10d3cbf052d0b9230d704cda8c7ae78fe8477c438bef7bf29695eb46210794f8859df6193428a066247 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 92122bdd42d513827709cf12b27a6293 |
| SHA1 | 906a715724297fec569a4301d331f31deb84caac |
| SHA256 | 6469bcd7f04241eb32845372f58a35b0849c7927b26ef0436b86216e934820e4 |
| SHA512 | f1bc66bfa7396472f6874a8fc89f217984ffe016349f78f76f54786317104fc1f371f893a85fbf0af45a8308ec09b3af7ee122c4ca9397063b4fbcb09373fc54 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{1FAB8CFE-9860-415C-A6CA-AA7D12021940}\2.0.0.33\BGAUpdate.exe
| MD5 | 09fc5490d32c867927e960f673911ebf |
| SHA1 | 2ecbee3518fb701959d2539a88892391250dc010 |
| SHA256 | 9014827c68fd6a31ccd7ec1c8f182cfeeb60962760391446b45c264e062daad6 |
| SHA512 | cd295d344bba456cdb2394fbe736c7b52c8f20e2776bb6b37c0ecd7068c841a646208e4bd0ebb4cb7880fc15caa8b18da485340ac8f88154e61cf76fb16e8162 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c38762905a8bc0de8f6f5bc85f7a0c98 |
| SHA1 | f6e342df6ab1e5998d7ed897b751d216542a9acf |
| SHA256 | 9a18fecaba8042a5e6ba521ecccc3295465649c1a391ab26df62c36e1667a7b9 |
| SHA512 | c3b8f6ae2bd518fc3cc06ccd9666d57ef5755e6505621ecf4504e5f3092350b1e1b9036812d9a868e752b49c63614d371a643015f0d9424c2e08aff1693ddfc4 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.185.29\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe
| MD5 | b18c705b3c68cc49d9bf3649abc75c24 |
| SHA1 | 6dc8963dea0f3185368790dee2a346301b4fa24c |
| SHA256 | c2ca3135f3cafd79bf90d4cb3118943ca17f40e0d651d1fc32b1b3d22d1412aa |
| SHA512 | 7ac302c1e85c652bd897ce1af812950cd23a53c041af82fdcecb2314bbd1667bf2fc672dea40c21858e64befc9bf60190a4428f0b41c30317bb0e5ec7c00f71b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | be84e24f5569bb9e171c08d08cb7d4ab |
| SHA1 | ccbdc9b1d02a39522c9b945fd3099c443f8f4cce |
| SHA256 | ca38b488ab528e075cf0c8043570a4734af5d2c4284a7c153f740b1f448c1cbf |
| SHA512 | baefb1da6ce7cdc0b5972ce88829beccb8e78cd46a11fd0afbafa74c8fe5adc1ac30477756d0927be4362719cc62f2333506c3bd7044a68391e3e33310625128 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 6f4f14ede6a21a5f88cb79ba4d5b8dc8 |
| SHA1 | 4a76ad7efb9bc7701673392e980646ac2ef8d10f |
| SHA256 | 88e572ec94a88e0e1139d62be086807a64b41ac6259d99707f43c8a2a938b64a |
| SHA512 | 4db375f7c1eb367d66cb803feed576668d339b5058ced0e3a01841511b1b7e5e6c81786b2e53b7e7412cbdbd62b7dce6b86441f62cbe18fcb0691e63c4c74eca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bb8cf5323993749081b8fa599c126adf |
| SHA1 | 1c97c5bbc7154e05a17522b6522a115f3969c6cc |
| SHA256 | 66bb5216f6a55a05513f1653b9516dc6d8e713b582cd355e025c71afc326c547 |
| SHA512 | 759ee5d4e6454884c0cbf22a7fe90ac5b4631fab276432c0620cace418af701909b8120f51dadcd88f3764339544ef82577d4e763c6c210391da6453af2702cd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3027a98d2cf9249ca01266496236d233 |
| SHA1 | e3ad531a805fd51ea5d3482abe48d0112d18a57c |
| SHA256 | 5b71f87ad8a1148bd362b3203de4ce97b1bcb5626dd781b6a2d3ff1db8d7a258 |
| SHA512 | 2b13bd0033538cbe1a15e2a631881a968f5e26949a4c3b28a86539392d3108bead875d2854ddc8eea318bc1e77a3ad841a5e96056e3fed8de2e11a67cea2ad83 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | a173f22a23e3054c18b3b51f7a9f06a4 |
| SHA1 | 07a64aa47de591cdbcf273527e880fc71f203df0 |
| SHA256 | 155b16f306d9414441b9516aa7675c46899f3650de9c6a8e6388c90b4afa5554 |
| SHA512 | 525147de6ca9f8fc2ebc4ebdd287be6d025f9613cb95af3c4b2ef065d824e5e24e2ff5e1529ea2004dfdb723572cc40041d708095243db5d3ad4707c2481c117 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bf82c38e3e8560d0853ae327894a8c18 |
| SHA1 | bc8c131a4a3050a43eff8837414d366cbe84850b |
| SHA256 | cab4d22ecc99c177198acb5ade39afd98da5be07983f505f279443138a575f7e |
| SHA512 | b00a55b6e856456dcd145287d0782e3d18d8c80f5294bec339c0576ebd3f289f6591db583e70f5b4d139c099dd2080b1c4f61635d59e458aee535cf3342e1445 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 6b9813073e57060fd9ff0e11351e1929 |
| SHA1 | 6d4b8fbd65e88ccfc6e3cdd6f8ecfff7b86b75cd |
| SHA256 | 40d624939672cb421e7cb54ac4ac6994568839aaa9a5f06637bf4a413baf3e74 |
| SHA512 | 9b02c0b199dadc59b230ddc28ab50d401861a0df739858202dc5c854aa695eb12783dfa09169900c08e5eac76866df2efd7d7b27d38f62c17021a523b9601a12 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 40ee4d2f793d3783280b1f0435d68617 |
| SHA1 | c8a90f93a0ea1992d5ccaa193a3becfe783d9eed |
| SHA256 | c477f429b9c2b332b732281f8c6ff2df92c7b786b195bc7d7133a242a5ccbcc2 |
| SHA512 | abc2ff9e368c87d760b79f8faa4ecae9816838b1cc975dcfb6843d7fad367a1b46d370f6c515c32966e129ee005e55c2ff20bd23dde089d711b0d78f97c9d913 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa2d420e09fb0133_0
| MD5 | 440c2aef2f18c10cd96daba6b98532f5 |
| SHA1 | d48c57381420b72f73a8e1f97e4097f0f87a4e50 |
| SHA256 | 962c0de81c1de2f5900f6ffc7d78f8b8a5e2684931c4222d134b903131260a2b |
| SHA512 | 4b5320e51395492d7a7c4c8c86ab51c4dc97e552b9e0ece131dc4179077384ee0ba6647f1420ba14882f830cba7394e2ee3dc3c430019f19516609076e4f4d43 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3cb973fd027166546d536407b477e36d |
| SHA1 | c34114657f31e587e5e7cb0d813a6c97bf4a9f7d |
| SHA256 | 9f1ce020645d6f1aad378d1863f3a950e185e047a260ea830342485ef00cd1ff |
| SHA512 | 33f7e2a35b10ac193bc274c849b708ac6ff8e71b7324b399987f37a9e8599be09a25c6b8db30a8250d0fed3e53e1ac91e6a4175ca7765e8e4ac35caaa1663637 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5c525a972af7f89d1c4f67453e2e0884 |
| SHA1 | 760a7c382f49d6b5744ac6d99df385c7617fd7c4 |
| SHA256 | 030d697ed4a2acba7724cf7f6f079c76555159f961b5a690af62236a5b98dcb7 |
| SHA512 | bbf7fb59706efd05082e392301df84262fc09887926d9bc1a18922b3a7ae5e5b0a1f3116bf4b903bafae7c56a41a326fe9a9b43edf847180037a5112a95bd997 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 7520647aaec883f8fdb2f776b51dd1d0 |
| SHA1 | ddc878a12cadf79622467aefd8eb1a7562846ca8 |
| SHA256 | cab64615bb46555beaa5e69704ac43e0bb08aa27f662a6188546e77c0017c522 |
| SHA512 | d34c02e5bb963bb842cacc5ad0086ebedb0237f46215c7bc875aa2969677f84e6cb5a1e94fbebd4480384b98d5f735bc23bd766fdffa9bd4080963b2b5cadd12 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 874f30ae275d935611cd70ddba3af277 |
| SHA1 | ce6ef78a6924152c3b7c80dfde3afdeebfb16234 |
| SHA256 | d3187f4632eef559d01da4b2de6d151da5729605c4dc5d35dbaec461f6ec6d49 |
| SHA512 | 44621fe5160ede240f715d35fd7f567e4550d080c14a5384ddd3719e879f29c39c7d25a318fb54274c2108d6a8902b2f8ed6c11199120fb561eb2dace6992ce9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 45b973685c247879571f627893086ec5 |
| SHA1 | 0dae71c12d167c9ebd53083eb386eba66ce8f5c5 |
