Malware Analysis Report

2025-01-18 22:14

Sample ID 240429-q15f4scc9y
Target https://www.google.com/search?kgmid=/m/045c7b&hl=en-US&q=Google&kgs=aaa6c4dde0a95d37&shndl=17&source=sh/x/kp/osrp/m5/1
Tags
adware discovery evasion persistence stealer trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file https://www.google.com/search?kgmid=/m/045c7b&hl=en-US&q=Google&kgs=aaa6c4dde0a95d37&shndl=17&source=sh/x/kp/osrp/m5/1 was found to be: Likely malicious.

Malicious Activity Summary

adware discovery evasion persistence stealer trojan

Modifies Installed Components in the registry

Downloads MZ/PE file

Sets file execution options in registry

Checks computer location settings

Registers COM server for autorun

Executes dropped EXE

Loads dropped DLL

Checks whether UAC is enabled

Installs/modifies Browser Helper Object

Checks installed software on the system

Adds Run key to start application

Suspicious use of NtSetInformationThreadHideFromDebugger

Checks system information in the registry

Suspicious use of NtCreateThreadExHideFromDebugger

Drops file in System32 directory

Drops file in Program Files directory

Enumerates physical storage devices

System policy modification

Suspicious use of FindShellTrayWindow

Enumerates system info in registry

Modifies registry class

Modifies data under HKEY_USERS

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

Suspicious use of WriteProcessMemory

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies Internet Explorer settings

Suspicious use of UnmapMainImage

Suspicious use of SendNotifyMessage

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-04-29 13:44

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-29 13:44

Reported

2024-04-29 14:14

Platform

win10v2004-20240426-en

Max time kernel

1799s

Max time network

1802s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.google.com/search?kgmid=/m/045c7b&hl=en-US&q=Google&kgs=aaa6c4dde0a95d37&shndl=17&source=sh/x/kp/osrp/m5/1

Signatures

Downloads MZ/PE file

Modifies Installed Components in the registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A

Sets file execution options in registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EUA426.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EUA426.tmp\MicrosoftEdgeUpdate.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-4018855536-2201274732-320770143-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeUpdate.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\MicrosoftEdge_X64_124.0.2478.67.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4B0A5DFA-F340-4DA0-A12E-1C77BE682BB5}\BGAUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0828C763-AB66-4B3D-9E33-A10C8936AD6D}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUA426.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\MicrosoftEdge_X64_124.0.2478.67.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUA426.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Registers COM server for autorun

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\notification_helper.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\PdfPreview\\PdfPreviewHandler.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\notification_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\notification_click_helper.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\!BCILauncher = "\"C:\\Windows\\Temp\\MUBSTemp\\BCILauncher.EXE\" bgaupmi=437965BB3C244275AABA892D0F36CD4D" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4B0A5DFA-F340-4DA0-A12E-1C77BE682BB5}\BGAUpdate.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Installs/modifies Browser Helper Object

stealer adware
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EUA426.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EUA426.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Locales\mr.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\fonts\GrenzeGotisch-Bold.ttf C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\Controls\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ViewSelector\right_zh_cn.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\ExtraContent\textures\ui\LuaApp\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\Locales\hu.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\TagEditor\TagEditorPluginIcon.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\VoiceChat\MicLight\Unmuted60.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\Locales\fi.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\AppImageAtlas\img_set_3x_15.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\identity_proxy\win10\identity_helper.Sparse.Canary.msix C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\StudioToolbox\AssetConfig\public.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\TerrainTools\mtrl_leafygrass.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\Controls\PlayStationController\ButtonR3.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\PlatformContent\pc\textures\marble\normaldetail.dds C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\PlatformContent\pc\textures\water\normal_01.dds C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\icon_friends_16.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\PlatformContent\pc\textures\sky\sky512_rt.tex C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\Locales\uk.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Locales\tr.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\fonts\DenkOne-Regular.ttf C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\MaterialGenerator\Materials\Grass.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\Emotes\Small\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\WindControl\ArrowUp.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Trust Protection Lists\Mu\TransparentAdvertisers C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\fonts\families\Fondamento.json C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\StudioToolbox\AssetPreview\pause_button.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\Controls\DefaultController\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\ExtraContent\textures\ui\LuaApp\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\mojo_core.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\PurchasePrompt\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\VoiceChat\SpeakerDark\Unmuted20.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\ExtraContent\textures\ui\LuaChat\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\ExtraContent\textures\ui\LuaChat\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\msedgeupdateres_nl.dll C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\AnimationEditor\icon_delete.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\RoactStudioWidgets\slider_caret_disabled.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\msedgeupdateres_zh-TW.dll C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\Controls\XboxController\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Locales\id.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Locales\kk.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\sky\moon.jpg C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\AnimationEditor\img_key_indicator_border.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\DeveloperFramework\checkbox_unchecked_dark.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\chat_teamButton.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\Controls\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Locales\lt.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\Trust Protection Lists\Sigma\Analytics C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\MaterialGenerator\Materials\Mud.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\icon_premium-16.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\Settings\Help\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\ExtraContent\textures\ui\LuaChat\graphic\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\fonts\LuckiestGuy-Regular.ttf C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\DeveloperFramework\icon_backward.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\GameSettings\search.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\ExtraContent\textures\ui\LuaChat\9-slice\tag-bubble.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\Trust Protection Lists\Mu\LICENSE C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\fonts\Montserrat-Medium.ttf C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\GameSettings\friendsIcon.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\StudioSharedUI\audio.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\Modal.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\VoiceChat\MicDark\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\Controls\PlayStationController\PS5\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\PerformanceStats\TargetFiller.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge\InstallerPinned = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133588718960361429" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ = "IPolicyStatusValue" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods\ = "8" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ = "IAppBundle" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{08D832B9-D2FD-481F-98CF-904D00DF63CC}\VersionIndependentProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{69E11C9D-4974-41A2-B067-9F26953CF52A}\InprocHandler32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ = "IPolicyStatus3" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\CLASSES\MIME\Database\Content Type\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\ = "Update3COMClass" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ = "IAppVersion" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\ProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\NumMethods\ = "6" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\LocalService = "edgeupdate" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ = "IRegistrationUpdateHook" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{08D832B9-D2FD-481F-98CF-904D00DF63CC}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\ie_to_edge_bho.dll\AppID = "{31575964-95F7-414B-85E4-0E9A93699E13}" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods\ = "8" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\LOCALSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgePDF\Application\ApplicationCompany = "Microsoft Corporation" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\MSEdgeMHT\shell\runas\command C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A}\AppID = "{A6B716CB-028B-404D-B72C-50E153DD68DA}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\NumMethods\ = "41" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ = "IPolicyStatusValue" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachine.1.0\ = "Microsoft Edge Update Broker Class Factory" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\NumMethods\ = "41" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\NumMethods\ = "7" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods\ = "5" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\BHO\\ie_to_edge_bho_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ = "IApp2" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ = "ICurrentState" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ = "IBrowserHttpRequest2" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\NumMethods\ = "9" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUA426.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUA426.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3912 wrote to memory of 2732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3912 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

System policy modification

evasion
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe N/A

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.google.com/search?kgmid=/m/045c7b&hl=en-US&q=Google&kgs=aaa6c4dde0a95d37&shndl=17&source=sh/x/kp/osrp/m5/1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe5a3dab58,0x7ffe5a3dab68,0x7ffe5a3dab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1636 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2208 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3048 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3060 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4012 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4180 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4524 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4704 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4836 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3132 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4172 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4968 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4696 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3168 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=device.mojom.XRDeviceService --lang=en-US --service-sandbox-type=xr_compositing --mojo-platform-channel-handle=3460 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5124 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4168 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4376 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4736 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=device.mojom.XRDeviceService --lang=en-US --service-sandbox-type=xr_compositing --mojo-platform-channel-handle=5488 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x4c4 0x3f8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4612 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=1648 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=4588 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4828 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5068 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5692 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=2276 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=device.mojom.XRDeviceService --lang=en-US --service-sandbox-type=xr_compositing --mojo-platform-channel-handle=4848 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=5728 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=4304 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4604 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5956 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=6072 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=4636 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5940 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=3580 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=5988 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=5864 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=4360 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=5596 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=4292 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6024 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6020 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6120 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5036 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6000 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3580 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5632 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"

C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RUVFQzI0NzMtQjM5OC00RTE5LTg4MjUtNDU1MTVFQTQ0NzE1fSIgdXNlcmlkPSJ7NzM4QjA2QkYtQjI5OS00MDZBLUI0REMtNDU3Q0I0NjI1NjQ2fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins4NUJBRUIyNC0wQjNCLTQ1RjQtOEY1NS0xRTg2MjhFNkQ1Qzd9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7RHhPYmpIR2ErblJhMmF0QzN3bytJRXBDNzgrWlllQVVia1hwREMyY2o3VT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4NS4yOSIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwODIzMzIzNTExIiBpbnN0YWxsX3RpbWVfbXM9IjQwNiIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{EEEC2473-B398-4E19-8825-45515EA44715}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RUVFQzI0NzMtQjM5OC00RTE5LTg4MjUtNDU1MTVFQTQ0NzE1fSIgdXNlcmlkPSJ7NzM4QjA2QkYtQjI5OS00MDZBLUI0REMtNDU3Q0I0NjI1NjQ2fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InsxNkZCQjBCMi1GRUM4LTRDRTctQkExNS02NUMzNEU0M0IyQkJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7RHhPYmpIR2ErblJhMmF0QzN3bytJRXBDNzgrWlllQVVia1hwREMyY2o3VT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTEwLjAuNTQ4MS4xMDQiIG5leHR2ZXJzaW9uPSIxMTAuMC41NDgxLjEwNCIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwODI3MjUzNTA5Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\MicrosoftEdge_X64_124.0.2478.67.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x108,0x104,0x100,0x258,0xfc,0x7ff7e43688c0,0x7ff7e43688cc,0x7ff7e43688d8

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RUVFQzI0NzMtQjM5OC00RTE5LTg4MjUtNDU1MTVFQTQ0NzE1fSIgdXNlcmlkPSJ7NzM4QjA2QkYtQjI5OS00MDZBLUI0REMtNDU3Q0I0NjI1NjQ2fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntDOEMyNDIyQi01RjNELTRCRTAtOTVBQy1FMUU0OTYxQkFGNUR9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTI0LjAuMjQ3OC42NyIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9Ii0xIiBpbnN0YWxsZGF0ZT0iLTEiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTA4MzgxMjM2NzEiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDgzODE1MzY3NiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExMDY5NzkzNTM2IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy8xMzFiZDVkNy05YzY1LTQ3NmEtOTA3NS1lMjQ5NGY4ZGE5ZTQ_UDE9MTcxNTAwMzcwNSZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1tb2NNTzJlV3RrU2VRQVY3T25KdUVuOW1Ma2dMb2lzdTRCY1kzSXBCb00lMmZMTmRPUzBDbEhjWSUyZmlIOWZqRGJvbkd6SXpObGI2cjVUJTJiTXlvUXhGODBadyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE3MjcyMzc2OCIgdG90YWw9IjE3MjcyMzc2OCIgZG93bmxvYWRfdGltZV9tcz0iMTY3OTYiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMTA2OTk4MzY3MiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExMDg0MDkzNTI0IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMTUzNzQxMzUwOSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjcxMiIgZG93bmxvYWRfdGltZV9tcz0iMjMxNzciIGRvd25sb2FkZWQ9IjE3MjcyMzc2OCIgdG90YWw9IjE3MjcyMzc2OCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iNDUzMjgiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe" -app -isInstallerLaunch

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=6296 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5940 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8

C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:fjJ7GBZ9vfsFk11AR88ic7EYfi29doIrLU57bqZ92U3rUZpHO5CuBQhZQQu3LeblVzi28lJKnodiOPaJdQXO5XCTL7g-cc4UgB-pPcv4snnXT5IRHAzN0mIEheFkz0RHx275lIgB-EnEB6_60v9nOcVRpeNs5GpCElL1mKwGzY_8mLikJ89FNHTs32kYtR6_ntMUYnHVt6p_Vtm46WaUfF2GROTskgXjMk5LSbUp4G4+launchtime:1714398832054+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1714398656959005%26placeId%3D1537690962%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3Dc1ccbafb-ff27-46d0-92ac-b9e5e9ddfc76%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1714398656959005+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=6728 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:fh_azOapYf6e1niYMpv3AWXONd60ygd1cC7NedQfTSif11Tyc1s0lABI2yYKeT9_744P1-u14WrVJqB0Hc2Re3CdgrGCs2TwM0Jb8H-XeYQQYCVX-evPm8xP-xmmf_MnE6sB62PmEXsFpLwNw4FjoOH01-7DzkDh_YXxXTDeOwFJY1V7J3afHmnv6PmaMTc9-j_O0LTo2ycTRhtpQfCvYeYYWiD1xPWOisfhDD1PTJA+launchtime:1714398832054+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1714398656959005%26placeId%3D1537690962%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3Dc1ccbafb-ff27-46d0-92ac-b9e5e9ddfc76%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1714398656959005+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe"

