Malware Analysis Report

2025-01-18 22:15

Sample ID 240430-wfg3zacb3t
Target https://create.roblox.com/landing
Tags
adware discovery evasion persistence stealer trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file https://create.roblox.com/landing was found to be: Likely malicious.

Malicious Activity Summary

adware discovery evasion persistence stealer trojan

Modifies Installed Components in the registry

Downloads MZ/PE file

Sets file execution options in registry

Executes dropped EXE

Checks computer location settings

Registers COM server for autorun

Loads dropped DLL

Drops desktop.ini file(s)

Checks whether UAC is enabled

Adds Run key to start application

Checks installed software on the system

Installs/modifies Browser Helper Object

Checks system information in the registry

Drops file in System32 directory

Drops file in Program Files directory

Enumerates physical storage devices

Modifies Internet Explorer settings

Modifies data under HKEY_USERS

Suspicious behavior: AddClipboardFormatListener

Suspicious use of FindShellTrayWindow

System policy modification

Suspicious use of WriteProcessMemory

Suspicious use of SendNotifyMessage

Suspicious use of AdjustPrivilegeToken

NTFS ADS

Suspicious behavior: EnumeratesProcesses

Enumerates system info in registry

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious behavior: GetForegroundWindowSpam

Modifies registry class

Checks processor information in registry

Suspicious use of SetWindowsHookEx

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-04-30 17:51

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-30 17:51

Reported

2024-04-30 18:11

Platform

win10v2004-20240419-en

Max time kernel

1192s

Max time network

1201s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://create.roblox.com/landing

Signatures

Downloads MZ/PE file

Modifies Installed Components in the registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A

Sets file execution options in registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EUC7B8.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EUC7B8.tmp\MicrosoftEdgeUpdate.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-2818691465-3043947619-2475182763-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2818691465-3043947619-2475182763-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2818691465-3043947619-2475182763-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2818691465-3043947619-2475182763-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2818691465-3043947619-2475182763-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\MicrosoftEdgeUpdate.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{928320AE-4C4B-4502-9DD7-0E6F99291EE2}\MicrosoftEdge_X64_124.0.2478.67.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{928320AE-4C4B-4502-9DD7-0E6F99291EE2}\EDGEMITMP_13D77.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{928320AE-4C4B-4502-9DD7-0E6F99291EE2}\EDGEMITMP_13D77.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{248EC230-0207-42D8-930F-6FA3ED6FC7F4}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUC7B8.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9B0BD0A1-BB6B-4478-9EF4-048647F6311C}\BGAUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\MicrosoftEdge_X64_124.0.2478.67.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A

Registers COM server for autorun

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\notification_helper.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\PdfPreview\\PdfPreviewHandler.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\notification_click_helper.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\notification_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\notification_click_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\BHO\\ie_to_edge_bho_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\!BCILauncher = "\"C:\\Windows\\Temp\\MUBSTemp\\BCILauncher.EXE\" bgaupmi=274686BB3245490191CE5C7E82DE9F19" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9B0BD0A1-BB6B-4478-9EF4-048647F6311C}\BGAUpdate.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A

Drops desktop.ini file(s)

Description Indicator Process Target
File opened for modification C:\Users\Admin\Videos\Captures\desktop.ini C:\Windows\system32\svchost.exe N/A

Installs/modifies Browser Helper Object

stealer adware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EUC7B8.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EUC7B8.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\App\Bar\FullscreenTitleBar.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\Screenshots\Dev\JestGlobals.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\Cursors\DragDetector\ActivatedCursor.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\WidgetIcons\Light\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\ApolloClient\GraphQL.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\RobloxShared-edcba0e9-3.5.0\RobloxShared\nodeUtils.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\ui\MenuBar\dropdown-arrow.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\Qt5Gui.dll C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Locales\ug.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\AppTabBarRodux\Rodux.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Locales\nb.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{928320AE-4C4B-4502-9DD7-0E6F99291EE2}\EDGEMITMP_13D77.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\PurchasePrompt\Actions\SetPurchaseFlow.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\GraphQL\GraphQL\TestMatchers\__tests__\toHaveSameMembers.spec.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\VisualElements\Logo.png C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\Qml\QtQuick\Controls.2\Imagine\GroupBox.qml C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Lua\AvatarCompatibilityPreviewer\Dark\Large\unhide.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\ui\Settings\Help\BButtonDark.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Light\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\Settings\Components\ReportConfirmation\ReportActionAreYouSure.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\JestDiff-edcba0e9-2.4.1\JestGetType.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\LuauPolyfill-2fca3173-0.4.2\LuauPolyfill\Error\.robloxrc C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\VerifiedBadges\React.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\StudioToolbox\Banners\MonsterCat.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\ui\Controls\XboxController\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\Navigation\Dark\Large\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\InGameMenuDependencies\Promise.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\SocialContextToasts\Dev\JestConfigs.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\identity_proxy\beta.identity_helper.exe.manifest C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{928320AE-4C4B-4502-9DD7-0E6F99291EE2}\EDGEMITMP_13D77.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\TerrainTools\button_arrow.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Light\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\JestReporters-edcba0e9-2.4.1\JestTypes.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EUC7B8.tmp\msedgeupdateres_lt.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{248EC230-0207-42D8-930F-6FA3ED6FC7F4}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Lua\Notifications\Light\Standard\NotificationBadgeDisabled.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\InGameMenu\Components\ReportPage\FillCircle.spec.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\AvatarEditorPrompts\Components\Prompts\DeleteOutfitPrompt.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\Settings\Analytics\BlockingAnalytics.spec.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\Dash\Dash\iterable.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\DeveloperFramework\StudioTheme\search_12.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Light\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\qt_translations\qtbase_zh_TW.qm C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\qt_translations\qtquickcontrols_pt.qm C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\ContactsToast\Dev\SocialTestHelpers.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\Qml\QtQuick\Controls.2\Imagine\Popup.qml C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\ui\Chat\Chat.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\Server\ServerChat\DefaultChatModules\ExtraDataInitializer.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\roblox_networking-chat\networking-chat\networkRequests\createGetUnreadMessages.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\UGCValidation\UGCValidation\util\createEditableInstancesForContext.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\GameTile.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\ui\VoiceChat\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\PurchasePrompt\Services\Analytics.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\ContactsToast\Enumerate.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\DiscoverabilityModal\RoactRodux.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\UserProfiles\Dev\JestGlobals.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\textures\ui\LuaChat\graphic\gr-profile-border-36x36.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\TopBar\Actions\SetTopBarEnabled.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\ui\newBkg_square.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\GraphQL\GraphQL\jsutils\__tests__\naturalCompare.spec.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\AnimationEditor\ScrollbarBottom.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\TextureViewer\refresh_dark_theme.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\FriendsLanding\Dev\ReactRoblox.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\QRCodeDisplay\QRCodeDisplay\default.rbxp C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\textures\ui\LuaApp\graphic\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\RoduxFriends-1016398c-4fdfb9d0\RoduxFriends\Selectors\getSortedByRankRecommendations.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\LuaSocialLibrariesDeps\RoduxShareLinks.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key opened \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\System32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\System32\svchost.exe N/A
Key opened \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\System32\svchost.exe N/A
Key opened \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\System32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\System32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\System32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\System32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\System32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key opened \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\System32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\System32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\System32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key opened \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\System32\svchost.exe N/A
Key opened \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\System32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\System32\svchost.exe N/A
Key opened \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\System32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key opened \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\System32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\System32\svchost.exe N/A
Key opened \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\System32\svchost.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio-auth\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio-auth C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "6" C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "69" C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "1" C:\Windows\System32\svchost.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "20" C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "21" C:\Windows\System32\svchost.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "36" C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Direct3D C:\Windows\System32\svchost.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "11" C:\Windows\System32\svchost.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "24" C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "25" C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "9" C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "53" C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Direct3D C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "71" C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Direct3D C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "22" C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "37" C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgePDF\Application\ApplicationCompany = "Microsoft Corporation" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\AppID = "{CECDDD22-2E72-4832-9606-A9B0E5E344B2}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5F6A18BB-6231-424B-8242-19E5BB94F8ED}\PROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods\ = "26" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.Update3WebMachine" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebMachineFallback.1.0\CLSID\ = "{E421557C-0628-43FB-BF2B-7C9F8A4D067C}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface\{C9C2B807-7731-4F34-81B7-44FF7779522B} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.Update3WebMachineFallback" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\NumMethods\ = "12" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.html\OpenWithProgIds\MSEdgeHTM C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\NumMethods\ = "24" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\Elevation\Enabled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ = "IPolicyStatus" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{69E11C9D-4974-41A2-B067-9F26953CF52A}\InprocHandler32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio-auth\ = "URL: Roblox Protocol" C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{69E11C9D-4974-41A2-B067-9F26953CF52A} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ = "IPolicyStatus" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachine\ = "Microsoft Edge Update Broker Class Factory" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\NumMethods\ = "24" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\PROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA}\InprocHandler32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods\ = "5" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\VersionIndependentProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachine\CurVer\ = "MicrosoftEdgeUpdate.OnDemandCOMClassMachine.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\LOCALSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\NumMethods\ = "10" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\NumMethods\ = "11" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\AppID C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{8F09CD6C-5964-4573-82E3-EBFF7702865B}\VERSIONINDEPENDENTPROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ = "IPolicyStatus2" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\LOCALSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\PROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ = "IPolicyStatus2" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\ = "IAppCommandWeb" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA}\InprocHandler32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\NumMethods\ = "11" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 750979.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2916 wrote to memory of 4744 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4744 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 4164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 652 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 652 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 884 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 884 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 884 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 884 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 884 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 884 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 884 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 884 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 884 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 884 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 884 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 884 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 884 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 884 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 884 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 884 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 884 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 884 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 884 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2916 wrote to memory of 884 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

System policy modification

evasion
Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://create.roblox.com/landing

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa643846f8,0x7ffa64384708,0x7ffa64384718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2216,555423927018962004,2003063284827064979,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2232 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2216,555423927018962004,2003063284827064979,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2216,555423927018962004,2003063284827064979,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2652 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,555423927018962004,2003063284827064979,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3404 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,555423927018962004,2003063284827064979,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3420 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,555423927018962004,2003063284827064979,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,555423927018962004,2003063284827064979,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5228 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2216,555423927018962004,2003063284827064979,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5636 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2216,555423927018962004,2003063284827064979,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5636 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,555423927018962004,2003063284827064979,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,555423927018962004,2003063284827064979,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5548 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,555423927018962004,2003063284827064979,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,555423927018962004,2003063284827064979,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2216,555423927018962004,2003063284827064979,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5976 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,555423927018962004,2003063284827064979,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5520 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2216,555423927018962004,2003063284827064979,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6276 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2216,555423927018962004,2003063284827064979,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6164 /prefetch:8

C:\Users\Admin\Downloads\RobloxStudioInstaller.exe

"C:\Users\Admin\Downloads\RobloxStudioInstaller.exe"

C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RUMzRTZBQzUtOTkzRi00NTAyLUE4Q0ItMDQ5MEJDNjk1QUJGfSIgdXNlcmlkPSJ7QjhBNzU5MTUtRUVFMS00NTEyLTk5QTUtMTMwQ0IyOEZFRDEyfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins5RkMxODI5OC1BNDJCLTQ2MTUtODY2OC1DMkZBRERDNDEwQjl9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4NS4yOSIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjUxNjY0ODkwMzgiIGluc3RhbGxfdGltZV9tcz0iNjE5Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{EC3E6AC5-993F-4502-A8CB-0490BC695ABF}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RUMzRTZBQzUtOTkzRi00NTAyLUE4Q0ItMDQ5MEJDNjk1QUJGfSIgdXNlcmlkPSJ7QjhBNzU5MTUtRUVFMS00NTEyLTk5QTUtMTMwQ0IyOEZFRDEyfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins3QTU0N0VGMS04Qzc3LTQ3REEtQjNDNy03QUMwNjU0MTExMDR9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTIzLjAuNjMxMi4xMDYiIG5leHR2ZXJzaW9uPSIxMjMuMC42MzEyLjEwNiIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9IjUxNzE0Mjg4MTkiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{928320AE-4C4B-4502-9DD7-0E6F99291EE2}\MicrosoftEdge_X64_124.0.2478.67.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{928320AE-4C4B-4502-9DD7-0E6F99291EE2}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{928320AE-4C4B-4502-9DD7-0E6F99291EE2}\EDGEMITMP_13D77.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{928320AE-4C4B-4502-9DD7-0E6F99291EE2}\EDGEMITMP_13D77.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{928320AE-4C4B-4502-9DD7-0E6F99291EE2}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{928320AE-4C4B-4502-9DD7-0E6F99291EE2}\EDGEMITMP_13D77.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{928320AE-4C4B-4502-9DD7-0E6F99291EE2}\EDGEMITMP_13D77.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{928320AE-4C4B-4502-9DD7-0E6F99291EE2}\EDGEMITMP_13D77.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x22c,0x230,0x234,0x208,0x238,0x7ff77d6688c0,0x7ff77d6688cc,0x7ff77d6688d8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,555423927018962004,2003063284827064979,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3516 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2216,555423927018962004,2003063284827064979,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2400 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,555423927018962004,2003063284827064979,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6372 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RUMzRTZBQzUtOTkzRi00NTAyLUE4Q0ItMDQ5MEJDNjk1QUJGfSIgdXNlcmlkPSJ7QjhBNzU5MTUtRUVFMS00NTEyLTk5QTUtMTMwQ0IyOEZFRDEyfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntFNkREMjc5OS03ODA3LTQwQzctQkY5RS1ENjY2NDlBRTRFMjB9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTI0LjAuMjQ3OC42NyIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9Ii0xIiBpbnN0YWxsZGF0ZT0iLTEiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNTE4NTMyODk5MyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjUxODU0Njg5MDQiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1NDA3Nzg5MDE3IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy8xMzFiZDVkNy05YzY1LTQ3NmEtOTA3NS1lMjQ5NGY4ZGE5ZTQ_UDE9MTcxNTEwNDM4MiZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1oaDdleVlxZnRWcmJhakl5TkwlMmJlbGxOUk9nQXhPNDNQeXo5QmdnUSUyZnpOckQlMmJrSXVJeDVoa21Nd1JwMEhXY0pMQzJwM2JWbXB5MlpOQ09VQ2hkUyUyZktBJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTcyNzIzNzY4IiB0b3RhbD0iMTcyNzIzNzY4IiBkb3dubG9hZF90aW1lX21zPSIxNjAxNyIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU0MDc4Njg4OTEiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1NDIxODA4NjYxIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1ODg3Njg4NzIxIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iOTIwIiBkb3dubG9hZF90aW1lX21zPSIyMjIyNiIgZG93bmxvYWRlZD0iMTcyNzIzNzY4IiB0b3RhbD0iMTcyNzIzNzY4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI0NjU4NSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe" -startEvent www.roblox.com/robloxQTStudioStartedEvent -firstLaunch

C:\Windows\System32\GameBarPresenceWriter.exe

"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --enable-features=MojoIpcz --mojo-named-platform-channel-pipe=5888.1624.1071141609428513125

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=124.0.2478.67 --initial-client-data=0x15c,0x160,0x164,0x138,0x16c,0x7ffa4bd5ceb8,0x7ffa4bd5cec4,0x7ffa4bd5ced0

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1732,i,10526364678887530382,15373737921215239468,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=1728 /prefetch:2

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --field-trial-handle=1924,i,10526364678887530382,15373737921215239468,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=1956 /prefetch:3

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --field-trial-handle=2028,i,10526364678887530382,15373737921215239468,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=2192 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3516,i,10526364678887530382,15373737921215239468,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3572 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3600,i,10526364678887530382,15373737921215239468,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3700 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3684,i,10526364678887530382,15373737921215239468,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3324 /prefetch:1

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x2ec 0x524

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,555423927018962004,2003063284827064979,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe" roblox-studio:1+launchtime:1714499691696+avatar+browsertrackerid:1714499617024002+robloxLocale:en-US+gameLocale:en-US+channel:+browser:edge+userId:4155035591+distributorType:Global+launchmode:edit+task:EditPlace+placeId:17341016624+universeId:5933619878

C:\Windows\System32\GameBarPresenceWriter.exe

"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,555423927018962004,2003063284827064979,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3972 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe" roblox-studio:1+launchtime:1714499772429+avatar+browsertrackerid:1714499617024002+robloxLocale:en-US+gameLocale:en-US+channel:+browser:edge+userId:4155035591+distributorType:Global+launchmode:edit+task:EditPlace+placeId:17337941876+universeId:5932483521

C:\Windows\System32\GameBarPresenceWriter.exe

"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{248EC230-0207-42D8-930F-6FA3ED6FC7F4}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{248EC230-0207-42D8-930F-6FA3ED6FC7F4}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe" /update /sessionid "{83D4075D-2AD7-45D3-8FA8-07DA62DF7817}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7ODNENDA3NUQtMkFENy00NUQzLThGQTgtMDdEQTYyREY3ODE3fSIgdXNlcmlkPSJ7QjhBNzU5MTUtRUVFMS00NTEyLTk5QTUtMTMwQ0IyOEZFRDEyfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9InszNjRBOTI3OS0zNkM1LTREMTktQkQ0Ny01OTExNzZCOThBRjB9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7c0c5REo2TTNmWmtQN0NFTFdHbkR4Qyt3YVJhUUV1RUx2TElmWGsvTUF0Yz0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xODUuMjkiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iSXNPbkludGVydmFsQ29tbWFuZHNBbGxvd2VkPS10YXJnZXRfZGV2IiBpbnN0YWxsYWdlPSIxMSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSIxMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODc0NjMxODI3MSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4NzQ2ODM4MjU0IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ3MDIzODM4IiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4ODA5NjA1NzgyIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJkbyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNzJlZDgwODctZWU5OC00MjljLTkzMzAtY2EzYzE5M2Q0MWFmP1AxPTE3MTUxMDQ3MzgmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9V0Y3NEl5JTJmaGFBd05ud0VheWN1JTJieGJuZ0MzYVA0Zk9GNk8lMmZqYTExOUxHVGNOeFkydnlsWHpJdXpqQWthYzFScHF4MDl0MWNWZSUyZjRkMThpYnolMmJNd2xRJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMCIgdG90YWw9IjAiIGRvd25sb2FkX3RpbWVfbXM9IjQyIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ1Mzg2Mzg1IiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4ODA5NjM1NzU2IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy83MmVkODA4Ny1lZTk4LTQyOWMtOTMzMC1jYTNjMTkzZDQxYWY_UDE9MTcxNTEwNDczOCZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1XRjc0SXklMmZoYUF3Tm53RWF5Y3UlMmJ4Ym5nQzNhUDRmT0Y2TyUyZmphMTE5TEdUY054WTJ2eWxYekl1empBa2FjMVJwcXgwOXQxY1ZlJTJmNGQxOGlieiUyYk13bFElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIwIiB0b3RhbD0iLTEiIGRvd25sb2FkX3RpbWVfbXM9IjU0Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijg4MDk2NDU4MTciIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9Indpbmh0dHAiIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzcyZWQ4MDg3LWVlOTgtNDI5Yy05MzMwLWNhM2MxOTNkNDFhZj9QMT0xNzE1MTA0NzM4JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PVdGNzRJeSUyZmhhQXdObndFYXljdSUyYnhibmdDM2FQNGZPRjZPJTJmamExMTlMR1RjTnhZMnZ5bFh6SXV6akFrYWMxUnBxeDA5dDFjVmUlMmY0ZDE4aWJ6JTJiTXdsUSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IjIzLjIwOS4xMjUuMTcxIiBjZG5fY2lkPSIyIiBjZG5fY2NjPSJOTCIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE2MzA3OTIiIHRvdGFsPSIxNjMwNzkyIiBkb3dubG9hZF90aW1lX21zPSI2NTQiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODgwOTY2NTc1MyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4ODE1MDY1NzU3IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PHBpbmcgcj0iMTEiIHJkPSI2MzE4IiBwaW5nX2ZyZXNobmVzcz0ie0E1QkY0NDc5LUY2MkYtNDQ3Ri1BQzdDLUI5RTk0NjA5QzU5QX0iLz48L2FwcD48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iOTIuMC45MDIuNjciIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iMTEiIGxhc3RfbGF1bmNoX3RpbWU9IjEzMzU4OTczMTE3NzYzMDM5MCI-PHVwZGF0ZWNoZWNrLz48cGluZyBhY3RpdmU9IjEiIGE9Ii0xIiByPSIxMSIgYWQ9Ii0xIiByZD0iNjMxOCIgcGluZ19mcmVzaG5lc3M9InsxRkQzQzQ2OS1EMDBGLTQxOTAtQjJFQS0zNkVDQjhCNDNBNTJ9Ii8-PC9hcHA-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IjEyNC4wLjI0NzguNjciIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iMCIgaW5zdGFsbGRhdGU9IjYzMjgiIGxhc3RfbGF1bmNoX3RpbWU9IjEzMzU4OTczMjU5NDg1MjY0MCI-PHVwZGF0ZWNoZWNrLz48cGluZyBhY3RpdmU9IjEiIGE9Ii0xIiByPSItMSIgYWQ9Ii0xIiByZD0iLTEiIHBpbmdfZnJlc2huZXNzPSJ7NEE2MTY5RUEtMTdGQy00MzY1LUE3MTktQUIxOTA2NkU4MEEwfSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\Temp\EUC7B8.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EUC7B8.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{83D4075D-2AD7-45D3-8FA8-07DA62DF7817}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7ODNENDA3NUQtMkFENy00NUQzLThGQTgtMDdEQTYyREY3ODE3fSIgdXNlcmlkPSJ7QjhBNzU5MTUtRUVFMS00NTEyLTk5QTUtMTMwQ0IyOEZFRDEyfSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7Rjg5Njg0NjktOUREMi00MDA2LTg0RDYtREYyNTIwNDFFQUI2fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNzEuMzkiIG5leHR2ZXJzaW9uPSIxLjMuMTg1LjI5IiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMTEiIGluc3RhbGxkYXRldGltZT0iMTcxMzUzNTA5NSI-PGV2ZW50IGV2ZW50dHlwZT0iMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTAyNTUxNDgxMCIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MDFDRTFGQUYtQjQyQS00MjA0LTk1NDMtN0FGRjVGRTM1NTE0fSIgdXNlcmlkPSJ7QjhBNzU5MTUtRUVFMS00NTEyLTk5QTUtMTMwQ0IyOEZFRDEyfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7RDc4RDYxQzYtNDZBOC00RTQ4LUE4ODQtNjU2QjZGNEZFRDdBfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O0R4T2JqSEdhK25SYTJhdEMzd28rSUVwQzc4K1pZZUFVYmtYcERDMmNqN1U9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjEyMy4wLjYzMTIuMTA2IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIxMSIgaW5zdGFsbGRhdGV0aW1lPSIxNzEzNTExMDg2IiBvb2JlX2luc3RhbGxfdGltZT0iMTMzNTgwMDg2OTUwMDAwMDAwIiBmaXJzdF9mcmVfc2Vlbl90aW1lPSIxMzM1ODk3MzIzMTg3NzI2OTkiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIyMzEwNjc2IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMTk0OTI4MzI0MSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9B0BD0A1-BB6B-4478-9EF4-048647F6311C}\BGAUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9B0BD0A1-BB6B-4478-9EF4-048647F6311C}\BGAUpdate.exe" --edgeupdate-client --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MDFDRTFGQUYtQjQyQS00MjA0LTk1NDMtN0FGRjVGRTM1NTE0fSIgdXNlcmlkPSJ7QjhBNzU5MTUtRUVFMS00NTEyLTk5QTUtMTMwQ0IyOEZFRDEyfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins3NzFGN0I5Ri1DQTIwLTQwQUUtQjAzQi02RUEzRjFBOTEyNzN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7MUZBQjhDRkUtOTg2MC00MTVDLUE2Q0EtQUE3RDEyMDIxOTQwfSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMi4wLjAuMzQiIGxhbmc9IiIgYnJhbmQ9IkVVRkkiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iLTEiIGluc3RhbGxkYXRlPSItMSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMTk2Mzg4MzI1MSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExOTYzOTAzMjIzIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDcwMjM4MzgiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyMDg1NzY5MTk4IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJkbyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNWYxOTU2MTItMzg0YS00OGVhLTg0MDgtYjRlZGU5ZGM1NmJiP1AxPTE3MTUxMDUwNjAmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9UTViem9KeElwJTJmcTQ5UGZKWThuck0zY3NXc1p6NHEwbGtIZEI3RDQ3Q1c5eUUlMmJYaFF5VHVOeTJEdjdNMyUyZjlCR2VjRGN1MUd0b3QxTkxwZDZXVnN1Y1ElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIwIiB0b3RhbD0iMCIgZG93bmxvYWRfdGltZV9tcz0iMiIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ1Mzg2Mzg1IiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjA4NTc4OTI4NCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNWYxOTU2MTItMzg0YS00OGVhLTg0MDgtYjRlZGU5ZGM1NmJiP1AxPTE3MTUxMDUwNjAmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9UTViem9KeElwJTJmcTQ5UGZKWThuck0zY3NXc1p6NHEwbGtIZEI3RDQ3Q1c5eUUlMmJYaFF5VHVOeTJEdjdNMyUyZjlCR2VjRGN1MUd0b3QxTkxwZDZXVnN1Y1ElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIwIiB0b3RhbD0iLTEiIGRvd25sb2FkX3RpbWVfbXM9IjYwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTIwODU3OTkyNTEiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9Indpbmh0dHAiIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzVmMTk1NjEyLTM4NGEtNDhlYS04NDA4LWI0ZWRlOWRjNTZiYj9QMT0xNzE1MTA1MDYwJmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PVE1YnpvSnhJcCUyZnE0OVBmSlk4bnJNM2NzV3NaejRxMGxrSGRCN0Q0N0NXOXlFJTJiWGhReVR1TnkyRHY3TTMlMmY5QkdlY0RjdTFHdG90MU5McGQ2V1ZzdWNRJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iMTA0Ljk3LjE0LjkxIiBjZG5fY2lkPSIyIiBjZG5fY2NjPSJOTCIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE4MDQ0NDQ4IiB0b3RhbD0iMTgwNDQ0NDgiIGRvd25sb2FkX3RpbWVfbXM9IjY0NDIiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjA4NjA0OTE3OCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyMDkyMzg2NjI0IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTIxMDE4NDgzMjQiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSI3OTEiIGRvd25sb2FkX3RpbWVfbXM9IjEyMTgxIiBkb3dubG9hZGVkPSIxODA0NDQ0OCIgdG90YWw9IjE4MDQ0NDQ4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI5NDIiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\MicrosoftEdge_X64_124.0.2478.67.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff7afc888c0,0x7ff7afc888cc,0x7ff7afc888d8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,555423927018962004,2003063284827064979,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,555423927018962004,2003063284827064979,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5360 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,555423927018962004,2003063284827064979,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4768 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff7afc888c0,0x7ff7afc888cc,0x7ff7afc888d8

