Malware Analysis Report

2025-01-18 22:17

Sample ID 240430-ppk3nafa3x
Target Login
SHA256 7e285eb1eec34cf58c13b41d00c0db10f73fe3655aa8709ce8339bfd2c793d30
Tags
adware microsoft discovery evasion persistence phishing stealer trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

7e285eb1eec34cf58c13b41d00c0db10f73fe3655aa8709ce8339bfd2c793d30

Threat Level: Likely malicious

The file Login was found to be: Likely malicious.

Malicious Activity Summary

adware microsoft discovery evasion persistence phishing stealer trojan

Modifies Installed Components in the registry

Downloads MZ/PE file

Sets file execution options in registry

Registers COM server for autorun

Loads dropped DLL

Executes dropped EXE

Checks computer location settings

Looks up external IP address via web service

Checks whether UAC is enabled

Installs/modifies Browser Helper Object

Checks installed software on the system

Checks system information in the registry

Detected potential entity reuse from brand microsoft.

Suspicious use of NtSetInformationThreadHideFromDebugger

Drops file in System32 directory

Suspicious use of NtCreateThreadExHideFromDebugger

Drops file in Program Files directory

Enumerates physical storage devices

Modifies data under HKEY_USERS

Checks processor information in registry

System policy modification

Suspicious use of UnmapMainImage

Suspicious use of AdjustPrivilegeToken

Suspicious behavior: EnumeratesProcesses

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Modifies Internet Explorer settings

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of SendNotifyMessage

Enumerates system info in registry

NTFS ADS

Modifies registry class

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-04-30 12:30

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-30 12:30

Reported

2024-04-30 13:00

Platform

win10v2004-20240419-en

Max time kernel

1793s

Max time network

1799s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\Login.js

Signatures

Downloads MZ/PE file

Modifies Installed Components in the registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A

Sets file execution options in registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU8632.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU8632.tmp\MicrosoftEdgeUpdate.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-2818691465-3043947619-2475182763-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\MicrosoftEdgeUpdate.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6D5A37FA-B20E-4DCB-9711-770B4D5BA41F}\MicrosoftEdge_X64_124.0.2478.67.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6D5A37FA-B20E-4DCB-9711-770B4D5BA41F}\EDGEMITMP_E4FBE.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6D5A37FA-B20E-4DCB-9711-770B4D5BA41F}\EDGEMITMP_E4FBE.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A127106A-B070-4DC6-8D40-1A9ACADCA805}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU8632.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\MicrosoftEdge_X64_124.0.2478.67.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU8632.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Registers COM server for autorun

persistence
Description Indicator Process Target
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\notification_click_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\notification_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\BHO\\ie_to_edge_bho_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\PdfPreview\\PdfPreviewHandler.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\notification_helper.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\EBWebView\\x64\\EmbeddedBrowserWebView.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\notification_click_helper.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Installs/modifies Browser Helper Object

stealer adware
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A

Looks up external IP address via web service

Description Indicator Process Target
N/A jsonip.com N/A N/A
N/A jsonip.com N/A N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU8632.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU8632.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Detected potential entity reuse from brand microsoft.

phishing microsoft

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\VR\VRPointerDiscBlue.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\ExtraContent\textures\ui\LuaChat\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Locales\sr-Latn-RS.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6D5A37FA-B20E-4DCB-9711-770B4D5BA41F}\EDGEMITMP_E4FBE.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\msvcp140.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6D5A37FA-B20E-4DCB-9711-770B4D5BA41F}\EDGEMITMP_E4FBE.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\TextureViewer\cancel.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\dialog_purpose_help.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\fonts\SourceSansPro-It.ttf C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\ExtraContent\textures\ui\LuaChat\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Locales\or.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\Cursors\KeyboardMouse\IBeamCursor.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\ExtraContent\textures\ui\LuaApp\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\TerrainTools\icon_picker_disable_dark.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\Backpack\Backpack.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\Settings\Help\ZoomGesture.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\PlatformContent\pc\textures\water\normal_12.dds C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Locales\fi.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6D5A37FA-B20E-4DCB-9711-770B4D5BA41F}\EDGEMITMP_E4FBE.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\vk_swiftshader_icd.json C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\PluginManagement\edit.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\StudioToolbox\verified-badge-2x.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\dialog_red.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeWebView\Temp\source5708_583868532\msedge_7z.data C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6D5A37FA-B20E-4DCB-9711-770B4D5BA41F}\EDGEMITMP_E4FBE.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Installer\setup.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\fonts\Roboto-Bold.ttf C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\localizationUIScrapingOn.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\VoiceChat\SpeakerLight\Unmuted80.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\ExtraContent\textures\ui\LuaApp\graphic\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\vccorlib140.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Locales\mk.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\Controls\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\PlayerList\AdminIcon.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\ExtraContent\textures\ui\Controls\DesignSystem\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\ExtraContent\textures\ui\Controls\DesignSystem\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\ExtraContent\textures\ui\LuaChat\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Locales\ta.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6D5A37FA-B20E-4DCB-9711-770B4D5BA41F}\EDGEMITMP_E4FBE.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\CloseButton.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\PlayerList\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\Controls\apostrophe.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\DeveloperFramework\button_arrow_right.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\TerrainTools\button_pressed.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\Controls\comma.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\VoiceChat\MicDark\Connecting.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU8632.tmp\msedgeupdateres_quz.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A127106A-B070-4DC6-8D40-1A9ACADCA805}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\face.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\TerrainTools\radio_button_frame_dark.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\ExtraContent\textures\ui\LuaApp\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Locales\hi.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6D5A37FA-B20E-4DCB-9711-770B4D5BA41F}\EDGEMITMP_E4FBE.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Locales\fr.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\delegatedWebFeatures.sccd C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\TerrainTools\mtrl_sandstone.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\Controls\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\particles\common_alpha.dds C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU8632.tmp\msedgeupdateres_zh-CN.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A127106A-B070-4DC6-8D40-1A9ACADCA805}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\AssetImport\btn_dark_filepicker_28x28.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\Debugger\Breakpoint.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\Debugger\Breakpoints\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\loading\robloxTiltRed.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\StudioSharedUI\spawn_withbg_24.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\StudioToolbox\AssetPreview\OffSale.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Locales\da.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\localizationTestingIcon.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\AnimationEditor\image_keyframe_elastic_selected.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\ExtraContent\textures\ui\LuaChat\graphic\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\SelfView\SelfView_icon_indicator_off.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\Controls\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\SysWOW64\wermgr.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\SysWOW64\wermgr.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\SysWOW64\wermgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\SysWOW64\wermgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\SysWOW64\wermgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\SysWOW64\wermgr.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\SysWOW64\wermgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\SysWOW64\wermgr.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\SysWOW64\wermgr.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\SysWOW64\wermgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\SysWOW64\wermgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\SysWOW64\wermgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\SysWOW64\wermgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\SysWOW64\wermgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\SysWOW64\wermgr.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\BIOS C:\Windows\SysWOW64\wermgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU C:\Windows\SysWOW64\wermgr.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\BIOS C:\Windows\SysWOW64\wermgr.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\BIOS C:\Windows\SysWOW64\wermgr.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\BIOS C:\Windows\SysWOW64\wermgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU C:\Windows\SysWOW64\wermgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU C:\Windows\SysWOW64\wermgr.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\BIOS C:\Windows\SysWOW64\wermgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU C:\Windows\SysWOW64\wermgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU C:\Windows\SysWOW64\wermgr.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2818691465-3043947619-2475182763-1000\Software\Microsoft\Internet Explorer\GPU C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2818691465-3043947619-2475182763-1000\SOFTWARE\Microsoft\Internet Explorer\GPU C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\ie_to_edge_bho.IEToEdgeBHO.1\CLSID\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreClass.1\CLSID\ = "{8F09CD6C-5964-4573-82E3-EBFF7702865B}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgeHTM\Application\ApplicationDescription = "Browse the web" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3COMClassService.1.0\CLSID\ = "{CECDDD22-2E72-4832-9606-A9B0E5E344B2}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA}\InprocHandler32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ = "IBrowserHttpRequest2" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A}\VERSIONINDEPENDENTPROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\NumMethods\ = "17" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebMachineFallback\ = "Microsoft Edge Update Update3Web" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ = "IRegistrationUpdateHook" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ = "IAppVersion" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ = "IJobObserver2" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\VERSIONINDEPENDENTPROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{5F6A18BB-6231-424B-8242-19E5BB94F8ED}\ProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ = "IAppBundle" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreMachineClass\ = "Microsoft Edge Update Core Class" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ = "ICoCreateAsyncStatus" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3COMClassService\CurVer\ = "MicrosoftEdgeUpdate.Update3COMClassService.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ = "ICredentialDialog" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\.mht\OpenWithProgids C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ = "IJobObserver2" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\ProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 841854.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU8632.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU8632.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 216 wrote to memory of 228 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 228 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 532 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 532 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3504 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3504 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3504 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3504 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3504 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3504 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3504 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3504 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3504 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3504 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3504 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3504 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3504 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3504 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3504 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3504 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3504 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3504 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3504 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3504 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

System policy modification

evasion
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe N/A

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\Login.js

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffca40346f8,0x7ffca4034708,0x7ffca4034718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2828 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4880 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4160 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3424 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3424 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5276 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5092 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5424 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3540 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3896 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5108 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4168 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2228 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5656 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5644 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5648 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1704 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5868 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5540 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5576 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3188 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4804 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4820 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaFoundationService --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=2296 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7660 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7804 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7768 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=7900 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7620 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7112 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7148 /prefetch:8

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"

C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RUM4MEM0NTUtNkQ1RC00QTUyLUE4M0QtQjRCREVENjk5QjgyfSIgdXNlcmlkPSJ7MkZBQUE5QjItQjU2NS00N0E0LUIxRTgtNTc0MDJBRjQxQ0IyfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins0NUUxN0ExOC03NzkxLTQ0OUEtQUNBQy1EMjY3N0MxQzcxNjR9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4NS4yOSIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijc4Nzg3Nzc1MTUiIGluc3RhbGxfdGltZV9tcz0iNDQ1Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{EC80C455-6D5D-4A52-A83D-B4BDED699B82}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RUM4MEM0NTUtNkQ1RC00QTUyLUE4M0QtQjRCREVENjk5QjgyfSIgdXNlcmlkPSJ7MkZBQUE5QjItQjU2NS00N0E0LUIxRTgtNTc0MDJBRjQxQ0IyfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntDODQwRENFRi0zNTJCLTQ5MjctQTU2Ni0yMUI1RURDNTMyN0Z9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTIzLjAuNjMxMi4xMDYiIG5leHR2ZXJzaW9uPSIxMjMuMC42MzEyLjEwNiIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijc4ODQ1OTczNzciLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6D5A37FA-B20E-4DCB-9711-770B4D5BA41F}\MicrosoftEdge_X64_124.0.2478.67.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6D5A37FA-B20E-4DCB-9711-770B4D5BA41F}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6D5A37FA-B20E-4DCB-9711-770B4D5BA41F}\EDGEMITMP_E4FBE.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6D5A37FA-B20E-4DCB-9711-770B4D5BA41F}\EDGEMITMP_E4FBE.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6D5A37FA-B20E-4DCB-9711-770B4D5BA41F}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6D5A37FA-B20E-4DCB-9711-770B4D5BA41F}\EDGEMITMP_E4FBE.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6D5A37FA-B20E-4DCB-9711-770B4D5BA41F}\EDGEMITMP_E4FBE.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6D5A37FA-B20E-4DCB-9711-770B4D5BA41F}\EDGEMITMP_E4FBE.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x22c,0x230,0x234,0x208,0x238,0x7ff7be6288c0,0x7ff7be6288cc,0x7ff7be6288d8

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RUM4MEM0NTUtNkQ1RC00QTUyLUE4M0QtQjRCREVENjk5QjgyfSIgdXNlcmlkPSJ7MkZBQUE5QjItQjU2NS00N0E0LUIxRTgtNTc0MDJBRjQxQ0IyfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntCRUNEMzBCMi0wQzMwLTRFRTYtQTdCNy1BOUM2NzdENDIyRjZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTI0LjAuMjQ3OC42NyIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9Ii0xIiBpbnN0YWxsZGF0ZT0iLTEiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNzg5OTYxNzgxMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijc4OTk3Mzc2MjkiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4MDg3NDk3NDYwIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy8xMzFiZDVkNy05YzY1LTQ3NmEtOTA3NS1lMjQ5NGY4ZGE5ZTQ_UDE9MTcxNTA4NTM5NyZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1hWGlmRXhRblI4NHlGcGhtU3RvVFhYUEhMY0YxcEVnYUFoaDZ3bzR0bEY5VUM3R2lJZG5wQzJyTG9NdTY2b0VXQlRhZ0djMzhpYzZRemRqSGhUalJzZyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE3MjcyMzc2OCIgdG90YWw9IjE3MjcyMzc2OCIgZG93bmxvYWRfdGltZV9tcz0iMTIyMjkiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4MDg3NTY3NDM4IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODEwMTM4NzQ2MiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iODU2NDY1NzU4NiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjkzNyIgZG93bmxvYWRfdGltZV9tcz0iMTg3NTYiIGRvd25sb2FkZWQ9IjE3MjcyMzc2OCIgdG90YWw9IjE3MjcyMzc2OCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iNDYzMjAiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe" -app -isInstallerLaunch

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:jvqZpyMHaucx9i8WWGfgXMBJM5rQJ55zRJmjXd7oVbLUTljmr44v6HaNKubp9wlIWKgAbWFUqrHOiRLEOtgk0JAaft9nIduG68WLWa58ac_a7groeb7f1gd3v1EhoJUqnl4k37GQHYJBMLXoit5M9lLM6pqVp_tayq8Z8wcxhNuntoj-xFoNCMGoI-cLUbMAHWilGSX0Nillg_onCFRSQuIvaNbpsgGmvXqQ0TwqJL8+launchtime:1714480548071+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1714480463965008%26placeId%3D14067600077%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D4c5f11d9-3623-4c5d-96d5-31cbfd85d2ef%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1714480463965008+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2996 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:_boCr_l2p0TK5_xVQzCK5hyUJ6PZ1ehtsvAsH0-fWW7rmj7QGlIWNMQ-rKhz77csATiPN-jVh2pqd8N56OxW1JUc4riuWhnA1bb_tqn5AP9Q_93kLZQ0ZE-Ybu_3Z4BTSuBbRbpY-HqPnuGxLli-j8lviRdH-zWCswSPDYQHz8eMBMvuIK0_GZ3Z9SPd4LwCrfWPW0LSCC57DV2LJdDhvJBQfzcc481TYoNgDIaADmo+launchtime:1714480810860+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1714480463965008%26placeId%3D14067600077%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D68dd91a4-e321-4570-aa1a-5656908e79c8%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1714480463965008+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Windows\SysWOW64\wermgr.exe

"C:\Windows\system32\wermgr.exe" "-outproc" "0" "2548" "1508" "1476" "1512" "0" "0" "0" "0" "0" "0" "0" "0"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6428 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:0tn31xCNsV8KIy3OpMSzwKA9Si6VLI-SeY6iUT_1zcS_ME5Ceg-XvQYden2P1SlUebLglygcpH9HLYUVKuFW85Mfa3re5ydOYRhN_QuiCUiOsblZ4_gYqtZXQNqSznmZe4km5EzBYjndIkSM8GsS_o0D-uwHpVWN0eoIQQM6uJe3hnrcZyO38ppvzNNDgZqsm0BaZzeGak1n4hoyqgsP5zprLSJuAn9xs4fo5TcGfGE+launchtime:1714480925984+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1714480463965008%26placeId%3D14067600077%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D508c36c1-8cd8-40fe-9144-21b0bb39b285%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1714480463965008+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A127106A-B070-4DC6-8D40-1A9ACADCA805}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A127106A-B070-4DC6-8D40-1A9ACADCA805}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe" /update /sessionid "{2ACC4E8E-9C9E-4940-85CB-22FC652B0882}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MkFDQzRFOEUtOUM5RS00OTQwLTg1Q0ItMjJGQzY1MkIwODgyfSIgdXNlcmlkPSJ7MkZBQUE5QjItQjU2NS00N0E0LUIxRTgtNTc0MDJBRjQxQ0IyfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntGNzFDMUUxQi00MTFDLTRBQjktOUY4My0xOTI5ODlEOTg1NzR9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xODUuMjkiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIxMCI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSIxMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTEzODA2MjgxMDAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTEzODA4MTQ3NTkiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDcwMjM4MzgiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExOTE5Mjg5NTA2IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJkbyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNzJlZDgwODctZWU5OC00MjljLTkzMzAtY2EzYzE5M2Q0MWFmP1AxPTE3MTUwODU3NDUmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9ZDUxUDNIbVVwNGRyMjF1c0tORFRDcUMlMmZYNHY1NUhUU084VU0wZ3ljcHBnMmd4Qnp3RUY0VmhsUlQwWndPRVhFRUtvZjUlMmZSaVBuUmcybU1kcmZiJTJmN2clM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIwIiB0b3RhbD0iMCIgZG93bmxvYWRfdGltZV9tcz0iNCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMTkxOTI4OTUwNiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNzJlZDgwODctZWU5OC00MjljLTkzMzAtY2EzYzE5M2Q0MWFmP1AxPTE3MTUwODU3NDUmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9ZDUxUDNIbVVwNGRyMjF1c0tORFRDcUMlMmZYNHY1NUhUU084VU0wZ3ljcHBnMmd4Qnp3RUY0VmhsUlQwWndPRVhFRUtvZjUlMmZSaVBuUmcybU1kcmZiJTJmN2clM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNjMwNzkyIiB0b3RhbD0iMTYzMDc5MiIgZG93bmxvYWRfdGltZV9tcz0iNDk0NjEiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTE5MTkyODk1MDYiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTE5MjQ2NjAxNDgiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48cGluZyByPSIxMSIgcmQ9IjYzMTgiIHBpbmdfZnJlc2huZXNzPSJ7QTVCRjQ0NzktRjYyRi00NDdGLUFDN0MtQjlFOTQ2MDlDNTlBfSIvPjwvYXBwPjxhcHAgYXBwaWQ9Ins1NkVCMThGOC1CMDA4LTRDQkQtQjZEMi04Qzk3RkU3RTkwNjJ9IiB2ZXJzaW9uPSI5Mi4wLjkwMi42NyIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSIxMCIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNTg5NTM4NzEwNzYyMTQwIj48dXBkYXRlY2hlY2svPjxwaW5nIGFjdGl2ZT0iMSIgYT0iLTEiIHI9IjExIiBhZD0iLTEiIHJkPSI2MzE4IiBwaW5nX2ZyZXNobmVzcz0iezFGRDNDNDY5LUQwMEYtNDE5MC1CMkVBLTM2RUNCOEI0M0E1Mn0iLz48L2FwcD48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iMTI0LjAuMjQ3OC42NyIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiIGluc3RhbGxkYXRlPSI2MzI4Ij48dXBkYXRlY2hlY2svPjxwaW5nIHI9Ii0xIiByZD0iLTEiIHBpbmdfZnJlc2huZXNzPSJ7OUUzRjc4RkUtN0M2QS00Qzg3LUJEQkYtREZERjU3M0JERkI1fSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\Temp\EU8632.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU8632.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{2ACC4E8E-9C9E-4940-85CB-22FC652B0882}"

C:\Windows\SysWOW64\wermgr.exe

"C:\Windows\system32\wermgr.exe" "-outproc" "0" "1900" "1528" "1468" "1532" "0" "0" "0" "0" "0" "0" "0" "0"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MkFDQzRFOEUtOUM5RS00OTQwLTg1Q0ItMjJGQzY1MkIwODgyfSIgdXNlcmlkPSJ7MkZBQUE5QjItQjU2NS00N0E0LUIxRTgtNTc0MDJBRjQxQ0IyfSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7QkNBNEI2RDQtRTlGMS00QTkyLUI2QkEtNDZBQjMyMzQ5MEEwfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNzEuMzkiIG5leHR2ZXJzaW9uPSIxLjMuMTg1LjI5IiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMTAiIGluc3RhbGxkYXRldGltZT0iMTcxMzUzNTA5NSI-PGV2ZW50IGV2ZW50dHlwZT0iMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTE5Mzg3MTI2MzMiLz48L2FwcD48L3JlcXVlc3Q-

C:\Windows\SysWOW64\wermgr.exe

"C:\Windows\system32\wermgr.exe" "-outproc" "0" "4064" "1600" "1556" "1604" "0" "0" "0" "0" "0" "0" "0" "0"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7932 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7480 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7912 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x438 0x298

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7328 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6036 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7688 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7172 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7824 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5836 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7740 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8148 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5840 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7188 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6428 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7932 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8212 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8200 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8356 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8352 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4756 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8584 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4920 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8728 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8872 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4920 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8788 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8508 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8364 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8360 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8736 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7220 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8816 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3424 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7188 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9024 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9020 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7336 /prefetch:2

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2568 /prefetch:1

C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

"C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NzNDMzlBOEMtRERFNi00RUNGLThGNDAtMUE5MzUyNUM2MTFFfSIgdXNlcmlkPSJ7MkZBQUE5QjItQjU2NS00N0E0LUIxRTgtNTc0MDJBRjQxQ0IyfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7NzFBOThEM0YtREE3Ny00NzM4LUI0RTQtRkIzOUM3NDk2QzI2fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjEyMy4wLjYzMTIuMTA2IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIxMSIgaW5zdGFsbGRhdGV0aW1lPSIxNzEzNTExMDg2IiBvb2JlX2luc3RhbGxfdGltZT0iMTMzNTgwMDg2OTUwMDAwMDAwIiBmaXJzdF9mcmVfc2Vlbl90aW1lPSIxMzM1ODk1NDA4NzQ2ODYxMjUiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIyMzEwNjc2IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNTI5MTM0NTAyOCIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Windows\SysWOW64\wermgr.exe

"C:\Windows\system32\wermgr.exe" "-outproc" "0" "4204" "1584" "1540" "1588" "0" "0" "0" "0" "0" "0" "0" "0"

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\MicrosoftEdge_X64_124.0.2478.67.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x214,0x238,0x23c,0x1f8,0x240,0x7ff6f84288c0,0x7ff6f84288cc,0x7ff6f84288d8

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x234,0x238,0x23c,0x230,0x240,0x7ff6f84288c0,0x7ff6f84288cc,0x7ff6f84288d8

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NzNDMzlBOEMtRERFNi00RUNGLThGNDAtMUE5MzUyNUM2MTFFfSIgdXNlcmlkPSJ7MkZBQUE5QjItQjU2NS00N0E0LUIxRTgtNTc0MDJBRjQxQ0IyfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins1NjVDMzAwQi1BODhGLTRBM0ItQTYyQS05RkIwMDgyMzkzM0J9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4NS4yOSIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjEwIiBjb2hvcnQ9InJyZkAwLjE1Ij48dXBkYXRlY2hlY2svPjxwaW5nIHJkPSI2MzI5IiBwaW5nX2ZyZXNobmVzcz0ie0IxNkI5MDE2LTdFREYtNDI0My1CODc5LUUxOTU2NzRBNDVFQn0iLz48L2FwcD48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iOTIuMC45MDIuNjciIG5leHR2ZXJzaW9uPSIxMjQuMC4yNDc4LjY3IiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9IjEwIiBpc19waW5uZWRfc3lzdGVtPSJ0cnVlIiBsYXN0X2xhdW5jaF9jb3VudD0iMSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNTg5NTM4NzEwNzYyMTQwIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjEyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNTMwMTYxNDc3NCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNTMwMTY3NDc5NyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNTMzMDQ3NTg0MiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNTM0NDU0NTg2MCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTU3MTE0OTU4MjgiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSI1NTAiIGRvd25sb2FkZWQ9IjE3MjcyMzc2OCIgdG90YWw9IjE3MjcyMzc2OCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjIiIGluc3RhbGxfdGltZV9tcz0iMzY2OTMiLz48cGluZyBhY3RpdmU9IjEiIGFkPSI2MzI5IiByZD0iNjMyOSIgcGluZ19mcmVzaG5lc3M9IntDMkZBMERFMC02MENDLTQyMDAtOUFBMS01QjFGRUIzOUI4QTl9Ii8-PC9hcHA-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IjEyNC4wLjI0NzguNjciIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIwIiBpbnN0YWxsZGF0ZT0iNjMyOCIgY29ob3J0PSJycmZAMC41MyI-PHVwZGF0ZWNoZWNrLz48cGluZyByZD0iNjMyOSIgcGluZ19mcmVzaG5lc3M9InsyNUI2MTMyNi0wMjBELTQyRjEtQUYyMy1BMUQyQjJBMzJDMTV9Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Windows\SysWOW64\wermgr.exe

