Malware Analysis Report

2025-01-18 22:15

Sample ID 240430-zt4exaff8y
Target https://create.roblox.com/landing
Tags
adware discovery evasion persistence stealer trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file https://create.roblox.com/landing was found to be: Likely malicious.

Malicious Activity Summary

adware discovery evasion persistence stealer trojan

Modifies Installed Components in the registry

Downloads MZ/PE file

Sets file execution options in registry

Executes dropped EXE

Checks computer location settings

Loads dropped DLL

Registers COM server for autorun

Installs/modifies Browser Helper Object

Checks installed software on the system

Adds Run key to start application

Drops desktop.ini file(s)

Checks whether UAC is enabled

Drops file in System32 directory

Checks system information in the registry

Drops file in Windows directory

Drops file in Program Files directory

Enumerates physical storage devices

Modifies Internet Explorer settings

Suspicious use of WriteProcessMemory

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of SetWindowsHookEx

Enumerates system info in registry

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies registry class

Modifies data under HKEY_USERS

Checks SCSI registry key(s)

Suspicious behavior: AddClipboardFormatListener

NTFS ADS

Checks processor information in registry

System policy modification

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

Suspicious behavior: GetForegroundWindowSpam

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-04-30 21:01

Signatures

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-04-30 21:01

Reported

2024-04-30 21:31

Platform

win10v2004-20240419-en

Max time kernel

1799s

Max time network

1684s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://create.roblox.com/landing

Signatures

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133589845089250948" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1748 wrote to memory of 4040 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 4040 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://create.roblox.com/landing

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fffe3eacc40,0x7fffe3eacc4c,0x7fffe3eacc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1980,i,4294170378566454536,10812990879775735200,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=1976 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1904,i,4294170378566454536,10812990879775735200,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2428 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2140,i,4294170378566454536,10812990879775735200,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2588 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3108,i,4294170378566454536,10812990879775735200,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3144 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3124,i,4294170378566454536,10812990879775735200,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3220 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3112,i,4294170378566454536,10812990879775735200,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4600 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3684,i,4294170378566454536,10812990879775735200,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4636 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=3448,i,4294170378566454536,10812990879775735200,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4444 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4628,i,4294170378566454536,10812990879775735200,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3848 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3500,i,4294170378566454536,10812990879775735200,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3504 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4436,i,4294170378566454536,10812990879775735200,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4464 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3104,i,4294170378566454536,10812990879775735200,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4644 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5040,i,4294170378566454536,10812990879775735200,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3120 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4616,i,4294170378566454536,10812990879775735200,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=1044 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 create.roblox.com udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 create.roblox.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 create.roblox.com udp
US 8.8.4.4:53 google.com udp
US 8.8.8.8:53 4.4.8.8.in-addr.arpa udp
US 8.8.8.8:53 241.197.17.2.in-addr.arpa udp
US 8.8.8.8:53 create.roblox.com udp
US 8.8.8.8:53 create.roblox.com udp
US 8.8.8.8:53 create.roblox.com udp
US 8.8.8.8:53 create.roblox.com udp
US 8.8.8.8:53 create.roblox.com udp
US 8.8.8.8:53 create.roblox.com udp
US 8.8.8.8:53 create.roblox.com udp
US 8.8.8.8:53 create.roblox.com udp

Files

\??\pipe\crashpad_1748_KJUKCIDSJVMOMAGM

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 d8c7598fedd902b4d1eeacc553076707
SHA1 2aace841c012da4808d01dcca228f2476909c8ea
SHA256 7fde883578f12e678f566297e21822e7545431166bd4790a578060d8a01f5de8
SHA512 f5f59fd7dc2cd289f2a382550d86e366d02fcf3e7fc44f592b50e0e9e2cb20eed7428037ba656f27bbcaa6d9a754a08aff4f3fd433a9d6b0d18846d364e0a28c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 3719b9f608a42f94a45b880686a4baac
SHA1 718105048ee98120fe3f5a990d9f50bf540b3c36
SHA256 e13052ac76bfe8541597746e7a31495336c4dda3cb8278bea6c48955be5e3929
SHA512 c79f80208b2941f3bbdfcf0dad670202474b32ed43f646e22154fccf93c0ba22f43401a74588435eb78f51b7a3e8cb2949194cc8550950d6b2aec72a76d31c75

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 598c6ded3238eab1a82670a6c7037bb7
SHA1 37df3199b91a43c91b9326653ba79ecb21571606
SHA256 97b33e2df8421266f94b67c9bdb323d5bfee35b1afb86826262e4c656ad6e9b4
SHA512 3b7fb7b742f1d5c1f3d90f9b336d9245fee5024743d32bebc69e510819ecbf072208f4723906ae11b83e180f4da3b9b6cadc86bfa7f5b7c3b7f51d76a2456bfb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a5f1b7511e74b24f0cff015b8d7f401f
SHA1 7ac62356118a924da8160c5cc3fe85ec7bace02d
SHA256 98e56d3730a1a6239ca0aa83aa12cb947a5cd04ffcec8be6e6ac3aba7caaace8
SHA512 df8d4502d4f5becb1ee39c906b2be989acb0b59b8e521286e591484e953cd744b89bc049f08d2ab64ac7058ee75f339944f26b8582cb6c5106ab78ef54578513

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 9c371b498ce7acfcf85b34d36fce1c2b
SHA1 84ec064482f987aa60f1e86a4b4fa39a9aff8ece
SHA256 9b1b092f8417a061eea9c1efb7ded8294de4d3a80dec87869f807d65951d60b9
SHA512 35de23b353f3c6810f405b028a50fe373bda33529238cfc941b72ffb445d1af5f2af041a4c2066039a7722728a946552e33749b30a00433c087ca7eb0cb10538

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9f02f72024932934a81b38339ba689d6
SHA1 6ce128997e737fa5f2b84cd98140173ccc04743c
SHA256 ccf9907e28c56fd75cdc85a98fc3c99c2e0a405742ef8c13e09dcf2c881f0875
SHA512 6e975115ddd82a97f955131f4cdf4d7cbb5342130d7699ccc0542371a32161a4c29e2823b7a0990080c1ecf2ba01ba28c94d7a1c1ac43dde62becc30dae666bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\53bd5f4f-6d9b-495c-b36f-8a5b96107319.tmp

MD5 65f278239f600a54dec9ab54c4f7d137
SHA1 f6d2e524845f62ac8ba77030773fb621466444cf
SHA256 2b307550742d746cd74a5417ecf1f47d2ccf3c957e999cb61a84a1459e2bba66
SHA512 f47e2e6c1c756de957cc3baa8d6306e1a657e522095f55aca6906d6a325b5b88ba7d702827cc4c10414e340d748bc6b96efe72098abae1887aa08a0d67a4280b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c25996b0030d4e02925f77fd2a59d9c4
SHA1 637c677d14ff43fc807eee5f8c8f1e66682febd1
SHA256 7983104118cf8f0acd72140b686985f1621fe48742c8ded124923ea81faedc9e
SHA512 e83cced32815ecea4b10de67a960fac625c8237f8888dc555be885b49682312f9123b14c60bc483e711cfe8e7dd084feda18a139ec96100ca6d72c45f2338ff8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ccba84dae83854b98f56733ff79dade1
SHA1 1432c9a09a7463c24ef3d1109eeca801d740cda8
SHA256 4669eb936bab97d567784b5f14f49d9bdfced10203c13d656d2d087ec0d7984e
SHA512 ab3be52a48ea8496a0786657e00c012e0ffed6ff2b1931226a69588634613091960d6b8546ca3dc4d233dc1929023a304f379317831ac9d9cee772732ff42799

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f836e49b9fb63187d572a7c844b611e8
SHA1 a36e2d79d86c9a2916572ccc39c6e5b0a24540c7
SHA256 cbf9bf114a1d8dfbc4479040fc77e40c4c1726a33f9dc29654681174d943d0a3
SHA512 d7564dd607869ad788023e5eec187b0998247219fd865c2d3869a35d02ae18485fb3d00095c0e13e3d4764b02d13b57c7036850fae2adad4564b8b39ddfa2647

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ff79c9eb0c98c083ae54aad2ce2e72c1
SHA1 0d07fb36b2337fde29d9e0b513c9e5839af52d41
SHA256 d92a7ef76f25afd7726314db80595d690e87bc4ccf2c83ca75aca5e9f9f2612a
SHA512 afa1cdaa85e697caa0bdf9031f78fd2d166b7141e7a0ec32181acbd561119b3d49bbf506a0659b909b1e2e745565970d569df523d4bec82524dd23780fede7c0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c454540e7eec40668796c3f727d7320e
SHA1 2f5696d0b181fdc9d30e937cbb31e20a46b5a2b1
SHA256 025466c1fda01be1dfcbaaa41ba505880f39f6706c7ac18f9b6cd9669bfc82a7
SHA512 4ed038ee95ac175c48599cc599f0fbb63064532bb7e83e311d89c30ca9e0ea0b9a7bc99ad2888c36b3878f0fcb20b1877fb63a54212fba25f57e5d7c50e214d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6215ac1e1ecfa195d8628d648d4c0e05
SHA1 f18e641f614acdac16c7761736f4f5ab7a0f627e
SHA256 e15c6abb741da289243aee27d06f0d3db3e5982092c27b1390623190513b8193
SHA512 cce6791418eb549ae87bdcf3f0fd8ea87267faf2b424b0e3f4056103c3fc76579edd133c4998b62c305e25446dc4ee0ac2e0a82d72da8988fe331d4369a4148b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dd3d7666f399e7f9239bd2b7e94636fa
SHA1 17a9fe246fb872211528046c4328ab411ea5de2a
SHA256 04f4c5a45bcfc432e122c0525cb3a1b795e3849d08daa426db9c8d270f0010b1
SHA512 0bc9f70fc11ccc35471069616e4f23a99f7a78b912a9b605377a64b1c327ed2d049e0c5a7cb7d48b64b56eb8a063843a348bc871da6d1965c1c04a0e0b4da1e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 82eb871fb6b3a99880f562345c46dce4
SHA1 cca5e049dce80f38329b41344fb3cd9743b92e0c
SHA256 fc5fb59bfca3f5c63bad160f878667ca07f8ceb83bbcf2e642a89eb6de35704f
SHA512 37dfdf1b9d07246ac709a23ee702aa837a693c0267df54eea547e89bfd915c9a6fe3bfeb3b60f652dd8930401d70dd8858f37d19947e592cfbcaca4695feb826

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 db3d72d61c91c4cfd08b5894b1499c04
SHA1 7bf8d1b47e3a3616cc514866fdced8a3b67f547e
SHA256 5f8c46008a94ed86feb6b17b607d5795be2b3a817d84b4e2e6a562af3418bdf5
SHA512 989c822208a87df0892e71b7992990befabf17a91f99a5243a847dffb48cb3b7243c65ddb7a76451c55ba1c86ea234ba47e1c2d83a6242229d9177ce698c0323

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 12386dac88ea45c5549050fc9fe29e52
SHA1 88bdde71f420ae72204cc371ad96499d52c4d808
SHA256 640de106cb36ad77425942b905f39644dd72b86ec86064d4afef47d16ce4a3e4
SHA512 425181df92df00db7b5c00382a862882c62b15acec447a7bde8f42b94116a0d389a8b330a48fa3835ea932c5ec30773bcb5e7fa28f0f3da50c648a6bb349fd14

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a66e4996ee5487f9c1ab17bbb29f6b40
SHA1 e40eeac8f86747ed8f7c54fd182ba8c23919b556
SHA256 388fe8b77d1bfb131457e50a2c7289469e2eb5ac028451c772b39592a77dc509
SHA512 a5ede32016f649eafce908f93a26df139b1346a03364a27a8ef1185a5ab2f5ba42117dfcb4af5e48767a36aa9ef9b1da06762ff7819588a472b30f024be685b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 34b43ac3255a940b64ebccf8b63c4f7e
SHA1 c060b846d3d96aff8c54863af60b9320e15572d0
SHA256 a9ddb565c7b4b49d10e2b6f518c5ba1d00bb3a30a220549cc2eed81a96cf104e
SHA512 fa7418ae8ef7903afd1dba09da66c708a00bbd6d572c08afbebc0ca979551071bbdc68ee945736a032544e8c4c0600d3d87ef46b167a0d1bc1dde1378842d532

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 916819701eb195d378bd37e71415d8bf
SHA1 7edc2efeab5060aa3ee6cb1452aaed758aaa305e
SHA256 77ecd99b1be0bbb7b18298dea64df1d12a3ca9f8b12bb2fded2e3a100ba3b5e2
SHA512 d20a0fed372ebf11806be0bcbfd512565be7c8ce2b862420b7bc44c190fe3bfedc44c8bbd49ab98e8920984450e84f35f7da93b2b0219fbb0005fc32e9eea51a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4fb72a29ff2420df3a6d44e10384d73b
SHA1 c7512d8ca441c9e1f0bcdaaf89cb7017c04e26ff
SHA256 33aa0b9af4d0453fc0ea875fdd0bb14a3911e86cb47a251fa22a733bd936f929
SHA512 ba740c3b4245c32b4d17ee39b67d5be820acbf6aba218e353eefe1143914aa117be7edc35962c9a5c628be03b4a1793dca6daaaa5b2d4554e10cac7d84502521

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7ba21a45fef90360b334fee5e1860ab1
SHA1 e42809a5e8153772236d7f6fee49c3d2c87a2fec
SHA256 dde3d38ec0899abe8196a700956594f8cd773aebccd4c15accbbff72e1ad020d
SHA512 57b4bb29fdf48919b56be0609ed0f50efbecdb9af70302e1164e55956cf86cbf09170fd4a62336d9a4299d8472c94bb3aaa411c5fcc6e075618b42d35077d893

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 60caf9a0f92cc0a16a5c5d07a21c3ad6
SHA1 ef2f5d37ce6d6b48cbe6f403879afbe64e9136ac
SHA256 8f9fcea3906f7637d0eace3cb295b7ec1061ae1ee417350e8915402008b415a3
SHA512 8724b5b692ea4159ef0c6db829a6c5ed4085a40db61a56b65faa0765d7874efc559e3c25b953b7ba042785078beb82332bed8bbe63f30592197bbc72e072bfd3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8f739b87645633beea0ef7a25abc4dc0
SHA1 127c9ba01aa2dc4950b01a78c7f00ce3b315ba5f
SHA256 a0d4f65a6400fb78222e3c7adec9c606228ce5364eb85325fa6c2942795238a3
SHA512 26113e0f56d56456cf041e5a8669727839c1c0abed5c84e83aed0e43c50adfba46f8219ed939c52344838878165101c12ace971a17da770e6ad41a0f320aa7cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b4d1131e14690cb8df34db4a76223f05
SHA1 e71ab341264773434ea176368982dc4d5154b6d0
SHA256 c5047ab119790cfbf68619cf7d2e936167c678c8ffbd60a7f17e12f7517ba992
SHA512 b2021bd0269521114fee2be95ac2a605945a85de69318b7f1c878e3a01bf7b0501cd01ffbd6a313428e08d282dbc16c7ca28c84d759509989e62bb0c9f82e84d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 418d01e69b8a7263416d39f39ce07ca9
SHA1 d3997fd8695b026a6aeb095494d3e9f68e1032bb
SHA256 86f7a5116e29aaefba5977820e131e5180bd35b4ff00c63ddc8d56e1ac44f64b
SHA512 2e3583f850659aa0bc9713eb5e9131d313113dc6e2ed6ba0805205585bc2a018b9acb76b7b09fd132d94e08ab8611d5e59f1dcf9e053cbf5c0785e1d5134987e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0423fa7c3dc1f4368328a3c4bcd4b35e
SHA1 15c8a61da8e53b626c005d383f842b66bf8dcf92
SHA256 961ed06eba8d6ef6699731058e45190a767e6675bdb3af8a19266043ebde4fca
SHA512 6360477211ab5801709ac1f4130571b05e731b2bc46a8c2834428a9478985b25451e8ba5ff589cde5f7971cf4fccadfbd2dfb11a28c395c504287837247d67b0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6fdb3abbfeedddc67d3b418dec53b6fa
SHA1 1feb5a3ad2b40a129a8864d1b9a48fa11d0d6b83
SHA256 9b0d44580da2eefd571fd17ad04862657612e24b7111704627961756c73396d1
SHA512 64cc52eb7a2fc2b269f0607214821bfc1e3a2618547a962c2f682278debb006630a276e94b7fc9ea9cef3efe7d877d76174403ef11b1b224176e34248335ff59

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0ed4ac9d5bb1a41838854e0d0983e9d2
SHA1 f436629c042fa233542276a83f486115ef6076de
SHA256 2970a1ca72c34de680a7d527043386b3937169026c54ee6c5058afab9e3334ae
SHA512 331d4f6bc34b3d6444239f36ccf91e8141d7a2575f30a5f81817e458d8196f35ab7cf92e8aae53c177798426bb9e95f19bdd969f4add57e1a002f43c4b7b9ff7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d178c886aff96964f277d59a0508b80b
SHA1 36575faef48e6e270d849948f90cbfa4ce3aa7f7
SHA256 ab26292bdcdbbc195cc0265459372118ff5fea3145a616a2be81a84a05bb0521
SHA512 e5db8327ea4ad5261ee6ca6eb81721eb54e967a6cb94b4ace4619dee55549ffc85dbd47a3d4bc57382e8ad6ccfed314a8824273a1011e1a0a12fe278e40a894e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9b0794e376a823a91e6b11a73460810a
SHA1 e3fdc6a9a4736f6d6af625e7f75a88e8145a6c31
SHA256 6b81f14654090be5f3034b0b5e74232ebc79b3aad462e9caa555cdc91d3801bf
SHA512 ab2ce63f323b6628a9f3b118c628ef4d4042d83eb64a8ca30799f9d3ef262e8eafdaf5565d55bdc1f021b4153fb2822877122034166d5f44c4cb0b4232fd05e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dbfa28a1b8e11c1b7449cd2a03cf1080
SHA1 da940898ac93e3a481a1f1204b8d548b013ed4ed
SHA256 b7a01fd159e2c70bb34da274a77ffde90bf7446cb91b79500e118a2722f0c021
SHA512 315196b391613f10568099a8aab4a472065968cff3a77261a4d0549929084df2e80d91d8cc251ba28f71827104c1b830200458d2958a9a40eac200779dfde4dd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5bd09e63f5e1929b6aba22139b498b25
SHA1 a3001a15afa9289187aa040be8688d4dedd454ef
SHA256 d53e0f64eaa42f9cff9b670cc0ab6cd8357dfac37fee1f0ff8a7eae5c85304cd
SHA512 e0fc1299657358953a6fd3b50768719681034652dbb78cb4c26b2d222267159155140907e0969ee0143b52857d6127df7756102240b219bb6007c45bfb060199

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0c0f599b4e454de82cd2320d53c4a2ef
SHA1 6139f35765ba8a864bcc840a8a61ecb959c9bd27
SHA256 b49d35d0be102ff8c55535c94fd2266af8d3c0ee78e8fbee1f5596a0723dbe5a
SHA512 d1526b5f958e9e643c90b370c69145f3781d48c5a8536d3b2e501b15cecdd8817a99caefcfc704a1ae21abbdbd1b7528df808bccea7327bc6b41c9745bd51eb1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6a4206ef2e625ac79fc687689d6dc38a
SHA1 38f58834c85f59364bc65c4a38e4b2a5a9b8731e
SHA256 7d92ea5a1058350d8e12e541f9acb325b3dd957c5d064ea3db7b5a5010322bad
SHA512 b791ea4eaeb3157efcb15231ca840eea2a56ac0c0e31e5afdb23fb00c22e7f240ff94e53ea9289149ea3d78cbd82e43ac289e105550fda8b1e03ed733605fac4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9cf79caeaab1664da70c6e8531daea10
SHA1 c72c4dead98e7beac35c183ca5a17ab7904cd3b8
SHA256 911907f9076a1fca8713f2a3bc30392983210fae65c35f34de177442a968d680
SHA512 729a31d3861a9c492f3d8e24e8df4ff8e8b962fdb30449def1e37dbf10550c22018d37540b30d15114c8964de1ad0ddf61b7f23db6defa0413b78245903c7b56

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1e14efbbd141979512de4b690638545d
SHA1 7a94d60fbcd8948a3a59beabf016f6f57566833a
SHA256 1ffb44189d50a0ed3f7d6277f9cc958c94b3bf4007ece3a97b5c48bfb05019ce
SHA512 79a19d5bca81f53d71747a73290f32aecc7be10ed78647146f42c3e0d71538d9676aaeb333874e892c59403461e9c2c9e74db7e8528e030e02993f012c9ee82a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8487f8e17e423cc927316727a954338b
SHA1 2664bd49f8eeed7fb3622293a1e66c6753c3a556
SHA256 4e82452154a37b8f3842ba11c9084a51b3e1c509bf17d2f8d971368373c5955e
SHA512 c4313db192865d86b704c843d99d6a61f4928a81a08af8a6e8f11681157223a500919aa2d2a6ebb4fe15453dd9dae447cee489cd8936e93a12de38ee2db744c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a15d8829d881b983649c0e80ad966933
SHA1 c50a002568ccf559ad0c1c414bc5221beb23e514
SHA256 84690812263045dda0c851225345d0722d85ae0ad31eb436ada3974f9bf8e48c
SHA512 9399c830235291e45eda2c266ba312ef84c98eb08f0c62d126d8b3f77e33635ec9e1064fd30902e72e15c097807766de67b03b47da65aaf70b6cc01e0eb1ce81

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e93010daf9a0d0ec4259ae1d7b2a8576
SHA1 2f14c4481ab1a5a41a257794287c01868be304ba
SHA256 a19681c03e29ac0f2e524f4955628680bd6980a89d4840814f5709bf8fc25060
SHA512 6ea627daf1560cc0f8da926fe1ce98d2961f82102029e5825b930e5d03fe350fce26c62031204101b2030816d9276ad13f887df9853e0d12b77ff10d7255f244

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 712945de88f768b7db0d1aa8bb6bf1cf
SHA1 2f3df66c9f0d5a3bb4f156b2aac9a3f3fc1149a4
SHA256 75ed230fc286f56eeb02f112ce279fc4171cd694be7dfc4c3ee6eedc040c6fdc
SHA512 5b8c7aa77b0c3411330135fae79512f3e1a186fc759bafc62306f9b5f6c6b5847dee47760656a9d7c6d6093a973a995e0f388c872a22407587678bb4e47dc4aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7c68bec457d0db411dc89f53064244e4
SHA1 144d98a3a01a389c40b7aa0f6df6f95ea00c4dbb
SHA256 7c86261593514543237463c225cf8dd4543d959bfbdbb2c494e816b5f6b5f4e9
SHA512 7fe74a1bdb68ff9a2c980f952e34aaa19cd04f09a036f2bf9770769b8c628d4b522a6e175829ef1022da0323a6b278df87827c8947ec0e6d526a64055398b668

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 27bd49657ed441e98740272d65b8834b
SHA1 e65f274d605021f6d7f43110eeb227c5610f45a0
SHA256 8041918e0bc33af8ae915a240d28b7049c15f4a51286899a50e84309aa626d3c
SHA512 364748277b20611abb5be5abc77e315cc548ca1e59c23729d758dc7b8a830fcc00efcd8a212659229610cef0a83167244ac0fbcafe9a748127144ed05621e027

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7847839a0619b423cd0900a3aa5b77c1
SHA1 08c59a4c7b96a9073212382822ec98e5692fcec2
SHA256 efda2191fd0eb61baf2730699cf4a0ef76841c3d1468ada946db8e5973dd14c0
SHA512 40de135bb4952cfa8a64c87dad0730533a8683cc6c88e664fa4077e5f30650b4efbf6f9681c74c61c8459a24fead473b8b2b0a8df3f52cefbe0d7aa86536849f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2bff44411d08fe33d554c5890128f51c
SHA1 d4068566c3f9a8847f57708431b03162dc47a2dd
SHA256 9cba3fe257c99e6fb552d829727edf374d49179513ceae59c661299416881756
SHA512 eaf1ffcf75b8408088ad2b4b3015143e09b3a06abfd1d912937bf0662e2c35fe90fe3a944fd4fdaa3d0d4b72c8e1716ab7f32d9f379050c3dc500842da87b8c5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 57f2ea62672484067a4fe52af3401df1
SHA1 afa404908384d5bf0252cdd8d5c98e83603b6451
SHA256 e166f1cf9c40e36fa9725ff0c875e19127940750d25659e6b247332cef065da1
SHA512 214f59929bc94667236c9ba1b43f2ef1d47ad890dd04c88a231b36060897d7d50abcf2e066e34c082a0bbc0446c00079dc5be90f86f83e045c931bed66975461

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e15a691022941fb73511719a2e367673
SHA1 6f372fc9b7849461799952dd1e28730eb9bac4d0
SHA256 99dd952cb861575988089a1a06ab12b5e022629956cd81019f09fbd05c637892
SHA512 a836a926140b39fccb0272fbe935f6912712cd3513ef33b91ea84c5a34fe67eaf0bd35a6d9d5eedce7563cb4099bddbe092718293f8bf980b00c4996aaa204f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e30c6b2103a2bd96d6d092cc59d96045
SHA1 630e864071e9bc4fd1b6b11eb8cdf66a0cc2463a
SHA256 8c2288de8072774dde412d5ce83d1d12e760d7497bdf1f7a27d2aa5ed11f4080
SHA512 a45bcc82d3bd470fcd1098222ee970a177d43fd79dcd022e44915cd13ea905e00b3c9d0457eddcb00fb574fd3938b8cbf880ad2ec94365af95f936a0eb2135db