| SHA256 | 3a9867f9e01a30a5e7fd1ee4a3e6f71395be81d9f7b5f51e69fdd2d99299d6a6 |
| SHA512 | c8b5bb294aa7231aa875c9b42f98a1ad258e77e8e426842efaeaaef02b6a6023171adf585f63df60f8e6000f70c6b549c5e7b1f36858020c9d5d2b1fb834889b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7de1900fdddcb409841240afa8a05c53 |
| SHA1 | 920f16a023ebcc2123abc7b22cbd93ad627759ad |
| SHA256 | 8c0e9d80712e9afafe71115801cf0d5ae39b008cac6f87189329fbd2cc2c7bd9 |
| SHA512 | d21444018f5a0cb13b78763480e54687668d01930eaf4e037285ad8e6f1a113d7f82d2193d6aa853918271c45560d06afaf4bb8a5ab590056cb24bad9f223b6c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c9f945463b428cdc2d2b69eb01e6eadc |
| SHA1 | c39218588379f509d3535e791a10dcbe7ee381c6 |
| SHA256 | 85e45bce727bd9f961fb3b4d3196d92f7bcd5c4f511c6582f4cf85d30de81031 |
| SHA512 | f43bae929a28a3c6e9eb00ea1f98a1e84ffb9c672cbadd0e840159e9a9aa41213d1e1e239611b6d07f94074391f95a17b154ed0cf0208378515762499e9081fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1190116c58bf1189f9de604c34c537e4 |
| SHA1 | a2cbc533c23d961cadac06701c7c58dd18a5cf29 |
| SHA256 | 37de3ce9bdc8a860172a0e9acd537b46836b5e1fb8d7fb916963bc31dc8b803a |
| SHA512 | b56aafb236bde5f63689a748db74b1fcf98a6c96c82250e767d98e0d1b6c8827b32807fa3a482b2bd6a6827ff1502fb0a12af3ed8be4279bb10d43956bf1c3cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 99452fb619b8420639b8325d8dec9132 |
| SHA1 | 481172bba66e5fed3bc8f912c0e126dc0781675a |
| SHA256 | 50ae28c06707b3cecd469aa4f1f41ed88b816e78874ca4c141568c0fe4767a66 |
| SHA512 | 4a25b516f14f2c1606a0d67bc221743e35b9cb1c330c0395e8de74bc98cb5569b342f4d3d5d87e36e886702339d392b952a8e25f4a7e49118fc7defaf0e006d4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2c0cf0d8b8e10945a45fa3d31be7480f |
| SHA1 | 8ac334fbd9bb78b265627b3e183a593ae2a38a66 |
| SHA256 | 46f44a1264f18d02ec9c5f72ae53660103602809392405d7b69f45a2ed2f8955 |
| SHA512 | f0e9b7274aa890e0aa52ef74e9efe7319faaef621be2bfef44a6d4041b49104c4abd4c88a2418efda709d0b78fa7c57b6f2143c2bce95e41ba93dc9f9b6cfed7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 30926f05ce02404143bb693d910194db |
| SHA1 | 76946e07ed6539437fe21d7da311c3e47cf1d369 |
| SHA256 | b3c66b0bff4dde90c183fedb54a33e710b349106c124cd638789c8c549ca2e9e |
| SHA512 | 10181a2405300e38f915626a9a08101190baa29b9663f9c37c7d1e6791ecf81a8d505653cc5a7e0d907fea73a3892124b02d5099400cd649f22959ada7982b83 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2ce01f0b217a4e73469cdc1928a4176a |
| SHA1 | 074981be9e8cda905c8210489cf5cde098c4c5de |
| SHA256 | 60e7689b3491e87762c53c6775ed28b00f804803775450711bcfb7cfa87b433a |
| SHA512 | 5786993a3ec67d000999a07184b1ed031458651814a40e885518303cabaef724bde49cf08512339d549d6e3647cae435a849cb43c4407018df9f26ccfa8b4411 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e12ddee19d19c865be01e3a56e5a3617 |
| SHA1 | cd3c382e507957b927d74e87b6214be276ab1ac4 |
| SHA256 | 840f494c93ce9dfc67081d5c8284b6d57e264974d6d80bcb52bad48b9e31b8ae |
| SHA512 | 0c10443d06520e6909e5d759c54daadc020403623890ae7b592e8c674bbad370d838b64fddeba280e9412ca97ecd2d163165115c8dfddaef4b715c713965f2fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bb4c2a472eefe8728cede3af191d444c |
| SHA1 | 2a1f25b5f8595ddefdf1aef3cc7c0af09e3c2dcb |
| SHA256 | f9dad6a051ee94c874e2ba2e31f347449669b273e0742bfd555ef5d282612008 |
| SHA512 | c8a88e9e5ee420d746dca009824b41928917859361fd5106034d8333c31c822e3d93fdcf04b4a1c10574141c9970a24323b3009672cc128d43a0787c4ae1bcdf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 551198b726125a1e5b66836406c38f96 |
| SHA1 | 8f517aa293c397406cc1c5dc5e63c4e322d7e225 |
| SHA256 | 70e3311582f599015c036b6a6954b935f155c38c5a9a9114d40aa782442e4c62 |
| SHA512 | 5bb458422f25b2105accfc6190232f69074b0078bdbf8641e8ec667ff932e8a08ef8c40f8646b2b5bc722b134cd173fc55fc83bde1762feed53b741e34ecc543 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d3f6fc33a1d97f2b7a9da84e0bbe2a6f |
| SHA1 | d3b591f6277adc1c9a1be7084f87b6f7a7292844 |
| SHA256 | 039194fbd4d442d6ebb88703cd0a8ac878a45d296b4daa63934911e87ed16dbf |
| SHA512 | ba557d78724ae0bd28a1bcf43a90f1c8b30c3e32be56a7aa52912da1a9e553407fb35cf532d67666745938476f517277f052f5d6220f2a3aa73f21e3288a92a1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7fb77f6e6102410d959b49de8595d760 |
| SHA1 | bee6d55c79b263c37b258ff4b6eca5e2ac191fe4 |
| SHA256 | cc3b9427b0cd76e400dc2db558e88a80d5942f50c600b5546a185df272fa8405 |
| SHA512 | ff3bec58e7faa90e1f11049a5a77a4eeae9a9e7587a333a661c41741a80093d5e6ed6ab34a84f43774a233836c7c4fabe2d8e9a90cdd320d50d55f8dcf0565bc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bcfafb704755ec86cc0a86f7caaf5282 |
| SHA1 | 8d3f9df6a9048d709c0b2e0655b69407e84d9281 |
| SHA256 | 03761c643569fab0a6f232af19cba8621386889af96a5494101b44ba8eac1488 |
| SHA512 | ea1309d37b9b6a7c31f50cc45c7b969aa4f4b679ac3b29b26b483fb5a4e20c531baf615a0c154a899e1641f9703929c22e251fc3c790782baa6b27ba071e6a96 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 58be02ae5680a69319d52056b7103790 |
| SHA1 | 615df0e097a4620739bc4a7d8cdceeee691e54b9 |
| SHA256 | aad640c739380588e956eadb1abc65efbe979dee63682bc94017c03f8ca1261c |
| SHA512 | 993bdab0b2de6679d2beca22e69fb28c12fe0381c879d4cc7b5c78d0a76020b37ab9415764047ffd82d5a4bbaa873044ac4659a226445377710ddf6824a22f78 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e5eb7b664651b8b11af5221ad63dd525 |
| SHA1 | 0836562ad322107d7fdee32fc93ce278510d8407 |
| SHA256 | 33b112e8b9f5fb81b33795ecf8e778ce584d523db1bd0651a878b7fb03b55c0d |
| SHA512 | e8976cc0bb0567546553d0543eebec79e9c56ee03fd8efbc5f332bfbacbeff879bf321976280d9ee7d9e94de62406a9dce6a6b3d70643ce1b8545a9ada95a4e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f40363455769b806a3ed73f792bbe260 |
| SHA1 | 0b94284081bf307b5a23f6b7c07a3cfb1fc538a8 |
| SHA256 | 91193c3f881d88b8b224942e95d6db70ad9061617a74f6430214a45cd66351e9 |
| SHA512 | 23761d8537ad8fdfd6ad6816289bbd0056775d5c45be3cdb3048afdbe79997dee4bf2d6a0947037ed04bfa94956340699294180d0c9740377fef995923d48ce4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c3eda75dfed12588deccd0d0e7c69ef9 |
| SHA1 | f1a4ce7cccded4ce3149d53ea158d6a98a845fa1 |
| SHA256 | 0ec6507a261d65f1c13ea0e781d570130be9d7d1ec266a9b52ef0ec80ac1121c |
| SHA512 | e731823d44c5f76a586edba1c6c8433132a3d066ac2837b3d182f47024fbc2effe2905dd0836b0587bb5317b259e210a495792ec00694bae240e75e6277d7c8f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b86872e76fd9ff8553f7b97fa226aec3 |
| SHA1 | 27c1e277020f3e62d20dfb20796fc7e643176b7a |
| SHA256 | 15124d31bf6ecf3264c4d728f9fcd36fc75c36dfd026a0a5b648f11932052abc |