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RDgzMjQ0MzMtQURCNy00ODJDLThCMUUtQzhGNEMwNDI5RjZBfSIgdXNlcmlkPSJ7QjhBNzU5MTUtRUVFMS00NTEyLTk5QTUtMTMwQ0IyOEZFRDEyfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins5OEREREUzMS02OTlCLTQ3MDktOTAwQy01OUI2RkQyQjA4MkV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7RHhPYmpIR2ErblJhMmF0QzN3bytJRXBDNzgrWlllQVVia1hwREMyY2o3VT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4NS4yOSIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJJc09uSW50ZXJ2YWxDb21tYW5kc0FsbG93ZWQ9LXRhcmdldF9kZXY7UHJvZHVjdHNUb1JlZ2lzdGVyPSU3QjFGQUI4Q0ZFLTk4NjAtNDE1Qy1BNkNBLUFBN0QxMjAyMTk0MCU3RCIgaW5zdGFsbGFnZT0iMTEiIGNvaG9ydD0icnJmQDAuNzQiPjx1cGRhdGVjaGVjay8-PHBpbmcgcmQ9IjYzMjkiIHBpbmdfZnJlc2huZXNzPSJ7MDgwNzkzNzItMEYxOS00RkJFLUEwRjUtOTY2QUYzNzhFNzcxfSIvPjwvYXBwPjxhcHAgYXBwaWQ9Ins1NkVCMThGOC1CMDA4LTRDQkQtQjZEMi04Qzk3RkU3RTkwNjJ9IiB2ZXJzaW9uPSI5Mi4wLjkwMi42NyIgbmV4dHZlcnNpb249IjEyNC4wLjI0NzguNjciIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iMTEiIGlzX3Bpbm5lZF9zeXN0ZW09InRydWUiIGxhc3RfbGF1bmNoX2NvdW50PSIxIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1ODk3MzExNzc2MzAzOTAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyMzI0Njk2OTMzIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyMzI0NzQ2OTAzIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyMzYyNjE4MDg3IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyMzgwMDE4MTY5IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzU4ODM0MDEzMyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9Ijg5NiIgZG93bmxvYWRlZD0iMTcyNzIzNzY4IiB0b3RhbD0iMTcyNzIzNzY4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMiIgaW5zdGFsbF90aW1lX21zPSIxMjA4MjciLz48cGluZyBhY3RpdmU9IjAiIHJkPSI2MzI5IiBwaW5nX2ZyZXNobmVzcz0ie0E3MDczQjgyLTgzQzktNDE3Ni04RTVELTE4MjQwNTdEMUEyMn0iLz48L2FwcD48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iMTI0LjAuMjQ3OC42NyIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSIwIiBpbnN0YWxsZGF0ZT0iNjMyOCIgY29ob3J0PSJycmZAMC44MCIgbGFzdF9sYXVuY2hfY291bnQ9IjEiIGxhc3RfbGF1bmNoX3RpbWU9IjEzMzU4OTczMjU5NDg1MjY0MCI-PHVwZGF0ZWNoZWNrLz48cGluZyBhY3RpdmU9IjAiIHJkPSI2MzI5IiBwaW5nX2ZyZXNobmVzcz0iezgzODZBODk4LUQyRkYtNEUyOS1BNERBLURGRUZFRERBQ0M3Rn0iLz48L2FwcD48L3JlcXVlc3Q-

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc

Network

Country Destination Domain Proto
NL 52.142.223.178:80 tcp
US 8.8.8.8:53 create.roblox.com udp
GB 18.244.155.74:443 create.roblox.com tcp
US 8.8.8.8:53 133.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 74.155.244.18.in-addr.arpa udp
US 8.8.8.8:53 61.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 133.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 232.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 apis.roblox.com udp
DE 128.116.44.4:443 apis.roblox.com tcp
DE 128.116.44.4:443 apis.roblox.com tcp
DE 128.116.44.4:443 apis.roblox.com tcp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
DE 128.116.44.4:443 apis.roblox.com tcp
US 8.8.8.8:53 economy.roblox.com udp
US 8.8.8.8:53 locale.roblox.com udp
US 8.8.8.8:53 users.roblox.com udp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 o293668.ingest.sentry.io udp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 webblox.roblox.com udp
US 34.120.195.249:443 o293668.ingest.sentry.io tcp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
GB 99.84.9.116:443 webblox.roblox.com tcp
GB 99.84.9.116:443 webblox.roblox.com tcp
US 8.8.8.8:53 ncs.roblox.com udp
DE 128.116.44.4:443 ncs.roblox.com udp
DE 128.116.44.4:443 ncs.roblox.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
DE 128.116.44.4:443 ncs.roblox.com udp
US 8.8.8.8:53 4.44.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.44.116.128.in-addr.arpa udp
US 8.8.8.8:53 233.69.68.104.in-addr.arpa udp
US 8.8.8.8:53 249.195.120.34.in-addr.arpa udp
US 8.8.8.8:53 14.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 116.9.84.99.in-addr.arpa udp
US 8.8.8.8:53 games.roblox.com udp
US 8.8.8.8:53 thumbnails.roblox.com udp
US 8.8.8.8:53 tr.rbxcdn.com udp
NL 104.97.14.97:443 tr.rbxcdn.com tcp
NL 104.97.14.97:443 tr.rbxcdn.com tcp
NL 104.97.14.97:443 tr.rbxcdn.com tcp
NL 104.97.14.97:443 tr.rbxcdn.com tcp
NL 104.97.14.97:443 tr.rbxcdn.com tcp
NL 104.97.14.97:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
US 8.8.8.8:53 97.14.97.104.in-addr.arpa udp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
NL 23.62.61.129:443 www.bing.com tcp
US 8.8.8.8:53 205.47.74.20.in-addr.arpa udp
US 8.8.8.8:53 129.61.62.23.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 216.239.34.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 clientsettings.roblox.com udp
US 8.8.8.8:53 setup.rbxcdn.com udp
GB 13.224.245.62:443 setup.rbxcdn.com tcp
GB 13.224.245.62:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 62.245.224.13.in-addr.arpa udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 client-telemetry.roblox.com udp
DE 128.116.44.3:443 client-telemetry.roblox.com tcp
US 8.8.8.8:53 ecsv2.roblox.com udp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 setup.rbxcdn.com udp
GB 13.224.245.39:443 setup.rbxcdn.com tcp
GB 13.224.245.39:443 setup.rbxcdn.com tcp
GB 13.224.245.39:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 39.245.224.13.in-addr.arpa udp
N/A 127.0.0.1:50003 tcp
N/A 127.0.0.1:50007 tcp
N/A 127.0.0.1:50010 tcp
N/A 127.0.0.1:50014 tcp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 20.114.58.89:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 89.58.114.20.in-addr.arpa udp
US 8.8.8.8:53 msedge.f.tlu.dl.delivery.mp.microsoft.com udp
NL 104.97.14.72:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 134.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 72.14.97.104.in-addr.arpa udp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
US 8.8.8.8:53 165.191.110.104.in-addr.arpa udp
US 8.8.8.8:53 create.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 2.18.190.134:443 css.rbxcdn.com tcp
US 2.18.190.134:443 css.rbxcdn.com tcp
US 2.18.190.134:443 css.rbxcdn.com tcp
US 2.18.190.134:443 css.rbxcdn.com tcp
US 2.18.190.134:443 css.rbxcdn.com tcp
US 2.18.190.134:443 css.rbxcdn.com tcp
GB 108.138.217.67:443 static.rbxcdn.com tcp
GB 108.138.217.67:443 static.rbxcdn.com tcp
GB 18.245.253.62:443 js.rbxcdn.com tcp
GB 18.245.253.62:443 js.rbxcdn.com tcp
GB 18.245.253.62:443 js.rbxcdn.com tcp
GB 18.245.253.62:443 js.rbxcdn.com tcp
GB 18.245.253.62:443 js.rbxcdn.com tcp
GB 18.245.253.62:443 js.rbxcdn.com tcp
US 216.239.34.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 roblox.com udp
FR 128.116.122.4:443 roblox.com tcp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
US 2.18.190.134:443 css.rbxcdn.com tcp
US 8.8.8.8:53 images.rbxcdn.com udp
US 104.18.33.170:443 roblox-api.arkoselabs.com tcp
GB 216.137.44.44:443 images.rbxcdn.com tcp
GB 216.137.44.44:443 images.rbxcdn.com tcp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 4.122.116.128.in-addr.arpa udp
US 8.8.8.8:53 67.217.138.108.in-addr.arpa udp
US 8.8.8.8:53 62.253.245.18.in-addr.arpa udp
US 8.8.8.8:53 apis.rbxcdn.com udp
US 2.18.190.76:443 apis.rbxcdn.com tcp
DE 128.116.44.4:443 metrics.roblox.com udp
US 8.8.8.8:53 170.33.18.104.in-addr.arpa udp
US 8.8.8.8:53 44.44.137.216.in-addr.arpa udp
US 8.8.8.8:53 76.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 88.156.103.20.in-addr.arpa udp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 assetgame.roblox.com udp
DE 128.116.44.4:443 assetgame.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
DE 128.116.44.4:443 auth.roblox.com udp
DE 128.116.44.4:443 auth.roblox.com udp
DE 128.116.44.4:443 auth.roblox.com udp
DE 128.116.44.4:443 auth.roblox.com udp
US 34.120.195.249:443 o293668.ingest.sentry.io udp
DE 128.116.44.4:443 auth.roblox.com udp
US 8.8.8.8:53 realtime-signalr.roblox.com udp
DE 128.116.44.4:443 auth.roblox.com udp
US 8.8.8.8:53 tr.rbxcdn.com udp
NL 23.209.125.208:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 208.125.209.23.in-addr.arpa udp
US 8.8.8.8:53 webblox.roblox.com udp
GB 99.84.9.28:443 webblox.roblox.com tcp
US 8.8.8.8:53 28.9.84.99.in-addr.arpa udp
US 8.8.8.8:53 itemconfiguration.roblox.com udp
US 8.8.8.8:53 premiumfeatures.roblox.com udp
DE 128.116.44.4:443 premiumfeatures.roblox.com udp
US 8.8.8.8:53 t6.rbxcdn.com udp
US 8.8.8.8:53 t7.rbxcdn.com udp
US 8.8.8.8:53 t4.rbxcdn.com udp
US 2.18.190.136:443 t4.rbxcdn.com tcp
US 2.18.190.136:443 t4.rbxcdn.com tcp
US 2.18.190.133:443 t4.rbxcdn.com tcp
US 8.8.8.8:53 136.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
N/A 127.0.0.1:50472 tcp
N/A 127.0.0.1:50480 tcp
US 8.8.8.8:53 ephemeralcounters.api.roblox.com udp
DE 128.116.44.4:443 ephemeralcounters.api.roblox.com tcp
N/A 127.0.0.1:50483 tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
US 8.8.8.8:53 apis.roblox.com udp
DE 128.116.44.4:443 apis.roblox.com tcp
N/A 127.0.0.1:50487 tcp
US 8.8.8.8:53 apis.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
DE 128.116.44.4:443 apis.roblox.com tcp
DE 128.116.44.4:443 apis.roblox.com tcp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
GB 108.138.217.67:443 static.rbxcdn.com tcp
GB 108.138.217.67:443 static.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 216.137.44.8:443 images.rbxcdn.com tcp
GB 18.245.253.62:443 js.rbxcdn.com tcp
GB 18.245.253.62:443 js.rbxcdn.com tcp
GB 18.245.253.62:443 js.rbxcdn.com tcp
GB 18.245.253.62:443 js.rbxcdn.com tcp
GB 18.245.253.62:443 js.rbxcdn.com tcp
GB 18.245.253.62:443 js.rbxcdn.com tcp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
NL 128.116.21.4:443 roblox.com tcp
US 172.64.154.86:443 roblox-api.arkoselabs.com tcp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 metrics.roblox.com udp
GB 216.137.44.23:443 css.rbxcdn.com tcp
DE 128.116.44.4:443 metrics.roblox.com udp
DE 128.116.44.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 roblox.com tcp
US 8.8.8.8:53 apis.rbxcdn.com udp
US 8.8.8.8:53 apis.rbxcdn.com udp
US 172.64.154.86:443 roblox-api.arkoselabs.com udp
US 2.18.190.83:443 apis.rbxcdn.com tcp
US 8.8.8.8:53 23.44.137.216.in-addr.arpa udp
US 8.8.8.8:53 8.44.137.216.in-addr.arpa udp
US 8.8.8.8:53 86.154.64.172.in-addr.arpa udp
DE 128.116.44.4:443 metrics.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 4.21.116.128.in-addr.arpa udp
US 8.8.8.8:53 83.190.18.2.in-addr.arpa udp
DE 128.116.44.3:443 ecsv2.roblox.com udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.4.4:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.8.8:53 4.4.8.8.in-addr.arpa udp
US 8.8.4.4:443 dns.google udp
N/A 127.0.0.1:50944 tcp
US 8.8.8.8:53 users.roblox.com udp
DE 128.116.44.4:443 users.roblox.com tcp
DE 128.116.44.4:443 users.roblox.com tcp
DE 128.116.44.4:443 users.roblox.com tcp
US 8.8.8.8:53 realtime-signalr.roblox.com udp
DE 128.116.44.4:443 users.roblox.com tcp
DE 128.116.44.4:443 users.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
US 8.8.8.8:53 develop.roblox.com udp
DE 128.116.44.4:443 develop.roblox.com tcp
DE 128.116.44.4:443 develop.roblox.com tcp
DE 128.116.44.4:443 develop.roblox.com tcp
N/A 127.0.0.1:51146 tcp
N/A 127.0.0.1:52383 tcp
N/A 127.0.0.1:52385 tcp
N/A 127.0.0.1:52387 tcp
US 8.8.8.8:53 assetgame.roblox.com udp
DE 128.116.44.4:443 assetgame.roblox.com tcp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 clientsettings.roblox.com udp
DE 128.116.44.4:443 clientsettings.roblox.com tcp
DE 128.116.44.4:443 clientsettings.roblox.com tcp
DE 128.116.44.4:443 clientsettings.roblox.com tcp
US 8.8.8.8:53 thumbnails.roblox.com udp
DE 128.116.44.4:443 thumbnails.roblox.com tcp
DE 128.116.44.4:443 thumbnails.roblox.com tcp
US 8.8.8.8:53 tr.rbxcdn.com udp
NL 104.97.14.97:443 tr.rbxcdn.com tcp
NL 104.97.14.97:443 tr.rbxcdn.com tcp
NL 104.97.14.97:443 tr.rbxcdn.com tcp
NL 104.97.14.97:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 assetdelivery.roblox.com udp
DE 128.116.44.4:443 assetdelivery.roblox.com tcp
NL 104.97.14.97:443 tr.rbxcdn.com tcp
NL 104.97.14.97:443 tr.rbxcdn.com tcp
NL 104.97.14.97:443 tr.rbxcdn.com tcp
NL 104.97.14.97:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 t7.rbxcdn.com udp
US 8.8.8.8:53 t6.rbxcdn.com udp
US 8.8.8.8:53 t4.rbxcdn.com udp
ZA 52.85.24.27:443 t7.rbxcdn.com tcp
GB 108.138.233.44:443 t6.rbxcdn.com tcp
GB 13.224.132.36:443 t4.rbxcdn.com tcp
US 8.8.8.8:53 c2.rbxcdn.com udp
GB 18.245.143.71:443 c2.rbxcdn.com tcp
N/A 127.0.0.1:52400 tcp
N/A 127.0.0.1:52403 tcp
N/A 127.0.0.1:52405 tcp
N/A 127.0.0.1:52559 tcp
N/A 127.0.0.1:52568 tcp
N/A 127.0.0.1:52588 tcp
N/A 127.0.0.1:52604 tcp
N/A 127.0.0.1:52681 tcp
N/A 127.0.0.1:52813 tcp
N/A 127.0.0.1:52815 tcp
N/A 127.0.0.1:52817 tcp
N/A 127.0.0.1:52829 tcp
US 8.8.8.8:53 27.24.85.52.in-addr.arpa udp
US 8.8.8.8:53 71.143.245.18.in-addr.arpa udp
US 8.8.8.8:53 44.233.138.108.in-addr.arpa udp
US 8.8.8.8:53 36.132.224.13.in-addr.arpa udp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.4:443 assetdelivery.roblox.com tcp
DE 128.116.44.4:443 assetdelivery.roblox.com tcp
N/A 127.0.0.1:52863 tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
US 8.8.8.8:53 gamejoin.roblox.com udp
DE 128.116.44.4:443 gamejoin.roblox.com udp
DE 128.116.44.4:443 gamejoin.roblox.com udp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
DE 128.116.44.4:443 gamejoin.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
N/A 127.0.0.1:52875 tcp
N/A 127.0.0.1:52882 tcp
N/A 127.0.0.1:52885 tcp
N/A 127.0.0.1:52888 tcp
DE 128.116.44.4:443 gamejoin.roblox.com tcp
US 8.8.8.8:53 users.roblox.com udp
DE 128.116.44.4:443 users.roblox.com tcp
DE 128.116.44.4:443 users.roblox.com tcp
DE 128.116.44.4:443 users.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.4:443 users.roblox.com tcp
DE 128.116.44.4:443 users.roblox.com tcp
N/A 127.0.0.1:52897 tcp
N/A 127.0.0.1:52909 tcp
N/A 127.0.0.1:54153 tcp
N/A 127.0.0.1:54155 tcp
N/A 127.0.0.1:54157 tcp
DE 128.116.44.4:443 users.roblox.com tcp
DE 128.116.44.4:443 users.roblox.com tcp
DE 128.116.44.4:443 users.roblox.com tcp
DE 128.116.44.4:443 users.roblox.com tcp
DE 128.116.44.4:443 users.roblox.com tcp
DE 128.116.44.4:443 users.roblox.com tcp
US 8.8.8.8:53 gamejoin.roblox.com udp
DE 128.116.44.4:443 gamejoin.roblox.com tcp
DE 128.116.44.4:443 gamejoin.roblox.com tcp
N/A 127.0.0.1:54170 tcp
N/A 127.0.0.1:54173 tcp
N/A 127.0.0.1:54176 tcp
N/A 127.0.0.1:54179 tcp
DE 128.116.44.4:443 gamejoin.roblox.com tcp
US 8.8.8.8:53 avatar.roblox.com udp
NL 128.116.21.33:51348 udp
DE 128.116.44.4:443 avatar.roblox.com tcp
US 8.8.8.8:53 tr.rbxcdn.com udp
NL 104.97.14.97:443 tr.rbxcdn.com tcp
NL 104.97.14.97:443 tr.rbxcdn.com tcp
NL 104.97.14.97:443 tr.rbxcdn.com tcp
NL 104.97.14.97:443 tr.rbxcdn.com tcp
NL 104.97.14.97:443 tr.rbxcdn.com tcp
NL 104.97.14.97:443 tr.rbxcdn.com tcp
NL 104.97.14.97:443 tr.rbxcdn.com tcp
NL 104.97.14.97:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 t7.rbxcdn.com udp
GB 108.138.233.44:443 t6.rbxcdn.com tcp
GB 13.224.132.36:443 t4.rbxcdn.com tcp
GB 18.172.153.19:443 t7.rbxcdn.com tcp
DE 128.116.44.4:443 avatar.roblox.com tcp
US 8.8.8.8:53 33.21.116.128.in-addr.arpa udp
DE 128.116.44.4:443 avatar.roblox.com tcp
DE 128.116.44.4:443 avatar.roblox.com tcp
DE 128.116.44.4:443 avatar.roblox.com tcp
DE 128.116.44.4:443 avatar.roblox.com tcp
DE 128.116.44.4:443 avatar.roblox.com tcp
DE 128.116.44.4:443 avatar.roblox.com tcp
US 8.8.8.8:53 c0.rbxcdn.com udp
GB 18.245.143.117:443 c0.rbxcdn.com tcp
US 8.8.8.8:53 c5.rbxcdn.com udp
US 8.8.8.8:53 c1.rbxcdn.com udp
GB 18.245.143.71:443 c2.rbxcdn.com tcp
US 8.8.8.8:53 c7.rbxcdn.com udp
GB 18.245.143.117:443 c0.rbxcdn.com tcp
GB 18.244.114.35:443 c5.rbxcdn.com tcp
GB 18.172.153.106:443 c1.rbxcdn.com tcp
GB 18.244.114.112:443 c7.rbxcdn.com tcp
GB 18.172.153.106:443 c1.rbxcdn.com tcp
DE 128.116.44.4:443 avatar.roblox.com tcp
US 8.8.8.8:53 chat.roblox.com udp
DE 128.116.44.4:443 chat.roblox.com tcp
US 8.8.8.8:53 economy.roblox.com udp
DE 128.116.44.4:443 economy.roblox.com tcp
US 8.8.8.8:53 117.143.245.18.in-addr.arpa udp
US 8.8.8.8:53 35.114.244.18.in-addr.arpa udp
US 8.8.8.8:53 106.153.172.18.in-addr.arpa udp
US 8.8.8.8:53 112.114.244.18.in-addr.arpa udp
N/A 127.0.0.1:54340 tcp
N/A 127.0.0.1:54410 tcp
N/A 127.0.0.1:54412 tcp
N/A 127.0.0.1:54427 tcp
N/A 127.0.0.1:54502 tcp
N/A 127.0.0.1:54504 tcp
N/A 127.0.0.1:54506 tcp
N/A 127.0.0.1:54592 tcp
N/A 127.0.0.1:54594 tcp
N/A 127.0.0.1:54597 tcp
N/A 127.0.0.1:54606 tcp
N/A 127.0.0.1:54622 tcp
N/A 127.0.0.1:54635 tcp
N/A 127.0.0.1:54641 tcp
N/A 127.0.0.1:54643 tcp
N/A 127.0.0.1:54645 tcp
N/A 127.0.0.1:54660 tcp
N/A 127.0.0.1:54693 tcp
N/A 127.0.0.1:54696 tcp
N/A 127.0.0.1:54699 tcp
DE 128.116.44.4:443 apis.roblox.com tcp
DE 128.116.44.4:443 apis.roblox.com tcp
GB 18.245.143.71:443 c2.rbxcdn.com tcp
GB 18.245.143.71:443 c2.rbxcdn.com tcp
US 8.8.8.8:53 c3.rbxcdn.com udp
GB 18.244.114.13:443 c3.rbxcdn.com tcp
GB 18.244.114.13:443 c3.rbxcdn.com tcp
US 8.8.8.8:53 t3.rbxcdn.com udp
US 2.18.190.136:443 t3.rbxcdn.com tcp
US 8.8.8.8:53 13.114.244.18.in-addr.arpa udp
GB 13.224.132.36:443 t4.rbxcdn.com tcp
GB 13.224.132.36:443 t4.rbxcdn.com tcp
US 8.8.8.8:53 t0.rbxcdn.com udp
US 8.8.8.8:53 t1.rbxcdn.com udp
US 8.8.8.8:53 t5.rbxcdn.com udp
US 2.18.190.136:443 t1.rbxcdn.com tcp
GB 143.204.194.74:443 t1.rbxcdn.com tcp
GB 143.204.194.74:443 t1.rbxcdn.com tcp
GB 13.224.245.117:443 t5.rbxcdn.com tcp
GB 13.224.245.117:443 t5.rbxcdn.com tcp
GB 143.204.194.74:443 t1.rbxcdn.com tcp
US 2.18.190.136:443 t1.rbxcdn.com tcp
GB 108.138.233.44:443 t6.rbxcdn.com tcp
US 2.18.190.136:443 t1.rbxcdn.com tcp
US 8.8.8.8:53 t2.rbxcdn.com udp
US 8.8.8.8:53 74.194.204.143.in-addr.arpa udp
US 8.8.8.8:53 117.245.224.13.in-addr.arpa udp
US 2.18.190.136:443 t2.rbxcdn.com tcp
US 2.18.190.136:443 t2.rbxcdn.com tcp
US 2.18.190.136:443 t2.rbxcdn.com tcp
GB 108.138.233.44:443 t6.rbxcdn.com tcp
US 2.18.190.136:443 t2.rbxcdn.com tcp
US 2.18.190.136:443 t2.rbxcdn.com tcp
GB 143.204.194.74:443 t1.rbxcdn.com tcp
GB 143.204.194.74:443 t1.rbxcdn.com tcp
GB 13.224.245.117:443 t5.rbxcdn.com tcp
US 2.18.190.136:443 t2.rbxcdn.com tcp
GB 18.172.153.19:443 t7.rbxcdn.com tcp
GB 13.224.245.117:443 t5.rbxcdn.com tcp
US 8.8.8.8:53 19.153.172.18.in-addr.arpa udp
GB 18.172.153.19:443 t7.rbxcdn.com tcp
GB 143.204.194.74:443 t1.rbxcdn.com tcp
GB 143.204.194.74:443 t1.rbxcdn.com tcp
GB 108.138.233.44:443 t6.rbxcdn.com tcp
GB 18.172.153.19:443 t7.rbxcdn.com tcp
GB 18.172.153.19:443 t7.rbxcdn.com tcp
DE 128.116.44.4:443 apis.roblox.com tcp
DE 128.116.44.4:443 apis.roblox.com tcp
DE 128.116.44.4:443 apis.roblox.com tcp
US 8.8.8.8:53 itemconfiguration.roblox.com udp
DE 128.116.44.4:443 itemconfiguration.roblox.com tcp
DE 128.116.44.4:443 itemconfiguration.roblox.com tcp
DE 128.116.44.4:443 itemconfiguration.roblox.com tcp
DE 128.116.44.4:443 itemconfiguration.roblox.com tcp
US 8.8.8.8:53 inventory.roblox.com udp
DE 128.116.44.4:443 inventory.roblox.com tcp
DE 128.116.44.4:443 inventory.roblox.com tcp
DE 128.116.44.4:443 inventory.roblox.com tcp
NL 104.97.14.97:443 tr.rbxcdn.com tcp
NL 104.97.14.97:443 tr.rbxcdn.com tcp
N/A 127.0.0.1:54743 tcp
N/A 127.0.0.1:54777 tcp
N/A 127.0.0.1:54853 tcp
N/A 127.0.0.1:54862 tcp
N/A 127.0.0.1:54864 tcp
N/A 127.0.0.1:54866 tcp
N/A 127.0.0.1:54881 tcp
N/A 127.0.0.1:54918 tcp
N/A 127.0.0.1:54920 tcp
US 8.8.8.8:53 thumbnails.roblox.com udp
DE 128.116.44.4:443 thumbnails.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
N/A 127.0.0.1:55715 tcp
N/A 127.0.0.1:55765 tcp
N/A 127.0.0.1:55767 tcp
N/A 127.0.0.1:55769 tcp
DE 128.116.44.4:443 thumbnails.roblox.com tcp
DE 128.116.44.4:443 thumbnails.roblox.com tcp
N/A 127.0.0.1:63753 tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
N/A 127.0.0.1:63756 tcp
DE 128.116.44.4:443 thumbnails.roblox.com tcp
DE 128.116.44.4:443 thumbnails.roblox.com tcp
N/A 127.0.0.1:63768 tcp
N/A 127.0.0.1:63771 tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
DE 128.116.44.4:443 thumbnails.roblox.com tcp
DE 128.116.44.4:443 thumbnails.roblox.com tcp
N/A 127.0.0.1:63776 tcp
N/A 127.0.0.1:63779 tcp
DE 128.116.44.4:443 thumbnails.roblox.com tcp
DE 128.116.44.4:443 thumbnails.roblox.com tcp
DE 128.116.44.4:443 thumbnails.roblox.com tcp
DE 128.116.44.4:443 thumbnails.roblox.com tcp
DE 128.116.44.4:443 thumbnails.roblox.com tcp
DE 128.116.44.4:443 thumbnails.roblox.com tcp
N/A 127.0.0.1:65094 tcp
N/A 127.0.0.1:65096 tcp
N/A 127.0.0.1:65098 tcp
US 8.8.8.8:53 gamejoin.roblox.com udp
US 8.8.8.8:53 clientsettings.roblox.com udp
DE 128.116.44.4:443 clientsettings.roblox.com tcp
DE 128.116.44.4:443 clientsettings.roblox.com tcp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
DE 128.116.44.4:443 clientsettings.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.4:443 clientsettings.roblox.com tcp
N/A 127.0.0.1:59885 tcp
N/A 127.0.0.1:59892 tcp
N/A 127.0.0.1:59895 tcp
N/A 127.0.0.1:59898 tcp
DE 128.116.44.4:443 clientsettings.roblox.com tcp
DE 128.116.44.4:443 clientsettings.roblox.com tcp
DE 128.116.44.4:443 clientsettings.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.4:443 clientsettings.roblox.com tcp
DE 128.116.44.4:443 clientsettings.roblox.com tcp
N/A 127.0.0.1:59914 tcp
DE 128.116.44.4:443 clientsettings.roblox.com tcp
DE 128.116.44.4:443 clientsettings.roblox.com tcp
DE 128.116.44.4:443 clientsettings.roblox.com tcp
DE 128.116.44.4:443 clientsettings.roblox.com tcp
US 8.8.8.8:53 www.roblox.com udp
DE 128.116.44.4:443 www.roblox.com tcp
N/A 127.0.0.1:59917 tcp
N/A 127.0.0.1:59923 tcp
DE 128.116.44.4:443 www.roblox.com tcp
US 8.8.8.8:53 gamejoin.roblox.com udp
DE 128.116.44.4:443 gamejoin.roblox.com tcp
DE 128.116.44.4:443 gamejoin.roblox.com tcp
DE 128.116.44.4:443 gamejoin.roblox.com tcp
DE 128.116.44.4:443 gamejoin.roblox.com tcp
US 8.8.8.8:53 tr.rbxcdn.com udp
NL 104.97.14.83:443 tr.rbxcdn.com tcp
NL 104.97.14.83:443 tr.rbxcdn.com tcp
NL 104.97.14.83:443 tr.rbxcdn.com tcp
NL 104.97.14.83:443 tr.rbxcdn.com tcp
NL 104.97.14.83:443 tr.rbxcdn.com tcp
NL 104.97.14.83:443 tr.rbxcdn.com tcp
NL 104.97.14.83:443 tr.rbxcdn.com tcp
NL 104.97.14.83:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 avatar.roblox.com udp
DE 128.116.5.33:64647 udp
DE 128.116.44.4:443 avatar.roblox.com tcp
US 8.8.8.8:53 t0.rbxcdn.com udp
US 8.8.8.8:53 t7.rbxcdn.com udp
US 8.8.8.8:53 t6.rbxcdn.com udp
US 8.8.8.8:53 t4.rbxcdn.com udp
GB 18.245.253.127:443 t0.rbxcdn.com tcp
GB 108.138.217.96:443 t4.rbxcdn.com tcp
GB 18.245.218.11:443 t7.rbxcdn.com tcp
GB 108.138.233.44:443 t6.rbxcdn.com tcp
DE 128.116.44.4:443 avatar.roblox.com tcp
US 8.8.8.8:53 33.5.116.128.in-addr.arpa udp
US 8.8.8.8:53 83.14.97.104.in-addr.arpa udp
US 8.8.8.8:53 127.253.245.18.in-addr.arpa udp
US 8.8.8.8:53 96.217.138.108.in-addr.arpa udp
US 8.8.8.8:53 11.218.245.18.in-addr.arpa udp
DE 128.116.44.4:443 avatar.roblox.com tcp
DE 128.116.44.4:443 avatar.roblox.com tcp
DE 128.116.44.4:443 avatar.roblox.com tcp
DE 128.116.44.4:443 avatar.roblox.com tcp
DE 128.116.44.4:443 avatar.roblox.com tcp
DE 128.116.44.4:443 avatar.roblox.com tcp
DE 128.116.44.4:443 avatar.roblox.com tcp
US 8.8.8.8:53 c2.rbxcdn.com udp
GB 18.245.143.120:443 c2.rbxcdn.com tcp
GB 18.245.143.120:443 c2.rbxcdn.com tcp
US 8.8.8.8:53 c5.rbxcdn.com udp
US 8.8.8.8:53 c7.rbxcdn.com udp
US 8.8.8.8:53 c6.rbxcdn.com udp
US 2.18.190.146:443 c5.rbxcdn.com tcp
US 2.18.190.146:443 c5.rbxcdn.com tcp
US 2.18.190.146:443 c5.rbxcdn.com tcp
US 8.8.8.8:53 c0.rbxcdn.com udp
US 2.18.190.134:443 c7.rbxcdn.com tcp
GB 18.244.114.86:443 c6.rbxcdn.com tcp
US 8.8.8.8:53 c4.rbxcdn.com udp
GB 18.245.143.90:443 c0.rbxcdn.com tcp
DE 128.116.44.4:443 avatar.roblox.com tcp
GB 108.138.233.82:443 c4.rbxcdn.com tcp
GB 108.138.233.82:443 c4.rbxcdn.com tcp
DE 128.116.44.4:443 avatar.roblox.com tcp
N/A 127.0.0.1:61166 tcp
N/A 127.0.0.1:61169 tcp
N/A 127.0.0.1:61181 tcp
N/A 127.0.0.1:61184 tcp
DE 128.116.44.4:443 avatar.roblox.com tcp
US 8.8.8.8:53 120.143.245.18.in-addr.arpa udp
US 8.8.8.8:53 146.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 86.114.244.18.in-addr.arpa udp
US 8.8.8.8:53 90.143.245.18.in-addr.arpa udp
US 8.8.8.8:53 82.233.138.108.in-addr.arpa udp
DE 128.116.44.4:443 avatar.roblox.com tcp
N/A 127.0.0.1:61411 tcp
N/A 127.0.0.1:61413 tcp
N/A 127.0.0.1:61415 tcp
N/A 127.0.0.1:61419 tcp
N/A 127.0.0.1:61421 tcp
N/A 127.0.0.1:61437 tcp
N/A 127.0.0.1:61596 tcp
N/A 127.0.0.1:61599 tcp
N/A 127.0.0.1:61602 tcp
N/A 127.0.0.1:61604 tcp
N/A 127.0.0.1:61606 tcp
N/A 127.0.0.1:61617 tcp
N/A 127.0.0.1:61648 tcp
N/A 127.0.0.1:61661 tcp
N/A 127.0.0.1:61671 tcp
N/A 127.0.0.1:61673 tcp
N/A 127.0.0.1:61685 tcp
N/A 127.0.0.1:61687 tcp
N/A 127.0.0.1:61689 tcp
N/A 127.0.0.1:61712 tcp
N/A 127.0.0.1:61723 tcp
N/A 127.0.0.1:61756 tcp
N/A 127.0.0.1:61765 tcp
US 8.8.8.8:53 c3.rbxcdn.com udp
US 8.8.8.8:53 c1.rbxcdn.com udp
US 2.18.190.139:443 c3.rbxcdn.com tcp
GB 18.245.218.49:443 c1.rbxcdn.com tcp
US 8.8.8.8:53 49.218.245.18.in-addr.arpa udp
US 8.8.8.8:53 139.190.18.2.in-addr.arpa udp
GB 18.245.218.49:443 c1.rbxcdn.com tcp
N/A 127.0.0.1:61787 tcp
US 8.8.8.8:53 t2.rbxcdn.com udp
US 8.8.8.8:53 t3.rbxcdn.com udp
N/A 127.0.0.1:61805 tcp
GB 18.172.153.92:443 t2.rbxcdn.com tcp
GB 18.244.114.60:443 t3.rbxcdn.com tcp
US 8.8.8.8:53 t5.rbxcdn.com udp
GB 13.224.245.106:443 t5.rbxcdn.com tcp
GB 108.138.233.44:443 t6.rbxcdn.com tcp
GB 13.224.245.106:443 t5.rbxcdn.com tcp
US 8.8.8.8:53 t1.rbxcdn.com udp
N/A 127.0.0.1:61868 tcp
GB 18.245.187.116:443 t1.rbxcdn.com tcp
N/A 127.0.0.1:61882 tcp
US 8.8.8.8:53 92.153.172.18.in-addr.arpa udp
US 8.8.8.8:53 60.114.244.18.in-addr.arpa udp
US 8.8.8.8:53 106.245.224.13.in-addr.arpa udp
US 8.8.8.8:53 116.187.245.18.in-addr.arpa udp
DE 128.116.44.4:443 avatar.roblox.com tcp
N/A 127.0.0.1:61904 tcp
N/A 127.0.0.1:61919 tcp
DE 128.116.44.4:443 avatar.roblox.com tcp
DE 128.116.44.4:443 avatar.roblox.com tcp
DE 128.116.44.4:443 avatar.roblox.com tcp
N/A 127.0.0.1:62181 tcp
N/A 127.0.0.1:62231 tcp
N/A 127.0.0.1:62233 tcp
N/A 127.0.0.1:62235 tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.4:443 avatar.roblox.com tcp
US 8.8.8.8:53 t0.rbxcdn.com udp
US 2.18.190.133:443 t0.rbxcdn.com tcp
US 8.8.8.8:53 12.173.189.20.in-addr.arpa udp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
N/A 127.0.0.1:54642 tcp
US 8.8.8.8:53 44.242.123.52.in-addr.arpa udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 23.102.129.60:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 60.129.102.23.in-addr.arpa udp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
NL 23.209.125.171:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 171.125.209.23.in-addr.arpa udp
DE 128.116.44.4:443 avatar.roblox.com tcp
N/A 127.0.0.1:54977 tcp
US 8.8.8.8:53 ephemeralcounters.api.roblox.com udp
DE 128.116.44.4:443 ephemeralcounters.api.roblox.com tcp
US 8.8.8.8:53 assetgame.roblox.com udp
N/A 127.0.0.1:54989 tcp
N/A 127.0.0.1:54992 tcp
DE 128.116.44.4:443 assetgame.roblox.com tcp
N/A 127.0.0.1:55005 tcp
DE 128.116.44.4:443 assetgame.roblox.com tcp
DE 128.116.44.4:443 assetgame.roblox.com tcp
N/A 127.0.0.1:55016 tcp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 23.102.129.60:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
NL 104.97.14.91:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 91.14.97.104.in-addr.arpa udp
US 23.102.129.60:443 msedge.api.cdp.microsoft.com tcp
DE 128.116.44.4:443 assetgame.roblox.com tcp
N/A 127.0.0.1:55067 tcp
US 8.8.8.8:53 apis.roblox.com udp
DE 128.116.44.4:443 apis.roblox.com tcp
N/A 127.0.0.1:60844 tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 919c29d42fb6034fee2f5de14d573c63
SHA1 24a2e1042347b3853344157239bde3ed699047a8
SHA256 17cd6de97a0c020cb4935739cfef4ec4e074e8d127ac4c531b6dc496580c8141
SHA512 bb7eadd087bbcec8b1b8a49b102b454333f2f9708d36b6ffc3c82fdc52e46873398d967238c3bfe9ac6caef45b017a5fe3938ebf5f3053e4ef9be7b2752b563d