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 aa1112cbf01f6cadcfee640664ee10dd
SHA1 5bbbd6d77b5deab3ee43bac849074499b0461079
SHA256 cf0b4f4491cb09f04920c2c969b10cbf603e9c2c24e2ea192d02fcb0c47d807e
SHA512 758da18b3530006b150596bfb6e215d66239d5a6f9f166b8238f0abd5d2da6ddc39faf3577b97c3358c2ac5b78dcaa5e050b2a9a01043a16ad7dee0f949f25b0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c2e187706f3e04e32fd4d9793a742340
SHA1 5fe9ef32903b96e0b10f50b06f601e80e8ce6abb
SHA256 a6bc3c32fa44672fcaf214b7f376bb1248b022d165e6de0d28876f587b08c5e0
SHA512 50b9daf7a849d182dee21c023c04bbebcd1fcf74aaa29be6ac1c99c0cca69b36358a311ac1ebd10f48ab607f594726d0c1dd966a83dc00586b816323650b303d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cd642f660149459a9fa14bef6d090d83
SHA1 a66aa13ea1626332c0e7d15afeed950f94c5b768
SHA256 4a68ae2aab2400301467b646b0098a7ee4f082f41480404efca3a6bfc6178106
SHA512 91fd1f0242780521f73319e6b8665dbfcc5674ec94d60cd6f93d559d7fae61af2273ddbc5bfe7ee8033dd8413c7733d1a4d52f4589d62ed586369907de37bde6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2ab3c503663451126330172737761501
SHA1 826d1e2903a71e6b40a7ef65e158677fca36f137
SHA256 139ae544524a3822ae3b059e69b3ffafffb3051b806b2f3a34cefca500f719f1
SHA512 228ac3b7e90d96067b7544335ca1cc47ff7c86676ef899f4c21383c4db9ab0edda1157a008d96e09a3c9365558dd92ac36beab53298f477affc492823bb3784c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 449c497b34b2ec4155562b543568bbc5
SHA1 ee0c8bfe682497015d1fbba3c4c8c4816cf71a4c
SHA256 eeb78165833c86c9bbc8d619744f166c18f515c2c0905bfc2a3c8cb6054aeb4b
SHA512 64d5d4b485cfad3b50be6ecb477d783e9468d3f083a4db6df36ff3e22edb8629036c39ab65ae1ea4950679d158627160317139e8e2be2313f04141df422f4f86

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2610f5a6ea32907d41aad57d983855d0
SHA1 8f30d014086c0098b5675ad7a9faef723f19fa6e
SHA256 110ffa7f5872cd50e9b6a842adc6e03cc6005d9b91af84d8b7f51e755ddbfab2
SHA512 3efdb1386167f8668341f8338d2552f85af9e0c99d4e4bebdf65739101954b9e519524dca5e4b136914a68e405b1f321859450b03b8bdc3a8c49779fd9376019

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6bf59a2c497a28dae4f0ff5383d3b44c
SHA1 7dff55212d40f026b8ef1da7a23ddb912c8ef00e
SHA256 c1dfcf35b06b308f25d6bf67743b2cab692eb3a2fd799db800d232dba3ba4477
SHA512 fbd9fd21bfac9a1cfb4f6369d1940b80287887e24fae6ca9cace6c0f6d575e30766183fd0366eda8d748d00bcb841a90fe26997ce4282bbfa7901de97e164bbb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 79f462d3fb48b3cf22c1975d8866d9d5
SHA1 8c4e4848b92d1dae21c4bf03edcfc6561efbb96e
SHA256 d5408113abbe34a42296e7d19c07d4ef455de87beb0a62d2827339386259368e
SHA512 24ef485692e41ce2fbee449c85b5618999ee8f01b8de053d1d35fed61b1245e36c043de7fb9d4c7387e270bb21bd8c60a3f98708e12cef4a3301c17a8f2497aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5363a5dc1ad677b60617e54aa80449eb
SHA1 09c7e89b14e3726d5f0d85862122c6085f6ac3a1
SHA256 5b40a6b723cab71538d20e4307b95f12d08578b470bd0bf060a15aa7b6ef470e
SHA512 e1fd0d4c2027326f582f7bc603c154e3d80bdf388392ab985878a419eb54d16121dba9ac53c45a4c8bfb59f879f3e60c7ad4b766b74856e79e6a61264de5fb3f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f560eeb5fd5a01d4d830eb817e408f69
SHA1 0eab2406b71c37894a843192b0ca48ddec19a24b
SHA256 ebf414cb79164d56de5eb7f2df922bb4bc6479c775f3189578d99d86fee25465
SHA512 25497046df3dd49e5369d0b651e275bc9eb1981b3f01a2e5a1f4fa21e247fe766b530ec77ee2473c7ce5c151a10f2f8c09e9d87c97eb82bb58b24866bdb43022

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8f3ad4417488fa7ea635b38c27a13adf
SHA1 8b4e6128135fb83f8d0d47ff985c59a4fbb61726
SHA256 f6d890c48aebf3b62c8799328ac15697d47d6a5431702f859b62efd2e287ba6a
SHA512 d79c831b95ce4021e8ff3ac4cc741c9e8cf8590e6928828dfef07027765c1e1fcec7bf9534b198ed49c078702f84c231b606acd86f2a1cb12925aa171f25be37

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cc2531a7b4618a0e98b663fafedd9cb6
SHA1 9a493058c0b6be8c8f05d8989271f5939e40b228
SHA256 3a20a6dd1dcfc63f6a2f8c7f84da77ec17359799039af5429f57d4d67c65f8fb
SHA512 71fd4e7a4b03951ee2fd229ac4c225e05b5143379f53fae535369563a079f022d8db45c18c1692a1491421c38e1a666a1e806257597de341136351bba1fa3247

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a927af303235b817421da8254860d952
SHA1 8d0e8f980cc5ff2171d6c2ba6be95882aea11f30
SHA256 708ed4a20f862de72026e445155f1beb4317029c0c06e18faf77b12acf5ecf75
SHA512 cf7eaaff23932440d51cebf5f83d677a10d5145a262f297824c0d2c65eee4f71422c3d49bb7a83873d380b3409bdaa22b310b957590471a385044255d107f164

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 727ba3a7ce79633e84cce701349ded4a
SHA1 0c03089059f7fa8aa82e4df2505e6174f9a94e02
SHA256 88fe69599b5ff66642414ab7d4c5ae323064fc0081b9ab7c828c36293ac49ad5
SHA512 0eb1d6e2ad837e88475652e885f53809f3be51b179a41fa5f35aff4e90b3fc1e70eb7cf6b22687007cf0d22eaf205328bf543507a18052eea3efc56e7bbe347d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 004165c65f03faead209f69f91d3ef39
SHA1 d351f40ebdef9307382133bcdd5d9afcd0aa2a4e
SHA256 d51be0bc9b63a51793a280e1c48e6a22b0b587e3b44defb93980824847c9e536
SHA512 f8e75f1631ca980daf1b8362812f700b7917f5e45e60207fdd8b39454fde4bcd4da90b05f8287110628e8c6ad0268f2eace343b08fe66f02e338ec630da77144

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 79a09f1425e0088c174b6afdb022fe8d
SHA1 88c2a5f2a8a07cbc8a74fc3ff5b3bd9dbcee741b
SHA256 25c51cd3efea5df533cb6154c6dfdbf37ba844aaf9f5da94078c72dd7ef8230a
SHA512 e2e517c5dd778fae80a4301417b60eb00ab9bb47c28f4206e51668caf369b0d2ba2b66b98d766b58a6e26a004f7087df2cde92a6ad9611e612fe0af66b8652b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 558de3b4c108b68f674e609a56185486
SHA1 ddf2453c714c91d249c7ccecdc2314499e533f5c
SHA256 d6f33df93ed21169e51a0df85610954364b80cae845190167e3e1c28f9b3c53d
SHA512 62800bb5e23df01910b1647731e6c677adbfd1465bfbab5efd4f6ce8b7b0fe687480c96f0fe811d5dd3911645c316ec3048621e66ec0fd2e2df7db72f3b8ef17

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 18e865d9b9c2fd3ffec92e0a332f7dc4
SHA1 ebfd096bd0c14a34cedd5ecc3bb0fbe66674d6b3
SHA256 37ab4eb149f42f5d2cd25b4d4b873b8ef919d61a4e28803864a01ec28764132a
SHA512 1b85bd97c55cd849b511d8653f289bae962a5a0615cfd28ecd3cc79f104777f6a40b4a57bd093452f58f64b6ad6e9e8735e6c6a011b22d24437db7c41654ec1e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3bd0a0574a69beb691a11cda72cfcd0c
SHA1 789b69f624228722da0776406913efb3727231c6
SHA256 c7b753fcbb41870a5a63c7a06c82bb9d4f083c098b80959575a79b107456ef43
SHA512 db3c6d667aaa22091572c972cf8e0aaf3bc3b6f18cbaa9c55011fee9fb23bb6eb18cddf0c242028194476421799e0b17394f53212ed612dca2cb92e274726b8f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9a353e85c62bba93b20d7bf175622aa8
SHA1 7fad15dac17f3e19470e6543eb30495ef55b190b
SHA256 9b6512de7dd3e72d89361ea0e459ed7284352eabb8b9dcb8a1a65685f0b6ec1c
SHA512 270fd3596b7a8a0c6aa3bee95e4f59a419785eee002b74a1a820428b02997b2e2052ef65fd898400801643ee9dc0a169e9fafa5dd8a45f2231c716167f84ad48

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f7da0017f4225b68225435e7f8e2b7a8
SHA1 5a74a9d4f754baf007e7996444ccb3ec96134caa
SHA256 09e36b508710457d64b6b2321b3370c1e5517821fc4c166c19a8de9d33c34f75
SHA512 d00637b0ef1b0729595b154d49c0602c1f2ef0ec2de5595fd341706f288d474db711815cda90ec785c972504d18e1db4c0c293b8cfc704aa7c3bd89728437702

Analysis: behavioral3

Detonation Overview

Submitted

2024-04-30 21:01

Reported

2024-04-30 21:31

Platform

win11-20240426-en

Max time kernel

1799s

Max time network

1798s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://create.roblox.com/landing

Signatures

Downloads MZ/PE file

Modifies Installed Components in the registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A

Sets file execution options in registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EUD86.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EUD86.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\MicrosoftEdgeUpdate.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88C0AD10-71FF-4C7E-8D13-2B0E0DE8D127}\MicrosoftEdge_X64_124.0.2478.67.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88C0AD10-71FF-4C7E-8D13-2B0E0DE8D127}\EDGEMITMP_5F140.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88C0AD10-71FF-4C7E-8D13-2B0E0DE8D127}\EDGEMITMP_5F140.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88BB5F44-A5D5-4051-A6AA-3371503EFB13}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUD86.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BA6AF376-247B-4171-8057-6A700F5092FC}\BGAUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\MicrosoftEdge_X64_124.0.2478.67.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A

Registers COM server for autorun

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\PdfPreview\\PdfPreviewHandler.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\notification_click_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\notification_helper.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\BHO\\ie_to_edge_bho_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\EBWebView\\x64\\EmbeddedBrowserWebView.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\!BCILauncher = "\"C:\\Windows\\Temp\\MUBSTemp\\BCILauncher.EXE\" bgaupmi=3109941D3B0D49BD845E7FF6062317AF" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BA6AF376-247B-4171-8057-6A700F5092FC}\BGAUpdate.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A

Drops desktop.ini file(s)

Description Indicator Process Target
File opened for modification C:\Users\Admin\Videos\Captures\desktop.ini C:\Windows\system32\svchost.exe N/A

Installs/modifies Browser Helper Object

stealer adware
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EUD86.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EUD86.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\FriendsMenu\Dev\GraphQLServer.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\GraphQLServer\Dev\RecordPlayback.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\StudioSharedUI\videos.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\ui\VoiceChat\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\IAPExperience\IAPExperience\Generic\U13ConfirmPrompt.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\Scheduler\Scheduler\unstable_mock.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\Core\Style\Validator\validateColorToken.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\EditProfile\RoactAppExperiment.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\ui\Settings\LeaveGame\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\ui\TopBar\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Light\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\LuauPolyfill-2fca3173-0.4.2\LuauPolyfill\encodeURIComponent.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\vcruntime140.dll C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Trust Protection Lists\Mu\Advertising C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Locales\pt-PT.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\ui\VoiceChat\SpeakerLight\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Lua\FileSync\Dark\Large\Export.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Light\Large\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\PlayerList\Components\PresentationMobile\TitleBar.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\RoactNavigation-067f4e4b-660967ca\RoactNavigation\utils\TableUtilities.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\ContactsToast\NetworkingUsers.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\ui\Emotes\TenFoot\SegmentedCircle.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Dark\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\Flags\GetFFlagBubbleChatInexistantAdorneeFix.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\textures\ui\LuaChat\graphic\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\UGCValidation\UGCValidation\util\createAccessorySchema.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\SocialCommon\Dev\Rhodium.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\avatar\unification\testScripts\CodeBlockTestScriptOneLine.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Light\Standard\AudioDeviceOutput.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\Server\ClientChat\DefaultClientChatModules\ChatLocalization.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\VR\Recenter.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\NetworkingFriends.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\Core\Config\Config.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\JestEach-edcba0e9-2.4.1\JestTypes.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\Qml\QtQuick\Extras\Private\CircularButton.qml C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\Debugger\Dark\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Dark\Standard\Interface.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\JestCore\RegExp.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\WidgetIcons\Dark\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\DevConsole\Components\Memory\ClientMemory.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\InGameMenu\Components\InviteFriendsPage\InviteFriendsPage.spec.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Lua\AvatarCompatibilityPreviewer\Light\Standard\radius.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\UGCValidation\UGCValidation\validation\validateProperties.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\NotificationsCommon\NotificationsCommon\default.rbxp C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\OtaPatchLoader\Dev\JestGlobals.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\ui\VR\chat.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\ViewSelector\front_hover.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\Settings\Components\MuteToggles.spec.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ucrtbase.dll C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Light\Standard\AdPortal.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\Qml\QtQuick\Controls\Styles\Base\images\scrollbar-handle-horizontal.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\StudioSharedUI\menu.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\BuiltInPlugins\DepFiles\RoduxDevtools.d C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudio_license.html C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\FriendsLanding\RoactRodux.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\SocialContextToasts\RobloxAppLocales.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\Qml\QtQuick\Controls.2\Universal\CheckIndicator.qml C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Light\Standard\Chat.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Light\Standard\MaterialService.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\Core\Cell\GenericSelectionCell.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\Flags\getFFlagEnableShimmeringIconLegacyChatService.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\LuauPolyfill-2fca3173-0.4.2\LuauPolyfill\types.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\PremiumUpsellDeps.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\AppBlox\SharedFlags.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88C0AD10-71FF-4C7E-8D13-2B0E0DE8D127}\EDGEMITMP_5F140.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88C0AD10-71FF-4C7E-8D13-2B0E0DE8D127}\EDGEMITMP_5F140.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88C0AD10-71FF-4C7E-8D13-2B0E0DE8D127}\EDGEMITMP_5F140.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88C0AD10-71FF-4C7E-8D13-2B0E0DE8D127}\EDGEMITMP_5F140.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88C0AD10-71FF-4C7E-8D13-2B0E0DE8D127}\EDGEMITMP_5F140.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88C0AD10-71FF-4C7E-8D13-2B0E0DE8D127}\EDGEMITMP_5F140.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88C0AD10-71FF-4C7E-8D13-2B0E0DE8D127}\EDGEMITMP_5F140.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88C0AD10-71FF-4C7E-8D13-2B0E0DE8D127}\EDGEMITMP_5F140.tmp\setup.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key opened \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\System32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\System32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio-auth\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio-auth C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "1" C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "6" C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge\InstallerPinned = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "3" C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "10" C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Modifies registry class

Description Indicator Process Target
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{08D832B9-D2FD-481F-98CF-904D00DF63CC}\VersionIndependentProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachineFallback\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\NumMethods\ = "41" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ = "IGoogleUpdate3WebSecurity" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\NumMethods\ = "9" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ = "IPolicyStatus" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\ProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ = "IGoogleUpdate3" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreMachineClass.1\CLSID\ = "{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\NumMethods\ = "17" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface\{C9C2B807-7731-4F34-81B7-44FF7779522B}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgeHTM\shell\open\command\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe\" --single-argument %1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusSvc C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ = "IPolicyStatus4" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Interface C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ = "IRegistrationUpdateHook" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\NumMethods\ = "10" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\ = "Microsoft Edge Update Update3Web" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{C9C2B807-7731-4F34-81B7-44FF7779522B}\1.0\0 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgeHTM\shell\runas\ProgrammaticAccessOnly C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\ProgID\ = "MicrosoftEdgeUpdate.PolicyStatusMachine.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\NumMethods\ = "12" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\NumMethods\ = "11" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ = "ICoCreateAsync" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\ = "IGoogleUpdateCore" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\PdfPreview\\PdfPreviewHandler.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\NumMethods\ = "10" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ = "IPolicyStatus4" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\NumMethods\ = "12" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LoadUserSettings = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods\ = "8" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\RobloxStudioInstaller.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3044 wrote to memory of 3696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 3696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 4968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3044 wrote to memory of 1104 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

System policy modification

evasion
Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe N/A

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://create.roblox.com/landing

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffb3369ab58,0x7ffb3369ab68,0x7ffb3369ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1512 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2156 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2980 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3124 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4252 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4188 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4224 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3084 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3096 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4800 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4824 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4664 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4396 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5068 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2420 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:8

C:\Users\Admin\Downloads\RobloxStudioInstaller.exe

"C:\Users\Admin\Downloads\RobloxStudioInstaller.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5080 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:8

C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OTE2REMzQjAtODE0QS00NzNGLTg5MzMtNTJDODQyNTJENjU1fSIgdXNlcmlkPSJ7QzBENzIwRTAtMEMwRi00N0RBLUEzNkQtQTlCRjcwRTRERTAzfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins2ODA0ODIzMy0yMDhBLTRENDItOTE0OC1GNDdDNDU2MjUzNTd9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE0My41NyIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjUzMjIxMjk4NTEiIGluc3RhbGxfdGltZV9tcz0iNTgxIi8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{916DC3B0-814A-473F-8933-52C84252D655}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OTE2REMzQjAtODE0QS00NzNGLTg5MzMtNTJDODQyNTJENjU1fSIgdXNlcmlkPSJ7QzBENzIwRTAtMEMwRi00N0RBLUEzNkQtQTlCRjcwRTRERTAzfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntEQjMxQUQ5NS0zQTE2LTQ5MzAtQjFDNi0xMDExQjM2RjNBMTR9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTEwLjAuNTQ4MS4xMDQiIG5leHR2ZXJzaW9uPSIxMTAuMC41NDgxLjEwNCIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9IjUzMjUzMDk3MDUiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88C0AD10-71FF-4C7E-8D13-2B0E0DE8D127}\MicrosoftEdge_X64_124.0.2478.67.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88C0AD10-71FF-4C7E-8D13-2B0E0DE8D127}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88C0AD10-71FF-4C7E-8D13-2B0E0DE8D127}\EDGEMITMP_5F140.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88C0AD10-71FF-4C7E-8D13-2B0E0DE8D127}\EDGEMITMP_5F140.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88C0AD10-71FF-4C7E-8D13-2B0E0DE8D127}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88C0AD10-71FF-4C7E-8D13-2B0E0DE8D127}\EDGEMITMP_5F140.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88C0AD10-71FF-4C7E-8D13-2B0E0DE8D127}\EDGEMITMP_5F140.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88C0AD10-71FF-4C7E-8D13-2B0E0DE8D127}\EDGEMITMP_5F140.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x244,0x248,0x24c,0x220,0x250,0x7ff7b5a488c0,0x7ff7b5a488cc,0x7ff7b5a488d8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5336 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5224 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=2536 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OTE2REMzQjAtODE0QS00NzNGLTg5MzMtNTJDODQyNTJENjU1fSIgdXNlcmlkPSJ7QzBENzIwRTAtMEMwRi00N0RBLUEzNkQtQTlCRjcwRTRERTAzfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntFQzkzRjRCRS04RjVBLTQ5RkEtOTk2NC03OUI1RTZCN0ZGMkV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIxMjQuMC4yNDc4LjY3IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1MzM3MzY5ODM2IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNTMzNzQyOTg5NyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU1NDIzODU4MzgiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5mLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzEzMWJkNWQ3LTljNjUtNDc2YS05MDc1LWUyNDk0ZjhkYTllND9QMT0xNzE1MTE1Nzg3JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PVNMUnNPZDJWNTlnRjVGN3ZqTkVhcVYwd25pR3NrT2d6alZ4RDhLMG9ZRndtYndKN0xmbXJ4cFlXdUZ1S01yTXZZeEhxeFVLOFlZNEUxUkFReCUyYnhLUXclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNzI3MjM3NjgiIHRvdGFsPSIxNzI3MjM3NjgiIGRvd25sb2FkX3RpbWVfbXM9IjE0MzU5Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNTU0Mjg1NDYwMCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU1NTY5MTczNDYiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY3NTciIHN5c3RlbV91cHRpbWVfdGlja3M9IjU5OTQ4OTUwMDUiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSI4NTIiIGRvd25sb2FkX3RpbWVfbXM9IjIwNTI5IiBkb3dubG9hZGVkPSIxNzI3MjM3NjgiIHRvdGFsPSIxNzI3MjM3NjgiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIwIiBpbnN0YWxsX3RpbWVfbXM9IjQzNzk4Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe" -startEvent www.roblox.com/robloxQTStudioStartedEvent -firstLaunch

C:\Windows\System32\GameBarPresenceWriter.exe

"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --enable-features=MojoIpcz --mojo-named-platform-channel-pipe=828.4976.17537780850572878666

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=124.0.2478.67 --initial-client-data=0x17c,0x180,0x184,0x158,0x18c,0x7ffb1b8eceb8,0x7ffb1b8ecec4,0x7ffb1b8eced0

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1760,i,10164307306478898323,17210001735975952194,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=1748 /prefetch:2

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --field-trial-handle=2024,i,10164307306478898323,17210001735975952194,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=2036 /prefetch:3

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --field-trial-handle=2080,i,10164307306478898323,17210001735975952194,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=2208 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3492,i,10164307306478898323,17210001735975952194,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3516 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3792,i,10164307306478898323,17210001735975952194,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3896 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3660,i,10164307306478898323,17210001735975952194,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3640 /prefetch:1

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004BC 0x00000000000004B8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5508 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2992 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:8

C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe" roblox-studio:1+launchtime:1714511134736+avatar+browsertrackerid:1714511033097003+robloxLocale:en-US+gameLocale:en-US+channel:+browser:chrome+userId:4155035591+distributorType:Global+launchmode:edit+task:EditPlace+placeId:15350820071+universeId:5294748261