"C:\Windows\system32\wermgr.exe" "-outproc" "0" "4416" "1592" "1544" "1596" "0" "0" "0" "0" "0" "0" "0" "0"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4024 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,9106974581859555775,9351113170040611656,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3632 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
US 8.8.8.8:53 240.197.17.2.in-addr.arpa udp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 136.32.126.40.in-addr.arpa udp
NL 23.62.61.115:443 www.bing.com tcp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
US 8.8.8.8:53 115.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 13.86.106.20.in-addr.arpa udp
NL 23.62.61.58:443 www.bing.com tcp
US 8.8.8.8:53 58.61.62.23.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
NL 23.62.61.160:443 th.bing.com tcp
NL 23.62.61.146:443 r.bing.com tcp
NL 23.62.61.146:443 r.bing.com tcp
NL 23.62.61.160:443 th.bing.com tcp
US 8.8.8.8:53 160.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 146.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 login.microsoftonline.com udp
NL 20.190.160.17:443 login.microsoftonline.com tcp
US 8.8.8.8:53 17.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 services.bingapis.com udp
US 13.107.5.80:443 services.bingapis.com tcp
US 13.107.5.80:443 services.bingapis.com tcp
US 8.8.8.8:53 80.5.107.13.in-addr.arpa udp
US 8.8.8.8:53 133.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 t.ssl.ak.dynamic.tiles.virtualearth.net udp
GB 23.37.1.15:443 t.ssl.ak.dynamic.tiles.virtualearth.net tcp
GB 23.37.1.15:443 t.ssl.ak.dynamic.tiles.virtualearth.net tcp
GB 23.37.1.15:443 t.ssl.ak.dynamic.tiles.virtualearth.net tcp
GB 23.37.1.15:443 t.ssl.ak.dynamic.tiles.virtualearth.net tcp
GB 23.37.1.15:443 t.ssl.ak.dynamic.tiles.virtualearth.net tcp
GB 23.37.1.15:443 t.ssl.ak.dynamic.tiles.virtualearth.net tcp
US 8.8.8.8:53 15.1.37.23.in-addr.arpa udp
US 8.8.8.8:53 dev.virtualearth.net udp
US 8.8.8.8:53 landmark3dweb.azureedge.net udp
US 13.107.246.64:443 landmark3dweb.azureedge.net tcp
US 13.107.246.64:443 landmark3dweb.azureedge.net tcp
US 8.8.8.8:53 t.ssl.ak.tiles.virtualearth.net udp
GB 23.37.0.159:443 t.ssl.ak.tiles.virtualearth.net tcp
GB 23.37.0.159:443 t.ssl.ak.tiles.virtualearth.net tcp
GB 23.37.0.159:443 t.ssl.ak.tiles.virtualearth.net tcp
GB 23.37.0.159:443 t.ssl.ak.tiles.virtualearth.net tcp
GB 23.37.0.159:443 t.ssl.ak.tiles.virtualearth.net tcp
GB 23.37.0.159:443 t.ssl.ak.tiles.virtualearth.net tcp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 159.0.37.23.in-addr.arpa udp
US 8.8.8.8:53 167.154.64.172.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 177.178.17.96.in-addr.arpa udp
NL 23.62.61.160:443 th.bing.com tcp
US 13.107.5.80:443 services.bingapis.com tcp
US 8.8.8.8:53 29.243.111.52.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 205.47.74.20.in-addr.arpa udp
US 8.8.8.8:53 aefd.nelreports.net udp
GB 96.17.178.185:443 aefd.nelreports.net tcp
GB 96.17.178.185:443 aefd.nelreports.net udp
US 8.8.8.8:53 185.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 www.roblox.com udp
FR 128.116.122.4:443 www.roblox.com tcp
FR 128.116.122.4:443 www.roblox.com tcp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
GB 3.162.20.44:443 static.rbxcdn.com tcp
GB 13.224.81.95:443 css.rbxcdn.com tcp
GB 13.224.81.95:443 css.rbxcdn.com tcp
GB 13.224.81.95:443 css.rbxcdn.com tcp
GB 13.224.81.95:443 css.rbxcdn.com tcp
GB 13.224.81.95:443 css.rbxcdn.com tcp
GB 13.224.81.95:443 css.rbxcdn.com tcp
GB 13.224.81.55:443 js.rbxcdn.com tcp
GB 13.224.81.55:443 js.rbxcdn.com tcp
GB 13.224.81.55:443 js.rbxcdn.com tcp
GB 13.224.81.55:443 js.rbxcdn.com tcp
GB 13.224.81.55:443 js.rbxcdn.com tcp
GB 13.224.81.55:443 js.rbxcdn.com tcp
US 8.8.8.8:53 4.122.116.128.in-addr.arpa udp
US 8.8.8.8:53 44.20.162.3.in-addr.arpa udp
US 8.8.8.8:53 95.81.224.13.in-addr.arpa udp
US 8.8.8.8:53 55.81.224.13.in-addr.arpa udp
FR 128.116.122.4:443 www.roblox.com udp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 metrics.roblox.com udp
NL 128.116.21.4:443 roblox.com tcp
US 172.64.154.86:443 roblox-api.arkoselabs.com tcp
US 8.8.8.8:53 apis.roblox.com udp
FR 128.116.122.4:443 apis.roblox.com tcp
FR 128.116.122.4:443 apis.roblox.com tcp
US 8.8.8.8:53 locale.roblox.com udp
FR 128.116.122.4:443 locale.roblox.com udp
US 8.8.8.8:53 apis.rbxcdn.com udp
GB 13.224.81.95:443 css.rbxcdn.com tcp
US 2.18.190.76:443 apis.rbxcdn.com tcp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
GB 3.162.20.43:443 images.rbxcdn.com tcp
GB 3.162.20.43:443 images.rbxcdn.com tcp
GB 3.162.20.43:443 images.rbxcdn.com tcp
GB 3.162.20.43:443 images.rbxcdn.com tcp
GB 3.162.20.43:443 images.rbxcdn.com tcp
GB 3.162.20.43:443 images.rbxcdn.com tcp
FR 128.116.122.4:443 auth.roblox.com udp
US 8.8.8.8:53 4.21.116.128.in-addr.arpa udp
US 8.8.8.8:53 86.154.64.172.in-addr.arpa udp
US 8.8.8.8:53 76.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 43.20.162.3.in-addr.arpa udp
US 8.8.8.8:53 ecsv2.roblox.com udp
FR 128.116.122.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 3.122.116.128.in-addr.arpa udp
FR 128.116.122.4:443 auth.roblox.com udp
US 8.8.8.8:53 assetgame.roblox.com udp
FR 128.116.122.4:443 assetgame.roblox.com udp
FR 128.116.122.4:443 assetgame.roblox.com udp
US 172.64.154.86:443 roblox-api.arkoselabs.com tcp
US 8.8.8.8:53 twostepverification.roblox.com udp
FR 128.116.122.4:443 twostepverification.roblox.com udp
US 8.8.8.8:53 ncs.roblox.com udp
FR 128.116.122.4:443 ncs.roblox.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 tr.rbxcdn.com udp
GB 23.73.139.17:443 tr.rbxcdn.com tcp
GB 23.73.139.17:443 tr.rbxcdn.com tcp
GB 3.162.20.44:443 static.rbxcdn.com tcp
US 8.8.8.8:53 lms.roblox.com udp
US 8.8.8.8:53 realtime-signalr.roblox.com udp
US 8.8.8.8:53 thumbnails.roblox.com udp
US 8.8.8.8:53 accountsettings.roblox.com udp
US 8.8.8.8:53 economy.roblox.com udp
US 8.8.8.8:53 friends.roblox.com udp
US 8.8.8.8:53 trades.roblox.com udp
US 8.8.8.8:53 privatemessages.roblox.com udp
US 8.8.8.8:53 gold.roblox.com udp
US 8.8.8.8:53 sea1-128-116-115-3.roblox.com udp
US 8.8.8.8:53 dfw2-128-116-95-3.roblox.com udp
US 8.8.8.8:53 atl1-128-116-99-3.roblox.com udp
US 8.8.8.8:53 cdg1-128-116-122-3.roblox.com udp
US 8.8.8.8:53 lax4-128-116-63-3.roblox.com udp
US 8.8.8.8:53 nrt1-128-116-120-3.roblox.com udp
US 8.8.8.8:53 syd1-128-116-51-3.roblox.com udp
US 8.8.8.8:53 sin2-128-116-97-3.roblox.com udp
US 8.8.8.8:53 roblox-poc.global.ssl.fastly.net udp
US 8.8.8.8:53 chat.roblox.com udp
US 8.8.8.8:53 contacts.roblox.com udp
US 8.8.8.8:53 notifications.roblox.com udp
US 128.116.95.3:443 dfw2-128-116-95-3.roblox.com tcp
FR 128.116.122.3:443 cdg1-128-116-122-3.roblox.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
JP 128.116.120.3:443 nrt1-128-116-120-3.roblox.com tcp
US 128.116.99.3:443 atl1-128-116-99-3.roblox.com tcp
US 128.116.63.3:443 lax4-128-116-63-3.roblox.com tcp
SG 128.116.97.3:443 sin2-128-116-97-3.roblox.com tcp
US 151.101.1.194:443 roblox-poc.global.ssl.fastly.net tcp
FR 128.116.122.3:443 cdg1-128-116-122-3.roblox.com tcp
US 128.116.115.3:443 sea1-128-116-115-3.roblox.com tcp
FR 128.116.122.4:443 notifications.roblox.com udp
FR 128.116.122.4:443 notifications.roblox.com udp
FR 128.116.122.4:443 notifications.roblox.com udp
FR 128.116.122.4:443 notifications.roblox.com udp
FR 128.116.122.4:443 notifications.roblox.com udp
FR 128.116.122.4:443 notifications.roblox.com udp
FR 128.116.122.4:443 notifications.roblox.com udp
FR 128.116.122.4:443 notifications.roblox.com udp
FR 128.116.122.4:443 notifications.roblox.com udp
US 8.8.8.8:53 17.139.73.23.in-addr.arpa udp
US 8.8.8.8:53 194.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 226.21.18.104.in-addr.arpa udp
US 8.8.8.8:53 3.99.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.95.116.128.in-addr.arpa udp
JP 128.116.120.3:443 nrt1-128-116-120-3.roblox.com tcp
SG 128.116.97.3:443 sin2-128-116-97-3.roblox.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
US 8.8.8.8:53 presence.roblox.com udp
FR 128.116.122.4:443 presence.roblox.com udp
FR 128.116.122.4:443 presence.roblox.com udp
US 8.8.8.8:53 3.63.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.115.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.120.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.51.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.97.116.128.in-addr.arpa udp
US 8.8.8.8:53 games.roblox.com udp
FR 128.116.122.4:443 games.roblox.com udp
US 8.8.8.8:53 js.stripe.com udp
US 151.101.0.176:443 js.stripe.com tcp
US 8.8.8.8:53 badges.roblox.com udp
US 8.8.8.8:53 176.0.101.151.in-addr.arpa udp
US 8.8.8.8:53 ord2-128-116-101-3.roblox.com udp
US 8.8.8.8:53 fra4-128-116-44-3.roblox.com udp
US 8.8.8.8:53 waw1-128-116-124-3.roblox.com udp
US 8.8.8.8:53 mia4-128-116-45-3.roblox.com udp
US 8.8.8.8:53 lax2-128-116-116-3.roblox.com udp
US 8.8.8.8:53 iad4-128-116-102-3.roblox.com udp
US 128.116.101.3:443 ord2-128-116-101-3.roblox.com tcp
DE 128.116.44.3:443 fra4-128-116-44-3.roblox.com tcp
PL 128.116.124.3:443 waw1-128-116-124-3.roblox.com tcp
US 128.116.116.3:443 lax2-128-116-116-3.roblox.com tcp
US 8.8.8.8:53 aws-eu-central-1a-lms.rbx.com udp
US 128.116.45.3:443 mia4-128-116-45-3.roblox.com tcp
US 128.116.102.3:443 iad4-128-116-102-3.roblox.com tcp
US 8.8.8.8:53 c0.rbxcdn.com udp
FR 128.116.122.4:443 badges.roblox.com udp
DE 52.28.94.237:443 aws-eu-central-1a-lms.rbx.com tcp
GB 13.224.81.10:443 c0.rbxcdn.com tcp
US 8.8.8.8:53 voice.roblox.com udp
FR 128.116.122.4:443 voice.roblox.com udp
US 8.8.8.8:53 m.stripe.network udp
US 8.8.8.8:53 3.124.116.128.in-addr.arpa udp
US 8.8.8.8:53 237.94.28.52.in-addr.arpa udp
US 8.8.8.8:53 10.81.224.13.in-addr.arpa udp
US 8.8.8.8:53 3.44.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.101.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.102.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.45.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.116.116.128.in-addr.arpa udp
US 8.8.8.8:53 m.stripe.com udp
US 44.237.105.128:443 m.stripe.com tcp
US 8.8.8.8:53 128.105.237.44.in-addr.arpa udp
US 8.8.8.8:53 91.65.42.20.in-addr.arpa udp
US 8.8.8.8:53 setup.rbxcdn.com udp
GB 18.172.89.122:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 122.89.172.18.in-addr.arpa udp
US 8.8.8.8:53 ecsv2.roblox.com udp
FR 128.116.122.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 setup.rbxcdn.com udp
GB 18.172.89.15:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 233.69.68.104.in-addr.arpa udp
N/A 127.0.0.1:51656 tcp
N/A 127.0.0.1:51660 tcp
N/A 127.0.0.1:51664 tcp
GB 18.172.89.15:443 setup.rbxcdn.com tcp
GB 18.172.89.15:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 15.89.172.18.in-addr.arpa udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 20.114.58.89:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 89.58.114.20.in-addr.arpa udp
US 8.8.8.8:53 msedge.f.tlu.dl.delivery.mp.microsoft.com udp
GB 87.248.205.0:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 0.205.248.87.in-addr.arpa udp
US 8.8.8.8:53 client-telemetry.roblox.com udp
FR 128.116.122.3:443 client-telemetry.roblox.com tcp
N/A 127.0.0.1:52159 tcp
US 8.8.8.8:53 www.roblox.com udp
FR 128.116.122.4:443 www.roblox.com udp
US 8.8.8.8:53 assetgame.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
FR 128.116.122.4:443 auth.roblox.com udp
FR 128.116.122.4:443 auth.roblox.com udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
NL 13.95.26.4:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 4.26.95.13.in-addr.arpa udp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 199.232.210.172:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
NL 23.62.61.75:443 r.bing.com tcp
NL 23.62.61.187:443 r.bing.com tcp
NL 23.62.61.162:443 th.bing.com tcp
US 8.8.8.8:53 75.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 187.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 162.61.62.23.in-addr.arpa udp
NL 23.62.61.187:443 r.bing.com tcp
NL 23.62.61.162:443 th.bing.com tcp
US 8.8.8.8:53 dev.virtualearth.net udp
US 13.107.246.64:443 dev.virtualearth.net tcp
US 8.8.8.8:53 t.ssl.ak.tiles.virtualearth.net udp
US 23.53.112.159:443 t.ssl.ak.tiles.virtualearth.net tcp
US 8.8.8.8:53 159.112.53.23.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
NL 23.62.61.162:443 th.bing.com tcp
US 8.8.8.8:53 myzip-code.com udp
DE 178.63.103.87:443 myzip-code.com tcp
DE 178.63.103.87:443 myzip-code.com tcp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
GB 142.250.200.2:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 142.250.187.194:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 unpkg.com udp
US 104.17.246.203:443 unpkg.com tcp
GB 142.250.200.2:443 securepubads.g.doubleclick.net udp
US 104.17.246.203:443 unpkg.com tcp
US 8.8.8.8:53 code.jquery.com udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 vriskoapostasi.gr udp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 151.101.2.137:443 code.jquery.com tcp
US 151.101.2.137:443 code.jquery.com tcp
DE 178.63.103.87:443 vriskoapostasi.gr tcp
US 8.8.8.8:53 87.103.63.178.in-addr.arpa udp
US 8.8.8.8:53 2.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 194.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 194.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 227.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 203.246.17.104.in-addr.arpa udp
US 8.8.8.8:53 232.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 14.24.17.104.in-addr.arpa udp
US 8.8.8.8:53 137.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 apps.identrust.com udp
US 2.18.190.80:80 apps.identrust.com tcp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
GB 172.217.16.238:443 fundingchoicesmessages.google.com tcp
US 8.8.8.8:53 jsonip.com udp
US 34.117.118.44:443 jsonip.com tcp
US 8.8.8.8:53 a.tile.openstreetmap.org udp
US 8.8.8.8:53 c.tile.openstreetmap.org udp
US 8.8.8.8:53 b.tile.openstreetmap.org udp
US 151.101.1.91:443 b.tile.openstreetmap.org tcp
US 151.101.1.91:443 b.tile.openstreetmap.org tcp
US 151.101.1.91:443 b.tile.openstreetmap.org tcp
US 151.101.1.91:443 b.tile.openstreetmap.org tcp
US 151.101.1.91:443 b.tile.openstreetmap.org tcp
US 151.101.1.91:443 b.tile.openstreetmap.org tcp
US 151.101.1.91:443 b.tile.openstreetmap.org tcp
US 151.101.1.91:443 b.tile.openstreetmap.org tcp
US 151.101.1.91:443 b.tile.openstreetmap.org tcp
US 151.101.1.91:443 b.tile.openstreetmap.org tcp
GB 172.217.16.238:443 fundingchoicesmessages.google.com udp
US 151.101.1.91:443 b.tile.openstreetmap.org udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 104.17.246.203:443 unpkg.com tcp
US 8.8.8.8:53 lh3.googleusercontent.com udp
GB 216.58.201.97:443 lh3.googleusercontent.com tcp
US 8.8.8.8:53 80.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 14.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 44.118.117.34.in-addr.arpa udp
US 8.8.8.8:53 91.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 97.201.58.216.in-addr.arpa udp
US 104.17.246.203:443 unpkg.com tcp
US 104.17.246.203:443 unpkg.com tcp
NL 23.62.61.162:443 th.bing.com tcp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 fpt.microsoft.com udp
US 52.167.30.171:443 fpt.microsoft.com tcp
US 8.8.8.8:53 ncs.roblox.com udp
US 8.8.8.8:53 aefd.nelreports.net udp
FR 128.116.122.4:443 ncs.roblox.com udp
FR 128.116.122.4:443 ncs.roblox.com tcp
FR 128.116.122.4:443 ncs.roblox.com tcp
GB 96.17.178.188:443 aefd.nelreports.net udp
US 8.8.8.8:53 171.30.167.52.in-addr.arpa udp
US 8.8.8.8:53 188.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 fpt2.microsoft.com udp
US 8.8.8.8:53 t-azmaps.azurelbs.com udp
US 8.8.8.8:53 presence.roblox.com udp
FR 128.116.122.4:443 presence.roblox.com udp
US 8.8.8.8:53 www.microsoft.com udp
BE 2.21.17.194:443 www.microsoft.com tcp
BE 2.21.17.194:443 www.microsoft.com tcp
US 8.8.8.8:53 194.17.21.2.in-addr.arpa udp
US 8.8.8.8:53 web.vortex.data.microsoft.com udp
US 8.8.8.8:53 cdn-dynmedia-1.microsoft.com udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 accdn.lpsnmedia.net udp
NL 23.62.61.56:443 cdn-dynmedia-1.microsoft.com tcp
US 8.8.8.8:53 analytics.tiktok.com udp
US 23.53.113.225:443 c.s-microsoft.com tcp
US 23.53.113.225:443 c.s-microsoft.com tcp
US 23.53.113.225:443 c.s-microsoft.com tcp
US 23.53.113.225:443 c.s-microsoft.com tcp
US 23.53.113.225:443 c.s-microsoft.com tcp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 cdnssl.clicktale.net udp
US 8.8.8.8:53 d.impactradius-event.com udp
US 8.8.8.8:53 js.monitor.azure.com udp
US 8.8.8.8:53 lpcdn.lpsnmedia.net udp
US 8.8.8.8:53 lptag.liveperson.net udp
US 8.8.8.8:53 mem.gfx.ms udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 publisher.liveperson.net udp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 8.8.8.8:53 www.clarity.ms udp
GB 178.249.97.23:443 lptag.liveperson.net tcp
US 34.120.154.120:443 lpcdn.lpsnmedia.net tcp
GB 178.249.97.99:443 accdn.lpsnmedia.net tcp
US 151.101.1.192:443 publisher.liveperson.net tcp
US 13.107.246.64:443 www.clarity.ms tcp
US 13.107.246.64:443 www.clarity.ms tcp
US 35.186.249.72:443 d.impactradius-event.com tcp
GB 13.224.81.61:443 cdnssl.clicktale.net tcp
US 204.79.197.237:443 bat.bing.com tcp
NL 23.62.61.120:443 analytics.tiktok.com tcp
US 23.53.113.225:443 c.s-microsoft.com tcp
US 13.107.246.64:443 www.clarity.ms tcp
US 8.8.8.8:53 56.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 225.113.53.23.in-addr.arpa udp
US 8.8.8.8:53 199.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 120.154.120.34.in-addr.arpa udp
US 8.8.8.8:53 23.97.249.178.in-addr.arpa udp
US 8.8.8.8:53 99.97.249.178.in-addr.arpa udp
US 8.8.8.8:53 192.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 72.249.186.35.in-addr.arpa udp
US 8.8.8.8:53 61.81.224.13.in-addr.arpa udp
US 8.8.8.8:53 120.61.62.23.in-addr.arpa udp
US 13.107.246.64:443 www.clarity.ms tcp
US 13.107.246.64:443 www.clarity.ms tcp
US 151.101.1.192:443 publisher.liveperson.net tcp
US 8.8.8.8:53 browser.events.data.microsoft.com udp
US 20.189.173.26:443 browser.events.data.microsoft.com tcp
US 8.8.8.8:53 logincdn.msftauth.net udp
US 8.8.8.8:53 acctcdn.msftauth.net udp
US 8.8.8.8:53 acctcdn.msauth.net udp
US 8.8.8.8:53 target.microsoft.com udp
US 13.107.246.64:443 acctcdn.msauth.net tcp
US 152.199.21.175:443 acctcdn.msftauth.net tcp
US 192.229.221.185:443 logincdn.msftauth.net tcp
US 8.8.8.8:53 acctcdnmsftuswe2.azureedge.net udp
US 8.8.8.8:53 lgincdnmsftuswe2.azureedge.net udp
US 8.8.8.8:53 acctcdnvzeuno.azureedge.net udp
IE 66.235.152.225:443 target.microsoft.com tcp
US 20.189.173.26:443 browser.events.data.microsoft.com tcp
US 8.8.8.8:53 175.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 185.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 225.152.235.66.in-addr.arpa udp
US 8.8.8.8:53 26.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 consentreceiverfd-prod.azurefd.net udp
US 13.107.246.64:443 consentreceiverfd-prod.azurefd.net tcp
US 8.8.8.8:53 ats.everesttech.net udp
US 8.8.8.8:53 px.ads.linkedin.com udp
US 13.107.42.14:443 px.ads.linkedin.com tcp
US 8.8.8.8:53 dpm.demdex.net udp
US 54.210.3.132:443 ats.everesttech.net tcp
GB 13.224.81.61:443 cdnssl.clicktale.net tcp
IE 54.171.118.212:443 dpm.demdex.net tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 mscom.demdex.net udp
US 8.8.8.8:53 msftenterprise.sc.omtrdc.net udp
US 8.8.8.8:53 cm.everesttech.net udp
US 8.8.8.8:53 www.google.co.uk udp
IE 54.228.206.60:443 mscom.demdex.net tcp
US 8.8.8.8:53 q-aus1.clicktale.net udp
IE 66.235.152.221:443 msftenterprise.sc.omtrdc.net tcp
US 8.8.8.8:53 c.clicktale.net udp
IE 52.18.190.199:443 cm.everesttech.net tcp
US 52.205.85.201:443 q-aus1.clicktale.net tcp
GB 216.58.204.67:443 www.google.co.uk tcp
IE 52.30.65.250:443 c.clicktale.net tcp
IE 52.30.65.250:443 c.clicktale.net tcp
IE 52.30.65.250:443 c.clicktale.net tcp
IE 52.30.65.250:443 c.clicktale.net tcp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 70.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 212.118.171.54.in-addr.arpa udp
US 8.8.8.8:53 4.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 132.3.210.54.in-addr.arpa udp
US 8.8.8.8:53 60.206.228.54.in-addr.arpa udp
US 8.8.8.8:53 221.152.235.66.in-addr.arpa udp
US 8.8.8.8:53 199.190.18.52.in-addr.arpa udp
US 8.8.8.8:53 250.65.30.52.in-addr.arpa udp
US 8.8.8.8:53 201.85.205.52.in-addr.arpa udp
US 13.107.246.64:443 consentreceiverfd-prod.azurefd.net tcp
US 8.8.8.8:53 k-aus1.clicktale.net udp
US 3.226.4.19:443 k-aus1.clicktale.net tcp
US 8.8.8.8:53 srm.bf.contentsquare.net udp
US 8.8.8.8:53 x.clarity.ms udp
US 3.229.7.94:443 srm.bf.contentsquare.net tcp
US 20.114.190.119:443 x.clarity.ms tcp
US 8.8.8.8:53 19.4.226.3.in-addr.arpa udp
US 8.8.8.8:53 94.7.229.3.in-addr.arpa udp
US 8.8.8.8:53 119.190.114.20.in-addr.arpa udp
US 3.226.4.19:443 k-aus1.clicktale.net tcp
US 34.120.154.120:443 lpcdn.lpsnmedia.net udp
US 35.186.249.72:443 d.impactradius-event.com udp
US 8.8.8.8:53 web.vortex.data.microsoft.com udp
US 8.8.8.8:53 c1.microsoft.com udp
IE 68.219.88.97:443 c1.microsoft.com tcp
US 8.8.8.8:53 166.17.21.2.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
GB 142.250.187.194:443 googleads.g.doubleclick.net udp
GB 163.70.151.35:443 www.facebook.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
US 8.8.8.8:53 c.bing.com udp
GB 142.250.178.4:443 www.google.com udp
IE 52.30.65.250:443 c.clicktale.net tcp
GB 216.58.204.67:443 www.google.co.uk udp
US 8.8.8.8:53 97.88.219.68.in-addr.arpa udp
US 8.8.8.8:53 35.151.70.163.in-addr.arpa udp
US 23.53.113.225:443 c.s-microsoft.com tcp
US 8.8.8.8:53 xbox.com udp
NL 20.76.201.171:443 xbox.com tcp
US 8.8.8.8:53 www.xbox.com udp
BE 23.55.96.62:80 www.xbox.com tcp
BE 23.55.96.62:443 www.xbox.com tcp
US 8.8.8.8:53 171.201.76.20.in-addr.arpa udp
US 8.8.8.8:53 62.96.55.23.in-addr.arpa udp
US 8.8.8.8:53 assets-www.xbox.com udp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
BE 23.55.96.62:443 assets-www.xbox.com tcp
BE 23.55.96.62:443 assets-www.xbox.com tcp
BE 23.55.96.62:443 assets-www.xbox.com tcp
BE 23.55.96.62:443 assets-www.xbox.com tcp
BE 23.55.96.62:443 assets-www.xbox.com tcp
BE 23.55.96.62:443 assets-www.xbox.com tcp
US 8.8.8.8:53 assets.adobedtm.com udp
US 23.53.113.19:443 assets.adobedtm.com tcp
US 8.8.8.8:53 19.113.53.23.in-addr.arpa udp
US 8.8.8.8:53 login.microsoftonline.com udp
IE 40.126.31.69:443 login.microsoftonline.com tcp
IE 40.126.31.69:443 login.microsoftonline.com tcp
US 8.8.8.8:53 emerald.xboxservices.com udp
US 13.107.246.64:443 emerald.xboxservices.com tcp
US 8.8.8.8:53 69.31.126.40.in-addr.arpa udp
US 192.229.221.185:443 logincdn.msftauth.net tcp
US 8.8.8.8:53 2.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 acctcdn.msftauth.net udp
US 8.8.8.8:53 acctcdn.msauth.net udp
US 8.8.8.8:53 logincdn.msftauth.net udp
US 152.199.21.175:443 acctcdn.msftauth.net tcp
US 8.8.8.8:53 lgincdnmsftuswe2.azureedge.net udp
US 8.8.8.8:53 acctcdnvzeuno.azureedge.net udp
US 8.8.8.8:53 acctcdnmsftuswe2.azureedge.net udp
US 8.8.8.8:53 mem.gfx.ms udp
US 8.8.8.8:53 user.auth.xboxlive.com udp
IE 137.116.225.129:443 user.auth.xboxlive.com tcp
US 8.8.8.8:53 xsts.auth.xboxlive.com udp
US 13.86.100.218:443 xsts.auth.xboxlive.com tcp
US 13.86.100.218:443 xsts.auth.xboxlive.com tcp
US 13.86.100.218:443 xsts.auth.xboxlive.com tcp
US 8.8.8.8:53 129.225.116.137.in-addr.arpa udp
US 8.8.8.8:53 peoplehub-public.xboxlive.com udp
US 20.9.40.239:443 peoplehub-public.xboxlive.com tcp
US 20.9.40.239:443 peoplehub-public.xboxlive.com tcp
US 8.8.8.8:53 consent.config.office.com udp
GB 20.108.140.132:443 consent.config.office.com tcp
US 8.8.8.8:53 239.40.9.20.in-addr.arpa udp
US 8.8.8.8:53 218.100.86.13.in-addr.arpa udp
US 8.8.8.8:53 132.140.108.20.in-addr.arpa udp
US 8.8.8.8:53 images-eds-ssl.xboxlive.com udp
US 23.53.112.8:443 images-eds-ssl.xboxlive.com tcp
US 8.8.8.8:53 o741402.ingest.sentry.io udp
US 34.120.195.249:443 o741402.ingest.sentry.io tcp
US 8.8.8.8:53 accounts.xboxlive.com udp
US 20.72.69.38:443 accounts.xboxlive.com tcp
US 8.8.8.8:53 8.112.53.23.in-addr.arpa udp
US 8.8.8.8:53 249.195.120.34.in-addr.arpa udp
US 8.8.8.8:53 38.69.72.20.in-addr.arpa udp
BE 2.21.17.194:443 www.microsoft.com tcp
US 8.8.8.8:53 fpt.microsoft.com udp
US 8.8.8.8:53 dc.services.visualstudio.com udp
NL 20.50.88.242:443 dc.services.visualstudio.com tcp
US 8.8.8.8:53 242.88.50.20.in-addr.arpa udp
US 8.8.8.8:53 cart.production.store-web.dynamics.com udp
NL 23.62.61.162:443 cart.production.store-web.dynamics.com tcp
US 8.8.8.8:53 ib.adnxs.com udp
NL 185.89.210.46:443 ib.adnxs.com tcp
US 8.8.8.8:53 46.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 www.xbox.com udp
US 8.8.8.8:53 assets-www.xbox.com udp
US 8.8.8.8:53 dpm.demdex.net udp
IE 34.251.71.27:443 dpm.demdex.net tcp
US 8.8.8.8:53 mscom.demdex.net udp
IE 66.235.152.221:443 msftenterprise.sc.omtrdc.net tcp
IE 52.17.32.208:443 mscom.demdex.net tcp
US 8.8.8.8:53 target.microsoft.com udp
IE 52.18.190.199:443 cm.everesttech.net tcp
IE 66.235.152.156:443 target.microsoft.com tcp
US 8.8.8.8:53 27.71.251.34.in-addr.arpa udp
US 8.8.8.8:53 208.32.17.52.in-addr.arpa udp
US 8.8.8.8:53 156.152.235.66.in-addr.arpa udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 20.7.47.135:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 135.47.7.20.in-addr.arpa udp
NL 23.62.61.138:443 www.bing.com tcp
US 8.8.8.8:53 138.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 www.xbox.com udp
US 8.8.8.8:53 msftenterprise.sc.omtrdc.net udp
BE 23.55.96.62:443 www.xbox.com tcp
US 8.8.8.8:53 assets.adobedtm.com udp
US 8.8.8.8:53 assets-www.xbox.com udp
IE 66.235.152.221:443 msftenterprise.sc.omtrdc.net tcp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 23.53.113.19:443 assets.adobedtm.com tcp
US 8.8.8.8:53 www.microsoft.com udp
BE 23.55.96.62:443 assets-www.xbox.com tcp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 mem.gfx.ms udp
BE 2.21.17.194:443 www.microsoft.com tcp
US 13.107.246.64:443 mem.gfx.ms tcp
US 13.107.246.64:443 mem.gfx.ms tcp
US 8.8.8.8:53 target.microsoft.com udp
IE 66.235.152.225:443 target.microsoft.com tcp
US 8.8.8.8:53 peoplehub-public.xboxlive.com udp
US 20.122.146.5:443 peoplehub-public.xboxlive.com tcp
US 8.8.8.8:53 emerald.xboxservices.com udp
US 8.8.8.8:53 consent.config.office.com udp
FR 20.74.39.211:443 consent.config.office.com tcp
US 13.107.246.64:443 emerald.xboxservices.com tcp
US 8.8.8.8:53 browser.events.data.microsoft.com udp
FR 40.79.141.153:443 browser.events.data.microsoft.com tcp
US 8.8.8.8:53 accounts.xboxlive.com udp
US 8.8.8.8:53 5.146.122.20.in-addr.arpa udp
US 8.8.8.8:53 211.39.74.20.in-addr.arpa udp
US 20.72.200.55:443 accounts.xboxlive.com tcp
US 8.8.8.8:53 153.141.79.40.in-addr.arpa udp
US 8.8.8.8:53 55.200.72.20.in-addr.arpa udp
US 8.8.8.8:53 xccs.xboxlive.com udp
IE 168.63.53.71:443 xccs.xboxlive.com tcp
US 8.8.8.8:53 71.53.63.168.in-addr.arpa udp
US 8.8.8.8:53 www.roblox.com udp
FR 128.116.122.4:443 www.roblox.com udp
US 8.8.8.8:53 203.33.253.131.in-addr.arpa udp
US 8.8.8.8:53 presence.roblox.com udp
FR 128.116.122.4:443 presence.roblox.com tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 919c29d42fb6034fee2f5de14d573c63
SHA1 24a2e1042347b3853344157239bde3ed699047a8
SHA256 17cd6de97a0c020cb4935739cfef4ec4e074e8d127ac4c531b6dc496580c8141
SHA512 bb7eadd087bbcec8b1b8a49b102b454333f2f9708d36b6ffc3c82fdc52e46873398d967238c3bfe9ac6caef45b017a5fe3938ebf5f3053e4ef9be7b2752b563d