C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=6132 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:0eDmAuJ6nfPdp7CzrqgkzS-44rwZdu9DoCNaotaA8-EiW2W0djErYr-KpA8cwB5Yc8xnpXkn0p8fdz70pA-fX30z6CuFEMuTnRLWaWdOr89rww2fZaqW8GwQNR3_G1W7pOvhoOdksDdAZlIYvwMbL6CzjsG36OdDFA8Od8Yufg3psBcJewJWhMWX_Tyok0NWyD-7HDo6jjBZgyzlqsIc5qZnzjSKYFsw5PeGY2MPiwA+launchtime:1714398832054+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1714398656959005%26placeId%3D1537690962%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3Dc1ccbafb-ff27-46d0-92ac-b9e5e9ddfc76%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1714398656959005+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=6728 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:tlVhuISn3SQX4t6wlLq6fIQkUGu5HAlJA82VgdeLbDPw2voHBvL2ImGoza1Z202NPQM9smEC3vYbcExhYkGgB5NbdOzaidSEMrts0ShjiIaG4E9X8cHsgKFi4tRrykeT2qpQFeLwa576zNwc_pZeTcxTYDlKtfMeRIHNDnEIJJTunAXyRErOngCNBoChrfmit29jWi2hqFXqUbJcTdY4WltFKOH1t6BEa5KFDoxNKVg+launchtime:1714399078131+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1714398656959005%26placeId%3D1537690962%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D002e6b63-2f2f-429d-9c73-00a8082339e5%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1714398656959005+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=6752 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=6676 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6780 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7080 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4B0A5DFA-F340-4DA0-A12E-1C77BE682BB5}\BGAUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4B0A5DFA-F340-4DA0-A12E-1C77BE682BB5}\BGAUpdate.exe" --edgeupdate-client --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MzFBN0JCQjUtMTdFQy00RjY3LTgwOTUtMTNGNEUxQzJFQTc0fSIgdXNlcmlkPSJ7NzM4QjA2QkYtQjI5OS00MDZBLUI0REMtNDU3Q0I0NjI1NjQ2fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntCMUEzQjdCQy04MEU5LTREQTctOUI4Mi0zRTRGMTg3RDU2RDZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7MUZBQjhDRkUtOTg2MC00MTVDLUE2Q0EtQUE3RDEyMDIxOTQwfSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMi4wLjAuMzQiIGxhbmc9IiIgYnJhbmQ9IkVVRkkiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iLTEiIGluc3RhbGxkYXRlPSItMSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzgzMDc5Nzk4OSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEzODMwOTUzOTczIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDcwMjM4MzgiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0NDMzNzUyMjg2IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJkbyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNWYxOTU2MTItMzg0YS00OGVhLTg0MDgtYjRlZGU5ZGM1NmJiP1AxPTE3MTUwMDQwMDQmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9ZHZIRXhqVG05JTJmRzFYS1RRbXZhTWkxSXhsYmwlMmZVZ2hoU2NOdUtkN2dGdnJxWjFud3ZjYmZxb0E4RlJrbUlqSUtoeWZKTTVzbjJZNFh5RGFzYUYlMmZqUUElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIwIiB0b3RhbD0iMCIgZG93bmxvYWRfdGltZV9tcz0iMTUiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNDQzMzc1MjI4NiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNWYxOTU2MTItMzg0YS00OGVhLTg0MDgtYjRlZGU5ZGM1NmJiP1AxPTE3MTUwMDQwMDQmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9ZHZIRXhqVG05JTJmRzFYS1RRbXZhTWkxSXhsYmwlMmZVZ2hoU2NOdUtkN2dGdnJxWjFud3ZjYmZxb0E4RlJrbUlqSUtoeWZKTTVzbjJZNFh5RGFzYUYlMmZqUUElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxODA0NDQ0OCIgdG90YWw9IjE4MDQ0NDQ4IiBkb3dubG9hZF90aW1lX21zPSI1NTg3MyIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0NDMzOTA4MzAxIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTQ0Mzk4NDYwMTkiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNDQ0MTI1MjExMyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9Ijg5MCIgZG93bmxvYWRfdGltZV9tcz0iNjAyODAiIGRvd25sb2FkZWQ9IjE4MDQ0NDQ4IiB0b3RhbD0iMTgwNDQ0NDgiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIwIiBpbnN0YWxsX3RpbWVfbXM9IjE0MSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0828C763-AB66-4B3D-9E33-A10C8936AD6D}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0828C763-AB66-4B3D-9E33-A10C8936AD6D}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe" /update /sessionid "{5AED3171-4B20-4521-9197-0A395685AF5B}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NUFFRDMxNzEtNEIyMC00NTIxLTkxOTctMEEzOTU2ODVBRjVCfSIgdXNlcmlkPSJ7NzM4QjA2QkYtQjI5OS00MDZBLUI0REMtNDU3Q0I0NjI1NjQ2fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins2RTFEQTY3Ri05NTI2LTQxMEEtOUZCRi02MTI0OTFFMjlDOEV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xODUuMjkiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iSXNPbkludGVydmFsQ29tbWFuZHNBbGxvd2VkPS10YXJnZXRfZGV2O1Byb2R1Y3RzVG9SZWdpc3Rlcj0lN0IxRkFCOENGRS05ODYwLTQxNUMtQTZDQS1BQTdEMTIwMjE5NDAlN0QiIGluc3RhbGxhZ2U9IjMiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0NjA4MzczNzQ3IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0NjA4MzczNzQ3IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ3MDIzODM4IiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNDYyMjkwNDgwOSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iZG8iIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzcyZWQ4MDg3LWVlOTgtNDI5Yy05MzMwLWNhM2MxOTNkNDFhZj9QMT0xNzE1MDA0MDgyJmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PWZxQkpIYUJWS0laTyUyYlFrRlBuMW5sY1FNRVlHSmZDUHBJdEhBanl5TzdnOEFLYkIlMmIlMmZTaFZEOUdCYXN3VWRFRXBhcSUyYkRGY0ZSVk9RWlJjSTl5djVlJTJidyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSIwIiBkb3dubG9hZF90aW1lX21zPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0NjIyOTA0ODA5IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy83MmVkODA4Ny1lZTk4LTQyOWMtOTMzMC1jYTNjMTkzZDQxYWY_UDE9MTcxNTAwNDA4MiZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1mcUJKSGFCVktJWk8lMmJRa0ZQbjFubGNRTUVZR0pmQ1BwSXRIQWp5eU83ZzhBS2JCJTJiJTJmU2hWRDlHQmFzd1VkRUVwYXElMmJERmNGUlZPUVpSY0k5eXY1ZSUyYnclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNjMwNzkyIiB0b3RhbD0iMTYzMDc5MiIgZG93bmxvYWRfdGltZV9tcz0iMTM3NSIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNDYyMjkwNDgwOSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNDYyODIxNzczOSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxwaW5nIHI9IjMiIHJkPSI2MzI1IiBwaW5nX2ZyZXNobmVzcz0iezdFN0Q4QTRGLUQwMzktNDM1RS05MjlCLUIyNTUzMEY5MjUwNX0iLz48L2FwcD48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iOTIuMC45MDIuNjciIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iMyIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNTg2MTI0MDA4NDc1NDcwIj48dXBkYXRlY2hlY2svPjxwaW5nIGFjdGl2ZT0iMSIgYT0iMyIgcj0iMyIgYWQ9IjYzMjUiIHJkPSI2MzI1IiBwaW5nX2ZyZXNobmVzcz0iezMyRDU4RDM0LUYyMDMtNEI2NS05M0YwLTEyNDZENjBCMkM1Mn0iLz48L2FwcD48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iMTI0LjAuMjQ3OC42NyIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiIGluc3RhbGxkYXRlPSI2MzI4Ij48dXBkYXRlY2hlY2svPjxwaW5nIHI9Ii0xIiByZD0iLTEiIHBpbmdfZnJlc2huZXNzPSJ7NEU5NkUwMUUtNEE5OS00Qjg3LUI0RTgtOTFEMjUxRjFGMEM0fSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\Temp\EUA426.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EUA426.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{5AED3171-4B20-4521-9197-0A395685AF5B}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NUFFRDMxNzEtNEIyMC00NTIxLTkxOTctMEEzOTU2ODVBRjVCfSIgdXNlcmlkPSJ7NzM4QjA2QkYtQjI5OS00MDZBLUI0REMtNDU3Q0I0NjI1NjQ2fSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7NkJBMjFFMzgtNzQ1RC00MjM2LUIzMDYtNjA0RTU0REFFNkVCfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNzEuMzkiIG5leHR2ZXJzaW9uPSIxLjMuMTg1LjI5IiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMyIgaW5zdGFsbGRhdGV0aW1lPSIxNzE0MTM0OTMzIj48ZXZlbnQgZXZlbnR0eXBlPSIzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNDYzNjgxMTE1NSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RUJFNjgxM0MtRTY0OC00NTMxLTgxNzUtNTQ0NDQwRDFDRkFCfSIgdXNlcmlkPSJ7NzM4QjA2QkYtQjI5OS00MDZBLUI0REMtNDU3Q0I0NjI1NjQ2fSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7MDcwMzZFQTQtQUNDNC00OUFBLUExM0QtNDQ0NUQ4RDU0QTk4fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O0R4T2JqSEdhK25SYTJhdEMzd28rSUVwQzc4K1pZZUFVYmtYcERDMmNqN1U9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjExMC4wLjU0ODEuMTA0IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIzIiBpbnN0YWxsZGF0ZXRpbWU9IjE3MTQxMzU5NDUiIG9vYmVfaW5zdGFsbF90aW1lPSIxMzM1ODYwODUzMzAwMDAwMDAiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIyMTE0MzI0IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNzcwNzIzMjU1MyIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\MicrosoftEdge_X64_124.0.2478.67.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff7331c88c0,0x7ff7331c88cc,0x7ff7331c88d8

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff7331c88c0,0x7ff7331c88cc,0x7ff7331c88d8

C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe" --msedge --channel=stable --register-package-identity --verbose-logging --system-level

C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff7b65c88c0,0x7ff7b65c88cc,0x7ff7b65c88d8