C:\Windows\System32\GameBarPresenceWriter.exe

"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88BB5F44-A5D5-4051-A6AA-3371503EFB13}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88BB5F44-A5D5-4051-A6AA-3371503EFB13}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe" /update /sessionid "{0A9B2D79-4DF3-48DC-A857-524D0C02FCE7}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MEE5QjJENzktNERGMy00OERDLUE4NTctNTI0RDBDMDJGQ0U3fSIgdXNlcmlkPSJ7QzBENzIwRTAtMEMwRi00N0RBLUEzNkQtQTlCRjcwRTRERTAzfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins5RUUwNDE1Qy1DREY5LTQ3RDQtQkJDNC1CNkE2MzVDQTRDRjB9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTcxLjM5IiBuZXh0dmVyc2lvbj0iMS4zLjE4NS4yOSIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijg4MzU0NDcxMDYiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODgzNTYwMzE1NiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMCIgZXJyb3Jjb2RlPSItMjE0NzAyMzgzOCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTU3NjA3MTk2NSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iZG8iIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzcyZWQ4MDg3LWVlOTgtNDI5Yy05MzMwLWNhM2MxOTNkNDFhZj9QMT0xNzE1MTE2MTM3JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PVlhdzVtR2FzaHVRMHRYaE94YUNPSjg0cEdRSDdrSFp4UGhtbWROdnNERFF2UGY5RjdzTE5jWExEc3h3dkJPNjZiaWRVb1hpTUVPVzJGWXlHWWFRVjFnJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMCIgdG90YWw9IjAiIGRvd25sb2FkX3RpbWVfbXM9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTU3NjA3MTk2NSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNzJlZDgwODctZWU5OC00MjljLTkzMzAtY2EzYzE5M2Q0MWFmP1AxPTE3MTUxMTYxMzcmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9WWF3NW1HYXNodVEwdFhoT3hhQ09KODRwR1FIN2tIWnhQaG1tZE52c0REUXZQZjlGN3NMTmNYTERzeHd2Qk82NmJpZFVvWGlNRU9XMkZZeUdZYVFWMWclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNjMwNzkyIiB0b3RhbD0iMTYzMDc5MiIgZG93bmxvYWRfdGltZV9tcz0iNjk3NTAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTU3NjM4NDM1OCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5NTgxNTQxMjU4IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PHBpbmcgcj0iLTEiIHJkPSItMSIvPjwvYXBwPjxhcHAgYXBwaWQ9Ins1NkVCMThGOC1CMDA4LTRDQkQtQjZEMi04Qzk3RkU3RTkwNjJ9IiB2ZXJzaW9uPSI5MC4wLjgxOC42NiIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1ODYyMDE2OTg5MTcxNTAiPjx1cGRhdGVjaGVjay8-PHBpbmcgYWN0aXZlPSIxIiBhPSItMSIgcj0iLTEiIGFkPSItMSIgcmQ9Ii0xIi8-PC9hcHA-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IjEyNC4wLjI0NzguNjciIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgdXBkYXRlX2NvdW50PSIxIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1ODk4NDY1NzIzNTc0MDAiPjx1cGRhdGVjaGVjay8-PHBpbmcgYWN0aXZlPSIxIiBhPSItMSIgcj0iLTEiIGFkPSItMSIgcmQ9Ii0xIiBwaW5nX2ZyZXNobmVzcz0ie0Q5OEExQ0I0LTNERDAtNDEwNC05RTYwLThEQzIxMjZBRjEyOH0iLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\Temp\EUD86.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EUD86.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{0A9B2D79-4DF3-48DC-A857-524D0C02FCE7}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MEE5QjJENzktNERGMy00OERDLUE4NTctNTI0RDBDMDJGQ0U3fSIgdXNlcmlkPSJ7QzBENzIwRTAtMEMwRi00N0RBLUEzNkQtQTlCRjcwRTRERTAzfSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7OTQ5RUIzMEUtMzJFQi00ODM2LTlDRDQtRjgyRTY0QzRBMkMzfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xODUuMjkiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIwIiBpbnN0YWxsZGF0ZXRpbWU9IjE3MTQ1MTA5ODQiPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijk1OTEwNzE5NzQiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QzA2NEZBQTEtREM1RC00NUMxLTg2QUEtQ0YzMUJFMDUyQkNEfSIgdXNlcmlkPSJ7QzBENzIwRTAtMEMwRi00N0RBLUEzNkQtQTlCRjcwRTRERTAzfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7QUJEM0FFOUUtN0JDOC00QzlCLTg0NTctRDA2MDY2NTNCMjAyfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7RHhPYmpIR2ErblJhMmF0QzN3bytJRXBDNzgrWlllQVVia1hwREMyY2o3VT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTEwLjAuNTQ4MS4xMDQiIG5leHR2ZXJzaW9uPSIiIGxhbmc9ImVuIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjQiIGluc3RhbGxkYXRldGltZT0iMTcxNDE0NTU5MSIgb29iZV9pbnN0YWxsX3RpbWU9IjEzMzU4NjQzNTIwNDAzMzQ2NCI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjIxMTQwNjgiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyNTkyMDA5Mzg3Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BA6AF376-247B-4171-8057-6A700F5092FC}\BGAUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BA6AF376-247B-4171-8057-6A700F5092FC}\BGAUpdate.exe" --edgeupdate-client --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QzA2NEZBQTEtREM1RC00NUMxLTg2QUEtQ0YzMUJFMDUyQkNEfSIgdXNlcmlkPSJ7QzBENzIwRTAtMEMwRi00N0RBLUEzNkQtQTlCRjcwRTRERTAzfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins1RkU3RTE4Ri04Q0Q2LTQ3MzctQUMxNC0xMzYzNkQ4OTc3NTh9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9InsxRkFCOENGRS05ODYwLTQxNUMtQTZDQS1BQTdEMTIwMjE5NDB9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIyLjAuMC4zNCIgbGFuZz0iIiBicmFuZD0iRVVGSSIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSItMSIgaW5zdGFsbGRhdGU9Ii0xIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjkiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyNjA5MTk3NzYyIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTI2MDkzNTMyMTgiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMCIgZXJyb3Jjb2RlPSItMjE0NzAyMzgzOCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTg1MDY4MDk0OTYiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImRvIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy81ZjE5NTYxMi0zODRhLTQ4ZWEtODQwOC1iNGVkZTlkYzU2YmI_UDE9MTcxNTExNjUxNCZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1GcUdtOU5GbFQ0TkpTdTBtRGd5aHAzM0FvNHFKaDZmYTFIR0R5dnJiV2hlajV6NzVCS21DTFp5ZHRNanFrQnklMmYycDZMbFlsN3AwVkoydzE5QzR4dnRRJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMCIgdG90YWw9IjAiIGRvd25sb2FkX3RpbWVfbXM9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxODUwNjgwOTQ5NiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNWYxOTU2MTItMzg0YS00OGVhLTg0MDgtYjRlZGU5ZGM1NmJiP1AxPTE3MTUxMTY1MTQmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9RnFHbTlORmxUNE5KU3UwbURneWhwMzNBbzRxSmg2ZmExSEdEeXZyYldoZWo1ejc1QkttQ0xaeWR0TWpxa0J5JTJmMnA2TGxZbDdwMFZKMncxOUM0eHZ0USUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE4MDQ0NDQ4IiB0b3RhbD0iMTgwNDQ0NDgiIGRvd25sb2FkX3RpbWVfbXM9IjU4NTMzOSIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE4NTA2ODA5NDk2IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTg1MTI3NDcyOTEiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxODUxNTI0NzA0NCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjEwNjIiIGRvd25sb2FkX3RpbWVfbXM9IjU4OTcxNCIgZG93bmxvYWRlZD0iMTgwNDQ0NDgiIHRvdGFsPSIxODA0NDQ0OCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iMjE5Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\MicrosoftEdge_X64_124.0.2478.67.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff60d3988c0,0x7ff60d3988cc,0x7ff60d3988d8

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff60d3988c0,0x7ff60d3988cc,0x7ff60d3988d8

C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe" --msedge --channel=stable --register-package-identity --verbose-logging --system-level

C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff7fd7788c0,0x7ff7fd7788cc,0x7ff7fd7788d8

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe -k AppReadiness -p -s AppReadiness

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NUMxQzZGMTctRTRBNC00QTc0LUFFODQtQTgyRjY3NkVGQUQ4fSIgdXNlcmlkPSJ7QzBENzIwRTAtMEMwRi00N0RBLUEzNkQtQTlCRjcwRTRERTAzfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins0QTcxNkNDMi02NjYxLTQwM0ItQjlCNi0zRjUyRDcwMzJGRTR9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtEeE9iakhHYStuUmEyYXRDM3dvK0lFcEM3OCtaWWVBVWJrWHBEQzJjajdVPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTg1LjI5IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9IklzT25JbnRlcnZhbENvbW1hbmRzQWxsb3dlZD0tdGFyZ2V0X2RldjtQcm9kdWN0c1RvUmVnaXN0ZXI9JTdCMUZBQjhDRkUtOTg2MC00MTVDLUE2Q0EtQUE3RDEyMDIxOTQwJTdEIiBpbnN0YWxsYWdlPSIwIiBjb2hvcnQ9InJyZkAwLjQyIj48dXBkYXRlY2hlY2svPjxwaW5nIHJkPSI2MzI5IiBwaW5nX2ZyZXNobmVzcz0iezBFNDlBNzlFLTBCMzEtNEFBRC05NEIyLUUwMEJGOUZFNTdGNn0iLz48L2FwcD48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iOTAuMC44MTguNjYiIG5leHR2ZXJzaW9uPSIxMjQuMC4yNDc4LjY3IiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGlzX3Bpbm5lZF9zeXN0ZW09InRydWUiIGxhc3RfbGF1bmNoX2NvdW50PSIxIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1ODYyMDE2OTg5MTcxNTAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE4NTUyMTIyMTEwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE4NTUyMjc4MjQxIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE4NTc4MzcyMDk2IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE4NTkxODA5NTQzIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxODk0NzU5MTAwMSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjEwNDciIGRvd25sb2FkZWQ9IjE3MjcyMzc2OCIgdG90YWw9IjE3MjcyMzc2OCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjIiIGluc3RhbGxfdGltZV9tcz0iMzU1NjIiLz48cGluZyBhY3RpdmU9IjAiIHJkPSI2MzI5IiBwaW5nX2ZyZXNobmVzcz0iezQwQzRDOTI4LTA2RTUtNEM1RS1BREE5LTM2OUIzOTdDRDE2Rn0iLz48L2FwcD48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iMTI0LjAuMjQ3OC42NyIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBjb2hvcnQ9InJyZkAwLjk1IiB1cGRhdGVfY291bnQ9IjEiIGxhc3RfbGF1bmNoX2NvdW50PSIxIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1ODk4NDY1NzIzNTc0MDAiPjx1cGRhdGVjaGVjay8-PHBpbmcgYWN0aXZlPSIwIiByZD0iNjMyOSIgcGluZ19mcmVzaG5lc3M9IntCRjUzN0Q4NS1ERjUyLTQ0QUItOEEyOC0xREIwMDgwRTQ5RDZ9Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

Network

Country Destination Domain Proto
US 8.8.8.8:53 create.roblox.com udp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
GB 18.244.155.97:443 create.roblox.com tcp
GB 18.244.155.97:443 create.roblox.com tcp
US 34.120.195.249:443 o293668.ingest.sentry.io tcp
US 8.8.8.8:53 economy.roblox.com udp
US 8.8.8.8:53 locale.roblox.com udp
US 8.8.8.8:53 users.roblox.com udp
DE 128.116.44.4:443 clientsettings.roblox.com tcp
DE 128.116.44.4:443 clientsettings.roblox.com tcp
DE 128.116.44.4:443 clientsettings.roblox.com tcp
DE 128.116.44.4:443 clientsettings.roblox.com tcp
GB 99.84.9.116:443 webblox.roblox.com tcp
GB 99.84.9.116:443 webblox.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.4:443 clientsettings.roblox.com tcp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
DE 128.116.44.4:443 clientsettings.roblox.com tcp
DE 128.116.44.4:443 clientsettings.roblox.com tcp
DE 128.116.44.4:443 clientsettings.roblox.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
DE 128.116.44.4:443 clientsettings.roblox.com tcp
DE 128.116.44.4:443 clientsettings.roblox.com udp
DE 128.116.44.3:443 realtime-signalr.roblox.com udp
US 8.8.8.8:53 116.9.84.99.in-addr.arpa udp
US 8.8.8.8:53 233.69.68.104.in-addr.arpa udp
US 8.8.8.8:53 3.44.116.128.in-addr.arpa udp
US 8.8.8.8:53 14.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
DE 128.116.44.4:443 thumbnails.roblox.com udp
US 2.17.251.12:443 tr.rbxcdn.com tcp
US 2.17.251.12:443 tr.rbxcdn.com tcp
US 2.17.251.12:443 tr.rbxcdn.com tcp
US 2.17.251.12:443 tr.rbxcdn.com tcp
US 2.17.251.12:443 tr.rbxcdn.com tcp
US 2.17.251.12:443 tr.rbxcdn.com tcp
N/A 224.0.0.251:5353 udp
US 216.239.34.36:443 region1.google-analytics.com udp
GB 13.224.245.123:443 setup.rbxcdn.com tcp
GB 13.224.245.123:443 setup.rbxcdn.com tcp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
GB 13.224.245.62:443 setup.rbxcdn.com tcp
GB 13.224.245.62:443 setup.rbxcdn.com tcp
GB 13.224.245.62:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:49975 tcp
N/A 127.0.0.1:49979 tcp
N/A 127.0.0.1:49982 tcp
DE 128.116.44.4:443 thumbnails.roblox.com udp
US 23.102.129.60:443 msedge.api.cdp.microsoft.com tcp
US 2.17.251.23:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
DE 128.116.44.4:443 thumbnails.roblox.com udp
DE 128.116.44.4:443 thumbnails.roblox.com udp
DE 128.116.44.3:443 ecsv2.roblox.com udp
US 216.239.34.36:443 region1.google-analytics.com udp
GB 18.245.253.65:443 js.rbxcdn.com tcp
GB 18.245.253.65:443 js.rbxcdn.com tcp
GB 18.245.253.65:443 js.rbxcdn.com tcp
GB 18.245.253.65:443 js.rbxcdn.com tcp
GB 18.245.253.65:443 js.rbxcdn.com tcp
GB 18.245.253.65:443 js.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 108.138.217.67:443 static.rbxcdn.com tcp
GB 108.138.217.67:443 static.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
DE 128.116.123.4:443 roblox.com tcp
US 172.64.154.86:443 roblox-api.arkoselabs.com tcp
GB 216.137.44.124:443 images.rbxcdn.com tcp
GB 216.137.44.124:443 images.rbxcdn.com tcp
US 172.64.154.86:443 roblox-api.arkoselabs.com udp
US 2.18.190.83:443 apis.rbxcdn.com tcp
GB 172.217.169.42:443 content-autofill.googleapis.com tcp
US 34.120.195.249:443 o293668.ingest.sentry.io udp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
US 2.17.251.12:443 tr.rbxcdn.com tcp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
DE 128.116.44.4:443 thumbnails.roblox.com tcp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
DE 128.116.44.4:443 thumbnails.roblox.com tcp
N/A 127.0.0.1:50673 tcp
N/A 127.0.0.1:50691 tcp
N/A 127.0.0.1:50694 tcp
N/A 127.0.0.1:50698 tcp
N/A 127.0.0.1:50702 tcp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 apis.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
DE 128.116.44.4:443 apis.roblox.com tcp
DE 128.116.44.4:443 apis.roblox.com tcp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 18.245.253.89:443 js.rbxcdn.com tcp
GB 18.245.253.89:443 js.rbxcdn.com tcp
GB 18.245.253.89:443 js.rbxcdn.com tcp
GB 18.245.253.89:443 js.rbxcdn.com tcp
GB 18.245.253.89:443 js.rbxcdn.com tcp
GB 18.245.253.89:443 js.rbxcdn.com tcp
GB 216.137.44.24:443 images.rbxcdn.com tcp
GB 108.138.217.124:443 static.rbxcdn.com tcp
GB 108.138.217.124:443 static.rbxcdn.com tcp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 metrics.roblox.com udp
GB 216.137.44.23:443 css.rbxcdn.com tcp
NL 128.116.21.4:443 roblox.com tcp
US 172.64.154.86:443 roblox-api.arkoselabs.com tcp
DE 128.116.44.4:443 metrics.roblox.com udp
DE 128.116.44.4:443 metrics.roblox.com tcp
US 8.8.8.8:53 apis.rbxcdn.com udp
US 8.8.8.8:53 apis.rbxcdn.com udp
US 2.18.190.83:443 apis.rbxcdn.com tcp
US 172.64.154.86:443 roblox-api.arkoselabs.com udp
DE 128.116.44.4:443 metrics.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
DE 128.116.44.3:443 ecsv2.roblox.com udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.4.4:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google udp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:51176 tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:51367 tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
US 2.17.251.47:443 tr.rbxcdn.com tcp
US 2.17.251.47:443 tr.rbxcdn.com tcp
US 2.17.251.47:443 tr.rbxcdn.com tcp
US 2.17.251.47:443 tr.rbxcdn.com tcp
US 2.17.251.47:443 tr.rbxcdn.com tcp
US 2.17.251.47:443 tr.rbxcdn.com tcp
US 2.17.251.47:443 tr.rbxcdn.com tcp
US 2.17.251.47:443 tr.rbxcdn.com tcp
GB 18.245.253.41:443 c2.rbxcdn.com tcp
GB 18.154.84.72:443 t7.rbxcdn.com tcp
GB 108.138.217.96:443 t4.rbxcdn.com tcp
GB 108.138.217.96:443 t4.rbxcdn.com tcp
N/A 127.0.0.1:52600 tcp
N/A 127.0.0.1:52602 tcp
N/A 127.0.0.1:52604 tcp
N/A 127.0.0.1:52617 tcp
N/A 127.0.0.1:52620 tcp
N/A 127.0.0.1:52734 tcp
N/A 127.0.0.1:52775 tcp
N/A 127.0.0.1:52784 tcp
N/A 127.0.0.1:52794 tcp
N/A 127.0.0.1:52801 tcp
N/A 127.0.0.1:52816 tcp
N/A 127.0.0.1:52823 tcp
N/A 127.0.0.1:52865 tcp
N/A 127.0.0.1:52867 tcp
N/A 127.0.0.1:52869 tcp
N/A 127.0.0.1:52871 tcp
N/A 127.0.0.1:53047 tcp
N/A 127.0.0.1:53053 tcp
N/A 127.0.0.1:53055 tcp
N/A 127.0.0.1:53057 tcp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
N/A 127.0.0.1:53081 tcp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
DE 128.116.44.3:443 ecsv2.roblox.com udp
GB 99.84.9.28:443 webblox.roblox.com tcp
US 216.239.34.36:443 region1.google-analytics.com udp
US 34.120.195.249:443 o293668.ingest.sentry.io udp
DE 128.116.44.4:443 auth.roblox.com udp
DE 128.116.44.4:443 auth.roblox.com udp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
GB 172.217.169.42:443 content-autofill.googleapis.com udp
GB 108.138.217.96:443 t4.rbxcdn.com tcp
GB 18.154.84.15:443 t7.rbxcdn.com tcp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
N/A 127.0.0.1:53249 tcp
N/A 127.0.0.1:53256 tcp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
N/A 127.0.0.1:53259 tcp
N/A 127.0.0.1:53262 tcp
N/A 127.0.0.1:53271 tcp
DE 128.116.44.4:443 auth.roblox.com tcp
N/A 127.0.0.1:53274 tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
N/A 127.0.0.1:54516 tcp
N/A 127.0.0.1:54518 tcp
N/A 127.0.0.1:54521 tcp
N/A 127.0.0.1:54535 tcp
DE 128.116.44.4:443 auth.roblox.com tcp
N/A 127.0.0.1:54538 tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.33:54130 udp
DE 128.116.44.4:443 auth.roblox.com tcp
US 2.17.251.12:443 tr.rbxcdn.com tcp
US 2.17.251.12:443 tr.rbxcdn.com tcp
US 2.17.251.12:443 tr.rbxcdn.com tcp
US 2.17.251.12:443 tr.rbxcdn.com tcp
US 2.17.251.12:443 tr.rbxcdn.com tcp
US 2.17.251.12:443 tr.rbxcdn.com tcp
US 2.17.251.12:443 tr.rbxcdn.com tcp
US 2.17.251.12:443 tr.rbxcdn.com tcp
GB 18.154.84.72:443 t7.rbxcdn.com tcp
GB 108.138.217.96:443 t4.rbxcdn.com tcp
GB 108.138.217.96:443 t4.rbxcdn.com tcp
N/A 127.0.0.1:54541 tcp
N/A 127.0.0.1:54543 tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
N/A 127.0.0.1:54729 tcp
N/A 127.0.0.1:54733 tcp
N/A 127.0.0.1:54740 tcp
N/A 127.0.0.1:54755 tcp
N/A 127.0.0.1:54757 tcp
N/A 127.0.0.1:54759 tcp
N/A 127.0.0.1:54761 tcp
N/A 127.0.0.1:54810 tcp
N/A 127.0.0.1:54812 tcp
N/A 127.0.0.1:54988 tcp
N/A 127.0.0.1:54991 tcp
N/A 127.0.0.1:54999 tcp
N/A 127.0.0.1:55002 tcp
N/A 127.0.0.1:55005 tcp
N/A 127.0.0.1:55019 tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
US 205.234.175.102:443 t6.rbxcdn.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
DE 128.116.44.4:443 auth.roblox.com tcp
GB 18.245.253.95:443 c2.rbxcdn.com tcp
GB 143.204.176.43:443 c3.rbxcdn.com tcp
GB 108.138.233.69:443 t6.rbxcdn.com tcp
N/A 127.0.0.1:55036 tcp
GB 18.245.253.75:443 t0.rbxcdn.com tcp
GB 143.204.194.74:443 t1.rbxcdn.com tcp
GB 13.224.245.117:443 t5.rbxcdn.com tcp
GB 143.204.194.74:443 t1.rbxcdn.com tcp
GB 18.245.253.75:443 t0.rbxcdn.com tcp
GB 108.138.217.96:443 t4.rbxcdn.com tcp
GB 143.204.194.74:443 t1.rbxcdn.com tcp
GB 13.224.245.117:443 t5.rbxcdn.com tcp
GB 99.86.114.128:443 t2.rbxcdn.com tcp
GB 99.86.114.128:443 t2.rbxcdn.com tcp
GB 108.138.233.69:443 t6.rbxcdn.com tcp
GB 18.245.253.75:443 t0.rbxcdn.com tcp
GB 18.245.253.75:443 t0.rbxcdn.com tcp
US 8.8.8.8:53 117.245.224.13.in-addr.arpa udp
US 8.8.8.8:53 75.253.245.18.in-addr.arpa udp
US 8.8.8.8:53 128.114.86.99.in-addr.arpa udp
GB 108.138.233.69:443 t6.rbxcdn.com tcp
GB 99.86.114.128:443 t2.rbxcdn.com tcp
N/A 127.0.0.1:55044 tcp
GB 99.86.114.128:443 t2.rbxcdn.com tcp
N/A 127.0.0.1:55050 tcp
N/A 127.0.0.1:55052 tcp
GB 108.138.233.69:443 t6.rbxcdn.com tcp
US 8.8.8.8:53 t3.rbxcdn.com udp
GB 18.244.114.17:443 t3.rbxcdn.com tcp
GB 18.244.114.17:443 t3.rbxcdn.com tcp
GB 18.244.114.17:443 t3.rbxcdn.com tcp
N/A 127.0.0.1:55080 tcp
N/A 127.0.0.1:55082 tcp
N/A 127.0.0.1:55084 tcp
GB 143.204.194.74:443 t1.rbxcdn.com tcp
GB 143.204.194.74:443 t1.rbxcdn.com tcp
GB 13.224.245.117:443 t5.rbxcdn.com tcp
GB 18.154.84.72:443 t7.rbxcdn.com tcp
N/A 127.0.0.1:55159 tcp
N/A 127.0.0.1:55161 tcp
GB 108.138.233.69:443 t6.rbxcdn.com tcp
GB 108.138.233.69:443 t6.rbxcdn.com tcp
GB 18.154.84.72:443 t7.rbxcdn.com tcp
DE 128.116.44.4:443 ncs.roblox.com tcp
DE 128.116.44.4:443 ncs.roblox.com tcp
DE 128.116.44.4:443 ncs.roblox.com tcp
DE 128.116.44.4:443 ncs.roblox.com tcp
N/A 127.0.0.1:55409 tcp
N/A 127.0.0.1:55977 tcp
DE 128.116.44.4:443 ncs.roblox.com tcp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
DE 128.116.44.4:443 ncs.roblox.com udp
DE 128.116.44.4:443 ncs.roblox.com tcp
DE 128.116.44.4:443 ncs.roblox.com udp
DE 128.116.44.4:443 ncs.roblox.com tcp
N/A 127.0.0.1:56048 tcp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:56051 tcp
DE 128.116.44.4:443 ncs.roblox.com tcp
N/A 127.0.0.1:56054 tcp
DE 128.116.44.4:443 ncs.roblox.com tcp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
N/A 127.0.0.1:56057 tcp
DE 128.116.44.4:443 ncs.roblox.com tcp
DE 128.116.44.4:443 ncs.roblox.com udp
DE 128.116.44.4:443 ncs.roblox.com tcp
US 2.17.251.47:443 tr.rbxcdn.com tcp
DE 128.116.44.4:443 ncs.roblox.com tcp
DE 128.116.44.4:443 ncs.roblox.com tcp
N/A 127.0.0.1:56062 tcp
N/A 127.0.0.1:56065 tcp
DE 128.116.44.4:443 ncs.roblox.com tcp
DE 128.116.44.4:443 ncs.roblox.com tcp
N/A 127.0.0.1:57234 tcp
N/A 127.0.0.1:57367 tcp
N/A 127.0.0.1:57369 tcp
DE 128.116.44.4:443 ncs.roblox.com udp
DE 128.116.44.4:443 ncs.roblox.com udp
DE 128.116.44.4:443 ncs.roblox.com tcp
DE 128.116.44.4:443 ncs.roblox.com udp
GB 18.154.84.19:443 t7.rbxcdn.com tcp
GB 18.154.84.19:443 t7.rbxcdn.com tcp
US 8.8.8.8:53 ecsv2.roblox.com udp
DE 128.116.44.3:443 ecsv2.roblox.com udp
NL 13.95.26.4:443 msedge.api.cdp.microsoft.com tcp
GB 104.91.71.144:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 20.114.58.89:443 msedge.api.cdp.microsoft.com tcp
GB 104.91.71.146:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
NL 23.62.61.104:443 www.bing.com tcp
US 8.8.8.8:53 104.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 14.160.190.20.in-addr.arpa udp
US 20.114.58.89:443 msedge.api.cdp.microsoft.com tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp

Files

\??\pipe\crashpad_3044_ITOMZPCMXCSDGMUU

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 08546b70eb5a841afd23987b15ba2fcb
SHA1 b010a7a713aae54d652a32601ac243a00ac7ebf0
SHA256 d3e82a238d05541c510892462d9b55a0f22bd8921cbb26cd026bfec8d5ac6594
SHA512 4778a3d6d5d051c7424c32fbd7330ca305ef4907f2f85a0dc925d86100bc98b406c76109c74fc70f17e1261e8df635fd71f5238f0e658d592b16f53da1543fbd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e3bb38429bb191ea6a95759f70710504
SHA1 c0eb3d678f156e4ea4a2a5291e3b96765b5aec5d
SHA256 7f20178012d8fbbd53f1264f80d1551c9da604291d97f7b27c6ee621542b8b0f
SHA512 2126f04668575187b360dc25a0407c38b9816de1965af0e316d1406c47a22c72289d5b50bbbf98f99f7521a322bf788ee6320bb652659e8fe2011f5880ac561d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 064f7521899b2f571bf381ffde1435a9
SHA1 4046b64b6cb5a4c1aa02c2678496c0787b06ea1a
SHA256 42036370b2ef91c3989eea615400c741d1540dd4d5d04b8ef4eded9c0b5c77d1
SHA512 fb1a2e914895d15fc6cdf49e3efe9d823278c3241b977ff20f65e34297762fb25e0ef7739bf5a67b16aa7be16ab75b6e66ed54c7df0edab783a6559e20754d81