\??\pipe\LOCAL\crashpad_216_ZZDGWBICZRZHXWDB

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 8b2290ca03b4ca5fe52d82550c7e7d69
SHA1 20583a7851a906444204ce8ba4fa51153e6cd494
SHA256 f9ff4871fc5317299de907489d466e630be63d698c8f7cb77cc81faddbecc6d2
SHA512 704ec8122cc1c263dff67ddbb5c20ee0db8a438674d716bc3be5b266ee5629a219b0049d721f9eb2dd8f2d8fda0163659eaa4d3e1f0a6e9072a8ffb92bb2b25d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0c0397139e3ff84f6d0464a319af82a5
SHA1 0440538ca4396a4251bc8907df46a0f1584749a5
SHA256 2ad5ac814d7b09661ed4c255377ad0061b7a48c401ad00a6b073009b1ce59682
SHA512 b44b8d4f51e83a60b05079c6b2d1a4f6be3f3cfdbb57439018e481e097551be2e6fe0c0c910bf3a5613c649f94b2d22c63220feced4eecb5f87faea6d7e77041

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6a6fdd5bf563d09c17cbe3f3545a0b9a
SHA1 45f3ed028fb4a9b0d10761254bad2c5ca9ed84e4
SHA256 5d2b13f94a70465f03f6b00ce6e59ec2d5c1f6a61822746114c95238a958fa26
SHA512 7d626d9df27319f2ee4ef17a69cfc7157ea8af8228a76faf100cd52429a985600c4edbd403e46a92223edd482b1359c163ef3bfd7bb20eda72ac49a93f33de5b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 887355c0893cae5496f8c68a8324ad8d
SHA1 d45d7d6a009db2a94a2040068e5e95330d8d2641
SHA256 5623a0f8bf24343876934de86f6d3364470af712b112b14afae7db34e9ccbf98
SHA512 2388cc3c3944b5a58d5227368e325893da6b2cdf3ca2b704f1d9b34ad15bd8bc82c85575cc3073e0248ba06ba4fcb64d6078d1da70a37858617bf3179ee9219d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d0433159d5b6e9485b6da5b9b6b6705c
SHA1 23f301ba2382151f0f5cdca9374dff5f1273933d
SHA256 e1b746fd36692ac11ccce37414cfa4cf4449733262cd838dbb7a694129a5b57e
SHA512 db67accb646962fb29bc19b6596145efd946c44bc5819ebc9662456bf8f6b7b29a619346f6d19ff3c2879c312bfcd32e0ae289dc228f23d043402fc3b65eec9a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2f2e61a28219c45b85b2fe88b9c5b5dc
SHA1 47d159a45f8f46f2fc6c44cea99eefd7cfda6bca
SHA256 a6e393c6eb822f216c4c83dd5e7af3f607f7220d76ac7d1e706688f8ef8c85f1
SHA512 e625199c8cd3da871b4511cc9e286bb1ac54ffdba3f4af69635d5e418062410b1dbc2e6e63373d35e394ccb7f78fab748aef94407bbefba3cc9cc0f3a1ad4aab

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

MD5 d2d55f8057f8b03c94a81f3839b348b9
SHA1 37c399584539734ff679e3c66309498c8b2dd4d9
SHA256 6e273f3491917d37f4dbb6c3f4d3f862cada25c20a36b245ea7c6bd860fb400c
SHA512 7bcdbb9e8d005a532ec12485a9c4b777ddec4aee66333757cdae3f84811099a574e719d45eb4487072d0162fa4654349dd73705a8d1913834535b1a3e2247dc6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

MD5 d6b36c7d4b06f140f860ddc91a4c659c
SHA1 ccf16571637b8d3e4c9423688c5bd06167bfb9e9
SHA256 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92
SHA512 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 7b1c6423660d4957add5e2b8424740e3
SHA1 beac75981fa213681ff316bb628e17374ad04e68
SHA256 27e361512a7b24e6b156a2c5f3559384f1c65a68a595cab16fcb083d495eaee0
SHA512 6cd39a98b6e16e8e74f31e01aa6e10b6b4b7969789f091239bf1b076050df49f32f8ede27c838a9fc95c196b3f66ef958fa7a32035d71d9f9f07c8eddfe583e0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

MD5 710d7637cc7e21b62fd3efe6aba1fd27
SHA1 8645d6b137064c7b38e10c736724e17787db6cf3
SHA256 c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b
SHA512 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

MD5 76a3f1e9a452564e0f8dce6c0ee111e8
SHA1 11c3d925cbc1a52d53584fd8606f8f713aa59114
SHA256 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c
SHA512 a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

MD5 b38fbbd0b5c8e8b4452b33d6f85df7dc
SHA1 386ba241790252df01a6a028b3238de2f995a559
SHA256 b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd
SHA512 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

MD5 798e76073abe579251a34ee1dacf9b3e
SHA1 7e9294eec6545c8e1bbdb7849a73820cdca2fbd2
SHA256 8657f6d3867c20699a230df7939c02ca5fe065db2efcfecf5d8d864ca4873666
SHA512 cf5d69395e47fd4da4de0019a77162736c38f88ef0dd803d114388fbfb139a66083f51bbedd8ab205ab5d41f8464a685f4e0f6b5d3a13f7b91cbb211de14c7fc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5e3e50401fb26032d947fa18e48ccd63
SHA1 a98f75f6fa9037e67f0887e53f58f789a22c1f58
SHA256 67f61d02efea4ef5513d300ee7c859369c583f9cb4f28079868306b9558d87ac
SHA512 4befefd30ab8d8c32c96a4bc6421e80ad8ee3d430c1a6564d1cc7b987b5a8ce0d4adaf486b6bde61d2708af2db3a10852cb723ee8321d6d714073977a06fd83f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 a2e8a1a33b769118cc3b81b8c284004c
SHA1 70fd4c719b99d8b89ce092d9fa44b62ff8539ece
SHA256 ab163876271f5bef8a5eef7648ddb1bf883acf08e4712c9d2cf6a284cb40c326
SHA512 753205cd51bfcac530a281b62969c6360a31c5eca697afc9b26c1843d66bc8fe46dac224bc5084ef6a20b12bc74e6c74e542c313c1b6e449b854b53b4522f782

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3c95d5e6f42c5f9f1069e67bd97a7142
SHA1 f73118323337d9421fe65ea72ec357fbfbda017f
SHA256 2ab5eadd3dcb236951f164351e25917a58b7db888850ebb35732642c0fefdb0f
SHA512 9c80c7891b3249949f0c3a071d2d431d634f2c52b7fe91f149dbb43218c57c2a816fb7b0d99f947b2e60c96016183276a084316790ab3bf2db949086d5f52196

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe588f1c.TMP

MD5 7dfb1ba295ad2c2e10bdb39a95f0a32f
SHA1 eb9109985d38884f7a7598b8c7f73ab0a80f2757
SHA256 ff4823b850df9b2eed608873e7ada52af381203c304f04f24a61a0ecbd10bf67
SHA512 4b3db08f0d0cbe7a4d0df644f7c863e11f8b3403ff1a5b0e8bf7918c397c947bed537de2f48ca6db6a4a58e9d11a68826b6c9ef77d155448166a619ef690d4aa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 cddd34569b9f08ee2521d2c3cdf0fb2b
SHA1 3e9b42158af812af9828fe89bd1eac8e73a37e0d
SHA256 1074a42fd0525c1c3a94f8fabb42e1a0498f480abcfd7efd737d6ea87290e96f
SHA512 3ccd33304b4b7d78b2c16c3f8705fea56278c32856279e7ce5f2f5f7208dc69379f606bb433164f1a38c7119a903f52f180d5396f117cd519110a24d7c26bac9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 89020974334f8bd56a647c53c6693106
SHA1 e9779d9743e6d10ec0cbd08c837cbba89dbf5409
SHA256 f0b1c31168ca21a55818928d0b02faf222534fc8f6b79b0976c973735033fa37
SHA512 51ef4b0563c1ce945ee7ae9ee4c40db8e1e1f59caf04a171a4595ec456d008c82ccb0a18fc77a6e1583f7414b9dde5f6b62ffa9901bb746bea476daa0aeb9f87

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2d34785bd2f9d019a50d3a31b261274d
SHA1 dc952f46e84705dac13f7edeb8038776440fa5dd
SHA256 5219a1765ea3971a10534617626aa4203cceeaab3dfbca0647a9db5d089544ef
SHA512 69126d476f2d6cf68039cf824a9d0c52670292322fe29cd7e2cff201f1caf3fd874ae3643040df8ff4714603df6b52cb1c8a8a16970c8805eddd65f96b0e3c45

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 43cf0b26aaaef2a2b89c30f261abd9c0
SHA1 6fddaa75a5f83bce0a4fa8632dd20e1e8f364f1d
SHA256 34bd50e458d52ddae8c34a57b63b67890c779b944fa988673d240b0544a3e67f
SHA512 fddae4768819c6fade9cbe73d80b195175b191058c98cad2394e514d664141bf44604457447116ac4ca5cad6127523fea635e0a2a9be6db379f89fe21df30a34

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 edc17b2325fc68c27f8306d90f5bfc0a
SHA1 dea04098ddf9b6824d3d29b67d901c40fbe402da
SHA256 d1e4845830e8a73f1165588bde596816c455f4b52ba2c5eb3afadee236f7bca3
SHA512 e4cf4b417825be6712faacc1fdb87cf635eaa79f19f52324756e07fdce480d99b1900d9239198f8e4687275d8a91a50898a41d296fd102c6c7252332037ceef0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 2eb4581a8a8c44bb3d72b8a02f1649a6
SHA1 440635de68dec79b0ffdaf8329013d851a740a3b
SHA256 776816419f706d54fc69d9e5bfe45faa798ebdc8d3b2f2c7187a48a9dbb4ff6e
SHA512 b0dd00086133a8b72d19784b4199499f5d4ed1377aa0efb4f371c9dec7f81b12c18b46a812287fccb312b4e17e803f5ad46dd61d835b2d5926ed97b29950834e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5a57fedfda822629e280deb12579a6de
SHA1 1f0a6b06f588bef411bfc419111859204530a2a2
SHA256 ad081cb88ca3201e127c27b4e946b6388269e6f964b90abdfda295e6b22dcb19
SHA512 be9e15908a592077ce5f1acc6a4ee648fbdb908fbcc4c15ccec729da36efbf42f55558750f0042940db0abe8a85f0818173bbf089662d1d76b04416101ffddb3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 832ea02a4bb27ef0bf8e1b789ea5585d
SHA1 294db198cf4ec07e27fb4a4e869801ee2beab1ee
SHA256 ab8c72571088d8e54718bce70f185b4d1e0c10ef0fe369cbfd2261fa6470a45d
SHA512 c249aded77a6a6d6bcd603d56297bba180fdd1751db35a2ba723e8ca5ffd17914d209c52b607df10dbf3bad1fb34fa242988365915a4b3f3cfe107e79d08f4a4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037

MD5 a8b87a51e56cfa32417c60150afd7f62
SHA1 4760193551d0ca806bee95519c3346ba9093a449
SHA256 ee852781678b2ba44fcbde55d3bb481fe507ef0f8fd2f1108d001188c024616e
SHA512 59ee8d91c193ace60b738225d1a5abf6ec77831503a94f4e30d7861261859b1b833cbe5a9927a6937f8bca9e1af4a209761d54782b10fbaf5482be8b187fbe5c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000050

MD5 793b639f0483074bf878fcf19c131678
SHA1 b1a2ef0fd4d7944a9519e54e3201a05c62c90415
SHA256 b214fce2614aec5046a24ad48e5023ae8d29fda0d8c510f6dfa116f684566869
SHA512 1aa25f77f1075f79f9d188ee9bb4a5569db406f2cbde550c7eb6c3377d3bbea5cfe86f1328248f8772020a90093c133de90c09cd2e50048fe2d400e807526238

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\c7acab95-5809-41c7-87e7-3a4c3029070e.tmp

MD5 cfae2f85d9b0ce9eff0a748d70128ce2
SHA1 6368f1af9db374dfd0fe1103bfae40d936382355
SHA256 235d1d753bce6f53d4c0655a2c045e7e6694fdea72de21a2da0a6fb712c58dde
SHA512 c78dfbb073acae3ea06b8f9474483529cef7fe2d32436e3c1d8264efaf700e6bc7b473d55db4ea43933aca110c4e01e8096a8c0151d08ee697184953479943d1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4ba213c0f29c55b34904872de0ccc391
SHA1 17d33fa21d8bb8f73825a44e69eff654267fa6f4
SHA256 1f680e249bb7623d30c51eb4deaa6c0dc5df95111ed236cf16a6f336b1193250
SHA512 4e3609d504c3c94e4507e7a4dfad1cdffdcae976bddac76dc312623f71fa0e3c0f7dee23fa94a6fc46b922353e4b9682fe21c9cb8c416e61dd500736efb98db2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 76512902922de29185b81e0410d72b61
SHA1 1bd6d4e99f83359265d2d6577c7f344a889a2549
SHA256 9b35d6ce0ff77a5c6528c9f828ce5da40ca803c49a6c6be7b581d8f579cda143
SHA512 18df7fb66f7fdb4f8367f3189e9e23300efd72b0c9cb32854a65780e70a8a8ca75496abd7eb84ecd26811534e5347f8009680e7bbcae104e3144e544f8db5052