| SHA512 | 258156a2a7ee7bfaa23c834080b506d044ba380743ace296537c37e719404a5a9f6616ecce6dcad226c630d6e8fad16dd31f397e1c03a670e7fc0b628c6ea305 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d68f77aa1d9aba42851c23b3baafeb13 |
| SHA1 | 396a80f3c60b147fd8e835a77997f5106cbb9618 |
| SHA256 | a13ec35cff9d4926717e681e1715bbad8e09646f07eea006d17907b0ba3679b1 |
| SHA512 | b0a2730c79da8c85cb914224fd205baff9c7acde6588d76113014a98b00c89fbc842362577c1a119a81507bac9fa0f621727b23598ce8f5766ce0cbd4de229be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 388b9a2334f2fe54e1d108eb5514590b |
| SHA1 | e1dca8c0903a273e2dd85873eb5c3dd919e370a9 |
| SHA256 | 747e0258ea778e7867721c52fe9ab2eefff91759da32ec5e4aa6a021a2b9c20a |
| SHA512 | 9d079dee949d79dd0d22b2362a2c7d5002f9d697fe921c758bbbbd32467552891f9993b87efbcd354df827ffc9cef8652b7e9a38e315dfd37ab80161f15bfdae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6c3cab6c80c0072e641593b33750317f |
| SHA1 | 576aabaae616c59732aebda11cd88f5204d34f4c |
| SHA256 | 877077fb731de949dd5a5fd0c5952dc82ca75892697665286a86c1052ee90f37 |
| SHA512 | a3604f92b54958e070562b8da08f990d739fe999aea3668ce0cd0179dc1edc4fb39f0d3c2566e979ca09f43f9d59064c748397bdb288784f4311803fcd96dbef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a7a5431a5b5c0a9d07da86869ff2b9c4 |
| SHA1 | 349b2ee76ab989a9575ad9526758e776f4ee7e08 |
| SHA256 | 1d2b9d1165c18b8b676b7a1ee0434ce4e4df4240a44c7448490b0d4c3ce8e3ce |
| SHA512 | 4da18dc0ffdc4d4b910285f9957a37fb19183bcc73abe66178b39dc13c034b0c6664933cbcc17aa5b2c2aa9058a7622826b15169b41c8b9ed84f57fa452f7f24 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | af57dd31e53ba8b6c5eb5f36ca2d73ff |
| SHA1 | c6cca1626eb8486965939aa60db16bce76e34758 |
| SHA256 | 63a2b8a2b082914944801e6b4d4792fa498d9c77418d697d28d6955f139f720e |
| SHA512 | e3756aded194289a290a3e21c8a99804ca81ce3d6b5664075078278f10d3be27abf75005bb79adfefa1127dab4bbf86d50ef718e33869bd7eaf12afbb46d6edb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b6b9b72fb408f707192c70fbccf77188 |
| SHA1 | 5dcf4d64f2d130178fc69d29a2912e2ee72f84a7 |
| SHA256 | 7678bece8acc62eaaf112345715842d65e8de745a05293653322374947973a9a |
| SHA512 | 0db26a81cf5d1f53180585f808d15371bffb4161200f62f7b5638d46d385c20271ebfd3c593921934aa77ac2c406996c97bff1d1d520ec264769c59e2d09f81c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6fbf76a3eb3c136ce259fdff9b1fa45f |
| SHA1 | 0f564635a53a21ca24d7fe39c465f2067ef4b6ad |
| SHA256 | 11d4ca9f952ac52bcb24b4e1abf34f074c398019805371210f813f8832d1395d |
| SHA512 | 1b310f27338b1591384280e4e7ef88f3c72911a00ea64464e8201c7f3a9be2cdf133d1da4455df7e94f84e8e04a9c455389cff722a71732134fb1b93e5dc0ab8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 02b834a276c0f32bfe3e50765898fad2 |
| SHA1 | 0c76ad1e45aec4ccfba560c8163d4f12d8b33ae0 |
| SHA256 | 71926b5ea30a8828a04ff38c6f59127941f0f6c480e86b15bdba3907268fc263 |
| SHA512 | 0a367e55357ce0c926c415dc3ba78f1ce444ed245f0b1f169220a787c31d4153029b335358e4a77e99d02a1bc4545d78be3fae03d33b6441695d5e0d6f253edc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1343d5fd873904d6966149111c0fca11 |
| SHA1 | 4627f22645d692b2583fb53b99e8e211a06011e5 |
| SHA256 | ec0983f70bfbab51d1fea8a1c3ac60c9da56da1f2d79d508f28c2ac69dffdc5b |
| SHA512 | 947609ef5586c441fab50c7cf159e58d1e5daaf45f9628a5d5b7dd64129f998b6b3f90e0334fb269e04c973f6d1c65b35530a4a83c15b0b2eba54f5d70c66484 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 0262a58394e354fb1648636b91d42567 |
| SHA1 | 16456557809b78ebf707320cc74e372546b9026c |
| SHA256 | 6e29c38126940e9165adb6558f218532e53efe2ff2f68cb39035324877179616 |
| SHA512 | cde7ed6e257c8dafce9b7ef183af5e8022ec2c439ddbdd55e87626f32e551455cc7a2ef15f4d5aa9d645ddf48ef02f871e246332428b477e48a47f31d5c47d11 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 6f5938898ea1efed953af27a906eabcb |
| SHA1 | f17e2bcf3bb1e89865426a8bff21ef056640f545 |
| SHA256 | 3ed9c62228e0f7c3617f10d44c1d0d80e9e6d891eb73dfbb7626915b43db6028 |
| SHA512 | af8a2a934a4221b261f304d94bcf11c2e379a846e6527fb2e30d0667c0395b4f01e252b4c18f22288ff6773f3f0683765247adaf9c6ec2b2498d1efc674c48a0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8ce54c11be9a600482b500f656d2d467 |
| SHA1 | 89b1f432f2f95b36653c22e6396d5316f887f170 |
| SHA256 | e3575424a69eded0d4ebc681eba8d527dda090e7b75c86a836d3bea6f285682a |
| SHA512 | ea7da9dfaf066b4e079d87376586302b6835f85929bd8c12b3c2a0a959ba2d5538d718e0a3d61d75ffa238e367c229e858cf3daedac6ef7d0eec81815eb34418 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A925E9A9-C252-4967-A563-FEE6AED02C36}\EDGEMITMP_99EDC.tmp\SETUP.EX_
| MD5 | 2415cb112f130a1382726afa58a0933e |
| SHA1 | 74ac041e6dc607e476dfeaff2d2bbf2b5c004b5c |
| SHA256 | 85679b3b17d42aa988b5c753b9cffe457c063d5186a94203b5e584f4156f2179 |
| SHA512 | a334cba72cb6ae4c4706ef3954e98771c4502ae5ee66d7b2d2dca759ac75890efe5a7fea46818760589a66f425a4bc9d463512bf359723685eba86ba4c1edd99 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8edd0f73dcd84c4097aab891dea0d07b |
| SHA1 | fc7a083f044b7ba6d785644e1b40286c9b78a78f |
| SHA256 | 9c5a36b50466d8873b62eee0352edc46ac46112a7c5608d0ea11ba56069b5ece |
| SHA512 | 043821b8f525de0f9ed54ffed7b9921a4773375ff0eafef93ff7bd7b2560a5e573435c0778eea2c69011e3dac284952ed121bb2796d97b9e8ce80f7e0a8401a6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d0a599a982f8fdfda9b7f4f15d5c4aea |
| SHA1 | 000bd9b72e8bbe9f44b53ec8b9328c6fad89362d |
| SHA256 | 383b05d2cfabb27dafef5b9a508854da38d6332a59c6368dd9f212743193d950 |
| SHA512 | ea236d5dad938d3b4d7b33acfc8260eda30d1099f794bcad7ae1e8a035d305503c2e952bbb1eb3241b4fb771f9417b417124d0211c451d62ff5f5ec694c63ff2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6e67eb80e9e2ef1cd99ff9e92f40f2f5 |
| SHA1 | 23725ff0d823cf8dedee48e030652eb6ae8fe079 |
| SHA256 | 7e899ea84282cf60edd996f99be52a70a6218f148c214676a37dec1a976f0af4 |
| SHA512 | 2786915df56bec68824ab1044ce2f1c863f2f46531324b347d7cfb45f5ecf6ba70a40384d3081b00392999c8a6bf362e742c742b1e416ec92800f9c0b5314001 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | be0754070cd305b0da47da1df265ff56 |
| SHA1 | 711172083d80c46103779587efcd38592300ec0a |
| SHA256 | 061a67168d5d5a6b8f1b3191a0fff8fc1a9a48e1afb9480bf286c5b9702d7289 |
| SHA512 | 5742879ac3d5e5226a0f9d72b5448c8d4ceb3cb440f5e2c782286b0c66624b6e4e20e081e2670834b4a56f941a8c1d051215d045dc7d30a1fd164bbfb0bec87e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2ffe51a73f481073b8b4eec6336d88fb |
| SHA1 | 056725217a22f866be33f6d2d8d04907b3076246 |
| SHA256 | 3dd6933913b6fcdffa60f41c410184e5451f2da986d9260d1f4718e8a19af7bb |