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 21b7d66c9d91c0071d7a8ec0104326c9
SHA1 823a3da0f9671f5c728987152135d44a74843725
SHA256 4d0a8f93dd42f37a572f581e6fdac095bb2c7192d1a218ef0815525392e6a90f
SHA512 865bbe9a6b37d3290bdbf6edc613337e67a319a0b2cc0b20530b2d13751731e3a101e8351b0841f5ad6534dce8a3d288ca260a3c48a3c0cd0759cf2c6a2aef3e

C:\Users\Admin\Downloads\Unconfirmed 773002.crdownload

MD5 911c020a364b10fe1de664c01de4534c
SHA1 8731aee51722d2e1604864eb8f03abe3e6d35441
SHA256 cb84418aa6ff71e927125f05cd74b10cef07b40fe19a17f9ba5c3bd57f2d9591
SHA512 7e2c2259dde1fcb1a10a3864b1e24f892fb28d1c0a9a8b1b32d6b512d9f49b031cf6119f55dad008f0b2a5dc87ae606ee0c2918fdc44fc307d56bc933537db7b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a12b222e9871f72589876aa642a29c8f
SHA1 53f411ca38acef4113a8a918eb45f793b112982a
SHA256 ad7914a59c162f4dfeba3c2b54ab93fc232423db52be7b4ed8f758b8161ff4cb
SHA512 b008cafa367278112bd62a8d88e190076eb594f992baa7c1fc0085cdd59f0349e4b9d86152f0e6b66ccac152ccba99812ded5a380ba78ff7493298205c00ac85

C:\Users\Admin\Downloads\RobloxStudioInstaller.exe:Zone.Identifier

MD5 fbccf14d504b7b2dbcb5a5bda75bd93b
SHA1 d59fc84cdd5217c6cf74785703655f78da6b582b
SHA256 eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
SHA512 aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7edc5572f82e009eafe96a1bf5d24de7
SHA1 69387637a55620107d6df26284b4d81af6f4b178
SHA256 a0784dc8b0c96156125f5b3b603265a3aa743092e66ff7952e62028e779acf30
SHA512 a55f074dbb59dd4a5f5e3ff48e2c4abf507bd9ea5cf15e2757eda749776ba244e032d3eba86338e80bb941fba7de3a88f488e4d31fcf3ccedba90e1ff5e5ab32

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e86e1715603ec2c835a60f467cf4ad3a
SHA1 09d160a5b7b19159a4c119bdc88c6ad6fe2e4c92
SHA256 74bddbb186dcac84545a6a842906dc31d7f30016c65e3708a25ff5c1d5f6f3b8
SHA512 573f3f96d6774d88be91cbbfca1f0c2ee6e46d8e01f986a2a3c10bd29bd28c0b5c32ade4d9314000002a1f09601b269cd0c85963d605d3c749234247dde3bff7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 aea07c96747c7e0299d3d23a47bdfdb0
SHA1 0c307deeacd1bda06d45f906a91c5d3d45af3670
SHA256 0a817a9c9c53f694353993c82d09b7dd7d6c98ed73c4c8477e29fd213cbd4d66
SHA512 15dac9b82cec711b94b53ad9558869195e2cbff668e70a5ffa56f13d426f485fc4714940f976766b15bbb20b4dbc11eb1acac6d2854933ee2b437608ab8bd271

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57da81.TMP

MD5 e9cb15247381fa79319ed194c2d267c6
SHA1 3c2022bcd128221d2e4b9611dfce8a7c2979900d
SHA256 f59ef9af4de3f34c31735a9c3452df557c7961a8a93eba9d9e1f8395c8dad7ab
SHA512 d04413730ca0176268a12cf2bd63369671a382c7bfe382ce292302d2cd4fc9abbddfe31b0fa496bd7aeae5b33c5f07361e8feca36daae6701bb7f373dba4775d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 a607fc74ebf6fe2fa9c047f5aef0b29c
SHA1 955cad4cc934403d6fc5b05e1c322cbf0ef4021c
SHA256 fd39beba495107e34039712626bc23f3be8e7f667999729b2539698be75e8a56
SHA512 669e2ed6f9dbb600901fc823eb28ac633b2e005acdfbd6742f579cd7e15575e1744fd65fef607a01989ba93a2b6aaab869e2f1e6eb53b9859f1cbf219759c2b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 90af94f12ffb28f89e73e995e05adee6
SHA1 dc8117c41523711e90e6ae4060adc5b80c920c3b
SHA256 56d7b09ce1cd4b2626a8fdeb36c686e8ac899ffeaecc887ebbdab5404c126c47
SHA512 7d9d985475b65a7c6ecd14745264eb7c048aa590150b5d9e56eba08c3623149e6a054500e1f625e08739ebb4e6212cc97a69ea1f5db33c25b00282c61b9be51a

C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MD5 610b1b60dc8729bad759c92f82ee2804
SHA1 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552
SHA256 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08
SHA512 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\MicrosoftEdgeUpdate.exe

MD5 4dc57ab56e37cd05e81f0d8aaafc5179
SHA1 494a90728d7680f979b0ad87f09b5b58f16d1cd5
SHA256 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718
SHA512 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdate.dll

MD5 965b3af7886e7bf6584488658c050ca2
SHA1 72daabdde7cd500c483d0eeecb1bd19708f8e4a5
SHA256 d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19
SHA512 1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_en.dll

MD5 4a1e3cf488e998ef4d22ac25ccc520a5
SHA1 dc568a6e3c9465474ef0d761581c733b3371b1cd
SHA256 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011
SHA512 ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\MicrosoftEdgeUpdateCore.exe

MD5 c044dcfa4d518df8fc9d4a161d49cece
SHA1 91bd4e933b22c010454fd6d3e3b042ab6e8b2149
SHA256 9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2
SHA512 f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_af.dll

MD5 567aec2d42d02675eb515bbd852be7db
SHA1 66079ae8ac619ff34e3ddb5fb0823b1790ba7b37
SHA256 a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c
SHA512 3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_as.dll

MD5 a8d3210e34bf6f63a35590245c16bc1b
SHA1 f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693
SHA256 3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766
SHA512 6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_az.dll

MD5 7937c407ebe21170daf0975779f1aa49
SHA1 4c2a40e76209abd2492dfaaf65ef24de72291346
SHA256 5ab96e4e6e065dbce3b643c6be2c668f5570984ead1a8b3578bbd2056fbad4e9
SHA512 8670746941660e6573732077f5ed1b630f94a825cf4ac9dbe5018772eaac1c48216334757a2aeaa561034b4d907162a370b8f0bae83b34a09457fafe165fb5d7

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_bs.dll

MD5 e338dccaa43962697db9f67e0265a3fc
SHA1 4c6c327efc12d21c4299df7b97bf2c45840e0d83
SHA256 99b1b7e25fbc2c64489c0607cef0ae5ff720ab529e11093ed9860d953adeba04
SHA512 e0c15b166892433ef31ddf6b086680c55e1a515bed89d51edbdf526fcac71fb4e8cb2fadc739ac75ae5c2d9819fc985ca873b0e9e2a2925f82e0a456210898f9

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_es-419.dll

MD5 28fefc59008ef0325682a0611f8dba70
SHA1 f528803c731c11d8d92c5660cb4125c26bb75265
SHA256 55a69ce2d6fc4109d16172ba6d9edb59dbadbc8af6746cc71dc4045aa549022d
SHA512 2ec71244303beac7d5ce0905001fe5b0fb996ad1d1c35e63eecd4d9b87751f0633a281554b3f0aa02ee44b8ceaad85a671ef6c34589055797912324e48cc23ed

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_ga.dll

MD5 3b8a5301c4cf21b439953c97bd3c441c
SHA1 8a7b48bb3d75279de5f5eb88b5a83437c9a2014a
SHA256 abc9822ee193c9a98a21202648a48ecd69b0cb19ff31c9bbf0c79dab5f9609b0
SHA512 068166cfdf879caf4e54fe43c5265a692fcaf6a9dcbf151335fd054bbec06260bc5ed489de6d46ca3fc0044bc61fa1468fea85373c6c66349620618ee869383a

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_id.dll

MD5 03d4c35b188204f62fc1c46320e80802
SHA1 07efb737c8b072f71b3892b807df8c895b20868c
SHA256 192585d7f4a8a0cd95e338863c14233cdd8150f9f6f7dd8a405da0670110ee95
SHA512 7e67ea953ea58ff43e049ce519ae077eec631325604896479526627d688f2fa3bfc855a55ac23a76b1c9ef8cd75274265b8238423b95a2437be7250db0db31b1

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_hu.dll

MD5 f4976c580ba37fc9079693ebf5234fea
SHA1 7326d2aa8f6109084728323d44a7fb975fc1ed3f
SHA256 b16755fdbcc796ef4eb937759fe2c3518c694f5d186970d55a5a5e5d906cb791
SHA512 e43636d8c947e981258e649712ad43f37c1aab01916539b93c082959fb5c6764c9c44979650092202839e812e6f252c6c3eaf66d3d195c1efd39c74c81ad1981

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_hr.dll

MD5 0b475965c311203bf3a592be2f5d5e00
SHA1 b5ff1957c0903a93737666dee0920b1043ddaf70
SHA256 65915ad11b9457d145795a1e8d151f898ec2dcb8b136967e6592884699867eb0
SHA512 bec513125f272c24477b9ddbaa5706d1e1bb958babac46829b28df99fa1dd82f3f1e3c7066dc2fe3e59118c536675a22fc2128de916ca4c478950b9992372007

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_ca.dll

MD5 39551d8d284c108a17dc5f74a7084bb5
SHA1 6e43fc5cec4b4b0d44f3b45253c5e0b032e8e884
SHA256 8dbd55ed532073874f4fe006ef456e31642317145bd18ddc30f681ce9e0c8e07
SHA512 6fa5013a9ce62deca9fa90a98849401b6e164bbad8bef00a8a8b228427520dd584e28cba19c71e2c658692390fe29be28f0398cb6c0f9324c56290bb245d06d2

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_hi.dll

MD5 34cbaeb5ec7984362a3dabe5c14a08ec
SHA1 d88ec7ac1997b7355e81226444ec4740b69670d7
SHA256 024c5eae16e45abe2237c2a5d868563550ac596f1f7d777e25234c17d9461dd9
SHA512 008c8443a3e93c4643a9e8735a1c59c24ba2f7a789606a86da54c921c34cbc0cb11c88594544d8509a8e71b6a287c043b1ffe2d39b90af53b4cde3847d891ba8

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_gu.dll

MD5 f9646357cf6ce93d7ba9cfb3fa362928
SHA1 a072cc350ea8ea6d8a01af335691057132b04025
SHA256 838ccd8243caa1a5d9e72eb1179ac8ae59d2acb453ed86be01e0722a8e917150
SHA512 654c4a5200f20411c56c59dbb30a63bfe2da27781c081e2049b31f0371a31d679e3c9378c7eb9cf0fb9166a3f0fba33a58c3268193119b06f91bebe164a82528

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_gl.dll

MD5 84a1cea9a31be831155aa1e12518e446
SHA1 670f4edd4dc8df97af8925f56241375757afb3da
SHA256 e4eb716f1041160fd323b0f229b88851e153025d5d79f49b7d6ecb7eb2442c57
SHA512 5f1318119102fcee1c828565737ce914493ff86e2a18a94f5ff2b6b394d584ace75c37258d589cce1d5afd8e37d617168a7d7372cfd68dd6a2afcd4577a0bc51

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_gd.dll

MD5 c90f33303c5bd706776e90c12aefabee
SHA1 1965550fe34b68ea37a24c8708eef1a0d561fb11
SHA256 e3acc61d06942408369c85365ac0d731c5f3c9bc26e3f1e3bb24226d0879ad9c
SHA512 b0c1a9d7df57d68e5daf527703f0b6154a2ef72af1a3933bda2804408f6684b5b09b822522193243fd0756f80f13d3ab0647c90d2bed1a57b4a9fea933b0aa9a

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_fr-CA.dll

MD5 b534e068001e8729faf212ad3c0da16c
SHA1 999fa33c5ea856d305cc359c18ea8e994a83f7a9
SHA256 445051ef15c6c872bed6d904169793837e41029a8578eaf81d78a4641ef53511
SHA512 e937d2e0f43ade3f4a5e9cdeb6dd8c8ad8b5b50a7b6b779bda727a4fe1ced93abd06720395cc69a274ce3b0f7c6b65e1eba1ecf069db64edb80d007fbb4eedbb

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_fr.dll

MD5 64c47a66830992f0bdfd05036a290498
SHA1 88b1b8faa511ee9f4a0e944a0289db48a8680640
SHA256 a9b72fcb3bdb5e021b8d23b2de0caeca80ddc50420088b988a5b7503f2d7c961
SHA512 426546310c12aeb80d56e6b40973a5f4dffef72e14d1ac79e3f267e4df2a0022b89e08bba8ab2ffa24f90b0c035a009bed3066201e30fe961d84ed854e48f9c5

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_fil.dll

MD5 7c66526dc65de144f3444556c3dba7b8
SHA1 6721a1f45ac779e82eecc9a584bcf4bcee365940
SHA256 e622823096fc656f63d5a7bbdf3744745ef389c92ec1b804d3b874578e18c89d
SHA512 dbc803c593ae0b18fd989fdc5e9e6aee8f16b893ae8d17e9d88436e2cd8cae23d06e32e4c8a8bf67fc5311b6f2a184c4e6795fed6d15b3d766ef5affc8923e2f

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_fi.dll

MD5 d45f2d476ed78fa3e30f16e11c1c61ea
SHA1 8c8c5d5f77cd8764c4ca0c389daee89e658dfd5e
SHA256 acf42b90190110ccf30bcfb2626dd999a14e42a72a3983928cba98d44f0a72e2
SHA512 2a876e0313a03e75b837d43e9c5bb10fcec385fbb0638faa984ee4bb68b485b04d14c59cd4ed561aaa7f746975e459954e276e73fc3f5f4605ae7f333ce85f1b

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_fa.dll

MD5 cbe3454843ce2f36201460e316af1404
SHA1 0883394c28cb60be8276cb690496318fcabea424
SHA256 c66c4024847d353e9985eb9b2f060b2d84f12cc77fb6479df5ffc55dbda97e59
SHA512 f39e660f3bfab288871d3ec40135c16d31c6eb1a84136e065b54ff306f6f8016a788c713d4d8e46ad62e459f9073d2307a6ed650919b2dd00577bbfd04e5bd73

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_eu.dll

MD5 a7e1f4f482522a647311735699bec186
SHA1 3b4b4b6e6a5e0c1981c62b6b33a0ca78f82b7bbd
SHA256 e5615c838a71b533b26d308509954907bcc0eb4032cdbaa3db621eede5e6bfa4
SHA512 22131600bbac8d9c2dab358e244ec85315a1aaebfc0fb62aaa1493c418c8832c3a6fbf24a6f8cf4704fdc4bc10a66c88839a719116b4a3d85264b7ad93c54d57

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_et.dll

MD5 b78cba3088ecdc571412955742ea560b
SHA1 bc04cf9014cec5b9f240235b5ff0f29dbdb22926
SHA256 f0a4cfd96c85f2d98a3c9ecfadd41c0c139fdb20470c8004f4c112dd3d69e085
SHA512 04c8ab8e62017df63e411a49fb6218c341672f348cb9950b1f0d2b2a48016036f395b4568da70989f038e8e28efea65ddd284dfd490e93b6731d9e3e0e0813cf

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_es.dll

MD5 9db7f66f9dc417ebba021bc45af5d34b
SHA1 6815318b05019f521d65f6046cf340ad88e40971
SHA256 e652159a75cbab76217ecbb4340020f277175838b316b32cf71e18d83da4a819
SHA512 943d8fc0d308c5ccd5ab068fc10e799b92465a22841ce700c636e7ae1c12995d99c0a93ab85c1ae27fefce869eabadbeafee0f2f5f010ad3b35fa4f748b54952

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_en-GB.dll

MD5 d749e093f263244d276b6ffcf4ef4b42
SHA1 69f024c769632cdbb019943552bac5281d4cbe05
SHA256 fd90699e7f29b6028a2e8e6f3ae82d26cdc6942bd39c4f07b221d87c5dbbfe1e
SHA512 48d51b006ce0cd903154fa03d17e76591db739c4bfb64243725d21d4aa17db57a852077be00b9a51815d09664d18f9e6ad61d9bc41b3d013ed24aaec8f477ad9

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_el.dll

MD5 ac275b6e825c3bd87d96b52eac36c0f6
SHA1 29e537d81f5d997285b62cd2efea088c3284d18f
SHA256 223d2db0bc2cc82bda04a0a2cd2b7f6cb589e2fa5c0471a2d5eb04d2ffcfcfa0
SHA512 bba581412c4297c4daf245550a2656cdc2923f77158b171e0eacf6e933c174eac84580864813cf6d75d73d1a58e0caf46170aee3cee9d84dc468379252b16679

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_de.dll

MD5 aab01f0d7bdc51b190f27ce58701c1da
SHA1 1a21aabab0875651efd974100a81cda52c462997
SHA256 061a7cdaff9867ddb0bd3de2c0760d6919d8d2ca7c7f889ec2d32265d7e7a75c
SHA512 5edbda45205b61ac48ea6e874411bb1031989001539650de6e424528f72ec8071bd709c037c956450bb0558ee37d026c26fdb966efceb990ed1219f135b09e6e

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_da.dll

MD5 d34380d302b16eab40d5b63cfb4ed0fe
SHA1 1d3047119e353a55dc215666f2b7b69f0ede775b
SHA256 fd98159338d1f3b03814af31440d37d15ab183c1a230e6261fbb90e402f85d5f
SHA512 45ce58f4343755e392037a9c6fc301ad9392e280a72b9d4b6d328866fe26877b2988c39e05c4e7f1d5b046c0864714b897d35285e222fd668f0d71b7b10e6538

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_cy.dll

MD5 34d991980016595b803d212dc356d765
SHA1 e3a35df6488c3463c2a7adf89029e1dd8308f816
SHA256 252b6f9bf5a9cb59ad1c072e289cc9695c0040b363d4bfbcc9618a12df77d18e
SHA512 8a6cbcf812af37e3ead789fbec6cba9c4e1829dbeea6200f0abbdae15efd1eda38c3a2576e819d95ed2df0aafd2370480daa24a3fe6aeb8081a936d5e1f8d8ed

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_cs.dll

MD5 16c84ad1222284f40968a851f541d6bb
SHA1 bc26d50e15ccaed6a5fbe801943117269b3b8e6b
SHA256 e0f0026ddcbeafc6c991da6ba7c52927d050f928dba4a7153552efcea893a35b
SHA512 d3018619469ed25d84713bd6b6515c9a27528810765ed41741ac92caf0a3f72345c465a5bda825041df69e1264aada322b62e10c7ed20b3d1bcde82c7e146b7e

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_ca-Es-VALENCIA.dll

MD5 2929e8d496d95739f207b9f59b13f925
SHA1 7c1c574194d9e31ca91e2a21a5c671e5e95c734c
SHA256 2726c48a468f8f6debc2d9a6a0706b640b2852c885e603e6b2dec638756160df
SHA512 ea459305d3c3fa7a546194f649722b76072f31e75d59da149c57ff05f4af8f38a809066054df809303937bbca917e67441da2f0e1ea37b50007c25ae99429957

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_bn-IN.dll

MD5 a94cf5e8b1708a43393263a33e739edd
SHA1 1068868bdc271a52aaae6f749028ed3170b09cce
SHA256 5b01fe11016610d5606f815281c970c86025732fc597b99c031a018626cd9f3c
SHA512 920f7fed1b720afdb569aec2961bd827a6fc54b4598c0704f65da781d142b1707e5106a459f0c289e0f476b054d93c0b733806af036b68f46377dde0541af2e7

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_bn.dll

MD5 7dc58c4e27eaf84ae9984cff2cc16235
SHA1 3f53499ddc487658932a8c2bcf562ba32afd3bda
SHA256 e32f77ed3067d7735d10f80e5a0aa0c50c993b59b82dc834f2583c314e28fa98
SHA512 bdec1300cf83ea06dfd351fe1252b850fecea08f9ef9cb1207fce40ce30742348db953107ade6cdb0612af2e774345faf03a8a6476f2f26735eb89153b4256dc

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_bg.dll

MD5 8375b1b756b2a74a12def575351e6bbd
SHA1 802ec096425dc1cab723d4cf2fd1a868315d3727
SHA256 a12df15afac4eb2695626d7a8a2888bdf54c8db671043b0677180f746d8ad105
SHA512 aec4bb94fde884db79a629abcff27fd8afb7f229d055514f51fa570fb47a85f8dfc9a54a8f69607d2bcaf82fae1ec7ffab0b246795a77a589be11fad51b24d19

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_ar.dll

MD5 570efe7aa117a1f98c7a682f8112cb6d
SHA1 536e7c49e24e9aa068a021a8f258e3e4e69fa64f
SHA256 e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01
SHA512 5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_am.dll

MD5 f6c1324070b6c4e2a8f8921652bfbdfa
SHA1 988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf
SHA256 986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717
SHA512 63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\EdgeUpdate.dat

MD5 369bbc37cff290adb8963dc5e518b9b8
SHA1 de0ef569f7ef55032e4b18d3a03542cc2bbac191
SHA256 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3
SHA512 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\NOTICE.TXT

MD5 6dd5bf0743f2366a0bdd37e302783bcd
SHA1 e5ff6e044c40c02b1fc78304804fe1f993fed2e6
SHA256 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5
SHA512 f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe

MD5 60dba9b06b56e58f5aea1a4149c743d2
SHA1 a7e456acf64dd99ca30259cf45b88cf2515a69b3
SHA256 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112
SHA512 e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7

C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\MicrosoftEdgeComRegisterShellARM64.exe

MD5 7a160c6016922713345454265807f08d
SHA1 e36ee184edd449252eb2dfd3016d5b0d2edad3c6
SHA256 35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9
SHA512 c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 b08f0d0d7e0f5cc7c4f315c72910ae03
SHA1 f39fda8b277246c21a77fdb72d5193765ca28a61
SHA256 a1bb69103b337134ef3d6c03e2da5627defe8c3288ccb233f8191348e9ff5688
SHA512 74bab3005a4a13e787f46b28c7b9758f93d865005b81fa76974629012d30e4564fb1a4265d737698e60d5253edbf94097cd9f52d0a014530320ac65921d3b56b

memory/4688-493-0x0000000000D50000-0x0000000000D85000-memory.dmp

memory/4688-494-0x0000000073200000-0x0000000073410000-memory.dmp

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}\124.0.2478.67\MicrosoftEdge_X64_124.0.2478.67.exe

MD5 dabc3160a804b9fadd89ceb0fcecf388
SHA1 b52f15e866a18637683bdf0ea4eaa326b787396f
SHA256 53eb39a92ee0d2eb94f6d33c015097bddd9cfe5c4129d3ac9a9facbfb5087bfe
SHA512 74fc0f21d7cf99e07c079224e2af8a4a51bff98a97bc471cfedfbd3a28d3ee681fbd63fa7239948c3c0bf4f9af56dc582dd128f8c08b54cb73389e85f949f431

C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat

MD5 91d81a7c2e62b801e3bec6c5aabec5be
SHA1 088c1797c55e4a3a09b20851b5d62ef412f8797c
SHA256 a7b9df14f5b6c90db7dbf440550fe0579838e697c956d9e1eaaec38a885d1135
SHA512 d4d5181450128b8fef38497723c4a39f74e2193fe81af0c5dad6693573db8608c453272cbf971061490176185fa76e7f8c3f08a2e601dc839691c4e5b7d45802

memory/4688-522-0x0000000073200000-0x0000000073410000-memory.dmp

C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Installer\setup.exe

MD5 c31297188ec9fbaa60449f769339963e
SHA1 8502d9e0cef18137529f0a46ad6e69a1577e6cae
SHA256 2e2eff110475dd3dfd732ab514e4692032e67b2d228d0081634a87f45cde5ff9
SHA512 9525e3e08b953fe36270c7b4868959e9bded055c5577e5ca94d79606b671e6660d180f763b54a276bf356e82d7073901c373e0b40cfca924cc4b38384c20e22a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bc3158c0f918593e75dc3a1b90a7d822
SHA1 3ea1f9f603fba822bae44a8c9088d4dd60647d8a
SHA256 f97990b1b41c072598821e41a05f2ea6e1ae169f13a3323435bf3f4ea9aae9a1
SHA512 d90eba46554a499808e0eee2ebf9b60e1a2c353a1293c51d4c114504a3319378f3261d3c22d8403fe1ccf580b83eab561362960c905188d416d9d5f1527a6c4d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 cd20125da8b1b31ff6191fb4ef6ca297
SHA1 e2ec82956f12a2ea00ffc9c0b366f9121f213055
SHA256 2d4b08ed86c965ae597238be3aa0e944d7385baf049826c8e6ffe9a5f46220aa
SHA512 2c5f0b3b6c24828c0d8b86c36fddc26b843a512e90b7f7c23b75fdc6e0288b053bccfc867b0621954f813c4aa169df399037b72d00e60dbe6223c777a2c2d65f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d0e75b526f80b069cfe6352dfd8cda65
SHA1 086ada6a7be5180285904c0ee7b040246e5c16fc
SHA256 3e8cdad4a99d89ede6063b738b5594f6b2d8a21925f76ae49e33f20170472881
SHA512 0e107858a67d67ab2d581b5604d846639c6405895dad85d24f4da1e53161a02a96769e97bd64d720e5efb32776ebe31829dde9a4ce52f4d770236c0158061b87