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RUJFNjgxM0MtRTY0OC00NTMxLTgxNzUtNTQ0NDQwRDFDRkFCfSIgdXNlcmlkPSJ7NzM4QjA2QkYtQjI5OS00MDZBLUI0REMtNDU3Q0I0NjI1NjQ2fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins3NDBBODEwOC0wRDAxLTQ3RkUtOENCQS01OEJDN0NENTNFQkJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4NS4yOSIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJJc09uSW50ZXJ2YWxDb21tYW5kc0FsbG93ZWQ9LXRhcmdldF9kZXY7UHJvZHVjdHNUb1JlZ2lzdGVyPSU3QjFGQUI4Q0ZFLTk4NjAtNDE1Qy1BNkNBLUFBN0QxMjAyMTk0MCU3RCIgaW5zdGFsbGFnZT0iMyIgY29ob3J0PSJycmZAMC44OSI-PHVwZGF0ZWNoZWNrLz48cGluZyByZD0iNjMyOCIgcGluZ19mcmVzaG5lc3M9InszQkQ1OTUyMS05RUMwLTRDRTctOEFCRS1CNkZGM0Q0NzM2OUJ9Ii8-PC9hcHA-PGFwcCBhcHBpZD0iezU2RUIxOEY4LUIwMDgtNENCRC1CNkQyLThDOTdGRTdFOTA2Mn0iIHZlcnNpb249IjkyLjAuOTAyLjY3IiBuZXh0dmVyc2lvbj0iMTI0LjAuMjQ3OC42NyIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSIzIiBpc19waW5uZWRfc3lzdGVtPSJ0cnVlIiBsYXN0X2xhdW5jaF9jb3VudD0iMSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNTg2MTI0MDA4NDc1NDcwIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjEyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNzcyNTUxMzYzOSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNzcyNTY2OTc4MSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNzc1MTc2MzY2MyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNzc2NTIwMTU3MCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTgxMTc4NDg1MjMiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSIxMzI4IiBkb3dubG9hZGVkPSIxNzI3MjM3NjgiIHRvdGFsPSIxNzI3MjM3NjgiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIyIiBpbnN0YWxsX3RpbWVfbXM9IjM1MjY1Ii8-PHBpbmcgYWN0aXZlPSIwIiByZD0iNjMyOCIgcGluZ19mcmVzaG5lc3M9IntGQzE4NkYzNi1FRkEyLTQ4NUYtODBERS1BMEI0RjRBNkNBODJ9Ii8-PC9hcHA-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IjEyNC4wLjI0NzguNjciIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIwIiBpbnN0YWxsZGF0ZT0iNjMyOCIgY29ob3J0PSJycmZAMC40MCI-PHVwZGF0ZWNoZWNrLz48cGluZyByZD0iNjMyOCIgcGluZ19mcmVzaG5lc3M9Ins1NkI3MzBGOC0wMURFLTRDQkEtOERDNS1GNkZEQ0RBNjAxQTR9Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 4.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.201.106:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 227.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 106.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 71.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 203.142.123.92.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 consent.google.com udp
GB 172.217.16.238:443 consent.google.com tcp
GB 216.58.201.106:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 www.snapchat.com udp
US 34.149.46.130:443 www.snapchat.com tcp
US 34.149.46.130:443 www.snapchat.com tcp
US 8.8.8.8:53 static.snapchat.com udp
DE 18.66.192.14:443 static.snapchat.com tcp
DE 18.66.192.14:443 static.snapchat.com tcp
DE 18.66.192.14:443 static.snapchat.com tcp
DE 18.66.192.14:443 static.snapchat.com tcp
DE 18.66.192.14:443 static.snapchat.com tcp
DE 18.66.192.14:443 static.snapchat.com tcp
DE 18.66.192.14:443 static.snapchat.com tcp
US 8.8.8.8:53 130.46.149.34.in-addr.arpa udp
US 8.8.8.8:53 14.192.66.18.in-addr.arpa udp
US 8.8.8.8:53 aws.api.snapchat.com udp
US 8.8.8.8:53 us-central1-gcp.api.snapchat.com udp
US 8.8.8.8:53 story.snapchat.com udp
IE 3.251.220.163:443 aws.api.snapchat.com tcp
IE 3.251.220.163:443 aws.api.snapchat.com tcp
US 35.190.43.134:443 us-central1-gcp.api.snapchat.com tcp
DE 18.66.182.248:443 story.snapchat.com tcp
US 8.8.8.8:53 gcp.api.snapchat.com udp
US 35.190.43.134:443 gcp.api.snapchat.com udp
US 8.8.8.8:53 134.43.190.35.in-addr.arpa udp
US 8.8.8.8:53 163.220.251.3.in-addr.arpa udp
US 8.8.8.8:53 248.182.66.18.in-addr.arpa udp
US 8.8.8.8:53 web.snapchat.com udp
US 8.8.8.8:53 cf-st.sc-cdn.net udp
US 3.163.248.4:443 cf-st.sc-cdn.net tcp
US 3.163.248.4:443 cf-st.sc-cdn.net tcp
US 3.163.248.4:443 cf-st.sc-cdn.net tcp
US 3.163.248.4:443 cf-st.sc-cdn.net tcp
US 3.163.248.4:443 cf-st.sc-cdn.net udp
US 8.8.8.8:53 4.248.163.3.in-addr.arpa udp
US 8.8.8.8:53 sentry.sc-prod.net udp
US 35.190.39.56:443 sentry.sc-prod.net tcp
US 3.163.248.4:443 cf-st.sc-cdn.net udp
US 8.8.8.8:53 accounts.snapchat.com udp
US 34.149.46.130:443 accounts.snapchat.com tcp
US 34.149.46.130:443 accounts.snapchat.com udp
US 8.8.8.8:53 56.39.190.35.in-addr.arpa udp
US 8.8.8.8:53 api-kit.snapchat.com udp
US 35.190.43.134:443 api-kit.snapchat.com tcp
US 35.190.43.134:443 api-kit.snapchat.com udp
US 8.8.8.8:53 snapnet-cdn.storage.googleapis.com udp
GB 172.217.16.251:443 snapnet-cdn.storage.googleapis.com tcp
US 8.8.8.8:53 251.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 iframe.arkoselabs.com udp
US 104.18.33.170:443 iframe.arkoselabs.com tcp
US 8.8.8.8:53 graphql.contentful.com udp
GB 172.217.16.251:443 snapnet-cdn.storage.googleapis.com udp
US 34.149.46.130:443 accounts.snapchat.com udp
GB 146.75.74.49:443 graphql.contentful.com tcp
US 8.8.8.8:53 170.33.18.104.in-addr.arpa udp
US 8.8.8.8:53 snap-api.arkoselabs.com udp
US 104.18.33.170:443 snap-api.arkoselabs.com tcp
US 8.8.8.8:53 sc-static.net udp
US 104.18.33.170:443 snap-api.arkoselabs.com udp
DE 108.138.40.243:443 sc-static.net tcp
US 104.18.33.170:443 snap-api.arkoselabs.com udp
US 8.8.8.8:53 tr.snapchat.com udp
US 35.190.43.134:443 tr.snapchat.com tcp
US 35.190.43.134:443 tr.snapchat.com udp
US 8.8.8.8:53 49.74.75.146.in-addr.arpa udp
US 8.8.8.8:53 243.40.138.108.in-addr.arpa udp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 134.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 28.143.109.104.in-addr.arpa udp
GB 172.217.16.251:443 snapnet-cdn.storage.googleapis.com udp
US 8.8.8.8:53 accounts.snap.com udp
US 35.190.39.56:443 sentry.sc-prod.net udp
US 8.8.8.8:53 aws.duplex.snapchat.com udp
IE 108.128.110.172:443 aws.duplex.snapchat.com tcp
US 3.163.248.4:443 cf-st.sc-cdn.net udp
US 8.8.8.8:53 172.110.128.108.in-addr.arpa udp
US 8.8.8.8:53 bolt-gcdn.sc-cdn.net udp
US 35.241.16.93:443 bolt-gcdn.sc-cdn.net tcp
US 35.190.43.134:443 accounts.snap.com udp
US 35.241.16.93:443 bolt-gcdn.sc-cdn.net udp
US 8.8.8.8:53 sdk.bitmoji.com udp
US 8.8.8.8:53 images.bitmoji.com udp
DE 108.138.36.75:443 sdk.bitmoji.com tcp
DE 108.138.36.75:443 sdk.bitmoji.com tcp
DE 108.138.40.243:443 images.bitmoji.com tcp
US 8.8.8.8:53 93.16.241.35.in-addr.arpa udp
US 8.8.8.8:53 75.36.138.108.in-addr.arpa udp
US 35.241.16.93:443 bolt-gcdn.sc-cdn.net udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.16.227:443 beacons.gcp.gvt2.com tcp
GB 172.217.16.227:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 lens-storage.storage.googleapis.com udp
US 8.8.8.8:53 227.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 193.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 21.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 133.190.18.2.in-addr.arpa udp
US 35.190.39.56:443 sentry.sc-prod.net udp
US 8.8.8.8:53 cf-st.sc-cdn.net udp
US 3.163.248.4:443 cf-st.sc-cdn.net udp
GB 172.217.16.227:443 beacons.gcp.gvt2.com udp
US 3.163.248.4:443 cf-st.sc-cdn.net udp
US 8.8.8.8:53 bolt-gcdn.sc-cdn.net udp
US 35.241.16.93:443 bolt-gcdn.sc-cdn.net udp
US 3.163.248.4:443 cf-st.sc-cdn.net udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 web.snapchat.com udp
US 35.190.43.134:443 accounts.snap.com udp
US 8.8.8.8:53 accounts.snapchat.com udp
US 8.8.8.8:53 cf-st.sc-cdn.net udp
US 35.190.39.56:443 sentry.sc-prod.net udp
US 8.8.8.8:53 aws.duplex.snapchat.com udp
IE 108.128.110.172:443 aws.duplex.snapchat.com tcp
US 8.8.8.8:53 api-kit.snapchat.com udp
US 35.190.43.134:443 api-kit.snapchat.com udp
US 3.163.248.4:443 cf-st.sc-cdn.net udp
US 3.163.248.4:443 cf-st.sc-cdn.net udp
US 35.241.16.93:443 bolt-gcdn.sc-cdn.net udp
US 8.8.8.8:53 gcp.api.snapchat.com udp
US 35.190.43.134:443 gcp.api.snapchat.com udp
GB 142.250.178.4:443 www.google.com udp
US 35.241.16.93:443 bolt-gcdn.sc-cdn.net udp
US 35.190.43.134:443 gcp.api.snapchat.com udp
US 8.8.8.8:53 13.179.89.13.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 id.google.com udp
FI 64.233.162.94:443 id.google.com tcp
US 8.8.8.8:53 94.162.233.64.in-addr.arpa udp
US 8.8.8.8:53 www.roblox.com udp
DE 128.116.123.4:443 www.roblox.com tcp
DE 128.116.123.4:443 www.roblox.com tcp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
DE 18.173.154.114:443 css.rbxcdn.com tcp
DE 18.173.154.114:443 css.rbxcdn.com tcp
DE 18.173.154.114:443 css.rbxcdn.com tcp
DE 18.173.154.114:443 css.rbxcdn.com tcp
DE 18.173.154.114:443 css.rbxcdn.com tcp
DE 18.173.154.114:443 css.rbxcdn.com tcp
US 2.18.190.134:443 static.rbxcdn.com tcp
DE 18.173.187.32:443 js.rbxcdn.com tcp
DE 18.173.187.32:443 js.rbxcdn.com tcp
DE 18.173.187.32:443 js.rbxcdn.com tcp
DE 18.173.187.32:443 js.rbxcdn.com tcp
DE 18.173.187.32:443 js.rbxcdn.com tcp
DE 18.173.187.32:443 js.rbxcdn.com tcp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
DE 128.116.123.4:443 www.roblox.com udp
US 8.8.8.8:53 4.123.116.128.in-addr.arpa udp
US 8.8.8.8:53 114.154.173.18.in-addr.arpa udp
US 8.8.8.8:53 32.187.173.18.in-addr.arpa udp
FR 128.116.122.4:443 roblox.com tcp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
US 172.64.154.86:443 roblox-api.arkoselabs.com udp
DE 128.116.123.4:443 apis.roblox.com tcp
DE 128.116.123.4:443 apis.roblox.com tcp
US 8.8.8.8:53 apis.rbxcdn.com udp
US 2.18.190.83:443 apis.rbxcdn.com tcp
US 8.8.8.8:53 locale.roblox.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
DE 18.173.154.114:443 css.rbxcdn.com tcp
DE 18.66.192.35:443 images.rbxcdn.com tcp
DE 18.66.192.35:443 images.rbxcdn.com tcp
DE 18.66.192.35:443 images.rbxcdn.com tcp
DE 18.66.192.35:443 images.rbxcdn.com tcp
DE 18.66.192.35:443 images.rbxcdn.com tcp
DE 18.66.192.35:443 images.rbxcdn.com tcp
US 8.8.8.8:53 auth.roblox.com udp
DE 128.116.123.4:443 auth.roblox.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 4.122.116.128.in-addr.arpa udp
US 8.8.8.8:53 86.154.64.172.in-addr.arpa udp
US 8.8.8.8:53 83.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 35.192.66.18.in-addr.arpa udp
US 8.8.8.8:53 3.123.116.128.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.187.234:443 content-autofill.googleapis.com udp
DE 128.116.123.3:443 ecsv2.roblox.com udp
US 8.8.8.8:53 234.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 assetgame.roblox.com udp
DE 128.116.123.4:443 assetgame.roblox.com udp
US 8.8.8.8:53 ncs.roblox.com udp
US 8.8.8.8:53 web.snapchat.com udp
US 34.149.46.130:443 web.snapchat.com udp
US 172.64.154.86:443 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 142.250.200.46:443 google.com tcp
FR 172.217.18.195:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 46.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 195.18.217.172.in-addr.arpa udp
US 34.149.46.130:443 web.snapchat.com udp
GB 142.250.187.234:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
US 104.18.33.170:443 roblox-api.arkoselabs.com udp
US 104.18.33.170:443 roblox-api.arkoselabs.com tcp
FR 172.217.18.195:443 beacons.gcp.gvt2.com udp
GB 142.250.200.46:443 google.com udp
US 8.8.8.8:53 gcp.api.snapchat.com udp
US 35.190.43.134:443 gcp.api.snapchat.com udp
US 8.8.8.8:53 beacons3.gvt2.com udp
GB 172.217.169.67:443 beacons3.gvt2.com tcp
GB 172.217.169.67:443 beacons3.gvt2.com udp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
DE 18.173.154.83:443 css.rbxcdn.com tcp
US 8.8.8.8:53 83.154.173.18.in-addr.arpa udp
US 8.8.8.8:53 tr.rbxcdn.com udp
US 8.8.8.8:53 lms.roblox.com udp
US 8.8.8.8:53 realtime-signalr.roblox.com udp
NL 104.109.143.29:443 tr.rbxcdn.com tcp
DE 128.116.123.4:443 lms.roblox.com tcp
DE 128.116.123.3:443 realtime-signalr.roblox.com tcp
US 8.8.8.8:53 thumbnails.roblox.com udp
DE 128.116.123.4:443 thumbnails.roblox.com tcp
DE 128.116.123.4:443 thumbnails.roblox.com tcp
NL 104.109.143.29:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 chat.roblox.com udp
DE 18.173.154.83:443 css.rbxcdn.com tcp
US 8.8.8.8:53 contacts.roblox.com udp
US 8.8.8.8:53 notifications.roblox.com udp
US 8.8.8.8:53 accountsettings.roblox.com udp
US 8.8.8.8:53 economy.roblox.com udp
US 8.8.8.8:53 friends.roblox.com udp
US 8.8.8.8:53 privatemessages.roblox.com udp
US 8.8.8.8:53 trades.roblox.com udp
DE 128.116.123.4:443 trades.roblox.com tcp
DE 128.116.123.4:443 trades.roblox.com tcp
DE 128.116.123.4:443 trades.roblox.com tcp
DE 128.116.123.4:443 trades.roblox.com tcp
DE 128.116.123.4:443 trades.roblox.com tcp
DE 128.116.123.4:443 trades.roblox.com tcp
DE 128.116.123.4:443 trades.roblox.com tcp
US 8.8.8.8:53 bom1-128-116-104-4.roblox.com udp
US 8.8.8.8:53 iad4-128-116-102-3.roblox.com udp
US 8.8.8.8:53 lga2-128-116-32-3.roblox.com udp
US 8.8.8.8:53 lhr2-128-116-119-3.roblox.com udp
US 8.8.8.8:53 waw1-128-116-124-3.roblox.com udp
US 8.8.8.8:53 aws-ap-northeast-1a-lms.rbx.com udp
US 8.8.8.8:53 sin4-128-116-50-3.roblox.com udp
US 8.8.8.8:53 lax4-128-116-63-3.roblox.com udp
US 8.8.8.8:53 aws-ap-northeast-1d-lms.rbx.com udp
US 8.8.8.8:53 fra4-128-116-44-3.roblox.com udp
US 128.116.102.3:443 iad4-128-116-102-3.roblox.com tcp
US 128.116.32.3:443 lga2-128-116-32-3.roblox.com tcp
IN 128.116.104.4:443 bom1-128-116-104-4.roblox.com tcp
SG 128.116.50.3:443 sin4-128-116-50-3.roblox.com tcp
DE 128.116.44.3:443 fra4-128-116-44-3.roblox.com tcp
PL 128.116.124.3:443 waw1-128-116-124-3.roblox.com tcp
GB 128.116.119.3:443 lhr2-128-116-119-3.roblox.com tcp
US 128.116.63.3:443 lax4-128-116-63-3.roblox.com tcp
JP 13.113.181.253:443 aws-ap-northeast-1a-lms.rbx.com tcp
JP 52.197.175.207:443 aws-ap-northeast-1d-lms.rbx.com tcp
SG 128.116.50.3:443 sin4-128-116-50-3.roblox.com tcp
JP 13.113.181.253:443 aws-ap-northeast-1a-lms.rbx.com tcp
JP 52.197.175.207:443 aws-ap-northeast-1d-lms.rbx.com tcp
US 8.8.8.8:53 29.143.109.104.in-addr.arpa udp
US 8.8.8.8:53 3.44.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.124.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.32.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.119.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.102.116.128.in-addr.arpa udp
US 8.8.8.8:53 4.104.116.128.in-addr.arpa udp
US 8.8.8.8:53 253.181.113.13.in-addr.arpa udp
US 8.8.8.8:53 207.175.197.52.in-addr.arpa udp
US 8.8.8.8:53 3.50.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.63.116.128.in-addr.arpa udp
US 8.8.8.8:53 presence.roblox.com udp
US 8.8.8.8:53 games.roblox.com udp
US 8.8.8.8:53 js.stripe.com udp
US 151.101.0.176:443 js.stripe.com tcp
US 8.8.8.8:53 followings.roblox.com udp
US 8.8.8.8:53 176.0.101.151.in-addr.arpa udp
US 8.8.8.8:53 sea1-128-116-115-3.roblox.com udp
US 8.8.8.8:53 nrt1-128-116-120-3.roblox.com udp
US 8.8.8.8:53 gold.roblox.com udp
US 8.8.8.8:53 sin2-128-116-97-3.roblox.com udp
US 8.8.8.8:53 aws-us-west-2a-lms.rbx.com udp
US 8.8.8.8:53 aws-us-east-2b-lms.rbx.com udp
US 8.8.8.8:53 silver.roblox.com udp
US 8.8.8.8:53 c0.rbxcdn.com udp
US 3.20.87.127:443 aws-us-east-2b-lms.rbx.com tcp
JP 128.116.120.3:443 nrt1-128-116-120-3.roblox.com tcp
US 128.116.115.3:443 sea1-128-116-115-3.roblox.com tcp
US 52.26.51.94:443 aws-us-west-2a-lms.rbx.com tcp
SG 128.116.97.3:443 sin2-128-116-97-3.roblox.com tcp
DE 18.173.187.126:443 c0.rbxcdn.com tcp
DE 128.116.123.3:443 gold.roblox.com tcp
US 8.8.8.8:53 cs.ns1p.net udp
DE 52.58.114.95:443 cs.ns1p.net tcp
JP 128.116.120.3:443 nrt1-128-116-120-3.roblox.com tcp
SG 128.116.97.3:443 sin2-128-116-97-3.roblox.com tcp
US 8.8.8.8:53 voice.roblox.com udp
US 8.8.8.8:53 badges.roblox.com udp
US 8.8.8.8:53 s.ns1p.net udp
US 8.8.8.8:53 126.187.173.18.in-addr.arpa udp
US 8.8.8.8:53 127.87.20.3.in-addr.arpa udp
US 8.8.8.8:53 95.114.58.52.in-addr.arpa udp
US 8.8.8.8:53 3.115.116.128.in-addr.arpa udp
US 8.8.8.8:53 94.51.26.52.in-addr.arpa udp
US 8.8.8.8:53 3.120.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.97.116.128.in-addr.arpa udp
DE 52.58.114.95:443 s.ns1p.net tcp
US 8.8.8.8:53 m.stripe.network udp
SG 128.116.50.3:443 sin4-128-116-50-3.roblox.com tcp
SG 128.116.50.3:443 sin4-128-116-50-3.roblox.com tcp
US 8.8.8.8:53 m.stripe.com udp
US 44.229.164.12:443 m.stripe.com tcp
US 8.8.8.8:53 12.164.229.44.in-addr.arpa udp
US 8.8.8.8:53 atl1-128-116-99-3.roblox.com udp
US 128.116.99.3:443 atl1-128-116-99-3.roblox.com tcp
DE 128.116.123.3:443 gold.roblox.com tcp
US 8.8.8.8:53 lax2-128-116-116-3.roblox.com udp
US 128.116.116.3:443 lax2-128-116-116-3.roblox.com tcp
US 8.8.8.8:53 3.99.116.128.in-addr.arpa udp
US 8.8.8.8:53 b.ns1p.net udp
US 8.8.8.8:53 3.116.116.128.in-addr.arpa udp
US 8.8.8.8:53 setup.rbxcdn.com udp
DE 18.66.192.13:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 13.192.66.18.in-addr.arpa udp
GB 172.217.169.67:443 beacons3.gvt2.com udp
US 8.8.8.8:53 web.snapchat.com udp
US 34.149.46.130:443 web.snapchat.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 setup.rbxcdn.com udp
DE 18.66.192.61:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 233.69.68.104.in-addr.arpa udp
DE 18.66.192.61:443 setup.rbxcdn.com tcp
DE 18.66.192.61:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:56954 tcp
N/A 127.0.0.1:56967 tcp
N/A 127.0.0.1:56970 tcp
US 8.8.8.8:53 udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 20.7.47.135:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 135.47.7.20.in-addr.arpa udp
US 8.8.8.8:53 msedge.f.tlu.dl.delivery.mp.microsoft.com udp
NL 104.109.143.5:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 5.143.109.104.in-addr.arpa udp
US 8.8.8.8:53 web.snapchat.com udp
US 34.149.46.130:443 web.snapchat.com udp
US 8.8.8.8:53 client-telemetry.roblox.com udp
DE 128.116.123.3:443 client-telemetry.roblox.com tcp
US 34.149.46.130:443 web.snapchat.com udp
N/A 127.0.0.1:57444 tcp
US 8.8.8.8:53 web.snapchat.com udp
US 34.149.46.130:443 web.snapchat.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 gcp.api.snapchat.com udp
US 35.190.43.134:443 gcp.api.snapchat.com udp
US 8.8.8.8:53 accounts.snapchat.com udp
US 34.149.46.130:443 accounts.snapchat.com udp
US 8.8.8.8:53 web.snapchat.com udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 13.67.191.143:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 143.191.67.13.in-addr.arpa udp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 152.199.19.161:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 161.19.199.152.in-addr.arpa udp
US 34.149.46.130:443 web.snapchat.com udp
US 13.67.191.143:443 msedge.api.cdp.microsoft.com tcp
US 34.149.46.130:443 web.snapchat.com udp
US 34.149.46.130:443 web.snapchat.com udp
US 8.8.8.8:53 gcp.api.snapchat.com udp
US 35.190.43.134:443 gcp.api.snapchat.com udp
US 8.8.8.8:53 web.snapchat.com udp
US 34.149.46.130:443 web.snapchat.com udp
US 34.149.46.130:443 web.snapchat.com udp
US 34.149.46.130:443 web.snapchat.com udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 23.102.129.60:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 60.129.102.23.in-addr.arpa udp
US 8.8.8.8:53 web.snapchat.com udp
US 34.149.46.130:443 web.snapchat.com udp
US 34.149.46.130:443 web.snapchat.com udp
US 34.149.46.130:443 web.snapchat.com udp
US 8.8.8.8:53 accounts.snapchat.com udp
US 8.8.8.8:53 web.snapchat.com udp
US 34.149.46.130:443 web.snapchat.com udp
US 34.149.46.130:443 web.snapchat.com udp
US 8.8.8.8:53 web.snapchat.com udp
US 34.149.46.130:443 web.snapchat.com udp
US 34.149.46.130:443 web.snapchat.com udp

Files

\??\pipe\crashpad_3912_IOCYQYBVXSPKXLJW

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

MD5 a484f2f3418f65b8214cbcd3e4a31057
SHA1 5c002c51b67db40f88b6895a5d5caa67608a65ce
SHA256 79cbe928773386d07f0127f256f383debed5ccea5ff230465bf46ec7c87319d6
SHA512 0be1bb8db08f6e6041a85cfee90cd36a5b595afbca34d52a125465454fc806b4bb7ae569eaf4c882922fb1b962b6060534e597791cd0ad23483be5981d9be85c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b856fe89c0d2118ae271048acd0ec344
SHA1 2bf02f18d7cc9697288756de3617365b02360bd1
SHA256 247534ca24a198fc4feb89b814475e802dd87ae54f6f64dd581e0b209b5be4bc
SHA512 57566e009b2da420b9adf3060202fa3b17cc5f08dac06f4ecc020a4e1359e80beecc022c4fb078ac9424fb8f798baf4d5a0b067e5f3a763ae6f752f4e8484bc5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 557afaa33f7df356c9dd187ffbcb604c
SHA1 2ba495dab169632308d210f3c36e79a26a8044ef
SHA256 a7a88de5385cd2d710930f50c0ba8cd4620d3d417172326b2783995d4de7140c
SHA512 ea8e5cb7786276244a1fbfa2f3398a2e7910c830de8d967b443a011c375c6372937da804620037b4e145391cedcde2ddeb9eb0bb8aedb0415db657e95fcf4e2a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ee6b447141b8b4dce6fd0ad85e0d40c9
SHA1 dc362c822d1f16568adf91732766902aff9a923e
SHA256 13a4e7f3dbae4109ebc3a7e0231d98ba844ab2b538e3f9604a9ba19f46ebd939
SHA512 ca90aa69ada95124e779b2affd9bd95ee9d622d02d328cea39a87f198efc6e3a0dc49997cc5d2708d390d48021fd2dbbda1d11d75dcddbbed21aab4f2a270242

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2ac4e4f76376fe1a802c3bb337044e8e
SHA1 d23e7149e579fa44a17ccbf376aa539dee373f6b
SHA256 39cf538d686e5194cba22bac953323a1b9a5cf0d8587b8f5cbcf2ca41742d91f
SHA512 3f405e633868f0f78efe28c8f1f4d53d96e4c5e4f88971ee69358c6975af93faec6081f384774f32fc1e207c3743e691b8e3f3593c75b906299d8deeb053123e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\index.txt