| SHA512 | b177a43e94cf643c48006a01d09430e8de5102364a08fad3069a787a919f5321958046355a8c83d48c56f4732ea85e48c0dc6bd024f3bbdf8d30f45e3571c129 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 405647088f9e7814d6d0eda3af0f2aa3 |
| SHA1 | 9d0c047cf5863e156ac9cc61a22ebd4eb700d93f |
| SHA256 | 14b618d9c543dc32445f93ba75bd4d04602dfe0aa937217d236b16b81ee64bc3 |
| SHA512 | 2c5378b3f7c619332b2126cfe0379cd0fd83fad33ff036c03c8bac3dfccfe04729b4d89aa805f3c7780b548c3fe54fb29f9ef30fff3e0ebf8e5498cb532efe1c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a9ba2d30a7bd657781912ab6765f9d8a |
| SHA1 | 1204f18faa999029f10a4795b6989ae5b745f028 |
| SHA256 | 1be7cfa6b1dac7b93b60bfb5f6c3bb76d385527f0b53d86f48176cf3b2231167 |
| SHA512 | 40a9646eda1a15726f490b143c663fcc9080cc54df51adb07d39da48798d8186c240008a03adfdf9c80b3fd82b5709f31f1e41f135ae97ff1b289a20473a8dca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2b299470e99aca253c8c43bf9267d303 |
| SHA1 | 67051cd84c3b4b6853476ddb08c2cca213ae43c8 |
| SHA256 | ff378c6bdd1ec863bee85e38d236e934cd26facc9f67852d54e0ee8e7c1de94a |
| SHA512 | d51ade7ef8b2ec1ebea86398d6a106baf674a3d708716abc78e01157e0536223518f462285c6567902d3f8690109cc90cea2be52d5ff60180477abc34107badf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 09d839899f73a7e10936644a966bde78 |
| SHA1 | 16db4b0173001c320caabb011949feff6e23e09a |
| SHA256 | e8cf1fa930246ae002639183125e7dbc259209c7a7d35f9ca41eefd128bc64e0 |
| SHA512 | 9be17e76fb9f6e9262ffb977109a282cc29f4904c0aa49c907f99a99760c157d1818056a9f253d084a93d5c4c053631b943f19d17735380117495a167d2ec6d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2944dd6759a14f078e370e36a4b46d42 |
| SHA1 | 59614d2b73efd32ac04ced6916b38330b8c0a046 |
| SHA256 | 0c66db6b718141622a7f788f2edb79302443f08d4c74bc62712e9edc9d6842a7 |
| SHA512 | 4bd4c769e85c11aa76b4eba62a14dce4af8a525aaee6198e8d292a73dc2d08c1aed0d261877fab52943b35c19e01bc297fe5bfc585a012e63564a56e015e4f88 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3aa689e6a321913d35ada9d138e82164 |
| SHA1 | 5710d5c761f8620fcdfd007c45fdb3aa4cc1694f |
| SHA256 | 34c84235fdd12ffb5eccab712aaf98a56120a1b8684fde07622c3794715e1710 |
| SHA512 | 4d514d9f970fca6232a3ef56a1a764a8f82d7db66a1a2ec2fdc875bb9e1c579600f7082504781153657fcd871d3949a243ec1903d848175801bed9ecb0bf7d3a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 177694993e9ee770847e102241eb3741 |
| SHA1 | c7f390cc086013d66343652ad672212124dfe1b4 |
| SHA256 | 4b90aca5d29b9f1568580bee2b4e9cabd6be3aa2fdb829ef623cf53ab3af6f7a |
| SHA512 | d2bc498c988e38e5d61f837deaf242a60c0ece19e03b36c5fcc199b7bb0c38c2dc3460a773a71807499d827f75f96fa6c74d5758fe9fc5be15678ada199f07f9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f1ea59c0fac2c2d20048f814a63f3062 |
| SHA1 | db95ef911e218e60d565c2d99f34dc3956781328 |
| SHA256 | c4daf7b0ec52d544ade61cd4479d404ede967d38aa0eb4618c2ce33134bf604a |
| SHA512 | 97f1678b485b0ea9807164a11860f2bb6886a0c6f7e3c8cfcaa9b4aef1a6be458d3cc248d6ff4d8475c4f382b7d79b7925ffe0cd370a7f80436857bea09b7acf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 541ce62eeb08399b40d63dac27c0edf4 |
| SHA1 | aeae3de6c7d3d1a2cc95fdcb67c92de0b3bc653b |
| SHA256 | 867da4d2d82aa9ce52c5afbafbef09c5fbd287c3bcdafac89b79274858242847 |
| SHA512 | c791ed68abce2e63ed1839e6c47d325d96fdc78de715e2de721e61096a23d57ba55ec51b0a0994b51a8925ea104262ef0c72bc3adb79e31271650e6d43ff1512 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | aee5f5cbc102d117b4deccbdcc5b26c2 |
| SHA1 | c2eab422a3a8c69c48dff6db1534b63288c51b62 |
| SHA256 | d11308fcaa17572aadcccf943ec8427715dc5f72ff90669b9e639b4b1e6ca897 |
| SHA512 | 1a97988ae256bcf69809421d4bb9f676a6e763161aca67c66a43d85943f71259ed98d108a122d282423f9760d052fccbbf62c8a68b075893fb927b06a1267092 |
memory/7016-4007-0x00000000052E0000-0x00000000052E1000-memory.dmp
memory/7016-4008-0x00000000052E0000-0x00000000052E1000-memory.dmp
memory/7016-4009-0x00000000052E0000-0x00000000052E1000-memory.dmp
memory/7016-4014-0x00000000052E0000-0x00000000052E1000-memory.dmp
memory/7016-4015-0x00000000052E0000-0x00000000052E1000-memory.dmp
memory/7016-4017-0x00000000052E0000-0x00000000052E1000-memory.dmp
memory/7016-4018-0x00000000052E0000-0x00000000052E1000-memory.dmp
memory/7016-4019-0x00000000052E0000-0x00000000052E1000-memory.dmp
memory/7016-4016-0x00000000052E0000-0x00000000052E1000-memory.dmp
memory/7016-4013-0x00000000052E0000-0x00000000052E1000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8174fb0a826dd65daf844c79989889c6 |
| SHA1 | e209b479b3e0721d5bb093702432c8662f20fafd |
| SHA256 | 02687609ad8c40d97e3c35f31ee1ca834c2cc6e53d0c791ee9ff6e24543d52c5 |
| SHA512 | 3681dc0fd9a4246b8decd97592a3cc47b6caf0e83586e746884c15595f38fc781fb1f6cdb6d4859a9ff51a840257e4a4fde9909a90f1e93f96ce2899e922a663 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | cc345860844b580b6d4ad5fdb5e8ae53 |
| SHA1 | dce7c4bd1bc774685eb81315e6a04948e5335a87 |
| SHA256 | 173e362db30883bfdd65985c6c75ad78e904e88665cdf5fc573d6aeff9cad83a |
| SHA512 | a90926e507743ff1cb0f8c21a63e353ee7737c99fb5a182599ddb6303a8803467bebfdda809e4d7e65535fb1c5e3354cfa0681d74ce39a0cd4435528c0388aaf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 2892eee3e20e19a9ba77be6913508a54 |
| SHA1 | 7c4ef82faa28393c739c517d706ac6919a8ffc49 |
| SHA256 | 4f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2 |
| SHA512 | b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.vice.com_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | dc18993c3832eb61cdd9975709391a9e |
| SHA1 | a587fb65d9032f1b6d6f559ee52cd18175ed72c2 |
| SHA256 | 1ab8de67f7e95011169010f9309b883850c5798900cf9575d1a6b1b73313108c |
| SHA512 | 19f828f791ed0e0507c1097b0d7a1877f43a2aa90d457a17d4bf13eeb65f0feed65a4641d6b56e0744aadc5c53e3431112575d748502326b270f55350bbfc9ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | eaa0648db1cb4ec0ad8efd432f9e1570 |
| SHA1 | b1af4c4c7e7676ebc20248007335bd41d286407a |
| SHA256 | 60643735110215e1812b13c543d00fa43ab65eb8d9f01648639a41070a4cd05e |
| SHA512 | c4e0736abf47ace209b60f18e2340201461f7c3c8640721bf9a45c9039b080f6b02c15bd9d0642cad8c2495c51bc27686a927b9bd9d264b8a7ceb1f42cfd0e15 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e567b49c45942cf5ca03b225de128a34 |
| SHA1 | 1a46e2ee0102365eb2af536d587f4978bcf37e90 |
| SHA256 | 8f706b31b9e8030962960aa28b1f529a4e4a2572b49af9bcd0d0347205ff8fcd |
| SHA512 | 64204d68039e2179a2085892f83826c291ed42818cf82fbeba38aa34bc1bb06b214370457e61340597a1141a40ce20151300e62e864d2dfa60622cb9a3b9106e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8ebd3c884307b934c57e3469cfbd0fef |