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 fc98904ec073e5a336f3a98196c7e901
SHA1 1f7678be51a3d78e30219e699a2d1ad2cb535ba0
SHA256 7bdb706cd1af204d6ed48c2d75f21d0311668ace6c0f9bf8923c55087795f258
SHA512 baa409d008ea2bb4eb77e68532931ec8abedda1e8d9e3f51809cbeb5a256c5b8b5d6522d8c1de165f348bf446dbb22a14f155bfea1c8f7ef99892c1f8dda0dbe

memory/4688-850-0x0000000000D50000-0x0000000000D85000-memory.dmp

memory/828-855-0x00007FFB1F910000-0x00007FFB1FD12000-memory.dmp

memory/828-858-0x00007FFB1F910000-0x00007FFB1FD12000-memory.dmp

memory/828-857-0x00007FF633A70000-0x00007FF634A70000-memory.dmp

memory/828-856-0x00007FFB1DF70000-0x00007FFB1E4BC000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fdd12bef1f2b4e7458382387cd32d8a9
SHA1 306ee5fedafe403f76e534f00e1949e136a5d50b
SHA256 44c4b9e821168705ec81184a744a441837a2d0c972502d72462436629203dc35
SHA512 4847d8c2b38011e0cebec7a49bcca2b4bc4958cbe77a707501aeed9acc92f32d7a3c3fbf6299167763dcf2124d0679fa727e5ee6675d3b37f8d4fa88bc8b5877

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 245d4af56589ff0e46a9bfc9d86489db
SHA1 f54cb6d7047f4e7a17e1354d6922683c5dc14ea7
SHA256 05f8430ece2b9a130aaa51d427f3b23bfdcdc1ab81e97f0b3b551141a7a71b3e
SHA512 4676d4cfddc09ffff5d2344728e804405197f2a3067f7a71a44515e6b049a5d357c8b5041d1624778091eb0faccf071cf2fb99d86815fbcb481ddde49891c428

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 3f0e017342133764a11504f22af580ee
SHA1 62a6543b077ed523e7d8436850a2068c02b03beb
SHA256 5238a28de3577ca46007946c92475cf9962123cb51403d275e11633bd1af1093
SHA512 9e65a9776c11cc0f437ef0988144bdaf9b9e51c741f2b194c6bd361a082cf4f9a385e8a6dc961ad4f895b1f546d0e89455572095c3f475358bc0d9c8c75ed156

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 a6aab5f4983a468a4b2ee1f91161924d
SHA1 e784baa1f4db8eabbbb759d5dd9c50de4657b305
SHA256 77020cdfefb9299e26e5d5c081b22fa62b090aa00a086b0e2c4e76680897c472
SHA512 904513b46f8e1468f52a34c95b262416d03d3bd4ba50ad50bd7afc3f699dee0f2823ec7d2ce2a6124a5c0d809207978a5071f5af981e1302297112b09809757c

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GraphiteDawnCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GraphiteDawnCache\data_1

MD5 d0d388f3865d0523e451d6ba0be34cc4
SHA1 8571c6a52aacc2747c048e3419e5657b74612995
SHA256 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b
SHA512 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GraphiteDawnCache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

memory/1540-1001-0x00007FFB41DF0000-0x00007FFB41DF1000-memory.dmp

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GrShaderCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State~RFe59aa9e.TMP

MD5 c10c609bceb6d030c0fc5822858db60b
SHA1 96e04f901ed6f93da3ba5bb2c493a9b3655c378d
SHA256 f3406a28758850c408849a7afcd283ccbb7422fcff4f05c3ca82b0572487e949
SHA512 4c2f07a6eec00cf2268ca390cdb63a24c85624b385b42e6c600c98250903899fbabcc2167340e91d4942dca022da8c3f4cbd695a7858cac32d2707ac11198cbc

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Extension Rules\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Site Characteristics Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad\settings.dat

MD5 f18d5d8346c5a1259bade97ba50d513c
SHA1 15e5d714fafd055aae1e27dd769a46d98b3075e5
SHA256 2cd0593fc507bd38f684fd5ac7d5e0a1a852c55c1143d7ff9a69651ff26c299b
SHA512 19cd3e4d0e6d17a205f7c36d89b4754abcbadfa9d12f8ff2ad75ee5918d31c5e6bef22a43d74f2e08daf4841a63d260d16522774f19f53cc557d3a5da73f420c

memory/2136-907-0x00007FFB41DF0000-0x00007FFB41DF1000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0d823a340eaeaf7e3f9a0ff43ca08c73
SHA1 d3a1ed9afb482616884a508d6a1a503253003873
SHA256 a1edd171a7d51d2f7ee927b4fe30bcad8e49d5640deaa452b3602546f77c1478
SHA512 27bb491caa7d15272665511195cfe38ffd2bc16c4f23cea79381d212e489e6584f48ad218d49cd1ea79b65d4742578d5fd84a8b1e405e84692714873ea9355cb

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 de8f09449c7e95a3f0f655db6124e3c8
SHA1 8241c78d866d14af8048ce6ba5f6edcfd82ce46e
SHA256 5ea58392c760e159ce0daafe6bbb7d37da34f4789550cd0cbe38cb7af04221b0
SHA512 4fc9b68ac4c6bb64f358de1757520cd4a6b3f170657e06fb80c4b00f19d30fe1eef48fc4c2307acce6f903597b03593aa4411223268f72fb195d78dde436a05b

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity~RFe59fd52.TMP

MD5 2e58d506602769d07b6d4035fb896135
SHA1 d562168952c9663ca8b23ba9e759d17f7325927d
SHA256 63e50e5c52c6bb4f8c71be82386632b3103c6f6ed67f660ae797cf8eb06057e1
SHA512 fef051f749a4bbc27f572b159569b85f4cb27e0160ecfcb5363add52eac8da926f81cabd5d16daf081ae44f5507122e36af89b4720faa6c5d0684fb017feb128

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity

MD5 47e80e9114a2ecb2f0de16b76781f88e
SHA1 afe5f934204d323c2868b7fe67afc94523424b48
SHA256 127062d96de8948fabd82d039df75686ef66cfb30cb8f5ece7bb8af3160de212
SHA512 16c56495d91461c9a9d39274a6a56da413b5796e4ae311a9af9b4982641ff7548b6568a86c12f95f7fc77e476883ece1087c089c80153995bde8335e3fe41c4e

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index~RFe59ff84.TMP

MD5 175c57e94b7e52c4ef6fc25902d5dc63
SHA1 067fc4fe43cf234b0d75ab6f6b833c106b4d2bdf
SHA256 1fc416291fee951a3e24e54af7869aa51785ae176b5ee80e82287a039d20432a
SHA512 950ee3015bcaf93fb4b6b365c6175646d5268426cf1ba5fe38e5afd979248c909fce9c8b655d3e76fc7f57552e79e402d2d07313fba31761ae696b286049fdf6

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index

MD5 737cd8a59e16dc3504bc1efb479f6003
SHA1 9278a11598b1613fe9f9e259a77a933b1b9d2323
SHA256 a56ee32f5abba4be3071717fa8a3aa0de0f8d7733271f0f4711369238b9777b7
SHA512 0eaeab4af190cefdeba1beb58b2a71e29522d45bfb2627ca04a1187170e2ff60cbef4c1b8407be36c55b4b1d03fd3024e34e7cf5ec636328b1473670938e8e7e

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences

MD5 b9023aa2e0521b432b72371254eb1a26
SHA1 98cdb1fcbfde47a6a6f56fb3a00dd20f36d9510f
SHA256 b5e48f351d51b9c18ee281c7eb7a018164f4a96ec649db57676e42fe13f67eaf
SHA512 7cad51782b757268bf35f0313b797f443d6f17893f0658b8f3bf0f5237b592d189825000d130b92f810bff29a5bd285680c2f4ebf71ab820ea9414013def13b7

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences~RFe5a0531.TMP

MD5 3b721cebeb8b3884ea046ad42e929061
SHA1 0cb2cf6f57bbe36f403484ad0c5c9554b1c23e50
SHA256 e2fa0a65e3be2945111c3644b11e5c3827c5ed1fe5969f64dd82861b87a5f626
SHA512 fddf7bf15cb3322f9ec49bfac9bf544f3d0fab0e37e466a17cf7fc7b698e325d7b57e095b7c4032ce08117f98d0269adec0bd589120ee373d67b10fdba9ad29a

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 0027357c266910d9c79338565f695ac4
SHA1 4e00caf2315d7fbb0b457991492197a56fbfa1e3
SHA256 e5ce00e2329b76c8a9a3c51882c3746317853e691f3a877b8b1cba78bc0f7033
SHA512 0c9664a956547890ab128894b99ba9c62196f62d1707078e237ead780e2998a0da927282fea7c149a7eab7d82baddf2825f1087268131c2630288879334e1b01

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences

MD5 f456e4829a3e6348430f8dd7ffc0c79f
SHA1 8752dc4ae5d29dadf6f70b85a242c455178b8aeb
SHA256 023ddf9f322537d0102b8e8b6815366519ca863a5416bcc475a0fbaccc06af9e
SHA512 9dfcb567a159cd5cac52a4afe4829124c349f014090555c83788eefed277bd8aacadbd181a85a14882d799e4c5bc5c15f9162a9753b4999821342ef8a55b1276

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\Network Persistent State

MD5 181be7c83dfb98d644fd8915b9383982
SHA1 67be79723df238b18ae54704da1d7a0bc6096edc
SHA256 0056cadfe424863c0ab44a8d5b5122c599ab17ff3ce20be839cb6add775dc359
SHA512 3989d5aa4360e59a25c694dba6f87572b90dc3f1d0527dedbf943b9ac434878f2906d391f59252e1240fb38185846e3d513d09c207ba913394e60a9a88c2d372

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\Network Persistent State~RFe5a3a5b.TMP

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity

MD5 9047a97c913a3590f5e097899fde7a28
SHA1 b8bc52c6aa96f8bd65a5dc4419fbe31c351556f1
SHA256 7078a52a93a16a74e7af9e27f9666b6db534751d47a776200627ef8a4358f85a
SHA512 e27b8959b830e4dac4b87a1578e6edcb6e7c6d98eb2ea33e340004c1cd91ff0af2b5fd1a0099e7715bc1552dfebb2bb9aa2053fcbea87910bf15e4d5d5ab7476

memory/828-1507-0x0000013923C80000-0x00000139240C0000-memory.dmp

memory/828-1509-0x0000013912910000-0x0000013912B10000-memory.dmp

memory/828-1516-0x0000013912B70000-0x0000013912B71000-memory.dmp

memory/828-1517-0x0000013912B70000-0x0000013912B71000-memory.dmp

memory/828-1548-0x0000013924150000-0x0000013924151000-memory.dmp

memory/828-1547-0x0000013924140000-0x0000013924141000-memory.dmp

memory/828-1546-0x0000013924150000-0x0000013924151000-memory.dmp

memory/828-1545-0x0000013924150000-0x0000013924151000-memory.dmp

memory/828-1544-0x0000013924150000-0x0000013924151000-memory.dmp

memory/828-1543-0x0000013924150000-0x0000013924151000-memory.dmp

memory/828-1541-0x0000013924140000-0x0000013924141000-memory.dmp

memory/828-1540-0x0000013924140000-0x0000013924141000-memory.dmp

memory/828-1539-0x0000013924140000-0x0000013924141000-memory.dmp

memory/828-1538-0x0000013924140000-0x0000013924141000-memory.dmp

memory/828-1537-0x0000013924140000-0x0000013924141000-memory.dmp

memory/828-1536-0x0000013924140000-0x0000013924141000-memory.dmp

memory/828-1535-0x0000013924140000-0x0000013924141000-memory.dmp

memory/828-1534-0x0000013924140000-0x0000013924141000-memory.dmp

memory/828-1533-0x0000013924140000-0x0000013924141000-memory.dmp

memory/828-1532-0x0000013924140000-0x0000013924141000-memory.dmp

memory/828-1531-0x0000013924140000-0x0000013924141000-memory.dmp

memory/828-1530-0x0000013924140000-0x0000013924141000-memory.dmp

memory/828-1528-0x0000013924130000-0x0000013924131000-memory.dmp

memory/828-1527-0x0000013924130000-0x0000013924131000-memory.dmp

memory/828-1526-0x0000013924130000-0x0000013924131000-memory.dmp

memory/828-1525-0x0000013924130000-0x0000013924131000-memory.dmp

memory/828-1524-0x0000013924130000-0x0000013924131000-memory.dmp

memory/828-1523-0x0000013924130000-0x0000013924131000-memory.dmp

memory/828-1522-0x0000013924130000-0x0000013924131000-memory.dmp

memory/828-1521-0x0000013912B70000-0x0000013912B71000-memory.dmp

memory/828-1520-0x0000013924130000-0x0000013924131000-memory.dmp

memory/828-1518-0x0000013912B70000-0x0000013912B71000-memory.dmp

memory/828-1515-0x0000013912B60000-0x0000013912B61000-memory.dmp

memory/828-1514-0x0000013912B70000-0x0000013912B71000-memory.dmp

memory/828-1512-0x0000013912B60000-0x0000013912B61000-memory.dmp

memory/828-1511-0x0000013912B60000-0x0000013912B61000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e1f1d96b68e3261cf312b541611c5539

MD5 3adb865c801399c412bc73840d3d8241
SHA1 267f8332eb7486bccd7a6730cfb4f5c2152b11c0
SHA256 10fb505b7ce30ce4bf5582248b17dd47f6a39635007bb77dc5d16b963baf9905
SHA512 609793331ce25c6667067b3616791f3ece470500f797343178948e4b7af18f275fdde226f542610d957b397651e12191aed58dbb88bc1c59eff4625e550160a5

C:\Users\Admin\AppData\Local\Roblox\4155035591\InstalledPlugins\0\settings.json

MD5 30c7b2bdc35c650d2b65150241646816
SHA1 94d466a5f5159784155b6adcc9555bfdae4710c6
SHA256 0784d39379f0a4f971777844ba07550aff31a3d5e32ce1d1eff6f4c7d49b90b1
SHA512 8d51ef924b6c8f46a7ced69f188f2ea583ef3feb7fd84f51a8af8810c51e5099052e2c1513f15ac6fb83fecbef8c984fb4e124ff524c2b20a437943dc127465d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

MD5 c9e90f55afd2efab58fb014cfb0f479d
SHA1 a17fac9411e865b1b1dff38ede10ec7e6a61923a
SHA256 86037f2d58cd77fe3f22791cf411cf7ed449dc36a2686049217f94f7756f88f1
SHA512 85e6a097940beebcc624df47262f9fe2ccba75737f91be6918d44b2081a2a599551be2420bd60aa82556aaa2aa032cdca8e881beff2e61c68cf65772c1372a54

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

MD5 8a032debb86142493319489f851d866c
SHA1 ccd11d0801056806727155a3a8aae9630b49fd65
SHA256 48d5b273974563856fa91171e899ccdad8e2ae8a08d8c99c4460b5c88ae75719
SHA512 d310d4017b0a7c9fedf4061641e95eba5807bf509042daaa50b96f715c451d688d427954aa366da420dd9607787d979a8e2b6302302096f8589a5d3f458ece9f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 bb00548405ffd7163c91873b7268ac94
SHA1 f4d42c296bbd540aecd640f6a39284e9d56cb4fe
SHA256 b894c9dad8df7fe247018f8d8345b7b294d9b247efd5717ac48102a72328ca4e
SHA512 92b6cf17d8cdb2b7e8e7817b5f260ac8b61f8ce7aa4cac1e69c3d6b86b1811c225b0c0df7e616c5e1f021b42b9a792b83e9b48d811416daaadebd0f612ff94d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d4775dd15a92d256aadd434eac2ea948
SHA1 c945839e8e8bb094f3d15b50c88f6517a0a4861e
SHA256 214aba49574eabe6310df08c50dabf3cdf0d66eccbf70af4837047e79b4b71c8
SHA512 86191deb0eb66384fa9e2c8724a3d20b52dceb64d1bdff078c847ce8f26a6cd409cdff85e85816044d2aaca03a60fecbef93679e206769596372195a6c21d843

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fa01917db83cb3b1caf7a2f5fb15ae4d
SHA1 4389204ac21082429d8be0fd80d72f319fbfe031
SHA256 565331ddc51e94dcbc443ce5efe3f6d0476f53b2dd6cb6ac8c1ac1b209ed43cf
SHA512 c5f14ffc06628526fcb14a6d51baba0dc3057671edc0fb573713b00c1c20da17c1a1405cc8cafe16610ceff071b212bc0293e4f4f55e094ed769be7a413d9adc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 96e18a916f4598eae22eebb93e93e6e2
SHA1 446dce387440244d1d024d754e309a51c412af10
SHA256 dd7eb24cec65b723a35740d59f5298ffabb3d49b5423c9212ee50429afa34334
SHA512 70bc8eb1c9fbcb487b96cf6605e5f3ac6f8460301ef7bd968c2c3244f581ecb245ba275bbe35c31bb8dd1cec93d476d0775c726dc2973e592dbdab61ae976ade

C:\Users\Admin\AppData\Local\Roblox\OTAPlugins\Downloaded\OTAData.json

MD5 7a39cae24c1d13e38fd10bcef98c80ce
SHA1 58d8a40b4d16215399749b563ba610c5cd3e4159
SHA256 72de5cd3124d642aafeb64a4562c31204bb506a5c4fe37de302849aef41f0d40
SHA512 8f51f5fe9890099039ef275e5148299a87bcbbc1a9aab5c279105b96efd795ef445803b4422060964b3b010c180c9b4526c82f84433669e4e365812f9642c80e

C:\Users\Admin\Videos\Captures\desktop.ini

MD5 b0d27eaec71f1cd73b015f5ceeb15f9d
SHA1 62264f8b5c2f5034a1e4143df6e8c787165fbc2f
SHA256 86d9f822aeb989755fac82929e8db369b3f5f04117ef96fd76e3d5f920a501d2
SHA512 7b5c9783a0a14b600b156825639d24cbbc000f5066c48ce9fecc195255603fc55129aaaca336d7ce6ad4e941d5492b756562f2c7a1d151fcfc2dabac76f3946c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7f9647fd1ce5d57301f203be3ceca2c1
SHA1 5c11eaf7e8004fdbef16a284ccb5295c5f5c884f
SHA256 a7c0d5585351298e24e5fd05af3430d93c62ceac54362594b82c18ed282f2f70
SHA512 ffdc035a9722994e275d64294e08c09b0ff4528cbbdd5134118e9d65964c472b6ce6f7e62b44e637ba88249203a9f14c708372d727d1f9aa60b21b6ac02affa2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 6eb7805739ce5f7d6f42037825be7ed3
SHA1 bcc90e4804dfcd7229b1b6ea67eed0eda16761cb
SHA256 b8d831c581fea9c414febd99630d68f5b6f11216323076495bbc216db9d8cc19
SHA512 6df5badcf29d85fc8e1b394a2ba002830c3ad0310555c50ec1c8ada01826d25c794153178457983af1b5a1e4d477d0b5076b7390e20d674c75b33f8a08ca25e2

C:\Users\Admin\AppData\Local\Temp\Roblox\http\5d34a1f5416fdc978c6e0c7edc7d67a2

MD5 c76ac26f80988d0fcf03874d625b86af
SHA1 b04a5e95018f8eca571daa4077e66626b9ba0de6
SHA256 3dca66141315cdee30f7604013deab2fcc1dd74af93f9630fb700b7606f531ab
SHA512 23ba1357212eb135ad87fcbb81bf73fcf2e189da34f08ca1cccd40d763a856e9ca8ce5514af395caeefca2b0dd3a6fe3b8d43e060c5baf5139fb357fedb90a59

C:\Users\Admin\AppData\Local\Temp\Roblox\http\0f10b6865c21c904e29f52a54a31f37a

MD5 38b25c1089062288a7a9a8876138e465
SHA1 d7dc1955cdabe9a50ef4f6b345c9012e3efeb56c
SHA256 e39aceee4952e730f1a101894520b046ff21156ebc79c0f8e070e87af20fdd29
SHA512 198469bc9aa03de2c29b322cee7714a67b1b421a8fb0b6ade7148f54fb5ea0a37f6afe5e80f052f41815174363ca2b2dc8395534c624f0f87d2f7a0e9d773dd5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\ceea000e430b7c9714bd62a61ef5eb0d

MD5 e6bf3b994b7bd85aa47c17406d367d2b
SHA1 b18be2803acd9576aaa72bb19116b09680f0cbd0
SHA256 92638ea5cef2b20242923fd21757df86c8c434ff12243d480250364b8480f2fa
SHA512 3e207bfe1b30c981fb533971769a4051c0c87ffbfcabc012606ec939c5b66f2bf59cefeb85c2b903856d6396584b2c96472965c11d90d6a1ac9f59b29cf3d664

C:\Users\Admin\AppData\Local\Temp\Roblox\http\a1aac6bdbb2642f3f23fbed64d042c3f

MD5 2c65a49f36fbe81aed88d7626a0112e3
SHA1 832fc429cd021f288f5ef9531e7dad6c9c6507fc
SHA256 eb8f138e67962a5c7db64722b78454da2e3c3d656ec8d72c9bec566f10a942de
SHA512 4fe7c7a7e439f6b43bc13af9291994ff913fa65ab1d77f162c97b18ae505b1c46ffb2c9236b7c9010580b095526a58204bf182aa5d476e3d0a006b2ca450d181

C:\Users\Admin\AppData\Local\Temp\Roblox\http\0cbacc9a3c6aa07deb13db83f658936d

MD5 e3690a37568ee9fe7f191a17a47e2146
SHA1 476c939e0ca065001820946509e36ac2842fb1fa
SHA256 b8da756d34febd98745815e7ee643c49dfdf1adeece7fbdeda22487c06472f28
SHA512 c7b777cb3616fbe210b58c1e2395ffb378ffb36c2fed3af8c634e7d39667b9b433386d1a284f936a1d4e10e76c7a678e97216fe801cf95a0fc3fb313fc4514a3

C:\Users\Admin\AppData\Local\Temp\Roblox\http\8fbe2ad68bce1f4933b291c365e04e75

MD5 d6a9f27b18ba6c1cd064cfee32420a8a
SHA1 3eb4fe70132f76c96bf7f951070f437ba176fc40
SHA256 612baaa3a5eeebe00562f3ecd4490073f3313811613ead2948c1626128191506
SHA512 1126e9b53315742eedcb4e28bec6330c03cbeff2d311c9bca1e8280720ded31b6ad7f4f4b6899aaf23656ec46b19fc2ea6566226c1fbb1ded1c3790832d9fc1a

C:\Users\Admin\AppData\Local\Roblox\4155035591\InstalledPlugins\0\settings.json

MD5 eaef4b677b2babd4fb7b29da0f065bf5
SHA1 655dc02137cacabfeebb0705832c3378062b1598
SHA256 c5a33fdff10981930005746e120f5cab8bd1321ea949ea5cd1b2e34a88f7aaf7
SHA512 7ddab6aac206bbd23350667487335e674466d66b3f0c425ec3789a62749bd6073eea1e1f5785ca539a0b7e0bbd8a83605191508d97c8280644088cc7d8161aa3

C:\Users\Admin\AppData\Local\Temp\Roblox\http\1a1d7a8fb35b007494a82bd5304ba1e9

MD5 2414d644ab2dc0d3c58d8546b4cd7ea0
SHA1 77a854549c69f719657f5d404ae9391c705d88f6
SHA256 28be75fd24c5225fe212cbece08722d92c4d2816e5c3a0051294826a5fe79458
SHA512 02bc18971dd372438e6f93b0db0e29a2b647b7e1acc5e8d8321f73857b746c5523e7c720ddadb96363664fd5652c30d5e396f7128813dfc0c30fe7ea4086a229

C:\Users\Admin\AppData\Local\Temp\Roblox\http\ac0ab8f16fbb1afe5c7b089b5d5698e6

MD5 5bff0b6da657e8e4ed652a4a5faf57f6
SHA1 ad49b5a7c4734d26061b0eea4496fc41949bc5b2
SHA256 c80ae50ae40768b21e62b593515865bd729b4c0712a006cbaf374a66f14f956f
SHA512 146a0ca1c20471f2921f1c911692223b77c4f528f2de47da9df54c1620242230998b86be05b436a725e64665a008cfc21715e114fb0fd1b9e0786288ad20ff24

C:\Users\Admin\AppData\Local\Temp\Roblox\http\3e2504bf31b5aa0ab48a8ae5f1dc5f1e

MD5 6abaefefcacaf36071c43e9dc51f1bda
SHA1 a562a7fc46cec9c90e86fa570267864ef2249a20
SHA256 55941590b6aff4d570b3531c493c14c46eb687ed9e4de19200de1681987f75ae
SHA512 5fc4b6db68c03630673789ec5f5d017709e5a9011f25575c0e428f4a21c30e1f6664faa9e4ed456ae79c7ea0fc45db30b8d45ad9b4e2e94f49b27c50237872c3

C:\Users\Admin\AppData\Local\Temp\Roblox\http\cb8a45c1430998ec1304e4c79176816a

MD5 933b1f5dc544d9868d257d80e517c112
SHA1 a8d55f9cd5f79ef7f6fa1ffb229d8bcfb30ce348
SHA256 51a66f59fb6018efd308234879746581b50566d967cf1fbf63fd3fb6917f1295
SHA512 6e03ebecd629ec937171a7a2d11a88c83c0267c0f153b86194683fc967f0e1c827e6393a39af735813a1cb3fe2297cd6582d2f7578355e797a5152dd92d6e600