C:\Users\Admin\Downloads\Unconfirmed 841854.crdownload

MD5 c52eec089b9dab56e69fa5f4d9350d8e
SHA1 e89b321198835baa1313dcd1b7eb71fc75eac6b7
SHA256 d1a0d760bf92479e176dbddb70669d9c3bcbcf8743c5601517682ee300a202de
SHA512 894f3ece52ba0fdb7bf5eb3b4a473df66230be894fc47ba2f5189a06ec5db252f0a215d6062514c5b467cdb498555ef03b2dd26d6a8d76a25e121bff67fb4677

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 66db9ad5796701e2c618bfee948bedeb
SHA1 7c9c797e99c2d101118457dd3a5ceec3872a0186
SHA256 4213a32946e84e8b2d278bc8a40c771fa6326b39a0477dfee7dcb7871efe1a2d
SHA512 c81620d8fc41b5d85e47023289f44051fdf9c03dfc07ed5c1f131c7206ee85e3960c65c6c74539f79e6dc74995dc08ecda03e4321f63760313c8620eb6639bcd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 22666597acd65e7aa70b2c65411fca37
SHA1 c6c4c24c7b828d09cef2cf931c75fc5d51314fd2
SHA256 2d1ef838fab88d8f4f4abf4138c8a287f9925c72b8c9e86982dc0577fde0f8c1
SHA512 b056c2abfa556040215ed57ed73480943eef0ded817d71e40c68a8a14c4fa5c10811b462b9936cf9fe20e104fee37cd74c7d2d1aa791341087252256d7ef943c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 561fe24f3ecb660dcd66d2384ac7c973
SHA1 7686bb95fafdf00102e992956b348df036908817
SHA256 b1d3654bfae1833b2815dff7dbeae1ebfd7ede8b2c1a3d376f62a2407cb00956
SHA512 b0a68e1f00d0a7d9fae61194ff35e4f76d5def53b620593512b1d264d8088d6b4474b5394abe0e0aebd2d043e9a66544bb4e34b41c499060ef7fcaf11208df61

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 fd7a39e6b812ba9f403a2229ae4c6741
SHA1 417b68d5325375194b5edd7bab9da5ce48117e6c
SHA256 072833b4ee15d938864214533e768aee6960a219c5321b037b88a85002a2eacf
SHA512 6c834ac4a8639f7c691f2820161f45aeb1e4ea166f065e783c2586938fe8fea59f78e054f351b37667e4e32b74c4f7a7780cc29cfbc769414018b6dbc195c517

C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe

MD5 911c020a364b10fe1de664c01de4534c
SHA1 8731aee51722d2e1604864eb8f03abe3e6d35441
SHA256 cb84418aa6ff71e927125f05cd74b10cef07b40fe19a17f9ba5c3bd57f2d9591
SHA512 7e2c2259dde1fcb1a10a3864b1e24f892fb28d1c0a9a8b1b32d6b512d9f49b031cf6119f55dad008f0b2a5dc87ae606ee0c2918fdc44fc307d56bc933537db7b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 f2d3a490b5167addfb499479e119e08a
SHA1 f9695ca3bb20a709022cf221c48030616a6771a6
SHA256 6eaefc0360314215af539f57c909aa13d6992bc02992dbb05c84a1298d6660b4
SHA512 794f2e7f65f52f904311f8d713a1fc6398fa055dd64ced4ac79200b46057e64245637899540d9ba8f659afebc3d60bdbe732e2cb625de74ea84ecf33d0af43f8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5b47b8c941033ff9159e5dcc76425cac
SHA1 21efe8cf9e4da37255b23705550622fb360482c2
SHA256 c506920b9541ed9b3bcdbd36a7bddc04fdcc2e2863d32ebc5e012a4ad6198c9d
SHA512 838e95cdcdcbf665b791b100e5d9b04e3abba1fc0f4f126c134eab0cc2403e3969622944f2eb58ef4afaa386136240ce3908e99903f5675a29b9cd9af87d5db0

C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\ff6b65de0e41d5bcb3b4ba09a6990c0f

MD5 ff6b65de0e41d5bcb3b4ba09a6990c0f
SHA1 f962a1e4ec9c7d2ec4625be854fcb505e0be4427
SHA256 41f6a727a284fc75e82310a6c7ddb1b609c89cefccf3a25196623d4f9c524e36
SHA512 d6f6d8d62ec74d6b3800480152b98d66d78d5c528e305064bf1347bbc18177c2708a626cf7969377e9abc6a4e018ecaba046b3042419001bcc239ad263c0d435

C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MD5 610b1b60dc8729bad759c92f82ee2804
SHA1 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552
SHA256 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08
SHA512 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4

C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\MicrosoftEdgeUpdate.exe

MD5 4dc57ab56e37cd05e81f0d8aaafc5179
SHA1 494a90728d7680f979b0ad87f09b5b58f16d1cd5
SHA256 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718
SHA512 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\msedgeupdate.dll

MD5 965b3af7886e7bf6584488658c050ca2
SHA1 72daabdde7cd500c483d0eeecb1bd19708f8e4a5
SHA256 d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19
SHA512 1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4

C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\msedgeupdateres_en.dll

MD5 4a1e3cf488e998ef4d22ac25ccc520a5
SHA1 dc568a6e3c9465474ef0d761581c733b3371b1cd
SHA256 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011
SHA512 ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245

C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\MicrosoftEdgeUpdateCore.exe

MD5 c044dcfa4d518df8fc9d4a161d49cece
SHA1 91bd4e933b22c010454fd6d3e3b042ab6e8b2149
SHA256 9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2
SHA512 f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c

C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe

MD5 60dba9b06b56e58f5aea1a4149c743d2
SHA1 a7e456acf64dd99ca30259cf45b88cf2515a69b3
SHA256 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112
SHA512 e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7

C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\MicrosoftEdgeComRegisterShellARM64.exe

MD5 7a160c6016922713345454265807f08d
SHA1 e36ee184edd449252eb2dfd3016d5b0d2edad3c6
SHA256 35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9
SHA512 c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e

C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\msedgeupdateres_am.dll

MD5 f6c1324070b6c4e2a8f8921652bfbdfa
SHA1 988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf
SHA256 986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717
SHA512 63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100

C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\msedgeupdateres_bn.dll

MD5 7dc58c4e27eaf84ae9984cff2cc16235
SHA1 3f53499ddc487658932a8c2bcf562ba32afd3bda
SHA256 e32f77ed3067d7735d10f80e5a0aa0c50c993b59b82dc834f2583c314e28fa98
SHA512 bdec1300cf83ea06dfd351fe1252b850fecea08f9ef9cb1207fce40ce30742348db953107ade6cdb0612af2e774345faf03a8a6476f2f26735eb89153b4256dc

C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\msedgeupdateres_ca.dll

MD5 39551d8d284c108a17dc5f74a7084bb5
SHA1 6e43fc5cec4b4b0d44f3b45253c5e0b032e8e884
SHA256 8dbd55ed532073874f4fe006ef456e31642317145bd18ddc30f681ce9e0c8e07
SHA512 6fa5013a9ce62deca9fa90a98849401b6e164bbad8bef00a8a8b228427520dd584e28cba19c71e2c658692390fe29be28f0398cb6c0f9324c56290bb245d06d2

C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\msedgeupdateres_ca-Es-VALENCIA.dll

MD5 2929e8d496d95739f207b9f59b13f925
SHA1 7c1c574194d9e31ca91e2a21a5c671e5e95c734c
SHA256 2726c48a468f8f6debc2d9a6a0706b640b2852c885e603e6b2dec638756160df
SHA512 ea459305d3c3fa7a546194f649722b76072f31e75d59da149c57ff05f4af8f38a809066054df809303937bbca917e67441da2f0e1ea37b50007c25ae99429957

C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\msedgeupdateres_el.dll

MD5 ac275b6e825c3bd87d96b52eac36c0f6
SHA1 29e537d81f5d997285b62cd2efea088c3284d18f
SHA256 223d2db0bc2cc82bda04a0a2cd2b7f6cb589e2fa5c0471a2d5eb04d2ffcfcfa0
SHA512 bba581412c4297c4daf245550a2656cdc2923f77158b171e0eacf6e933c174eac84580864813cf6d75d73d1a58e0caf46170aee3cee9d84dc468379252b16679

C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\msedgeupdateres_de.dll

MD5 aab01f0d7bdc51b190f27ce58701c1da
SHA1 1a21aabab0875651efd974100a81cda52c462997
SHA256 061a7cdaff9867ddb0bd3de2c0760d6919d8d2ca7c7f889ec2d32265d7e7a75c
SHA512 5edbda45205b61ac48ea6e874411bb1031989001539650de6e424528f72ec8071bd709c037c956450bb0558ee37d026c26fdb966efceb990ed1219f135b09e6e

C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\msedgeupdateres_da.dll

MD5 d34380d302b16eab40d5b63cfb4ed0fe
SHA1 1d3047119e353a55dc215666f2b7b69f0ede775b
SHA256 fd98159338d1f3b03814af31440d37d15ab183c1a230e6261fbb90e402f85d5f
SHA512 45ce58f4343755e392037a9c6fc301ad9392e280a72b9d4b6d328866fe26877b2988c39e05c4e7f1d5b046c0864714b897d35285e222fd668f0d71b7b10e6538

C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\msedgeupdateres_cy.dll

MD5 34d991980016595b803d212dc356d765
SHA1 e3a35df6488c3463c2a7adf89029e1dd8308f816
SHA256 252b6f9bf5a9cb59ad1c072e289cc9695c0040b363d4bfbcc9618a12df77d18e
SHA512 8a6cbcf812af37e3ead789fbec6cba9c4e1829dbeea6200f0abbdae15efd1eda38c3a2576e819d95ed2df0aafd2370480daa24a3fe6aeb8081a936d5e1f8d8ed

C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\msedgeupdateres_cs.dll

MD5 16c84ad1222284f40968a851f541d6bb
SHA1 bc26d50e15ccaed6a5fbe801943117269b3b8e6b
SHA256 e0f0026ddcbeafc6c991da6ba7c52927d050f928dba4a7153552efcea893a35b
SHA512 d3018619469ed25d84713bd6b6515c9a27528810765ed41741ac92caf0a3f72345c465a5bda825041df69e1264aada322b62e10c7ed20b3d1bcde82c7e146b7e

C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\msedgeupdateres_bs.dll

MD5 e338dccaa43962697db9f67e0265a3fc
SHA1 4c6c327efc12d21c4299df7b97bf2c45840e0d83
SHA256 99b1b7e25fbc2c64489c0607cef0ae5ff720ab529e11093ed9860d953adeba04
SHA512 e0c15b166892433ef31ddf6b086680c55e1a515bed89d51edbdf526fcac71fb4e8cb2fadc739ac75ae5c2d9819fc985ca873b0e9e2a2925f82e0a456210898f9

C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\msedgeupdateres_bn-IN.dll

MD5 a94cf5e8b1708a43393263a33e739edd
SHA1 1068868bdc271a52aaae6f749028ed3170b09cce
SHA256 5b01fe11016610d5606f815281c970c86025732fc597b99c031a018626cd9f3c
SHA512 920f7fed1b720afdb569aec2961bd827a6fc54b4598c0704f65da781d142b1707e5106a459f0c289e0f476b054d93c0b733806af036b68f46377dde0541af2e7

C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\msedgeupdateres_bg.dll

MD5 8375b1b756b2a74a12def575351e6bbd
SHA1 802ec096425dc1cab723d4cf2fd1a868315d3727
SHA256 a12df15afac4eb2695626d7a8a2888bdf54c8db671043b0677180f746d8ad105
SHA512 aec4bb94fde884db79a629abcff27fd8afb7f229d055514f51fa570fb47a85f8dfc9a54a8f69607d2bcaf82fae1ec7ffab0b246795a77a589be11fad51b24d19

C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\msedgeupdateres_az.dll

MD5 7937c407ebe21170daf0975779f1aa49
SHA1 4c2a40e76209abd2492dfaaf65ef24de72291346
SHA256 5ab96e4e6e065dbce3b643c6be2c668f5570984ead1a8b3578bbd2056fbad4e9
SHA512 8670746941660e6573732077f5ed1b630f94a825cf4ac9dbe5018772eaac1c48216334757a2aeaa561034b4d907162a370b8f0bae83b34a09457fafe165fb5d7

C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\msedgeupdateres_as.dll

MD5 a8d3210e34bf6f63a35590245c16bc1b
SHA1 f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693
SHA256 3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766
SHA512 6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a

C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\msedgeupdateres_ar.dll

MD5 570efe7aa117a1f98c7a682f8112cb6d
SHA1 536e7c49e24e9aa068a021a8f258e3e4e69fa64f
SHA256 e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01
SHA512 5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8

C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\msedgeupdateres_af.dll

MD5 567aec2d42d02675eb515bbd852be7db
SHA1 66079ae8ac619ff34e3ddb5fb0823b1790ba7b37
SHA256 a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c
SHA512 3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3

C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\EdgeUpdate.dat

MD5 369bbc37cff290adb8963dc5e518b9b8
SHA1 de0ef569f7ef55032e4b18d3a03542cc2bbac191
SHA256 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3
SHA512 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1

C:\Program Files (x86)\Microsoft\Temp\EU550D.tmp\NOTICE.TXT

MD5 6dd5bf0743f2366a0bdd37e302783bcd
SHA1 e5ff6e044c40c02b1fc78304804fe1f993fed2e6
SHA256 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5
SHA512 f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 1ad116749ff5540688b5a0d61ab4f453
SHA1 11ee04203c2b686367d74e28dda0b84effdaf71e
SHA256 5777d049bf4bd48433b8648910389a2892a24e049fa27239d68e4d62f0f39005
SHA512 e8ee03464496651689ecb993903b15d43fc485a0089e2b2a23167f0d77f3673f2e94c2ba7ff871f6935fd4c01f339a56288a71496260cef1ba95d31955fcb0f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 380cf1cca2f5b8409c6a6bd79bd3b85b
SHA1 3b98afedd13c8e030a8f5e3b3cc421e592a19cbb
SHA256 b287d9e5a43c7414886411c858f1fc599ddf64d77e82759bee072edabe6181ff
SHA512 ef122a74af2d2d8af62992d6e1f84b01d17c34222b31570ea9ea48f58e4c401fc707f837542078abf85fc9bf036a2fc6480734341007269d6dd87d9c5442d332

memory/5620-1976-0x0000000073580000-0x0000000073790000-memory.dmp

memory/5620-1975-0x0000000000FC0000-0x0000000000FF5000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 c00aa50cd14ebe83555eb0f7a583e344
SHA1 e23b9749f79c93ac761bd86ac75115fe976e13ee
SHA256 1208f1665d3829cded89eb659b3a7e835f1e1808d67a773b65df4ae7a3f33c2a
SHA512 3f29f8bc40179260d389d7e54203aa09270ad7ac59d1332f70a313b28080ce05fe1e8e0f00fe6bccba35bb514ff6cc21a10d370eaf7f38aa35c7697aa0cca08b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 15e447d6664c936ca5da28c53903a182
SHA1 3d5d8d33f97746d6ab2579c9ccf6de452e227909
SHA256 61add9c47e7b238c95a5c781f171f8768a820db44cf1790d659578d1312d6286
SHA512 2e0613dd2fbd435c67d2f1898e22976c659671ef0ee4600d4785458db3968a92d57588959430737a773f2210e985bd6f890079952a9865cfe44e99580361f009

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 aec9f85fb379b69edfe6b861691eeabc
SHA1 71de363af25f6aa68683135bcd08dc0be359b33c
SHA256 11639453abf144d0db6837e0dead12dbc653906735321344a04f3cea8301c83b
SHA512 21d180a8ad7820b9f815769677c8e5613d334b895a87d0128963304967d865e088b437bfe5f519316cf504e710d08abbd3c64757612a1101355a096c025921fc

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}\124.0.2478.67\MicrosoftEdge_X64_124.0.2478.67.exe

MD5 dabc3160a804b9fadd89ceb0fcecf388
SHA1 b52f15e866a18637683bdf0ea4eaa326b787396f
SHA256 53eb39a92ee0d2eb94f6d33c015097bddd9cfe5c4129d3ac9a9facbfb5087bfe
SHA512 74fc0f21d7cf99e07c079224e2af8a4a51bff98a97bc471cfedfbd3a28d3ee681fbd63fa7239948c3c0bf4f9af56dc582dd128f8c08b54cb73389e85f949f431

C:\Program Files\MsEdgeCrashpad\settings.dat

MD5 34683abd41eab1344892979a786f7f8d
SHA1 2aa68f211dc7d36ce90d0720ddfb74b2ed9d1586
SHA256 75ede1e612d59ab1b1cca2651cd480baf45db3c4c801a90b1376219e04e45d37
SHA512 f5454447f7d0a325cb87991b41404dc96d447d474c673131664b2f5e493911cacf6a98effdaa3ea7bf2058db6a6d5693c2dc812e3ac58dbff068df87b59ae0dd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ca88d776cf5ff00ba44cba97f6a39152
SHA1 12a0231c6bfa873aec3df2c9b5a0f65ef35a3962
SHA256 c70ec2ecadbcf01eabe3f525a5bed604217374f75a75c7ca1c0066649f4cbca8
SHA512 65598c40ba06cd88b639c1b472176f916b27d1c43b554c1ced756e8f63fb3997c33ca417c9f63b10653f36e21c8089029f873da33a7d0808babf428368659c90

memory/5620-2052-0x0000000073580000-0x0000000073790000-memory.dmp

C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Installer\setup.exe

MD5 c31297188ec9fbaa60449f769339963e
SHA1 8502d9e0cef18137529f0a46ad6e69a1577e6cae
SHA256 2e2eff110475dd3dfd732ab514e4692032e67b2d228d0081634a87f45cde5ff9
SHA512 9525e3e08b953fe36270c7b4868959e9bded055c5577e5ca94d79606b671e6660d180f763b54a276bf356e82d7073901c373e0b40cfca924cc4b38384c20e22a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3bb383bc4460e75b9fadcc5a23d55f7d
SHA1 fe2b9138ef4f04f03beb15f18bc3c464d2145476
SHA256 3ed00f8faf30017686aa3c6fbc51bd997c5707a63aefa678d2f333af9576fc12
SHA512 6e61426c34b1351c87d39468ff082a71c9820584f221ab91401ad1911e207c06cb5f0d4117a2254b3a8f62b34ec2c05c129a1aa5c0351952416cbfbe50bfee92

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 372728821cc6e2d5a8395094245925f2
SHA1 2ba2bd52ce9f3478e78f1624e382aabaf10a2b02
SHA256 672709c31a9f999a4e49b2686f7699824dbb842d054661908fff0ecd8e4cb2a5
SHA512 2d617c2b817d333c4b5ba8f0570e6811f51a5605706de2d772f0f05cf42bf35c3113393e26b4476e8dca56f9ab7ed4ab53ef2a75387da03255de0d0fd7af4a7c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2cce907215103fcad51b0a237db2be67
SHA1 800034e9185b9bf091ac5256ecd23449d7ef0bdd
SHA256 5965023750c0e8651e7eefc2790ec5a3d8504232d394d79c0dfbf19f98a0ad47
SHA512 ed9057e86828164c0e58d21971c81459cba2db6900e4b69fa7761038ff3f0c671ac6f29399b4c5e3b3858398908f474035260f66a487382e729526e4ed6d76f7

memory/5620-2108-0x0000000000FC0000-0x0000000000FF5000-memory.dmp

memory/4620-2113-0x00007FFCC2690000-0x00007FFCC26A0000-memory.dmp

memory/4620-2120-0x00007FFCC27F0000-0x00007FFCC2820000-memory.dmp

memory/4620-2122-0x00007FFCC2880000-0x00007FFCC2885000-memory.dmp

memory/4620-2121-0x00007FFCC27F0000-0x00007FFCC2820000-memory.dmp

memory/4620-2119-0x00007FFCC27F0000-0x00007FFCC2820000-memory.dmp

memory/4620-2118-0x00007FFCC27F0000-0x00007FFCC2820000-memory.dmp

memory/4620-2117-0x00007FFCC27F0000-0x00007FFCC2820000-memory.dmp

memory/4620-2116-0x00007FFCC27A0000-0x00007FFCC27B0000-memory.dmp

memory/4620-2115-0x00007FFCC27A0000-0x00007FFCC27B0000-memory.dmp

memory/4620-2114-0x00007FFCC2690000-0x00007FFCC26A0000-memory.dmp

memory/4620-2128-0x00007FFCC2480000-0x00007FFCC2490000-memory.dmp

memory/4620-2129-0x00007FFCC2480000-0x00007FFCC2490000-memory.dmp

memory/4620-2130-0x00007FFCC2480000-0x00007FFCC2490000-memory.dmp

memory/4620-2131-0x00007FFCC2480000-0x00007FFCC2490000-memory.dmp

memory/4620-2127-0x00007FFCC2480000-0x00007FFCC2490000-memory.dmp

memory/4620-2125-0x00007FFCC2460000-0x00007FFCC2470000-memory.dmp

memory/4620-2124-0x00007FFCC23D0000-0x00007FFCC23E0000-memory.dmp

memory/4620-2123-0x00007FFCC23D0000-0x00007FFCC23E0000-memory.dmp

memory/4620-2126-0x00007FFCC2460000-0x00007FFCC2470000-memory.dmp

memory/4620-2132-0x00007FFCBFF40000-0x00007FFCBFF50000-memory.dmp

memory/4620-2140-0x00007FFCC01C0000-0x00007FFCC01F0000-memory.dmp

memory/4620-2139-0x00007FFCC01C0000-0x00007FFCC01F0000-memory.dmp

memory/4620-2138-0x00007FFCC01C0000-0x00007FFCC01F0000-memory.dmp

memory/4620-2137-0x00007FFCC01C0000-0x00007FFCC01F0000-memory.dmp

memory/4620-2136-0x00007FFCC01C0000-0x00007FFCC01F0000-memory.dmp

memory/4620-2135-0x00007FFCC0050000-0x00007FFCC0060000-memory.dmp

memory/4620-2134-0x00007FFCC0050000-0x00007FFCC0060000-memory.dmp

memory/4620-2133-0x00007FFCBFF40000-0x00007FFCBFF50000-memory.dmp

memory/4620-2146-0x00007FFCC1ED0000-0x00007FFCC1EDE000-memory.dmp

memory/4620-2143-0x00007FFCC1ED0000-0x00007FFCC1EDE000-memory.dmp

memory/4620-2144-0x00007FFCC1ED0000-0x00007FFCC1EDE000-memory.dmp

memory/4620-2142-0x00007FFCC1E20000-0x00007FFCC1E30000-memory.dmp

memory/4620-2141-0x00007FFCC1E20000-0x00007FFCC1E30000-memory.dmp

memory/4620-2145-0x00007FFCC1ED0000-0x00007FFCC1EDE000-memory.dmp

memory/4620-2147-0x00007FFCC1ED0000-0x00007FFCC1EDE000-memory.dmp

memory/4620-2148-0x00007FFCC1FC0000-0x00007FFCC1FD0000-memory.dmp

memory/4620-2154-0x00007FFCC1FE0000-0x00007FFCC1FEB000-memory.dmp

memory/4620-2153-0x00007FFCC1FE0000-0x00007FFCC1FEB000-memory.dmp

memory/4620-2152-0x00007FFCC1FE0000-0x00007FFCC1FEB000-memory.dmp

memory/4620-2151-0x00007FFCC1FE0000-0x00007FFCC1FEB000-memory.dmp

memory/4620-2150-0x00007FFCC1FE0000-0x00007FFCC1FEB000-memory.dmp

memory/4620-2149-0x00007FFCC1FC0000-0x00007FFCC1FD0000-memory.dmp

memory/4620-2155-0x00007FFCC04F0000-0x00007FFCC0500000-memory.dmp

memory/4620-2162-0x00007FFCC0620000-0x00007FFCC0646000-memory.dmp

memory/4620-2163-0x00007FFCC0620000-0x00007FFCC0646000-memory.dmp

memory/4620-2161-0x00007FFCC0620000-0x00007FFCC0646000-memory.dmp

memory/4620-2160-0x00007FFCC0620000-0x00007FFCC0646000-memory.dmp

memory/4620-2159-0x00007FFCC0620000-0x00007FFCC0646000-memory.dmp

memory/4620-2158-0x00007FFCC05F0000-0x00007FFCC0600000-memory.dmp

memory/4620-2157-0x00007FFCC05F0000-0x00007FFCC0600000-memory.dmp

memory/4620-2156-0x00007FFCC04F0000-0x00007FFCC0500000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 01a24d2137947d877ae4576d0c54d32c
SHA1 e83ede89d224a6d9d63c2556b943e197457c128c
SHA256 ddeba4388d1a3fdc2229f99e8e07fca36717c52e4aa5a91700462918694c9ba8
SHA512 27299f49614603eefbb6cfc395a9d67ed772c9d580f88591345d58417c79b0f73b927071ecd86808dad1c572830d5d1e0650a206de9aeb22637f800ea01eb660