| SHA1 | 88b183c2a063d6ad8d339f80c101aef5e9b69602 |
| SHA256 | e94042827ee56f41cb3654d8a0d21d0dddc705a46ffe18b3a52bc4030efd6e44 |
| SHA512 | 8ad718ba3d425cf8c1a53c2d60342e97bae3d797427e164c71de53f99d445d9bf468ce00c8782b2368718ff039f760ec79ae5b671262393978038f54346f76ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cffe52a67c7f6b829367841b0bd2e4c9 |
| SHA1 | 74c4658c9a87fd0bb92afb7be2a069ced3d567d6 |
| SHA256 | d49e33521ace0892b77d9b7c4aa7d6401e2892ddbf7050c95defe0699c38ddab |
| SHA512 | 07528c4ad41305389586dd43bbca177f83b1567d3332ca400387b2854238576bd443f650493980b2259b19f990b2f26d485f842c2e3a084b946af6ee08f38f00 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 246b57d9b14b3f747f101760d8f2d995 |
| SHA1 | 0dcb00eeb2fffd6c18efa313b33d5bcb4fa6c1e6 |
| SHA256 | 5c6a0f8bfc8cd64418687882408890b81732109bdbd427df598231b72ae04057 |
| SHA512 | 3c0bb50425c6596f13da38f63acbdc2e559f258ff0967a87d491ee102d65c1514d39b400cf56c1668b0ef40f6dffc10f643f727070de5b6ecde643a6c2a7a704 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe666a79.TMP
| MD5 | 424fbd8cb2d5cd4b9ec2fc21b282d7a1 |
| SHA1 | 867e7f758bc359d2dea592cac4e5524d2ee57146 |
| SHA256 | 3f9f16e94f6b358de49dbedf4fa59f20d3d4ea1925fff2c4d6a9ebb7c71dac49 |
| SHA512 | 68ba1d27bb827e0cb0ff1a3869b90bfb90f1f2533ad21cc344ec81e39d9b5632a8f29eac6e5222d87c6dc8d92fef86df8ddf9a4f8afb076eb89b3e62bd1a7bf7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 6eb749f9679c854f1d5a4331273e65bc |
| SHA1 | 0ec9a938a0f22dc12540d44a94d47484f854e69a |
| SHA256 | bc74b39416da00a26cdf947c01cad561d7cd7f528347fc044c9017a5f43fbc32 |
| SHA512 | 2c92d02428545ea6f1cc4f3d8b119f615981aecb31b134a25e75903b338d8fe294e1d0f94460cffc4ecdffb5b9afcd53af5fdc1af75d6fd1c11ba663b31f807e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\df9f62d5-b887-4191-9fa8-c14cf9507962\index-dir\the-real-index
| MD5 | d8e6b5d8986769ab3c7e1e79b5291bbd |
| SHA1 | 00661b207c347392a203bbeb04b7828f80cbc59c |
| SHA256 | c32991ca59c3d39a9ae96136571b90e5b9c7fff75dff7fca88f410ec0d8b42c6 |
| SHA512 | 775aa760ea40b5c6285b0b3564ef7a00bebe5eee1ecf03d206f9430e2e1de00668d6d32c2278857a18678bdca072f1deb1f1686c630cbb12a0b77333d0cb8781 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\df9f62d5-b887-4191-9fa8-c14cf9507962\index-dir\the-real-index~RFe66866d.TMP
| MD5 | 7a279ae3639a823e02c83a7c2de64723 |
| SHA1 | f013af76d7715102b636aee0d81f7f888bf71d69 |
| SHA256 | 355db7aaaca282c3c58bdf10300a49d62fd28e628629d0150e336a5361768440 |
| SHA512 | 83b8fc966e7ff2f4a8c897303c31e8edaf16f738218cb815eebcf93a2e8e814520ddf502d43287ad33978bd297d881f06dfdc7c6187cbe4b3970ca4ce1fa1b0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\index.txt
| MD5 | a3be13d05a10ec79d567688f37c99caa |
| SHA1 | 118d148245249378e986818fe3e38771d799e4ec |
| SHA256 | 255f674e1724a936636b12bc977acc9ae27d758d291e332e0b8168df8eda061b |
| SHA512 | 3b9ce531a7602435a86bdd0655662626bf0e7dd01075bee0486b0bda86bbf09eda901180801e74d5607ccc42e1a53bb40118ef009f6933af69bf7b84861e3f48 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\index.txt~RFe66866d.TMP
| MD5 | 7333304e123164c545b96588c27d1f00 |
| SHA1 | 32e692f29841c7bc7d392dbd1ae7bb378c31220a |
| SHA256 | 1484b9bc81c5f35e3681d1a5d297cb62c985420c30e4883835ca3fa30c706d53 |
| SHA512 | 58276ad783ca38a665d9235d20f87f7c32801486d1bce65b2221c374b58ef9eda852ab1ac5cf3dc94da6547de1bea2eb596b655abceee03d6544a603e2d87fda |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | df54d0669a9650a2a6c43d1029748633 |
| SHA1 | fa30fe48958c1768818d30446cd392ac571ee44c |
| SHA256 | f34066d6b3ff6a14e735609261c8a24b0b1f4a7105a6f3e20ba33a6d7c9fc668 |
| SHA512 | 37db56c7c8bac6b65fc68e19c9fd462537cae508bcafacd87ff41df969712aa814c73aaa6a15eafc282837a9eb7fe490c2e314853c4ff3f8b70aadb43768398d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b427fc2ffb5d3c673dffc225bdfd583b |
| SHA1 | 6dfcddceba2f4c6ea4c3ff922a0b64b828bc7a92 |
| SHA256 | 77e0002b465c91747ead522f60bd5b323f1298d6d7cbc13ab8070e4ec5b28a2f |
| SHA512 | 01f0bd50141bf7a95850e5d0d568c4493eb01ca4e1c16759f0f00a53759661e4dea9286da56402c3337cd40d4f07b797eb66e477188be2b3a483394f08fc9163 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 124608142189addf3e7a7ff0b42af455 |
| SHA1 | a116324dc9b7bc2900f3738fbb92c4c01cb7b7a0 |
| SHA256 | 10dfb977bf03f76ec89228bf4bdc094d4337df0159fbd484ec7a9d24ab6d980c |
| SHA512 | a20a794443ac8ed39658dacd18229ebf46bac7806a44e06b4f87747bf4ee41c04e3479569c54cb2bec84ce6f00bfab70098bcd468172c79e69a4c6b07a482c55 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 266a49923267a9a44325c17a05a614d8 |
| SHA1 | c917cee22fcbacbe9f55ea2a5e037f8005651a88 |
| SHA256 | af85a146b3cd53151b3e07b2f19e06e9a7c5a56caa2a223dcb63a68d7db60b39 |
| SHA512 | 0a4e1ad8fdd2cfd7774c6608978bc2aae8105d9070498e711d7608974efbfc7f946fa86cb2bc1df291056c3cfd4ce4af2b26e9597ae94c8977f7052a758f8795 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 668ea54a9337ffd4ce064518c2732522 |
| SHA1 | 868d0592c77b6f3da10d255176430a790d94e8e0 |
| SHA256 | c7d77d1a3a69b1dce52e503398bc24ba5484882ebcbf249f05d101f0ecd1e121 |
| SHA512 | 903453e43a589c7b1f8d5f65644114a684eed062128631d58c8d258bcd5dbba583c952afcc77eb3e01433615f1011a90164a4b0d360602b476eb9074677b4c22 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 95b952635f06610e4c11e85090054619 |
| SHA1 | 10463a65271cd6d2d86aaeb8d471a08537a15b84 |
| SHA256 | 7e69108d6d0ab7224445642123ef2aeb2fb2a899ab2d5a66f16251d17ec4ff9d |
| SHA512 | d8d6e5646772a854a129e05d68ab921e4798a686697a8a26d0dc7f29d11819446470d5c6ace487cb26eca8d7404c52556973ee111be20aa51067c2c9fa2ab954 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 052cde90c7352f12e1e58800edbb9999 |
| SHA1 | 217312b3b845e09e2ed0e097e09eda44bdca6b96 |
| SHA256 | decb5ac3f57a1ac26af94af62347cdbcdf297345cb0413740b2385b7a13892fd |
| SHA512 | 298708c263464414146a9789cb6dd904db73cff66f127683ad379343b5fde96f2ce8ea5dba0e3350b1b9323b67cef1882b8dc315f1fc5b3108a5656d148c1456 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bfb063db4c97752ae4e8e597f7d8786c |
| SHA1 | 84c64811f645f070bb72350368a7a3de83799231 |
| SHA256 | fedae177843071480b0d6c29475c34af737d112190435c40b79c7166db054c53 |
| SHA512 | 02e700c7a9ebd9f9a8542f61d51993e05a778097f89e1598703c646162ced279f5b56a59d71ba9f8209cec4b4a8ca6e1c0ece3adb469b18a6e70f5ba6c4c0d4b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 34c58f5017ee36194a0bc6ddb506edd8 |
| SHA1 | 3b4516e61784ff97cc180fdd58ea34447516dfdc |
| SHA256 | 580f6fe2cd14047cedd1be005610778f5bd366e313e0068d88cc34d3ef29741b |