MD5 5f565feb2ca3d6ad03dfa2bf00403ee4
SHA1 3de1234b5e00aadddc614edb50c8783263779dad
SHA256 fb8b157eaf9bdeb7b6676d3c383021c0ff747e81e9c07f681bc1414cd0d3c973
SHA512 ec249b4ef4e1e04b43757abff63f4a2de280df2b9a741e24b06484e03115c822b283de454cb146f08c5cd0b9864d151a26aadd891cd169b219ef48f76e834ced

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\index.txt~RFe57db3d.TMP

MD5 0fd001ae1959c948e31a599d65839ebc
SHA1 57454c915c436bd9333f71ee159363d9d190fea2
SHA256 fa19fc87273f144ccf6d091e48ec8cafc1a89e9e9cbcd8b0d91a099d48a5c2e5
SHA512 486cf65287a2be578f1231b13c319e84dbb0ecf6f7856418e2d0d1d683e1874e20a03e1f5ba6a4cbd1273e14f64d47c3ace10270f91be1821c1ed0fb6ca00c54

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\4b828b93-aedc-45cc-bb54-07208ac58d9a\b2beaac8f0d59565_0

MD5 253f1c844e13379e479920a403ad0948
SHA1 d25ea967ca957e311ce862f48d6d0d89251f8735
SHA256 ff08850027aaa9ec05cf1914f19faee2696749c51d1816d3d21eb77289cc88a8
SHA512 7d5336e72f8118e3449c2ba67533f5650a6687f88c04bfe42819797a8ab35c2096444a2eed0af8125fc54321425832e225fd973ab0e17428f3e2eb19febdafb1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 492aae1ef1fd4a8bc6352cb58e8651cb
SHA1 c19ad5803ce36ae30a029284f8272075ae8776eb
SHA256 68d1ba2398cfe5f2df65b94a8db1286dc6dccd065a6f24f36c373a0d47f49850
SHA512 848c5736454dfa43ab87ea4b5924a104573f9ed0950f3b29f4f20e391db0a070f6babf7e133aa9455bb7bcdc1aef9a454252637c469767872ab97e181f6150f2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\4b828b93-aedc-45cc-bb54-07208ac58d9a\909e4fc2fdb38e45_0

MD5 c1cf1756716ed46c9cc1c63ac3ce6091
SHA1 b1647a792318d1c231d6817f8b9fb736aba42f94
SHA256 a5e04b5aae0a91b5a0ac9c937a675394f4851ff08d413ad348cdbdafcbef2e13
SHA512 14fe4fe757a6da693ce15bc867d9f3620a0f917fae0c4cf466ca19bb81ce76c9bdde70ff61e07319147b37e9899be8e783949866d2454b0f61bc998d599d053c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\4b828b93-aedc-45cc-bb54-07208ac58d9a\cfb437cfefc22d68_0

MD5 26ba354bc727550e4bbb9533c949426c
SHA1 a9e6a2c4918856c1da07a53d2aff52a804163b73
SHA256 2fd97f7217e7043e8d88b5f3980e46b33cde74598b29b21a7e5c95f3577fba09
SHA512 84e093f8dcb0e68f4f59e027d26452104cb69f437bb4f5fedee858c9464d023ed75f0ae550d4f478a4adec214a96a22bd8ebeab7df88c894944d742c44abbe79

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\4b828b93-aedc-45cc-bb54-07208ac58d9a\17418f9155e01b91_0

MD5 203f5f2b7c261c93610e1b2d3884922c
SHA1 350fc332c3615b2fa2682532a64b7af2deb056e0
SHA256 5302c97927991c708c07a941f199feb38d642ab74cba177d84e51174ae8573a3
SHA512 6a53dd7c15a54e27437e2492163329af46dd5fef7bb92dce7d9e183f88ec76f8f9e147f97b1457ab07b781d347e5c650f959c52f801941c5e8a9e07dbc4ec176

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\4b828b93-aedc-45cc-bb54-07208ac58d9a\cec615a85ad19211_0

MD5 1ec952651f142db7b775843862bab044
SHA1 48d08f6fac95e82de0d77a7fb1560e3cc413aaa8
SHA256 6efc21e93e58e4d7668ad3cc963db22f746ad957e2afa5b4dce5729a7a1411e6
SHA512 e18ac2ad82f85bd25c8a5ca0e7fef9ddd833cb67ec5efcc3688876f251003baff04eee7e37bb09785e5ae94ae69417c0fae1347576067b4bdf612a9313738bc6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

MD5 5764d7948f6c1253d76293a35691a746
SHA1 4b412294c701e5ef031061aace7f556911bdc2a8
SHA256 4fa2cd6bf832e4dd7222530b2f21844e1105f4f333d72557d57cac9f24a69730
SHA512 f9b5c789d6a06131001bff1fe5bee677105500ff74a5d038a84c40a2859f72d436b318fd6af75297a0a80d9edcbac158d9d4aa14ce251048708cd0ab3a96d109

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 cf68763b3486f108008a7d59203ef25a
SHA1 3ebe951d4a865976895abda96b2eee08999bf8c8
SHA256 bec7049cb9394bd03ae1bd597bf9165fbbb0eda87f128844eae241db5d027429
SHA512 5a6308be1f9d3a66819097c4b5e678ce13566bf93cb0caadd3982f312ff2c9914df8fabf4fa3c92c5d1e74ea927b24907ae4285860379b144e11e1976a79759e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2c8cf2d77ef098cb4a06aff7d886e556
SHA1 60e6ed8108793062f6aa80d1d632416fd281e011
SHA256 5fc19e7fd4302a700eff2210ca88e9f0808cfa1f2969cf9fe098ce89ac91c864
SHA512 4f0e43fbcbf2887b3ad0b43755183f1d629ba98dc50676cd42d5267ba7fc465220e0413b864c3b854f55d1e7eb2fa7cd16a0e06adfbbcd79731f90a6fa3c2122

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

MD5 1b15151f04072b735636f0f75b3396d0
SHA1 e15192dcb3fcdcd3fddc9d4ef9d2abe1d1ae1543
SHA256 a194407e7f1287b168f81d14402daddc04c97529d9af1eac407c1bf66c027ace
SHA512 b2fa69c791e0689556443df38a178771e6484d847490266af415ba3bd3456a149cf02d6f6bbc00e3729a7889f22cac78a2c28bd429e9def80192d087d18e731a

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3e55ad12fe877a832137652f655857b5
SHA1 8e5c4fcf12977a70dcbcc729da60e4b78667e0ca
SHA256 f801cb156028d7ddda2cbe364e509b1df4a0124a1d2f28beb9a0fa45cbd15fd1
SHA512 b0490bba69f9c8081c01b9e4ff2f7fc7368931bf2e160068ab77841002f7d9b90a829233a28cb023faddd8defc93e7af3b8711ad9e6c0e440b958f944eaf4526

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\4b828b93-aedc-45cc-bb54-07208ac58d9a\8791d6e674c5351a_0

MD5 9db5cb12ce733e99adae3ef46f5672e6
SHA1 33cd9474d099e8030dd85df13ef48779b6099de6
SHA256 a8005fc9d6fc748553ffb49133ddda329471a7b02650c61bb9fda6915b104f11
SHA512 30931a21bba25c5d5d91d17e0b082bf61b820e8cf67e908ef34a36ef148f8de53806fa264c67ec6136c4638133ff2e0f6ea65924febb52a41920cd71930c7ba0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 d41e2a7578bdcbd269ba95b9097732de
SHA1 5da0859c2ea3e49cb59084077ec599d8ab63818a
SHA256 00a724d4a961514de9c350568163f6deecd6da939fce5ac96b343f1791c4c083
SHA512 9ded35765e722533a0fd401ce9eb97ff61cc2fa84212c4da7681407899bbd4457b4b85dd7bcea74a029fc22a0564ffdda9362f391bced7b0eba48828793f64b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cc8b9dc78cb9374c63bdbd18ca2de6a7
SHA1 6a82fbbc1ff8bac788c2998ccb3415f6d0b92f2e
SHA256 0e5158c22cd6b5bcc06915d64dd23fb4d55f331d1f45f72d51eb8f1173782c25
SHA512 da19ceea39a79eb049c45ae94072d506ccb31fb19893f7c94ccb7df96a6564ab62c00cd18b03c01cda7e71c7ef1e137dfc3078bdd110f5788fb153dd034da173

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 dc4c721ea81523571faf485d8dc6b9b4
SHA1 c736246c7a6f930f6e6c4571d27f92815eaae389
SHA256 89e82ab770f9df4116ddb5b1e1d0021e3f7b4d6e3b82081fe9a1de9fd22560e5
SHA512 f86b5a8badc5acd10645afb198ac9019e0a912381678187e2275fa69025ef54e49fdd8e1c8c49012aaa17be414fe871445b7ea06cb8466325365a6f33f804ad1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe582aa5.TMP

MD5 d6bb4ff5f0a8c322cfde55a5e240c55a
SHA1 c6226d1dbd0025b2f1dc00ed42e9fd68c4f6ddeb
SHA256 33b413e3302e353dd8dc79de0558ed334558be531224e4435878b1fe34add33c
SHA512 39c03722d2dca6b8b0c6b1183048707a3c094da07169af55c3322e8d2adaed5c8bbf87c0cadb4138be1878662adedb092585703efb38820ab5b5b9a5b4832513

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e7f9aeb36c6eeca29e86008e3be62185
SHA1 fa911831f6a6944a67b00bb5e9fbabab711ae1a1
SHA256 07b0f304215d31c9abd59315441d390240b33216e3f89cf21c7cde95f395530d
SHA512 b5c5320725b43f293a0537563b23296460f5fef38f2cb673954e14e970e53a503b05298733c3c91910d19e36c828856885657d87bf5835d5f2306744073302a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\4b828b93-aedc-45cc-bb54-07208ac58d9a\index-dir\the-real-index

MD5 bf2e82accaa0a16abb21274dbe2583b8
SHA1 edd7053a9215e4d4ad70852bbbc9470efbbc90a9
SHA256 273dbe8d20f23fe871de12731e1b2ef42168b5ec4e0a669e880134315709384b
SHA512 f68649cb4820a5165447693a37265c79fac4744cc0fccd573bec5a014ec0bb1b058d05ec2e2860721d32250572e33d33c58395ea01bf34f8a3bfb4bf68432864

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\4b828b93-aedc-45cc-bb54-07208ac58d9a\index-dir\the-real-index~RFe585e28.TMP

MD5 d976d5fc69156bb7a3eeaa39dce9bbff
SHA1 42876c10bc25ba4f4f2b73f623a1732727884aa4
SHA256 ba188b132db2ecc1167e3e0788bf060dd6e1c279996199c7a7182c9a96a7a63e
SHA512 4ee2d27b462b81d0a019f5b32c59866ececcb82ec01ddbf8272e5e498037d823927d30bef44d4e2ca54b23d55e72ad9793d073996286fce396e5cc9399022388

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\index.txt

MD5 57b4cff3e35c21156fbf8a0b07a0fb4a
SHA1 ca312dc00e61698c250dfe8e3490e45a412984a7
SHA256 7938d5e31ea106b0393d2e16d7664621d38e119a34bda0fd82cbdd77ca064eb4
SHA512 56b8ed3b779a6de125eaa689dd01caca30480ec0355b9efe0480b767afb7918cb516443cafd77cb60775912456718c5c55d980d7be76412bebb4ec4cc13afa09

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8b9895684ab696c1a82bc38d8843cc92
SHA1 c8f587a5fe7c8730fdd5224934753e211396a03e
SHA256 fbecb30d497b107dbbd5e9f7e01f4d1b9e488b5fafd286f7ae988901c43b4552
SHA512 12cf1e607a12002f2a0f07f16e575d5d4951593f4002fa36d248f9075b8a1efad633e888ceb97a936218c130d4928353de7a99c66e4b8e0d34cf3d6ee8f4f84e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4282ba21f9133aca633bdeb014fdcdf5
SHA1 a9f8870da97ea4441d44d83bb42921e53f1343ad
SHA256 9d591b7e707149e3b6008e8b02ebf269525c517470ac28ba454f06fa3376a91a
SHA512 8ebd1d4bf52e76a91bf845e95aae7ffeb0f3267a61f8df09da903e25aabf7a79bc9e4e510357bd70f1c02861578545f4c2a0a3f31b19d4d5021c63438e9a7cb2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 82928ff4b7d4337a904128e1bf222703
SHA1 aababf8c77bc3bef331fdc28cddb9e3a1cc73d6c
SHA256 c0eaaa83e28f5c13ae331761d2020546eb7038d06458221a76dff371debe9cca
SHA512 d4beb6e486b202ad510ceec23693d91bacc58c47cc0b86e856637039d17e531e3067a75e048007f68aa94d6e8368258a86cbbc5e1f7577870853ce569dbd7286

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 429437d5c613c6c0512f8fe6950e539e
SHA1 19b367fd01e148d03232101ca1bb875018ed1a0e
SHA256 9ddf695e3fc9adafd808d8ff26dc7194169e9422f41b6a949d48f8f9397c1828
SHA512 f973bf5ce383ba522d6e0997047a31abc6aa219d897d2ad7ff2c6280b742724a29a5e5adbdc9c84c08c936c4b611a31392fcfcdc0c084c9b2b256f1122db4772

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5dec48479a88b56533ad582facab8ee0
SHA1 95c13c42b9f3b8a64dfc8cf52a6db860f715e9eb
SHA256 b16beae1c2b4b6ea0da1ee3883850c8336cad65e436d79ed8a23ae4150df3236
SHA512 f41d25db06eb01d1e3d524800711d3cd221529f25975432979c22f32683a643b43cd3d8b0e9a706f266b89d56fcefce339000bc77b65dc53513bba32ea7154b7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f3c206d9dab3c52a4db49af962e11c58
SHA1 8329eca70941055ff635795bb769b5e420f37939
SHA256 b00cd5dce937c73519f3a915a9863adbc298dce20de2785b79891f36f54ed8d0
SHA512 2bc2886262b95ca0914175af8d810fcfd8e30ba3460f21268a2fdf8b942479637f3593f46db85a3225a2d5cba1e9a0766398fe2065929ea20306ac8e7ed7ff5c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1236ce99ee2ce2b12a7c047247cf97de
SHA1 bb03c275450c1ff5a63e17bf7a423cfff96dc777
SHA256 f8c2c5ffd5b6098bf5f5f12ffd21275c4e35f0a4bb6ca31aeffcc766980c5f06
SHA512 1e8ef076b9383d2227f890e49b8baccc1774596bb109b6d56fe1cf950987f1ea84ee4bcf6505c5f7dea5b1b7bec8a6838f287073c3e54146b49abee55ea798e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fd220068b6c57ab049a30314a2708f72
SHA1 e8bd43da65cccfdeed1a13d84f9a67a1abd01114
SHA256 c54bb28ed295d7235ff8f7f942a901fb8fa35206783e3207e31bf47cb208bf11
SHA512 f46ab1f8cf9e3aeb65d88b187182552338a76f988f9881765d75017cdf1171aa9b1aaaa2d03053dc579880c618f02b3d86ce1db287cabb820f3728279d782c5c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9a2548000eda971bbe6768a5dd50d417
SHA1 becabe8007975a124f72efd7f74a87f5473c4f65
SHA256 7c8cc2db0c40a15d912f8c3bc18115e6f924a9f43f1f036457b04df8bea36320
SHA512 56b64d42e7d540313bcaaeb4fab3b93d1d11396bde3d20545de1ca3585f4b9d45fb7e40482ed089fd2adb7eed367363a03fa3c149931754548b2ade42b2afa43

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 da31ac899c71a65af60d46832a6819d5
SHA1 5f4c3fc25b47f394758004202dbd2ea957daaaa5
SHA256 afe440349de9656fb868c0535abb15625e9bae39da7f990d9197b8af11367df4
SHA512 ffacee132913553ef8473dcb6a87d7577e18558dc951246252338d3aeecff9c5cef064b6b5dbd1138f98d027af5c6dbd25a878d6cae81dfaa8d109831acf4dcb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d07bc8b054262541fd9529af50d2fb77
SHA1 31b7b5929415da8c4efda43e5714d88f6e4ed164
SHA256 93b7848f9486fa8ff2cba9114e99ed57a154b62f9f137a47f4c90d2eff9563b3
SHA512 ea31323478266a5a5dc94a54baa8ce4b5874ba465d4f487b2c69d9049e4b8abbb64c2ee561ea86c3bd7d5001893ed5570b4350ebf17b7287c3a43a242fbb239d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fe87436910934cbda3d7360b54e31731
SHA1 d857a1d662aa966991d29070229da785558db906
SHA256 1c322cc0e2b965e918c8d50c5182e06ea4bf6381b3158aacaf528699e9304cdd
SHA512 a655c5662da831ff7d87029720cd6d7c0a1b7786c37f4e239a253e2166d3e3822ec578d196d17f704dc94b54426d5318b7678d69d7e7132bf38ac17ee1c6e8e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 034081d9c142d626cc9459a834141bf8
SHA1 365a6d89b19fa8608610810696d8abbd4d5ef265
SHA256 0ca080eb1fd8a3cfcefbc7243dd6722c753f0186438addeb3d3318ef8f9199c0
SHA512 437e8d0cf9a5e9bd9ae926ba8c3f3de129a712b2d70d62a1c0b94029f4e16d4bbef0dc30af0576af0ae8b96c97c82b73b494bfb67ba0e9ee7a3bfe9bc82a81ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\4b828b93-aedc-45cc-bb54-07208ac58d9a\8969217121be6eaa_0