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 95c2ee5e3434b6b374c4296f68d4a4ee
SHA1 5ec2b40239c1caad75b889faf96a04880fb03565
SHA256 ce6321d1770619fd70912dd1994f84fe9b8b25c6605464cf109cf42c536e93a0
SHA512 d677c84912fe88f4a073fc36da00371aaf5af464773d8b4bbe35a343226c0646951583d1d3d972a1ae0530f529758926eada0f4940cc7654a663b76e2d012f76

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c1a199c51e54788807289af6e058dde5
SHA1 0d905705614aa94bada60fc826feeb4a91fba765
SHA256 365d764f0f645ccac78dbd635352f6d7f3f0f49363930d24664fb341ee68e508
SHA512 d6d3fa4fc8a34144f527eb6f1be8bac662ddf3d1f4b54b15651291fbd25a171332d2d09ad2f15c353625205d3ba5fa6e1227da7efd97a69f5b75d1e0a4689c3d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 08ee0dd932d2bebd673119535726c98c
SHA1 7dbb2bedb460075b797a7439502a998448197eff
SHA256 bb5ef87b2bf052943fff41d7387c38aa549b3bbfe8f9f7c8087b616baa98e84e
SHA512 2b2d008d3b2a3165fa31e3d9c60f301dfc8bc8476deed893aa2c1f501aadfd9a332672b1d0febfdff543d66bb6eb00a3dcd2affd05e9311ee54373eb2051c186

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 81a538b5150190b6ab8c26620eaab93d
SHA1 68b4b79854b9ad26308262a83b91066cb70dfd8f
SHA256 5aa8d264ed23475e81c04783fa32f111091d78fd5ea805dc827a2534cdc6cff4
SHA512 22cc42cc99a8daf90eff27153c4c644fee53595ed1802b19c6c28bf983e667c0cfdb43dbbb2839bead2191067768f559887868ff3f2a2845d049f9e20c228a6b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 116b82dec17e79717a958ca6b99b124c
SHA1 dd3981a6e18dbae30f71a0f0b519b4aec207f1b5
SHA256 c2687ef7c0faa11533fad33a0418b8870accf076e0d4642bfb91b0e39b9a00cf
SHA512 07e1b66eec19c7098c82c863d89c67fef4592a8f272b0d0f74a5bd1fe926aa23fa894cd02df7b51310ec0cbc874f8ddac689145c708b0d0867f703990079e52e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 18d51be0f9775874f1d3758763090a6a
SHA1 7206128491fb9df1849fd7b4b2ff7e58bb6a3884
SHA256 d8be1aa591c710a7d4c3f15e21d7427f4416b1fb34f294f7d70ebfdf7bfd1b71
SHA512 9d7a626e8233d58a1543f3b7724a4716b134bdcc0241ac974ee44057521651bb5512f5f8efb10a3e91e5e480e9c79ea9f4195ada57ec23490c215e6492d9094a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7761e32aa950b4e2bde9a7109224ce50
SHA1 af0fce1f386fd515a089294db2c05bbe4182f217
SHA256 40631e1644e718f70bebc4bff74d146ec122e4f1b68974553f28aa555a1dba41
SHA512 6fe89606c2bec4c94c75aa01a40f4f9d3de26ccc199d0c96c82359aaa28152edae602ff0fea2b03ac15816824d9604f1420658977a96773eccc5c4d6f29a703f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c7964329128b615ef762fff70ff974a5
SHA1 9bcfc2e99b4471faf6929e285d334f71ca6ea818
SHA256 6f4dc5a155a951f85f62711992373d1008f096ca2cb76b1fe083153bb0862b46
SHA512 f6e8024dac978a8560881f62566fe13a4900f46865cd92a868ebf52b81c011e9756a1760a201a826a5d80e56448bf1348df375a47b6a9192f858b4ffd214cd83

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3268841981728d8b863950f8085fdd3e
SHA1 43e7d02689c4b54fa24d68488a128dcc719bd382
SHA256 bc56dbfb69f8e76737804fb09f6480999faaf2e3e1adf66bc9a55c62c5bcd65a
SHA512 8294c8786ec225aec9f14dca46e587f4e9cb3e9b3149ab41800d7ce2595746ecc1209da4f583dece4a51d48044585ed446d04587ff212aa0926e9639181fbc98

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 09a89f53479669538f5de0c67bd7ed1c
SHA1 0cace792cc0f888eba7d4b08cf225cd88f4bed43
SHA256 64b6de3fc51fe39a746b962842c0d039497b30a95380e56ed4f0df6bbf7ee300
SHA512 495002166dd7038f43b50076107cfcc245820d3c4754d77ea02d62614750f902bc27cd9db849efad818aa1183d4c85f30a4dd1c2f3fd2b12981035e0d21c3d85

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9c1ff76e6d5b07cb9e5215ab526ecc97
SHA1 3b0b92934b1a81c1b9ab3acdadfa5092f3d29706
SHA256 f43fc325d681ef20dc6e99641e6388541b5ca1b34ba5aa23e35b4c808dcca376
SHA512 7cb0e8eb41f15bb37cb1cc3549c41f02383deb27c87ab56f73be14f6d92e4090d6c099a6e04d0e34e8490d655357098b03209ace4fa7511834582d2da2c5fd5b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 25dc1f00a9319842ddcd8c8518e30463
SHA1 d1c10430d3138fd0e3a3ffecf422195f40a471d1
SHA256 1541d95005fa698f3ae972323262b0952b5aba5821a2833cbafc3832a9818b9d
SHA512 4511df648f7ef08a90c5e8eff8d6bcd505d66ac2a781d5d80d3e5e61ce4efa9c540c3b87965c2e89a63972d568e280b9ea26af1a607bd87452bbd232ad4f43fa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9600035ec7aa498a44e9175c8d6b3cb9
SHA1 0b014518c091f3d7764c76cb5d01b733296a6e9b
SHA256 f31f8c5ee696b71981516bb289d1e43a407866613b459985aafbd690a0a819ce
SHA512 f926e4ee95f9bf64c984222e9ae98dac41b109b5e13151e3f2f5c6a2bea7ad0dca513f4a6c35589f345d0823db68cf0744f1976140cb385e519eea7c49958b47

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 3fda7d0f2c3a03dec01de5d48c92534d
SHA1 c8f953a8915d348a06a1802ab5e03357966d3444
SHA256 07cbd8fad280d51d5dadc7dfc55985ce4fed3e01cd1daf1b68a9078989136d97
SHA512 2eeb6898bff98f12788f362c4107d5bd7cf4bb4670e0dbaa46e0a1ef63f3d7c8b755de8d28523ea57dc824f658cda87ba978ade9b5b85be6a6515b9f26d5de11

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 00b9173c359433615af0bdcd7e3545bf
SHA1 2df055fba489dd691dfec981cb827c04f70637e2
SHA256 f4fbcf5059f0385eabc4683f1076e635ebfaaa4ef7054b8a055593d2db85ac8b
SHA512 a478f854bbb153df0e0e623262de4b3277dcc3df2cee4d40a02096c5f17465a1a240ba571822d6740c7e3fdc508ab616ca0f75aa42a9bef828f92f41187096b3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 43993806336337714a63786a31415c24
SHA1 682d61b6f004f2c7c703d07c0973a24ad2c1aef1
SHA256 f6e6eea54c00c94382ac1c1206feb7b804a18920bc36eff590883d88da353fa9
SHA512 7498655f61d492160edca8b2739884e7499271cc65aca226c9ac9f47678ae7bd2103a7bc336e021390137f0dd123ce329023491fb7433d96b4b465d45d8d42ea

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f1569751db330fbcfe566e8b7482d3fe
SHA1 dc1bce17edf4c9448425c4dd4b77d54a96f00270
SHA256 8ee7f8509ca44b68445ec04af9bfa790dc67fc576c6a385d221afce32d103cb7
SHA512 aad32c7aaed0cb749145f6cd81a274f343847fc3419a6b06ff1c62210e17de0756bc965ddf8288c6f8ba1fa188e8fe59dd8bac950a94254b2268972d8958d749

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d09acfe4f19facfe4dde94244ef01dc7
SHA1 306ee00da68b830795a95d212ef5acbc9a373d24
SHA256 23f8a8fd8eb210c4a55a958dc97a950472a9644dd848f0922666ce67de05a19e
SHA512 7689f3b1de7b450d8349523b389ebbb1dc5567516f6d7a7ee9f83b707e716030a8769fe961c7e46b10d71e3f9e1f98edb69733abf5c522f0f130e32e63bb7b96

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 321c4f7dce86868add66cbd6329c3de7
SHA1 043304750a295df1820d4f5f8695eacfe2548535
SHA256 1d9db147aae30b65585ec7ed39cdf464e288970261073ce012d72aace8cdfe21
SHA512 3fcb91ca3adbbf2aad5b7c5202cc6c0334755818679d4c060efae7b5e9721b89b9d44d80a3acf536eeb53c2ef3555cf4765c5acd6a9e1c9ab93225d6f0d8ce85

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ab1461703cf4848094652a1aa5ca4b1e
SHA1 eae8ad576c66d3f4ff2c94f56fcb2f8478cf64ee
SHA256 5f2462484753294f2dd9148f4a3599979ed78ad3ec8e20da5c9245918c560f4e
SHA512 fa006e8542d7a22b245a3411dd5ab514e0ee2055e14c9f65712297c6eab38e8a86ce70da9558c6c0d215f08130e9d4a75223b0e1792df73b5cce008752e553cd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 cf9bcfe3dcef97b7dc72b199fcc684d0
SHA1 85d309a92a8af669039734ec41177f0ce581f077
SHA256 eb48d04ec4143546f3be9d5bea6a01577c21840082ed4342e0f6e428585fa88e
SHA512 c716c163509df72cc7ba65c207de9673e5022d0f138f30fa1b2414396c7669064134ba9c5821688d6ba4896bef8af4257347b71ea66cb1ffe68fc5b9d5c84232

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 02f3e1a8cb38da9dae1c3bd6005ef26d
SHA1 480d93e7cfeaebb672b016f6cb50ffd47f996d43
SHA256 f193ef3f4c58fc4a1524e5230b0e7a9112ea7e462c934d10dc34d38052883662
SHA512 795efc1fb6ff1cc3b4ed3306b3659a6e383561b2edc42f4eec188aff8a3702be824dca23c50419d9fb4fce154c526358505aeaf24893454397dc45e328d2a6c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 aec7fe07ea40e27b59badef33c6d6a29
SHA1 100f42617ec5839f261e6b3680040da7548aeccc
SHA256 368bf3f4c387c95e3d0f8f6722d00dcb60505917fb5d3486007b7833c7efea65
SHA512 6582696de0d609e3954217a45e7519a7b67250fde5aa23b98664226df327708d3eac7681974f9f65feef8cdff0ba68c29fcdf68101695c07effc2d38b6904e54

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c40341eceffbf14af302ec136b8cc0c0
SHA1 9842e812efefe4458d14ae3f1334b99ebbca7fea
SHA256 de4c672e08563cfa7e75e596667f012e30ef7f3c93cfed26ae7ad27d6e34d0d2
SHA512 c7345643e022d9f3911f6c604d7a13a192e7647bfa2cfd2a7f43d351180f4444bccf87bcabba57cb6ae7f744b835c0c9f155fe8e1fc24d61f3ff81a34df7360a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 15237063e197745cb5b60654a7121a73
SHA1 4aad59cdc428e32372c04df7ff3803be961773f0
SHA256 915ba4077f6e0c53a233c4373dba30b2c2e9b56950d1e29cdcd3019c7d2bc999
SHA512 f123aa32a037d899e321afc64ce7ac8e686e94631589f0a6c0625d60b2d3de1830df42bf2674f8845095a7450387c5e5fc9a27b5263b4558ad285deb1c149ae8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3c6a998e95e80a7184a38b3bdb497bd1
SHA1 140c1196691bcaa82ae653a57a1f2a8ba1f1a229
SHA256 bcd36319fd30ca984c8a48178cbb5cfd2f30bd067842d05c7e4dc7654800fd66
SHA512 4cf296e205da9199018d7c5fd959a994bd32948723d821811f96cf0146d9fcd349cf117b6a7405e12ee23c138d822733f3785402eecdaff73a451e705d63be33

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 11d5407da7d49f76ed7f83bf6a130fa6
SHA1 da45895ae4e422329f1a8dcfa4554ccb75893560
SHA256 954d34ac1051ae660969702df410f872131d1020d8d01cb0dc90b8d8357600e2
SHA512 2723a5c34733072d066458547c44b8d3aaee82e5d0c65c871e0c606b61374c5efb5ddf33b30b45ab889be0ff4f5c635a9c73a15231b6c2774a61c0751dfc5986

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 062e986b5336e9276ca01d264da24d69
SHA1 9660c42fdef7bf005a6a9786bc1d63a9c298cff3
SHA256 0c1a6c3797f9d84338931d5ce2331c1f4d4ec9fd3205743b0001c9a024331cfd
SHA512 6391cee2d6eb7504c428d4384bafa3075c2a8636987b6f8789ccadfdd1875bf3e82abf779220fa9f9ee43df7ca929b1307d5cd9ba8c532412502bd9200eadf68

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\0e937d1f-bddb-4fde-8148-3eddf25dfb20.tmp

MD5 c54773825f2e442e979f2a58d95cce06
SHA1 16136cf58abdee0a0813131fd176913662b94a15
SHA256 6f9c3f085bc2885336d3a48efec18c4691c0578d4cb0ca6245169176f48b8f96
SHA512 d01b5867952f9010b5d874bda5502b55fad78f2339fe124c5271b054bece8e7a95e4d779efb4158cb65209a188ea7b7ab93871fda08f32ddb1972348cdfa7e90

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.185.29\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe

MD5 b18c705b3c68cc49d9bf3649abc75c24
SHA1 6dc8963dea0f3185368790dee2a346301b4fa24c
SHA256 c2ca3135f3cafd79bf90d4cb3118943ca17f40e0d651d1fc32b1b3d22d1412aa
SHA512 7ac302c1e85c652bd897ce1af812950cd23a53c041af82fdcecb2314bbd1667bf2fc672dea40c21858e64befc9bf60190a4428f0b41c30317bb0e5ec7c00f71b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 dd5781dd33799751fb9819042a585a62
SHA1 8614e8684db66f499d0ec14763c46d2b721133f7
SHA256 d088ad001e1112855fc6ae6ec694b25faaa763b903cefa5090c5e3860586ce38
SHA512 e8e74f0ef2da6cf472d4db12fe022dbeae82d63b7f6f7317471a035ba034a741d3c234e74baba734026eed17e7f41d83b958f7fc686ed802a839bd31d2d096b4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 fc397bf791980b71f93a416d053b9da5
SHA1 1c1ffc1ccefdd69a944cebbf722685a9695ece10
SHA256 780003849786ed574c7fdc1088347e7720ac8cb5bbcdf9c805d64d32f089e591
SHA512 a6f89e13d67c27ec722ec06f676240852df4438ad3ac79d07a751ea7836c36917a15dabd0e550e78340e711a938038793c83ff2af97e6ad55f7658bbc3da91b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

MD5 bbc7e5859c0d0757b3b1b15e1b11929d
SHA1 59df2c56b3c79ac1de9b400ddf3c5a693fa76c2d
SHA256 851c67fbabfda5b3151a6f73f283f7f0634cd1163719135a8de25c0518234fc2
SHA512 f1fecb77f4cdfe7165cc1f2da042048fd94033ca4e648e50ebc4171c806c3c174666bb321c6dda53f2f175dc310ad2459e8f01778acaee6e7c7606497c0a1dea

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

MD5 bc9faa8bb6aae687766b2db2e055a494
SHA1 34b2395d1b6908afcd60f92cdd8e7153939191e4
SHA256 4a725d21a3c98f0b9c5763b0a0796818d341579817af762448e1be522bc574ed
SHA512 621386935230595c3a00b9c53ea25daa78c2823d32085e22363dc438150f1cb6b3d50be5c58665886fac2286ae63bf1f62c8803cb38a0cac201c82ee2db975c4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

MD5 68f0a51fa86985999964ee43de12cdd5
SHA1 bbfc7666be00c560b7394fa0b82b864237a99d8c
SHA256 f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f
SHA512 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

MD5 3051c1e179d84292d3f84a1a0a112c80
SHA1 c11a63236373abfe574f2935a0e7024688b71ccb
SHA256 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3
SHA512 df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff

C:\Users\Admin\Downloads\Unconfirmed 469773.crdownload

MD5 e238acb1750ddf2b2ecad5aa6a41ca88
SHA1 1ce6845e81817fad527b24b2afcb95474a2907b2
SHA256 f8b75fa327781ae420d15b541810222222f0c083fb876d58ffda693e6a253b0b
SHA512 3df9a03f4aa958ce8d50f76e4d434305e13ef7c015435d221a64b1a04bacf2c36e6aaa3be7a54d267912007efc693794c507142062d3c2b851c4cb2aa5e801b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 fc821a8249ede0b2080ca92863016314
SHA1 be560502723da956f087c7aa4acb8aa12583860b
SHA256 e659fbfc1bbbc1e7e338c1027de8db9dee868c2f40e4b29a945fc40713eb4067
SHA512 b8006199eb987b78e415fbc21b0e4a3ac1d097dffdb50aa81bbeb31b4918247ac176f1f8186d8c5977dcc1a91539f3d80643ec06134862b9ddd96e425838a357

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ad2b0615ff6e6164cb0dc6e317a3844a
SHA1 891533a7ed5fa3fa2dc79eedc2e7e31089c2d135
SHA256 b5851b160c31ac3bf1dc7e6e83b4ccb437de6701bc119c287fa35d0342b7d54c
SHA512 0e9682a8c436aa3c30999a5c17faa0cf473bb4793c0175c96f4af4ad7ef7c58702d194caeabb4ad7c04abaafb1972807e27513e9e3270024a88439a78145e381

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 dcbb8faf1b54115d45ed0ce6ca2dfd68
SHA1 a55abc205ce8da43a08b6d5ecad5de378101f3b7
SHA256 9dd4162df3a8228cbf4dd66868e26556d1709ec28b1caae8d75e338065261771
SHA512 f4a8d431044fbd6b38da67f11dfd52a6eac3fc6a1f90391d346bed79688dd95233af8fb86c9229719e30f6ea1821fb6c202e6aacd53b3cc9b8787f4befa55bf4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 86e812d06b87027217a0863c7d647f53
SHA1 2eefb712a24428e55088accb50f09c35634b3808
SHA256 b82cbbb089255c3f76008d9680a84a45cebcd46985efa1963b20365edcb0ba56
SHA512 228f96414636372d6c5c83f7c800f2f4265190a3f0df1f2506b90b639ae19cc141882a7dae297d4926196a585ecf4792c7a1561ddb110f2951771590ceefa7fb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 10578a559f7270ae4ece942d6922724e
SHA1 53710d9957331667e976dd45195b1653a495a4f7
SHA256 12bf0c6f8e1a6f622894281e269c671359e4f69fc1729bd88c1c8f42d0ac07ef
SHA512 9c2a9872848228b24dcf837b5f9c52e099734ea320b2aa512f9ba62c66c216b735ffe8c4433ca81bd86966762b1fa5b3f330e2561cbc196640fb6e2725e245cf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 712a37b97e358a3ca730466c0348ae7d
SHA1 2b88f96f1e42035812c19cdcbd065154ed68e31d
SHA256 5ef490862b96a2dc3f8ffb9f1882061c4bd5e537a0675b6a506e5bd9ebaf36be
SHA512 4a2ba1818feb0657b31e9eb2edee71c2ee7cc15ba534f74f060908c9b2f98aec297d78a69ed2321f48c188e574120342136ef5bdbf48c22d109c2189b0c64f4e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030

MD5 e41f9eaf02eb3d29d8e2189113a58020
SHA1 34bc13d184358c14087d1d52bacab0560bff06ec
SHA256 1a75695a70687746e77484f4dfc842f7263e28612fbd1de6fca438ba13e9d4d3
SHA512 cf272919effe4b334a8462c6a41b923968baa34b9a646f102f1bc6457b686b12fa3c73eaceb2c7fdfc61a673b820972a860aecd10b1a7b913ca1bf0533fee3f9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ae13c06250e5329016550ddbc705e70a
SHA1 1d33c516e5402e1e620d2483b74175a45111ef2d
SHA256 2cee0cd43d3285081da68554e5102a343c40f9bc83e922c1b953b74073e279f0
SHA512 f223c957d3121a64d5f420173a8be4e57a0fde7254e2d2db67b01928c9de97bb8a5143d2a7a53d2f2c9792d9ea975f42895829ca489aa1f77b97247faf7769cb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2e3a761a9c91205e26cda7bbb4be1833
SHA1 00f2cf18ff6da430dab49bcc8e030cbae2bba5fe
SHA256 f1f167edfd1e1c283adfdf61d0f324d6656ae894362d087f6b8c8dd2b9266888
SHA512 aee3b86d91011ff2a4eaf8ec3adb833d370aac51bb852ee3d9420f7bc096a51341ab63f3d993555136ce59c4d2d6f5c5d7712c20309ab5c72690f179135fc87b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\695c42f61090a800_0

MD5 abc51b87c08c5e554d23d7970f11b96e
SHA1 d142d11afa637f533fdfa1302b3293cd143a6816
SHA256 bebec5bbc410a1f023df136dfb56d72b20d37bda472ceb90cf7c7af499a3316f
SHA512 fad9ebaaef8edbde19610551e8fa01d046914850296e3d80bee1503539bbfefbf4b13865240b76fa228e94f768092e631d1aff2ae2e3f6547092cd3f941ce8ce

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\94ebe1630900d094_0

MD5 76ee73cb3b9c5cd0aa2ac97b5deb33ef
SHA1 150f89b302ca09537da06b602c88c62dd9960522
SHA256 6851433f0b2702ffc8d14f55f2f61410a00e8c21e1ee0926310d3e4c93fa57bb
SHA512 d342e1cbf4820087a6236840329a6effb044ef35071a9bfc703a6e19197a536b329e3d64cab6da2858a8a4c8a6880a7dbee8a47fa23286c091ced48e5e255e84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7f05d59e6df9a390_0

MD5 18c912ff2ad205fb7b60a9b343c6577c
SHA1 ad82d0fdaea7cbad310d6a830043316b3e754048
SHA256 725c29b0e5751325430748083a17d72184f51718ab6facb394b902c4cbcb1550
SHA512 fcf1415872b1d93779d685b48d441cda72893938604e645e7442785517dd6f7ff2917ff25d15c5c4e345733063e83d06df3e75af84cccb893b153f712bad6cd9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3071040e6572bcd6f763ca4f6e9ba56e
SHA1 8e894854e900d56a029e50e24dbc5f5a55c94ddd
SHA256 c8334c07110f6b34e2867229e9937c6c1ae8eeffbd3495cd2ddb8d5a148437e5
SHA512 f63db8ff45cc83a213f3697d54a0032f9af9c1ba4a1e3a3886d28734a1912c5ff2fbc78867c03a6059ca7fe6ea92ebf21dbc8a737221c3249448bc753bff8483