\??\pipe\LOCAL\crashpad_2916_UWJOQVHMKHWISAUX

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 8b2290ca03b4ca5fe52d82550c7e7d69
SHA1 20583a7851a906444204ce8ba4fa51153e6cd494
SHA256 f9ff4871fc5317299de907489d466e630be63d698c8f7cb77cc81faddbecc6d2
SHA512 704ec8122cc1c263dff67ddbb5c20ee0db8a438674d716bc3be5b266ee5629a219b0049d721f9eb2dd8f2d8fda0163659eaa4d3e1f0a6e9072a8ffb92bb2b25d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9b16bdf1b5ca64479643a7b37362dcb1
SHA1 e78e9f0129f6508551682c97ca49b4d4fa6a9372
SHA256 d0d43b7d99fc19d5835b69f7832516aba7bbd604428cd305880a6df35b6899a7
SHA512 d2b2df58098fae0d4f485069eca60b227301035faa8f1899853f6184a2aa6f4c55bd1ea2ef3082d5e935b5b15374c3feed5257129c12f0fd5048a10ed065d0b5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 62ef33cadb79eb560b81c9a0bbaf8356
SHA1 05e74d27e1b4eea6f93c7492227f5280043d22c7
SHA256 257a5f06a739ca0fbcb20e33967166e5ddc8adc1303ca1a976ba5bf6907152c5
SHA512 ba1ebbc3dc04ae267bd0880cf11cb62bae8d4950db97bff7a32824830dff8882b5e139a87c30a0f9ac8b619dd43f218841ebd32986bf6a85136bbb3b4b3920e5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 999e194540afa47b4d4065eca93da673
SHA1 5bfcd5696ce8c2e358d734d203e46288c2659090
SHA256 8ef3bc4d9ccf7c67164cf972ddbe339ef895adfe6cbf189c65c74e8e9e5c4d16
SHA512 408e763290710d0aaa3bc6e0f4de16c01b2d8a9d09d7cad61e096864f56f0098f6b01e49950c9f77a828e4182c9ae6832f5e2eaff887719523300420eecb0fcd

C:\Users\Admin\Downloads\Unconfirmed 750979.crdownload

MD5 911c020a364b10fe1de664c01de4534c
SHA1 8731aee51722d2e1604864eb8f03abe3e6d35441
SHA256 cb84418aa6ff71e927125f05cd74b10cef07b40fe19a17f9ba5c3bd57f2d9591
SHA512 7e2c2259dde1fcb1a10a3864b1e24f892fb28d1c0a9a8b1b32d6b512d9f49b031cf6119f55dad008f0b2a5dc87ae606ee0c2918fdc44fc307d56bc933537db7b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 e44f0d69ae0e91b70cfcfd8344586d1f
SHA1 57b55caee5a2a672ef6dd7665f256bcf5f842f41
SHA256 96b2a4d553ffd3ee813ce0ad9f5125946cddf311133b76fb04252dd042c2dd2a
SHA512 0f417ab4620ae29ed2af7e18efecd9e00473e5d9a47f5817df2d5748de7a71480457998373ddae51a5011289e94133d9cd79e1e79d8c52edf30c66694096801c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ac7b4d1eec0c864c2caac4ff69b6d699
SHA1 b1050cc9be1d29b762de237ccfdd113905ef61d1
SHA256 c0d58b321212b15c88cde9e43380a92d6645f27d1b1956d70403fe397df40c2a
SHA512 b40d78b7228f115a6afd747dfc61db646caa8234c5ea73c31313c33591e53c5cdf6157571621e5e99091c281e4fa5279a1a8afbdd15e58dcb6abeb916e392372

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe579cad.TMP

MD5 255dc41204311d8b87cbbd439af62b7f
SHA1 17dfaff92104a0488db79941d4e04504824c2181
SHA256 41bc0665f4b96f2e513f37afa4fb77708898077d79d7560554c216c73b2e1452
SHA512 b5e6cfc9decb0810ed40d820c26113b18b1354499cd490470715e40f5e00f4d36a8acf9f2cea7750b60536c351d7e9b2540e3d5ad4b5afcd7cd37490adb77c53

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 fb5b793dbc7dfcf0774d937eb75b33e1
SHA1 246ab9b7a86cc3ed17b17fee2532a2e9d283a068
SHA256 01147829d3e4cd10cea0cecc42a73bc0f154c901b4a9f666bf7cba339d760ebb
SHA512 9244666b630516ff758e5035affaab023fc5c879b0d446a8b0aad19ee78dff9613023c0880e2cfa820efb2ff2d55a804b24016e2dd53a7be17f125de20ccd65c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 d7d9bd15c3534ea1e61df1cce9350964
SHA1 a55f8b5803552adea87eabc05ba8c72f4c582046
SHA256 c62ae5a8d5058566a3b394b6e66aebf4ed99558bbbb85a2d43b493948f722e28
SHA512 a3d40844896e85441d0ad2c2e4e945669cb3b3fec7c30e04aa15caa217ae96bcb87dd86abb499b69fe03047fe1fe2c435dfd43218c6ae53fd8dd174f30c28af2

C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MD5 610b1b60dc8729bad759c92f82ee2804
SHA1 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552
SHA256 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08
SHA512 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\MicrosoftEdgeUpdate.exe

MD5 4dc57ab56e37cd05e81f0d8aaafc5179
SHA1 494a90728d7680f979b0ad87f09b5b58f16d1cd5
SHA256 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718
SHA512 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdate.dll

MD5 965b3af7886e7bf6584488658c050ca2
SHA1 72daabdde7cd500c483d0eeecb1bd19708f8e4a5
SHA256 d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19
SHA512 1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_en.dll

MD5 4a1e3cf488e998ef4d22ac25ccc520a5
SHA1 dc568a6e3c9465474ef0d761581c733b3371b1cd
SHA256 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011
SHA512 ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\MicrosoftEdgeUpdateCore.exe

MD5 c044dcfa4d518df8fc9d4a161d49cece
SHA1 91bd4e933b22c010454fd6d3e3b042ab6e8b2149
SHA256 9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2
SHA512 f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe

MD5 60dba9b06b56e58f5aea1a4149c743d2
SHA1 a7e456acf64dd99ca30259cf45b88cf2515a69b3
SHA256 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112
SHA512 e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_am.dll

MD5 f6c1324070b6c4e2a8f8921652bfbdfa
SHA1 988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf
SHA256 986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717
SHA512 63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_bn.dll

MD5 7dc58c4e27eaf84ae9984cff2cc16235
SHA1 3f53499ddc487658932a8c2bcf562ba32afd3bda
SHA256 e32f77ed3067d7735d10f80e5a0aa0c50c993b59b82dc834f2583c314e28fa98
SHA512 bdec1300cf83ea06dfd351fe1252b850fecea08f9ef9cb1207fce40ce30742348db953107ade6cdb0612af2e774345faf03a8a6476f2f26735eb89153b4256dc

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_el.dll

MD5 ac275b6e825c3bd87d96b52eac36c0f6
SHA1 29e537d81f5d997285b62cd2efea088c3284d18f
SHA256 223d2db0bc2cc82bda04a0a2cd2b7f6cb589e2fa5c0471a2d5eb04d2ffcfcfa0
SHA512 bba581412c4297c4daf245550a2656cdc2923f77158b171e0eacf6e933c174eac84580864813cf6d75d73d1a58e0caf46170aee3cee9d84dc468379252b16679

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_hi.dll

MD5 34cbaeb5ec7984362a3dabe5c14a08ec
SHA1 d88ec7ac1997b7355e81226444ec4740b69670d7
SHA256 024c5eae16e45abe2237c2a5d868563550ac596f1f7d777e25234c17d9461dd9
SHA512 008c8443a3e93c4643a9e8735a1c59c24ba2f7a789606a86da54c921c34cbc0cb11c88594544d8509a8e71b6a287c043b1ffe2d39b90af53b4cde3847d891ba8

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_it.dll

MD5 497ca0a8950ae5c8c31c46eb91819f58
SHA1 01e7e61c04de64d2df73322c22208a87d6331fc8
SHA256 abe2360a585b6671ec3a69d14077b43ae8f9e92b6077b80a147dfe36792bb1b7
SHA512 070398af980f193ff90b4afaecb3822534ef3171eca7228bce395af11ca38364bc47cab7df1e71187ef291f90978bdc37a8611d2992b1800cd1de6aa7fda09d9

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_is.dll

MD5 5664c7a059ceb096d4cdaae6e2b96b8f
SHA1 bf0095cd7470bf4d7c9566ba0fd3b75c8b9e57ec
SHA256 a3a2947064267d17474c168d3189b0d372e36e53bf0efb9c228d314fc802d98e
SHA512 015dcb17b297a0aaad41c7b0b2199187e435855fd3977d16402be774622cc4f6b55d04ba9159a89e26e350c5602928c76dd9386be3974437b41888a0cfdddfa8

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_id.dll

MD5 03d4c35b188204f62fc1c46320e80802
SHA1 07efb737c8b072f71b3892b807df8c895b20868c
SHA256 192585d7f4a8a0cd95e338863c14233cdd8150f9f6f7dd8a405da0670110ee95
SHA512 7e67ea953ea58ff43e049ce519ae077eec631325604896479526627d688f2fa3bfc855a55ac23a76b1c9ef8cd75274265b8238423b95a2437be7250db0db31b1

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_hu.dll

MD5 f4976c580ba37fc9079693ebf5234fea
SHA1 7326d2aa8f6109084728323d44a7fb975fc1ed3f
SHA256 b16755fdbcc796ef4eb937759fe2c3518c694f5d186970d55a5a5e5d906cb791
SHA512 e43636d8c947e981258e649712ad43f37c1aab01916539b93c082959fb5c6764c9c44979650092202839e812e6f252c6c3eaf66d3d195c1efd39c74c81ad1981

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_hr.dll

MD5 0b475965c311203bf3a592be2f5d5e00
SHA1 b5ff1957c0903a93737666dee0920b1043ddaf70
SHA256 65915ad11b9457d145795a1e8d151f898ec2dcb8b136967e6592884699867eb0
SHA512 bec513125f272c24477b9ddbaa5706d1e1bb958babac46829b28df99fa1dd82f3f1e3c7066dc2fe3e59118c536675a22fc2128de916ca4c478950b9992372007

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_gu.dll

MD5 f9646357cf6ce93d7ba9cfb3fa362928
SHA1 a072cc350ea8ea6d8a01af335691057132b04025
SHA256 838ccd8243caa1a5d9e72eb1179ac8ae59d2acb453ed86be01e0722a8e917150
SHA512 654c4a5200f20411c56c59dbb30a63bfe2da27781c081e2049b31f0371a31d679e3c9378c7eb9cf0fb9166a3f0fba33a58c3268193119b06f91bebe164a82528

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_gl.dll

MD5 84a1cea9a31be831155aa1e12518e446
SHA1 670f4edd4dc8df97af8925f56241375757afb3da
SHA256 e4eb716f1041160fd323b0f229b88851e153025d5d79f49b7d6ecb7eb2442c57
SHA512 5f1318119102fcee1c828565737ce914493ff86e2a18a94f5ff2b6b394d584ace75c37258d589cce1d5afd8e37d617168a7d7372cfd68dd6a2afcd4577a0bc51

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_gd.dll

MD5 c90f33303c5bd706776e90c12aefabee
SHA1 1965550fe34b68ea37a24c8708eef1a0d561fb11
SHA256 e3acc61d06942408369c85365ac0d731c5f3c9bc26e3f1e3bb24226d0879ad9c
SHA512 b0c1a9d7df57d68e5daf527703f0b6154a2ef72af1a3933bda2804408f6684b5b09b822522193243fd0756f80f13d3ab0647c90d2bed1a57b4a9fea933b0aa9a

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_ga.dll

MD5 3b8a5301c4cf21b439953c97bd3c441c
SHA1 8a7b48bb3d75279de5f5eb88b5a83437c9a2014a
SHA256 abc9822ee193c9a98a21202648a48ecd69b0cb19ff31c9bbf0c79dab5f9609b0
SHA512 068166cfdf879caf4e54fe43c5265a692fcaf6a9dcbf151335fd054bbec06260bc5ed489de6d46ca3fc0044bc61fa1468fea85373c6c66349620618ee869383a

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_fr-CA.dll

MD5 b534e068001e8729faf212ad3c0da16c
SHA1 999fa33c5ea856d305cc359c18ea8e994a83f7a9
SHA256 445051ef15c6c872bed6d904169793837e41029a8578eaf81d78a4641ef53511
SHA512 e937d2e0f43ade3f4a5e9cdeb6dd8c8ad8b5b50a7b6b779bda727a4fe1ced93abd06720395cc69a274ce3b0f7c6b65e1eba1ecf069db64edb80d007fbb4eedbb

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_fr.dll

MD5 64c47a66830992f0bdfd05036a290498
SHA1 88b1b8faa511ee9f4a0e944a0289db48a8680640
SHA256 a9b72fcb3bdb5e021b8d23b2de0caeca80ddc50420088b988a5b7503f2d7c961
SHA512 426546310c12aeb80d56e6b40973a5f4dffef72e14d1ac79e3f267e4df2a0022b89e08bba8ab2ffa24f90b0c035a009bed3066201e30fe961d84ed854e48f9c5

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_fil.dll

MD5 7c66526dc65de144f3444556c3dba7b8
SHA1 6721a1f45ac779e82eecc9a584bcf4bcee365940
SHA256 e622823096fc656f63d5a7bbdf3744745ef389c92ec1b804d3b874578e18c89d
SHA512 dbc803c593ae0b18fd989fdc5e9e6aee8f16b893ae8d17e9d88436e2cd8cae23d06e32e4c8a8bf67fc5311b6f2a184c4e6795fed6d15b3d766ef5affc8923e2f

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_fi.dll

MD5 d45f2d476ed78fa3e30f16e11c1c61ea
SHA1 8c8c5d5f77cd8764c4ca0c389daee89e658dfd5e
SHA256 acf42b90190110ccf30bcfb2626dd999a14e42a72a3983928cba98d44f0a72e2
SHA512 2a876e0313a03e75b837d43e9c5bb10fcec385fbb0638faa984ee4bb68b485b04d14c59cd4ed561aaa7f746975e459954e276e73fc3f5f4605ae7f333ce85f1b