MD5 1771bcf612c3b5236467fb0db71a5b3f
SHA1 ab25b648bd6b6ac1f2fa975d12ea16ffe666b105
SHA256 97789dcc2be178623265558692ec395f1b79130387ec3cd9a77fb297d3c57a80
SHA512 64e4d351490f853c336080825ab023a34c3e6713f5f9036e32d9b63db04a232a4aaf1f0dc9f9ecaf0b0fe8050f3ce6eb45454db70a5ba339456f30432d875896

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 83a3d46dd3ee601c0c33e1a5a298052a
SHA1 3f2b333a2bcf7105a3dbc18d1af286c8d44497dc
SHA256 f907eb770292e60c35205b5428af3b57ae197d231a9a25b2a68be67c878279ab
SHA512 3153a78d3fbc45f9599c2f6256868704a461c5a20094a6e0dcab33c50bd6605b6c46d558fdf25bb0278e6ec649e90f8af8a6d0a114df35841ce4b703e0efcab4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4b4f73382a22d37655c909cb638e1f3b
SHA1 58b0e096d2f6f4ce5f825d59e1bcf3f95a83121a
SHA256 06ca32999a525b2556d86b5fa0772c32effd961706abef6ced771f6fa86ee71d
SHA512 f2000db5c49468bd876133da59f643d234239e182244716fee1ecb27b30170c0f3218968c45a19f16d985d9767dcbe463c958d0b7afd56c22ae03cc797a4c6ea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\4b828b93-aedc-45cc-bb54-07208ac58d9a\index-dir\the-real-index

MD5 40c13b93f9535bc5f207b3ddbe24a43b
SHA1 2eecf01665c3a9734213988322f682fdedf10df3
SHA256 c413c605f876d3eaec1c22b038d38e9182a332b116e36a1f7dc5b6adf76b9308
SHA512 12a7bdbaaad5a3b4ed13b88d327e8376d43035eaddd0b47ecf31fff83e8b7f1fdb1f75bb4379e8f8c7e544c06f93df344b2a08c60d77a69cbe75a87e6db29126

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\index.txt

MD5 45ebf9bfb4402e1a9e030f9f7420d545
SHA1 90e4f8e8ad5824fc5a583436cd80b1debf366d8a
SHA256 33c1651d039eeb33730e23a9f1a70940741d5dfcb1ad91b69f5d705b51dbace6
SHA512 aa2af11c488daabe1e1f93d08e721ddacbdc62da6a822287a40061176dd054ad381bf6263ab40d040046448d243de38ab7dd269afe523b5e7fe211cf4e897fbd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000077

MD5 8dc08524b631aaa76d2469552975682f
SHA1 ba8cf0840520119fc58797b0530e98ed5916d4c3
SHA256 33c83473a52658dc8cdabaac0d6f86dcb790ebf4ea17a53a034858bd802e6941
SHA512 e609f67f618e87e4a88dd4f3953ade125809835eccda0621cc31336477aa726b98ca58b86c3b8a7bfca146c5275b2f8faa0e2ff28694c9c31ccf447298b6cee5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000076

MD5 23a56506bd3524021b39ee0244cbdbaa
SHA1 5411a7184bd21fe9b6bbcbf90736dc30254b981e
SHA256 bf9279e457c657be65a34db2f7b30ae6ecd40e8e61868176527767fee6ec7d4c
SHA512 d9a688bb6a3febfe4e7e908c0755d009a103d99b03678a1c53191377359f7eb56d51e6834fae585d1d4d75448ff55ad3fdb005f382d3febc57194b2db9b09578

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e541e327dc4d158b097f45613b69f2ec
SHA1 86ab42bfe15105312d404a5769d19cd11abf4261
SHA256 05528846244227769997b42c1fa6d44541c153c1f117dd1d8b2b10d74a732ba8
SHA512 b85ce7c4894f9eea40509618d11756562261c711f4783dc584722763f5f308d1e013a0f8b6073b816a7eb4a132d0849d21e5ea0bace0aeeb0c0f5ee68a5f4a09

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_web.snapchat.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e4fd7b53a8ae08236fcdd42a53322c05
SHA1 3fa4fc417f2930612ce6783259631fb226cff03a
SHA256 a81623d4d99236e312f55a87ea72379afb289a6986043781c213b9f2fd411a7a
SHA512 e3cc8d64ce366f26e5297d19132433c551cbcad62f6806080bdc931fd362cee59f8e545f0a21c8b4027eea32e58fc5d365267a7f613c1669e1c0e5a552fa5aac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 5d335b610b810c2dcd99621c46ee2beb
SHA1 6abd0338917b3b973d0af0a7b6bd87ebdf5e205a
SHA256 e98011f4f6087591632fe2046618ece60ef06ad23ff4a08bc84f4ef572d5038b
SHA512 8f19e1422d732b16e2da112b3d42e5a5f681746eacb380bbc1e4d9acbce2c8cddd378dfe9b6f5f11fbe6ec8934c3e3d787db8cb0a37b2085de801ede688b953c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6e4c1767c8c248ff7c287f335ec19dab
SHA1 500e8b97235468b6bc45a802f01b2daffc7ec397
SHA256 a2e129184f7b5f4a7e1e927c64011f78adf6402455374847e1e14b3e23917f82
SHA512 459367afaba027fe3cc8a65864d279e9d46a5eccce541be70508cdd348a5b7dba183bfd8a777e1b18bf03f065795e0791b5181047e0b0417e80f7c334f7c46f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 9720eb1657d004c5d559e19f4c22bee9
SHA1 09279a31f970d0c3caed2ff94b9bd9373f36637d
SHA256 60ac2b8b15d121380b2227da4fccb77bff66f52f9091e09fd8409d9710dfb97a
SHA512 9fb87af39df2d7bd85e09b73e05b3e13185db570fb6cbdd4681bb8a5301a7eba6700644865624b2eb545872d0e185ce335ffc43a080161914b0e781b1530b25c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 cb86419192f8afce2246236d4f4987a8
SHA1 8653dbe785e9612f18d33ed05f3257bb2fce05e6
SHA256 71309582752dd3f9e7823de98ef3039c957161599b21fa15c03eee38e7bb748e
SHA512 ad68413f06d4c917ee65d0b39554e980b6e8dfec4fb901c18fe5aa94396c1e635a4ec6261b4c626294d6734d283a904b7f5a266c09755a709013bcbf355247af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\4b828b93-aedc-45cc-bb54-07208ac58d9a\a7a934c50bc1dffa_0

MD5 73ae17c16f881f8e5e8ef4b45ef0b4be
SHA1 6299cefd270d5f552405e8a7bf22514aa0c399b0
SHA256 36be4c3c346b86f8194bf4f505553a4ecdb27f2b5127a3d4030a821a45012e0c
SHA512 58249c9ba486fbee85c18ed9279fae14263e85b860a791618b8499ed1413fddb0fdae0229808e328de7f511fb71a014b2841471f031ec305c64e473969750520

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_web.snapchat.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_web.snapchat.com_0.indexeddb.leveldb\LOG.old

MD5 2002bc01e072acbadf39e03d54a58153
SHA1 81c8b7910a89c30decbdae82fa29a4a4a586512e
SHA256 99b4515b262ae27a8318f2a143c2cc47365ba238f1dfc5afa4e66b08952e2e8b
SHA512 152fcbf562b8b9c3a35da6e0c88ec86eba55558f34c755dced2d4bca24df41bd6a4117c83c41856f3bfe24c982b63e6244ac532623ea76d7d3540eaa2d8f696b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_web.snapchat.com_0.indexeddb.leveldb\LOG.old~RFe5ac536.TMP

MD5 9808a49a0fda13e51a73f92e4c16ff0e
SHA1 d5a7e633b029977f62b299c32625d5e48433c320
SHA256 9ea378887dabca335548196125704925c19f22aad86a10e28248c974f91d1571
SHA512 d271e1dc77eb4d8bb17a6d9725931b48bbc24574ca0d8d4fdfa5b2d90239f2eb235cfb8e39bb9a87f8d870f6a234a06016f94fc4b3b042014cc958fa5104e411

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

MD5 fbd838466dc9788428a9d4fa8ccdff10
SHA1 25c93908a18ad24f7d32ebede8734c8ff55ccf90
SHA256 18e2776260a39e8c37090037e2bd8ee8989fb08d0599504bd88b12ea8dc3ccb5
SHA512 de3556c2e6ef3501719a53b59e21cb1eba8e9e939fba69de5f0a4d662608cc7c4689d0da292d5eb468375b93f448462ff97d838464648f99122c6831078c4ec2

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 23ec36dd5bfa3db40ba5d395d45d3196
SHA1 56926a51f24c68954b2990389b692354b2ed6038
SHA256 a449595869e601c4632ae2bf546a82bd7536b85ea170bf5061fa6f46ecd08d37
SHA512 cd10d1fb2bb976d4f7468b347aff47b1b3fb40a9c86ac2e30612195e06e8b2f7ba0b3d7bddfbcc7ef9a7164f0b0e39bccf0bb99b2940a09c33e730edcc74112c

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 97ccd63ca5d6f4115d67ba2f87ae8c97
SHA1 6da15c70a2ff3de00cd24fee75dd5da4821af129
SHA256 1ec35c499c03c58d8b263cd16023951cfcdaa3d3cf245643055d65e054f856b9
SHA512 1d25fee90b80521a63e34d12b5e661dbca8fcf8738d4e47e0e6f1a5ef722f246fc6b74bae2d3671c222a98d4617f8a36a7002ba3d1f418d507f71ff4f63c4175

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 002e0b86fe9cb354154fb05ffdb0bcdb
SHA1 1ddffcd01de85c5fda6b37bd8220f51244076ac4
SHA256 10d95d16d5d723208a05f6686fb25ff0cd48f0f77750032b67e279eb4dd9c627
SHA512 67b223dd16d1dfca4b8346f474ce0eb68109f3a57abaffde73ac79aba9b6e37a900815c98e90e12c9077568ea25fa1ea6ce9b6de02c4e07309d888583e9a53ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fe7baae5cce3421ef7e73d77ac13338b
SHA1 ee6a0853a41d2805247f5ad3d627288e25aaf8ab
SHA256 95697ea1c11f045f1d3e9e1504c657ad350ad40ed5e8dc89d1381fd6815de22e
SHA512 ba43ef8dd1648e3b84f7cdaa11d3d671f08acbc5f6fb8dfed95f3dcbacae7d634dc18d23c25928babd6726eac633a98ca9e6d4d0d1a117d371dbeda18ced4059

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 20f7890a13d5a173b94b24d2f0b441a8
SHA1 4ee54845fd6330f3da3942ab8ad695ca42ff03b9
SHA256 b3198e4ab4f2e6066be23f070cdd842092886607a178bfad62ab273125fa5cef
SHA512 afa7969092bcd8b45b580422e266c9970484471268be559c32b10b9317fbec9de6f110811e71e9ffb527823c65012e83cdd463ce70f2fb40ecffc04fc2e95f9e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 388a1222e6a7d4acd29ea6def04c8f2b
SHA1 489ef146c92ca340ebc1cfe3e724f2ee98088eef
SHA256 7bb07069b941b8e5ba0b646e8d7df78330378cec2b9d45e6bc714e928dc1cc07
SHA512 db3abbd1a142dc12883b5f17ec2e0cc58f7c1f2155d7b60081b454b79e5865097987898d1637fea34e68ca926b33a5b9ecb12c280fc7b3e38048fd4c02d7de5c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3facc03a326a3c2ed0c04795e68237bd
SHA1 416c280dc2a5bed2b6b3219f345d70d95825072e
SHA256 4eaf70e5c0d859b33cf0ede5ad674c955c161778324b800941f579a8bd78e408
SHA512 6c3575de8f7158f1bdb4f18d8133f2ffe2e902688df165b9219432c78589141c44c337ec94b80dc85c77d94e9aa6def5ece2fe0d4dff7c6421d7b745c67809de

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7ba4e8bd4fa280cfd4e038f68f23b0fc
SHA1 93f705047c5de9268def0eaf711ca67e92ecc4e6
SHA256 c373a09be27a996033d85a8cd1a0f19b18135b8616a097f665fc943a1860c909
SHA512 8ce40076fbf9d4ce9d6ff5b5aba3e14a98ff0c21abc5cba5de9d5830093e65e1505e76996eca12d88f2960d397d99d0c50f6450bd6705585b0b22520a10115f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 47d78b1f72aae08dd1f7681f4a3f3cae
SHA1 dd04a3009a42dac41c411edd99638252c7968d99
SHA256 94b64f0458138fa7ba60fc491877cffcb5c2650620d7367df59c7440db7d027a
SHA512 3a47d604d9f7ee3ae469a32618badf62828fbca4879cb2782d640d782c450fca892f6ef33f3edfe7e7c262ffa41a35247eb2ee32f08337250254962fdc671ebb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 31f8d969e6cf43559573d724aeece238
SHA1 0bd99f09450d1753e4c4b9685c7b165684fd19bd
SHA256 562985cb46ceb9b193b1284a4facf7fda72b7185d0f0476d81604ec384f690fe
SHA512 49df02fb39a65d7ca1d7004467dd9e4589048522b2ad7307f9d6a15d1b618fbcd3d342cf831427a6e3a6bbde04d13850e99c1bc4915cc4b460b26eca7250c390

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 97ede45b6c7fae492ac2574e81fada52
SHA1 0a95f2b7ccba76d976939469eea2bea66b4b7879
SHA256 631dbfb57c38edd2e3387c9d2407889556398b1d0d27a198f7d5f2bf4cc5f771
SHA512 4294e8d19551d2573795de2e6dec2729c60d55654c28eea2fb70b6e55cd2d8d5567cb02aafa3aca0dde19350c82009ec4ef547aa6ecd83deafab71c97e11b77c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 261a4b8e26e5f123b086d411aa0130da
SHA1 cd7c790786008e201237cd07683f92d7a6b0dcc9
SHA256 36f80fd6f0d4ddd1f63126bd6a58e750426d5b2a10f2dc6b13c8c26d69de1014
SHA512 4c77a50850645137fdad9cefc7469f8568f79ab718fd2c98ada65a3d8e68d3457852cd84cf494411614288b2d16cee7de52405ca03d2032dd831d520e616a97b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d7179f9b2906dd27a43cdb2e55580698
SHA1 ec372dcd287fa881b9f3d5d3d136e8da5c2f8048
SHA256 04a48c96f06a1ca29b0324b0e9772cd533d1208d7c35088acf436e8ff6ac2f01
SHA512 f30b2c362d7f04e026a3b5015f13358e8ebc55768d1792c6b21c58fdfe4209869bbeac3dafdfa53908c565babf15c18cd5e832ad4ef36eeb439bb882d5781362

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 af4710bfad69bee637d5b6eeba619fb3
SHA1 9e9dd1a16f6ee4136fb2e69acced2458902a70b5
SHA256 2386cd9ffdd337b95adf935a4ad2d5aad34f8f229a2fb1dc27f79e9daedbdf1b
SHA512 f11081cad603b92b5b3897cda27e0cc4fc037610e8ddb4d366db9bb8ce7ac5b7e345f25bdf7a38ab57baa9c19fb0f17ffbaa97186786b2000f77eea62b2dbba0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fd2c3b1082167567b39ed367ca095e0b
SHA1 f52190c6be2a195c5c8697e136d910a0112fc9ca
SHA256 bc152a78585e629df999a7ec3c49f30e1e689122a4fb8664f5e68696f4e349b2
SHA512 ee0e49fefd3c1ce73fd0e8be667777c28749f200d83b1704091e4a1fb84b38788eb4256c97a190595a0aa4ff6ee8a3d9ee32cf935f868d62e5119d6e5ce45db3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1d657aef8ba9ab00d090be46f913c1ce
SHA1 34d09c2e35de14026c814662f157760891169aa6
SHA256 daa7375f9210e136fb8daa7966df18068952f493204a9f38e9fa3cb4faca55af
SHA512 e5091c80d0bb076a9909e7ce9593a039da03af164182263b72b576575abde1092545e7c716bfa1a9c99a6954eb33ad22415d45c70022081b40668bf7882172fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f704cf7d9ba2071e517231e1557be4dd
SHA1 5efe20d57429449f13021ca904b990b20b45247c
SHA256 410b4b7a758a9cbb7768c26c35d0dece4001ff3c8b660a016419dce0afa9eeae
SHA512 e769855fcadf4067f9cd0373d314826fa22decac47383c301faf180f24ba9381d24c73fbbd9a1e82b7b4766e1ac9c142e2c534411197da9f4d7a8e0beb19c33d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bcb77b6c1d485db33ec57ad4fb905125
SHA1 f03cbfd0aa320ca9a51997de0dc12ab5791b5ebf
SHA256 fdebeef2415ff92e912e115732bd06e903d015cccc33f3bbb0fa8e0c2be18667
SHA512 b669cfd642fed1304e8a7a1cf02765f42d4f2e8af1b3bef39aac65059db9f737e4f15f809da8244472f9087d8ca51447f665677e01fe56de878e62da2c01b13c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 3524be75c01a0958320d7e79b308eff7
SHA1 bd4b88b7825543247435d9eb017397de76e9d523
SHA256 4dd206633f3839c22b8f9f31666e074075eb3697cec1e13e05ff6cb9d35275c2
SHA512 3b104bbd6467b9024819eeecf032137b1d32d6acbe1fe506b838bdc1078105bbeeeba8e6706abd277654fd1faa47d7228f8637ac9960194c0a3a00bb940d4ad4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 2328944867847a1dfcef4c0683f23364
SHA1 616ced6754924fce77c16ea59df006c07a27f65c
SHA256 664d72cd089c73b7480122277f65c2047889fb06e830c87993ffbc4a0938a684
SHA512 360b006531abb99394a9b22e71b621d9151e01b01c763213c7a3b7463280d8f656fd9e9d28216d71b8e1842d56fffa9dbd59fdf0e61cca36ddd1366c26da4880