| SHA512 | fd5a5df08823c3b5f539da8eb2c77b36e1a9973643a489a275c80d3f1e09710a943edd9bcab3778832563d5e1a06ca1bd6d62138228d421bfe9f6af0bf131e45 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d2b031fcc9632900b3291e15def41f65 |
| SHA1 | d939753bea993895dc4829086b1ca30d1807c3af |
| SHA256 | 6924727e6cf1de8c909782f55f10269c1648d93af6494ec00e806ac856206572 |
| SHA512 | 418157243897fad22eb90ef201c05a0ed3dfcc12d3e3d7c99b678b3609884e1906954a615551c0e06ee996c5f0c43870ea8f294cd7263876d386233b33bcbcae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c09d637a924a9d5e5f93ce4e1bacfbaa |
| SHA1 | a471365d2f5297ba03eaa404e3a519513e8c4517 |
| SHA256 | 7f30cf331aefb43b624a7b75c9566d7d9ab781c2cb504ecd8e02fb9c8e0833b6 |
| SHA512 | d8270d62ac641f038e44dd15d66f849192558124de91c7639e270c4c881003c404b6a3d8eada11809affad00d677dff9222c249f4df79f692466133ac6fa1c43 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 8ee425f5785ba9c7d43c5e2b6e6376ea |
| SHA1 | a9154d44889bf74ada48b0122e49e9273287944a |
| SHA256 | 01edb8849e1aed22b6c18db8a4057eaa8ca2ef5d0dc1a07c1769223318efdecf |
| SHA512 | dd4fd387ca88af76c71be1487952e3c57b2aa7433bacd8f1f3b8a73640c63f719292e9cdd579728e8c21a4a0e12af6e3919c159387dc849512947d16e5b6708a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1da3740739df1c153b0989fd972f1432 |
| SHA1 | 0381a951256c36199fb10ed10c80e410e3a5f0f8 |
| SHA256 | 5d2f46a0fc4d589284144bb987746361b2fc12dfe879e4a9fe33f1dc403a7fbb |
| SHA512 | 6c75d9500263649487d26fd8284882498caa6c67bda3df8c87a1a3edd555fc1ac18d26071437a982fb8caa68bb7766339a95ef7956039f12d1fa951ff7783df9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\index.txt
| MD5 | 3649a4e43d31e0f28ca4e9a6202caaf7 |
| SHA1 | e1c309d55d8ab71c80704df73839cf066a03f123 |
| SHA256 | 2dfc3daced64cc11eb165e5dd66662b0433c8174a62dc3697b2a927ce6945802 |
| SHA512 | 5189bc334dd573a0e0891f97c3068fa1e9ded02558148ca67714578df6728ee0587d1e4029bc53b0bdc536dff798b79a27862d6100c5f5514e6c5f5e3be43471 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\df9f62d5-b887-4191-9fa8-c14cf9507962\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\index.txt
| MD5 | 04643b5089e7192d433a33e8ffa905e3 |
| SHA1 | 94bafeebe668fd4aa72b6d33e01bdc46c4100ccc |
| SHA256 | 023867707b6ff82ac6f48c95944ed0440f395548cae2a4825644e88990e40ecb |
| SHA512 | 752bc3185087324a6db7076446f5a8b20a1b2af3dda15a8eec69fdd4a1ee7f29aa2c2af46ba609fb252e151546695a3345d58441fa3d4ad27ffbcce714f3948d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\index.txt
| MD5 | 9382c80055d4593624ffc789bc6e4ee9 |
| SHA1 | 54c908bcdbfd584fb5a1ddd5f46fe833c59d645e |
| SHA256 | 6acc9fab8f3eb014ae7e3bc2960e53c8463ea85cf7b6a5f4e1b88b812c1cf225 |
| SHA512 | 439b8775e094e8504efb5cfcbfd9d02c698b629a0597b6d45c3822246ff95252d0227e62ea8b2f114d8af83147926c1b275bb73b13a68b3932807e038c61aee8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 7721f39183a6e0c5f7dbfae798ab6855 |
| SHA1 | 70c50de30e8af19624b45aed1cb3c040524a384c |
| SHA256 | 99415b19cfcd584a2311802e962a7c59d6743ddba020e03fef5c7ee2ae7bfd23 |
| SHA512 | 1fe9681ea5bfb992bf1306e37057136ae2d43b0d43682983e24e4bc5ef6c84367659c78f7fd1a3df275262699b65a629e19dcd3b18bb0e7eb6acf59182f2257d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0882ac238ea50ceaee6161973c17e924 |
| SHA1 | e6d0f1a2dfba60a5cefd035c0ff79ec38f42fe42 |
| SHA256 | aa1fe04e929e5163cc943aa9de83c97c10c341b691362c6f5634b458af0d5ff9 |
| SHA512 | 680dae1a3974a433c9fddae6c9f0230896de2b168e8aa79d78e560c51f81408746414008d06dd3a2c553ee07a86b7be453f6ff17da9c5cf2b2121407a1c1998c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 96e316eb23b8e70fb8776965f75e189d |
| SHA1 | 75170817c55442ba44f8e3204466def8a8265739 |
| SHA256 | a4b2c07b022945fa83bae71b9f356d4623920a83723598aae3192b6dd9e2254c |
| SHA512 | 8c886b3c152f733b5150a339931d351fcb0dfc6f2d68b95dce7fd36f102acba8eff663998e4238b41e1c556c165252ad178d4081f7ded1b57e689df7b4374b67 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d32d20caff3275cd395456efe278cbf2 |
| SHA1 | 066bb85b0dda6b56d7501b45c8189a80ef3aeb06 |
| SHA256 | 1c2a9363151ccc94ca2bff097ab9f832f442d9abaf6d99148c738299de917af5 |
| SHA512 | 5edd4de7893aaf6986c116bff96b2afb1e3d3e56a8d53efe054f5c63d7b17ce8d11cb4f812b66fd41bcdb13d077441d31ef42fc6694ca3ca562fa9bdbd20a2c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b40a205417337133bee4de1e847574fd |
| SHA1 | 520e248c5e5501daea0475fb5bdbf8da352a551a |
| SHA256 | 58d918fd811891700f21b93d926ba8bcc08292950e89f977745ca79c6188bca0 |
| SHA512 | 2530dd4bc98461288cfc235b20e5f75288d4fab0b3bab970e4c5847243d6260e8dec60cd5db029287f08614bb74e64d6947fbee884940d1b85920b8c84c35ed8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\0aa4377c-4933-4b6a-bc40-21183f40a8a9\index-dir\the-real-index
| MD5 | 334ed9a251991e09f428370426d17a80 |
| SHA1 | adf0e579551141f604f01d1aca661a484075def6 |
| SHA256 | 2b90da7d3e101e7e6eddb50b51035c2c9813692ee940756178984fec19a62e8f |
| SHA512 | 724d9cb49fcaa06fd2bf123aab0bf2847a9a65de9dba03dbf5fc52552b139eb65b63294556e7c13f4755816bcc42eddc50ec8b71b6e232cb6b7b9afbc68f9548 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\0aa4377c-4933-4b6a-bc40-21183f40a8a9\index-dir\the-real-index~RFe6896bf.TMP
| MD5 | fe5c974f09ed1806197107d15f081c42 |
| SHA1 | e1427bbe2f0f188f5f1c4e238de8ba98fd1bf6f2 |
| SHA256 | 7d77037157203e2e721f80c47b10e8c17696633dbfcb543f702deb25b78fd54c |
| SHA512 | 6a66d43bf8416290bf32ae21b11d5a7be0b1bd102e71b0264ac76a6b723385d88ba66dd48d30ac33dccaf4776984e1e7028fd3b437ac8b2bcc0ce3661ce83ba1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\d378c0d7-a4a6-4b60-bd42-66857643b1a8\index-dir\the-real-index
| MD5 | 6c7a5242838d01b720bc9b5d33d57db5 |
| SHA1 | 659e8dc6ad8151efb1d73661310555b25a8d9f5c |
| SHA256 | 258de649a082b36bc60e75b4f430a9a09dad7f3782b9f0f8363e12b31d981fe1 |
| SHA512 | c7715bf57ef2662ffa8c0f0af6e839b05a70bc2e896e9a8e409d9c2f46a794c5ae14eaf65b4a951094cf622df86be821ab1b8696a2e6e6816b0328c7be3305bc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\d378c0d7-a4a6-4b60-bd42-66857643b1a8\index-dir\the-real-index~RFe68974c.TMP
| MD5 | b5a32991d1efaa50bca16b26b207149d |
| SHA1 | bddfcf49b1ff35d22947072840f074444a9106a8 |
| SHA256 | 79e0ae428be4f8f9de2a0ee0a99c53dc08eb28007f2f2cbc3cbb2be4980e3554 |
| SHA512 | ddea94c71e8c09f11616d90033aad90e2e42bad2152d9ec1b5db234a6c848027c398c6a370169cc2f593810ed5b42d2108d0b812858f099560273f01c1c33e53 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1e8768494515da3b0c24e65c48e8b020 |
| SHA1 | 50adc567610460b40a72692575385abefd60dfe9 |
| SHA256 | 663195c2b30e04eba9e4ab68b90683b30015e2408439d0bd6d84c065e222ea8c |