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_fa.dll

MD5 cbe3454843ce2f36201460e316af1404
SHA1 0883394c28cb60be8276cb690496318fcabea424
SHA256 c66c4024847d353e9985eb9b2f060b2d84f12cc77fb6479df5ffc55dbda97e59
SHA512 f39e660f3bfab288871d3ec40135c16d31c6eb1a84136e065b54ff306f6f8016a788c713d4d8e46ad62e459f9073d2307a6ed650919b2dd00577bbfd04e5bd73

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_eu.dll

MD5 a7e1f4f482522a647311735699bec186
SHA1 3b4b4b6e6a5e0c1981c62b6b33a0ca78f82b7bbd
SHA256 e5615c838a71b533b26d308509954907bcc0eb4032cdbaa3db621eede5e6bfa4
SHA512 22131600bbac8d9c2dab358e244ec85315a1aaebfc0fb62aaa1493c418c8832c3a6fbf24a6f8cf4704fdc4bc10a66c88839a719116b4a3d85264b7ad93c54d57

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_et.dll

MD5 b78cba3088ecdc571412955742ea560b
SHA1 bc04cf9014cec5b9f240235b5ff0f29dbdb22926
SHA256 f0a4cfd96c85f2d98a3c9ecfadd41c0c139fdb20470c8004f4c112dd3d69e085
SHA512 04c8ab8e62017df63e411a49fb6218c341672f348cb9950b1f0d2b2a48016036f395b4568da70989f038e8e28efea65ddd284dfd490e93b6731d9e3e0e0813cf

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_es-419.dll

MD5 28fefc59008ef0325682a0611f8dba70
SHA1 f528803c731c11d8d92c5660cb4125c26bb75265
SHA256 55a69ce2d6fc4109d16172ba6d9edb59dbadbc8af6746cc71dc4045aa549022d
SHA512 2ec71244303beac7d5ce0905001fe5b0fb996ad1d1c35e63eecd4d9b87751f0633a281554b3f0aa02ee44b8ceaad85a671ef6c34589055797912324e48cc23ed

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_es.dll

MD5 9db7f66f9dc417ebba021bc45af5d34b
SHA1 6815318b05019f521d65f6046cf340ad88e40971
SHA256 e652159a75cbab76217ecbb4340020f277175838b316b32cf71e18d83da4a819
SHA512 943d8fc0d308c5ccd5ab068fc10e799b92465a22841ce700c636e7ae1c12995d99c0a93ab85c1ae27fefce869eabadbeafee0f2f5f010ad3b35fa4f748b54952

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_en-GB.dll

MD5 d749e093f263244d276b6ffcf4ef4b42
SHA1 69f024c769632cdbb019943552bac5281d4cbe05
SHA256 fd90699e7f29b6028a2e8e6f3ae82d26cdc6942bd39c4f07b221d87c5dbbfe1e
SHA512 48d51b006ce0cd903154fa03d17e76591db739c4bfb64243725d21d4aa17db57a852077be00b9a51815d09664d18f9e6ad61d9bc41b3d013ed24aaec8f477ad9

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_de.dll

MD5 aab01f0d7bdc51b190f27ce58701c1da
SHA1 1a21aabab0875651efd974100a81cda52c462997
SHA256 061a7cdaff9867ddb0bd3de2c0760d6919d8d2ca7c7f889ec2d32265d7e7a75c
SHA512 5edbda45205b61ac48ea6e874411bb1031989001539650de6e424528f72ec8071bd709c037c956450bb0558ee37d026c26fdb966efceb990ed1219f135b09e6e

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_da.dll

MD5 d34380d302b16eab40d5b63cfb4ed0fe
SHA1 1d3047119e353a55dc215666f2b7b69f0ede775b
SHA256 fd98159338d1f3b03814af31440d37d15ab183c1a230e6261fbb90e402f85d5f
SHA512 45ce58f4343755e392037a9c6fc301ad9392e280a72b9d4b6d328866fe26877b2988c39e05c4e7f1d5b046c0864714b897d35285e222fd668f0d71b7b10e6538

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_cy.dll

MD5 34d991980016595b803d212dc356d765
SHA1 e3a35df6488c3463c2a7adf89029e1dd8308f816
SHA256 252b6f9bf5a9cb59ad1c072e289cc9695c0040b363d4bfbcc9618a12df77d18e
SHA512 8a6cbcf812af37e3ead789fbec6cba9c4e1829dbeea6200f0abbdae15efd1eda38c3a2576e819d95ed2df0aafd2370480daa24a3fe6aeb8081a936d5e1f8d8ed

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_cs.dll

MD5 16c84ad1222284f40968a851f541d6bb
SHA1 bc26d50e15ccaed6a5fbe801943117269b3b8e6b
SHA256 e0f0026ddcbeafc6c991da6ba7c52927d050f928dba4a7153552efcea893a35b
SHA512 d3018619469ed25d84713bd6b6515c9a27528810765ed41741ac92caf0a3f72345c465a5bda825041df69e1264aada322b62e10c7ed20b3d1bcde82c7e146b7e

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_ca-Es-VALENCIA.dll

MD5 2929e8d496d95739f207b9f59b13f925
SHA1 7c1c574194d9e31ca91e2a21a5c671e5e95c734c
SHA256 2726c48a468f8f6debc2d9a6a0706b640b2852c885e603e6b2dec638756160df
SHA512 ea459305d3c3fa7a546194f649722b76072f31e75d59da149c57ff05f4af8f38a809066054df809303937bbca917e67441da2f0e1ea37b50007c25ae99429957

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_ca.dll

MD5 39551d8d284c108a17dc5f74a7084bb5
SHA1 6e43fc5cec4b4b0d44f3b45253c5e0b032e8e884
SHA256 8dbd55ed532073874f4fe006ef456e31642317145bd18ddc30f681ce9e0c8e07
SHA512 6fa5013a9ce62deca9fa90a98849401b6e164bbad8bef00a8a8b228427520dd584e28cba19c71e2c658692390fe29be28f0398cb6c0f9324c56290bb245d06d2

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_bs.dll

MD5 e338dccaa43962697db9f67e0265a3fc
SHA1 4c6c327efc12d21c4299df7b97bf2c45840e0d83
SHA256 99b1b7e25fbc2c64489c0607cef0ae5ff720ab529e11093ed9860d953adeba04
SHA512 e0c15b166892433ef31ddf6b086680c55e1a515bed89d51edbdf526fcac71fb4e8cb2fadc739ac75ae5c2d9819fc985ca873b0e9e2a2925f82e0a456210898f9

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_bn-IN.dll

MD5 a94cf5e8b1708a43393263a33e739edd
SHA1 1068868bdc271a52aaae6f749028ed3170b09cce
SHA256 5b01fe11016610d5606f815281c970c86025732fc597b99c031a018626cd9f3c
SHA512 920f7fed1b720afdb569aec2961bd827a6fc54b4598c0704f65da781d142b1707e5106a459f0c289e0f476b054d93c0b733806af036b68f46377dde0541af2e7

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_bg.dll

MD5 8375b1b756b2a74a12def575351e6bbd
SHA1 802ec096425dc1cab723d4cf2fd1a868315d3727
SHA256 a12df15afac4eb2695626d7a8a2888bdf54c8db671043b0677180f746d8ad105
SHA512 aec4bb94fde884db79a629abcff27fd8afb7f229d055514f51fa570fb47a85f8dfc9a54a8f69607d2bcaf82fae1ec7ffab0b246795a77a589be11fad51b24d19

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_az.dll

MD5 7937c407ebe21170daf0975779f1aa49
SHA1 4c2a40e76209abd2492dfaaf65ef24de72291346
SHA256 5ab96e4e6e065dbce3b643c6be2c668f5570984ead1a8b3578bbd2056fbad4e9
SHA512 8670746941660e6573732077f5ed1b630f94a825cf4ac9dbe5018772eaac1c48216334757a2aeaa561034b4d907162a370b8f0bae83b34a09457fafe165fb5d7

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_as.dll

MD5 a8d3210e34bf6f63a35590245c16bc1b
SHA1 f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693
SHA256 3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766
SHA512 6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_ar.dll

MD5 570efe7aa117a1f98c7a682f8112cb6d
SHA1 536e7c49e24e9aa068a021a8f258e3e4e69fa64f
SHA256 e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01
SHA512 5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\msedgeupdateres_af.dll

MD5 567aec2d42d02675eb515bbd852be7db
SHA1 66079ae8ac619ff34e3ddb5fb0823b1790ba7b37
SHA256 a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c
SHA512 3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\EdgeUpdate.dat

MD5 369bbc37cff290adb8963dc5e518b9b8
SHA1 de0ef569f7ef55032e4b18d3a03542cc2bbac191
SHA256 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3
SHA512 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\NOTICE.TXT

MD5 6dd5bf0743f2366a0bdd37e302783bcd
SHA1 e5ff6e044c40c02b1fc78304804fe1f993fed2e6
SHA256 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5
SHA512 f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e

C:\Program Files (x86)\Microsoft\Temp\EU2EEB.tmp\MicrosoftEdgeComRegisterShellARM64.exe

MD5 7a160c6016922713345454265807f08d
SHA1 e36ee184edd449252eb2dfd3016d5b0d2edad3c6
SHA256 35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9
SHA512 c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 1042aeb9472b2f5ba4a88da0b420c6c2
SHA1 00d977df78df903c7d57b662444cff45846fa134
SHA256 83d7751595f2ebbcc60b0fb27145811bbd7244d0f28019ad83c311113ffa29a7
SHA512 42e2dfc9c24f61207874d3a8b020a1de3295cb881234845e3b2a5dfd5b2e80082a4e159f7388769a69d0711eb8f7a674303112a46231105b8834bdaee5533dac

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 5ee4f075f7ca03b0107a736f8c4d2439
SHA1 b14660d752843f4acda3b3d1ee3a27a91cfb1f3b
SHA256 1e156c27121e59343205b046676a7b4e75e2a06a24782fe585f7c3e1628823bb
SHA512 4b60ed96e26d80a57d917e3ff07fd5fd46eb5d1efe9a673fff3f7730c8d3d92d5b676162bf865c1e59be502ccf4cbdee69042e551e0f3fc1c68d4aa89c7b5480

memory/4020-518-0x0000000000350000-0x0000000000385000-memory.dmp

memory/4020-519-0x0000000073AC0000-0x0000000073CD0000-memory.dmp

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}\124.0.2478.67\MicrosoftEdge_X64_124.0.2478.67.exe

MD5 dabc3160a804b9fadd89ceb0fcecf388
SHA1 b52f15e866a18637683bdf0ea4eaa326b787396f
SHA256 53eb39a92ee0d2eb94f6d33c015097bddd9cfe5c4129d3ac9a9facbfb5087bfe
SHA512 74fc0f21d7cf99e07c079224e2af8a4a51bff98a97bc471cfedfbd3a28d3ee681fbd63fa7239948c3c0bf4f9af56dc582dd128f8c08b54cb73389e85f949f431

C:\Program Files\MsEdgeCrashpad\settings.dat

MD5 019a3855ef4a1c3b5b9d5cf00348184d
SHA1 7a5168dc1c2b03496f4aaf0cb63c294a8d75ef56
SHA256 b3e1d31a4a7a3fa655a7769bd533d16ad6627fd58855bd31db053d154e521c3b
SHA512 e66a4b6dac80deff8746f2ef00e92e1c9b5207416dde65ad5c8634f4da85e132cd3d8aa5867a87c7503da97c4216d94864140cfbdbb9fb51640bc0067ec6f5aa

C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Installer\setup.exe

MD5 c31297188ec9fbaa60449f769339963e
SHA1 8502d9e0cef18137529f0a46ad6e69a1577e6cae
SHA256 2e2eff110475dd3dfd732ab514e4692032e67b2d228d0081634a87f45cde5ff9
SHA512 9525e3e08b953fe36270c7b4868959e9bded055c5577e5ca94d79606b671e6660d180f763b54a276bf356e82d7073901c373e0b40cfca924cc4b38384c20e22a

memory/4020-728-0x0000000073AC0000-0x0000000073CD0000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 bca79c39cede9c115058502d3560f230
SHA1 778f4c328836f6f973240d97c2ec04e24479060a
SHA256 7c6b6ae56eb42352df42bca12f3a84b24127b59c4eb4ddb196934e631302bf0a
SHA512 c9f01caaf18d733246e1b5728f9597f9375950f7bd626d61ac6e3eac020a33920d8c46c77691602afd5978a6ce231f235689fa7dd3d79a69b47c74c7bcc00012

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1bd9c229bf8e7e9bdc77096f2162aca0
SHA1 81ea8f6aeee34a6c37fafb0bf4ae16880827a2d1
SHA256 f31e61581d5aab15593ac53261d4275bbb9feb0e03e2bd4f485cc7fa034e31e3
SHA512 b6ce3706550c6fe0ee940a0089b20ebf1d267870cb80d93115eddad0380fd6c73aed09b9b6e9e2ff2934081eee1d29a747582e09409623b99ed0297059e03636

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 95fa91c12baa7c1548f7c3f5af4c000a
SHA1 567f04a73f07f207f0b8c16b16a012ca7901c8eb
SHA256 d956c483c4b774ce39ac8d77777dfe04566df8095495df320c882c91fea1cfa2
SHA512 3a798ef47f683ec160111992ffd695c61f8da06c0a9b9747fdbd82ce04574fba2e876fefecb56e1f501efcc07db437c92a9a3a4a5dfaee5d7733cdc435864722

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 308f2ca7ab019cb6a99b11559d87710f
SHA1 9d1b8581ff91a23afdf5e382430566f619e71c20
SHA256 cf70445219bc71a2f67afa7f5b799349cf65e8b8f7eb3afc42ae528fb1b60513
SHA512 8728b2fe434f505c782ca762ad5df8a15f8957ed1e3ad4a0ae28119c4ef6a1d20a9c856f347969dd2628fdd87fe1ce3b32e357ec676d8ba22ab2ad2c450e9850

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

MD5 3ab178d2b8eacad695ae4c78318db405
SHA1 0c2f705331e64f968473f4cd266e0b1a7cf534de
SHA256 227b44aea39a485986bf912820ba1e1c26c5cf57f885d42c64e93240a3072597
SHA512 56221da9fe2f66c4a80b35fa4ccb1f65d2681d2f154e1caaf66a9190c4374ed857e96c14ffc6facf40d81244eecefe531d7db4ad907b92a53f58b6cea85b9290

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

MD5 54ed250c8565e43ac5a102f23ae6d7cc
SHA1 71e3e64844686be40d95ad66a2272344d3a38496
SHA256 427136434f65413610c76b75460167c727fc2c26e22a91ee6aa453b67084ae3a
SHA512 9acc88923ea29a7ad22159c397e83652014464e41a21f46a17ae8d9dd3b2e980e97feefb5f3faf6904199942790a379693553ea2d2bd35db220f36b7f3393013

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 55bd7b6697828cf8a641bfb5ccaa139e
SHA1 eed70ca1154e586002e2e550fbba76b46ab66573
SHA256 24499a1dfc7cc831cae6b28024d00f2b8b4b60dc229a65187c64e44b6badb8e6
SHA512 b32f87536e644b5a28afb7c1b716e18b7eb3accd343330bd943b13e920984aef3a40fb2452d0f3d344ab5f6943daaea7849aec87308d27214adc2816f9595d04

memory/4020-1025-0x0000000000350000-0x0000000000385000-memory.dmp

memory/5888-1032-0x00007FFA53E70000-0x00007FFA54272000-memory.dmp

memory/5888-1033-0x00007FFA504D0000-0x00007FFA50A1C000-memory.dmp

memory/5888-1034-0x00007FF658B70000-0x00007FF659B70000-memory.dmp

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Site Characteristics Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Extension Rules\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

memory/1336-1133-0x00007FFA72DE0000-0x00007FFA72DE1000-memory.dmp

memory/5972-1144-0x00007FFA72D50000-0x00007FFA72D51000-memory.dmp

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GraphiteDawnCache\data_1

MD5 d0d388f3865d0523e451d6ba0be34cc4
SHA1 8571c6a52aacc2747c048e3419e5657b74612995
SHA256 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b
SHA512 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GrShaderCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GrShaderCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GrShaderCache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

memory/1336-1132-0x00007FFA72430000-0x00007FFA72431000-memory.dmp

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 5d15f9579d0e351a41e2e4ea5149fd48
SHA1 aa14c744377663d12384e5379cc97ad7ac0ebf6b
SHA256 0613cbf066da02db719a7be0cb33a6ed0ac70772a2da051b9a54e80d1f7e7c52
SHA512 1e5b85dfb154c49b1f1f559eef2ed7ed7df1bf95e0337858e07db282a018ee6bfe897cc1a0425f92098b2e13200fda975da5ff3a623ffa66d182aeba7e47719e

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 d2cdf96b0808b5cfc3c2a0e069369965
SHA1 c48d149c8ea3ac5982b041c82b4df2b55d8674f9
SHA256 f72752c3af9bcc42bdcdf4d7a39ce10f47c64291633f5d3af51b955dfb2008a2
SHA512 e2bd666fa6c1520970a9f6a15bc70981d5f9b021aabd525c0cec44d97f2d99bd17e4d633110e77e29677df15d145a6059574857070468dc4bf7621f340ca09d3

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State~RFe596bff.TMP

MD5 8f6d47dfe35ba97af145aa272e363f27
SHA1 b0065c7c51719a8b3b03b7df62765be88ee6d97e
SHA256 3951db507dcca2625e90bfcd845c8c28511ce5ac053d14141877adcfe81eefe5
SHA512 c91219a64d78f4db925d777fb0e3609c991611aef71189cb6be16067a6a15c1dc2ac37bfe8d01840007643a3040c45d4bffdf567e7f77569f072943e65a67433

memory/5924-1066-0x00007FFA72D50000-0x00007FFA72D51000-memory.dmp

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad\settings.dat

MD5 5b3723d39a32fea88f862fd6feb0c220
SHA1 d0ba499589b4376290dc25da908db17f4401aff0
SHA256 05ff61e48cf8a8ddb56d35964b7824d842a4f91b458d058ab33266aa9a07f34d
SHA512 b2370bde0ee865a1f44606c792e4b6336c7eec50750a48bbbb522aec9893177ec8c1955660d47b874046e8050f0ec9767d72e16c4912c5db548c733386654bf4

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 c5eb9a959889cb14da820c29f2d70b2e
SHA1 c5b101cfa41fa760a3597c54b8be1bb8979dfb12
SHA256 401efc9eb448e302fa866c2c226a08416c172ce6999ecb9069b85c912688707d
SHA512 dc04b34aadce38140ea72ecc1662eb386e44e71a454773aaf30339b9b7320c52341a403e3a023f871c5f7eddbbf5d2a07f162d155f695d47bd2282110f3b3111

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8c29ec8738f2c2d72b46b1e4ebbbfbeb
SHA1 85c7f19012219f20d5e27a24794c396c35d7929e
SHA256 36fe4cb4169012889e0b89c920d67cc5e7fd96737a4c97e492198d1bec4934f6
SHA512 2fec613ec2345e36c6f8c97cf487daec9fa02ff20b19ee90e765708eb8c9afd6640784c7ee3bbbb7380c0b626e4556f62c584f9a24f8014bae1a1e7cdbc4319a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 eabf301e6ec9565bce929a6d7dc4305c
SHA1 c4101811a793e7ab12572b4c3e8094f713f88bb7
SHA256 95661dd9de8880b1bbb7a0f7937f190ecd1f9823bf6b73e7bcacb52935880b97
SHA512 12e3c654136debc949fb4fd3ab6e703b5867d5c80c12c288fd6af4b62dea4c51200d647fb73a2af0cdd90748bf41f195638818dcb3fbeeeace0ae418015ec547

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 02ca7eaf326b57824f8792abdb2dd9f7
SHA1 b46445842ebae7656b6fbf520eb5d43eeca71b44
SHA256 29f90ccf224c06329388de9f1cf6084fdab806f5ec3676508078ef7245cc0c46
SHA512 64d8812d45c65d3c35cc00f012ef87273b75ec97c40b350e00af0f11d3b2aed6e5a38ae8df0dbf28f6b0015f471888c91d2200c4b4ae46e24eac12d74b34e20f

memory/1336-1422-0x000002948FBD0000-0x000002948FC00000-memory.dmp

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c12b0b4b8d144c755934c5d0181527a5
SHA1 d2f5440fb94ae260a7f0c0b73e6d70af32a6bdab
SHA256 07a2d76fdd70570edd0baf3bcf647f55735c44616b79a0c1ee7954851fda7a0e
SHA512 46e1474fb3fa3f7e480d6b330614fad2dcb55421e940813c8c80ceaa852756c6238a7202cbab592eec45f378b593a30d1182b8df8c9327394e53d203f198d0c0

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 caa782940aa8f5f8d169dc0c4236f919
SHA1 60bd8488c4fb19763b98e222b4b4b39d01ac8bc2
SHA256 3ba14af272e62c57348499533f1905fb71dcd42b38164fa8fe75b0b01517c50f
SHA512 84a87a753b929c38149bd251ab1035174a1b6124e4f054116c18f985bbce418bd943661fa282ce844ec2255ea46cac97ab854bc507740f682a8a7cb114a7076d

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index~RFe59b05b.TMP

MD5 2b5b1ffd5b1f0c37fef4d9dd0d5a4059
SHA1 1bd107e7cdfce3d3ffd1439b53d0707398bb62d8
SHA256 fd637b0f9d1b5d877112d42d94de38feaff5b4df64cf22a0dba60208fee9f56a
SHA512 e0a5b00cc7827090ea5289aecf2e28d791b5b4ef883c9e274d2bc50cca6dca4da1c4135b7d347d23afc83c8f29efc78a95d95021bc0f88ce64c629564fbadf01

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index

MD5 099a1e16e47e1d040843994cac200e17
SHA1 a43c87919d6e711d6f3f347f74660e78d78fee8d
SHA256 8550bab2cab27d426a5173a1c2c1fda80da87e1efbbd5d8d98e89ec030bca3de
SHA512 f8f183789bcc21e93dab13b8770471e141171ce5c9acd4cb715c3bdd1da4254c3a1fedb509e2170fe82d478323bd96a128c1743dea34ce4941a4f65f7678f842

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences

MD5 1256fc877ca1e3afb2a33123833fbf07
SHA1 4c8727f25464cb5fbb12d0a1a6197420771953ce
SHA256 243915fcd773030b960e1d784d68f8a10c90533f60d3b1ec96e2383bb44ee7f0
SHA512 5024c3fe3a0a92304abd2ba5d5c3d045f120e1ba9cb7667d1b3dba37c4182c85ed82033958e8ab21d50b2416942fc75aa9fd8d512b1357197c2dd6211f502ed5

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences~RFe59b05b.TMP

MD5 5d1e37a16d858e0789a9b7ae935d5394
SHA1 0cb6466ffe37490ac65ac963af455e323bc53dc5
SHA256 a1ed5459928f77a99e3e2725958c44adfc6a3f574ed0c07e63e90e6e08cda990
SHA512 3fdbe25ac7a6d777bf3cd04c6e5ad493c3517512f4c9d3a429c4a1024a375507b953c95f03f5dacb595e04e9c08c3c0ed7776369d576a581d74eafc8ba1100cc

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\Network Persistent State

MD5 1ab731aad29691efcbdd785fff8555e1
SHA1 f1f1d0e4057ee0ccfd2cde3184a8d02cc6f6332a
SHA256 13bbb74ff07638d4c414bc17d376f9ecb073f7198f3b5d3025ef696ce4776cbe
SHA512 9e4cfa4263ca1dffa3ca6fb6c8896cd7bd51e64a4ea66810d33e82161d816ffb084da5f428428f406cc8c637f0237e3860cab20c08c5f0f493a4c8aebf24c14f

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity

MD5 87af407cb8feb86d83e5caa06be296e5
SHA1 026a186c67e8975f9315228779a44e013833c8e7
SHA256 0043bc94f28520d42e19fa2f8ee2f80d06bcea05f4f66c45b3d62690c90970ad
SHA512 a88e27a0464fccc702fcbac00f1adadbdb70643111a4026b39f1eaca6f6916693f2fe12f403bc29650f8037f0ad3d5f455eff82afab4130bdc04ba10c02ee824

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\Network Persistent State~RFe59b06a.TMP

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity~RFe59b06a.TMP

MD5 953b4b5eea943390708020c31d2c4141
SHA1 1f2b146ced6b9fed054c948540273817f3f4d178
SHA256 c1d96ffe5a378a5aac81c85bd7e1a57147135518b3bf9ef57997a3a492a23a94
SHA512 d5403ae11e296f0c876698408903b4b9a7cd71344f4c2a77b7eae83caf019e1191d9f65afc2eea31d8b98995c8ff4bc347b7b73cf558698ea94c01f06ce57142

memory/5888-1666-0x000002A415E50000-0x000002A416290000-memory.dmp

memory/5888-1667-0x000002A404380000-0x000002A404580000-memory.dmp

memory/5888-1670-0x000002A4045E0000-0x000002A4045E1000-memory.dmp

memory/5888-1669-0x000002A4045E0000-0x000002A4045E1000-memory.dmp

memory/5888-1672-0x000002A4045F0000-0x000002A4045F1000-memory.dmp

memory/5888-1673-0x000002A4045E0000-0x000002A4045E1000-memory.dmp

memory/5888-1674-0x000002A4045F0000-0x000002A4045F1000-memory.dmp

memory/5888-1675-0x000002A4045F0000-0x000002A4045F1000-memory.dmp

memory/5888-1676-0x000002A4045F0000-0x000002A4045F1000-memory.dmp

memory/5888-1678-0x000002A416310000-0x000002A416311000-memory.dmp

memory/5888-1679-0x000002A4045F0000-0x000002A4045F1000-memory.dmp

memory/5888-1681-0x000002A416310000-0x000002A416311000-memory.dmp

memory/5888-1680-0x000002A416310000-0x000002A416311000-memory.dmp

memory/5888-1683-0x000002A416310000-0x000002A416311000-memory.dmp

memory/5888-1682-0x000002A416310000-0x000002A416311000-memory.dmp

memory/5888-1685-0x000002A416310000-0x000002A416311000-memory.dmp

memory/5888-1684-0x000002A416310000-0x000002A416311000-memory.dmp

memory/5888-1686-0x000002A416310000-0x000002A416311000-memory.dmp

memory/5888-1689-0x000002A416320000-0x000002A416321000-memory.dmp

memory/5888-1702-0x000002A416330000-0x000002A416331000-memory.dmp

memory/5888-1701-0x000002A416330000-0x000002A416331000-memory.dmp

memory/5888-1699-0x000002A416320000-0x000002A416321000-memory.dmp

memory/5888-1698-0x000002A416320000-0x000002A416321000-memory.dmp

memory/5888-1697-0x000002A416320000-0x000002A416321000-memory.dmp

memory/5888-1696-0x000002A416320000-0x000002A416321000-memory.dmp

memory/5888-1695-0x000002A416320000-0x000002A416321000-memory.dmp

memory/5888-1694-0x000002A416320000-0x000002A416321000-memory.dmp

memory/5888-1693-0x000002A416320000-0x000002A416321000-memory.dmp

memory/5888-1692-0x000002A416320000-0x000002A416321000-memory.dmp

memory/5888-1691-0x000002A416320000-0x000002A416321000-memory.dmp

memory/5888-1690-0x000002A416320000-0x000002A416321000-memory.dmp

memory/5888-1688-0x000002A416320000-0x000002A416321000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e1f1d96b68e3261cf312b541611c5539