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c1c1b64ab2a4d37e6c7a591212b6cd81
SHA1 0334b3c7cbe795443107a1826591e271a0d2321e
SHA256 1ee855d1c376295d6694bc92258f709dae1cf42ad79c0168552412258e9364a2
SHA512 4e4347831a2eecf73b804e980c7b0491937316828b99e812b846d9f1ab321b36535847e4670e273172d33171d3dc0dbcc4eca956e530df21deab28bdfeb27e6c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_0

MD5 03cbdbd07f6a5bd5f2779ee7ac877818
SHA1 e362b9045ffe0e3ee494c3e5891973a256a1e533
SHA256 1a509a8c2d3c33f5a6ac5cd7a0365a3af3cb3465ae7c924fd043cb5c6f6a9a99
SHA512 93dc52d9ed191c591c4b6b67cef6fad1f2162498577c87604f35f4759c1fd62cdc1e58fb00fee96ff5ee6206bc8c2a06bf3a0960eff0c0b83f7a34e1dc12d635

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 31e2851041172093c5cce6e815aff43c
SHA1 831d088319d2c858243c27d2f7e6133f80cae83c
SHA256 a7d0e92639c64898a3268a6fc1b9cdd3b6214451951705bb28dd06b9a9f0ee32
SHA512 ccd72b93ce3ab8897d8522e6d69106c5dece69c2a455702f8b6f9cc2790996543f9f2ed1ab3b9d36fd58d9f25bc154fbade776d3afcc073d457e9a539fd9aecf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c1390202e18f352f054f6f10bf214e9b
SHA1 69830ed22036aae7e15b8be73d60e8f9d7ae61b5
SHA256 4198bad204ee382f6e50184a35a8d47900f83f0e5f1405aacec448ff11b33676
SHA512 3672c613d7ed3e7088a68f367525285dea4521192de977583436dfc024a9f3bebf3c86f95e2a6434a8ac232574c2929c1175677936b1a28e2bd4e42a9117e73d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 80e09978619391a5d7a59e5784ac5674
SHA1 fc4f45f1fdf067b2ed86f5cbcfe248a1b3ac6766
SHA256 1cd726952e7b25b7eb209f6b909eed60a75eace21f0f521e46a660309bab85b9
SHA512 c6856cb71100927004c1b0455975b08378f6c22d240b3a78f8a6608bbe042026e7b676d060f7eb28d860b6b9264653338f38d0648bb8204c8be808993a27d02b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 88aa69c53e6a10d52af1a91ac326eb27
SHA1 0fe024a6ea261de3ffa48d67a7ca01ef304a0157
SHA256 edea0a9b8487451cffb8c79993b0525f28b3da04d3a815f62de9a7c85109c879
SHA512 b81452b3d4c6395c95e9c315a84bdd8ead3465c103a96457deb470e4e4d15a61ee1c94e097611351258a4b663d521fc08a2c54f0ddcb531c98d372dec91eb6f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 bbe2dc708869613761081a6c6d46ffb9
SHA1 a70b408752925bb74db86ccaf11f9775f989b47c
SHA256 4266a5f3d7aabfc066ad30cf46b6764fde68f76e7a0e83ac79308255d8265144
SHA512 04742b48e2451229ea03359a392de1b4bda4557f590821a75a2d723a4fc9db0f11d31ddacf1d9955b59c87faafea4c393cc5371c7a6f2bc80eb4a9eb74c76dcb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ec

MD5 17d77d4f4b89495b263b9c3d6d91e1f7
SHA1 b1ef1fbc9eee833a6b04aa57c535064469172115
SHA256 2fb39785237113ec4eed896bcfa92540fa407dd33a6ee20710d1204f9b7d67c5
SHA512 80ae8fd30ce1599970ada0001d4b0fc39966ac2a46925b64bfd9829ed90e1a6f58967817f15645cac51256921d741be5ff3f001372293ea0c2d99cc6fd7942a1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c578170bae731b4d97178657cd8a1a56
SHA1 cabd441ab1e31a1c1491575ed22b16e181a0d422
SHA256 dcb98bfdeff97f0dc964579de93a3c8ff1e9bfbca32c6407808ff353046afd17
SHA512 97c0ed87c7fe827b53a94aa823baa1ed327707a23674b110307feb29d44c799f0f435c53f98b43ec699e97f84b7977c5cc6a5a93635edf2d3eb96e91f0187903

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 5c1a27bd37b916e37f5280a574ed64a8
SHA1 8a2498fc8cfd88a973bd925cf2e56553c997a1e5
SHA256 86de4a72dbb0dff994ae2435ae40aa814772d1db2c9ea9f409d29ec81a00e4d8
SHA512 1046fb63bd8d892944b95425c7078307514140a7c7069f6177c782c48c0d746ed2b39b68d169fd5948d9bf09ad4505e619ee48c30c5a56454db3ee9d176eb671

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6b8eb83a5fdcbc1d7629b6c67c1559c9
SHA1 73b9be1e745f134bc270de0874ac28e215d4ec60
SHA256 3332fe52df2f3cf33e3936688452e5d766a9a54ba081dafa4328d11cfe8d4cf3
SHA512 69b8f5552b314b7bd679bd11732cf2307003f030f21836a24f7e6df36c4a2fba8de8cce73224982485534f0efbd0602b635a55c3a340562bd18c7a2f127ac2eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 df1ada4e6e966311f8437c31459dbcb1
SHA1 c829afc32306fd12904074a52e3512bcf667a13b
SHA256 71ae9cb0846a238f66cde371d0461e3278b786cd34bcb051b42102cc1b699750
SHA512 ce33c27b72fc8df609e43820b0a13f76b61f63f5ff5f36e991f71077e7f586c3f52d324fa17484f5e7869bca5a10a75dd9d0a2fa7520477c9c6d32d63ee68e1c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 692f6df70e0143a4c084c36606e36400
SHA1 485c1705384a626ef6fe5e0544c8333e2d2d79e4
SHA256 60e0a100b0dcb2dc20ccdfb07f72c9dcfcb59412cb6caf3e3272e0b096426bfa
SHA512 16f68d0f154c4a62e4d7227ededd6a256545789d1cb9ebcaead4919d7f8018e77e5ae883a7ebf740945f0acad517216eeb24f49370e49e73af98c933d6ac56ce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old~RFe5e6465.TMP

MD5 d00c23fcac048bed43e50b077063d7a0
SHA1 ca389c0034289a5b3d4595d3b00b60fbd1fcfb92
SHA256 c6535cb1af73388a5df6255012bcbd04531a3e3e198e34b637d41d8111701c6f
SHA512 98e13a0e10de38ff2f65044f022ba3071791afa605021ec2732f550c1ff02ce89c1eefa9ddd89f5b961ad60745f04b49e9e24f2631a2c263361dfe3c4ded3e82

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_1

MD5 144ace42a04db59e16c7a80beaffa6ee
SHA1 a27f293aa985a15b65d1c3693fdb8b6ed977e907
SHA256 1a5d8880342529156a8be75473ef282dc3a596b35b84c86f83945533afc7ba1b
SHA512 b28784a9f677aa9b2b8201f0f5dea574e1ab661b0350769ab3ed780bd045c529f190418a41f5fcbc3a8a9713c7d1d0541f9ca5f8b27adedeb88c08823629237e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6aa6ef56ed8d423e4e2f4e1a7f72bc18
SHA1 bcdfb7402ba5e5df382374459992170ef719ba1f
SHA256 d3840f9922b8d3d082b5ce146d575f5e2d34bc2bd6a798f9c69656800eb0f963
SHA512 969bbf9e682a9b7ae92aed92296d528d956cc3f34b33d1fd248bc3ed5d6e7b7e6297e82705862e785473dd94f3022e1c2ba8b1a37732c5d5ec1975f406edf10d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e0dcd61c17bea011db78cd2da596ae46
SHA1 2281d423eb487ee9ca185936568278a9e28eca71
SHA256 2b5f7af3f0608dee9ad8347f7291bc294acf329486fe849ed9f757ceccc8a674
SHA512 470eac29b1bd59a15fed5f034fd6a3a2fc685fd8eda2dd5ffc94106369d9f58c815d2706cc83ae267ec94df163974f842d98826c6d5d91faeebd9b36d8fa3538

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 6241b70548a45c351dc49fd52df7a3ae
SHA1 8a6e2b10194b77433366b9645646a352ef387792
SHA256 d1f4f720c56c1dcc925a4c1f77bb94f9d98443b10801acfe3962c1fd90eb292c
SHA512 8583add3b1076b7773d18bbdd0b9ccb72592bcdbfdada040e12bb193e0b0bf57b1ad3a263e09a4f61a0ba16e6a6e5922145b4b81f8acc704cd3989706878298f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ea

MD5 8904561783875be156c55708f34632b2
SHA1 bf064a6c8bd16f1bbfe14e3919984948b6a7d39d
SHA256 69e4943e6f952b304c4d11e422d015f2337f491dc109be9ece42f4bee33828ac
SHA512 407c74d71199c82126b86715a32202d32a6704b34148b295098d3dec343d04643b0c6905e7ae480e98897d76924698813cb1d13c83ae8a475723192009bf43eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000eb

MD5 a76576559187bd860a577710d26ae7b8
SHA1 1ec3012089a6ab4500df94db55ca692aa4f9e4af
SHA256 f5ab38c1a17138815b290ecf011fa13f8182d229db71171768496c597731196b
SHA512 9eadfe7959d2eb935c69db64bcc19605994394dd2c0611e82f0240e7543caf971fdf43a76d53b56493cfb9dd02b2a71439923744e9577af929ac6667e6ef9c39

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c7b69abfa826b043_0

MD5 077e6aee37712e9f48d18500455f0a31
SHA1 13059d73be12f5aecd58c0b150e54f0054674731
SHA256 af6d93dbdf4c1e1a48e63997037297926dbc94f0d2398d1e3d95daafbae5bdae
SHA512 da14f54444cf4d3bf7240b499c1558167956fe58135a3ab0fc7bf806ceb1cd17648e8d23bb2a63ad70fb231a17bae763b4e648adcd4340def654966e39326dca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b2db8655a5875d91_0

MD5 11ea25bbf48fe8ce45822b27915b9d01
SHA1 8cb1b8bd59ea985096e55223ec7cdd97c9e5986d
SHA256 b933c1d55dc6da4ffadf32dfe7adb653edb8133f8c1569a7808811c5f4b52ab5
SHA512 4acf07682b52a6c51a7ac9001e8d51410fc0d2699b004b020d265db67b1fa27988faef8d2e75376e64a447f98afd24e6a7e82bb5320b2d3d0d04f061c4c4f041

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ef

MD5 2f00e4424409ee433260aafd63b465dd
SHA1 43c37bdd3784f1e4e04cecb08d13e0c62e319000
SHA256 8238fea3585d4d3376c6888b5202fd26a7868d9d1225503dbea04463a04eaf0f
SHA512 61e5be949c5b263fbe7c7c9d0ca31f1cf88f4d8d18621e8e553d4b6ff3917b723537ee53a0025b37474d41a7494b04c69692d2e6ceca7b3747e17d5392649075

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ee

MD5 014146f2b1333cc13178da8e64b7a133
SHA1 6f8840aa60b0825bb6f0faa1d9fcc3a1debc3fbc
SHA256 c21cc0e976dd2f9c434b046b564afe0944de5b67956af3c03442980441ecc60a
SHA512 069ef3f6ca40be882148921663d2f3e9b559f2ef89457526c9281664015e8cc0241dee629a21dcd27fa4f65611389c35fb8ac958b7aa33354a303506824c0688

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ed

MD5 86ad3d64665e79f482e5aca008dff829
SHA1 31564e4afa34c9accd422bf25d3c2bf9d55de26d
SHA256 932a5e2548b1989c9ccc5def1b963e18d54db7a3c22ce0534915196f1489f017
SHA512 0f9e240ba566cdf3f8e9791acfe19487ecdcb0837abd891117b411e2d515af946f9ef76b00a11202db29aa509d80c97c5603a11a791d67409731889a6a91308f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a242848b390467b541c51a751cbd0288
SHA1 a2af5f8622241a33b000fcf7b8edab23e2feb856
SHA256 fe5db058d82ccda5dcd6e1012ae32cb16f2068e12cf60d3d67c99f8640c52df0
SHA512 fbf79f21401584d1167944d77c2b982bee0ebfe800fcf8911a5bbc0d7bec331349405873cc5285a9b950e174c3faec016b45f53ec81edf388ca5b8eae6b26d2e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f1

MD5 3738fae53a165cf966aa5d58a4b8e2d6
SHA1 13e60afb7d1cf08503e47fbe331084f3145fbe77
SHA256 9b1647d4f752bba713bd4a11d9228ec5bb0ae7ca4af1ac78bf65fba3712da8e8
SHA512 91ecce0f2a01d885a037746a17b0f11cda9de68a6b5a7a9eaaf013c92c53042da8e5b405ea778ea021465d8de76be18ef9f9fb919ef05298115f15f1c6b6079a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f0

MD5 d2b79a1d0bd90be2d432b7fbf831ec47
SHA1 5eed73092ede7dd2eebe1ac41072668ee46bba9e
SHA256 3f9daaca584911b4dfa7e96539469abae7d6b95d24be11b9525ddf51c1707731
SHA512 1d730dad5700403bea2c8b8a5ce526709298ada0cf0fb17af264d3ce153433640b31261362c9cf53f0c832a020ca95387368f6a0e3cfb75872f231890416cee0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9604509058667c63ce34d255158531b3
SHA1 8b3c020c03680cd7329927962135e91998614ed9
SHA256 cdc7366ff03bf932e70e614e5ef572ce13878f8c52e35b5da3e579eda4a48690
SHA512 7f5e98cc17c298da9d68bbabdba2e4f341b37cf9ccb50ed288299d7e21a8f4c0f905f3cec47e51b127ada5826f75c07dfc7b7b65f2baa5ad20c4c04583b8353a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ca8daecb9da4405b047bca0fc75081a3
SHA1 8bd3bf097c1cbfeabf137c55fa5eb031ce92de6f
SHA256 4b3a9bbedea1817ac474708fd3a825cf3e03080aab079dd973a5cd3dab7e310e
SHA512 0deb0e9e46ad85ab38004867dfbcd5c80eb78754a5a43fab5bb47a0449d7edadd5616737018b2d6a15ccc8923c080b20fe604c71d2249ba98abc86af0221837e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5c0e01b554c48a170fe5028ed8129bbb
SHA1 fbdad4a978774fb23c613bac71219ed9f0ca9330
SHA256 5ae3e30aa3951fb473bb562b81f5c289434a06a38cdfca1359fa3cae39e15b00
SHA512 126b832f9df76b4b377ecb80f737a172ee208bee915d3584af14d27cfa2ab18385a1f2e238a075b4eee2a27f59779dde523e2874d31605894b6c2817dfc7f6c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 4f51352847b453eb87c9593a2228458c
SHA1 b4e95be488c2691025fc49ff939452850170a44d
SHA256 ce6ea9cc8fdaa51f3c9298199dfbaa9cfb0f2fdb7785d86df92cee1772212766
SHA512 1d1e8b4849a7109a51c35221d59c1f525af26dfcecd8c94e4e8f55f2b2799dd17e663965ef4ea289cbde4d2a23a68809f591eae26a66685873d6105de860732c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c5

MD5 b0456b99f9e4f97a7036c416652b53ed
SHA1 b7c13e3e04a282f173929966159fcff5d146521c
SHA256 186a5a71995f40754a0b9042ed2399f4c085e1c038643bfea5d3b290ac34b7ff
SHA512 e21595a46ca4c79389c88d6b47f13cfa8d774a682ca7051dc2ab1ff6152cd374752e5db3e7d960a23a7b05f2affd8fb191e72cdce587e2f1b84eba17a7d2e499