C:\Users\Admin\AppData\Local\Temp\Roblox\http\b80d47fd48f8d137ca2aca87e1d00059

MD5 7dae317d3e65c483f462a48cee3002cd
SHA1 330c91065d277740b721b723ffae4e5511e8da2c
SHA256 ad244e68f3ae289677897bd171703b8ab65bb03b17621b3c8f61594b906f8b78
SHA512 966a981204a7979932981d8870704fbe3d4afc2a0306cf149117eeb30a54debf852c8ef04fda90fb2d1d1261daec60db390a4c9b9fa77740d14171335384ecc9

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e0fce80600a43748c6cbc0ac23f6cfa2

MD5 3bf49259291542dfee0f89d587c177f1
SHA1 22328c74fce75f7918f6c4b3ca5ad9e1921db437
SHA256 971101824fc41a26f9b1386d72750a69298f4725f266edb3c93b21f9600d2916
SHA512 20366e5775f42da8e313d67ace54bed3b2a010a84d9b3422276a8b544186345683c00663ce4f541c9890f906344ca3400015bef988d4ffa7dd4bf1c38161e271

C:\Users\Admin\AppData\Local\Temp\Roblox\http\0d8b0fd3715ff57ba968ae5740d39a12

MD5 a3366bed53be5f4fed574fc819a07072
SHA1 a79b59561cf06c8a209fb701567a67376d83924d
SHA256 ec5c1697be4eba9851b9a413c13e1a94f9846f6dba1d8d0fa33e1ca7292e8030
SHA512 f8424133bac79bbf7547bf7076cbaf0bd0767f220778275c36878bb982bb69bfe64aede42d67c9db009047e66bcf5eb9604205f6b0aa9a801f6827e2034399fa

C:\Users\Admin\AppData\Local\Temp\Roblox\http\175af5595dfe9780b5b7b10ecb943336

MD5 0c9078c249c45630688d2af7e0574c25
SHA1 8fae18c0c69cf3a58abddcc9a55fba6d81aca2b2
SHA256 b0e7f0945d5de86014379ede1d9a9528a8c944534ab33e58c7b3be1b5706500e
SHA512 24e0cfdac58bc3714541bd39f6992bf0a4bd4c47e492edc40b72d045b4f06573d582d9f4e50e0c23f964ec678d857752caeec6a65ef89b70e2ecbefe749b21f0

C:\Users\Admin\AppData\Local\Temp\Roblox\http\fcbcf8ab7914469e06c8fa6ee80f2201

MD5 958ad6c1423022b1905d452d8772d16b
SHA1 a1c5aef3f0d7550f8a9ac31ac1e295696477c02f
SHA256 8965deb3f4a35faba9f087defdbc2fb071e006f283ee7e6b1ce250c6ec12a49f
SHA512 5185a342c83ca7770ecb1103d95d061cc17c80526f755ebfac53305947b09765515221ba65b43a98eff3860e47bfc7a15f51e67d0636de7596a6859ff20804e5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\31e8a63e8fa08c8135be1c5384c3e0a2

MD5 1221a85cb03fd45c001ef47af9935e7e
SHA1 f209b998e8972ecf158f58270244b831d107ace1
SHA256 e7c79bc6240600fc94d67a9c0e9c1f563a3f30698d7cae3d19b1735865835d4e
SHA512 2e6846a2ea3bcf0892703f3f2024a0acdf277251c55ad9c65e61fb5a8780c67ec707d42818b3d98103504dda9984c109ec0f8e393fc063f734bbc7bce168ad90

C:\Users\Admin\AppData\Local\Temp\Roblox\http\1daaef2a5ce0ea927443fd099437bb55

MD5 e4a239995837749223ed2039a40a3a21
SHA1 b1cc97f9ffc3a367dd3a55a1a3342d59cb610403
SHA256 36ef28d0243f78f746ddc7abb74563980829c81dcfb91abcdaf6459bc7d374af
SHA512 ad81fe4cbaed589da0a3b97c20e7e5fc0deabf5910b1c41dc7d6e6e8b8f22486f71c9577886689739bdb87e34b330ce43cb60fb2e3c1305d77984ec78cc0879b

C:\Users\Admin\AppData\Local\Temp\Roblox\http\32c38bb4f4a560d621ab93aeb6ca5d7a

MD5 f7b60787135cc235066319d2412e77e0
SHA1 ff9e626cfeeb124bc95d830d20e13b15c6427c77
SHA256 e815d7145b898343e81a796bee29e8a71a678c9c3475a7b1107cdbefeefb6152
SHA512 bb21ace97ed300299a276844630c2b30aa0aab87a3a8684391bbe37a0ce7761c82011035f741cc1f596136043f1871d16b0238249d3b943b2c08fdaab8c0d762

C:\Users\Admin\AppData\Local\Temp\Roblox\http\5b794cd8b1447c984ba301aa73a6625d

MD5 2740a9a1a4020c08f3ae9fce5509416d
SHA1 371eb56fa91013a45a38486d5d77ccc12ad03990
SHA256 239bce8cdaa04b7e91497dc8fad14e5af36ebf244712d7a04e37c2be5a0e0a38
SHA512 fbbad878010bb317d5ddc6de48c87d838db393fc52c564555883d07e62b77cd37a3584414566977fbaef792ce0d2a00cf851ce871e880d1cda34357d2fd4682a

C:\Users\Admin\AppData\Local\Temp\Roblox\http\4dd9b09ac0d9a7bb380a273db7cac4ac

MD5 d97f6e22eba42d95c89cfd439f36c1d4
SHA1 3a439aff0b80708f6510643f70997b897500d2bd
SHA256 25f91091126b2855bcb9c2daa26fec21fe7cc6d25319925a95a55a37cc840b6e
SHA512 52ca405f845e8313b0a04657eaa9a22d1c4fbcf758d5796d2deaf41c7ed6abc28e3597dc1f5d803c009360a63db4e686e6622fac669c252b09d2a3d8dc451e72

C:\Users\Admin\AppData\Local\Temp\Roblox\http\d8b4554062d011287069393d07af8706

MD5 a0c28b8252eda35f15ff0931e1817ac9
SHA1 3fa429b9d0b8926907abc63b81a301bad2442eef
SHA256 ee880812bbf7cc1f00cb363632e9746e7342cb5048765c483d56f4284e555a0d
SHA512 e49af44a8fa6e0c0fe4a5f55df2910ff43a6a9360d6e0ba507375487526fa4fae8c974763e4bb757e0907036141123920024adfb312f9d53703bf6d45a83956f

C:\Users\Admin\AppData\Local\Temp\Roblox\http\9fd0b17a3402934b24f3b349c8d753a2

MD5 59e7e73fef4a9df2680ff8fe1722014f
SHA1 2b9d42140ad6207b1e3f5cf8d66b345109cb1098
SHA256 05f280e512673a8f1358b88e8706bf5a763727dc16e8c43abe1be6129a820b57
SHA512 49edc88448345ee5bbb1093bbb62bb49b0ac3c1c0a29d4a862be76845fbbacff0347ea457d66e40f721dccb8071c18e4ca7f41cbce88d57a64a02ed400f4f783

C:\Users\Admin\AppData\Local\Temp\Roblox\http\706b550a2be783fb6e220ca8181485e5

MD5 be4a508de308b15bf9c711a769ed61a9
SHA1 2b980f20a1466d2f1508bfaf8dc2a2558450c1d9
SHA256 0ac514138710cda19cc114cafa8a3fce046654dda1cce0915f525c6f5ed0b812
SHA512 dc71cf06e2466f17b843b96fdbec856b3b67df95105895597e73fad455340d4237f1b7cf91ac2906efb9efeac89515deb79a045859a0651420edecabfef8cf8c

C:\Users\Admin\AppData\Local\Temp\Roblox\http\bc27c501541df155b6fb12496e5bac70

MD5 f635924f866829484247044f991b14ec
SHA1 39c6f43e94e4b0d0ce9c30da5b78aab7fa5086f5
SHA256 30b18b2546442b630f0fb8c6a7c26419a9a73988e8e1a118dae5b7241e98074b
SHA512 ca145397fe454c2623651c9ccaf86fd15212fe83d758fab2f8de35e4ea00f8eb8f58aeecb2fc95a4ceda07c9bfa960ccc29b1a56c2bb317c94297c24a366be68

C:\Users\Admin\AppData\Local\Temp\Roblox\http\7948b73360f27446739cb67376a2d7bf

MD5 6c261f23c63795849eba5b1ef6f17cf3
SHA1 464f91ce49db8b5546722bd62c4f59aae33dfc20
SHA256 e4274c467ca592398736e990eaa97a937f209768239400cd90ea59f9e58a27fa
SHA512 ab6f671b1939df79ee60a873148a1763c06fa880e2f17a23c9e09c5401120873167905e49be3abaf546b9fee33096b76a5573a473b72de3806c38a128ab91ab9

C:\Users\Admin\AppData\Local\Temp\Roblox\http\5477b96b8c7694aaab08397c539323cd

MD5 74efd118f986358ad4cde9a57e61dc32
SHA1 0cfe0335bb35298456edc9ed791e019b70266c31
SHA256 b973558fa71e5b3a07fe6ca6180c5bd0cffdb343af3a0d2e4e4e89b40b194ee5
SHA512 357ad98fcdea45563ac733ff39aae16b103a1327a063445b6febb89616a61fbcd140c2148eeef122965cae78c2158bb39bd3eacac6d6c70a58546489687dd733

C:\Users\Admin\AppData\Local\Temp\Roblox\http\78e2b6ce1224c7617a6a8c90174aa783

MD5 22b25a819c414b6c626e5306888142d6
SHA1 e7d68968d0848af0e5203409227a1980dfeb4a0f
SHA256 275eacbd4554f5b0e4a4266514243c661edb1e4eea694a2fa01ac20a531dfcea
SHA512 bd04fe05aedb2cf10fef09648566834b019d40a6ec8532b19edcbb2348059984dbd5c04d6fd9579dac55f99a6b4de820cda159256d236450b0d0a51594e3b15d

C:\Users\Admin\AppData\Local\Temp\Roblox\http\77b3cd784a40d8349719b23b5c0e414b

MD5 05c43f778ddcf81fb06a2fdfb4f7624b
SHA1 616dade772feb66bb1b8dee218c7a5a39d43de06
SHA256 f4a00d60cb52477dfdb2eb264470e5daffd44139c118b73c80e8fdef16f9dd45
SHA512 a2443c678bc019dcc50fd7a49d5c19dfa0c45a7c43fffa24ca225f0f24b6839865288b2fe843bb233752fe59c712c54bff8d9b5c4e8ef5ff4ad8ef20b053feed

C:\Users\Admin\AppData\Local\Temp\Roblox\http\0b39eb4053e10b7ff21430e80432eed8

MD5 be1dacdbf4fea39b16e7c11e286b7205
SHA1 28ae9237170d6fa225c54e7a36e35549d191d450
SHA256 3a6d14f833f7da8ddf3139d42e41b2b83d1ea0d4570db39d9c10dd98e33da800
SHA512 72cef9e399c0652a340cb12dd239cc0dfa14a2c832fa63f76dc442308ee9f91b41ddff62fb70331895716b61fdccd332f75c0ba2003f818900e3e6f260303176

C:\Users\Admin\AppData\Local\Temp\Roblox\http\d132016b6bd0b89da2690c24749f6ff7

MD5 2e2350147bec3587e3bc14b7a1e32c2a
SHA1 c275f45e728f71d24ac6d8b496865c218f972b41
SHA256 7ddec5794d779b1ad88ffec41f00c793f21046d18c930328d662a3c2d1c27d84
SHA512 670d3893ab1503dea9437b61b2b1488238d84d3703f94b74b5c20bb7bd26eaa0479e6d3d91319219bae1c1c357c6807101c5960ee2f29ff48475c0e6d9ac3adc

C:\Users\Admin\AppData\Local\Temp\Roblox\http\848d350916ab0af9758cff8167a2aea2

MD5 0042d3425d57e55a4e8c899aa911012b
SHA1 f260334951b11b4ace9af45974e365ecbc6cb9cf
SHA256 f312918dae9b5ebf3028f14575ac8bdb78e7f152061fc59d0885ab7acb3e9581
SHA512 cbab405431b5a95ae3c9d3816b4a1c4d4a07cdc4dfcf64d0977ec80533a6029329db101ac36361114288fa18c769c85a3f238b13f63d2e1e83ef4ef64ae45521

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e526d6628fea4b1243fbb953bdf85ac9

MD5 3964c0c8b23c560175f4b299e1a9605e
SHA1 6c155c8a5ece5d5d7340ee4ff0fcb730e4d2b0fe
SHA256 20dc4a3272ebc6ff5edf0494d9e6e2d06c690bb079a36bd04e074818f16a2dbf
SHA512 c6f53903aa3a14f3187bcec1afba4b5b07c10ebef6dd10a710f400996f2214703d29d58abff6e7e0025ea91a78ed2f799f69c542bea006dace570464acf90d64

C:\Users\Admin\AppData\Local\Temp\Roblox\http\0af1ae578b1c58a0e785712d31028c1e

MD5 4ffc139d6996c3eba2d40053423d07fa
SHA1 6da7d02805c626596d055c20cf084aafed9b9768
SHA256 0445b87f48bfd12bf0dae91d8dd7c20ee924212b4cc8be782c0a54193546f43c
SHA512 5af3417cdb0d099add05b22090b5aea9ba39069c4704d000aa323b859e47ea67328f616ab03b7b878ef8cce0d528ac0ff5c0f8fe305175b952e840368e0d4a81

C:\Users\Admin\AppData\Local\Temp\Roblox\http\f469136d50a09240f313e4f48b35b40a

MD5 81927a5a1612202db2ce511c62ced773
SHA1 4414e92b078a515ca699a82cc3bc64a1e264e4bb
SHA256 a8a2313bedad3d93a06ce01ca1abb579013d083e2fec866cc22342713b7b6b2e
SHA512 33918119fc071674aac79062c0e4bab978d04cc957189cffdb8c1bb1c7add1bf7d9a0ab03b08d9e997bd8734266bcbc7a312b316f8303347e2aba876022e7cad

C:\Users\Admin\AppData\Local\Temp\Roblox\http\571e70bdfa73e0cdaa28fdbd2ca19ddd

MD5 bd289aae66f24d373fe9d4388f8ba9b2
SHA1 4d248d4f9aeffef2fdd953bffbacf81ff3ac8554
SHA256 78561a946c48755de0fce9695d30ab82d9e5dfce2eeb0ef6a0824282bc88a0d0
SHA512 50666175b0955dbdf933302016675f035df38deeef6b4a0e8d0cf40b6e3d2c3e4a089a5b78d75015e0048b2e7f91d81b69857004d55436437d3fa0754d1ef8a0

C:\Users\Admin\AppData\Local\Temp\Roblox\http\be241f3cbd5449b0c30c651c4834e3da

MD5 2866f1aa81a7f9c354d34be6a58aa88e
SHA1 c470d8ad431f9876d7966796a503c15440a35345
SHA256 38baca61b0de1abef8c3a97557b6e246fbf9091d1193e3732f6011508e5f0a27
SHA512 1af43841070856ee4c509080c286285ef4850d9dd8507381a5045ed748ffdd09fc32843c0d18aaac70621a8ec88064f0a3b74036cbdfe91be207594f55b24ef3

C:\Users\Admin\AppData\Local\Temp\Roblox\http\fcece68795e396ad03d6e2608d740126

MD5 0ba72ed050100e6779ea0f1c713ac441
SHA1 ff585cbb4b671bd3a04f3bdb2512a896ff07883b
SHA256 0949d1f525ea9da560f02a0447eb12a33ac6db673e89754b8f3d230e24ccfd06
SHA512 22c09e80f4af164d94ef40999572d2ce35bfb1dfacbd1762b380c9685889d515ed9aa064db4f8ab6746c8a26ea4ecffef9337014293905abb2f0cece7344b851

C:\Users\Admin\AppData\Local\Temp\Roblox\http\5c36700f9b5f405f69b210d702f6087c

MD5 94b44243d9e420ff19ff04f4e434b83f
SHA1 04687ed0f779c6873da97da0f16f042b2b459b69
SHA256 f76c45b8c4831588b971b25431b7b85f529a7214f99103ed82b4c2e97d9919e8
SHA512 b7778206ef730254f469214ace61b13f7031d0c4c751b2988decee93dd5a6c8336c40974af74b0aca6d42874d54e23dfcdfc743f5d633610aab2f05e948bea6e

C:\Users\Admin\AppData\Local\Temp\Roblox\http\09f04b99b82b262e105a232e97395311

MD5 e3a0c050904f457b02b36bfebb1c0b6e
SHA1 a611605082957d8eb5dcb83939e1b6bd3d870bf7
SHA256 02c51e5a41d473f8e0befe8e5fb49073f0dec0ca88ee83e0e6a3c0ba3e18d399
SHA512 f2b6b3a7c193a951feaa1d5abeaf52316773d7895284e806f7267708672f6a7baf37191a244d2c044c785fe967d416353ab83517b28932b9e521172b89e22275

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e385854d0ae9ba50e28a7a5629fa28be

MD5 0c889bbbf77ec231120674d4843ee0b4
SHA1 fd29658b2fa416059cb30a6729030b6a6b125e92
SHA256 5006fa1587ba1da5b7696daea22929c490049bc0f10661d9c79322b0a647efc6
SHA512 504d43f9104b8c56ba12ae9533ad3554858ebfb4f5b4b8b1692ba339deed831a66f5441a1e4706015cc59f4de4729c0128fe7da2c8c3d095b2993e92eec378f6

C:\Users\Admin\AppData\Local\Temp\Roblox\http\73b0a5d180fa4202c3e9365c3d577fd4

MD5 2c2e29b04e1f7144017730d5b5ed8b87
SHA1 8a36310825cfb7d8ea6fd487afa46dde29147199
SHA256 6026fca2672513a7a42dc67687850d630434b2260621f77ef5b2634486048d5a
SHA512 bbd5097d544d3bea8b5e97f3262a4f7765b13d5c742c9df8fd07e6a56e7c021a41de575dc1c24749631eb1003db0b9548c634eba7d6d2701fe4035f0a5880615

C:\Users\Admin\AppData\Local\Temp\Roblox\http\2d5ee01099db60480061c57d9831c261

MD5 839f812fb19680ae8e62c2ebe0355e4d
SHA1 a256751297a9f82a082bc4d5ef08d5d9d89a2c17
SHA256 b414e1186136cb1f46c6cdc69dc5b637ac5de6a390d67cf25907907c61b364a4
SHA512 f2209d8bbb8f7ce1e6b675cdd2da3a10bb450d50b4f73a596fc0639f201999f32d3c1a2418e0b92c918c0a667a5750ef122e4331361e0022b66a2fc5e489e5ed

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e665da7061b12f952145852fc21ef7ec

MD5 4cfd979bf14b07dfed01ef9a3b1279a7
SHA1 2e7aad8b8909d3117bb151bf4d34b608e3ab9c56
SHA256 589b00b0a2fbada62af8b7daa8755ce68420a009bf6ce7a53e0865fcf262f94f
SHA512 79a25e0af653d6ecb5fd1908c3652c6fc8ad3d0cf1e00510801bb369728dcbe3c5e1e66f73d058c511320badca3c8ea82f2baaa5e0682f304235b68f622685cf

C:\Users\Admin\AppData\Local\Temp\Roblox\http\be58ec8ab04ff195247b1536cdfb3d44

MD5 d1d2f476fd075d55fa0e77b3c507cb0d
SHA1 5976cdae821737161f6debcba500a2842f988f8c
SHA256 650bcfb9e1c7855d2b72865695c2f4d4212ccedb53584f089c26e2087cc65d41
SHA512 958c07812ae7e89143874ce4effb112eed3bec3436fc0b71ee70de38298130d08d89f6bce42d2b0696839f67be260791d121e81f46a4935f3985e241aec7b0df

C:\Users\Admin\AppData\Local\Temp\Roblox\http\f9cfb35c8f272d46d504f99d9c00054a

MD5 5a67e8e85c0ad7280e9f1ca86f138b77
SHA1 b9fc6b3311df7710e1251114946b93a72dd5d5d0
SHA256 09e7111ea12f1236be9b1da699f8c93eb68127d0a98f2ceebfc5c2d7b25f0ed2
SHA512 ac5e400ce21e5e2503a11642cf401ab5ad4e625a01ac87f1711a02a415fc924556d0d3e50386d17e29ec20bb99b5d3a2d0496dc2ac1fc1381b29774b826cd9ad

C:\Users\Admin\AppData\Local\Temp\Roblox\http\697aeac1e8e025f05cf4b76086fb70df

MD5 749deb1ff197b5082e2b07aa55a33d31
SHA1 08b4d7441ffa13b8dc3610d74a56d8eb11d8acb0
SHA256 e593f31edc529b51f9b253994d8aa93d8ab0bc8faf433e737b0a09e80cf2784a
SHA512 eff256220d72675ba4b23344191b963f7acdce9743af8be81020e2a74662d2f3f1b2735e686806b73198463c550b2d18921840271d515dca0b2d4ce226954d0d

C:\Users\Admin\AppData\Local\Temp\Roblox\http\90d821a0b7efe2541659a0ff6b31b88b

MD5 6f0ea4b31f2f55764db79b43833bf83d
SHA1 2522c29622377d611419babb3eba2e8cb13fe0e6
SHA256 08f380d19a3cf8307b098cdb5e9992ed1d29e5d15226340758a1af3cb4300c64
SHA512 6a5437574ce2db6feac98928a22c7002ce526501335ac00444190febe302dcab5f18ba33a5ae00bcd83f469b5f1cd356474c8cfd31d9992d186fdd0846db5641

C:\Users\Admin\AppData\Local\Temp\Roblox\http\d27efcc314894472628caf798daafe01

MD5 bdec8723e953241ac3edc46458a6ed7e
SHA1 783605b1587b096807a81e32c488be272e0ad581
SHA256 c31b000a001faa6e08026a24043899ee4941371ce464146a9c78befc2a796e4d
SHA512 221cf258c9c88c857e34fda1da4290c67c3a34459f86b828ab968f5e57b2be53eb4f7aaced83151576fb843a7f1166c267de0efb116740ab2ac2b37ca0cd4d93

C:\Users\Admin\AppData\Local\Temp\Roblox\http\fcf8e7398be5b1007fef514afffffa6c

MD5 864c04942289c1dee2c1aa18ea77f1c0
SHA1 1be7f1b6c2f1472adb9b34fb6f7a51d3d1ba161d
SHA256 9855931b8e0500c6753d77200447963d1981fa7f7b4fb34067bfedbdec0db442
SHA512 6f3934ea3ca2317756e45bcf065abae6cf34ab7c24e1847023ecee8e404294420f5cc978af2afcea986bf160eda88c020fa1b799f5ad75a5e3991e7268192dbe

C:\Users\Admin\AppData\Local\Temp\Roblox\http\6443205f8638cd85aaa1caed016b8ac4

MD5 20db412bf509b564fa765bbc0b917fbd
SHA1 938513617f173454649543b7c014ecc762ba5b5a
SHA256 8b7281d0d0576ed2b73ab842080238d7e006e1524ed48f423f61a86cecf3ad40
SHA512 f6c54fb0478c2df40776125a920621a1789d02239a78cdd3de8eb83a27a00464b2aaf8714776897a4b3ae5488da664befa604ec836fe12010a046d48eaa519a1

C:\Users\Admin\AppData\Local\Temp\Roblox\http\d4f8d4ffe8696350702fd146346140ac

MD5 084a09f4a178b2533a56610f28f252d4
SHA1 70c343a804ea4674a214d5ca8e24bce33cf662f5
SHA256 91b1a39172d8f6f0c98a2a3aaf8c137b29dcc4ed4c1bb4a3bd449dc16fb45e97
SHA512 fd8205ea2edc70743247666bf8ff414ef6038f6ec03bfc7590dc037024ca66eface1f3cc559511919058754a5dfc2224ca04368ed31df8aa942a7d9022b93e5f

C:\Users\Admin\AppData\Local\Temp\Roblox\http\c9d72083ee0b41e11170f5a9845c3060

MD5 92e9669fc7c748554c057eccb11a97e0
SHA1 d3fd8c1e136a2ebed238d95bfbfbf3ce61a385b7
SHA256 b29195912662d71be85e0db741dec5ef005d744d3aa0913dad8ad1e51c3aeff2
SHA512 cdc3a1b4c596fd3c9621e53887a9d503205a0d5f8663e1ee3366129ddbfa83f2b15bedef155eda2949f24d1df615ead664114310e3d3dd03f9fb2d95df2e29b2

C:\Users\Admin\AppData\Local\Temp\Roblox\http\5105c207d9317b50c40470887ccfd3aa

MD5 481555658adb9b672941de82171b343c
SHA1 7937e7bac46ac99e1897c00285fd23059828dc12
SHA256 5069797f8a4b926fcc5bcdb668c1f67ece5d5e8f05d6f19a260c55c9a67f289b
SHA512 aa9aae6ac82a3e320ce9c1b83883263d547a82369d8f31d3db0ce6d6bc5cd07ef96157ebf234d6e31b40b32e276c233f7c2c0856394a70d183bd64e03720737d