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9aee5cd509922cea_0

MD5 7b6321832cd8de3bfd3865497c5e30a1
SHA1 7445a631087f1a200438ef5884a073a0359a07b1
SHA256 275cf19768121827f379bff0d87f7dc25caddafc68fe7506316d8c454a3c5f0e
SHA512 3c52aad8a7b284c8296c70f6c8826aa506636a92ab439635ace6c784ce3e63c8c54274b5babaae25016f94bebbdeadc590a15cff0719c56bfdc86a58d7028bc2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d00019f29c31fea5_0

MD5 81587995bce4347868a30576c609e853
SHA1 10e5f60b9324e45409cfb95c62f703dcda84e9d8
SHA256 2c81df34dde84fa9525978bca7d74f3e50ea50041f7a3c968bff77a66c21bd2d
SHA512 17f937e5e9c58c7708315f26b8bf9ab4c169b0bd24c33e77d98ce09a69b45e4e8ccc66ef5586b08b06ebdf56e13b9adc28231b63948e9fb917e143bcdd47de31

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

MD5 4aaf352216b4aae35898feeff0e996f3
SHA1 03991d70170553ffcf258bc20d3c618ea5ed0dfb
SHA256 9e0d1960d3ff82f30d583aff3e2aceb668cfc479db50714189491d4ca7465d81
SHA512 b5a7974ab65a62b32c8b75ce636bbf2313aefd0761b636023103a301f866d84f9b7c93a6e1827d0ab7cc2562d03e77d4c461c69efeaa18755859c966c12a7989

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

MD5 ebce32f8bcd4e7bef4e8b3408690d358
SHA1 09a7acb76fa661feb223d7f760d8af51d3a92b1b
SHA256 a0372c67e9a31fe6044df37bc80370fcccad22f8ed33c7997071536c78758f02
SHA512 b68ba31d267b8009228e9e5e3182fe5430cc9e38e819f0ebee7cc818fdc22bca730affbcad3c52b3b113b2db529adde59de49ed04d0ad9285d0b33fb38a4b5b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

MD5 d2361268cfc0636be22a970f39231e8e
SHA1 3eb74a5478cda3aa0e82b678c1d18419f8351898
SHA256 37e69e7e7562da80b80da27dd708529ed2c112e3990e775a817dcc28ea2ec57a
SHA512 64c758831db992d296b3d37e5717896c1ea0f9cab4cca0c987355d09936822777a577b2d807d472e7b280cdee47a088b76f7d53b3a4e80e5ef9f166ea16aea08

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

MD5 286478ea6b6c3589b22431fd97ff8fa4
SHA1 59d6827731dcb1d54d9ad1bcfdc08343befa7934
SHA256 3f4f2cffbd98c81d7e26d3be0d38ccd5232e29dfcd1105ebf800391bb0212bce
SHA512 6a829fbc8d73d76897d88f6e680fc1d0839679a0f3f14ee6a48d682d954869eb341cab531e1d545bbcb6754444b974c6a74249441e90ed3d95e744764f025f16

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

MD5 87ef393508c40a8e3394ce84f7a80e90
SHA1 c1d611cac7a0dc89fd5d0e9d9c4c56c12d82d119
SHA256 70715a65282e29756ffdbb99263299983ae2a121d513151aaa6c52c3d9329f04
SHA512 a0626c3cdb73ed5a701d43100da913f4274bae799108c6bfcfc66568aa231c4f7b3d92e514ee897a2bf21af46c629e9ef20936f564e9f6c7eaa7556fdddf4acf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

MD5 8cb5c133cb61e7c991dac5dba9384177
SHA1 f6cd6198f4b3e8de725f69ede9c6274866fd15aa
SHA256 765124c5e5cae4e18d770781891b77f29778e0bed70eeebb8df76ddc6231604d
SHA512 386d9080d709b77e80b0385e7bc007bb3d7db9b9bd4a9c08f50b20bd2b8b6f46d44854efa2f88b8ab9a61c938629110e4010a5d65727e5efbe3e1a92e8ab46e2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 6d9a60e1d3ff1f6c06ad6548605a20b0
SHA1 17b43ee9689b9b4fe5ee22e728291267f688470e
SHA256 b113fe58c9ea649a3fcaf2cc39d92dc6bdf84b46ed165e970aed96f34e1f1c94
SHA512 b17acb4450d345d93ba75940da75fd28bdf8192310d456f8ecb58b0e73711fd7f191ab7ad4cfbfafafaeb9bde57a8d70f6310357ff657c1e673d5a55848cd55f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

MD5 6f92520c775dbfb051567c3564cf0c7e
SHA1 c51c0fc9e9ee5d31d44eef203773d205b947bd18
SHA256 eb209ce90c095391638b11db18b31244ece4452b0fd226f506b574e385eef16e
SHA512 5da1930ddb759e44af80a26d74639c8053a3f14254951e7eeb576f067849772eb58a9641a415baa39659687024e52666a10659221596a3c9867b14afe6a36827

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

MD5 c77891ec4593ee5b2beaa0dd5a7b0bf4
SHA1 de858d2200448b91f65dfb7184db550aeb580ab0
SHA256 3946eaf665521f7b5ef4e28ef4cdde108b97a64d633452985f84a9bd0d5aa402
SHA512 b0c5cf782bae4eb737dee3e4fd3be69505dc7da3baba75a5c5bcbe0130cba2d6d4cecbd2f524da4aefbaf954ab3b7255314bce2c5e9fe221452dad6c356c24f6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

MD5 b512c6425dcec86d2ab9af9d5958f806
SHA1 8330058fdba2b0f6f52a75509e58b98f41a95fa9
SHA256 5ca5eb25153bda0488f9cf88eca8433a12a01420604eca7989fc1e8911efcc45
SHA512 52c6ac0d6f78fb99c80437a087ba6d8522540644e2cb81125185a2fb6bd4c9906abd3f8cc18c29cafcec52aa5ebc2e33fac52266284e44a7d68d3866360f1614

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

MD5 cb97435ae7785464c88cf5560df10288
SHA1 971baad01a4b23cb93ce6c769d6fcd7a32df7b12
SHA256 6ad7577ffe25d8940f03890d9c9525455f81b6f56fc2a4df9a2c47a84fbb8df9
SHA512 4e05cf1b4ae953fc3325d8cf46d4280fda2dc320b1319fd9b8f28b1ea73ada9919a7ac85503b2b5f54853c86bf96ce9db7a326f244a43b8693aa95e65ff54832

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

MD5 072b3b80721bdee8ee53208d9178bc95
SHA1 d4bacdfa6694e2ad81ae4e33eb4d27465dec5df2
SHA256 8b5ce6fd837798af2eb804bd78708430658586407efc14056e63764abcddbb55
SHA512 b0f5f0d56d1cd4221b328449190d7f9551b12305cbdf3d7471e0c5be6e29aac7e60bacfe610894fa291164f3794034d9a463fb6e163f2946b2e7fd90374e0939

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

MD5 05be9ede9e9560d630263eecc17ca289
SHA1 c32f10788b4aa2aa068f4f65830ab6db851c6150
SHA256 6588399494dff236dea3e742f59689d15907f8fe8e2d304c80cce36c73a1eb17
SHA512 c48253b720ba08ca3ccb0c61f2b4fecd085ad996bfda68c51e6d4a2ca3e7a59194e8815ad528d8169d383c3f5f347da2ab17d648efed00008c3e84cacc49bb46

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

MD5 0300bda410bd0e56b8d166b01bb17a30
SHA1 1f0e4e481da760ef7d3faf3c78a0662bcb8ebcc1
SHA256 ac8dfa92cbd6594437e825eb4ce094ce9a6c0624a68ff5b96fdd4cbb7547796d
SHA512 567095918291e4c0a99cfeed429b018112e4dd68aab75cef87a64d575ecbad08e388c07560294d92a259ebeb7771fbfb1033b343701f14601605f95038324e04

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

MD5 26107a64dce432db081ec2e935473431
SHA1 ea52c078489929ba9d4647d1c9dc3538138c370c
SHA256 58ac9288c04e79600ec146f502f071ab8375bd6e1d710fac5996990ddfade326
SHA512 094df38444d0ec56bd61f3e9d9942b5b4c8f1ff61823ec7fc2bed57c5d997201162fa6311cfdce1f387496b7d409e8d459d7821cef764823d6b51c51f43f064d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

MD5 5f641f7f081088a82749d2e785d2dc6b
SHA1 c64256398bcd65dfab1ddd9afed9a09c95bcbdf0
SHA256 06cf99bee9f87d5e5f35368ae71756af632afeba6a72861571d8181f868531e8
SHA512 73575cd02be6df4238afc55e32bdb287426350437336810dcd85741d175f84a999c8039ac188a21264c8f63a69c00fe324a7b3d952d858c13e4c4d61313b5759

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

MD5 efedab56be5fa5e0487d0521219af25c
SHA1 71e04c4033c38970afd949d879e03641293f5a6a
SHA256 1682492bcb8defe661a1df9438b49c84b96dcbed42a316e564e9424f13c7ccec
SHA512 d92e22f58a7d72d3ae2803a47e40842f143c219b5e90f094b3087adaadc119aac10eb3666f2e3f2db95c54a756ff581cb69db60649534969001dce80c725b6d0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024

MD5 41f09418c59f1106786cc3d3bea22eb1
SHA1 0563020f62a102be6851259290e5a6d5f69cd8fe
SHA256 97297ee4365f7949fa36e6cf78262f7e2b949eeda3005d08cf2d4bff58779786
SHA512 7ae744985c71b6ea5a655b83cc41f21d3c7c6c315b8dbefeb6fdbd1c97f9b80a9af4574ee85799aa227ed14c06616135db07c2e603899806e10ccd787093b436

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

MD5 2113ed0c7e6b68c3b92e1d983a96e6b4
SHA1 5c3178b01349c60d37f09542d60ee2635f56ccf5
SHA256 90a68bc611c148aba4ea11b082891ae55fcc98440c8c71db4df5e0e6a59b5815
SHA512 dc1a61c87028fb396293d97978dd8c6aa2c86a36c69f3637b9814592a1de39612f0a8200d36e6f70842b28c38d76405900d865f6f9a2333fa0164d06941f8b7e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025

MD5 ae7efcd9a737d23c4fd032835f8e6d38
SHA1 cc12de173b5060590767274a7150a0b2101659c3
SHA256 e3dfae5df88fceb83c55811b7c3d1a88c9fb1154b04273551414106bf814f309
SHA512 6b45abfd12be8991131efa305451b28f7181b0b3a412249cc3befffd4ef05328e948c0dcf11c2e6a7ab0db4a9f13e0d9519093dae87b05d87937b4a33395f736

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026

MD5 2103f8fe917194fd59c5fccf4b6cbec7
SHA1 ce26fc01808c3f46226c6a3dc68a731c820c4124
SHA256 26f15c8b8478f20ab5a5583b1bb3c32b6ee6107189e8492422515effab101640
SHA512 825ac0be04f3cea15f1c3e882abf8ba0576673bb5c84617c306073cefcce03a9f9e3b45a02bc1b8d6aa98cbe028bf57af050cb010b069c19ed679a5864a529dd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d

MD5 f36cbecbab49d40aa8fe27da157a7e6b
SHA1 f23804e97b87753764c23486d975811c172908b0
SHA256 944e255c6ee01367d500d6e11a6b5977b143a2aa50a2b627dce66d5ec76bc871
SHA512 908f474a2b36e1ec673848421b56ce81ed7441e1f3bd35898d807806252c66c5456c1085283a9ceea909c4ecf0da19bfaf4f2975be229f7c417e55494116fcf4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c

MD5 ae64776025e253f46310e17fe0265289
SHA1 99dd85191f26c9a4ea36143880bc3a29a211d874
SHA256 b720ff6e99248a7a4b9be8e33a53718061a1533e807b31f66d05e8bb4cfebd98
SHA512 ebdf2f851632d299f7a4f4230d2a496b71b394d519ede8997ae9d4552167eeb9831ee0e34e918fccbcc645fe58f6fcb7c68a0ae1fc6541e3c17ffc1b5243edfb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b

MD5 79fd296199032ace431839d0ef4e1ec5
SHA1 9fd49bc16d00f6f0c331369c575efd9e9499faaf
SHA256 5ee06a8ecc73414a540ddc716f6ec1b1a5bd06e5cf2f2ed02eafa8908ebaa286
SHA512 d769c0f9efa14197087f574ef619999c6d1d5526150874ca67a5376b5ad8d14453b8f94851418743a43594c5f3b877b971f6659df39b5a4b6349cf488fcda587

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a

MD5 9442ac17cee09cdc8b9d322cced563c5
SHA1 1400b925cd320f002db17f161b97e4ecadac6fa9
SHA256 20e89e08f934ea923efad315eb6bc3c7dd6907aad43534a09972e155fdec9554
SHA512 90b12867eee77bc040a41c432a503e912e003de91a6ac9b7713d3a84bb7cc37c9e460638f6623bddc8a8981e43ae562ee242e09abcf438e2df3b732b6899e02a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027

MD5 083c3b9658cf78eaf5384f06ba1967c6
SHA1 fcd0747c3149faf7c1af350f2120aa2b21f98d88
SHA256 b64b73ed041731ed0289add3208d34c48e23e9930c6f7ba1c398eb12dec9c06c
SHA512 3a9aab12d6bcb11a29e4bd0538749cc9516c7abd0eb6047d9e4ff185b997372d536f9ab84d852e31ee65bc58faef55a5552987b61280267c483ee6b462b03e93

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

MD5 ee31c70a867190c68667e525402e3950
SHA1 a2f976d2134b0b45f85b46c91a714c0dcf3b009b
SHA256 760b545407f1072ddd253bd5c1563059a1d96c14722989c808c2a514cf9a5e27
SHA512 abc3749e5233673e8b71c20681a57ee8e8becd29c964daedfb90b41304ec94732015fd06ee446fd1e1f6877773f1fbc810c9222be49deb7083621344ff662717

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

MD5 5a751700e1a23915f9f9a43e46dc2ecf
SHA1 62e61846434d184540d469ebe110e6d05faeadae
SHA256 79f6f59981a3e9535d4a4cc71be6a7c4eb2ce2c98bd3dedd14c8a5dd8f680fd4
SHA512 9b4b16ceca821383d6389cc02bbee320244a8b3c8938fca1e37449fc15106efbc74c8f05c47fc635f2e23265fb6e052bfadf6d0b5be0b39323023f5a66b91686

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 01f399ddac92af5cafee2132c66b80e5
SHA1 1a5739d36029275eed6ff27a9cbe0a2d932d9d20
SHA256 f8b12fdc5cf608d83a1902365d52712eedfb347ed5fc9732c65999ebf67bb09d
SHA512 9ecc05a62ba272eedde742f7cb2fcd61c432fe9e8bdfefa2f52011192457fcd6191b4caf5ea78fba640851688538ded7a2c364fbc94c94352db5efdbb52927d9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 146a7808474d6fb646f13f80a45034cc
SHA1 05a716d71580f851d4c8dbf400ab748dc0dff3c7
SHA256 6b61561c50d067dd0db621605c6e45c618703c68a809887c949307ca456b87e4
SHA512 be635c80afce0d5706128a1de00a5db32ffceba3d714556ea56bf35245354f1177d945e7c07bc74205ec303603f3cfc1df16df51017fed9d045176b5ebc61c77

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 032042e5e99c593863e24ad249f8ef70
SHA1 e8e3fd338389067145e74fcbac56ccefc9110876
SHA256 e9bc41d31161ac90354c15878d06b1b2bf1d7627d005f73beb8f2149a00951bc
SHA512 10c826c8fd2a398dffee53ec325d55b677d8999f03713e56eaf535b30c0e79642caf7e137ba7a4aeb16b8ae56abf8b7848a2b7a022483cb565e3c051bae63aa6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 cb5ecf11fe3dc63c43cb6c63b606d913
SHA1 bc0c553e8d0b4d93541fe32a90ca99a267ffbae1
SHA256 c2810aa68dc7aef8c154b75b6991cde05c02d45f4e142305b7410f694afc243e
SHA512 08a06647e6ecae74c5087620161f0326eaf36ab490b27ed93e72d278f8402509f425bc2a9978e7ae1d70893bec160aa5467c0b6507fdc2f36e5a8bea72295bbe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 70c436297777bfe5a8262e466933e059
SHA1 e181424c71b6bb754e5d9fb0c7857f16c40cfda6
SHA256 62ba9d4d3eae91d6a728e990fcaa75c4efbf0d9cd6ff79c466a1b21595c14afa
SHA512 917ce9aedfe6f703b552f38b970237f00d7303bca58635ec9a92ba6946da15443cc8b3a17d0f09ae1f837c6a37244be7161f1ffacddaa00753d427112cbe29e8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1e3cd6bd4e548059aba91dc74b0eb7e3
SHA1 c1b670436246921d0f6dc19610281d4a714ce755
SHA256 ba427badde9a846f4fa518dbdfbd1ac62b2f2226b4634644e1cc31aba943cfdc
SHA512 4911a7183d37b9d7bb40ce4694434b19ffb5a76d8dbde32f80ae5778c50786bfd8e1830c3d0b2ace20c6b3182bb2f34b5a50c2b29edef945f99ab39b9a5ffc27

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\f56bfb986dc43b7d725c421f76f49d3c8fb9acfd\index.txt

MD5 bc07efb6a1793b4ea7036e4e1fa5ab41
SHA1 8c7178d89d87c8f11fd72c30cd5c74399a72d70c
SHA256 c66578f5d25571060dfe129e508f83437799778225eb73bacc90f940a574d347
SHA512 8dbac0b923e94ec58b49d68af348e1e235535c1830bb778d868f420495688e8db38e86dca67cd01edce4917bfab45fe917f76ee804f65b2c3c87eb381c17aafb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\f56bfb986dc43b7d725c421f76f49d3c8fb9acfd\index.txt~RFe641d4d.TMP

MD5 543042c13f10128e0b21b4be335e8c13
SHA1 29f27b79e06ba7f740b951c3a8a85b00300c8435
SHA256 1558bce78188891ae5b695b129a586e966d0afb5c0c6765cc6cb86cde5c0001b
SHA512 3809dc6ef3e009a92aec4b1865dfce1f7fd30083145da50e1c72831615db38d11374f430b120968813a6a00edb9b0794098f72eb82ad64498a237b31d7ced6bd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\f56bfb986dc43b7d725c421f76f49d3c8fb9acfd\fe1c6654-9116-46e1-9682-045d9aeade0c\index-dir\the-real-index

MD5 9d48bfd5e4b8c1d7fea51752f202ff1a
SHA1 19e4b40a76aa605d2e08e98b6521caec25503035
SHA256 b5ff63eb8385469bdbc363e4128b5c82b9cbb306c9fabe27b5ae971aca32d4b9
SHA512 38c9b7e86205aaede32456a4b670492f786d41e2c1db1ff2acc6a22c69e515406cf41fe4d8c10cb9c6feec9956c1b8d32b1f702e6717b2a743ecea97890d46e9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\f56bfb986dc43b7d725c421f76f49d3c8fb9acfd\fe1c6654-9116-46e1-9682-045d9aeade0c\index-dir\the-real-index~RFe642f7d.TMP

MD5 b31eb89ef339ecb16254b3d22a6e9e11
SHA1 21b9856b7d499b960a5829768256d09b8db613ab
SHA256 941e4d505c22d02afc43322a880ca837df612c90808065a7d4f84ee2a70bd3ef
SHA512 7b65469531cb4947e708db0eab2f0fc7714aa7d531b416c8c2a4c07d324c4034d3da7903064a1f71bc3680bfc36d3d82418b687bf14cf37ac779c71c5c16a6f4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5f58cfa6e95e26b4f0493c7ed40e364e
SHA1 e29ba4e78081bd0252d08dc549274cf85203cc24
SHA256 59406d8352c05d05744d7e7d644f8847dd4aa7cd62307d95d2c28f3922d74921
SHA512 97482fc8beb495937cf2cc0d715e2c4d29281f975d0c9b22a45ac43385cb01133aabde9ac01b79b77f9655ecc3e69a6af36bf7bac0708a757ef1d188ff66c749

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9587e245ca7c6acc47821738f99d9dfd
SHA1 ce099d6dadaf7bba8e5e6f32440ed46cc442c134
SHA256 cd66e6d810316c85676d4b48639c99bd61128416edd88addf091f759012b8f1a
SHA512 a23817376468dfa57ebc1b22b78ee025e3c251e867e93f15207d3332ba76a0691c8b45fb2f95ef3ee692d14c8926f1a4911c012a8ce587186d4ac2d9bdd96df1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000181

MD5 9196e81f8ed7f223d765423c1f9bc8a7
SHA1 88f9d5c2a6908cf36b8daae803578ca9e1fd2929
SHA256 a4e2bcf7ef3c6c614c2142d3c1fd44caac4eafa86a1779ac31cba164e2d89cbe
SHA512 e7d23866fcac017762d2e2f18597124e9147f458d30038f78ba9f3a2bcbe479fe4792573894370ce2d6f93a00401231d9f01955fde351ff982a82ba87a8241f8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\f56bfb986dc43b7d725c421f76f49d3c8fb9acfd\fe1c6654-9116-46e1-9682-045d9aeade0c\index-dir\the-real-index

MD5 81f24a661bcb426e455c9659858ce4bb
SHA1 de6a64248916d5c7d2d0fea03f02099adaa5db2e
SHA256 97e5f3edbf6c8f161d21a24591ca0c2bda020517f9a79cb5aacc35bb34f14e74
SHA512 c75de5657dc36b4aceb503cf1a605510d4540267a012bb7ff8ad7a0380c2ce3de8dd582e25fb7b9469a18688d988883502a69bbbcaa216d344ccac72e979c90d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000197

MD5 41caba792bd0815c50d2586663a2f6e9
SHA1 8ba297073f4502b840d2c5f0a24ba9d515e2dd84
SHA256 8dcaaaa16bd33e6cfe7af170332ce93febfc6e8e7d1600d1465732e4405e08a3
SHA512 0a8753df627984de1cbde85ab8b8fbaf49f9b76a5728675eb7973a0f072d31f00a4b6df1b9a459d3bc6405ff92a70acf9d1b5393daa0c1a0d34742800cc9c9af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000198

MD5 f206f8337a187dc42199ff6772838d22
SHA1 cb3f334350c77fc705d9dc3db778dc1b4a03af0a
SHA256 40163312d820a039fbdd57dfe4de9036a06c844474c845f357451706b7a20f2e
SHA512 97666a93f1a12426dff44c283ce0fb3da390a557ed53d02d5c79387b346d2f2bf77d0ab89c7d138848bf268330391119d9f1c8ea5032a93486c53c913af0a651

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.xbox.com_0.indexeddb.leveldb\000001.dbtmp

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001a7

MD5 6a7e80f113f5443cf703b9c12e918698
SHA1 c6f868e38409627ff5002cc3416cf8ccb76b07a0
SHA256 9a3fa5ea136948c8fde46abb0d225fe6b894457f408077c931dace5705363899
SHA512 9775dadacb1284f6f6f74bcee7846e92f9615d4de20d46fe3d194d7af984fc28f72e28682d3921e84e673b520801b54b1cb307985823b84a623827f1ba42467c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 cc8a55f5386fd6c09a1f4b81ac9a1e85
SHA1 262cdb14b3fadf06380551bb4ca376857762ac63
SHA256 c809d251a3c819ec0d89c649562b7252b25051c68ada97bcf40845f3055161ec
SHA512 93fde954a356f3550d0bc6b9cdd16f12859950d30e0ffdd676912265670971507134859a94e4bb9725101e2c0cde3f1f60b3499853cd0b3f2a8da04c748188fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 216d84a2bb49216d3dc3344354368a82
SHA1 c1494fd99bb2631ca2d038a554a0c9da4e74eed0
SHA256 20a865fad8531aa59333d1dcff38995f8f4ffbd7daf29b278820773ef326af21
SHA512 9d7da23b5cdae4c4e84a697b3c72f3deb8004f8c7401ba418f7c17ff0ebf29eb83e811bc36cf521b7f46ce7aa375860a4444e2b2cc77fc990513465bfdf18254