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d7

MD5 20980bab135f476d48a3f69148762f28
SHA1 75394cf4059ccf01a554278c554a5610dcb9b73e
SHA256 e4219e58333dbb133997b1fa9b51e906b464190beb8d206f0f39f1db909f95f4
SHA512 ab291427fb1da8b8e6b47018d18de6b9267bceec59fea507cae5c43203e4099530e3a17a12d6840a231f9f5b3539dcf5a480573d61ddea14450dd48ba4caaf6d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9aefdc98bbd16f21017eed482fdfab4f
SHA1 fb4e10ee645926bc1bb602a4105d7c222890a4c0
SHA256 4b4213aa7be8304f80a7338264236f16ac13431ce02b3b1fc648f84cff5498e0
SHA512 c86c91e96a24fec80a7ee9251e34fbc88f3dd953577bf4fab3409a7b65807ea7de8344d83d9f3ce75327d64455a755398e1739c32c1f5dec7d9dca5391060a60

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2552c4ecdb49ec296d5d9e7150f3692f
SHA1 f4cce7f7e087c55f3edc2dc654b691cc73fc7fbd
SHA256 36449db1e24f06301d390c6a23dced18a786158ae518d10fde8d38a7d634f119
SHA512 d9c3da8aef61999242cbd4c6c7ca1d11578ccaa7de183c5869bb63c50c383a34a28fd683918ca077739af9af425c787c724b6abd718f1fc00c04218f430e4961

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 da19e1e6ab2b7de543bcb149824a3cd0
SHA1 78d28f2a18c7938d2fdc8b7e6f53ce8c99cfe12b
SHA256 8f38bd6c5005d471dd0be8e1200e9f9ffe615219367cd0011f87bcf5944be0d5
SHA512 d328410f36d92280cafe7bb5307bc5eb8557661710f3b8920999afc6e761316dce23f654f1f76557945e8b090ea5e9b2d9079b66470c8ba2408601edea2694e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0439c37b012f2112282a2c30e33f0f6b
SHA1 73fc5b1befbfab2375f99554cdda3421d564c6b2
SHA256 5a265c54cd430075e9a3f8e5e447367d6741e2d97ea4aff8a36d9b5f04d80715
SHA512 3365d86f6857d0396ad64e3c923d1d02aaae5fe0f4b0d48e86471b60c5f859930f6682c1006ae1f99153543a5948d036f7c4bad10f336fb204a1b6a7c0185cdf

C:\Users\Admin\Downloads\Unconfirmed 196226.crdownload

MD5 c52eec089b9dab56e69fa5f4d9350d8e
SHA1 e89b321198835baa1313dcd1b7eb71fc75eac6b7
SHA256 d1a0d760bf92479e176dbddb70669d9c3bcbcf8743c5601517682ee300a202de
SHA512 894f3ece52ba0fdb7bf5eb3b4a473df66230be894fc47ba2f5189a06ec5db252f0a215d6062514c5b467cdb498555ef03b2dd26d6a8d76a25e121bff67fb4677

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 392643d3e4e2d5a9c43fc642f82c7de6
SHA1 3efd4278737d3ac087f60052ba754275c55b5f99
SHA256 3cf175860453795d42352f0bd4c36052576a1853efa72d974b622fbebf24d014
SHA512 a3bf5cad4505a0f2c3eb90fedfa1fab475e60258cbba554f73d619a475225016170b34d37d17cc3c78685abafed9fae8d2c338a376e5bb4c57270f2d68ca8bea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 989c7dc3d0a2b9619f6837d81dabc5a9
SHA1 7e74cbf8d2acf6fba528822ae970dfd54ed3c7d9
SHA256 3930a897c49ca6d1c8d24a30a2081f86a4a2f2e963c9a21708c9ec68bfb4251d
SHA512 51f1eb7ba6d196739555476b763f66844b0d43cda9cf030ffa816b0b654e3d1f50fb5d3a2420aac926075deee1092b70c485e745f098db702b074eadccd58abc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 f45241ed1e910e5c703b37468fe0f1af
SHA1 2059ac481f6082ad218ac95f79839a87cf4e480f
SHA256 71f23d2d928d79f8984021c608e5a9d1b8eb598d231676cc96ecee3e83f68b3d
SHA512 a6862cd975f52473015a5b56f036aba639667f09be444ec2c15df9b9f6b5572fade07cb8f7535704170c2f5ed2bacc4d014f6fb4d94713336dec459999408a9b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 973b0836dff51bd2c9b495cad3792ff4
SHA1 386678cee7e6f0e982a917f3bf074c713d42ed01
SHA256 9d956ebf21162189474e047921529d6da05b42f99574253f951c306a4948a617
SHA512 06167da6d0fdf8a2fa0bdd7a1a57fefd45d9a02aa8cf5b5b15e13f665d70e345ff275c72730d66d931ccd532fd8516938d228c7eb15614e1ed371f1bf093d9cf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4fbd25d5128e91f6cb5832c05367b29f
SHA1 95de69eeb915cc2532327aafd689bdccbf058356
SHA256 7a69463725d60821f7c6f61e4164d2677d739ac29ca5049559d8b4320055d7df
SHA512 19a3567906ad12ebea91e59b81383418b424618cdf7fa4a4fea6c626929e988270fdeb638d2ded608130b4add83f3a82e98fcba0b8c9a81f4fbe1aea9b500ac0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3df640ae96ecd073e4bd3ec4fc86d1b6
SHA1 8002f8f25a9dca1300cb901d5312915ab2aa33a5
SHA256 319eab5bd4bb890c4cf1d8b9c62417170cf09c7c1ee4e0c79cff273fd4a2e7f3
SHA512 cbbe42902e610633b8ac099e22075e14aebdb265355cd4a1101a5806d734168c8fbd74c3bdd3b692e551843380abf0a82045d51dd34a0e4134fb0a96507bb760

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 aa28ea9875fd3390a3b71081884095d0
SHA1 d605f16b45093b8fcec3040570877a5fc331d59d
SHA256 41841a6c3dfc412b91fdf697711c63b9e4e7e35dffbafb7a09ae9a33401530f7
SHA512 8ffe7f97b39ce40fb1fa194c7d97ae9f004a27abf02974d1ae4989b4f78f5b9d8dff5e17f85ff54427c641755448f71a2560866d5fe767bccdbcfd0198db49f4

C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe

MD5 911c020a364b10fe1de664c01de4534c
SHA1 8731aee51722d2e1604864eb8f03abe3e6d35441
SHA256 cb84418aa6ff71e927125f05cd74b10cef07b40fe19a17f9ba5c3bd57f2d9591
SHA512 7e2c2259dde1fcb1a10a3864b1e24f892fb28d1c0a9a8b1b32d6b512d9f49b031cf6119f55dad008f0b2a5dc87ae606ee0c2918fdc44fc307d56bc933537db7b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 6a9f1f92ec819b13d688c216f3812191
SHA1 cb8e6ec353ea04901fb3acbcb71b65d210f47d83
SHA256 9e0d40243547db11fce254256a4f8fe9f68f916f1597c8017e1fa365a1911413
SHA512 98f0167490970dd790c7d8fda6cfa099f2b6fb1e0f1bd7abee73302f34de2dfbddd5a79d1584ba0f6ecfdf98575db230fe651ab77b9892f1813df1d566ba9a08

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c283a45ccfea35f19ab43fa769a45eba
SHA1 f8e06aea824dce39306bb4b5ace588367c255e6d
SHA256 43cbe602a14fba664489b68ddcdbf036464c0188caf2ea54c29957c9128ffbf7
SHA512 fa86e6c209dd5b94427771e9e8b3e54acb3bb3817bc2015dd905efc9818c2dade7fa021809feb3ea736649ec28bd1f0c6c05b31748f2d5c4fab6cdd4c46642f8

C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\ff6b65de0e41d5bcb3b4ba09a6990c0f

MD5 ff6b65de0e41d5bcb3b4ba09a6990c0f
SHA1 f962a1e4ec9c7d2ec4625be854fcb505e0be4427
SHA256 41f6a727a284fc75e82310a6c7ddb1b609c89cefccf3a25196623d4f9c524e36
SHA512 d6f6d8d62ec74d6b3800480152b98d66d78d5c528e305064bf1347bbc18177c2708a626cf7969377e9abc6a4e018ecaba046b3042419001bcc239ad263c0d435

C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MD5 610b1b60dc8729bad759c92f82ee2804
SHA1 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552
SHA256 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08
SHA512 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4

C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeUpdate.exe

MD5 4dc57ab56e37cd05e81f0d8aaafc5179
SHA1 494a90728d7680f979b0ad87f09b5b58f16d1cd5
SHA256 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718
SHA512 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\msedgeupdate.dll

MD5 965b3af7886e7bf6584488658c050ca2
SHA1 72daabdde7cd500c483d0eeecb1bd19708f8e4a5
SHA256 d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19
SHA512 1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4

C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\msedgeupdateres_en.dll

MD5 4a1e3cf488e998ef4d22ac25ccc520a5
SHA1 dc568a6e3c9465474ef0d761581c733b3371b1cd
SHA256 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011
SHA512 ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245

C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\EdgeUpdate.dat

MD5 369bbc37cff290adb8963dc5e518b9b8
SHA1 de0ef569f7ef55032e4b18d3a03542cc2bbac191
SHA256 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3
SHA512 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1

C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\msedgeupdateres_ar.dll

MD5 570efe7aa117a1f98c7a682f8112cb6d
SHA1 536e7c49e24e9aa068a021a8f258e3e4e69fa64f
SHA256 e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01
SHA512 5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8

C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\msedgeupdateres_as.dll

MD5 a8d3210e34bf6f63a35590245c16bc1b
SHA1 f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693
SHA256 3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766
SHA512 6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a

C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\msedgeupdateres_am.dll

MD5 f6c1324070b6c4e2a8f8921652bfbdfa
SHA1 988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf
SHA256 986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717
SHA512 63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100

C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\msedgeupdateres_af.dll

MD5 567aec2d42d02675eb515bbd852be7db
SHA1 66079ae8ac619ff34e3ddb5fb0823b1790ba7b37
SHA256 a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c
SHA512 3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3

C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeComRegisterShellARM64.exe

MD5 7a160c6016922713345454265807f08d
SHA1 e36ee184edd449252eb2dfd3016d5b0d2edad3c6
SHA256 35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9
SHA512 c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e

C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\NOTICE.TXT

MD5 6dd5bf0743f2366a0bdd37e302783bcd
SHA1 e5ff6e044c40c02b1fc78304804fe1f993fed2e6
SHA256 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5
SHA512 f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e

C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe

MD5 60dba9b06b56e58f5aea1a4149c743d2
SHA1 a7e456acf64dd99ca30259cf45b88cf2515a69b3
SHA256 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112
SHA512 e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7

C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeUpdateCore.exe

MD5 c044dcfa4d518df8fc9d4a161d49cece
SHA1 91bd4e933b22c010454fd6d3e3b042ab6e8b2149
SHA256 9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2
SHA512 f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 427582a14b1f7b12aa3fc585f8ff3e42
SHA1 534090d28514363bc3189049b4b08bd140d1e3ec
SHA256 7dea13b69d4e9d2830fd694889e33e38160fc7a502658a5e21697a6fae7d4470
SHA512 516e620cdc52cfa38e8bb98ca8ebacb88b6cd40d00e8b9e1e1c0b07d6f844e4b084be91a816818f10bbf842557a7551653d649d66cdda0b925c9388d5e92e085

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c04d37d3054b81526152de65ad257906
SHA1 5c5f80104e22bb68b41e3fea2cc5945fa92d425b
SHA256 13d29e9aaf3c8b5cf01826a7a5bff614f03303e6f8c362efc4927428bd31ceda
SHA512 bd7178f7517bc00a8b543f623ca7ace1717f89631a0c264dfd8ea9055cc17c7eae565b7f854abb1bc2a44716a502742ce99c9bdae0655f678757921700c0e638

memory/216-3547-0x0000000000ED0000-0x0000000000F05000-memory.dmp

memory/216-3548-0x0000000073490000-0x00000000736A0000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a8d2e2bacebf30d82dbf74a1d74e71ca
SHA1 8fda790edc6ee5892e784a9ffea3f46308ee4e42
SHA256 1210bf990c1087aa7e06d1baf39f2744a1daed200d233b692748e73378917f57
SHA512 9fd9c8bf4c11129b635ea4d8c63054b30edc27a342f7eb7f67ccb0e6fd3ec469b2a746e0b24075bd76829b57fb0ac08187148bf310d3a0666df368486f2e3185

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ae4e356a34761c3475f7922028ca0547
SHA1 181b745de63cc57d21d16cf19c4d963da99d213c
SHA256 c6c271c14f261c4881041ec721a42778705bad0de6307b876ea8ac10ccccd422
SHA512 c07a74e72b5116f6e806ae470daed327a3be4fd9aef65b59ce332b0b341763439bd1af2d95b346894f5a1547d05986f4ff99d7b430e7af2b0092dc21224b0925

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}\124.0.2478.67\MicrosoftEdge_X64_124.0.2478.67.exe

MD5 dabc3160a804b9fadd89ceb0fcecf388
SHA1 b52f15e866a18637683bdf0ea4eaa326b787396f
SHA256 53eb39a92ee0d2eb94f6d33c015097bddd9cfe5c4129d3ac9a9facbfb5087bfe
SHA512 74fc0f21d7cf99e07c079224e2af8a4a51bff98a97bc471cfedfbd3a28d3ee681fbd63fa7239948c3c0bf4f9af56dc582dd128f8c08b54cb73389e85f949f431

C:\Program Files\MsEdgeCrashpad\settings.dat

MD5 f1580e9f20d814b24617ce8a9773f6c5
SHA1 98fc29e7fef8e6e9c27bdcd80b8b70575d9046a7
SHA256 124bd8140e942d0c89fbfcd3c1db87571cca992f09b40e40ed96a43bb38da250
SHA512 da01c476e38a1a0ff19807602528a6bc8eb2071183abcb5dcd72930ad795578da920e9a83126a93bdd6960c94fe7a7faf09079214fd673419d71af63516ee558

memory/216-3603-0x0000000073490000-0x00000000736A0000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7d25803d9aaf110f9bf5b90277af5bec
SHA1 c870d8004eda9c0ef17703fb6e89a61600d5978c
SHA256 58973529ff0b40e17936910d1f3f65ac3f893e4c0c936725d9ecff6c2c058fd5
SHA512 59d63e5ea9ac03d8faf2a9ea1c5c771fff1e98f0b17592968e91177f40d44a54399265c347937a8731bfeb9add184d2a04da0162f47daf838ac31a918c761e12

C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Installer\setup.exe

MD5 c31297188ec9fbaa60449f769339963e
SHA1 8502d9e0cef18137529f0a46ad6e69a1577e6cae
SHA256 2e2eff110475dd3dfd732ab514e4692032e67b2d228d0081634a87f45cde5ff9
SHA512 9525e3e08b953fe36270c7b4868959e9bded055c5577e5ca94d79606b671e6660d180f763b54a276bf356e82d7073901c373e0b40cfca924cc4b38384c20e22a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 34d2ec8b523f895cd00655fa90f8d4ba
SHA1 b8e47608db7f2742ccbff3fb8caa706cafa567f4
SHA256 c6c8b6733630f7305e34c6425ced921c52244639010fb7d4ea549012b9201752
SHA512 dce628f66d5c79c1e9fd12afe6bb77eefe8f9cc1ab1fdfa99d4e82dcbba679ab753e8b7229350eae2f800894624f44e8ee894eb5c9761c4941ef575212053b15

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\1ce665d4-1cf0-4568-a1d1-9674f31fbd4c.tmp