MD5 3adb865c801399c412bc73840d3d8241
SHA1 267f8332eb7486bccd7a6730cfb4f5c2152b11c0
SHA256 10fb505b7ce30ce4bf5582248b17dd47f6a39635007bb77dc5d16b963baf9905
SHA512 609793331ce25c6667067b3616791f3ece470500f797343178948e4b7af18f275fdde226f542610d957b397651e12191aed58dbb88bc1c59eff4625e550160a5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 4670b940bc9feb0391431ae7a7639dd2
SHA1 ef9f2013f4eab717fdb52a8140dad24d044293cc
SHA256 b7857d02977c923fb61ca0cbd6684b850d9a0a3451a45b4e7721bc065ac996ef
SHA512 3c8def47764690295a8655a03b02103afeb5af5471cb10c7fc039a9696e5ca9322c67bb08b9a6ca6d6ebdbe51e76f991c97359b8a5b136e277e243ce3e992b2b

C:\Users\Admin\AppData\Local\Roblox\4155035591\InstalledPlugins\0\settings.json

MD5 30c7b2bdc35c650d2b65150241646816
SHA1 94d466a5f5159784155b6adcc9555bfdae4710c6
SHA256 0784d39379f0a4f971777844ba07550aff31a3d5e32ce1d1eff6f4c7d49b90b1
SHA512 8d51ef924b6c8f46a7ced69f188f2ea583ef3feb7fd84f51a8af8810c51e5099052e2c1513f15ac6fb83fecbef8c984fb4e124ff524c2b20a437943dc127465d

C:\Users\Admin\AppData\Local\Roblox\OTAPlugins\Downloaded\OTAData.json

MD5 7a39cae24c1d13e38fd10bcef98c80ce
SHA1 58d8a40b4d16215399749b563ba610c5cd3e4159
SHA256 72de5cd3124d642aafeb64a4562c31204bb506a5c4fe37de302849aef41f0d40
SHA512 8f51f5fe9890099039ef275e5148299a87bcbbc1a9aab5c279105b96efd795ef445803b4422060964b3b010c180c9b4526c82f84433669e4e365812f9642c80e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 514d9a7669cbfa4e11803922ddec24d9
SHA1 a82607cddbafd3e5e83b5f7bce53c2dd6faf1329
SHA256 529e0f19a7ae0d7c3b0c1b4e9a0882ff125dde52f5240b86dce39750c5409e2b
SHA512 9b13562132c747d9553c14eb029b005545443e1fb395cd155bf57d3ce85aa8ba18b47d7e59f805c64ddeef3c28ae4e70ec25a2b327fc53216e194606a2c50dc4

C:\Users\Admin\AppData\Local\Temp\Roblox\http\8eda221f6247e9ff7c6f12c3234b4966

MD5 171448d46fe1d18dd654d3e66d2f87de
SHA1 d045be05d2c72358906decaed91c89a2967d1aab
SHA256 14631e2c35f123289286ce9c56d21752ee907e23c62df89408e5bfaa2d3e9f6c
SHA512 70f0008c41c1fdb86b8bbb66553c9ad19dbf28d05c5f73d76c1e2fe64e1b4d162717cbc03a286898239f6f01f0bf85a4b74b18e3a9e1df77f358757476c352f7

C:\Users\Admin\AppData\Local\Temp\Roblox\http\40a7f9baf9447dcb57a560e4bd61c482

MD5 787df87fb2727da68f683a8f9a586add
SHA1 ee885243de52ae79384c1546a2ad2621e935d512
SHA256 f12b438b01bafa565e0d97a5d2a6b6c951c887f62ec0076a48fcde1e8fb5b6f6
SHA512 064f5adcc5803c09be0031d8ac650bccd532182648f1bacaf2f016dadb098656f80a8651417d6b78cb95d498fe0edf3b78e59f0b4a7472df141c22bbdd0df563

C:\Users\Admin\AppData\Local\Temp\Roblox\http\c1d34dd7f71a703645e71987c563d762

MD5 535de96d0dcc0600aa1b95190a0c4068
SHA1 811e1bfc405c49d37c2f8cb8e140f524427e1f54
SHA256 f9389b60b1033720ea66ee98605940ca54334f480f5789a13bbb000520fa87f6
SHA512 a4350b9b34eead432e895986bdfdf35a978dd16b25e590115b5ffdc09d5aa369407465a89e2282eec96b06d34131866b162ff62ed2b4071c251e721ea8fbd546

C:\Users\Admin\AppData\Local\Temp\Roblox\http\a736f367c22be057d953f9081963ae99

MD5 239c77e7639edab0182be9c433c29866
SHA1 263885da8635a54cea4d349f0a980ee0c22848b0
SHA256 80113b43e0aaeadb71f628603c06f500fc110540081914a02cfcce8577872446
SHA512 8351bf278d75a7a8f3c3e1d31ac49e29d0dd5b4a7058de9a8a2e1f8c78e2146ef86576db5d092089f14a7cc207465a667239f4db1b98a2eb86891b8b935ae785

C:\Users\Admin\AppData\Local\Temp\Roblox\http\220491c3784fe7876e97a94045b26520

MD5 44144c2b957fefb78ecd91a03b80733d
SHA1 d48ebddecb01b53c2601949cd6d9fd0b98468809
SHA256 0114b7d4aa9ba541103e99c80e0acef2ef2c0861099a15fd15abe3db0c13d99f
SHA512 6e5abd13e72cc0c137e51ef5aef9a1f5d0f2c0e407c33e6d1fb182de28b34314d65406fc0fa6cd3184cacea2d07eccb7390ddf5d2f45482b668458a992ead2f4

C:\Users\Admin\AppData\Local\Temp\Roblox\http\ba36e6b11b73d6b41d494d1bb91506bc

MD5 be9a94e5c6de6d6d9d8efe89fec5dc03
SHA1 6593235a3fdd76d35cdc1d3237289690f8942ec7
SHA256 63c8f16aadecfad3a3608043494e40fc44dfbb3b8f19230c09f83d5d56289ac1
SHA512 cc936491f607a28718aa146699ce3ad50db364b7aa1e62c2912e656eadf0504d4ebf0099c89d17c321f661090f335eb6349476bb0ca7df4043ab64f4b504870f

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e1689b0ecdee24b7d3f37a4586f2f6b1

MD5 b7fa07fb20739e48a06e218af00ee084
SHA1 ea98b7fa0a3ed61694e5511aa11c9d29c098259d
SHA256 8bcaf8cdfc66f00b79ad13b6e8380db5de9261e350d0e70fb03e835262b2484d
SHA512 9b2c6ca7baac30bac17f8e03e29298fc3ba718a7f6a993959ee9512926f8b2a77b06bf71a45d8c34f3676c32f1ff583cf4d6ef70820cbd7844c2a0fbb06e1cb6

C:\Users\Admin\Videos\Captures\desktop.ini

MD5 b0d27eaec71f1cd73b015f5ceeb15f9d
SHA1 62264f8b5c2f5034a1e4143df6e8c787165fbc2f
SHA256 86d9f822aeb989755fac82929e8db369b3f5f04117ef96fd76e3d5f920a501d2
SHA512 7b5c9783a0a14b600b156825639d24cbbc000f5066c48ce9fecc195255603fc55129aaaca336d7ce6ad4e941d5492b756562f2c7a1d151fcfc2dabac76f3946c

C:\Users\Admin\AppData\Local\Temp\Roblox\http\302f2b9c54a790abd9d5bcffbf1de651

MD5 20d9bbcec2a344f51532589cc2591f25
SHA1 404713b34f7a414c1ec5aa62469c9c9e0b6eb693
SHA256 c2024654b94434349fe649c271273d0d64a55666b6d14d46b7a369888393a531
SHA512 874bec6d548783573f1e81f31fff79f4f177a12b1e9474f089c8c670243616e792ea4732d472bd2f507282368c6e07debc0aa7f418f02cbc0bb8f72dbb0211c2

C:\Users\Admin\AppData\Local\Temp\Roblox\http\3becefa122c886f8110deefaa6d99fd4

MD5 877ea639c6c1f44a3aa3a691b0e7bfd6
SHA1 409faa352d221f963bc307eae54909aef07fd4d5
SHA256 5b1ec2193cb497875e214b67f868fdd6f908363da9e3949b5a3ca319c4e7e5f6
SHA512 907f812993b1511fabecfef48a61d2f3c33ca58911d2d4ecc4ced42c253eebfe8ea4e9422ba7cd8eaa24caeb3d393252c0aa073710dbea11a8657ff3fe05d8f5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\fa150345a354ef5de121778601a4c67b

MD5 7ef5092ebe4c1d59a02022c33f352587
SHA1 4df0c7edf627f90b61a800f0892019906e066f96
SHA256 4d4d1a918e8a8496bba5ca153c93a292b8b0c4c77cb2baec955fe8f74e47dba3
SHA512 12fc6760d1af03e558876ade236ff0e2c6361ff3d1ff8dbab511977a3aadcd010c1af075c10fdbb93d1f5620982d436abf1e96fe0eafec303b4a08d924f896ac

C:\Users\Admin\AppData\Local\Temp\Roblox\http\431ed59e6aa1d5256057a3eda0c9ae36

MD5 bf8fb14c4e8e504b5e02a8581821d6ca
SHA1 b5ad01cec66ec6f89b35178b552ee88ab15fc6da
SHA256 2880187c3c61dca59219365f8d90842739494bf4f24a018873532b3784ecc317
SHA512 02cae91dcfc947918532648a15ff4d24871054faa68d6bb36b0d04b52ba64a1cf5744c3064fe8d1a3a33fe8dc11df347cea560c5b2c59bbb23be153860b81795

C:\Users\Admin\AppData\Local\Temp\Roblox\http\6edaf966270fd1503719951d2ac661a8

MD5 308002e0f2e92678f66f78f8075a51c1
SHA1 07ef131a5eead0c0cf3d4f742e24a42a15c38ce7
SHA256 5ac28b068add371632b60deefa786f7f9824854b863674e14207498369d57336
SHA512 dd657e1a5018bfd31711ab0e1740b5684d84c2d1013b1d156ad17886b3fb896781dc0752078db78bd469e2aa50d7b36f600ec0866231ffa0c2464d90e3fb5b27

C:\Users\Admin\AppData\Local\Temp\Roblox\http\79e8938e530cd5501d95c40e9ea067fa

MD5 b5729127884e2f0865649d1cd8783f2e
SHA1 22e7dddb90807d6d8d585ce634c3c5940b7122da
SHA256 53d3fb1d0553ec688694d80a4fdf13bac8d9538b411d59aadc3ba5f7a5398622
SHA512 7e414aa7d2c84f90248ad7be22d06b50345c817ba0163c337bc67eebfda81d033581b7558b2e8ca1939881fe92f2993daf16727ffa8ae5d528e8b8fa473de83b

C:\Users\Admin\AppData\Local\Temp\Roblox\http\216885d31978de9c727c4bf3c27f13d9

MD5 38aef7306cb40d9bf607c8e05ed9f675
SHA1 dfc417faab16b0aa8eeb3ce804dac0c223e0f0ed
SHA256 0a188c3f5b46c6290b281b59a4372f389d9f12028b8c4056d1ca60f7ac44b996
SHA512 9d3da8fec8542c1f3e97d5807d56d0fcb19ada1e116f7556c9c55cba7fe93c39d5aba04bb16dcaa9bb2e328aadaec9a61c3665f6e49a27cc27860b3ad2454abb

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e4997bc92f022bdc4f792ad36ced47d3

MD5 ec75d1392eaefc4505d471b93548daac
SHA1 55e32b6f693050e904ff2dee691e9f9c1ee43ff7
SHA256 c49f06e8345e682b8790ff9a0fb1c6e79f61ed7225ff7ac73d294c0c77937f0b
SHA512 ab760dd234ee613f4c75f5082da5ad1a56dcd0f0d70e07bad27f3e69a13e2c46bd972d671b149fa2b7904e528e42a50d68ee549b46548db3df232e52ef2ca0dc

C:\Users\Admin\AppData\Local\Temp\Roblox\http\7f8fc03160e21d6b21952a7d939ff9f5

MD5 b6bcd6600132df2e855162594beaab80
SHA1 6639973ba2c8891f241dda5b6bb51dbd603efdc3
SHA256 ac046472a07fbbc8622c199d4587a533ac93064476a9023a163f29b8f03c6ae6
SHA512 a9310086a75281bb5f535fafe550d3f58e1589ab650dc59507defeafc71e9f156298fd6502ba0f18acf98411369f65a4fadb5bcc9207a16c50dde251f82d6ceb

C:\Users\Admin\AppData\Local\Temp\Roblox\http\3acc8af1251b7ed321f9b36da661d9ed

MD5 808cb55c51b6fc55fa6cdb17892dc876
SHA1 4487b86a3a42ff05e109800b1827c100390245c0
SHA256 eed0725bdeac66a2e53e7daaa033f06c360314d751df70176a0af3f23eb08c7d
SHA512 0d2e6534792e7d417a6fa8403f22397f406352a38bfe1019d87e0308d041b3e69d7defae77e2bf6b87adb3b7d59718efea7d5fad340847c681eeb293beb0f24e

C:\Users\Admin\AppData\Local\Temp\Roblox\http\b0cd0725ce628c802aea646becfd46a5

MD5 b7c03229a5a8d6586e4532281bf1bcf6
SHA1 e2cf4dcb1a5ed9ec90882b05fd92a1cb2d9b7031
SHA256 2f68626defe72fe2f0f653e4f329dc40a4da28ec0b6805b7e372df74503490e4
SHA512 4b33587bd1e348c0c3c90ab22556c1a1634c9c16a7986d5ca92cf409a6bc9a2d4ef6ff29f1c56fbaeea7ea42b9e6bcac980f3a13869c7321dfa94b3d4c68498b

C:\Users\Admin\AppData\Local\Roblox\4155035591\InstalledPlugins\0\settings.json

MD5 eaef4b677b2babd4fb7b29da0f065bf5
SHA1 655dc02137cacabfeebb0705832c3378062b1598
SHA256 c5a33fdff10981930005746e120f5cab8bd1321ea949ea5cd1b2e34a88f7aaf7
SHA512 7ddab6aac206bbd23350667487335e674466d66b3f0c425ec3789a62749bd6073eea1e1f5785ca539a0b7e0bbd8a83605191508d97c8280644088cc7d8161aa3

C:\Users\Admin\AppData\Local\Temp\Roblox\http\3e2504bf31b5aa0ab48a8ae5f1dc5f1e

MD5 6abaefefcacaf36071c43e9dc51f1bda
SHA1 a562a7fc46cec9c90e86fa570267864ef2249a20
SHA256 55941590b6aff4d570b3531c493c14c46eb687ed9e4de19200de1681987f75ae
SHA512 5fc4b6db68c03630673789ec5f5d017709e5a9011f25575c0e428f4a21c30e1f6664faa9e4ed456ae79c7ea0fc45db30b8d45ad9b4e2e94f49b27c50237872c3

C:\Users\Admin\AppData\Local\Temp\Roblox\http\RBX7A3E8692EE25435ABC197A64BC7DBC4D

MD5 5bff0b6da657e8e4ed652a4a5faf57f6
SHA1 ad49b5a7c4734d26061b0eea4496fc41949bc5b2
SHA256 c80ae50ae40768b21e62b593515865bd729b4c0712a006cbaf374a66f14f956f
SHA512 146a0ca1c20471f2921f1c911692223b77c4f528f2de47da9df54c1620242230998b86be05b436a725e64665a008cfc21715e114fb0fd1b9e0786288ad20ff24

C:\Users\Admin\AppData\Local\Temp\Roblox\http\8fbe2ad68bce1f4933b291c365e04e75

MD5 d6a9f27b18ba6c1cd064cfee32420a8a
SHA1 3eb4fe70132f76c96bf7f951070f437ba176fc40
SHA256 612baaa3a5eeebe00562f3ecd4490073f3313811613ead2948c1626128191506
SHA512 1126e9b53315742eedcb4e28bec6330c03cbeff2d311c9bca1e8280720ded31b6ad7f4f4b6899aaf23656ec46b19fc2ea6566226c1fbb1ded1c3790832d9fc1a

C:\Users\Admin\AppData\Local\Temp\Roblox\http\cb8a45c1430998ec1304e4c79176816a

MD5 933b1f5dc544d9868d257d80e517c112
SHA1 a8d55f9cd5f79ef7f6fa1ffb229d8bcfb30ce348
SHA256 51a66f59fb6018efd308234879746581b50566d967cf1fbf63fd3fb6917f1295
SHA512 6e03ebecd629ec937171a7a2d11a88c83c0267c0f153b86194683fc967f0e1c827e6393a39af735813a1cb3fe2297cd6582d2f7578355e797a5152dd92d6e600

C:\Users\Admin\AppData\Local\Temp\Roblox\http\1a1d7a8fb35b007494a82bd5304ba1e9

MD5 2414d644ab2dc0d3c58d8546b4cd7ea0
SHA1 77a854549c69f719657f5d404ae9391c705d88f6
SHA256 28be75fd24c5225fe212cbece08722d92c4d2816e5c3a0051294826a5fe79458
SHA512 02bc18971dd372438e6f93b0db0e29a2b647b7e1acc5e8d8321f73857b746c5523e7c720ddadb96363664fd5652c30d5e396f7128813dfc0c30fe7ea4086a229

C:\Users\Admin\AppData\Local\Temp\Roblox\http\0d8b0fd3715ff57ba968ae5740d39a12

MD5 a3366bed53be5f4fed574fc819a07072
SHA1 a79b59561cf06c8a209fb701567a67376d83924d
SHA256 ec5c1697be4eba9851b9a413c13e1a94f9846f6dba1d8d0fa33e1ca7292e8030
SHA512 f8424133bac79bbf7547bf7076cbaf0bd0767f220778275c36878bb982bb69bfe64aede42d67c9db009047e66bcf5eb9604205f6b0aa9a801f6827e2034399fa

C:\Users\Admin\AppData\Local\Temp\Roblox\http\b80d47fd48f8d137ca2aca87e1d00059

MD5 7dae317d3e65c483f462a48cee3002cd
SHA1 330c91065d277740b721b723ffae4e5511e8da2c
SHA256 ad244e68f3ae289677897bd171703b8ab65bb03b17621b3c8f61594b906f8b78
SHA512 966a981204a7979932981d8870704fbe3d4afc2a0306cf149117eeb30a54debf852c8ef04fda90fb2d1d1261daec60db390a4c9b9fa77740d14171335384ecc9

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e0fce80600a43748c6cbc0ac23f6cfa2

MD5 3bf49259291542dfee0f89d587c177f1
SHA1 22328c74fce75f7918f6c4b3ca5ad9e1921db437
SHA256 971101824fc41a26f9b1386d72750a69298f4725f266edb3c93b21f9600d2916
SHA512 20366e5775f42da8e313d67ace54bed3b2a010a84d9b3422276a8b544186345683c00663ce4f541c9890f906344ca3400015bef988d4ffa7dd4bf1c38161e271

C:\Users\Admin\AppData\Local\Temp\Roblox\http\175af5595dfe9780b5b7b10ecb943336

MD5 0c9078c249c45630688d2af7e0574c25
SHA1 8fae18c0c69cf3a58abddcc9a55fba6d81aca2b2
SHA256 b0e7f0945d5de86014379ede1d9a9528a8c944534ab33e58c7b3be1b5706500e
SHA512 24e0cfdac58bc3714541bd39f6992bf0a4bd4c47e492edc40b72d045b4f06573d582d9f4e50e0c23f964ec678d857752caeec6a65ef89b70e2ecbefe749b21f0

C:\Users\Admin\AppData\Local\Temp\Roblox\http\fcbcf8ab7914469e06c8fa6ee80f2201

MD5 958ad6c1423022b1905d452d8772d16b
SHA1 a1c5aef3f0d7550f8a9ac31ac1e295696477c02f
SHA256 8965deb3f4a35faba9f087defdbc2fb071e006f283ee7e6b1ce250c6ec12a49f
SHA512 5185a342c83ca7770ecb1103d95d061cc17c80526f755ebfac53305947b09765515221ba65b43a98eff3860e47bfc7a15f51e67d0636de7596a6859ff20804e5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\1daaef2a5ce0ea927443fd099437bb55

MD5 e4a239995837749223ed2039a40a3a21
SHA1 b1cc97f9ffc3a367dd3a55a1a3342d59cb610403
SHA256 36ef28d0243f78f746ddc7abb74563980829c81dcfb91abcdaf6459bc7d374af
SHA512 ad81fe4cbaed589da0a3b97c20e7e5fc0deabf5910b1c41dc7d6e6e8b8f22486f71c9577886689739bdb87e34b330ce43cb60fb2e3c1305d77984ec78cc0879b

C:\Users\Admin\AppData\Local\Temp\Roblox\http\31e8a63e8fa08c8135be1c5384c3e0a2

MD5 1221a85cb03fd45c001ef47af9935e7e
SHA1 f209b998e8972ecf158f58270244b831d107ace1
SHA256 e7c79bc6240600fc94d67a9c0e9c1f563a3f30698d7cae3d19b1735865835d4e
SHA512 2e6846a2ea3bcf0892703f3f2024a0acdf277251c55ad9c65e61fb5a8780c67ec707d42818b3d98103504dda9984c109ec0f8e393fc063f734bbc7bce168ad90

C:\Users\Admin\AppData\Local\Temp\Roblox\http\32c38bb4f4a560d621ab93aeb6ca5d7a

MD5 f7b60787135cc235066319d2412e77e0
SHA1 ff9e626cfeeb124bc95d830d20e13b15c6427c77
SHA256 e815d7145b898343e81a796bee29e8a71a678c9c3475a7b1107cdbefeefb6152
SHA512 bb21ace97ed300299a276844630c2b30aa0aab87a3a8684391bbe37a0ce7761c82011035f741cc1f596136043f1871d16b0238249d3b943b2c08fdaab8c0d762

C:\Users\Admin\AppData\Local\Temp\Roblox\http\5b794cd8b1447c984ba301aa73a6625d

MD5 2740a9a1a4020c08f3ae9fce5509416d
SHA1 371eb56fa91013a45a38486d5d77ccc12ad03990
SHA256 239bce8cdaa04b7e91497dc8fad14e5af36ebf244712d7a04e37c2be5a0e0a38
SHA512 fbbad878010bb317d5ddc6de48c87d838db393fc52c564555883d07e62b77cd37a3584414566977fbaef792ce0d2a00cf851ce871e880d1cda34357d2fd4682a

C:\Users\Admin\AppData\Local\Temp\Roblox\http\d8b4554062d011287069393d07af8706

MD5 a0c28b8252eda35f15ff0931e1817ac9
SHA1 3fa429b9d0b8926907abc63b81a301bad2442eef
SHA256 ee880812bbf7cc1f00cb363632e9746e7342cb5048765c483d56f4284e555a0d
SHA512 e49af44a8fa6e0c0fe4a5f55df2910ff43a6a9360d6e0ba507375487526fa4fae8c974763e4bb757e0907036141123920024adfb312f9d53703bf6d45a83956f

C:\Users\Admin\AppData\Local\Temp\Roblox\http\4dd9b09ac0d9a7bb380a273db7cac4ac

MD5 d97f6e22eba42d95c89cfd439f36c1d4
SHA1 3a439aff0b80708f6510643f70997b897500d2bd
SHA256 25f91091126b2855bcb9c2daa26fec21fe7cc6d25319925a95a55a37cc840b6e
SHA512 52ca405f845e8313b0a04657eaa9a22d1c4fbcf758d5796d2deaf41c7ed6abc28e3597dc1f5d803c009360a63db4e686e6622fac669c252b09d2a3d8dc451e72

C:\Users\Admin\AppData\Local\Temp\Roblox\http\9fd0b17a3402934b24f3b349c8d753a2

MD5 59e7e73fef4a9df2680ff8fe1722014f
SHA1 2b9d42140ad6207b1e3f5cf8d66b345109cb1098
SHA256 05f280e512673a8f1358b88e8706bf5a763727dc16e8c43abe1be6129a820b57
SHA512 49edc88448345ee5bbb1093bbb62bb49b0ac3c1c0a29d4a862be76845fbbacff0347ea457d66e40f721dccb8071c18e4ca7f41cbce88d57a64a02ed400f4f783

C:\Users\Admin\AppData\Local\Temp\Roblox\http\bc27c501541df155b6fb12496e5bac70

MD5 f635924f866829484247044f991b14ec
SHA1 39c6f43e94e4b0d0ce9c30da5b78aab7fa5086f5
SHA256 30b18b2546442b630f0fb8c6a7c26419a9a73988e8e1a118dae5b7241e98074b
SHA512 ca145397fe454c2623651c9ccaf86fd15212fe83d758fab2f8de35e4ea00f8eb8f58aeecb2fc95a4ceda07c9bfa960ccc29b1a56c2bb317c94297c24a366be68

C:\Users\Admin\AppData\Local\Temp\Roblox\http\706b550a2be783fb6e220ca8181485e5

MD5 be4a508de308b15bf9c711a769ed61a9
SHA1 2b980f20a1466d2f1508bfaf8dc2a2558450c1d9
SHA256 0ac514138710cda19cc114cafa8a3fce046654dda1cce0915f525c6f5ed0b812
SHA512 dc71cf06e2466f17b843b96fdbec856b3b67df95105895597e73fad455340d4237f1b7cf91ac2906efb9efeac89515deb79a045859a0651420edecabfef8cf8c