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7d2a5147cecc6e0c1c08c0c870d12a82
SHA1 9c15277e5d777ba01d39777611b4fc4c2ec7e4fe
SHA256 7334b94ac6c5d00a7ab30b5e2a24081712bfd776220cf06cfcb946792259f500
SHA512 426489fa0cefe6daed567a89be45c7617b4d0e045fb50d83d7eda89872ad675817e9b94feaa3d8251d91221a39ec12b405304bf272756f3d97a65974a4d72e97

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\f56bfb986dc43b7d725c421f76f49d3c8fb9acfd\index.txt

MD5 b64ae536e4af4dcd19e1def35291b39d
SHA1 b32ff3b68dd63b672524751ec199e538da6e9373
SHA256 ec48027cff5d00ea39236f1a6c608384ae041edb1bc071aa79ce088af81ac8c7
SHA512 3f74dc0d09cab63c11743389cc00f33eef0cf4a4567cb225d32f04dfcca192d61d2415b32fa4825b8d54fb87420f2c0c8cf715e2b7541b18952d779ac4b95ca7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 51071095514c90c1594c21f8006dc52f
SHA1 241808e0c371e3e549ed48994c5bf3d7dd05af62
SHA256 c58748cfb38c1ec409d5447004b60cda3476accfc232789ccc4503092b5584d5
SHA512 1dd0a212819d09ec5e6cf83117b045fdda498ee57efb93833ce8c57d6353bab8eed6850627eff5d18c93255133b9f6ebbc37a374a8aa50258cfe05694871a80a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 751c502a39fd9ec93fc75d3cafe180a6
SHA1 85208a1236c4eb6f569dea70561da75007893e79
SHA256 a1a7d2a8197a779037bfe28c430f3fee59415265efd4eafb5a8b356c19c50de8
SHA512 5a12f59bf45d167fdf045f3bd9ce9cc5341b0d1efa823b0f21beb9512e1f1c398f22771ffe27c04c344fb55986e9fb911a605e0989381be796bf701a1b0ce435

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2b90b56e18f15afa9d3f1f3eacb5a7b1
SHA1 ccb4f1d15e10169b2c864621ebbd0cdf61ebbeea
SHA256 6c93e5e044a7bdf34cb20ba726c7b37e44dab073cd6f43ee50f42c6df4eda220
SHA512 e382bf3e4ae25c0e8f79219001f47cab038a448692d7d5077bffc341e4402b4dbebdf6ad9224a6ebdccf415032a6e761de41e69b6881df4afc8b48e3f2f4d09d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 f612d1d35ae5675ce1cb1d415b94f7b8
SHA1 9b57ea69ac16e477b48934a7b2c52d6733e13502
SHA256 f5b02ad0729998981ebe40f4ade76693240351c4acc1ff6c66ea600d45e2d363
SHA512 eefa2b65277a62952d149e78e9716e257fb6401ad5c9f66e01b5be37f11f07c0937b27308e3f6ae38bf074cb51042b3ce6826c6ce4b82539bc4ea2e102a895e3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000183

MD5 29eaac1fba80c4e64c0375cfbd311fe3
SHA1 053df3e165881f60bd082584ceae39591a1644ee
SHA256 48754f26c6af481faca60910d468136f1106956f2089933c1a31834964e8457f
SHA512 fe181bf99f5b11a7358e9adb5b133d5180df41dd12133d3d9189613165374d9a1f00d879f22698502f1e63f9361143a73ec3f468ffaabc5b87e041d9eed2a3f5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000184

MD5 53a4985557123a5fc2ec4bb097d86c44
SHA1 98bd62987a0a6bf48997e72c331a1e1973b46d45
SHA256 a46b18dca32d5dfad0e1806716201458ce8395811fda566149c984ead389b68c
SHA512 d28cce8f168822982bd3b79902b261a62baf1ed4cce7e5a7979d98ffe43e049e36b12e60407a23ab86760270c09cfbefa085cc8e5be4a458794ba130c8657ce5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000185

MD5 dac3d2f60c6fb2b86a5b2c399c3ffe55
SHA1 c7ff50225cdc68dd9d133fa8f4d205eb11bc2883
SHA256 082e2ea6f22284d1ce1bc2f9c24b082f0c5b6a52ca431d37d19232f0dab23181
SHA512 0ad5d9e44ded1a083cf9dfb8f67639bbfd3d8b4a8ea23ce0cd708a582538e4025701cc62cb17035f6ef9032f091c5f7be722e0eba9e86e33497e935d624f4f00

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000186

MD5 ead31a92eab03827862c710b75885e4a
SHA1 95e163ea71888926fc238355b6e9486e211fdf5d
SHA256 3f58eb97cf8305f178ca10d7a813348695f5e329873919b2580ed7791aeed491
SHA512 e02788f4ea0fd3c023357f3975b109a15761ba03bb0d0e1c6cce8b1b11be415ba144e363ab7825e81fca5621048b9f719e45ccd57d566b60e84b82de0bfce358

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000189

MD5 c49e6117f0a3e2cef8353178a738ea62
SHA1 89c8c53cc34d0f3d697d248487ef3675c26842b2
SHA256 c58c37860e97a613796b210dcb59dcd418bf9764286642e045d189e007a37827
SHA512 fe3936e93facd3ae97ac3aaf6f89021728fbc0fdcfd38c6863dce3b2ccf94aea063a2bff8811ed192f133498ac4b7b513263526101491ffdfdf265546acd05a8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00018a

MD5 48e394ed70ca9e9e14752599ad8c42e8
SHA1 fecff4cd421a59d90c9f65314bcc45a87a0b62c4
SHA256 bb911b082feb636155088ec24da2fa493c6079e8fb74a60661ad647e8dbe3a16
SHA512 b57d4bef034c422bd5dfe0318d18f0e33856df965e9293edfdafdf55f21f750f7b8a916a4e5c02df85f4f24cdcd02ec57ff09ae939179e1e636f28e8e8b1ab0a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000188

MD5 5009982b60a0f93eac4c1728e5ca17e2
SHA1 c0f932d333b91a4b971a52ce88bc96320745064f
SHA256 2ffc0ec332938cbce14008ab246c3d918800189aece932e92bedd8adb8332fe8
SHA512 401dd0a45c177130628787b92a17642783d27b1a977833af4110d81cbf2572a159a371beb473baa07ad38ac8297551aadadd2ebb80401a73acd580fdc03964aa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00018e

MD5 e51f388b62281af5b4a9193cce419941
SHA1 364f3d737462b7fd063107fe2c580fdb9781a45a
SHA256 348404a68791474349e35bd7d1980abcbf06db85132286e45ad4f204d10b5f2c
SHA512 1755816c26d013d7b610bab515200b0f1f2bd2be0c4a8a099c3f8aff2d898882fd3bcf1163d0378916f4c5c24222df5dd7b18df0c8e5bf2a0ebef891215f148e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000196

MD5 3220583ce907038d9b03e162bd6d46d3
SHA1 b440b9350357dc506a12439a61811c1665592a8a
SHA256 caf905f82431f05cea29f3392d1ca779ffbfa8710356e6846596b308e64493bb
SHA512 9a66e4b481eea3fd893c113345a0b929249e43ac3a938c65fbe477f1d1a5c76f28f82e7304ed1070419073fe9992a0b198215be6aa2f028f4bab9b2a72a53aa8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000199

MD5 568a85fdaa4b7cea550e647bd0e7e044
SHA1 3307b885bcb4b96e0319f2a796c7aaa3a2671e8b
SHA256 9d8b07a507a1a1106c76c8b4c758ba922ad845a819e729bf8bae2bf5c6cf5305
SHA512 2da7669541b52ecc5806a6fde801880c55532b61f010e140c4efef0235f3a09cba1c4f9daf8f7976fc307fa00284c97190deedd5544b787390639445b7df210c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00019a

MD5 fc91546ef95892e2981fdb1aaca76566
SHA1 b02041401b57c3a629a7934851de6e5a122eacef
SHA256 c88faef60f43c9c19b1ed706aede54b48a44c5c553c292e290bcd4fb7a76fd3d
SHA512 86786e48522103ea28afb23cf2932284f2e529237838b9c504c5c363628135803acc2992ba1d50d905a56a9d7f8c6ef06694cc9dc162fdffdfe073ba7f2cec67

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001a0

MD5 1bc34b40a7b60e46c3a69786ec647e23
SHA1 ae91163e7dfc5c63a35feedb22ceeae3410f7d07
SHA256 5a4b9cb88b036947e02c19352ad364b9cb0f5ffb1f161d186b217b4a126fc7ad
SHA512 be4d2f72e91498fb706404af841eec829f34cd4bfb573d8e86b200f28cab2ac6d04469667ffc8690c18287e1ff1cf43d00cd3832001d6c58df7471730b668403

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00019f

MD5 d645519d91dd680dd5c32cd4c534e88f
SHA1 ae578861cc7de4b71663ecc0b335aecfd3185871
SHA256 debc2d3cb4ff5eacd5ba8c5f6f5dac0b8ae2a2f7f13ee331e9b255e0ccfa7824
SHA512 13791d667320cadb2465b2fd78851898c96fca93a7428ddcdd153658ad4d30c4545eb6e106f73f6fb5b3c3027322df327ae4117fe481c2fbd25e5c914b8a4c61

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001a1

MD5 1f2ba708623255b82a5c10d4808c58b6
SHA1 948e17bf0c96ebc9c9c73f7b3206146224e026ce
SHA256 a799493e5b96e95088f2630f7e036ecd6f7e653ac808c63768c05ccfe4a6e61a
SHA512 f139da62af2f32b7fc123ce419cd08a874ccb79c4f18d47c4537060c035277998736cccae9ce946dc27089ddc716783f45e3d3ebe9124004692a81a43fbdc948

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00019d

MD5 9a8319c5a45db0e058334f536229e9f7
SHA1 e3e7a692fc7c5be2287c3b8a9e04591786ab99c8
SHA256 4f687603ca42713e0399aabf91c14c8b2a9178e3873bcf71cb7172f41ee99f1a
SHA512 0003675a1b944e775ce50b51a18d8f12b8e8241f5ee3888582d3819f6dcb46dbffc06448efbe73478e210bb8f989c44c43b6274c4b75ceb27b3ead97a8030d13

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00019e

MD5 7b761b9e0d515639947b13e8a8173793
SHA1 15a3b523c1c462c24781b4c4275299f22b09d451
SHA256 629969866b0e874dc30f3d4d301bd75b357e603865188267bd2660900b4e72a0
SHA512 6531b515053862a73804ef249cf83cd71eed53bf97c7c1cc1905b0eaaefd9e081a20bb1b8cdf11b36df99f043bcaf1e99fe8a8c7db21574f4eb7085b1023bd50

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00019c

MD5 b62d1c9ee7c613527208162a7ba937cb
SHA1 febd48f346ae83da695ce5b3f87c58ccb9c873ff
SHA256 edb241dc3daec2ec95ca169100aa2dd73ae3db3984d1d7108d2f39476fd691d7
SHA512 4ec01454eab94dd0b97a23b6d40be8b2fc4cc725f2c1ffce18e26af4b7637fe2b1d07676c21fa4bbd8276316ece31792e8a9c2e092ba7f1f095724f6c74e76f2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00019b

MD5 634ebce628b5d609e50f8e1c7c002bc2
SHA1 e371529ee2f5a3171efdb6fcc1b1e8b5dd3579fc
SHA256 81c9904cdaa5094312ac624a9c25616b15c3e3fae58bbfb0809d5375751aee14
SHA512 5ab05dbee0c5129c1a10f26c86f1caad0e91fa15f1b2fe613c203eb5649960206b1259ac2ab7813cf6f8c5465dc4b75ec35599c7e039416fd5d80e98b32f0103

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001a4

MD5 37d3c6ea334ee8bc9b5df1ca4808cb8c
SHA1 86c18670af07f63a92fb16329574938ed38c1c3a
SHA256 2fd9993e82266191fd2257692f245d35408ca832ea53fc546fa67dd97253456b
SHA512 7a57e945c96e73fc87cbb7b62668fecdbddec0689d41ab472e66e40da53573153be1548718644765337c5d5c23ebf6a3fae05dd71ef9a7f2b3d5aedafd1e4514

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001a3

MD5 2c6c9d895398978f43383e8e07b93ae4
SHA1 6bae748aa4010876f06cc365d7ac957eee0a8091
SHA256 a0532fd3e4633c0b90ac265fa005cdc8c279f78233b5116b3dd3bbd8659f24cf
SHA512 1cb7b6905cb6c3c6ad34e2ad88242f2f0f3dfade8e77486befd2da656c2c66d11c438ad56fde72b5fe87fb9d6da7d0164643f06d8f3a239a3eb36218f7d96eed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001a5

MD5 296d53f560346b54ef54104844608b87
SHA1 cbf5581c9c2c1f3bbe3acafa7504e0e3d23731db
SHA256 430c0081621b1032b31488ea26371e066358a4bd0131b4b81df05abba0c1b069
SHA512 56d0019463465c47f6c1f070ad22bf3258d167f56c0351f4ba73b26be5efc54b7d38ec0d711f71c3601a220faa49b981bcaf864ad30401a047a4107bc6bb3009

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001a6

MD5 39dd8b13afb31b49f6c45b85ebf996df
SHA1 2094eff43d4b864ba55383180d9be3cd8ad7218a
SHA256 d9ccdcd13c82717863476a39af8c77c2af0c0854b647dadb6a5eac78d3b72913
SHA512 60340a5a493943e62085150844a110d623f27c54c3abe7a07109ab841108351c4cd83ddc1b43cb71a62d543b735c83875d9b59e8f1b5aa0d33f39b051e34f2fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001a2

MD5 c7f88355c0fbeb66a359363e275f55f9
SHA1 5e6ac16793f99dd84d302d8aef7157fb3b88005c
SHA256 1d6734eed2734e1150b153c9bc950270b21a366725d07db7ca67f090279343f2
SHA512 d01937f80d4398770870d0247cd2343fdad94f55c92106a451e65df3647cf4771a135778461222678afd47f0f647cd6cccd3d3bbd67cd01256be62063e6d8885

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 140da2d91ef4604b023cb52e480ea60c
SHA1 db39d7407a5524fdacdb3fd9aa7a2985b6291164
SHA256 9b52d1733c7a4e36db96bebad023cb24551b652ca114d6324efd280a1cf46894
SHA512 54c5ca76f1ca5139c6e4a1230ab550d1fc67b8cdcad01566603a2ccc1ee4204277dac14f94ccc188314a974040e43fce46843246ea3908dc41d37123a1435a37

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ec2a843c606b8f10abb6837b388b5f2b
SHA1 932e715326590859f4c451dc17cf6e7b833a9739
SHA256 730fa004096b9afb231f80a2189b4b81a4deb5ef3dc3d9bc023a8a3c79e54814
SHA512 c311f31547e4ff197ad6d2bbe87fe8d47f6249b2e24453c7091e333a5dee402b5f696675c750c20e96ab8c21a514da9e14cc13d2552c06c739ff2aeac3aff740

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f14f91478757d999bf91e9616c1f9bf1
SHA1 30dc1f704c44439d63fe05db1f7396ad47ff530d
SHA256 d36e631af13faba6b53b2577b1ca8a2b6994b203a4d5b24dc73bf6db26f8beaa
SHA512 4fe68c10bec1b7edf115efb521fe5988efe2bad2bb7f6d907214ab43556c28071c09ed1d599a50a42c58272f24ec0e1901a4124c16236ed3999010107d13d372

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001c5

MD5 05cbf32b7dd7fe8bd729cf3499b16c54
SHA1 127749bf6f212e30b2fc4aa729b7764223c5ffe9
SHA256 395821d8b6da25076094582f49e4ed94759450630e2669cf8b5bfa77c799b575
SHA512 6d89112f117e3db571fdf7f0ed40a554f41b60eefa1fcd9806ebd4573cc2ab7f224ef25bb3900cc88bf80557837d25a1a16b40e82620f3b3f147b5db01b5d763

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000187

MD5 c40c0b69bace7c60521d8940eb7a2850
SHA1 922d940adfff533b3623e37a917921837dbcd543
SHA256 6fb17cb9b4e7a90a368baec1219ea54418efe56f63205a74ea2bb3580cf03914
SHA512 9690b131ec0eade2fdbb3878bde9ea0fd455d8bc74250274856f083408adcf965ad3970e5ea2572b44718056546630200758e1acca68d0599b0689ddb3c3eb67

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 355174f03b61b7cfeed171796ada5023
SHA1 ca8b2fbc5ac41986cc5ca9a0227fc69aa3318935
SHA256 9b9fcbf41459a5fd2daac58297d3a2e09b19359c70e0b6b5ae899f8df6057e3d
SHA512 9e9c1229c057ebf99618bcc632742ced81c95ffc00e1217310985be7514da09dac64ffa6d9d3176bc33246fc6bb936f274d1a444ecc9b76850d7b9f872a2606b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000192

MD5 b576652319aa7441da5c94548c6db70b
SHA1 4f1c2dbab8ead44236e449084c519f30788d4ee6
SHA256 ef737f5f2c87ed6f1180d3ec8870e46e20ac4c614c9f76260873c5f879a19f20
SHA512 9a03fdd748e2d5bc522041369e07ac331daaa539a7c1eacfbbba144b882970aa4ac4d2e2e5535f5b0ac483ba738dd9d42b3ddff6430814851389879c4081c569

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\09c1f26e3818fc3c_0

MD5 44e52bec0843af404bcec84b9ac710be
SHA1 11ff86f9b2fbec811bcda3e7eaacbc437db3a57f
SHA256 8636802d926de4664625823e2ed650fa1363dfc27a8d93f6cc2408eaa5dfce33
SHA512 4a0e1afa0ca72478ea93caf6f1d989a2a561fb4d7effa0f0c47dcf9316eae1e3bc149f274959ff02b10c716a00c137b5ff2cc03c0f65bf92470f7ca215b3f10c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000010

MD5 a4e164f6a15386763f5a9915b9b2abc8
SHA1 8d499d52070f47a4084008fcb8874fb148994d4d
SHA256 dad5ddc6868717a6c955e0c7627f0f93adca70d5d20733c1a98324269fa19f85
SHA512 9ae0dc6c7638553dc8b7c99f0f0b5671901409b50c0cd7666b556a08cb979b4334cee2b10bc826a3d7ce435a84536a0e81d2fbc79104e29588c5b506da97aa0b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000013

MD5 6bc4851424575eaf03ebe2efee6073ab
SHA1 2d014fe2feb929d03a46322645a94556ca5c9e96
SHA256 abaded8e235fdf329521806af30a1cc7701eaca3fe2efccb9da760ec6d8e5e4e
SHA512 af3b7d93fa2243475d74d4bd7f918ce2706bf6eca28029b9e49869f5f793e483efaafdfab1fed6306d5fc77a5ed3b27097b27448cd04560bed4df6fa3268ccf9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_00001c

MD5 8feb503d057a1dfc7121b0aa2c7cc10f
SHA1 0d25b47e8482de37b7f615205b8a45162e1049d4
SHA256 e816b1086f600fa2096189c847f34de90dabd33b899de28ce199682eaf17c713
SHA512 a193f820d8719a47d6f52ff9ff2bf76c27ea3611e87a582543c8a55595af25cb3d1bb00913f8c2a4f2ed027ea2749717faf84d75e887f32610dce4d6ce105595

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000021

MD5 aab2532f8363e63359dbf0c31981f57f
SHA1 a21523eb85636a0455977ffe525260a1a8568043
SHA256 a6abef5f074c67b1f9fbee679151a4c705b71f054c98f720dfabdc65786d5d13
SHA512 7b3c4ce6574b36bf0d4e05bba1063798b525744fdb37b28ad6fc78456ef7d704677795ae4dd0d0eda0954d15b3776395fa931abf82dd4b64583c360dd9916f64

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e7ea64e6c69691ba73a76e8d87a88540
SHA1 bc20ef787dff39a9dfe7ff8a50187f971831b4ab
SHA256 277c81c87e823a16e36d9d3132a1935be4b8a9f1650da94f97429989f7104733
SHA512 a178fea8796ebef0432d860f115edcaac34829b9d563012eba8b4719ae83e2da4801289996e30c6014d42064ce29c1258033b66280c466dc4dd09f45bcdfc6d0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 976a75964692e067ae94038c5715c484
SHA1 aa46c4d794adc3ba3ab99cee430aa356597a8197
SHA256 f517f58a91f3742e6046b7ffe8f6864a06fd0557e6aa626f2d231113c5e8b824
SHA512 f3ae9ca7ff070a0a2a259024dc5575c1eeacbc350fe63ef217c4daf4e9f7d35bca10384fd1bc56c05c017bdf6fa14d75bbe1401d4c1aff959785551f9d87fad5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 50ead1aab1381e701edd9944047f4e19
SHA1 c9ae0ca7cae35213a2e841f2026727aa95f0a876
SHA256 711d8dcd41a7cdce1923bcb811c5d35b903a4455daa914ae43f038e6b7397130
SHA512 53d2bff462d54045ab03ef45f73372311d7d3f773346d1c525330b3646e8214dc3ef25150fe3467bd03719c5091e52aeef6b87ed3fbac54fb74838bf8ed9f515

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 2fce15f689e776bfa6014bba9c133301
SHA1 2bb04b8a15f5fd12094cc18bf54120a0da61d80c
SHA256 35d724a4afd311c76aa9109e6ab8da6637cd6a71b7994382f82fd1bd35b67d4b
SHA512 73e7cad407a1bb5b11cc44a8ee82ddefcabbafc7b4ca0ba3f25e1946784a7f148ab4d34806a9b761f78825261dcf568ed02833ce2a362d4a36208e936acf4304

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 0b304cc345afe973a9a1065ab73fdb2b
SHA1 54ff60bca34a5ac1f7d790de2a3e2f8f15a989bc
SHA256 dc444cb6001fd8c5e4d64fd202b4113e30ea1a972e77f7fc25edbcba5d740a24
SHA512 9d74f9e978b3ab1fd349d984021d2566d6226909166bf69024a89a623c43000553c97c140f6ccc76b0e7c2a0e18fb5d73a57f51145349bc1c04b18e07961c90c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 591016fa4cb71a5caf6f8ff1d4460f11
SHA1 24ca09f94a2c10d412bfbd24674f4e3ce59fbfa8
SHA256 ba38380b8ae1127d5357011bff9a61dee2f85897a4ed51a904976fb1bc0eac9d
SHA512 ce93f7276bd2ba886dde0a73c9bd10b26f0b26554d190660303a02c978d51f4691f4eb8275bad93141421c2be633326cc71990be23b153e21c192b6db089818f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 45a90eb003d36e2c241d099b401803a0
SHA1 7792752f0acc99a49e9ac5e5f2411f909a4815fb
SHA256 de7b1b765c02ed9fa4f74d19c7aab4fdb3734cfa63d5745aaad42552187bdccc
SHA512 8304ffa0609d0ccdff5a8cc29960077700f17fd14d908001a560c78c1c1e9cece449cd2403c6dcbe383cc6c9e5c69780db9db037f197397803a9c152422da410