MD5 fc34260888c3fb8351388d4b18f5b6bd
SHA1 866edfcf254bc373e97c7a15cb3c16517d063e41
SHA256 5bfdbcee968f7bcd6dae741e0fcb893b4809140c115a7dddf3700f7f0e5490d3
SHA512 e922e21d0b48d053e124b2bc88339c5b7be7161a335ed7adc3f97449f5f018a21ce84a373dd60e97588af16361db2ef7c79f963e6b11127a316a9bd642155a28

memory/216-3664-0x0000000000ED0000-0x0000000000F05000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1116f8234f6b481dbba2f97291a347a2
SHA1 c5d993036a535c911210906c1af1803ba20e8b29
SHA256 679a2b20a3ed4c3fb636534e856e91aa1f7581e2b15df9bfeb57a19ff6166f4d
SHA512 f73e47f1e56760be949b6d8db0f640d663aaf9d79c0666fb77ff49b75d970ef040c19ba909a4b6e643ff4ebb58e024175b4c348dd5c5c38b3e4dcf047c08dd68

memory/1288-3678-0x00007FFE69150000-0x00007FFE69160000-memory.dmp

memory/1288-3682-0x00007FFE692B0000-0x00007FFE692E0000-memory.dmp

memory/1288-3685-0x00007FFE692B0000-0x00007FFE692E0000-memory.dmp

memory/1288-3686-0x00007FFE692B0000-0x00007FFE692E0000-memory.dmp

memory/1288-3683-0x00007FFE692B0000-0x00007FFE692E0000-memory.dmp

memory/1288-3684-0x00007FFE692B0000-0x00007FFE692E0000-memory.dmp

memory/1288-3681-0x00007FFE69260000-0x00007FFE69270000-memory.dmp

memory/1288-3680-0x00007FFE69260000-0x00007FFE69270000-memory.dmp

memory/1288-3679-0x00007FFE69150000-0x00007FFE69160000-memory.dmp

memory/1288-3687-0x00007FFE69340000-0x00007FFE69345000-memory.dmp

memory/1288-3693-0x00007FFE68040000-0x00007FFE68050000-memory.dmp

memory/1288-3695-0x00007FFE68040000-0x00007FFE68050000-memory.dmp

memory/1288-3694-0x00007FFE68040000-0x00007FFE68050000-memory.dmp

memory/1288-3696-0x00007FFE68040000-0x00007FFE68050000-memory.dmp

memory/1288-3692-0x00007FFE68040000-0x00007FFE68050000-memory.dmp

memory/1288-3691-0x00007FFE68020000-0x00007FFE68030000-memory.dmp

memory/1288-3689-0x00007FFE67F90000-0x00007FFE67FA0000-memory.dmp

memory/1288-3690-0x00007FFE68020000-0x00007FFE68030000-memory.dmp

memory/1288-3688-0x00007FFE67F90000-0x00007FFE67FA0000-memory.dmp

memory/1288-3700-0x00007FFE66B10000-0x00007FFE66B20000-memory.dmp

memory/1288-3705-0x00007FFE66C80000-0x00007FFE66CB0000-memory.dmp

memory/1288-3704-0x00007FFE66C80000-0x00007FFE66CB0000-memory.dmp

memory/1288-3701-0x00007FFE66C80000-0x00007FFE66CB0000-memory.dmp

memory/1288-3703-0x00007FFE66C80000-0x00007FFE66CB0000-memory.dmp

memory/1288-3702-0x00007FFE66C80000-0x00007FFE66CB0000-memory.dmp

memory/1288-3699-0x00007FFE66B10000-0x00007FFE66B20000-memory.dmp

memory/1288-3698-0x00007FFE66A00000-0x00007FFE66A10000-memory.dmp

memory/1288-3697-0x00007FFE66A00000-0x00007FFE66A10000-memory.dmp

memory/1288-3708-0x00007FFE67250000-0x00007FFE6725E000-memory.dmp

memory/1288-3712-0x00007FFE67250000-0x00007FFE6725E000-memory.dmp

memory/1288-3711-0x00007FFE67250000-0x00007FFE6725E000-memory.dmp

memory/1288-3710-0x00007FFE67250000-0x00007FFE6725E000-memory.dmp

memory/1288-3709-0x00007FFE67250000-0x00007FFE6725E000-memory.dmp

memory/1288-3707-0x00007FFE671A0000-0x00007FFE671B0000-memory.dmp

memory/1288-3706-0x00007FFE671A0000-0x00007FFE671B0000-memory.dmp

memory/1288-3713-0x00007FFE673B0000-0x00007FFE673C0000-memory.dmp

memory/1288-3718-0x00007FFE673D0000-0x00007FFE673DB000-memory.dmp

memory/1288-3719-0x00007FFE673D0000-0x00007FFE673DB000-memory.dmp

memory/1288-3717-0x00007FFE673D0000-0x00007FFE673DB000-memory.dmp

memory/1288-3716-0x00007FFE673D0000-0x00007FFE673DB000-memory.dmp

memory/1288-3715-0x00007FFE673D0000-0x00007FFE673DB000-memory.dmp

memory/1288-3714-0x00007FFE673B0000-0x00007FFE673C0000-memory.dmp

memory/1288-3722-0x00007FFE669A0000-0x00007FFE669B0000-memory.dmp

memory/1288-3724-0x00007FFE669D0000-0x00007FFE669F6000-memory.dmp

memory/1288-3728-0x00007FFE669D0000-0x00007FFE669F6000-memory.dmp

memory/1288-3727-0x00007FFE669D0000-0x00007FFE669F6000-memory.dmp

memory/1288-3726-0x00007FFE669D0000-0x00007FFE669F6000-memory.dmp

memory/1288-3725-0x00007FFE669D0000-0x00007FFE669F6000-memory.dmp

memory/1288-3723-0x00007FFE669A0000-0x00007FFE669B0000-memory.dmp

memory/1288-3721-0x00007FFE668A0000-0x00007FFE668B0000-memory.dmp

memory/1288-3720-0x00007FFE668A0000-0x00007FFE668B0000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ffec03fa1bcb89dba56021193d4205cd
SHA1 f413c7371d9f6b0aaa7b3c64abb0c00d0c155867
SHA256 55a11149f5ccad6811b5442c06048c434984a475dd487a5aec8a72ef61db99ff
SHA512 40b3f55d7d1bf86622496aa9a1ac54b03dd1682383dba0006aef253f56ab9d1123b602bbf2d531fafcb4b6c637f0d2685511aea4e63d615641d4a53d9db34b64

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d1895aa021c34c334d7202fd4fddd64c
SHA1 f4c6f98dd7218e3630d3d2efcfaca41c9c3ac1c9
SHA256 776dc37d9637857cbab9abe6e44ddea4595ffda9fe80d6d34c15874404cc9b42
SHA512 4be1ee9c41c3a9b9660c706e3e9a936234bc38a5b24a666308c3733b92f99d2ca2257ee402d2293c1e290c391a67c1307ca63aa79116e5bf2523c00b5dbd4d12

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 112b8c7b7d0ca47c601a5f09cf0ec2ff
SHA1 2aadfadb4ba8c9f0360a069972ecd032fbea67b5
SHA256 1c320aca30b9e2becdb959bc352f0b615284bde2f3b23719db83f5dc93959195
SHA512 97e6be1e1fc4e03299a99bc750701be38a42bab2db86c04c8cb6695a0b5332ef7cc048dad24996567e477fd303f8e454cd3e96090112b29eed4b2380d30cc8e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 3b782f91afea3beb8f08bbfd2f3efe20
SHA1 196542f8167585d9fe16765cfa9035f6d5376843
SHA256 fc4f56a7568d65079d600706b11bfcaeec4dda4ae2bd5da34ecf524411d52a11
SHA512 4ee1aa512ae172af27cd685fd7caebf461426898e95a7413e4da462a05b2a2b29bf4e310617d803d67615fcb2cf43aa996d4e6f7bb63e2c5d78f162c868718d6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3168e84352302a904f6583cf5f658910
SHA1 cfce2157ba7a0bdf6ed4f6e151cf4e3974c7be70
SHA256 78794314c1269f0132f07de764d88e3e7e97b55815e652ad2e44df883c33a3ca
SHA512 fdbedec880e2d3605c2abc15d127998349f46c806a5a55e44ef39c5a670bff418503f264e0833d5fcf89992373ac5be52574a941b316dbd5597206b2e4c98714

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ce41bd7c01750dc619f9e9a43f5e98e5
SHA1 49f2831a2d2002b74ea1ce9282f08aad4fb393a5
SHA256 470cfe6d97d615563929136086e89a2167c8a9def2504017ab7dcf1b5dfde69b
SHA512 30514417c7e81024dc2326a693c510b38833d073e616581290e0e8631bc53b72a7e210adccc1477c44640740f6e6d4404d5d51d97445210879d80dd8f4d49549

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 87f66d0cd46758f8aeb309c25ff0fb43
SHA1 a25a14af3a0dc42b10a8d872c21cf64a067bf22f
SHA256 6c88a1767b526a93cfd0b48d00bea3e138bb872e61e608f1f618501dba8e1eb6
SHA512 6d25b9f319d5c072f6930f35b29a34ae6b37763bda01503c2f40788406749d5abbe8cd6b6bb76555c4aba366d92cdc82de73979d0717a08226a919235d4aa2b7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8c0d13232b7f626754f224628480a9a8
SHA1 6043434e0ea677ea4d3f497e8b984870462b9961
SHA256 3e248eb25d82f7679471623d7dae6c55c67180c58e592dd91decd69d96f14716
SHA512 33caa8d63c64b764a4d51fc2439b8daccbc5d540713e5c09196ed66d9508f42f2e373981bd015e3c57a4c2b67401a3bc226487b7f23015e20dfb27e060dcbc76

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ed022e04c4be6ee1e1169b16f9eade8f
SHA1 5e7fb7dd5508e8b16fa39468b8209b16b6f053a5
SHA256 539edb07b8fe964a8a335ff93e933b1df06c76f9efc075e317901f3b5467ad24
SHA512 98b617d86e4ea544d6da76efc36bcfb22dfb9d2fb084c29daa7d480adabadb95f272a9d759914bc3b97e47229e05d8072af972885e62f619cd5df79d46308c0a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9714a0b515eb1ed88891e5907c800ee5
SHA1 66546d9d192952893b368b9177878d44d132e4a3
SHA256 aab7b020d4eac24543cb50b8af90f60ba48fc17a60098baeab2eca3b23c1413b
SHA512 82278c71964b6311bb90da36c25e4f1c60b69a59253c00b29f3382748c6529daaf0575b2609f230fee8ca968eee2ad486a89b11156453608c50db6925732d732

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5d59ba31ddd6256c2a52a12260d2b97c
SHA1 efbea0ff5d3fddb25e30e1bb6b0c3c1c78a46bd6
SHA256 dfca1a2bb4f9c8262d00d0041dab9b6160a7cc9d5aab4b7502be1fa99b016a5b
SHA512 82d383c326f0719b5ff9359bfd600735e0c5dec86281eec714da53d6b339c14894e8d0fb6405eb3fe8b80b4e4f8fca7da4980bd31568ec41ebe4f7f336d27d9b

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 dafc6b47b09b5768e3dfad610be355d9
SHA1 045a02024363994a9724cd5154fd7f9f33266738
SHA256 43ef730d109e475a575e1e4bcf5278d417051627fdec896067c175b2735ad15d
SHA512 b30f93bb0daacb1c6675303f2b40ac990806ea044c4ccc740c4b408620f66c7dd93125c98c7a1a88da6d63192143f3478964491bd18dbaacdaadcbdce54e27e9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5dec18c3ff5bee914795022295128ead
SHA1 d96c70d014c7f1efa67217e333cef508d816a340
SHA256 df683b50a8295655bd38adee820270666069324127be6e5d32e5a599ddf33f79
SHA512 7c31db374489e1a21ad6274cd285b75fd2798c70fad2418edfc3bd820378daa45a6e3133afbff872a4834b2ec63cdfe423b6be9f5676d3eeab56ed3279f45701

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 357e8063fb9bf382bdef27568baa0f50
SHA1 121c672cb9ed3098adc0ad6012f87ad206f08d24
SHA256 13bf810035c14329a67f8ade9370e732d1a5132aaaa23fb16f6e2ebfab0886db
SHA512 a64ccf10de7da4820f6248260d40e0a16d8f9db271136fd390650ec28135f4b91d88c0574c5c585de55224dc9236505bf6f7b6e1a3c48cd900db070baae25191

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1aa6c3756c1e54852646141b846a08b2
SHA1 2a15a018499437945c28adcce406b3c371a9ee87
SHA256 42d3a7223119e1abdf54822dffd44f2c3dcbeabf1dc480a22a9a504e6f5a657c
SHA512 7cd126b5953ca740b7fde020a06d3ad6108cfc3507a124230d4dbb5b9cea11ee5ecec3b367ae9d2734a42922e47e4ad6c48b7762a137aabe78f63cc732fcac5f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 9a5b66e933c4b363989e1a72b9a52101
SHA1 efef5ab6b3be7dda3a23fa87b389c6daa8c18b24
SHA256 fa65d1f708ee9a9e97144d04d2761218dfd8116c8ba2dc41cc164174b2d8fc09
SHA512 150b12632102a282ec12a76f4c47a3b4cb27e44d3f5b1f30ec9a45e0ae5a4108887d2e6ada9355a6003336f8887eb9e78e887914fc25bceb3e0f52f45d2721e0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 eb65329ba898d39301a0177bf46a7f6a
SHA1 606c4c52b9473cc2c55bf96529f762e23276cd94
SHA256 17346e6d38f5128689eba12e70263167bd9f818637cf8f6c71f887e74767f553
SHA512 d0193f4609855b418ac118b21b773ec10a3584b741404325bd51057f978798290316bdd796b875d355c55c2ff95f41a12ff9b37fc06525775069313f446015b3

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{1FAB8CFE-9860-415C-A6CA-AA7D12021940}\2.0.0.34\BGAUpdate.exe

MD5 3f208f4e0dacb8661d7659d2a030f36e
SHA1 07fe69fd12637b63f6ae44e60fdf80e5e3e933ff
SHA256 d3c12e642d4b032e2592c2ba6e0ed703a7e43fb424b7c3ab5b2e51b53d1d433b
SHA512 6c8fce43d04dd7e7f5c8bf275ba01e24a76531e89cc02f4b2f23ab2086f7cf70f485c4240c5ea41bf61cb7ceee471df7e7bdc1b17dfdd54c22e4b02ff4e14740

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.185.29\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe

MD5 b18c705b3c68cc49d9bf3649abc75c24
SHA1 6dc8963dea0f3185368790dee2a346301b4fa24c
SHA256 c2ca3135f3cafd79bf90d4cb3118943ca17f40e0d651d1fc32b1b3d22d1412aa
SHA512 7ac302c1e85c652bd897ce1af812950cd23a53c041af82fdcecb2314bbd1667bf2fc672dea40c21858e64befc9bf60190a4428f0b41c30317bb0e5ec7c00f71b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 38cb8cb1db013336a016c07040378bca
SHA1 d5aa2430c13bac6fa11042e1796e88e9538454f6
SHA256 206e71855fea0a4c798b161aaf7038cd865912cf5f3883bee77be057df7f8d28
SHA512 3958bd8ea3edd51d34deb32735d661af69b6a5f0aa93cf052a4f714e4457875c1ba4d87239b17f6aa9aa88565ed91148dd1beb2d02f28cde757c2c8f70371db8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 847c72d3bb2d428b2f01d1b98a70e927
SHA1 14536f7b7b198355faeb017f24acc438042a0999
SHA256 3118aca5de7a0a95c55b5d7b28afa5c38880d230e9d0851abc97b66645baa548
SHA512 a769729632647cd1d07ae785db23cafecc99f3721b1447d17159e165e8542c1757e7812de9371bf2782d04839f0c9a5c91721b24cfac0bf6824c5ebb20a4b7a3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7d21d1c9d2cf2355555137f42e3aabc4
SHA1 6d40bea0b420ff41c434ecebcfabc23ac17014a6
SHA256 66f988f0032ca954c829f48c4304653eefee17eeb5fd856c9e2f7fa9df24680f
SHA512 c11fe25cce2823386df948275ca60b672881c7d68cf0b132e69619b119702c63091e0e21b4f7a807a1831a08aad0b1e236b7bae14006c5b5e63ad6683e6dca48

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ba827aeecac96ee6c8e21adac42f3e59
SHA1 d3c75b196ca2d5f443c57d8d20890d5026817de9
SHA256 ca8b4b295c861b050fb1ff5d2957d1bbcf91d904d0998a83eaf2eafafec21679
SHA512 6938e0ca6d6de131c4dfbed3aa957b5a6cc68a4624d09248b01c60f6bfc011fdedbe8a15bbb86a580704fb8fa4cb65f45d673e124e62abd49b5e9e0f08f3e2c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 55ab772cb58e3726bd14b081de8128f5
SHA1 de268f86f0afb637d26fe211d68ba736a64b81ff
SHA256 2bfd08f1dc061ab9a09ddbe33f958208f18b48f55dfc372b97a9b9ed38fb5022
SHA512 a469eaca4da490c53f41d10cf5d16e7ace14c7fa8bbcbc4ec0cb76df70db65ea11a227ab5b23a210a45137e319e24f77b1c3c35947c6462b3b23fbd2885c55c5

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\SETUP.EX_

MD5 5070a34dbada1aaa375cc572b5fc7d0c
SHA1 e74b7ef714755870976abe3d2b4a7db0b9cc21e5
SHA256 03e7a32e1f10fced6a07dfa4e6cfd92510d4bf6929d423798e4fb5ca91fe6c20
SHA512 fed3fcbb64a59070b0efd677ca2edc982d28e37cdf7283f2777af8aca7d3760a7eefb8d01b3c2bf4b4ec3708a74c3412f0dede91e31dca1b6f8a4e4edc673aa7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 52a88e9a80210ff919d84b243ddfa4a9
SHA1 adc417de65009d0a65936b04f3d57447cf3d462a
SHA256 d61c6c422cbeb6d19870645c63583312e16aece0033c40e0f7e0f3e5584710fe
SHA512 e262343b7381ffa60ae78c74fc74818ecbec3898bf4412d511dd872d44da98d099c346b67cb974e49446589b1534b04e3287d884d0671592a865d67ff56850c3