C:\Users\Admin\AppData\Local\Temp\Roblox\http\7948b73360f27446739cb67376a2d7bf

MD5 6c261f23c63795849eba5b1ef6f17cf3
SHA1 464f91ce49db8b5546722bd62c4f59aae33dfc20
SHA256 e4274c467ca592398736e990eaa97a937f209768239400cd90ea59f9e58a27fa
SHA512 ab6f671b1939df79ee60a873148a1763c06fa880e2f17a23c9e09c5401120873167905e49be3abaf546b9fee33096b76a5573a473b72de3806c38a128ab91ab9

C:\Users\Admin\AppData\Local\Temp\Roblox\http\5477b96b8c7694aaab08397c539323cd

MD5 74efd118f986358ad4cde9a57e61dc32
SHA1 0cfe0335bb35298456edc9ed791e019b70266c31
SHA256 b973558fa71e5b3a07fe6ca6180c5bd0cffdb343af3a0d2e4e4e89b40b194ee5
SHA512 357ad98fcdea45563ac733ff39aae16b103a1327a063445b6febb89616a61fbcd140c2148eeef122965cae78c2158bb39bd3eacac6d6c70a58546489687dd733

C:\Users\Admin\AppData\Local\Temp\Roblox\http\78e2b6ce1224c7617a6a8c90174aa783

MD5 22b25a819c414b6c626e5306888142d6
SHA1 e7d68968d0848af0e5203409227a1980dfeb4a0f
SHA256 275eacbd4554f5b0e4a4266514243c661edb1e4eea694a2fa01ac20a531dfcea
SHA512 bd04fe05aedb2cf10fef09648566834b019d40a6ec8532b19edcbb2348059984dbd5c04d6fd9579dac55f99a6b4de820cda159256d236450b0d0a51594e3b15d

C:\Users\Admin\AppData\Local\Temp\Roblox\http\09f04b99b82b262e105a232e97395311

MD5 e3a0c050904f457b02b36bfebb1c0b6e
SHA1 a611605082957d8eb5dcb83939e1b6bd3d870bf7
SHA256 02c51e5a41d473f8e0befe8e5fb49073f0dec0ca88ee83e0e6a3c0ba3e18d399
SHA512 f2b6b3a7c193a951feaa1d5abeaf52316773d7895284e806f7267708672f6a7baf37191a244d2c044c785fe967d416353ab83517b28932b9e521172b89e22275

C:\Users\Admin\AppData\Local\Temp\Roblox\http\77b3cd784a40d8349719b23b5c0e414b

MD5 05c43f778ddcf81fb06a2fdfb4f7624b
SHA1 616dade772feb66bb1b8dee218c7a5a39d43de06
SHA256 f4a00d60cb52477dfdb2eb264470e5daffd44139c118b73c80e8fdef16f9dd45
SHA512 a2443c678bc019dcc50fd7a49d5c19dfa0c45a7c43fffa24ca225f0f24b6839865288b2fe843bb233752fe59c712c54bff8d9b5c4e8ef5ff4ad8ef20b053feed

C:\Users\Admin\AppData\Local\Temp\Roblox\http\f469136d50a09240f313e4f48b35b40a

MD5 81927a5a1612202db2ce511c62ced773
SHA1 4414e92b078a515ca699a82cc3bc64a1e264e4bb
SHA256 a8a2313bedad3d93a06ce01ca1abb579013d083e2fec866cc22342713b7b6b2e
SHA512 33918119fc071674aac79062c0e4bab978d04cc957189cffdb8c1bb1c7add1bf7d9a0ab03b08d9e997bd8734266bcbc7a312b316f8303347e2aba876022e7cad

C:\Users\Admin\AppData\Local\Temp\Roblox\http\fcece68795e396ad03d6e2608d740126

MD5 0ba72ed050100e6779ea0f1c713ac441
SHA1 ff585cbb4b671bd3a04f3bdb2512a896ff07883b
SHA256 0949d1f525ea9da560f02a0447eb12a33ac6db673e89754b8f3d230e24ccfd06
SHA512 22c09e80f4af164d94ef40999572d2ce35bfb1dfacbd1762b380c9685889d515ed9aa064db4f8ab6746c8a26ea4ecffef9337014293905abb2f0cece7344b851

C:\Users\Admin\AppData\Local\Temp\Roblox\http\5c36700f9b5f405f69b210d702f6087c

MD5 94b44243d9e420ff19ff04f4e434b83f
SHA1 04687ed0f779c6873da97da0f16f042b2b459b69
SHA256 f76c45b8c4831588b971b25431b7b85f529a7214f99103ed82b4c2e97d9919e8
SHA512 b7778206ef730254f469214ace61b13f7031d0c4c751b2988decee93dd5a6c8336c40974af74b0aca6d42874d54e23dfcdfc743f5d633610aab2f05e948bea6e

C:\Users\Admin\AppData\Local\Temp\Roblox\http\0b39eb4053e10b7ff21430e80432eed8

MD5 be1dacdbf4fea39b16e7c11e286b7205
SHA1 28ae9237170d6fa225c54e7a36e35549d191d450
SHA256 3a6d14f833f7da8ddf3139d42e41b2b83d1ea0d4570db39d9c10dd98e33da800
SHA512 72cef9e399c0652a340cb12dd239cc0dfa14a2c832fa63f76dc442308ee9f91b41ddff62fb70331895716b61fdccd332f75c0ba2003f818900e3e6f260303176

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e526d6628fea4b1243fbb953bdf85ac9

MD5 3964c0c8b23c560175f4b299e1a9605e
SHA1 6c155c8a5ece5d5d7340ee4ff0fcb730e4d2b0fe
SHA256 20dc4a3272ebc6ff5edf0494d9e6e2d06c690bb079a36bd04e074818f16a2dbf
SHA512 c6f53903aa3a14f3187bcec1afba4b5b07c10ebef6dd10a710f400996f2214703d29d58abff6e7e0025ea91a78ed2f799f69c542bea006dace570464acf90d64

C:\Users\Admin\AppData\Local\Temp\Roblox\http\0af1ae578b1c58a0e785712d31028c1e

MD5 4ffc139d6996c3eba2d40053423d07fa
SHA1 6da7d02805c626596d055c20cf084aafed9b9768
SHA256 0445b87f48bfd12bf0dae91d8dd7c20ee924212b4cc8be782c0a54193546f43c
SHA512 5af3417cdb0d099add05b22090b5aea9ba39069c4704d000aa323b859e47ea67328f616ab03b7b878ef8cce0d528ac0ff5c0f8fe305175b952e840368e0d4a81

C:\Users\Admin\AppData\Local\Temp\Roblox\http\571e70bdfa73e0cdaa28fdbd2ca19ddd

MD5 bd289aae66f24d373fe9d4388f8ba9b2
SHA1 4d248d4f9aeffef2fdd953bffbacf81ff3ac8554
SHA256 78561a946c48755de0fce9695d30ab82d9e5dfce2eeb0ef6a0824282bc88a0d0
SHA512 50666175b0955dbdf933302016675f035df38deeef6b4a0e8d0cf40b6e3d2c3e4a089a5b78d75015e0048b2e7f91d81b69857004d55436437d3fa0754d1ef8a0

C:\Users\Admin\AppData\Local\Temp\Roblox\http\be241f3cbd5449b0c30c651c4834e3da

MD5 2866f1aa81a7f9c354d34be6a58aa88e
SHA1 c470d8ad431f9876d7966796a503c15440a35345
SHA256 38baca61b0de1abef8c3a97557b6e246fbf9091d1193e3732f6011508e5f0a27
SHA512 1af43841070856ee4c509080c286285ef4850d9dd8507381a5045ed748ffdd09fc32843c0d18aaac70621a8ec88064f0a3b74036cbdfe91be207594f55b24ef3

C:\Users\Admin\AppData\Local\Temp\Roblox\http\73b0a5d180fa4202c3e9365c3d577fd4

MD5 2c2e29b04e1f7144017730d5b5ed8b87
SHA1 8a36310825cfb7d8ea6fd487afa46dde29147199
SHA256 6026fca2672513a7a42dc67687850d630434b2260621f77ef5b2634486048d5a
SHA512 bbd5097d544d3bea8b5e97f3262a4f7765b13d5c742c9df8fd07e6a56e7c021a41de575dc1c24749631eb1003db0b9548c634eba7d6d2701fe4035f0a5880615

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e385854d0ae9ba50e28a7a5629fa28be

MD5 0c889bbbf77ec231120674d4843ee0b4
SHA1 fd29658b2fa416059cb30a6729030b6a6b125e92
SHA256 5006fa1587ba1da5b7696daea22929c490049bc0f10661d9c79322b0a647efc6
SHA512 504d43f9104b8c56ba12ae9533ad3554858ebfb4f5b4b8b1692ba339deed831a66f5441a1e4706015cc59f4de4729c0128fe7da2c8c3d095b2993e92eec378f6

C:\Users\Admin\AppData\Local\Temp\Roblox\http\90d821a0b7efe2541659a0ff6b31b88b

MD5 6f0ea4b31f2f55764db79b43833bf83d
SHA1 2522c29622377d611419babb3eba2e8cb13fe0e6
SHA256 08f380d19a3cf8307b098cdb5e9992ed1d29e5d15226340758a1af3cb4300c64
SHA512 6a5437574ce2db6feac98928a22c7002ce526501335ac00444190febe302dcab5f18ba33a5ae00bcd83f469b5f1cd356474c8cfd31d9992d186fdd0846db5641

C:\Users\Admin\AppData\Local\Temp\Roblox\http\2d5ee01099db60480061c57d9831c261

MD5 839f812fb19680ae8e62c2ebe0355e4d
SHA1 a256751297a9f82a082bc4d5ef08d5d9d89a2c17
SHA256 b414e1186136cb1f46c6cdc69dc5b637ac5de6a390d67cf25907907c61b364a4
SHA512 f2209d8bbb8f7ce1e6b675cdd2da3a10bb450d50b4f73a596fc0639f201999f32d3c1a2418e0b92c918c0a667a5750ef122e4331361e0022b66a2fc5e489e5ed

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e665da7061b12f952145852fc21ef7ec

MD5 4cfd979bf14b07dfed01ef9a3b1279a7
SHA1 2e7aad8b8909d3117bb151bf4d34b608e3ab9c56
SHA256 589b00b0a2fbada62af8b7daa8755ce68420a009bf6ce7a53e0865fcf262f94f
SHA512 79a25e0af653d6ecb5fd1908c3652c6fc8ad3d0cf1e00510801bb369728dcbe3c5e1e66f73d058c511320badca3c8ea82f2baaa5e0682f304235b68f622685cf

C:\Users\Admin\AppData\Local\Temp\Roblox\http\f9cfb35c8f272d46d504f99d9c00054a

MD5 5a67e8e85c0ad7280e9f1ca86f138b77
SHA1 b9fc6b3311df7710e1251114946b93a72dd5d5d0
SHA256 09e7111ea12f1236be9b1da699f8c93eb68127d0a98f2ceebfc5c2d7b25f0ed2
SHA512 ac5e400ce21e5e2503a11642cf401ab5ad4e625a01ac87f1711a02a415fc924556d0d3e50386d17e29ec20bb99b5d3a2d0496dc2ac1fc1381b29774b826cd9ad

C:\Users\Admin\AppData\Local\Temp\Roblox\http\be58ec8ab04ff195247b1536cdfb3d44

MD5 d1d2f476fd075d55fa0e77b3c507cb0d
SHA1 5976cdae821737161f6debcba500a2842f988f8c
SHA256 650bcfb9e1c7855d2b72865695c2f4d4212ccedb53584f089c26e2087cc65d41
SHA512 958c07812ae7e89143874ce4effb112eed3bec3436fc0b71ee70de38298130d08d89f6bce42d2b0696839f67be260791d121e81f46a4935f3985e241aec7b0df

C:\Users\Admin\AppData\Local\Temp\Roblox\http\848d350916ab0af9758cff8167a2aea2

MD5 0042d3425d57e55a4e8c899aa911012b
SHA1 f260334951b11b4ace9af45974e365ecbc6cb9cf
SHA256 f312918dae9b5ebf3028f14575ac8bdb78e7f152061fc59d0885ab7acb3e9581
SHA512 cbab405431b5a95ae3c9d3816b4a1c4d4a07cdc4dfcf64d0977ec80533a6029329db101ac36361114288fa18c769c85a3f238b13f63d2e1e83ef4ef64ae45521

C:\Users\Admin\AppData\Local\Temp\Roblox\http\d132016b6bd0b89da2690c24749f6ff7

MD5 2e2350147bec3587e3bc14b7a1e32c2a
SHA1 c275f45e728f71d24ac6d8b496865c218f972b41
SHA256 7ddec5794d779b1ad88ffec41f00c793f21046d18c930328d662a3c2d1c27d84
SHA512 670d3893ab1503dea9437b61b2b1488238d84d3703f94b74b5c20bb7bd26eaa0479e6d3d91319219bae1c1c357c6807101c5960ee2f29ff48475c0e6d9ac3adc

C:\Users\Admin\AppData\Local\Temp\Roblox\http\d27efcc314894472628caf798daafe01

MD5 bdec8723e953241ac3edc46458a6ed7e
SHA1 783605b1587b096807a81e32c488be272e0ad581
SHA256 c31b000a001faa6e08026a24043899ee4941371ce464146a9c78befc2a796e4d
SHA512 221cf258c9c88c857e34fda1da4290c67c3a34459f86b828ab968f5e57b2be53eb4f7aaced83151576fb843a7f1166c267de0efb116740ab2ac2b37ca0cd4d93

C:\Users\Admin\AppData\Local\Temp\Roblox\http\c9d72083ee0b41e11170f5a9845c3060

MD5 92e9669fc7c748554c057eccb11a97e0
SHA1 d3fd8c1e136a2ebed238d95bfbfbf3ce61a385b7
SHA256 b29195912662d71be85e0db741dec5ef005d744d3aa0913dad8ad1e51c3aeff2
SHA512 cdc3a1b4c596fd3c9621e53887a9d503205a0d5f8663e1ee3366129ddbfa83f2b15bedef155eda2949f24d1df615ead664114310e3d3dd03f9fb2d95df2e29b2

C:\Users\Admin\AppData\Local\Temp\Roblox\http\d4f8d4ffe8696350702fd146346140ac

MD5 084a09f4a178b2533a56610f28f252d4
SHA1 70c343a804ea4674a214d5ca8e24bce33cf662f5
SHA256 91b1a39172d8f6f0c98a2a3aaf8c137b29dcc4ed4c1bb4a3bd449dc16fb45e97
SHA512 fd8205ea2edc70743247666bf8ff414ef6038f6ec03bfc7590dc037024ca66eface1f3cc559511919058754a5dfc2224ca04368ed31df8aa942a7d9022b93e5f

C:\Users\Admin\AppData\Local\Temp\Roblox\http\6443205f8638cd85aaa1caed016b8ac4

MD5 20db412bf509b564fa765bbc0b917fbd
SHA1 938513617f173454649543b7c014ecc762ba5b5a
SHA256 8b7281d0d0576ed2b73ab842080238d7e006e1524ed48f423f61a86cecf3ad40
SHA512 f6c54fb0478c2df40776125a920621a1789d02239a78cdd3de8eb83a27a00464b2aaf8714776897a4b3ae5488da664befa604ec836fe12010a046d48eaa519a1

C:\Users\Admin\AppData\Local\Temp\Roblox\http\697aeac1e8e025f05cf4b76086fb70df

MD5 749deb1ff197b5082e2b07aa55a33d31
SHA1 08b4d7441ffa13b8dc3610d74a56d8eb11d8acb0
SHA256 e593f31edc529b51f9b253994d8aa93d8ab0bc8faf433e737b0a09e80cf2784a
SHA512 eff256220d72675ba4b23344191b963f7acdce9743af8be81020e2a74662d2f3f1b2735e686806b73198463c550b2d18921840271d515dca0b2d4ce226954d0d

C:\Users\Admin\AppData\Local\Temp\Roblox\http\fcf8e7398be5b1007fef514afffffa6c

MD5 864c04942289c1dee2c1aa18ea77f1c0
SHA1 1be7f1b6c2f1472adb9b34fb6f7a51d3d1ba161d
SHA256 9855931b8e0500c6753d77200447963d1981fa7f7b4fb34067bfedbdec0db442
SHA512 6f3934ea3ca2317756e45bcf065abae6cf34ab7c24e1847023ecee8e404294420f5cc978af2afcea986bf160eda88c020fa1b799f5ad75a5e3991e7268192dbe

C:\Users\Admin\AppData\Local\Temp\Roblox\http\aa3db4232d83f97f5e078c526e25a6e2

MD5 3e1ba08877dd32fe4178a730b0ea5e19
SHA1 c020afb22c7cde0c77a9d1d6be18ac8f1e62973a
SHA256 1a6447007e90d27fc71fa7bedef2219bda30eebc33447c2929e4488315e19641
SHA512 bad57ec1a48f686fbc5842a291c95f01db413600828b198b55615857bb1e50e4b3b6031d5896c8d7b9d6753c290c0253ddb83482f89c7fc348b8b80194a07286

C:\Users\Admin\AppData\Local\Temp\Roblox\http\8aad44a486e1e94cb992a6a0e230f735

MD5 451b527070f0cfb1431ff5052642059b
SHA1 6021d49e6b87b9ae8fa64c3cfd0180d625c7d761
SHA256 b9391062d160f5bd861cf7e5ecda919954e84a87eeb3b000bf9b93c068057c9c
SHA512 3ec22e77061670685a576d96cc3897473d11c45c24e581688da54d8700b186d3583ffc23cc2c3395fd93af36afc45083058a2bad9cffb1362be8bf4edb20cef5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\74f7241d43fd3efbef367cddf2de0712

MD5 1e996f012273818bd88129d26108d8f9
SHA1 c193db2eca6d190e929375e617f45790cae442bb
SHA256 c7c8ee23804c70ae96b1399c2f6730543f10f7678f5e3ee36fcbce97245aa8c8
SHA512 40ea7f36824cb96dace8ff41b1e92a03e0f7e61cac33a3a81c81cba12714812504554eaa0f4344d30061ce1d89f231ab21cab164a008e1f68d18ccfcf5525173

C:\Users\Admin\AppData\Local\Temp\Roblox\http\5105c207d9317b50c40470887ccfd3aa

MD5 481555658adb9b672941de82171b343c
SHA1 7937e7bac46ac99e1897c00285fd23059828dc12
SHA256 5069797f8a4b926fcc5bcdb668c1f67ece5d5e8f05d6f19a260c55c9a67f289b
SHA512 aa9aae6ac82a3e320ce9c1b83883263d547a82369d8f31d3db0ce6d6bc5cd07ef96157ebf234d6e31b40b32e276c233f7c2c0856394a70d183bd64e03720737d

C:\Users\Admin\AppData\Local\Temp\Roblox\http\2da892c80dea8811c616fe5e0e6c010e

MD5 0dbe0b49a06c4093d004ec7d44303fd5
SHA1 2bac861a6075854f8dc8db470558936c36201aee
SHA256 b136004ec10d66b813386e21fc6c5f86d37071e01e8a82437676902eb3e63e8a
SHA512 1d306115aa97102b5d68552b591f5faeade373ff3a718d9f39dbeade32892e47fd921cd78e5dd71e91072476e5ad933ff9659ee5ea1d07133b55745f00c22828

C:\Users\Admin\AppData\Local\Temp\Roblox\http\251c7269a8dc64cf406e8c2d5f5cc688

MD5 7e7342c1c2e3602906a1fd64acde7735
SHA1 357de58a6c39a0fe4d7e4c13c16d8c1d25f9e649
SHA256 24a5a23ded1de17bc3170afbe5eb7debbb47f0ed7b2a4b5303bc899e927a99e9
SHA512 c6313b65687a5ce03772ff6f1edf761aa91f07a29f8b61db7edebf1beb5c548fbc53aba721ede32d4c4bbdd31361dc724c676d41c06278904291579d25d93202

C:\Users\Admin\AppData\Local\Temp\Roblox\http\83eeeca932186715a9107df83747a179

MD5 e7ee77fadd485e9a35a1bfb4be99691c
SHA1 bf1aacc9fe769fd1dd111a1009473db1dcac7399
SHA256 d98e995f0160e551443de0eba015bf29192aea408469c2fc2d9c93a5c1c82cd9
SHA512 3ae849a12cabc409e435da98308db2ec0b86f8fa8624a23632ab0ea836a0aed001853eef600bb99f67f8f907dbb641c9c6bc37bbf959dd12c1bf2ad9c8147460

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3aeed3505609edfbb75cda0594d55e74
SHA1 347636da7060e42dcf3173bd45fbf73ff4ae3f88
SHA256 ae2d0c78cbc011230f240cfb1e38d932072c1645276c4c5f15f967a16b650e0c
SHA512 bed2d7b0e4e50d1194038405f0357109389510133ee21871dcb66c2a3786fce699de2a16cf7c6f2fc9577bb548ec11d922b116ffb17e34213069fb6e3be55102

C:\Users\Admin\AppData\Local\Temp\Roblox\http\afa231f024ffddec5f9d2963d20c450b

MD5 64c05df26d12845b64880218a48e1b3f
SHA1 6ae26e09d6c23ea9ba5ad92d3d40790948b36141
SHA256 e41beb094c8bcc0d8825e031ec9ca5b13e45b94f3c93601c31c10955cfdd8da8
SHA512 d6925cf4d6eeb5275a7c008723410edfe1dd24b9097656e8573f749864f8fc7c61dac61b05230de13a7b9b7b866528c04adca85ad83e8e2831c43b46a70d4c27

C:\Users\Admin\AppData\Local\Temp\Roblox\http\28c39719e7218d9c2d686d4daccb1b72

MD5 25a0b3d9ce5e6e1cc4cc7f4cdb328273
SHA1 4d2dddbe9502a5373e6ea99771bb1de6e828b95e
SHA256 013275e837c61c631932167d47d5d9b838ba8b9863915d39f06d8ba4914df147
SHA512 20df5153edab7085594382f80b5d7c6afa5f2a84741efb46961e36331c94369a7c7302c9799676e18aab171cf398dae8f314395c22238de6f8450726c4c992c7

C:\Users\Admin\AppData\Local\Temp\Roblox\http\77fad0fb4662c6b81630ee443153aceb

MD5 183fe999017d5e5654364c0d8fd895b8
SHA1 64cbdd4bfac3c60803acfb2871a9fc8da27d318c
SHA256 3622ef17da158e25761124720a642153fb6eee615b54da286e731ca2920216ed
SHA512 d5026e42d343185e14360a292c6d13131dbdf081ba44960598e12652d99d999b4f5c70c5c02335596d18302b1cf64128a8bd06273237a48e2cc4eb0267d12307

C:\Users\Admin\AppData\Local\Temp\Roblox\http\584bbf8c27b2f156742be22b280cc8d6

MD5 7c0764a501b7f8f1eab14fa7f9337a4f
SHA1 2e17a9b6d5bd740c4dc91af9311e4a6e77bd55ce
SHA256 dc0524c0d7f9f637466570c86adad7021f9316e42e69745bf8d27081a98f09d2
SHA512 dba17c07bc4310c556ef62f157dfd3a0ea1a617ffbbc4324f9a046bf47be9a2bd500921bf02bb79d9ac2df1aeca3745ee1cbd7f33bbdb80fe67e1adaa0bd82bc

C:\Users\Admin\AppData\Local\Temp\Roblox\http\993f844b48dbb84a0eece0b1d1aad326

MD5 c05764b76e6db0114c1d6200b56a3588
SHA1 5f96252b5a83e5c0810e4ba604dfc433ee449639
SHA256 427939d6cefb89facb6e71e082e42ed184f0883db715e0bd8ca832a316150430
SHA512 4c6c06afb99e99d6a7466ba40146b7fd02f83de16e5c89acbe64179860547f42dad0562b2a281706cfc6acdc5558e8fba5647874ff15d2778f3f6d8c1cd983a7

C:\Users\Admin\AppData\Local\Temp\Roblox\http\c677a51b0924e108a9b1485dbdf883da

MD5 e1e4307ebd3e7f8280c75be0ccd3b5bd
SHA1 3f2a56ac3ee57082ebcf4a1ca21001821286e77e
SHA256 10dcbda8315ffe2e7215b8d61dbd26b0553b438fe94b1bdf005758b1b96d9f94
SHA512 7f3ef600e2ecca826fc163d9092bfc10fcca9a9e6206ef29fe5d61902e3e9625bb2bcc07a58ab480ad19354bd0a1c56dd9f13c4e62aed22d87da146252144ef4

C:\Users\Admin\AppData\Local\Temp\Roblox\http\b39250833fce2d9f0655b124db089d4e

MD5 639a9c5f588be3e48a6bf5601215f027
SHA1 1ab7c1d3d5df21a05324853fb235b848945c351f
SHA256 4fd48841bac69eaaeaa9c936347395f5eab6fd4f5549d65cf6fc541884a4b2d7
SHA512 c3aced88385dbd9b10841f72c422b17cabeca80ad11af01222f8901b950be3b42467851d5ef61fa3a1d92f7977724926f765b8bc594655e93e116d04223497dc

C:\Users\Admin\AppData\Local\Temp\Roblox\http\4130cf898fa8b448f1568bfb61305e94

MD5 86df60a0980b57864a2e2d68f857e0d8
SHA1 60c24af81c8406f05ee1721b374ab8a466d878a2
SHA256 ccdedffa29231d609157ccf22019e03a721e9ca248eabf12be511b76f795c247
SHA512 c025bcd3d21ec036712ad8e40afa7da973db770bf5b9b019c73ca8b99202c8e37999e6daaeab3f1c2190f84434a5e4657a8593e8a59066e0feaf38fcd8bc41e1

C:\Users\Admin\AppData\Local\Temp\Roblox\http\477a618fe08d138e560e0c8eab9f3583

MD5 4f9c826223fb8d7fb603bac0b294a706
SHA1 44a185bf8edbfee521dc92ae012e6ed18cfae3a0
SHA256 e12f126277c8b35c48dc15cb2f37850ff5ab0816e5982eaeceb571c99bd17502
SHA512 ecf987dc0d416a7fb1779289a0bd9ba55625abff41491ec3731fd77950e91d5b454b17573be388766b20fc630ee3f125d37feda44e068d2ed0cd2a87be021fda

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e5ba3b6fc7c95f933bacb9db38c93e80

MD5 0de2eda8831ddddda130102597e758bc
SHA1 0fa49f0691a4ae61e422a22b07fd4e5def0ae5b2
SHA256 2d60885d3492996ffe223ec6dfddb240eba00a9e03ac0506d3489edc4822e1ee
SHA512 f466e1ea3867fae7618b76a2895cccabb0f646f54bf8c4cb6cf6a5c2eaf4b8e31eb4f8b42971ee53c929241d9f40af6a684647cc09395cfd709774503f274b75