| SHA512 | 1494bc97305298fb144e158ea6b81a1c62a84496b6fc0a4e24cb9e15a828bad70b2e6341248b279f0685a150fe597157f4c4efb38b99b14f2e9d65fe235d0b37 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2d9c3fb2087806631e4373243bb346f5 |
| SHA1 | 79b85ebcf7adbba488fe7d4b15856a491f4b3a91 |
| SHA256 | 685cbd33bab4e3cc426b507ac2cba26ccabb4b614168151b2979bb85c0d9a8ce |
| SHA512 | cda79bcaabd70b86b1f75db7eda92e032abcfc04344809cd1862eccdefa18d73e7d90a7600b18127b70956bbd4d49c0274e9f3bcb4c2dcf0ea22310726620ae1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\c1ae4240-7dfb-454b-ba01-1436459735df\index-dir\the-real-index
| MD5 | 5c46f97c27a2538e252ceb2dc8ba31df |
| SHA1 | 8fc7705ca49bb40cfaf5c7ee16ea55b253b968e4 |
| SHA256 | e6ba274394f0ab8da161a20f0fa197abe1b181d3e8e6b01c0597037873934d09 |
| SHA512 | c29e4b7a4a41b3b758560a9d9a5c69025ce94f4611ece4540c706343bb9ee9f37352425f7976b5042c4b8a6d825f60da1d3b19bac806f9bd22d740c56db27a47 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\c1ae4240-7dfb-454b-ba01-1436459735df\index-dir\the-real-index~RFe68ca91.TMP
| MD5 | b80c35e971c422ed71655c13344c6349 |
| SHA1 | 908e41af30c754668461b116386408d4b252f260 |
| SHA256 | 60cbf770087fa135a07d3c3029a7c7f6fcc7b833dea10645d61134d1dbbfd542 |
| SHA512 | e1cf8349b795430d3d8587a0882b8b67bac6f709da33688ffa78393fdd4300bc15020f3b876d72e7ed3dea68c89647e878e894edbdcfb3aa26ad1572903aafd3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\index.txt
| MD5 | 9971a43123627050980e4a5079f8b65d |
| SHA1 | e19fc52e62c3649817d0737e23a887bac77fd871 |
| SHA256 | 4dd547c6071889c544a0a86cba0d2850ced1eb7c9dd4bad9caf968d7de333765 |
| SHA512 | 5446421a77676b583168ed6ef758b0bdd04df6e793b580dde8e135b3b98d18bd72cb6f028455de7bd6cf86faac7ec9729e733838df14f77fb944859988a02d5d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 12e729ee295e429b3db5cc4208159a2c |
| SHA1 | afcc85207beac7cdb5246424fdbcc9477b2da19d |
| SHA256 | 0cb5be8cf584c7027363a6e8a6a8fccbeb75c2f0edadd2ca2b2398b121965507 |
| SHA512 | 2fffa369098465aa1495ee801606d3fd84d33ab81f08f3fcad4cac7e5ad44e53e4f11f2e35ff87c0a7ba6c29613259def9169648e9fa82f6ced87168267760a9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 13d07908698f556f487eee78183cb329 |
| SHA1 | fe194ce98bbf037f9fdc89cdfbc9f8e28af3ae6c |
| SHA256 | d858e6514decd9852d5c9b1997732debdad15257953ef219778c6d5df4ebe234 |
| SHA512 | 0554ce2e272f7be1106561787b2168faa589d82eafd31986ad0998e470e102ba159584c2d2689af5949a57480027aa209b225094119ba010afcde387fe9d8f40 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | eda1e087826a1d6be37654fadee2df58 |
| SHA1 | ce1cfdcb684a1ea702895c598fcedafc1ee67f49 |
| SHA256 | 18e4b8b8f46bccd472c32b8fc283280e0264592897e8cf37c99e8777ba29e057 |
| SHA512 | dee4f3fe522db9e017f2c257678c08cd5b99024a9d705ec3103f83302fee3a0220cdb78cc413fd1fd0da44982039bf88f165c976d2922f1437302ed05b220af4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 249da74d97a54427b5e84b71b7ad0059 |
| SHA1 | 0ff43be82697776c6112bfcc55c1f236a6464978 |
| SHA256 | 4ed64acb3fa863e32b0ae50333600a4e61ac75558026662e60fb045b39ee1e97 |
| SHA512 | 98fbb8e14875ef864c1f005e8f557bf8923640ed815a3528dd5f5e48008f9043e37eacbfb76dce228bb908f2ba8a6f85786831a11b3169182d0902b38d948f3b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | ea8a1cc9ab4407467f7e4d9b40974897 |
| SHA1 | 27fa9f5eb9ddc272b098552b5b0b449749ff3ca7 |
| SHA256 | eb2a1c3b1ae259d6b151e073762b689552f5910e178e53487512a8134d25869e |
| SHA512 | 1b0319d4fb95c805019b4e91761e6d6aa7a61e1c2bdf7797f4d9ef82afd98d8425c0de5aca7a4589fb1b84bbd39b4948c0fc42023446d5267f3925bc0bdac0ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c305341b42563d2e4137c4a2b75bd7f8 |
| SHA1 | 54bbf767e64ff87e140cdbc62146c9da53bb360d |
| SHA256 | 086013efb91295f52a56c2d1c3bc715bbfd16397eb5bf4bebc183286bff4294d |
| SHA512 | 1b5ea05331ec82c140ba879d3ce4bdfc6c76b4aabb061836024ebf4b8c0e93c2d4730cb83540e647d1ffb651800480c26d051f26dc42ed39ecceb9945cf83192 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ad4b4f42e888daf35454c339d7afe734 |
| SHA1 | 79be64e20bcd4956b06db100f899d8f3157de1c8 |
| SHA256 | 022c55e32739c971182ff82a7c314bc10b91150f49314ad11b79e2be8d70b3ba |
| SHA512 | 6ba15269a8b5e103581978ed4b4ce2510c6490830972b77bcdcc772ec278a6c259ec3d38770de159249fd3d32fcef2bd218801d938432a5766aa5afffcd27d2e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b76ed8ef50d3f52a01fcc598d9d650b6 |
| SHA1 | bf747a4d23236dd836d389b5cdd3aed625808fa2 |
| SHA256 | b4bb444b0e92893e5fa0bc664c89a2ff603b36e989c8a0bb4a9581f7fc9b0647 |
| SHA512 | e2df276d63385629f89591bfe9db8c7fcb4716b326d5fb871baf4cfc436f8b50890536180b9d5840471f25e506852fdb5a1fb27bbb8dadffd269e89150cdeb5e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4e7b29e905e00f858cedc6f8ccee46e0 |
| SHA1 | d94d1f4f5e24750252ea9b14a38373404ce2efaa |
| SHA256 | 7a3d1da1dfb7e0609d4557835db17db84d527b71d698c4ce3014ebc6990d60a2 |
| SHA512 | c35dfcb768f0e19d577226e9e84f8ca980eb1a6775df89b7d0bc4286b15f8b88333942ef55e2fc88d1bc46427e572776da076252eb333f776d4e9361a0230200 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 079ab9d597e4b8db2b7cc7e867758eb2 |
| SHA1 | 85f47731b9247b0f0745a59917b8b362dcda5d47 |
| SHA256 | c7c158347bc433169a3edb1ed2bd0c919594effbbfff1e67c1d2263bdc93eed8 |
| SHA512 | 335e20a3ec2aff982ca9547d6285f6f90a91966546ad6843984e780f4b995c93d7de1f0e2504cf96644c5cea7447656b57acbf0d3aaadadb5b4ee49872176b7c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2f16a6a86518097b48ad676afe63cbed |
| SHA1 | faa7987e76662568a76d57bbaff4d5d747873c5f |
| SHA256 | d8035a63e8ffe3104a83ab85bd025d1f7f989187a827f2ddba93e15d668dee4c |
| SHA512 | 3993632bde64cb145c0f4b64281e72597295bdd5efaaa9b8dc07577ce979849c72f544cc88a3bfc2a32b77def679114916d2eb0d7864967290303556860ea358 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 35b3744c1bebf553cc037b25773b0fc6 |
| SHA1 | e66880060dc2fec6fa9daf06840ae2d8b330a6de |
| SHA256 | 07509af0c6da0cf870b29bd06f878b6635ffc1ab656c4dc0b772bf27cf79d23b |
| SHA512 | f80163dbd0116abe477b6a3cb0bc7b92fff0fcc0d30c950fd8730c4359c0451afa1b34bd1273cfc091c5b001929bdeebacb949669fd9285df727f0b166deba76 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 55b26c7db072ff39fb3d836e3425779f |
| SHA1 | cfc6e0b5348a53f34115f56fa8f041efbb03e934 |
| SHA256 | 06a7f91c71d51c9beedd85a078e0601213c79c76bc553fc09b6d9ee3db3762bb |
| SHA512 | 793fb6fed0d5c61b97b39d2a6d9c427141963657523a1f88fde260a9e5b5078bc38898edc4cd710ecc0ee42b38eb8e5845c187492040cc72ace3c913a8d26fcd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 776dcce46305da00c39df10f9e5b584a |
| SHA1 | 1ff74c87620d10b131888bb8583a7f1be8733b60 |