C:\Users\Admin\AppData\Local\Temp\Roblox\http\8aad44a486e1e94cb992a6a0e230f735

MD5 451b527070f0cfb1431ff5052642059b
SHA1 6021d49e6b87b9ae8fa64c3cfd0180d625c7d761
SHA256 b9391062d160f5bd861cf7e5ecda919954e84a87eeb3b000bf9b93c068057c9c
SHA512 3ec22e77061670685a576d96cc3897473d11c45c24e581688da54d8700b186d3583ffc23cc2c3395fd93af36afc45083058a2bad9cffb1362be8bf4edb20cef5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\aa3db4232d83f97f5e078c526e25a6e2

MD5 3e1ba08877dd32fe4178a730b0ea5e19
SHA1 c020afb22c7cde0c77a9d1d6be18ac8f1e62973a
SHA256 1a6447007e90d27fc71fa7bedef2219bda30eebc33447c2929e4488315e19641
SHA512 bad57ec1a48f686fbc5842a291c95f01db413600828b198b55615857bb1e50e4b3b6031d5896c8d7b9d6753c290c0253ddb83482f89c7fc348b8b80194a07286

C:\Users\Admin\AppData\Local\Temp\Roblox\http\77fad0fb4662c6b81630ee443153aceb

MD5 183fe999017d5e5654364c0d8fd895b8
SHA1 64cbdd4bfac3c60803acfb2871a9fc8da27d318c
SHA256 3622ef17da158e25761124720a642153fb6eee615b54da286e731ca2920216ed
SHA512 d5026e42d343185e14360a292c6d13131dbdf081ba44960598e12652d99d999b4f5c70c5c02335596d18302b1cf64128a8bd06273237a48e2cc4eb0267d12307

C:\Users\Admin\AppData\Local\Temp\Roblox\http\251c7269a8dc64cf406e8c2d5f5cc688

MD5 7e7342c1c2e3602906a1fd64acde7735
SHA1 357de58a6c39a0fe4d7e4c13c16d8c1d25f9e649
SHA256 24a5a23ded1de17bc3170afbe5eb7debbb47f0ed7b2a4b5303bc899e927a99e9
SHA512 c6313b65687a5ce03772ff6f1edf761aa91f07a29f8b61db7edebf1beb5c548fbc53aba721ede32d4c4bbdd31361dc724c676d41c06278904291579d25d93202

C:\Users\Admin\AppData\Local\Temp\Roblox\http\2da892c80dea8811c616fe5e0e6c010e

MD5 0dbe0b49a06c4093d004ec7d44303fd5
SHA1 2bac861a6075854f8dc8db470558936c36201aee
SHA256 b136004ec10d66b813386e21fc6c5f86d37071e01e8a82437676902eb3e63e8a
SHA512 1d306115aa97102b5d68552b591f5faeade373ff3a718d9f39dbeade32892e47fd921cd78e5dd71e91072476e5ad933ff9659ee5ea1d07133b55745f00c22828

C:\Users\Admin\AppData\Local\Temp\Roblox\http\993f844b48dbb84a0eece0b1d1aad326

MD5 c05764b76e6db0114c1d6200b56a3588
SHA1 5f96252b5a83e5c0810e4ba604dfc433ee449639
SHA256 427939d6cefb89facb6e71e082e42ed184f0883db715e0bd8ca832a316150430
SHA512 4c6c06afb99e99d6a7466ba40146b7fd02f83de16e5c89acbe64179860547f42dad0562b2a281706cfc6acdc5558e8fba5647874ff15d2778f3f6d8c1cd983a7

C:\Users\Admin\AppData\Local\Temp\Roblox\http\83eeeca932186715a9107df83747a179

MD5 e7ee77fadd485e9a35a1bfb4be99691c
SHA1 bf1aacc9fe769fd1dd111a1009473db1dcac7399
SHA256 d98e995f0160e551443de0eba015bf29192aea408469c2fc2d9c93a5c1c82cd9
SHA512 3ae849a12cabc409e435da98308db2ec0b86f8fa8624a23632ab0ea836a0aed001853eef600bb99f67f8f907dbb641c9c6bc37bbf959dd12c1bf2ad9c8147460

C:\Users\Admin\AppData\Local\Temp\Roblox\http\74f7241d43fd3efbef367cddf2de0712

MD5 1e996f012273818bd88129d26108d8f9
SHA1 c193db2eca6d190e929375e617f45790cae442bb
SHA256 c7c8ee23804c70ae96b1399c2f6730543f10f7678f5e3ee36fcbce97245aa8c8
SHA512 40ea7f36824cb96dace8ff41b1e92a03e0f7e61cac33a3a81c81cba12714812504554eaa0f4344d30061ce1d89f231ab21cab164a008e1f68d18ccfcf5525173

C:\Users\Admin\AppData\Local\Temp\Roblox\http\28c39719e7218d9c2d686d4daccb1b72

MD5 25a0b3d9ce5e6e1cc4cc7f4cdb328273
SHA1 4d2dddbe9502a5373e6ea99771bb1de6e828b95e
SHA256 013275e837c61c631932167d47d5d9b838ba8b9863915d39f06d8ba4914df147
SHA512 20df5153edab7085594382f80b5d7c6afa5f2a84741efb46961e36331c94369a7c7302c9799676e18aab171cf398dae8f314395c22238de6f8450726c4c992c7

C:\Users\Admin\AppData\Local\Temp\Roblox\http\584bbf8c27b2f156742be22b280cc8d6

MD5 7c0764a501b7f8f1eab14fa7f9337a4f
SHA1 2e17a9b6d5bd740c4dc91af9311e4a6e77bd55ce
SHA256 dc0524c0d7f9f637466570c86adad7021f9316e42e69745bf8d27081a98f09d2
SHA512 dba17c07bc4310c556ef62f157dfd3a0ea1a617ffbbc4324f9a046bf47be9a2bd500921bf02bb79d9ac2df1aeca3745ee1cbd7f33bbdb80fe67e1adaa0bd82bc

C:\Users\Admin\AppData\Local\Temp\Roblox\http\b39250833fce2d9f0655b124db089d4e

MD5 639a9c5f588be3e48a6bf5601215f027
SHA1 1ab7c1d3d5df21a05324853fb235b848945c351f
SHA256 4fd48841bac69eaaeaa9c936347395f5eab6fd4f5549d65cf6fc541884a4b2d7
SHA512 c3aced88385dbd9b10841f72c422b17cabeca80ad11af01222f8901b950be3b42467851d5ef61fa3a1d92f7977724926f765b8bc594655e93e116d04223497dc

C:\Users\Admin\AppData\Local\Temp\Roblox\http\c677a51b0924e108a9b1485dbdf883da

MD5 e1e4307ebd3e7f8280c75be0ccd3b5bd
SHA1 3f2a56ac3ee57082ebcf4a1ca21001821286e77e
SHA256 10dcbda8315ffe2e7215b8d61dbd26b0553b438fe94b1bdf005758b1b96d9f94
SHA512 7f3ef600e2ecca826fc163d9092bfc10fcca9a9e6206ef29fe5d61902e3e9625bb2bcc07a58ab480ad19354bd0a1c56dd9f13c4e62aed22d87da146252144ef4

C:\Users\Admin\AppData\Local\Temp\Roblox\http\4130cf898fa8b448f1568bfb61305e94

MD5 86df60a0980b57864a2e2d68f857e0d8
SHA1 60c24af81c8406f05ee1721b374ab8a466d878a2
SHA256 ccdedffa29231d609157ccf22019e03a721e9ca248eabf12be511b76f795c247
SHA512 c025bcd3d21ec036712ad8e40afa7da973db770bf5b9b019c73ca8b99202c8e37999e6daaeab3f1c2190f84434a5e4657a8593e8a59066e0feaf38fcd8bc41e1

C:\Users\Admin\AppData\Local\Temp\Roblox\http\477a618fe08d138e560e0c8eab9f3583

MD5 4f9c826223fb8d7fb603bac0b294a706
SHA1 44a185bf8edbfee521dc92ae012e6ed18cfae3a0
SHA256 e12f126277c8b35c48dc15cb2f37850ff5ab0816e5982eaeceb571c99bd17502
SHA512 ecf987dc0d416a7fb1779289a0bd9ba55625abff41491ec3731fd77950e91d5b454b17573be388766b20fc630ee3f125d37feda44e068d2ed0cd2a87be021fda

C:\Users\Admin\AppData\Local\Temp\Roblox\http\ecc495a0b2b0470e25d688a9077fd977

MD5 741a45f09ceaf9cba7f0ee5b8aac236a
SHA1 aa6b59bba687981191db42af8a8b17dc0fc9150a
SHA256 92ee9b175404bf4aa4e346ebe4948ae5c0ee7edf5693778a5e6a4a1bed508eac
SHA512 97cb36fc2281753eb7a42f762c8ad5cdef7c14665214a71f33518f88cff24ec5e91267f834a6ea5ab0206457c7e9c730dcfb4f7a2ec527e3ce48877e2f34be6d

C:\Users\Admin\AppData\Local\Temp\Roblox\http\388a60aa5e51ff44455d359825078031

MD5 eb62ee1626b44f54b2c444a487ef84fa
SHA1 d3d918dae048e4ee9c9626608693d69c4c4ae55c
SHA256 bf2f079ca21684f382d094af52836d83862c93800e8e054c2f6bc0838c442d86
SHA512 68022f2ac538c51acc24065480cd23670efff68d56a4b5dec2c28316726ab82c81b48fbfe76c44f32dc32b0af75fe3e203aeb40610f34e2e5d75bc684f712381

C:\Users\Admin\AppData\Local\Temp\Roblox\http\afa231f024ffddec5f9d2963d20c450b

MD5 64c05df26d12845b64880218a48e1b3f
SHA1 6ae26e09d6c23ea9ba5ad92d3d40790948b36141
SHA256 e41beb094c8bcc0d8825e031ec9ca5b13e45b94f3c93601c31c10955cfdd8da8
SHA512 d6925cf4d6eeb5275a7c008723410edfe1dd24b9097656e8573f749864f8fc7c61dac61b05230de13a7b9b7b866528c04adca85ad83e8e2831c43b46a70d4c27

C:\Users\Admin\AppData\Local\Temp\Roblox\http\bc70073e6562a1a0cb99b092be4629f8

MD5 acc9db15cdf0932e73bfd20b9857b80e
SHA1 cb6455b641cdaa693de88e9b0d1f422744faa35e
SHA256 f0e15f7608b3829d33eb8e057f31f21e931d9d2ab4814891b11ecf47494c141c
SHA512 7ca5152691d595acc0f0398e26f82c4cf491bea98f2c81e7a972af8fe763ef5926a716ea44112c2fa257ba0109b8848f8611f071b88902901bdee1d32a315913

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e5ba3b6fc7c95f933bacb9db38c93e80

MD5 0de2eda8831ddddda130102597e758bc
SHA1 0fa49f0691a4ae61e422a22b07fd4e5def0ae5b2
SHA256 2d60885d3492996ffe223ec6dfddb240eba00a9e03ac0506d3489edc4822e1ee
SHA512 f466e1ea3867fae7618b76a2895cccabb0f646f54bf8c4cb6cf6a5c2eaf4b8e31eb4f8b42971ee53c929241d9f40af6a684647cc09395cfd709774503f274b75

C:\Users\Admin\AppData\Local\Temp\Roblox\http\8ead55fcc97d21deacf012df5c33fdff

MD5 16e22cfdc829405af27279c364ba2f8e
SHA1 0c75b97959d7df1586db85cd1166f99c65603c68
SHA256 aa2f6c8bba8aec6b84f7ef8a7d8c30022097b784236806e63da1f0417124a3d7
SHA512 d1f6695e255f5b7ad498ce177a16591757d5570a4ea45d396f3fa159f5658bddcb7d524c102efdd982fd9ccfa557d984280c27e57484b8f61be512ce994d7964

C:\Users\Admin\AppData\Local\Temp\Roblox\http\5c288ffb1fe759d2618c218fa0d2bee8

MD5 c914fc7a80c8ebee4ddd7216cb8e63e3
SHA1 2e4bbbe23167be5f26e5f3e9f1e1b2409b38e7ef
SHA256 c718cff1df66ac36549451bc6de0535c3f2f9e74b4fcdcea38af9eeecc42a674
SHA512 7564812cd051e0970b3d06aa1bb839c8fae5d1e95e23615eea42d2f12b6284d06f2936cedd947e9d4d33c4656fec00494121d58cd38ddaf1ce2ad8be8685d0fd

C:\Users\Admin\AppData\Local\Temp\Roblox\http\6d1b0fd2905f7655bf0108dd4e655991

MD5 efe7165d72ce56eef26da49dbefa586c
SHA1 b2441c50e501f7121277d205876ec6a5811c4e67
SHA256 4e12e3ed0da10924a1dbc49e464b0b07c017970c839f1c1cb4ecf5a8019d3ae5
SHA512 195b3d7954627b571226a4d5293b19dd0b7b565d4b295b494361ed81f3d9e1c193533dd0e53b2ededa326278294694286669095147d769c5de343aa611ab0238

C:\Users\Admin\AppData\Local\Temp\Roblox\http\f1c2eede7a115f0fd9ddcfae03372516

MD5 08ba91e62331009631f755289dcf7324
SHA1 03786d766cac0b39437b98cb61e65c25d16325bd
SHA256 c50ad1d35d0b3e81ef6780da13361923d7525a39db5c9cbc6c5344a0bf5e1380
SHA512 3fe207322d4249f92893d0eb7a93f455374849ca583dd0fd00c79790ab7bc7f0699fe16de332b767689e0a104fb272992ddc37e002b6962cdb6c66a63618e3d5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\252921e7f19d826cf6778747e86132fd

MD5 e06fafb3ee051c215c7118dcb4a75354
SHA1 c72b3e0f2bb1139344053256bcc3ac48f590174c
SHA256 ea771a4652058a4110a95a6fa24c847e7a50cdfdd711f57e02f9c7caedda7908
SHA512 83008fcb8a91bb42f76568773c98e5dcf6658b0d7972d595eb7059b5a598faf80fcc8492351e9e98a6d3a9ddfc17fca742f07ffe4af644d99c087062ed7b14b0

C:\Users\Admin\AppData\Local\Temp\Roblox\http\bc86756c9d8f409a887054cf26a854b3

MD5 70461ebd3bf0f7a0beafcba1d52417ab
SHA1 53dd7894e76f0fe7c02f378d7c67107ed4a03d45
SHA256 e3ef21dd9efd05fd1260691d6dd47f76155bd0b5ef1ccb62ef1e588dca161fd7
SHA512 ccc18b368873c76fb25c97009bfd17e4456d488b16da511e61fe1dee031cce48bb25d507d7fb1237345bdc2191085bd384ce45ca98a5864d10b65b28650e553e

C:\Users\Admin\AppData\Local\Temp\Roblox\http\23f316746f014ce443f0b0adb0d9d90d

MD5 4843f2fc4404a016a8a7b7f5c352f877
SHA1 1446153b0498dd65dbb53b417d5ce5db49f0dec5
SHA256 46ec4647b950351b091ab0bb34d1964bf24b0eb58760175def7a4a1d7a4e09b2
SHA512 8d5198bd48be46a6aec5cb5d9eb6e75828f88742f12102a1f5091f9c8b51167fd6db13981fb875b032795b9407fa64cf3aa54224a64008262084dbfd3d98dc27

C:\Users\Admin\AppData\Local\Temp\Roblox\http\98c582bbf5493f077bd8f59567067f24

MD5 ed3f4356a5aa9295ec58f77ab387582f
SHA1 99f94109e03097ddf835c06292ecb6142c93fdea
SHA256 60e6db5121cddd5bc13b1019c85b5d962599e2548c347ee3c7d944cb20ff01b7
SHA512 cc7869759564fe9d5e1580be978727c4b0da340c052db74f677bf7cc24d93da0b837d01ae0199c6404e02b49d08fe47a2fec7165cfad841f1b6fbb1d7e8d7fc4

C:\Users\Admin\AppData\Local\Temp\Roblox\http\bbd52b35df5f543d23b7f35ae9e845be

MD5 2de5aeee01688c41f23b2ddc07c0b442
SHA1 68bd21cd4284ff390c1f4f5f4b61c9ff3b8f2268
SHA256 3ceb6af768ce708d114195ea3521c71370ee69172d4d0cdaeb1efff406571d73
SHA512 ce845ebebe20efbfb1a0565e69cea69e3a4f3e71289ec68379565052a2e8a3e5ac873b52e74ea26f2afae7ff64c789c348b4b9d4426ac0c0d6547d9f12290090

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e4317e6c6a87bdf6f00c6c80866345fc

MD5 fa00f598036aff7c2e4728ff840efdd6
SHA1 7873ee7205e2817fc8fdcb3afdc275aab494ea91
SHA256 18fecafdfbf34c5b261f4acbd607c439e35177802c8002a0d88221258108abb8
SHA512 f72faa02c263ed200f7a296ed86ef5da614911c1cd212aedd12923ba551aabc44b33cbced8dac80aae67dc09988d53ee191755afe3d51383ce885750bb00a944

C:\Users\Admin\AppData\Local\Temp\Roblox\http\f40c00885cbd0588eebf8bd59a345579

MD5 9c0241f7306bbf3cd085509dd7840c99
SHA1 21c2a9c916d0e537c5662db2acb565615ef79962
SHA256 e2afaf1d969e104e2ffc22494e2f7e2ec4a0bda49b9de0dcb3bbaa3da9bc8655
SHA512 afdf2c9a29559645e08604b15f023475e8610f41f650f3527a4c2199fc4bda9c291bb24e2f337e00cfac6a5347fae125d8055f0af6eaca38b92ec408343cb9b0

C:\Users\Admin\AppData\Local\Temp\Roblox\http\3ca8206460663e9e944ccfb414623b40

MD5 816be237e27ddb79f9fe0c46efa0119c
SHA1 fe0af06e1155ba784ed6ce8b97849eb3fffb5f9c
SHA256 ec6063b82a1adc4187ee0e01f413d4b5ed10277605f741295658acd3f0ceabcc
SHA512 5ca3c5bca3f5559a500de1262c133a972e776dba7192e6cade152245c0e1118fac41c48a79dd0f15c78ef177294867f041bccd3eece6a388eadcc32da8efaf00

C:\Users\Admin\AppData\Local\Temp\Roblox\http\852240b4203e72d7bfa66fcea2e589eb

MD5 547ffe689cd0af21ec616bd935f78b14
SHA1 36e70f429bea53fc2c8dd76eaad82f7bf9f3742c
SHA256 abf9ebe04321f9b8926304bc16041965dd79405783b7d3ea56d5fc802863bd9c
SHA512 3683baf37d3da8ac536ae4d2d852acfb49039b3c9d4ab42d972c23e2df6dbfd178a552ef023f48c43c6887161313d516914d26b7cca0c022e2741875d62e38d2

C:\Users\Admin\AppData\Local\Temp\Roblox\http\16f7441682caf62a1789b9d3e75ec170

MD5 cb94125a0b01b9335f3c3c9a9c6cd60f
SHA1 85ae6cca4c661270b389c00299bf7f5d81fc3943
SHA256 afd92a2c0ea64515200f7dd1c6237f18b6d1bd2065296939697d34a3d4e1b0d4
SHA512 649155baa2d26fc6afd0496d11f37d9dcb588726806eec89be58faa54fcf3b90d1becf114c4e2f3964c98e93399b87bf5bb87709a7bd9a3540c7ddb56e2da555

C:\Users\Admin\AppData\Local\Temp\Roblox\http\0407c8d6df198f6864381d3e595ae971

MD5 703dee4351832fd18ef5b85c6e1bf992
SHA1 bdea9dbbdae401cd68814d9815a17bab6f3870c2
SHA256 8fb57fee0d1c996a828a3147fdd9a38e8d1624163dad101e4bc1d44894bc3d68
SHA512 d43b5dc41be38f5fbe30a51c1abcbbc5c606c9d911dd164b5106fe2bcf0310ae8b641299c5491bbd5ba66433d87ebd17dc8a487d88d56d0ee8e81309533ef0b7

C:\Users\Admin\AppData\Local\Temp\Roblox\http\06bf3774b39be975c53ba2193da7f90d

MD5 29abb94b78b9a73db28b7ba825833346
SHA1 fd6da6bc273d4a44067d8c2b625980ab8cc52aca
SHA256 d929c9d2ba98883044b81894da3e921de179d5915e1f92ca9d4df9cc89f1424f
SHA512 d5069ac2996929a5d1622f65ab450bd152130978b049f672b1a9f28cadcf724e317024bd95a11109e0ae488834ab184f5e4b10f6a21ba3329cf056a0b7139613

C:\Users\Admin\AppData\Local\Temp\Roblox\http\a1489d1b06ae2d917aae075e6fa9b8f7

MD5 5420558b929446bbd89f3d35e72b5836
SHA1 da46e5c797831b47c4d62fb9321c420c6b0ba50c
SHA256 12d1d581ac394291754c5b042baec0904c2f3b3be6a17e0a8761b32b6e53d507
SHA512 e125c8d668b2c73d583c528f6d35bf8a1c9558c594cb3aee98e25eda051f621a6924626d845f200442da65034dd77aa4a51dd1668c07b26611909f76cf9174b4

C:\Users\Admin\AppData\Local\Temp\Roblox\http\8550d05ebb82e2c3691bc35b7c166899

MD5 f3e7b2683bee3c3628f500d157a7184c
SHA1 17aa34cf9e45a2a10cc370ef0047d6ec844053dd
SHA256 66d177f97d367d8181feedc6db9f92f71dbabf58cef1355439559005be6a24ac
SHA512 48994f038f0cca5a1ad783d05490ccc209ac4ff2a9fc3b508d5225348d2202f9760ac6c0334d12f74ab8227eab5a412370459ab328f44177729f8fb6b8911088

C:\Users\Admin\AppData\Local\Temp\Roblox\http\1cb6044427da36923148711b8796b750

MD5 ccdd89dadb2a17edd97a48f05de218ab
SHA1 c8829afdfda3e414304f09f588a9e00cd43de4d0
SHA256 8ebad66a66dec464ea8f6a70c240e6fac36d2155ef5460b2f1cc80451e9949ec
SHA512 79976e6623479c42c3b9babb2bbec208a8f13b580dc19419df33639e3922ab973e740fcf33c94841e833ef3ca8209b5b149d2ba5c064f08e3b6a526a651432f9

C:\Users\Admin\AppData\Local\Temp\Roblox\http\6c536340229d1bb052a390124806163e

MD5 8dda220de3bfd073f993acca9cce3f19
SHA1 c78e343e500f592bfc59de89dcf8548cd6fa1f71
SHA256 21710259e1dbf800de1bd2dd8e19f33cf70dcf6ad306f7738a23300e40d385e3
SHA512 d21115712737f5d51c7fc887a14bb7b9dda4b9db295ecf429623a20eee02b2868956e6d66907997f100395625c42464218c36e750224e02fe0245c0292fc9e1c

C:\Users\Admin\AppData\Local\Temp\Roblox\http\ec9a7853aa53bb67f2099830ce97922a

MD5 0ab1d8c6659dc5952cb81416c8d9a85a
SHA1 16d889c645dd70901f87cc86f6db8a632b8518a0
SHA256 1ebc2f03253024917e0b562d101603c2f9e04aa70a05accc5e63eed9976ea0b4
SHA512 657a549264297c42e4783cdfc76baff2dab9b5b9c1f991b3aa8b16f2b8f87ccdb0c1a56edc23713ea7f34ffcc4cfc95b7fbba8d5fa06ea443610f06a00433f36

C:\Users\Admin\AppData\Local\Temp\Roblox\http\38b0d496d6e95d4a4e1f049ecb71b4d1

MD5 60dc54bc02627b188fbc37f3c81899b3
SHA1 7065242d6e88ff9ed0e0cb891a9a6f6db2be5334
SHA256 35fd7f2804d4edd74c14cb7bb1534edc993ab7ce9e2d64be997b12ffa8ee5b16
SHA512 2b43c5d1f2ee4621055d94f3e04cbfed24371eea9a7c719f8392a993464e7d05635f59bf230e294c60de5656f421f4661bd5b1b8f286c4c15e79bf9c57d686c5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\05e6fbe7faeaf27e476e2247265bd7e2

MD5 774331951556eabf4930f06518bfe5f8
SHA1 79a7b332357aa2b18cf400033bfeeb5db7614627
SHA256 c4239a4d05bd3e427245f920cd4eba313e0af75c819f89553c7b6758da9b4d57
SHA512 bf67dd1c1d57779578524ee404de1648d9a4d8ed7f524fd49643ec49c3165b9321d64bda2216cfb8617c32cb500eacc2966263dc03841af51ee37facb2b1724e

C:\Users\Admin\AppData\Local\Temp\Roblox\http\RBX2CACA95700A149B989B752A5D8696EB7

MD5 643d56f3cc2d206fc1eeafd601a0e287
SHA1 0e55be4bc02d884a40a586b44d5728f9e8fefa6e
SHA256 637c7f57eea4b46821e968a691bc2181ac0ed00252691845fefd947a4c594f66
SHA512 10cb34ff5d98467c3de396ef4993a11c7db2545329ea473eb3ffe387f2663cfda6d21d31299f87aa3f298d2bfdb88d705b9236e9f71c48c22970713c2c3f75e6

C:\Users\Admin\AppData\Local\Temp\Roblox\http\92ca8d0a36e9ce06a1c3537675677ffb

MD5 ae7d26697baf4e3c0a4f7e4fd800f89b
SHA1 4f2472e39c964861701d80139cdc33bb967b2c34
SHA256 58c1370bf264ecee15638ab670a0af85f8bc3b974670875c757751fd116f4833
SHA512 e93451a30c74751ebd6996efb038016e28370de37bfbfe2fafd1f3c3817f2e720bc3b7d96e1c0e346f08e3c581d13f77a535c30c07a487f2c4a13b4da9970a0f