C:\Users\Admin\AppData\Local\Temp\Roblox\http\388a60aa5e51ff44455d359825078031

MD5 eb62ee1626b44f54b2c444a487ef84fa
SHA1 d3d918dae048e4ee9c9626608693d69c4c4ae55c
SHA256 bf2f079ca21684f382d094af52836d83862c93800e8e054c2f6bc0838c442d86
SHA512 68022f2ac538c51acc24065480cd23670efff68d56a4b5dec2c28316726ab82c81b48fbfe76c44f32dc32b0af75fe3e203aeb40610f34e2e5d75bc684f712381

C:\Users\Admin\AppData\Local\Temp\Roblox\http\252921e7f19d826cf6778747e86132fd

MD5 e06fafb3ee051c215c7118dcb4a75354
SHA1 c72b3e0f2bb1139344053256bcc3ac48f590174c
SHA256 ea771a4652058a4110a95a6fa24c847e7a50cdfdd711f57e02f9c7caedda7908
SHA512 83008fcb8a91bb42f76568773c98e5dcf6658b0d7972d595eb7059b5a598faf80fcc8492351e9e98a6d3a9ddfc17fca742f07ffe4af644d99c087062ed7b14b0

C:\Users\Admin\AppData\Local\Temp\Roblox\http\ecc495a0b2b0470e25d688a9077fd977

MD5 741a45f09ceaf9cba7f0ee5b8aac236a
SHA1 aa6b59bba687981191db42af8a8b17dc0fc9150a
SHA256 92ee9b175404bf4aa4e346ebe4948ae5c0ee7edf5693778a5e6a4a1bed508eac
SHA512 97cb36fc2281753eb7a42f762c8ad5cdef7c14665214a71f33518f88cff24ec5e91267f834a6ea5ab0206457c7e9c730dcfb4f7a2ec527e3ce48877e2f34be6d

C:\Users\Admin\AppData\Local\Temp\Roblox\http\6d1b0fd2905f7655bf0108dd4e655991

MD5 efe7165d72ce56eef26da49dbefa586c
SHA1 b2441c50e501f7121277d205876ec6a5811c4e67
SHA256 4e12e3ed0da10924a1dbc49e464b0b07c017970c839f1c1cb4ecf5a8019d3ae5
SHA512 195b3d7954627b571226a4d5293b19dd0b7b565d4b295b494361ed81f3d9e1c193533dd0e53b2ededa326278294694286669095147d769c5de343aa611ab0238

C:\Users\Admin\AppData\Local\Temp\Roblox\http\bc70073e6562a1a0cb99b092be4629f8

MD5 acc9db15cdf0932e73bfd20b9857b80e
SHA1 cb6455b641cdaa693de88e9b0d1f422744faa35e
SHA256 f0e15f7608b3829d33eb8e057f31f21e931d9d2ab4814891b11ecf47494c141c
SHA512 7ca5152691d595acc0f0398e26f82c4cf491bea98f2c81e7a972af8fe763ef5926a716ea44112c2fa257ba0109b8848f8611f071b88902901bdee1d32a315913

C:\Users\Admin\AppData\Local\Temp\Roblox\http\f1c2eede7a115f0fd9ddcfae03372516

MD5 08ba91e62331009631f755289dcf7324
SHA1 03786d766cac0b39437b98cb61e65c25d16325bd
SHA256 c50ad1d35d0b3e81ef6780da13361923d7525a39db5c9cbc6c5344a0bf5e1380
SHA512 3fe207322d4249f92893d0eb7a93f455374849ca583dd0fd00c79790ab7bc7f0699fe16de332b767689e0a104fb272992ddc37e002b6962cdb6c66a63618e3d5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\23f316746f014ce443f0b0adb0d9d90d

MD5 4843f2fc4404a016a8a7b7f5c352f877
SHA1 1446153b0498dd65dbb53b417d5ce5db49f0dec5
SHA256 46ec4647b950351b091ab0bb34d1964bf24b0eb58760175def7a4a1d7a4e09b2
SHA512 8d5198bd48be46a6aec5cb5d9eb6e75828f88742f12102a1f5091f9c8b51167fd6db13981fb875b032795b9407fa64cf3aa54224a64008262084dbfd3d98dc27

C:\Users\Admin\AppData\Local\Temp\Roblox\http\bbd52b35df5f543d23b7f35ae9e845be

MD5 2de5aeee01688c41f23b2ddc07c0b442
SHA1 68bd21cd4284ff390c1f4f5f4b61c9ff3b8f2268
SHA256 3ceb6af768ce708d114195ea3521c71370ee69172d4d0cdaeb1efff406571d73
SHA512 ce845ebebe20efbfb1a0565e69cea69e3a4f3e71289ec68379565052a2e8a3e5ac873b52e74ea26f2afae7ff64c789c348b4b9d4426ac0c0d6547d9f12290090

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e4317e6c6a87bdf6f00c6c80866345fc

MD5 fa00f598036aff7c2e4728ff840efdd6
SHA1 7873ee7205e2817fc8fdcb3afdc275aab494ea91
SHA256 18fecafdfbf34c5b261f4acbd607c439e35177802c8002a0d88221258108abb8
SHA512 f72faa02c263ed200f7a296ed86ef5da614911c1cd212aedd12923ba551aabc44b33cbced8dac80aae67dc09988d53ee191755afe3d51383ce885750bb00a944

C:\Users\Admin\AppData\Local\Temp\Roblox\http\f40c00885cbd0588eebf8bd59a345579

MD5 9c0241f7306bbf3cd085509dd7840c99
SHA1 21c2a9c916d0e537c5662db2acb565615ef79962
SHA256 e2afaf1d969e104e2ffc22494e2f7e2ec4a0bda49b9de0dcb3bbaa3da9bc8655
SHA512 afdf2c9a29559645e08604b15f023475e8610f41f650f3527a4c2199fc4bda9c291bb24e2f337e00cfac6a5347fae125d8055f0af6eaca38b92ec408343cb9b0

C:\Users\Admin\AppData\Local\Temp\Roblox\http\3ca8206460663e9e944ccfb414623b40

MD5 816be237e27ddb79f9fe0c46efa0119c
SHA1 fe0af06e1155ba784ed6ce8b97849eb3fffb5f9c
SHA256 ec6063b82a1adc4187ee0e01f413d4b5ed10277605f741295658acd3f0ceabcc
SHA512 5ca3c5bca3f5559a500de1262c133a972e776dba7192e6cade152245c0e1118fac41c48a79dd0f15c78ef177294867f041bccd3eece6a388eadcc32da8efaf00

C:\Users\Admin\AppData\Local\Temp\Roblox\http\16f7441682caf62a1789b9d3e75ec170

MD5 cb94125a0b01b9335f3c3c9a9c6cd60f
SHA1 85ae6cca4c661270b389c00299bf7f5d81fc3943
SHA256 afd92a2c0ea64515200f7dd1c6237f18b6d1bd2065296939697d34a3d4e1b0d4
SHA512 649155baa2d26fc6afd0496d11f37d9dcb588726806eec89be58faa54fcf3b90d1becf114c4e2f3964c98e93399b87bf5bb87709a7bd9a3540c7ddb56e2da555

C:\Users\Admin\AppData\Local\Temp\Roblox\http\8ead55fcc97d21deacf012df5c33fdff

MD5 16e22cfdc829405af27279c364ba2f8e
SHA1 0c75b97959d7df1586db85cd1166f99c65603c68
SHA256 aa2f6c8bba8aec6b84f7ef8a7d8c30022097b784236806e63da1f0417124a3d7
SHA512 d1f6695e255f5b7ad498ce177a16591757d5570a4ea45d396f3fa159f5658bddcb7d524c102efdd982fd9ccfa557d984280c27e57484b8f61be512ce994d7964

C:\Users\Admin\AppData\Local\Temp\Roblox\http\5c288ffb1fe759d2618c218fa0d2bee8

MD5 c914fc7a80c8ebee4ddd7216cb8e63e3
SHA1 2e4bbbe23167be5f26e5f3e9f1e1b2409b38e7ef
SHA256 c718cff1df66ac36549451bc6de0535c3f2f9e74b4fcdcea38af9eeecc42a674
SHA512 7564812cd051e0970b3d06aa1bb839c8fae5d1e95e23615eea42d2f12b6284d06f2936cedd947e9d4d33c4656fec00494121d58cd38ddaf1ce2ad8be8685d0fd

C:\Users\Admin\AppData\Local\Temp\Roblox\http\bc86756c9d8f409a887054cf26a854b3

MD5 70461ebd3bf0f7a0beafcba1d52417ab
SHA1 53dd7894e76f0fe7c02f378d7c67107ed4a03d45
SHA256 e3ef21dd9efd05fd1260691d6dd47f76155bd0b5ef1ccb62ef1e588dca161fd7
SHA512 ccc18b368873c76fb25c97009bfd17e4456d488b16da511e61fe1dee031cce48bb25d507d7fb1237345bdc2191085bd384ce45ca98a5864d10b65b28650e553e

C:\Users\Admin\AppData\Local\Temp\Roblox\http\06bf3774b39be975c53ba2193da7f90d

MD5 29abb94b78b9a73db28b7ba825833346
SHA1 fd6da6bc273d4a44067d8c2b625980ab8cc52aca
SHA256 d929c9d2ba98883044b81894da3e921de179d5915e1f92ca9d4df9cc89f1424f
SHA512 d5069ac2996929a5d1622f65ab450bd152130978b049f672b1a9f28cadcf724e317024bd95a11109e0ae488834ab184f5e4b10f6a21ba3329cf056a0b7139613

C:\Users\Admin\AppData\Local\Temp\Roblox\http\852240b4203e72d7bfa66fcea2e589eb

MD5 547ffe689cd0af21ec616bd935f78b14
SHA1 36e70f429bea53fc2c8dd76eaad82f7bf9f3742c
SHA256 abf9ebe04321f9b8926304bc16041965dd79405783b7d3ea56d5fc802863bd9c
SHA512 3683baf37d3da8ac536ae4d2d852acfb49039b3c9d4ab42d972c23e2df6dbfd178a552ef023f48c43c6887161313d516914d26b7cca0c022e2741875d62e38d2

C:\Users\Admin\AppData\Local\Temp\Roblox\http\0407c8d6df198f6864381d3e595ae971

MD5 703dee4351832fd18ef5b85c6e1bf992
SHA1 bdea9dbbdae401cd68814d9815a17bab6f3870c2
SHA256 8fb57fee0d1c996a828a3147fdd9a38e8d1624163dad101e4bc1d44894bc3d68
SHA512 d43b5dc41be38f5fbe30a51c1abcbbc5c606c9d911dd164b5106fe2bcf0310ae8b641299c5491bbd5ba66433d87ebd17dc8a487d88d56d0ee8e81309533ef0b7

C:\Users\Admin\AppData\Local\Temp\Roblox\http\98c582bbf5493f077bd8f59567067f24

MD5 ed3f4356a5aa9295ec58f77ab387582f
SHA1 99f94109e03097ddf835c06292ecb6142c93fdea
SHA256 60e6db5121cddd5bc13b1019c85b5d962599e2548c347ee3c7d944cb20ff01b7
SHA512 cc7869759564fe9d5e1580be978727c4b0da340c052db74f677bf7cc24d93da0b837d01ae0199c6404e02b49d08fe47a2fec7165cfad841f1b6fbb1d7e8d7fc4

C:\Users\Admin\AppData\Local\Temp\Roblox\http\a1489d1b06ae2d917aae075e6fa9b8f7

MD5 5420558b929446bbd89f3d35e72b5836
SHA1 da46e5c797831b47c4d62fb9321c420c6b0ba50c
SHA256 12d1d581ac394291754c5b042baec0904c2f3b3be6a17e0a8761b32b6e53d507
SHA512 e125c8d668b2c73d583c528f6d35bf8a1c9558c594cb3aee98e25eda051f621a6924626d845f200442da65034dd77aa4a51dd1668c07b26611909f76cf9174b4

C:\Users\Admin\AppData\Local\Temp\Roblox\http\1cb6044427da36923148711b8796b750

MD5 ccdd89dadb2a17edd97a48f05de218ab
SHA1 c8829afdfda3e414304f09f588a9e00cd43de4d0
SHA256 8ebad66a66dec464ea8f6a70c240e6fac36d2155ef5460b2f1cc80451e9949ec
SHA512 79976e6623479c42c3b9babb2bbec208a8f13b580dc19419df33639e3922ab973e740fcf33c94841e833ef3ca8209b5b149d2ba5c064f08e3b6a526a651432f9

C:\Users\Admin\AppData\Local\Temp\Roblox\http\8550d05ebb82e2c3691bc35b7c166899

MD5 f3e7b2683bee3c3628f500d157a7184c
SHA1 17aa34cf9e45a2a10cc370ef0047d6ec844053dd
SHA256 66d177f97d367d8181feedc6db9f92f71dbabf58cef1355439559005be6a24ac
SHA512 48994f038f0cca5a1ad783d05490ccc209ac4ff2a9fc3b508d5225348d2202f9760ac6c0334d12f74ab8227eab5a412370459ab328f44177729f8fb6b8911088

C:\Users\Admin\AppData\Local\Temp\Roblox\http\6c536340229d1bb052a390124806163e

MD5 8dda220de3bfd073f993acca9cce3f19
SHA1 c78e343e500f592bfc59de89dcf8548cd6fa1f71
SHA256 21710259e1dbf800de1bd2dd8e19f33cf70dcf6ad306f7738a23300e40d385e3
SHA512 d21115712737f5d51c7fc887a14bb7b9dda4b9db295ecf429623a20eee02b2868956e6d66907997f100395625c42464218c36e750224e02fe0245c0292fc9e1c

C:\Users\Admin\AppData\Local\Temp\Roblox\http\ec9a7853aa53bb67f2099830ce97922a

MD5 0ab1d8c6659dc5952cb81416c8d9a85a
SHA1 16d889c645dd70901f87cc86f6db8a632b8518a0
SHA256 1ebc2f03253024917e0b562d101603c2f9e04aa70a05accc5e63eed9976ea0b4
SHA512 657a549264297c42e4783cdfc76baff2dab9b5b9c1f991b3aa8b16f2b8f87ccdb0c1a56edc23713ea7f34ffcc4cfc95b7fbba8d5fa06ea443610f06a00433f36

C:\Users\Admin\AppData\Local\Temp\Roblox\http\05e6fbe7faeaf27e476e2247265bd7e2

MD5 774331951556eabf4930f06518bfe5f8
SHA1 79a7b332357aa2b18cf400033bfeeb5db7614627
SHA256 c4239a4d05bd3e427245f920cd4eba313e0af75c819f89553c7b6758da9b4d57
SHA512 bf67dd1c1d57779578524ee404de1648d9a4d8ed7f524fd49643ec49c3165b9321d64bda2216cfb8617c32cb500eacc2966263dc03841af51ee37facb2b1724e

C:\Users\Admin\AppData\Local\Temp\Roblox\http\38b0d496d6e95d4a4e1f049ecb71b4d1

MD5 60dc54bc02627b188fbc37f3c81899b3
SHA1 7065242d6e88ff9ed0e0cb891a9a6f6db2be5334
SHA256 35fd7f2804d4edd74c14cb7bb1534edc993ab7ce9e2d64be997b12ffa8ee5b16
SHA512 2b43c5d1f2ee4621055d94f3e04cbfed24371eea9a7c719f8392a993464e7d05635f59bf230e294c60de5656f421f4661bd5b1b8f286c4c15e79bf9c57d686c5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\b597c88ce139f36dee5c4afd7d80a2c1

MD5 f195c3e8ddb6711a2feaad4aec69b8b0
SHA1 20b1011f280842fe6aaa58117a05f57cc17b6c69
SHA256 9c263d2a5db10ebc2d543bbd0c125bcc5da6c2245ed133fe0abb1b308f343a71
SHA512 52ed2e19a2b991880336b6b1694016f4c8e5a5e92a9dc989ab317f7f743f38dddaeba8fb5764826bfd9aa145028a1b3f9fa34a02f39c1e5162aef7ad282b0632

C:\Users\Admin\AppData\Local\Temp\Roblox\http\7209cd4fd5e4a48a4cabe7e3498368ec

MD5 643d56f3cc2d206fc1eeafd601a0e287
SHA1 0e55be4bc02d884a40a586b44d5728f9e8fefa6e
SHA256 637c7f57eea4b46821e968a691bc2181ac0ed00252691845fefd947a4c594f66
SHA512 10cb34ff5d98467c3de396ef4993a11c7db2545329ea473eb3ffe387f2663cfda6d21d31299f87aa3f298d2bfdb88d705b9236e9f71c48c22970713c2c3f75e6

C:\Users\Admin\AppData\Local\Temp\Roblox\http\6e62dea9b6f892b37a40251f84c9e0e3

MD5 f48177bf38c02c3a2cb322b77d627f23
SHA1 e207f206d2f707e7feddc32c02883bb71015d23d
SHA256 4a8a4eb5baa01e72889b67caa16b69a4c2e8a07aa12f84ade87376f344b2fbd9
SHA512 bb3c4ba048199ddd3cf5d554a90c279d7b868871f1a0eea4ce27c641556fb3e483cf839e3f9a27a092021783a25d604c952fb1ea34528d722db9930fe48e38a8

C:\Users\Admin\AppData\Local\Temp\Roblox\http\92ca8d0a36e9ce06a1c3537675677ffb

MD5 ae7d26697baf4e3c0a4f7e4fd800f89b
SHA1 4f2472e39c964861701d80139cdc33bb967b2c34
SHA256 58c1370bf264ecee15638ab670a0af85f8bc3b974670875c757751fd116f4833
SHA512 e93451a30c74751ebd6996efb038016e28370de37bfbfe2fafd1f3c3817f2e720bc3b7d96e1c0e346f08e3c581d13f77a535c30c07a487f2c4a13b4da9970a0f

C:\Users\Admin\AppData\Local\Temp\Roblox\http\1f571bce12b3689efa5586c78436d68a

MD5 aa1cb968768ba580f7e7d559906a49de
SHA1 1a6a0906ac3c68f859790103094a617e0439d77b
SHA256 b9e49fcb7d0be8aac8bf1d990f2277363077dbd34af7f5109a14bea85b9fd35b
SHA512 a72d7246405dea401b6e97963ea624772f65a7b20eacf2c358fdb73d7e5c2afac79b5cd39cd548ea8c43f14b5f03cc38deee8a495e9c7a1f264c1ca7de4f2411

C:\Users\Admin\AppData\Local\Temp\Roblox\http\68119f28ce3eca78171a6a8c8822e1bd

MD5 35e84ac53c5b6ac5714c5589d7d79153
SHA1 cedd01f0263fc9e5718b8e77b3467c14a35a1b53
SHA256 47da60997e22feaa88bff58bd2db6320534331990a14e2b64b6d665df77b931c
SHA512 7cbdf8f0eaee0c4e00e3813d1e558cc5aa305d6e9861255d721bfb655cddbf08c70fe61f686e79154f1c36e7a4b5c29f2ecf2776fee9eb0b7ac1da8c87e75dff

C:\Users\Admin\AppData\Local\Temp\Roblox\http\7df53404f56c9f1787b277ba9d17049b

MD5 ecaba5cf9469daab7c05847af2da45d7
SHA1 78d9c8d289db9815482249769dea663f4999cac2
SHA256 23946e247fe3bb06503a06be2b8e154d724a8c2e86fa4f441fc09ba1e5781121
SHA512 4204260b2efe3b4c95584394b30ad7957b154229828f0ac90a04e5167c7eb78f254777fad0d4fce9c5675fccc390dfccae2ecbd8d17e0e73bb0a6933605df7d1

C:\Users\Admin\AppData\Local\Temp\Roblox\http\7deb7c677f433c0b6c649020e88fe58a

MD5 d76037dbae4ae81158187aeced5816b1
SHA1 7858adc6bdb9f9b03fcb28746d7a0d08c297d058
SHA256 8113ac3b2c1f9a16f7c5a9be473b64abfa8c9689afcbcc30750aeb3077e3e27b
SHA512 e9e1b515c621e760968098b8e0a16e00cf1fc17b74065efd2f8793add04d5e506205df5d65be1db885fb958b9c5879ca728528963b4048bfe073d4249c0dc6eb

C:\Users\Admin\AppData\Local\Temp\Roblox\http\5a479665357e877c36a8bc4ebab8ac84

MD5 f5366499a754da1e3317be61d63cc243
SHA1 8689a3cc6a2e1af5dbd2b6c23b488283362bab0a
SHA256 14873e016597bf69824fb29a219f6d81befb11b19fe2e505544115b33f030e6e
SHA512 6920f31ed14ef4621559e67c75a69ecdb7832aac639c40febd98dcf9b7c02402510e983b84cd309bdcd7b0438b394cd6b1d11bd4c32c58488d24a5d38db930c5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\a116d80baa851750ec02ad98f6a28052

MD5 db41d22b9f9f4a43ff8916ff8d513da0
SHA1 00dee570785465bff97ec8a96ebfad3d21f1d248
SHA256 31e6f7d03515207ae87b2f9e9594fc94db77038fcc28ee3990689c6590b7547c
SHA512 df4e09d0f24ec1cf13ffa1a062f9d28a5d36d99b606f27f7ab757f82e4202e51ff4e033b6554b763e6f97c73bbe77b9d133b4b842469b96056654cc2f202124c

C:\Users\Admin\AppData\Local\Temp\Roblox\http\6105c4318cc0c25a63a6c9b8db84bc28

MD5 6badf7314b5d440a6ec8dea899d7872e
SHA1 003170f75f86922af2aa5bc4b2c3c41f5f14106d
SHA256 c13071122b4ff111c8ee877e0d8bde8f34ab3569df48fa81f6f4f1b0b0ba855a
SHA512 5fd8098470eb97e06e62f6d8753d3dbef34d8db6b3ff463cdc964e61e765ab844168170a64c837fa5d60c029a79ac0fe7cc661b9bae07acbaa2400120037aa13

C:\Users\Admin\AppData\Local\Temp\Roblox\http\b00de5dcbb5ba1d0d58ba82e9c2f97bc

MD5 9a3aa49a6c57739a171e507a3b0a90ff
SHA1 f3c154299bec91f215954c1df2b03f68fa08efa3
SHA256 6d61517c2a006e117a5d5032dc1be0f993f275b6d0c8a0fbef25bda8cfc12691
SHA512 0a02917b5eefba73d3420852a5c66719bae97bc3c8f9adfb2dcad89dee9caf5852f660a3e787d84e9b86e3793ae0605b2db10c0a1463e0f09a733b614d2f4c1c

C:\Users\Admin\AppData\Local\Temp\Roblox\http\234369d070cc483f7122fd415837b73a

MD5 51d45f80859fca2ea5720897d7f1612a
SHA1 2a7d736969502784b96328f4fd1fc7697a099273
SHA256 5bf07b195c3902c69653ca0294f2bdbf9124df501af426b14d6bcdbb87d70745
SHA512 059455bc829431130377e4c8cee87ed3652b712eb46afa6f666d9e4aff7401b59068da840b91f4914d0752880cb2ed8c64a90e79e37f45b4b90996e44f2932b5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e4b31755c90a8eb1723a8910d9851f75
SHA1 db6c93d5cb6f97d37dccbb2d4bca1df36a100d35
SHA256 ee8795f8273db8d23947da1169b47f16c6aa774aace3df6b3b4d8e84eedbed1f
SHA512 9a1769b2741021ef54506009ac2ed0dd29a5f0b2410817fe2af21e62a1b6de157733db5fa4661286f444442dcd5d11541872c2174b9d6553ea54b123a585d927

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 4c81466dc2f5420034e9bfe336265c6c
SHA1 4806b19ec453b85cfb8d48bcc308e384aef4f55a
SHA256 d64ec4b729b8a87bca530d827d8d43970860d24e8189cc24a003eb8c9ce2c34c
SHA512 6deacd789f645f26580f63e394f925d23ed3b00a31f43b9753a072cddcfc3c286a34eee39a4ce06306f9f9b181b7d9bf19fef26270a0f297a25648faf2d3aa1c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 4d5f0aed0462ebe5296bdfb9ec1291e6
SHA1 2ec980a8c4fc376259451118e6005ad603c406e5
SHA256 0f1574592ed3f23b5efd015bbff5263e148e938800be51a25348927942821988
SHA512 87a7697b5e17a7ffcc461dd4e6bef4620856dc6e76e0f2cb9259e4910366b61bca92d599edf0e80e63f3dac26f33ee230309087a2ff344217f7b7802de5b0c97

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6d0845568c500d0011c23776406b7b93
SHA1 7b251ce754583249c6e60f3c15c6366ce3581605
SHA256 553f60d93423091326609bd3190a882f59c424a7839d42c51222d59d18220db6
SHA512 bce21fa061b3c4cad04d5b37777589f5525f94895871cbb09a75647a5ef74af8fc8da4aa26d00f3e8410e41cfb7feb3f16dcb78a0c324e0b4975ad018ae1efa8

C:\Users\Admin\AppData\Local\Temp\Roblox\http\f08fd7380a8786f61b7942b48fb2b791

MD5 b73abbacaf1789dc5b8ee9b369749a6f
SHA1 65b33e06a4e65606d0b5f2292add38cc2e2a846d
SHA256 88e1eb4b2d21e43e5d3d1b12fe677fca7eaf5bad07246a870a1c41d751862c20
SHA512 6341b87659b2cbff7f716b48cddd67a3dfa822d9d18583320c8a449b5eeab2b53e2064f09aa26621108a5bb914923ee831f26e10ad66b6b2ecb87e083590230f

C:\Users\Admin\AppData\Local\Temp\Roblox\http\6a437c9ff08c22428e41cb8fd8807b5f

MD5 7529c3c3b895e19eea0bfe1efb931a78
SHA1 830236210abbe198034eadb0d7428896db37544f
SHA256 b84b112169e5dadabc35144c148c8e667d03844a505f648977f36b08cfc00506
SHA512 de8d33e8e04fe0747637e2ffb44fd8a9b71372ff6740e35c14b7156f7df456ac3aacce851ac6ee4b46715469ed9bc538e5987a3119277e802b566cb8572f6726

C:\Users\Admin\AppData\Local\Temp\Roblox\http\151e0e19d6d4085a550e13fa528b4509

MD5 392d6da3018264cacc2343101220ba87
SHA1 8b491d51540b004ae42c8b3923949f9296acb859
SHA256 18d0d2913ff4795772a5b7287bb22b7a50d9da00f9db4e78c7a39f605939148f
SHA512 c69af795a73c3d03f3fa442bed65c031ddf8eb7be911eedba5f29a13575d8c5638ebbf2aee5541f940ec0158f0b37334a3faebde8a853190780e6dec42a37887