| SHA256 | 8363788b75e5039640b470e1cec092808d25c364af9c23769e461924368de929 |
| SHA512 | e36bc13456f63cce89f5b6a3b7ace9eb3cb06d05b5d45ad41e5dd3a3a09d27a308ababddb146c3908ead35ddf1bf5f310bf32713359b393db2be4cc39dd6c900 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b3f5ab9dff0069a8cc6a583a28d4ec0f |
| SHA1 | a3c67d627d1e99f4556bb601da62d412ca0a7221 |
| SHA256 | 92dd0ad2b52e85106d2ddd4672f614e9466fb8a66592a290123ead1e6186de96 |
| SHA512 | abede283e14f35a4f659f5d3c9bdda9ed12c18eba3479bd553822a2694fdc73d0063426c8510533507bd5c60e0030e432f0c1ff93c0307f085fb9d3cc051ce2a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e7a313641d805d3a75631ed8f2dd85ea |
| SHA1 | 5da3b453c13575da93c5a58dc265bd3b4b7e1668 |
| SHA256 | e19b780dcfcc50872492be2e7dd20f6c3b4fb7f4668f799c008834c6e98fde3d |
| SHA512 | 20867c08dc31d804b46e23dfc511e3d9419394a1cbb238afafd6ade33ba03e105635e0b832a8276203a20a8ad49f4aac5b797d571a40d7de4729e789f49c3518 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000093
| MD5 | 51970acf652853c2ca7afba17fdb64e3 |
| SHA1 | 37f4a7dc94674bcbe60ac13ae186f23ce22edec5 |
| SHA256 | e2288f280cbb2de19c19e5b0bdee58fe1ac13ec87f576029272ea4ee4af92857 |
| SHA512 | 798a39c7adca64ce4c1275ad125c6c530bb32c586dd2f350f8120d6a504a0d50ccef32a442ee3495762ba7af3719bdde297d1b97bfc3747ba1d5dab69974632f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004e
| MD5 | 097c8d5a6824861ec989ec06e53b3df7 |
| SHA1 | 0478b50edf88a19c2848f0bd1d9452480ef782cb |
| SHA256 | e039c05623d6f7f1895ed6e049b01ef33b86ec5988e3104119face44f4ff12d9 |
| SHA512 | cb72032d58e6eeeb60704cc5e7e7f48faf09cba5dbf63a61dbf47e07dfc446d655f19a6ade67fb49b72ccf652e7d537510559445ffa2994cd590eb6bce4f88e0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004f
| MD5 | 7329db207c726877f7087f266b76de33 |
| SHA1 | 9698b47033c33b687da7421bc1dab9a0dfdf49ab |
| SHA256 | 198f92a52fec081e25cf0a41d5a98d5471d6e463b6fb3599b0b64ce26d10bc45 |
| SHA512 | 3914c388aa25ae08cffa9dfd84431dcdcb7fc933ff2f91e3b6bbd297ff9403653b583a49fae59822b364ed9ce942ca957971877d5ec3ee6ed324aa4511081385 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000056
| MD5 | 16e6897aaaaeb8fa242815c20d259360 |
| SHA1 | f232f9742c8b42f3cc870cea297151016def6312 |
| SHA256 | 8a73362db01e8adda6a81d4dc2a42746f90ff203691b92b0c917f22eac954b14 |
| SHA512 | be10a1121a0da961ab337cf6902bc8cc6779d80624a624c82ab69e969a867e7027fb4812f01c07b0d04c9da8a55dfc443dfbc5fc8468df5ccbe1f181229e29d0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000054
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000053
| MD5 | c0ae6666f9cba37590eddfeb9891a2ce |
| SHA1 | 64468bf8cd31a932aa0eec0b87f78848c0c2723e |
| SHA256 | cb6557870f0da23eaf84af6746fa6619393a95bbf0f1dcb387e224408ec349b8 |
| SHA512 | 358828316e5e71ff582acf08cc5964ede89e2ce8a49f7b658b1a2beda52178bb9e10de22189a44644ce29382ff643b5a6c311258f36ae9dc5a2e0c430858200c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000055
| MD5 | c4c54608b0e6f10c7581bb894e641ce0 |
| SHA1 | 411b0a1b5fb4bdd0927abe67bb0815f5b0fadbad |
| SHA256 | b82a276ec8d6e7fa023adddf87fb03bcdeed17934907c6be47646af89f5afc33 |
| SHA512 | 152568eaee33e23615257e6868a6f803d729ae456daaca4601b2a1113605ae70caf65e7c9d9d7bbfd660e543a67d02ac82158eff004e377d63b8cef38281ff55 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000057
| MD5 | ce36ca62e278376eb0b03336d46c7b30 |
| SHA1 | 7da160e62817fbaece4e7ec12cf3a459353b15ca |
| SHA256 | eb74577d65417dc3fda1ccad67c76095b92c7be7f2a2001891ba48083530f0be |
| SHA512 | 0135b5c5e44ce6e08ea3df4a66eb801926c21dd15dd8f849fa7088d562f4afdee97b7b4c92301214faadb7d36ad1053abaadb2d0feaf649b6696399c9ba1640f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bc851342c7f7b8d49971f354adad1b39 |
| SHA1 | e43fc5c375a3b1a7d727ff30fcc94140ee280dd5 |
| SHA256 | 583156fa7a06487e70d8e57f5bc19a693ad6794063ccaf5a9c1bdea042ef4465 |
| SHA512 | ab1d4acfaf848939903820d6a6ea46043016acae28df160cb6a5bf6178f501a535de74a7c517724b64f36d211e0ab228444ff58cc2d40a14c804393e102fbe51 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 48cab53dd14a97caf70f5eb905dee0dc |
| SHA1 | 366f37da08a5a9694b34e251733e7e85673267b8 |
| SHA256 | f0b91cbb5a08e009a4bca52849e1c8409b3671601ad01c1dae4a816a6111cffa |
| SHA512 | fa1594025e0750762d4adec7eafb11beb6d32469af161c17108100041f383737dfcba446c42e1f86a583263391f72dc637065fb437424d6f7753df4733d754cd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7080341beba1073e0b9c8487238a9d4d |
| SHA1 | 3d914957603f2edd8bc8c709078684ccc6573702 |
| SHA256 | 5deb3e801dcfda26ecc45c67dfd87d95be35f8df63a14e2607171087362980e9 |
| SHA512 | 1a97d7feef6c67d005c9d5e5af5259643b257737c592538dedb00dc8de21119ffb8517f9a5d9620de7d250d4ce677e214936c4ece66f213eb65310cbeb6b36ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036
| MD5 | 9196e81f8ed7f223d765423c1f9bc8a7 |
| SHA1 | 88f9d5c2a6908cf36b8daae803578ca9e1fd2929 |
| SHA256 | a4e2bcf7ef3c6c614c2142d3c1fd44caac4eafa86a1779ac31cba164e2d89cbe |
| SHA512 | e7d23866fcac017762d2e2f18597124e9147f458d30038f78ba9f3a2bcbe479fe4792573894370ce2d6f93a00401231d9f01955fde351ff982a82ba87a8241f8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037
| MD5 | fca52241a7735ea5486b3db1b9a00387 |
| SHA1 | 82fa35d863d484c0ffad0fb4754e10ec13d549bf |
| SHA256 | ad0cb23e74fb15a7cde53a10efbe4eff76284fbf7d3dd43428a783d158418921 |
| SHA512 | 7b012f74289b4b4ca03e324807ae1d7062c835476438b875f2db61b4f41e0f083b6140057f2d750458123ff791457cc8dfb02b877e2d075c54235398c9b51a03 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000044
| MD5 | 3fa8c23b89d34fcc51359db6d0551837 |
| SHA1 | 69750d3260f6f371a516bfddfe15ca26cf068f44 |
| SHA256 | 4218aacba68899324cbb3f9b7e09967916e41477312ced5dfde41082c6e147e6 |
| SHA512 | 27dfd1aa035ba829b8d76dd8f8012a98dcd06178a9bcafc32a82886b7b06affbd72afd2fb093749a719b43a61a966165d991a2a377a939da24649da288bc4688 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000042
| MD5 | 41caba792bd0815c50d2586663a2f6e9 |
| SHA1 | 8ba297073f4502b840d2c5f0a24ba9d515e2dd84 |
| SHA256 | 8dcaaaa16bd33e6cfe7af170332ce93febfc6e8e7d1600d1465732e4405e08a3 |
| SHA512 | 0a8753df627984de1cbde85ab8b8fbaf49f9b76a5728675eb7973a0f072d31f00a4b6df1b9a459d3bc6405ff92a70acf9d1b5393daa0c1a0d34742800cc9c9af |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 57d73b00894c000b9522d4f5db1deb73 |
| SHA1 | 2658e741a3cb4105dd1509ff901bb329877dfa39 |
| SHA256 | 4ceba404890c1be54c152c471495c49187cf902b8144e481be1f5cb497469a1d |
| SHA512 | 356543ad9528df1b62843cb51b39ab9b1e38b332f002fd1df7bd1a36d7bed3a59895815529e2a0a29006ee1f3606a25358d5039f870562242a29d2dcb4d8567a |