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 09e0e35037deee64d2c803a55d71e492
SHA1 5e4b0120c5e7ed9353d3ec8357bc25ac1f81da05
SHA256 0722d4ae7e219a811099af0839ed906d12e56ec8e4d5013d8686ff1726d27a9d
SHA512 2affe6ba27567a67608d11d27ab6f9746ce1718a468007477af04a77eaae872f8f2a36aa9d3c2a9dec5ecc1927a489ef79addd56d240265e0227c56a934e951e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2e45177c917409fd5dd893ba320bb19e
SHA1 1215527e91c1091b6c57fb9c4bde2b97d129b7bf
SHA256 0e2337bb40e50fe9fda0210b412d2952e8e0b1a5d5ac374e58ca005c31f5dc95
SHA512 c3165b3b577088f37aa6e16ae93c37e3f41cb65a21261bf3310997130c0d39cdb25947a26c0d7a9b6b63be45352a3c84e4a1663abba68adc453689c00a1d241f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ea74b6861165fab1309c04e6a36744c9
SHA1 bed89b46bfb7815c39714e894e1b9de7a11487d5
SHA256 34bc28bc122c43f989a71d8a52e32181b465b91e8d1e0138cc09c972ebb30f9e
SHA512 062ef4892942100a5725d4583470e0d4c20d599d564b69e84780ade83f9b2d33c1aead6eeb98956082429a37e35ce5f945371326d83a810b205094b910914803

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3667514fe0f892ea21c6975a19b726e4
SHA1 0b44e5585cd90f2123973c86d52d78ed0916cff6
SHA256 d9ffd27eefe502392a31f904e5f2742cd63ef8d22356ea212094c3dc47c64a14
SHA512 bd4a4c104794a2a02b36706db23f2d1bae683a4929cb899b2e6a908b3378c010a7c5c35c8c558ecdec018a7bd05ff15976498faf601a6c442f21919f2a4fd101

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a9b22afcdaa30a5a44a606480d59bd5d
SHA1 1cd7385054a2bad8056bc4985833802b5fbf12e4
SHA256 464c6f965aa301f4e068d70af7a58e43ca2256379ad39bf519f78a3b7cef1ffb
SHA512 86f222b270f5b772368cc64881891415750107f492f0c4d873388a7adb89fa9203d8a405e5113022650e70a657bc264c59b40943a37e43594448378337bc8e2e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d0ee0007a008d5a531a08b44252ef9b8
SHA1 669ee44dc5219a004043d552b90dcb6b2d618505
SHA256 8b3623af33203a4410c3e693604b47ef2a1d4d720bab0833ba65064f0d2a47d7
SHA512 7b039709646d5099ba1f886ca6c2bcb8e533a61835dcf3d45b270fb6951b05a59fa35af354730f0c93580c8c2ecd989a119604ba84b4fabe315d07c3983a5b7a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a91fb14b1597da06b06c780560463c49
SHA1 9422a7f3075bd867fe52bfd9324db5015d9e62bf
SHA256 3804f175310cada9eceb6ba6ea1fb48e15d0c46ed8c08191e61084f70a5d325f
SHA512 afc30487e449907a7f9cf557fef4dce87813ca89a4e2bbfd31f2ba58be51d42f63ae1cdb77bfd1239298464782d26b4be99706a80ab680dca86dd81ebf47609f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 4aab6fb524bd0766f66b5e0e020a0416
SHA1 b5a4646ec652360d04afe5cfef03c7f512bc56bf
SHA256 6d926fc8fe7fe4db502577a4875718dbed5448e14c48e5929bc0bd2fa728580b
SHA512 36eace48b020acbd93ec9cd5365828e63c4d8690395206d412f7f93be08288f810740777b355a7003b9ad6ab427c10103b876bf43cd974431f5d86e90e05c2ec

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e500b6532c41a983abc302c64b23410a
SHA1 59a99ace32e1fc6eb7e44d7c9ba398574e5ad2da
SHA256 51fbe13bab4a7b2b10d6bfa1a58f824260683758b7a9b71f03af48a215953569
SHA512 77f8ff91deedf0e790711496735a7ebb4269c95a2383ef801c66b96e08d64680580cebdeab3c191f976a7829877882d2218d9b94bc51f5d9f21e62a0b1b88390

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 97fdf4b295305501d104c1c3d3371c68
SHA1 36afd8572cffec373b7ed0cc96128ad9574bb5f9
SHA256 6247fe3e980cb0d740897d090b2769fc58371d49daadb6207c4a9081a81355ed
SHA512 bf7520276134df4dd3d185b5936ae2f9a9df61b35d4272a95bc5c95322359dad4c9e144b64c93f9352c46ff4d8f3842fb911624e903c9c4238da18ac657c7b1f

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{EEFE56D7-BC5E-458D-AE15-D0BED7060DFF}\EDGEMITMP_F4F6A.tmp\SETUP.EX_

MD5 5070a34dbada1aaa375cc572b5fc7d0c
SHA1 e74b7ef714755870976abe3d2b4a7db0b9cc21e5
SHA256 03e7a32e1f10fced6a07dfa4e6cfd92510d4bf6929d423798e4fb5ca91fe6c20
SHA512 fed3fcbb64a59070b0efd677ca2edc982d28e37cdf7283f2777af8aca7d3760a7eefb8d01b3c2bf4b4ec3708a74c3412f0dede91e31dca1b6f8a4e4edc673aa7

C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_Office_SETLANG_EXE_15

MD5 0e2a09c8b94747fa78ec836b5711c0c0
SHA1 92495421ad887f27f53784c470884802797025ad
SHA256 0c1cdbbf6d974764aad46477863059eaec7b1717a7d26b025f0f8fe24338bb36
SHA512 61530a33a6109467962ba51371821ea55bb36cd2abc0e7a15f270abf62340e9166e66a1b10f4de9a306b368820802c4adb9653b9a5acd6f1e825e60128fd2409

C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_Windows_Explorer

MD5 ab0262f72142aab53d5402e6d0cb5d24
SHA1 eaf95bb31ae1d4c0010f50e789bdc8b8e3116116
SHA256 20a108577209b2499cfdba77645477dd0d9771a77d42a53c6315156761efcfbb
SHA512 bf9580f3e5d1102cf758503e18a2cf98c799c4a252eedf9344f7c5626da3a1cf141353f01601a3b549234cc3f2978ad31f928068395b56f9f0885c07dbe81da1

C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133589549472420617.txt

MD5 33d26335c283de357eefd5640f070f85
SHA1 2efe57115127af59e48c661ec7fea6d8b2c130f2
SHA256 cd286d96f393e607ca4a8085ace1955f6df9f0eaf93194cbffe58f12a1fe5789
SHA512 6e6e02c68a1d68b8e50649da96ae27c30a6680e399923097ccff2fd0babaee4d6a534aa24414d0a9a0ce0cca5c0d2a2b7f2f839ce66de2d5d51129a8a767a51d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 78a05552da874c89dfa0a6fc01fd67ec
SHA1 9a26a892f1a5f0c5603f06a9b189d881f1413b0f
SHA256 8b352a32c01d58d6d05513b29218d4aa5fce0de34ac66f4cf2818effe128bb76
SHA512 e2502f7ae5c5f212a173de582ed7509df95f233290077c156bd4ccd635fb9298f2f9e7a02cd559a55e37782321fc29e6dc71c134a99dfe539a997b41b296e5fe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9c5d21c05f9842fb0fff6380d1ac3153
SHA1 87d999c7b1cbe9943bb779338c23e9f0e2d68d69
SHA256 8fa1cea4a5c6e37f28c99c9f59f1abd394aaa65bbde11fbe43bfb484cc0bba55
SHA512 0e83635eb912b94495beb295635951ae63a599953e45aa8dc0a2e6a8ff43e6ffd769ad769ac61b04f154a14c90523ee2de569430983e48cdee7a92620ad635e9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000182

MD5 69b550731f9a789a39d18eb917e43a4c
SHA1 20721285bcc8dfc47777e43b2d94a224469a0b50
SHA256 230bd4129d0d79dd196efcf6d9e8db962c5e750fa539dfb5b72ba43666485066
SHA512 0de48338b7108eb2b9206c57d382c69703f1424788f7c665f44e4ebf8fbc92da8f11d10416c03f37d62c0d72cf760b902ef52f8e41caeb89ec221f0fac76702b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000195

MD5 e0c0f7035b1f8bce3e05edf391799fe2
SHA1 f2fe854b9bc6cd6bc7fc325de736db5082f0706b
SHA256 a9f4b53dcde51161bcfdea690051a1f7190aa386ab2d6c518ba2d0861c0ab245
SHA512 3108b20b7565b14e349acd813eeaf9227ddc42be3a8606e27b3331deb28ce3623b4e0bbe87f5189a5200ab360cd99abc0ff3224e90632ad1ed07507c92df2d87

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00018b

MD5 56f9e310fc86fc949bf115e34850e083
SHA1 a87b79bdd2e22aab5ba4bc6bfe023824ef1a1502
SHA256 da300a45b3a3b1a2eeccb255e4c6e5967a3aa02ca7a64a4d31a56ea3e8973e23
SHA512 f7e8bbf40d947c03dd3129ce61f7ce79f5d6038d20da2f3e546b41bfe4a76283bbf61a14bbb9955d9574a5efb9efd9dd46f59658b8ddcde3552dd336d88348df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 efed7ad9b55fb45def27a8af0cfcec7b
SHA1 343f68c28322b2d3a39a106524134bf5fe08d0a8
SHA256 a93ad10928c10bcfc7194b8603ec85d010df8af99c7eb9f58d3b4bbd3d90b681
SHA512 c49aa9e26bc2c85505f3f200ddcfefcc9e97633d7a043ad3602dab189d60d766c64d80c61c49705b87c139b8d024c03fa8448fbbdd716551160bd2993b6f8f81

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00018d

MD5 d319acd3a097e520efbcdef018249646
SHA1 3072f8f44afe949b30cd216237593864eb7bde51
SHA256 0a3e77fdf7b775ff5bee4486f08f41f3ad1cafe70afc9a024e8120bed63b8b05
SHA512 515110f9d8f2e5915201ee059a17f8a1ec8a04e0b8f5e97c77b10aaff2126ed8579895f1b2e59908a9660ac31dccdd6a4cf6e69cf968691d314de6fe4597ec34

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00018c

MD5 4b2c75d4a3f9badfacea1b5c839cb156
SHA1 351265c41c70d2b5861b80515b06abe1fa3f8918
SHA256 fb380bf54ce040214bcbdcd8ef1236ba0555c30029283f659b9618de3712e0d6
SHA512 63c94da18d0b0a30dc1012c66a124fbb751b93d56308e30fa24ac1b7bea30e344de1314bca348824814af20c2e894cbbf6cd5a846d6423ef69f3fa75b8034f79

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000191

MD5 30f6b32d5886fba879327d17e61fc1d2
SHA1 5eff13862124e2e8a883394083f63c4faba43064
SHA256 2b8f82d1acf3db721054c93e555b4b045110449fa1fdcf0b784f311d2750cac5
SHA512 465bad4ea474008e8123d9c628d7f28d315a6bd8a862a02514e75674da10221dc30784b9e3020b91a8aa0b58f8a5bc30354bfc4bf03c9bc54f93321a798812b2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000194

MD5 db8975224bf17fbbdea1bd1a2971504b
SHA1 1525facc1f29ea3718ee697fad77d67a51f844a5
SHA256 3cde5deecadf6ebfbdc56f7af9f96c406cec46285b8dc9287321855a330b1527
SHA512 a06199e080a9209c799a24feb3eeeab71f29bd05c07abe0eb89666a8ade67f3179252e68b4ae025476d9429ccdda63585e3172be5e371b342d2a5dd7fe994be9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000193

MD5 2cfeb4cad16b96e91e890135f5c1fc92
SHA1 92d972f7e847a1df14ce170c469eea10f027265b
SHA256 49b8d05537d5be0c87b045c6173eba44dd947576040ee9d011494f3a6cc7b47e
SHA512 85757e87a18eabfabe97bb278bf4a20d791fc93123b650001519795cdd943c976416bd0b9c2d60d1d57051eb3726ee5b5a32e5afaefcedb49c7a615e9c298e5e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000190

MD5 e915875cd008dd2708f477bbfee48687
SHA1 a40385e3ddb0763b1c69c84e97fc52a5d6df1bf9
SHA256 57dfecd1e6ec04eab4474a69db2073b330a2a398998f43353e16e7f392612430
SHA512 c90948ce9d4a0e45f64575f86c3adaed4b6c865d82c934494ca592c8f6e97892f9a576d2f839217f28f9489a15d765c6feb5d6d2d4798d3c36af54e061b262e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00018f

MD5 7a885723e2b52eddba8d8fc9dca720a7
SHA1 6457700694baa19e8098c525121020ca0641618a
SHA256 511c119f980cfb915132b30ee884527c65199db35f48fcee8ddfbae9bc7147da
SHA512 fe4005ffa0f88371db038b35f981fccacb07b1400ade78ce5aa19a47ac4239a4a051e69282793a164bf2f70d2510641c8879acc5e4e728c090215018a0408042

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001b9

MD5 d0263dc03be4c393a90bda733c57d6db
SHA1 8a032b6deab53a33234c735133b48518f8643b92
SHA256 22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12
SHA512 9511bef269ae0797addf4cd6f2fec4ad0c4a4e06b3e5bf6138c7678a203022ac4818c7d446d154594504c947da3061030e82472d2708149c0709b1a070fdd0e3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1

MD5 2e3ab0abdf3c005f4724441d2a901c60
SHA1 fe69f9263a444ef841cb908df35559704ea7a2ff
SHA256 7a4c89543a6e7811dda42f0b16b4d5932429fbee797f79c342ee3bf7484e8be8
SHA512 e763d563ec2d63e9bfc077fc3f95dd29c61c33ab6184529dbd78f0114faf1fff72e29e1c1bc61ce47306307caeae73a353477cee1206ca999e5e88e3f32094de

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6eedb5be9ff6227f5f06aae920a9ba1c
SHA1 fc24a7cfb4de9aee0e9109422639ef388bc8e253
SHA256 b4d313708a4f9850ca65051a72e4520024ad8bd0873bd1e83f40a79fbe01be9e
SHA512 3974fea3921c7806485004cd180ba4bc0e60813e3fb00e762f56a9cde97ef78136d092258f827a55d040d8219a19d8c77426dce7202b2e913dda31ad4da6e720

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3e07ea72db7093937b5c97d69b92a3fe
SHA1 d434356ebe8a54fb688e36fbd4e099708ec59ed6
SHA256 7f49302c0df644ead182ff473b14cd321efaf765d604cd1c778d23a2ef3803a0
SHA512 4a5527285386699e4a96e5eea7728c8d6c12403cd817eb48f0e670f3500cf8eeede5ee666486aa77f1a789555f4aa774c19e59a5d65d2a9f3f1e70afff4d46b4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 99f3c9b1200fb1b2439049eb434a12aa
SHA1 4480853f37da1cc58b0d55f49853535524f48f13
SHA256 9fe1e20a4a4acbfd7b858129d5d06d535ec303c47f215da5a24723dd099aeae2
SHA512 097f1d284232cdc8a56b8d74edee7ba4a6cdcd0a61887cba6e7e501029074a45b1310906799cf1c0cf434254c5b69d729c2845913408cd5ff1443491756f63ea

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9db43ac2d42ba403c2e984dd75c66212
SHA1 1687ff7bcdb8527534da39ea1f6cdd8584fc7d0f
SHA256 50ce469a0c7e30c02d0f9603571a70a757a620712361f1dda221e1faeb2fe6b3
SHA512 6877dc53d1eaad40fe8378287fe2f29b0c5819eef5f87976e85a64a397673ea1d30f72056c20363223e490f73ecd2b0faccd5f50ef585dd28629d2d421f36bcd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e8bd2abbdae6ce483ddae29d93430f60
SHA1 be476d81f882d41773d5edf2efd8fda0eab4dd61
SHA256 bcecef41b749563a530e4acc415e2676469546759e7d960b37c35d7a9bacfce1
SHA512 4db4ea3c76ed7a4aea2006bdb12754eb7fc0c8748e3d256d6455a22e607ac69decc374c60b0ab5c129aba04f5418ac8dbd6eddb89537dd657222656184e234a3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 0c5267a94daa75cf127586f74d256111
SHA1 a733e406e9b2dfab0a27513cac4d2040437f10a4
SHA256 608204e032b3e5a5e728479f71db9caa741fcccaae01eaa64243b30b0760f2c6
SHA512 b99f5c825d5f098f5809b95efd0d6f7c66941c08606e2c3b37c9ba84642ee910011e9f4477b5a59a9f970f3295080765c724f03ae575307191e2245eb11ba019

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 76f89426bb51799e6499c9c63e9cb140
SHA1 75a1ccf92a6d477bd93267a9e62fc9bb9af71b57
SHA256 4ab1451f31e7095e29bc5281d63d053fad39957dfee1dd57975b5d19b9110ab3
SHA512 f95645560e37b651b6cde4eb0c49f908f0c73f9dbc4c4b9c429d88f84eae65ba4d6e8b7b469cad422766210ff49260b05ec191b4fbb2312e41e02936f1cd7a46

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ae7b09738d379c5116a26a37f35aa093
SHA1 3e9f1f86f6b2cf03cccc12d20edd244c65045000
SHA256 599f558e7155ab71f658ed29261301789a7b2d05921f88c0bc1a0b54f20c5d5a
SHA512 bead4d2fafecaf593bfb2d69717853954e308f6da6de75f399cdd025957a54f2aa5c6d945976dcb64bfec37bb9cf9b40edc34d1fd91e37e3c9fb7abf6a4a39b5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d902fbb1318692c31f498d9e16d3304a
SHA1 dea4091535579fcbabfbaa6398a1269eb8156226
SHA256 55e11748b27ad3dbb8f3ac3acfa7f5ef28fb9b12a0c0398230fde7ca37006f79
SHA512 ef080961e859a146a8b2d40fce3f117270ca2517d3ee97dd7efb906338f87c67b4f8512aa40edb52e2da1fa76bcf524176b88b778f49def0fbcfebbfdd9145b3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 19121e56c2714bb19a4508082fe6ecbb
SHA1 d90ff7466d95c351b32e08fdcdb156db886d9cb4
SHA256 ac2c704d3368d03a64e98860a862d7bd5c202ba94d2d76a47325216caded6e4c
SHA512 b0e6417f81ba312f312d5e8182ce3253c0485964ef62c6dd99594dd24e52b4fd415dac207d0d8903abe575e1c5f14c85494823d3e6a4398ea3e1b1d655380bae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1366d875883b8360cf0e9bf6b6540151
SHA1 c16092f208c91b0013b25a32256e12ff09e01173
SHA256 acc0098bb15f50effadb00700f3ca4fc1a2df8e352afbc48979e091fa4251892
SHA512 83eac7db36d185f417d246ff685ac7dbf488684c3eb220a8e65079100e02a8540b241ac3868b80403d94f43505a08d3feeafd1b3f4b6f01c2d2bd13bc1f8176e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 833de540c27910acf5d2ef66f96ac99f
SHA1 9bbcb0fdf0592ef5842a458ee283f2b5b522b4d3
SHA256 7214234fe181d4c77fe38fce0f06f2357baf46039e85bbdd750eff941c013223
SHA512 f8fbf1c41f074c35c03bd53a4d593bb1efc65f92a6d22db24708f44147e1bf479544f730f79d690f81b83c81c80fb5f1b83ca46ffb65e66e45b793e48b3a8c4b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ca7efb0799faef1c748cb56b0d70e1be
SHA1 ec45919bde4bd1da763a20e23647289cbce61989
SHA256 b53d8f59f87e5e1fb95fef09299a38f853e7fd9681fdbae659961511882812f1
SHA512 215faf3c1e9cb282a14a82b382e0260f41977bf146f0f6497d7758ae2a1ac4e516c9bfc9b3c54cf64340c22bf2b723d87560ab0626a378b3a3d61de75ae72abb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 79b1f532101e5fcb02f86e8c0588dff5
SHA1 69b8b6e8d7781bacb390fee48cc61841de07bc6b
SHA256 04fb66bdfd962f8f91ac8e5ccd252f83439edeb7c1e5362b5838dfaae4c5a1e8
SHA512 4578ac058be0267ac5740543f74e524bc2730ca09eb40722809cd8266ae52eebb64caaa682f69fe30c6933fedc3b316c18bbb429141a2fb37e7febe9da21ef7a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 0b58900229570feb26b1663193efd1e7
SHA1 311122f8bde1cdc63bcd9ce2904b198f07733ed4
SHA256 cef7d052aeb38748a33a8c5ea4ccb241db2740e45ce8f825e8a87aa910a053b0
SHA512 c870dc01367af91e86dcc6c42812e42b1f9c3a8e36efb7115ed91d72087bd8e63c434015b4840b22bf83810e3a7e92ca110088f7d4c30a05349816e06895aa9e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f2b0936576b31741841f807072a4cabe
SHA1 8cd97c2e20ed8f95ca8111c193a7e5e9c98607aa
SHA256 3551c5f4c2683a65cdd709fbadbd5d5bea0f71b039a9657f19d6f61c93c89b4f
SHA512 fd1c4f5e0f205fc7ea2a1dbf563d999516f1b8b8ec73d02f4758ec23e05303f32a3c3dc87be48f463db7256836525298e8047ac63ca9e89ef25a6351fe657e64

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 32cd28d45bbe9c42f1aa187368bbc9f8
SHA1 b3ee8da846b723b89975a23373ab9eaad856a976
SHA256 4e3f174ebcab78373103da041785f62c5bdeaeb6f6f38a1e96f839564d3c320c
SHA512 6b57ce2b4b291ea5a7f96ba86715b136f3a9d6481497a3dbf6cc84ed7a4a74ef05573bc12b11d724b963efae7c9b50fa9b69cd665446476b726e2b2ae453aae8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5fa2dcef2da97265fa5efcf24bb3380d
SHA1 acb1a3494c8c9af4b3fef987c72241122bbd7120
SHA256 3b1eb1031ebb57c715e6cfcfe6a0aa7dd8b8f087892854758d0f18dd41695bc2
SHA512 5b713e0bcb68643d960150d0e0f83c298d3656c5219026dd4b2ef0301709bb79d9a427e42781f86c9cf704c02edc8f03c071065facdd30da9d0b0b7e1433210d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 0eaa152d63d2c9519cdf7234e0bab514
SHA1 8622ad82b90395b919be99f6aab6081169115be5
SHA256 b91507584b8d508a5cfd85d15cac195b98adbbdac9f6238899e1f7dd0569f975
SHA512 d3a2b47cf9da1981174d231d1e285f2f9673c456f0a38758eb864af023fb40dc0a490778aff2a519536a7503af7ba5ca91a410c0bce593046da8e18fe1ad542d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 eca1d4444be32991169d00bfb916aaa8
SHA1 2b48ac6f171d1af1f7895c0c8050bd24eac690ae
SHA256 a4d1b33a86eda404ef58b852c0c6e37e830ab0bc63cd5af8f04125578959bcae
SHA512 f9cc1b017bb9cc11c8d6f96fbfca3b20bd71e82998bc1dff1e3a1ff9706d0ea1095d3345f5f29cddd273b88bb74cbb1cb3d460e8aee2abef5833963f351a2a31

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5ff0901ae76adbeb96c07cd7426b06a2
SHA1 b24c20d74fcabb6f8c9b6b3e181716a3fe0eeb15
SHA256 9bd7ce102d4760834d203e075c45310166a8ac00a25c8401a39a7369dd075362
SHA512 18116599b5ffdcfe1df32f6614877f82d3fb32b159332e9817363d1ecd68fc3566c728fc659b4574ae9369eb5aa24612c2bd9431aa49849aafab64752cefd2e9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e432c905e7d98ea5b0e18cbb59b414e5
SHA1 fb62a640839f9a299ae58d2614f7643b1335f259
SHA256 7d02d79437a53fe873782d642eb310f5714f4e38dda754b7bb01f62a377a2198
SHA512 cee2cb3fefb275245ef0f0cde424b4b91c466494f23723f34c16fd937b3329c10909ed583a0c24e04b0c2a4ceaea81566ada4c9c695aa4c1910aeae482f9c0f7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e45e6345fb396ab882c0e9176e111107
SHA1 2bc56d2c359999b9b614ae2a3c2de12e9c70b8c0
SHA256 501b64f8df3e383ed7debc5439d46d133a5b833bb94d6cc5f0bca1d5ad1cf044
SHA512 6fe80b9db14bbe5b9cab2cb695d1f39d46fd3c656cc02cec1f17c3287f1e1ac0a10e13e1f320f6e83130282a60bdaaa774b15c0d01c8b6df8390ce28812b5e99