C:\Users\Admin\AppData\Local\Temp\Roblox\http\d7743c335b45bb22a7541fed74f1415f

MD5 12e34bad46b69c24aca6eaf0410f4331
SHA1 637db76a7263e1a327b2813aceb657dd8602c8b1
SHA256 e6bfe55cfca09a26db59917ea8214cf25115b94a60b66d8a11074ca68e61c625
SHA512 eeeae6628af4fa2afed149c383cee87dff0264efaa857823545a2c5cc1ede5505d06428f6470075b76df3d000f1efa4f5c1e39b70744e8ad29bb6e94009d19bc

C:\Users\Admin\AppData\Local\Temp\Roblox\http\47f2028af2ef023d25ccc8efd0d9db29

MD5 56b76514c0782e1ececa50bb8e0923d2
SHA1 740fe85a29378a980c647422988e0b8ea3c735e8
SHA256 424bc604c69ce78e2654cb79e036a69c863c52dc3bbc2cfa354f06711a7530d7
SHA512 15cecd67e0d1a3099b1ebf09dde92932f956ed61e518438a079ae405f97cbc298c20ceda990f0050a4d14cc67fc2c1776c812933c1708fdd200ddfd993974a56

C:\Users\Admin\AppData\Local\Temp\Roblox\http\b2fce0a696ce3dc0f908123d196477f4

MD5 f806a7821e21871e209db202d09027af
SHA1 958d59c9f8ac329bc00373e846d8586a087c1f7f
SHA256 6d76261542389201c25c83a3c2537e438466d82e785f9761106d3e17fdce4d36
SHA512 63f42a9ceb32c6d20f264076298c77213112842806799a578792176ccce7831a2e5b2ccf30e326a3d1f2e0c177cb89c38889aeed757d7bcf0b33754da5b25fd7

C:\Users\Admin\AppData\Local\Temp\Roblox\http\eb87ea28e2ab4fd9afdb0138873b5895

MD5 8e9b8381538c341d8989bb98d31dfc59
SHA1 2c75bf34f0f8579f309355d137e1cbb056d53fbf
SHA256 2debebfecd0e09e5bc0df69f9f945f0342f814ceda8ae8e321238568c23b95d2
SHA512 b074448a65e3f21c91e736bdf7cdbfe9d19f48032c513c76595fa2a8ed600159b70aa84c00ce05eb1744b346030098c2ea96d00b49031be5a6f931a8a431bd95

C:\Users\Admin\AppData\Local\Temp\Roblox\http\c25127772bfabfbfb79619e6fec7277b

MD5 b119bda4df2775e3f00b10d7c7ec8609
SHA1 475acd6adb5270bb08d96ca6e31f2c738c8e0321
SHA256 52e93d0fd49b472e23677d3211d51d41410bab51c880fdeb9c1abcce699d4a68
SHA512 0c2b42b7cd910ff3a83817d6d994b89c9312769496b08093fde4f2c590bf892d7fb4b92835419243d92723e8b8a2ff8152ea7aa99c1538377ac0bcbc804de6e4

C:\Users\Admin\AppData\Local\Temp\Roblox\http\a2f0a4bba5f22227929f71970a3db328

MD5 51e310f0a2bf7705ce7c046f2fdd1652
SHA1 f2b6857db08980ea3a15cb81e9741ef5c31f82d9
SHA256 052e1ac1b1f08e5e9eb31c316c1d4c490944d7554dc1c6a2ad99af870d99edf3
SHA512 843847d4b0af356a1b70c0d44943cc3864b7b7f0062153fc32561b44c6f860f51dd28ab9c084bf51d1b2ba5214d7e188f05c89b38ddaad50505e847c87384f2b

C:\Users\Admin\AppData\Local\Temp\Roblox\http\fe102070e9f451cea552f14990011027

MD5 85dcc8424476991af4cc264db5b4b410
SHA1 9f09b3f1ce94c0a6c8a6b5a452abb9c30d03fbc9
SHA256 9faff8f5a25273b998fe09372824d316f1aeb3e45be8bd5cacee1d84941471f3
SHA512 af04a1a5d2bd39e8d9142e96b1eb51ba79fbf342d40a7ca56ae2f517510d242ba36537c691cad9dc5e6bdc5af3336ff9b9835f0ed4531c1db3f9998e36c54d73

C:\Users\Admin\AppData\Local\Temp\Roblox\http\f5658572836448b3797cf51535a362ea

MD5 a93591059794470a1b5981b582eec350
SHA1 18361d60ca8be5dd9c4bec5985172ba5a8ae6c82
SHA256 9c2a9103e640c1de8a93026a4fffb9956b58c569a46ee3232b837c0da62a1351
SHA512 e4dc7a0a8c808de6bc38939bd906b426feca2163da9db0f251343ed4290aa9842414b193027ddbc3d618ee4843457cb0909239ba6b4bc65b5a8ed3791e60b32f

C:\Users\Admin\AppData\Local\Temp\Roblox\http\ea92132d5d8caf76f9cf60f064286eae

MD5 b66121145042f5681f03c51444dcd85e
SHA1 4893446853f7e76e95a889ab59959ca68792bf3a
SHA256 7c1e19e30d076f66f4d1ce46adf9709273edca58f2740727583eaed616bae7a7
SHA512 0debbbcc7ad0a327832192128a3a6683d87808759250771a32fea04103ea8b4f652b71ef1426201ef13dc290f4fbe9d5c336631ef96dc894c2bd2fdcac41fa91

C:\Users\Admin\AppData\Local\Temp\Roblox\http\6b7354af1788471cbcf7521d2ea4d539

MD5 38a881d8ea579973cd9065e9a0a94628
SHA1 2ae62a533566d67d02ac6ac8a6a130071a49b6cf
SHA256 f45b53c036f44d762653e3829088f2079a545ab82abb0f0a9f2613056f518726
SHA512 4540fbe7ec956ba50330580443b9071a8175983fac753ae27a0c8cf15705d652b93d107a74f079fcd790f60db0a8c959a4f390bba92a897a9c7b457d23728673

C:\Users\Admin\AppData\Local\Temp\Roblox\http\2b4378551cc4c3b747034ca2d7fee325

MD5 69c735d8ad9179b5f2f4463842e02fc0
SHA1 76618723729f1371967376a471e5ace743507d04
SHA256 ce9a47712385c821e13d4823fe60db0276835518b39cdf36e146a4f4f4f4a89a
SHA512 1658ea964ef621ee9c7f02ff436b2ecb2bbd7e8cab4c54bec5633671d6f4aa9df1e9c63b34197db2f44b4f0c009f3bf58e7f667d94646bd0746fd82ddbd33d69

C:\Users\Admin\AppData\Local\Temp\Roblox\http\3b7963cfa77aee4e65926ca13ad4f482

MD5 edd2402fdbfee9b283a0f5d6b23e9bb2
SHA1 1e60739c67eb4e9c2c538c5ce08f83aa25681e12
SHA256 bddc06b63d66a3e9976670cea6672dd18094ccb983e7de560491a0520f817661
SHA512 771db7ab11362626ffb2a13eb0184f78596aedd497c9435a343f86734f2a26d481c22bf2c567971bbc59d4b2b4719cb2b20a3e5f2dd80bfafa38800342842502

C:\Users\Admin\AppData\Local\Temp\Roblox\http\55970dc14e63c66630f4b540e158f97d

MD5 df73e542d3246787b8dae637c5b667c7
SHA1 3d45b55b7601fbbdd9f6eddfc50de83e75aeb239
SHA256 ffa3fb84acc8d7a55badc8e85cb84160976cd47f5ec1b02d623ba94223d6b4cd
SHA512 47fb552993842bd7244192be3abf54078f8d7fc90e16ad1b634db8a0ee7e7c837715b30493831b6b394435152739cfb9b9a5563941e27aa7ad83546f71732dd6

C:\Users\Admin\AppData\Local\Temp\Roblox\http\81f830aa0c3d4a7908e82e9b167fc7b5

MD5 b32772c2a8d2b6022f8b2d0ce0baa8bc
SHA1 7f5696a1ae0a507ab78cf2c5959cbd0a5f09844f
SHA256 49c1296cb922b1ee84d9eec354ed82ffa16b55a958be7bd5ff05b14092129e2e
SHA512 771234d2ee9febefb3e5658f7d8a316674faa9b13073f3d2e05371a03207d332b3c18a79606c460342c69d720adde5daa9e2b7a47aa244a65e53b1f1a5b98ba4

C:\Users\Admin\AppData\Local\Temp\Roblox\http\c152af22376fcb4931d35b4b8165b30c

MD5 22a80cef5fa82e165fda3762c5759702
SHA1 2e1eb18218ce0beee00039b5fc78937d408d45f7
SHA256 e13640d898cb4612c05ddb7d60bb77b09d010b7ec25f3156fa196b5381586e5b
SHA512 e0df3d37a9e849cca36650f2d3bc9649db2e0f4573687b6e9f04aea49b1904aa3eb9160fce40a697df6e68df31e2b8a8267d2789249f61aaae5cfe5add73d676

C:\Users\Admin\AppData\Local\Temp\Roblox\http\7f3c3266daeca564517218c0e5db4471

MD5 daa3d76d65a85992bf4c9ee1e1adf075
SHA1 f87a5f9584afa426fc02bd9d7b1f9e42abf2ee90
SHA256 3ca395f2ab83febf2c2592e76049c3f719f49a0e1e739014fe20879d4e22bc02
SHA512 cde0bfabb144da30323593dbcca5669822db069fecb91115bc2b5608b37d0133ce3bcaa88fab1f4ab1f4f3002e186864c6928df5bdaa2a46cb1a761d817e81a1

C:\Users\Admin\AppData\Local\Temp\Roblox\http\13a44cf73e53f5ac70aea7731256bd89

MD5 7d8b30931ad854273922e6d6a2a70556
SHA1 cc574b672f3b7a25d5b4532e8efec9668b1cb854
SHA256 63908201d4b925c8dec907c93e384a6087f208e045bb1fe475dcab7650271f78
SHA512 f25e43e3da113eb428c718058e8b1aa8bb865f99a8941a1baa43d520da78f2a865b7ed225e86c621b0297767a66ec41393d19d4bf70159140d348479d16c54e1

C:\Users\Admin\AppData\Local\Temp\Roblox\http\c481be37cbafcba082b8c864cad44971

MD5 833e479b88d23068abf4200cd556cd3b
SHA1 e1567fbdcf5c219e9d05fb37d8932c1ff2a2095a
SHA256 7582994f3d95f9f706ef9cd6dff74e240e8a9fdaf0f4ffc032230d6d6a67dc76
SHA512 74828d1520ec4b1ca238534eed2c8fd20d486c32e191a7854190af33d8e86a487172b35dd64f21fef22d6ce6af6ba90cfbe59b81f6691abc59e177846f7e7860

C:\Users\Admin\AppData\Local\Temp\Roblox\http\2f213ef207221bbffdde2ac969e494a0

MD5 020e2464a74cff46f1ec68e4b1cf28a1
SHA1 134c4b8b75cde9f7dc72cec20ae1d3ea1a3abb8f
SHA256 7b61cedd55e045f36c5d29d73f1b289338a82aa86e2ebed3b087f3bf9fc8dc48
SHA512 05152ffe275da6e78275b3fac077703f8e292a59f519678dc55d107ac1f3c912147de6f5eb883d34be9ea91d564af44cdbc805bffd6194915eda48e5a2f1ee3c

C:\Users\Admin\AppData\Local\Temp\Roblox\http\cee4915d7f1a500665a2cac06f50cf1f

MD5 709b68680ff5d3e676c0ba31c7473ae7
SHA1 b65790cfa73947ce7a57ec339aa172055e98012f
SHA256 875c2101971ea779194346a7388813767ed2dfb3fa8b1cf2adc0d809d96ba31f
SHA512 33dd94269e9b1eff24701c667f7e61e129300fec97c858a0af5407fd89d714687eaba174e1ce0ea3ed3ae93a46d597565de4de3086e496a6ddb052d455e91b69

C:\Users\Admin\AppData\Local\Temp\Roblox\http\8380cc6e5c0268490b39e6de022edb5e

MD5 4b739a4874110abeb2d10012447fa919
SHA1 ff3779587ecd1a1af5648ad17335088708877b91
SHA256 cd18c7d041d7c7feb613d99a51ef06147e4f3d4685aefce579c296d97328fda0
SHA512 1573d9e64f2b73792b5fcd8e513f7b43b81dc4a5c8f6f8a63ed5e66fc8373e8b1d628dc0bab9f73650d22a697300297864ceb4c062ba1b8180b432f70e1809c0

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e80f536d935baadf55f21b096e693c68

MD5 4c2750957e24d68d3999dcf023bce5e6
SHA1 b3149b352cb616a743d516ab8775fceab6543dc5
SHA256 9b7c29ceef86651ac9f44effa39d97c91029b566f2c298137cdc7c48a6a1ab3c
SHA512 641bff16408f5d52cb5f8388464c7568f4f25a178474c34b7d144d4a941933b46f4f1154164b076d7d4b32106fa53cc07638140123c647f569e3c0c76fed613d

C:\Users\Admin\AppData\Local\Temp\Roblox\http\a9ea6cf4e67ac02b8388f1da5640da70

MD5 c49e8bed1e35bbd2e8ef00e21aa4367c
SHA1 bea5676cead9790108f7e92c9da96813a4655679
SHA256 0f6ad52ad10ba4c14c958ba44f1b0bc7b7b106aca0335505e62115dc2aa82c13
SHA512 5492faa34b0d2eb53c7a94a2c9f8772ab16795f2ddca06beeb00ce8977d5f5e84fb52ffd6340d3ac281ecffe2545eeeafad6ef11316feaa1a960fad8464b3fc7

C:\Users\Admin\AppData\Local\Temp\Roblox\http\69a63ae74a0f753477ebf8f1b11dbacf

MD5 3fecebe8675698cf85c9562ead988067
SHA1 aea472c4bcda0a5f09984e8e02a608f1ffa8db07
SHA256 eb254307ada7f582a6ddb89b567d6cc79ff4928cd4a962226d97cd584dc64d89
SHA512 47ea9cd3b10d73ca1c8d709c8af1da2f9c8fa1b096c42066cd73ace636a4b579ed522ba4ef473a3b492ba8b92605bc9474de8c408e5af3f60a27571047b665d4

C:\Users\Admin\AppData\Local\Temp\Roblox\http\720e63f3358623c1f0e73bdc318d569b

MD5 95e43fc522302074225de9240ed3e233
SHA1 96a8ace5194f5830c749dafa29380165c092adee
SHA256 2a042e08125883eaeb833ef7eeed3d4d8ea8880c1a295de43b5f1051b6510368
SHA512 fd83966acc1cc93748c52f00fda7893b4a0e86aae87211c58b44de64f9c3e336d25286f381548d35bd1354c5a6b6025014e47bf85b44ac74d63f32cffa5e86bf

C:\Users\Admin\AppData\Local\Temp\Roblox\http\3315caa47254ff0e4c8d0aa36436f55b

MD5 6366de8965b8bd7edd7d18acaf1e205a
SHA1 8666d6cd4025fabd5e49f80bd0881ef6622592e8
SHA256 8745f4e53032fcd7edd1987914129e76b82b0bca3204cd012f02b96916afe4c7
SHA512 109654efd6808630c126dc10ab55c315c9c6f047ca81ed289093a54a7bc7a76102a47689ebad9f35fc721ffa0102f642a58e1c4dd534210d350bd8be43962c21

C:\Users\Admin\AppData\Local\Temp\Roblox\http\dbd61a11fcfb26392338fd2b1ff6a849

MD5 7342a963fbe8b3a5bce98391f7c91497
SHA1 d937946afb025eb344dac220aa2d8d3494c759af
SHA256 3306f048a000d6a897405f05abfd4c6ea181af54c1b77f6db995e8e00a7a17cd
SHA512 fbf1bc5dd2e4dd9a4bda60309ad0a9d891b60f5666d003af712028b28e740f060d6d745f1d33fbd8db95f0d6d8b4f1ba18a8c9622bf52fba1d14f2299ddc4053

C:\Users\Admin\AppData\Local\Temp\Roblox\http\72118822a1d711af96156323b38685fc

MD5 2766fc3d120129459f299d62b2f40bbc
SHA1 11db6ff453aaf77eebaf01a6bc61e2127449be40
SHA256 acadf5b10a383623463b33644cde1d5d3a6ea896272473d7d6ab72354ace7b8f
SHA512 dd2846e74666ffb5f40322e9b4fb915e5030c44bad228804214a186239411026c327369f4a8931c73f5af3b83d038d9060276c9cf0f550e0caec366ea7948e01

C:\Users\Admin\AppData\Local\Temp\Roblox\http\6f36c34e2ea49405b6d51310f54cce89

MD5 0f64fce8974acdf7fec2d1b77c5abb3e
SHA1 eea2f3fbbf93312c879d5bb2e1d0b6485f3381b8
SHA256 0835c29bbf7014a20fe24ec0ae172a43a06e349e9bde44d04fc54fbd20ac3268
SHA512 7d382311659189c82b334ab72662ae8696e3478eecf8a59718a116828ce3c9ec8dc733c0277ec6cd71dce9a28f92ffb7e342ba796fe6dfba1a5b84df0d3f3915

C:\Users\Admin\AppData\Local\Temp\Roblox\http\de65b167b06d0f941123666323557772

MD5 e22336e42de09fcd99a8eb257049ef98
SHA1 ed312dbf27685af07e49901ede7f17417bc54ced
SHA256 425b36a528d04dcc358eb5fb962dbe071fcf3241fe7c6311aee19186216521cd
SHA512 d7da02d06e682b19e849cc48e6dce60720bf9181b571eaed607224da662cf6585b36fef3fea8b43626f2724e81885af405badb98f1a64b795aa521cc56f6640b

C:\Users\Admin\AppData\Local\Temp\Roblox\http\fcb654249c504749eecc7e07e142fea6

MD5 a94d08b8647cd4bc4338b77555328b65
SHA1 8ca7462397e2e4981c439cca3ced1097796cd1c7
SHA256 d7442a7c5649c86b603e7447bafc7cd5649026ae02d16b83b200afb031e70686
SHA512 ef8e2ffff889dd602a7ea62698f8d1ed20626a6e325ef19891f930f24c970e663e53045548461af56576b49729862991c085e1da4a0b9f327f8b5ba6558f9689

C:\Users\Admin\AppData\Local\Roblox\4155035591\InstalledPlugins\0\settings.json

MD5 31a96e5887399089523a54e6540560be
SHA1 c74c2067d487089656333cd57aae67655299ccf8
SHA256 9133ced3e3a9592bdd4717e1a01c083a423f7c5581306883543aa6807b1135b3
SHA512 c6a339c7d1789b951a1612602f5e3985bff84205c6712a51cbdc7728a341dc3b51fc778ee0aa19e2d6c443be20a3693317038a1ded9d143f9c65d65e32b11971

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 2db10c6bf228f1fec32615b2d7ebd921
SHA1 9ea8befd6ef123c0385784c74ad6baa34fcd5c5c
SHA256 32fccd15cb0f00ad98b93c933410d6da64328fbd2b0e4496dbc3e942eb162867
SHA512 f2d653bf2508b1494ff525641a7ade109bd0e785ef4604ab82489cd740214a7a147aed92de9137d3f14656894b771c2d495191424b506896cdaf8226a6dc10c5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a54cdf8eb8353319e54623e39fafd710
SHA1 302916261e3cceae8e705c0f0e65dc61b96e07c8
SHA256 2f43bf453f03c36298249b29582be9fd0d8e033f733f8e40a48bb2a2158f4940
SHA512 c0256052cdc7bac7fc378b71d3d143849b7f7564ddbbf461bab1850af254b250440ea2dce752d9c95e7035b3146981b78ea7501661f5a2582dd1a7af4641eb66

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 d524c9df12facb2c4a6184f06548f500
SHA1 fd60912a494952eeab710524c6eea05cf4eeba42
SHA256 c771f7ddf5e9c359d6f9e2646f273b90d9938aee2cab9ae6ccb280246814398c
SHA512 9da65c1cd471f1e05186ee529f04b4ab4ee0b76fa029c0b2f908910e0e81e012c77114d168279b50b069155b8f979016d539e08a856611c689d46ef5a3ccfe65

C:\Users\Admin\AppData\Local\Temp\{104037B2-CFF5-4C7A-BF6F-57D1DA9B8C7E}-MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe

MD5 b18c705b3c68cc49d9bf3649abc75c24
SHA1 6dc8963dea0f3185368790dee2a346301b4fa24c
SHA256 c2ca3135f3cafd79bf90d4cb3118943ca17f40e0d651d1fc32b1b3d22d1412aa
SHA512 7ac302c1e85c652bd897ce1af812950cd23a53c041af82fdcecb2314bbd1667bf2fc672dea40c21858e64befc9bf60190a4428f0b41c30317bb0e5ec7c00f71b

C:\Users\Admin\AppData\Local\Temp\{4111424B-29DC-4CEA-8712-72FD6AA5775E}-BGAUpdate.exe

MD5 3f208f4e0dacb8661d7659d2a030f36e
SHA1 07fe69fd12637b63f6ae44e60fdf80e5e3e933ff
SHA256 d3c12e642d4b032e2592c2ba6e0ed703a7e43fb424b7c3ab5b2e51b53d1d433b
SHA512 6c8fce43d04dd7e7f5c8bf275ba01e24a76531e89cc02f4b2f23ab2086f7cf70f485c4240c5ea41bf61cb7ceee471df7e7bdc1b17dfdd54c22e4b02ff4e14740

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{D56BD4E1-326E-4D1A-99A5-F7C2ED543455}\EDGEMITMP_C8BEF.tmp\SETUP.EX_

MD5 5070a34dbada1aaa375cc572b5fc7d0c
SHA1 e74b7ef714755870976abe3d2b4a7db0b9cc21e5
SHA256 03e7a32e1f10fced6a07dfa4e6cfd92510d4bf6929d423798e4fb5ca91fe6c20
SHA512 fed3fcbb64a59070b0efd677ca2edc982d28e37cdf7283f2777af8aca7d3760a7eefb8d01b3c2bf4b4ec3708a74c3412f0dede91e31dca1b6f8a4e4edc673aa7

Analysis: behavioral2

Detonation Overview

Submitted

2024-04-30 17:51

Reported

2024-04-30 17:56

Platform

win11-20240419-en

Max time kernel

240s

Max time network

244s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://create.roblox.com/landing

Signatures

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3156 wrote to memory of 3152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 3328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 2540 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 2540 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 4480 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 4480 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 4480 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 4480 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 4480 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 4480 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 4480 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 4480 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 4480 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 4480 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 4480 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 4480 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 4480 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 4480 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 4480 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 4480 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 4480 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 4480 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 4480 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3156 wrote to memory of 4480 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://create.roblox.com/landing

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffb6b633cb8,0x7ffb6b633cc8,0x7ffb6b633cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1880,4386636378989325657,3164730855548453984,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1836 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1880,4386636378989325657,3164730855548453984,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2384 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1880,4386636378989325657,3164730855548453984,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2784 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4386636378989325657,3164730855548453984,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4386636378989325657,3164730855548453984,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4386636378989325657,3164730855548453984,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4712 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4386636378989325657,3164730855548453984,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3584 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1880,4386636378989325657,3164730855548453984,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5184 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1880,4386636378989325657,3164730855548453984,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5208 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4386636378989325657,3164730855548453984,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4386636378989325657,3164730855548453984,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5372 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4386636378989325657,3164730855548453984,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5752 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4386636378989325657,3164730855548453984,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3980 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4386636378989325657,3164730855548453984,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6132 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1880,4386636378989325657,3164730855548453984,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=4380 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4386636378989325657,3164730855548453984,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 create.roblox.com udp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.4.4:53 google.com udp
US 8.8.8.8:53 create.roblox.com udp
US 8.8.8.8:53 4.4.8.8.in-addr.arpa udp
US 8.8.8.8:53 create.roblox.com udp
US 8.8.8.8:53 create.roblox.com udp
US 8.8.8.8:53 create.roblox.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 b8b53ef336be1e3589ad68ef93bbe3a7
SHA1 dec5c310225cab7d871fe036a6ed0e7fc323cf56
SHA256 fe5c2fb328310d7621d8f5af5af142c9ce10c80f127c4ab63171738ad34749e1
SHA512 a9081a5a909d9608adfc2177d304950b700b654e397cf648ed90ecac8ac44b860b2cf55a6d65e4dfa84ef79811543abf7cb7f6368fd3914e138dfdd7a9c09537

\??\pipe\LOCAL\crashpad_3156_KETWESSZCACXKTYH

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 6e498afe43878690d3c18fab2dd375a5
SHA1 b53f3ccbfe03a300e6b76a7c453bacb8ca9e13bd
SHA256 beb39e9a246495e9dd2971224d23c511b565a72a6f02315c9f9bf1dcfae7df78
SHA512 3bf8a2dd797e7f41377267ad26bde717b5b3839b835fe7b196e748fec775ffd39346dba154bb5d8bda4e6568133daaa7fefa3a0d2a05e035c7210bb3c60041a7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b601a1be6a809af686916324848895da
SHA1 fb6ad08f6a229bc3cdb546935ccf92aabe61ae90
SHA256 6948df1f50586ed00742a28a8eda6c159bf62361af3cdd3889fa2bea24801b68
SHA512 1198a303cc29bc5f4f0293249253bdc89ad116b7f59b340811d0e00b35ecef39a4866bdcdb43310b877992da475b8a266e2ecbcdf571a2a72c1b1769c799d9b1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 8805d979e02f6ea8ac86125290ae7108
SHA1 940b0648fa87edff6a4830bbf8f05c1bd5857cc6
SHA256 53b473a74a8ee669f332115222643b6995e62f45231b64d02a929b2d7742ec9b
SHA512 e95c711067884683d02f7ea6fd21e0cc1588e81d9ee1179b4f5e55ec666f3c4372aed4cd25a60a6ee8cc40bd2940ccd4acc5170a280a2c5827ceeb76cf5b68e6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 44dc88bad42c5eb1c1d3b838b957d732
SHA1 2b60321c93ae6bd62f686601c5ad641b909dfcdf
SHA256 794403d04df566c66b915aa866f9b8eb1eb9f102a059edbfac0813ace56a25da
SHA512 ca8ba8c5d43fcafa65ab49400d4c87f0906e54e0b5559f02ceb57e4f885d380c4e91ac546e0bf89c472f452dbb47f976354f64563a8999f771a7944aae4a1e13