C:\Users\Admin\AppData\Local\Temp\Roblox\http\7df53404f56c9f1787b277ba9d17049b

MD5 ecaba5cf9469daab7c05847af2da45d7
SHA1 78d9c8d289db9815482249769dea663f4999cac2
SHA256 23946e247fe3bb06503a06be2b8e154d724a8c2e86fa4f441fc09ba1e5781121
SHA512 4204260b2efe3b4c95584394b30ad7957b154229828f0ac90a04e5167c7eb78f254777fad0d4fce9c5675fccc390dfccae2ecbd8d17e0e73bb0a6933605df7d1

C:\Users\Admin\AppData\Local\Temp\Roblox\http\1f571bce12b3689efa5586c78436d68a

MD5 aa1cb968768ba580f7e7d559906a49de
SHA1 1a6a0906ac3c68f859790103094a617e0439d77b
SHA256 b9e49fcb7d0be8aac8bf1d990f2277363077dbd34af7f5109a14bea85b9fd35b
SHA512 a72d7246405dea401b6e97963ea624772f65a7b20eacf2c358fdb73d7e5c2afac79b5cd39cd548ea8c43f14b5f03cc38deee8a495e9c7a1f264c1ca7de4f2411

C:\Users\Admin\AppData\Local\Temp\Roblox\http\6e62dea9b6f892b37a40251f84c9e0e3

MD5 f48177bf38c02c3a2cb322b77d627f23
SHA1 e207f206d2f707e7feddc32c02883bb71015d23d
SHA256 4a8a4eb5baa01e72889b67caa16b69a4c2e8a07aa12f84ade87376f344b2fbd9
SHA512 bb3c4ba048199ddd3cf5d554a90c279d7b868871f1a0eea4ce27c641556fb3e483cf839e3f9a27a092021783a25d604c952fb1ea34528d722db9930fe48e38a8

C:\Users\Admin\AppData\Local\Temp\Roblox\http\234369d070cc483f7122fd415837b73a

MD5 51d45f80859fca2ea5720897d7f1612a
SHA1 2a7d736969502784b96328f4fd1fc7697a099273
SHA256 5bf07b195c3902c69653ca0294f2bdbf9124df501af426b14d6bcdbb87d70745
SHA512 059455bc829431130377e4c8cee87ed3652b712eb46afa6f666d9e4aff7401b59068da840b91f4914d0752880cb2ed8c64a90e79e37f45b4b90996e44f2932b5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\b597c88ce139f36dee5c4afd7d80a2c1

MD5 f195c3e8ddb6711a2feaad4aec69b8b0
SHA1 20b1011f280842fe6aaa58117a05f57cc17b6c69
SHA256 9c263d2a5db10ebc2d543bbd0c125bcc5da6c2245ed133fe0abb1b308f343a71
SHA512 52ed2e19a2b991880336b6b1694016f4c8e5a5e92a9dc989ab317f7f743f38dddaeba8fb5764826bfd9aa145028a1b3f9fa34a02f39c1e5162aef7ad282b0632

C:\Users\Admin\AppData\Local\Temp\Roblox\http\5a479665357e877c36a8bc4ebab8ac84

MD5 f5366499a754da1e3317be61d63cc243
SHA1 8689a3cc6a2e1af5dbd2b6c23b488283362bab0a
SHA256 14873e016597bf69824fb29a219f6d81befb11b19fe2e505544115b33f030e6e
SHA512 6920f31ed14ef4621559e67c75a69ecdb7832aac639c40febd98dcf9b7c02402510e983b84cd309bdcd7b0438b394cd6b1d11bd4c32c58488d24a5d38db930c5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\6105c4318cc0c25a63a6c9b8db84bc28

MD5 6badf7314b5d440a6ec8dea899d7872e
SHA1 003170f75f86922af2aa5bc4b2c3c41f5f14106d
SHA256 c13071122b4ff111c8ee877e0d8bde8f34ab3569df48fa81f6f4f1b0b0ba855a
SHA512 5fd8098470eb97e06e62f6d8753d3dbef34d8db6b3ff463cdc964e61e765ab844168170a64c837fa5d60c029a79ac0fe7cc661b9bae07acbaa2400120037aa13

C:\Users\Admin\AppData\Local\Temp\Roblox\http\7deb7c677f433c0b6c649020e88fe58a

MD5 d76037dbae4ae81158187aeced5816b1
SHA1 7858adc6bdb9f9b03fcb28746d7a0d08c297d058
SHA256 8113ac3b2c1f9a16f7c5a9be473b64abfa8c9689afcbcc30750aeb3077e3e27b
SHA512 e9e1b515c621e760968098b8e0a16e00cf1fc17b74065efd2f8793add04d5e506205df5d65be1db885fb958b9c5879ca728528963b4048bfe073d4249c0dc6eb

C:\Users\Admin\AppData\Local\Temp\Roblox\http\3acc8af1251b7ed321f9b36da661d9ed

MD5 808cb55c51b6fc55fa6cdb17892dc876
SHA1 4487b86a3a42ff05e109800b1827c100390245c0
SHA256 eed0725bdeac66a2e53e7daaa033f06c360314d751df70176a0af3f23eb08c7d
SHA512 0d2e6534792e7d417a6fa8403f22397f406352a38bfe1019d87e0308d041b3e69d7defae77e2bf6b87adb3b7d59718efea7d5fad340847c681eeb293beb0f24e

C:\Users\Admin\AppData\Local\Temp\Roblox\http\a116d80baa851750ec02ad98f6a28052

MD5 db41d22b9f9f4a43ff8916ff8d513da0
SHA1 00dee570785465bff97ec8a96ebfad3d21f1d248
SHA256 31e6f7d03515207ae87b2f9e9594fc94db77038fcc28ee3990689c6590b7547c
SHA512 df4e09d0f24ec1cf13ffa1a062f9d28a5d36d99b606f27f7ab757f82e4202e51ff4e033b6554b763e6f97c73bbe77b9d133b4b842469b96056654cc2f202124c

C:\Users\Admin\AppData\Local\Temp\Roblox\http\b00de5dcbb5ba1d0d58ba82e9c2f97bc

MD5 9a3aa49a6c57739a171e507a3b0a90ff
SHA1 f3c154299bec91f215954c1df2b03f68fa08efa3
SHA256 6d61517c2a006e117a5d5032dc1be0f993f275b6d0c8a0fbef25bda8cfc12691
SHA512 0a02917b5eefba73d3420852a5c66719bae97bc3c8f9adfb2dcad89dee9caf5852f660a3e787d84e9b86e3793ae0605b2db10c0a1463e0f09a733b614d2f4c1c

C:\Users\Admin\AppData\Local\Temp\Roblox\http\68119f28ce3eca78171a6a8c8822e1bd

MD5 35e84ac53c5b6ac5714c5589d7d79153
SHA1 cedd01f0263fc9e5718b8e77b3467c14a35a1b53
SHA256 47da60997e22feaa88bff58bd2db6320534331990a14e2b64b6d665df77b931c
SHA512 7cbdf8f0eaee0c4e00e3813d1e558cc5aa305d6e9861255d721bfb655cddbf08c70fe61f686e79154f1c36e7a4b5c29f2ecf2776fee9eb0b7ac1da8c87e75dff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 16b5acc8860f1de9a3da96b4ebd61ebf
SHA1 d67472faaa951a66c57485accaffc0ef558b8de3
SHA256 f6a0966a8e64a61f62718ce12585b2cc44e5e019ddca40bcac434af8b17f22e3
SHA512 05647c934d91995f3889718a7f3904d188eac93d8efcd54fd996900d43f9a4601248a351ccfde49fcbc4dfffc30faf8058a4ad7cd51c9635a4f251261c4b43fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\b6843820-6ec8-4abd-b2b9-07dbaae978a9.tmp

MD5 bc285590ebd7f52ef089c455fc143be0
SHA1 509f3ecc6785d6a18785c621778cce9332f282c8
SHA256 b3fa7d2cb47d73cb3943a034ba38fd5bd897fa305e708f9a93274d76b8a22398
SHA512 4a21e102e0e252913f3743ab6bf78b06a36eb1ce9ba52581ee2fb00e20459a84d564aa16771cef710aee259af4dc6980c4e6976fc69256502b6d371c6315421f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 eb17895116d0d0f579b2ce02e8e07569
SHA1 025eeeabee89fea030859d2eec2cc726291c3a28
SHA256 d0df918d3e4202dad3deac3ca202a72aa3de066f57a2816edd24d759e8a224c3
SHA512 53f40a1099684a4e5cc2e149dca32610ae6dbe3cc567d508f90272490b8991c7c2232d0b6ae7630b7274574395e3b05c179a5ab629a72dca7c16dd43569aebf8

C:\Users\Admin\AppData\Local\Roblox\4155035591\InstalledPlugins\0\settings.json

MD5 31a96e5887399089523a54e6540560be
SHA1 c74c2067d487089656333cd57aae67655299ccf8
SHA256 9133ced3e3a9592bdd4717e1a01c083a423f7c5581306883543aa6807b1135b3
SHA512 c6a339c7d1789b951a1612602f5e3985bff84205c6712a51cbdc7728a341dc3b51fc778ee0aa19e2d6c443be20a3693317038a1ded9d143f9c65d65e32b11971

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 88b3ec7a2f17bfeb5217e138e5cec557
SHA1 7e319a640414912abfc1f07e5bede79e7a48c675
SHA256 8a9d0bd5837a2dd16604cf8110fe7edd98f15af88f75fe3f46d912d6f0ddd2d5
SHA512 dcdf3fe62cc3d6ceec034b63accdb2e6f82e60b9eb25cda681da6ade7e2c52ef70a262c98352e16acb09cecacc79602285dfe7faf71c6fe1558f67d936bec6ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 e7b872ef38f028911b0a87bb2337fbc7
SHA1 cf97f58a19b49e3b718a2a83422e2bcaa239d5c7
SHA256 4d703ee2b26339057c36c2f603a659f39d6d0b43a1ecfe5983cdd1d5dcf77cef
SHA512 f1bd2e4792c0eba4c480fa8a8df7d74b48e5e3b1f6cec800d6166df6298575ecde938d7b06a68b56a27ddd59a9eff244eb1ab896a07371361700724a13ae63f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 90c48756ea58106c2e34f083c00f6eb0
SHA1 7d19138fd55011627c2f24efd89ce41a9828d718
SHA256 ba79487952861d756b6401befd0d1b465ecc7f347ab7cf18abe9408534b9ef8a
SHA512 3589cf912c91f4795978088bdfc745468986c8cc09d4fc90b8c5f6cdb6596da91ac81f39775f1343f7cd16d7ddb55370241a9f457db4d75cd80d287db1cb9889

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.185.29\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe

MD5 b18c705b3c68cc49d9bf3649abc75c24
SHA1 6dc8963dea0f3185368790dee2a346301b4fa24c
SHA256 c2ca3135f3cafd79bf90d4cb3118943ca17f40e0d651d1fc32b1b3d22d1412aa
SHA512 7ac302c1e85c652bd897ce1af812950cd23a53c041af82fdcecb2314bbd1667bf2fc672dea40c21858e64befc9bf60190a4428f0b41c30317bb0e5ec7c00f71b

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{1FAB8CFE-9860-415C-A6CA-AA7D12021940}\2.0.0.34\BGAUpdate.exe

MD5 3f208f4e0dacb8661d7659d2a030f36e
SHA1 07fe69fd12637b63f6ae44e60fdf80e5e3e933ff
SHA256 d3c12e642d4b032e2592c2ba6e0ed703a7e43fb424b7c3ab5b2e51b53d1d433b
SHA512 6c8fce43d04dd7e7f5c8bf275ba01e24a76531e89cc02f4b2f23ab2086f7cf70f485c4240c5ea41bf61cb7ceee471df7e7bdc1b17dfdd54c22e4b02ff4e14740

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\SETUP.EX_

MD5 5070a34dbada1aaa375cc572b5fc7d0c
SHA1 e74b7ef714755870976abe3d2b4a7db0b9cc21e5
SHA256 03e7a32e1f10fced6a07dfa4e6cfd92510d4bf6929d423798e4fb5ca91fe6c20
SHA512 fed3fcbb64a59070b0efd677ca2edc982d28e37cdf7283f2777af8aca7d3760a7eefb8d01b3c2bf4b4ec3708a74c3412f0dede91e31dca1b6f8a4e4edc673aa7

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

MD5 28f5cf3c1d590016d7e5ecb1843571f5
SHA1 406f6637234211764c4e13753272caf704ffec2a
SHA256 a975a3a4ee010fbcc6a60c8c1798a19a1dd795655b4b629d20053bac9c5a3da2
SHA512 0e1fe3d1cbc9eb36c41a534b26ae95603bfad4e2f593fe1a8df9570209924772a0668d3c4a20006fdb700fed1decaffaebb189f34b8474eae0346ae924c6e938

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-30 21:01

Reported

2024-04-30 21:46

Platform

win10-20240404-en

Max time kernel

2699s

Max time network

2701s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://create.roblox.com/landing

Signatures

Downloads MZ/PE file

Sets file execution options in registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU4F53.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU4F53.tmp\MicrosoftEdgeUpdate.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{17F1332B-CD6F-4B2E-A828-A1C68F0561AA}\MicrosoftEdge_X64_124.0.2478.67.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{17F1332B-CD6F-4B2E-A828-A1C68F0561AA}\EDGEMITMP_93E6A.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{17F1332B-CD6F-4B2E-A828-A1C68F0561AA}\EDGEMITMP_93E6A.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7511CA2B-0D3F-432D-B5EC-404CC2D7F20C}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU4F53.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A

Registers COM server for autorun

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A

Drops desktop.ini file(s)

Description Indicator Process Target
File opened for modification C:\Users\Admin\Videos\Captures\desktop.ini C:\Windows\System32\bcastdvr.exe N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU4F53.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU4F53.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCookies C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\counters2.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_6372E0472AFF76BB926C97818BC773B9 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_CBDCCBFE4F7A916411C1E69BDD97BB04 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\counters2.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\counters2.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\counters2.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_CBDCCBFE4F7A916411C1E69BDD97BB04 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\counters2.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_6372E0472AFF76BB926C97818BC773B9 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\RoduxSquads\RoduxSquads\Models\SquadModel.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\SocialCommonTestSuite\ApolloFriends.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\JestEach-edcba0e9-2.4.1\PrettyFormat.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\RoactNavigation-5e891f46-2818f7fd\RoactNavigation\utils\TableUtilities.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\RoduxSquads\RoduxSquads\Enums\ExperienceInviteState.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\FriendsCarousel\Loggers.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\GraphQL\GraphQL\error\__tests__\init.roblox.spec.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\UGCValidation\UGCValidation\validation\validateSurfaceAppearances.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\App\Button\StickyActionBar.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\InGameMenu\Components\GameIcon.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\JestUtil-edcba0e9-2.4.1\JestUtil\globsToMatcher.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\ReactTestingLibrary\ReactTestingLibrary\__tests__\auto-cleanup-skip.spec.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\Clipboard\Light\Large\Undo.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Dark\Standard\UIPadding.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Light\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\DsaIllegalContentReporting.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\ToastNotification\ReactRoblox.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\WidevineCdm\manifest.json C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{17F1332B-CD6F-4B2E-A828-A1C68F0561AA}\EDGEMITMP_93E6A.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\AvatarEditorPrompts\Thunks\PerformCreateOutfit.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\PurchasePrompt\Utils\isLinksAllowed.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\GraphQL\GraphQL\TestMatchers\__tests__\toBeNaN.spec.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\ReactFocusNavigation\ReactFocusNavigation\default.rbxp C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\fonts\families\RobotoCondensed.json C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Lua\Toggles\Dark\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\Flags\GetFFlagConsolidateBubbleChat.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\textures\ui\LuaChat\9-slice\input-send-message.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\PlayerList\Components\Connection\TopStatConnector.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\PlayerScripts\StarterPlayerScripts\PlayerModule.module\CameraModule\VehicleCamera.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\JestUtil-edcba0e9-3.5.0\JestUtil\setGlobal.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\PrefetchProtocol.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Lua\Notifications\Light\Large\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Light\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\PYMKCarousel\React.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\LuauPolyfill-2fca3173-0.4.2\LuauPolyfill\encodeURIComponent.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\DsaIllegalContentReporting\Dash.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\RbxDesignFoundations-4f0cd42b-a744f1a5\RbxDesignFoundations\tokens\Schema\Types\ComponentType.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\ui\Settings\Slider\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\fonts\families\GothamSSm.json C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\JestDiff-edcba0e9-2.4.1\lock.toml C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Dark\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\DevConsole\Components\DataStores\DataStoresData.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\InspectAndBuy\Actions\.robloxrc C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\JestEach-edcba0e9-3.5.0\JestEach\init.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\App\Tile\ItemTile\ItemTileFooter.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\AnimationEditor\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\ui\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\ui\VoiceChat\MicDark\Unmuted40.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\LinkingProtocol.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\PlayerContextualMenu\Http.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\UnitTestHelpers\JestGlobals.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\WidgetIcons\Dark\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\SocialLibraries\SocialLibraries\User\init.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\identity_proxy\win11\identity_helper.Sparse.Internal.msix C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{17F1332B-CD6F-4B2E-A828-A1C68F0561AA}\EDGEMITMP_93E6A.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\ui\Controls\DesignSystem\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Lua\FileSync\Dark\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Dark\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\Scripting\Dark\Standard\PluginRunContext.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\RoduxAliases\RoduxAliases\Selectors\init.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\CentralOverlay\CentralOverlay\default.rbxp C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\BuiltInPlugins\DepFiles\9SliceEditor.d C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\NetworkingAccountInformation\NetworkingAccountInformation\ACCOUNT_INFORMATION_URL.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\SocialLibraries\SocialLibraries\Components\CarouselUserTile\CarouselUserTile.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\RoduxContacts.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A

Enumerates physical storage devices

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 C:\Windows\System32\GamePanel.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_QEMU&PROD_HARDDISK\4&215468A5&0&000000 C:\Windows\System32\GamePanel.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags C:\Windows\System32\GamePanel.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 C:\Windows\System32\GamePanel.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags C:\Windows\System32\GamePanel.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 C:\Windows\System32\GamePanel.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_QEMU&PROD_HARDDISK\4&215468A5&0&000000 C:\Windows\System32\GamePanel.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags C:\Windows\System32\GamePanel.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags C:\Windows\System32\GamePanel.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags C:\Windows\System32\GamePanel.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_QEMU&PROD_HARDDISK\4&215468A5&0&000000 C:\Windows\System32\GamePanel.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags C:\Windows\System32\GamePanel.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\System32\bcastdvr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\System32\bcastdvr.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio-auth C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio-auth\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\windows\CurrentVersion\Internet Settings C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content\CachePrefix C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MigrateProxy = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133589845085387049" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (data) \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\OnDemandInterfaceCache C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (data) \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (data) \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History\CachePrefix = "Visited:" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History\CachePrefix = "Visited:" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\OnDemandInterfaceCache C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\OnDemandInterfaceCache C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\OnDemandInterfaceCache C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content\CachePrefix C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies\CachePrefix = "Cookie:" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassSvc.1.0\ = "Microsoft Edge Update Legacy On Demand" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ = "IAppVersion" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Roblox.Place C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachine\CLSID\ = "{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusSvc\CurVer\ = "MicrosoftEdgeUpdate.PolicyStatusSvc.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\Elevation\Enabled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A}\VERSIONINDEPENDENTPROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreClass.1\CLSID\ = "{8F09CD6C-5964-4573-82E3-EBFF7702865B}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{69E11C9D-4974-41A2-B067-9F26953CF52A}\InprocHandler32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachineFallback\CLSID\ = "{77857D02-7A25-4B67-9266-3E122A8F39E4}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ = "IAppBundle" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\NumMethods\ = "27" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{8F09CD6C-5964-4573-82E3-EBFF7702865B}\VERSIONINDEPENDENTPROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\NumMethods\ = "7" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.PolicyStatusSvc" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}\PROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1B9063E4-3882-485E-8797-F28A0240782F} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\NumMethods\ = "8" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CredentialDialogMachine\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ = "IAppBundleWeb" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachine.1.0\ = "Microsoft Edge Update Broker Class Factory" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\NumMethods\ = "11" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ = "IGoogleUpdate3Web" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ = "IJobObserver" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\NumMethods\ = "10" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{60355531-5BFD-45AB-942C-7912628752C7} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\NumMethods\ = "13" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ = "IGoogleUpdate" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\ = "Microsoft Edge Update Core Class" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4684 wrote to memory of 704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3620 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3620 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3620 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3620 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3620 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3620 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3620 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3620 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3620 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3620 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3620 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3620 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3620 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3620 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3620 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3620 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3620 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3620 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3620 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3620 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3620 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4684 wrote to memory of 3620 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

System policy modification

evasion
Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://create.roblox.com/landing

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffa66f19758,0x7ffa66f19768,0x7ffa66f19778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1620 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1784 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2100 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2828 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2840 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4708 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4480 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4656 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4464 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3548 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=2304 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4544 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1816 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5148 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1596 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5344 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5372 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3860 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5272 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8

C:\Users\Admin\Downloads\RobloxStudioInstaller.exe

"C:\Users\Admin\Downloads\RobloxStudioInstaller.exe"

C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7M0Y1MkEwNDYtMjAzOS00NDYwLUFCRDEtMDhERERDMDJCMzY4fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins1MTVCMEYyMi0zRUY3LTQyM0MtOUY3MC1DQUZGQzBGQ0E5NEF9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE1MDYzLjAiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iUUVNVSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIxLjMuMTcxLjM5IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIj48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4MjQ5OTg5Njk2IiBpbnN0YWxsX3RpbWVfbXM9IjU0NyIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{3F52A046-2039-4460-ABD1-08DDDC02B368}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7M0Y1MkEwNDYtMjAzOS00NDYwLUFCRDEtMDhERERDMDJCMzY4fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntGQzdBQTMyNi00MTNELTRGRUUtQkNCRi04QjM1QzI4NjdDMTd9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE1MDYzLjAiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iUUVNVSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjEwNi4wLjUyNDkuMTE5IiBuZXh0dmVyc2lvbj0iMTA2LjAuNTI0OS4xMTkiIGxhbmc9ImVuIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIzIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4MjUzOTg5NzM4Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5628 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5664 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5812 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5616 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5964 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=6024 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{17F1332B-CD6F-4B2E-A828-A1C68F0561AA}\MicrosoftEdge_X64_124.0.2478.67.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{17F1332B-CD6F-4B2E-A828-A1C68F0561AA}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{17F1332B-CD6F-4B2E-A828-A1C68F0561AA}\EDGEMITMP_93E6A.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{17F1332B-CD6F-4B2E-A828-A1C68F0561AA}\EDGEMITMP_93E6A.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{17F1332B-CD6F-4B2E-A828-A1C68F0561AA}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{17F1332B-CD6F-4B2E-A828-A1C68F0561AA}\EDGEMITMP_93E6A.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{17F1332B-CD6F-4B2E-A828-A1C68F0561AA}\EDGEMITMP_93E6A.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{17F1332B-CD6F-4B2E-A828-A1C68F0561AA}\EDGEMITMP_93E6A.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x210,0x214,0x218,0x1ec,0x21c,0x7ff69d7c88c0,0x7ff69d7c88cc,0x7ff69d7c88d8

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7M0Y1MkEwNDYtMjAzOS00NDYwLUFCRDEtMDhERERDMDJCMzY4fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntENEI0NzQ0MS1FRDFBLTQ3MkEtODgyNC1BQTIwMzdCMjY1MDB9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE1MDYzLjAiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iUUVNVSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiZxdW90O1ZQUW9QMUYrZnExNXdSemgxa1BMNFBNcFdoOE9STUI1aXp2ck9DL2NoalE9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IiIgbmV4dHZlcnNpb249IjEyNC4wLjI0NzguNjciIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSItMSIgaW5zdGFsbGRhdGU9Ii0xIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjkiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjgzMDQxNjk3MzgiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4MzA0MjQ5OTE3IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODkyNTYzMTY2MCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmYudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvMTMxYmQ1ZDctOWM2NS00NzZhLTkwNzUtZTI0OTRmOGRhOWU0P1AxPTE3MTUxMTYwNzMmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9SjBFY1ZyZkJkYlo5cUROd3duREZYQkJxM2lkaE91eXJsSnZxOEpkazA0Z0tuV0lXJTJmTXRIUWtBZmxhcnRjdkhWMWh3N1pYVGJFbG1WMFJTYXZoMmtkdyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE3MjcyMzc2OCIgdG90YWw9IjE3MjcyMzc2OCIgZG93bmxvYWRfdGltZV9tcz0iNTgyNjciLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4OTI1NzQxNjU1IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODkzOTU4MTY4MCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTM0NjA1MzA4NiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjM5NyIgZG93bmxvYWRfdGltZV9tcz0iNjIxMzMiIGRvd25sb2FkZWQ9IjE3MjcyMzc2OCIgdG90YWw9IjE3MjcyMzc2OCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iNDA2NDQiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe" -startEvent www.roblox.com/robloxQTStudioStartedEvent -firstLaunch

C:\Windows\System32\GameBarPresenceWriter.exe

"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer

C:\Windows\System32\GamePanel.exe

"C:\Windows\System32\GamePanel.exe" 00000000000502EA /startuptips

C:\Windows\System32\bcastdvr.exe

"C:\Windows\System32\bcastdvr.exe" -ServerName:Windows.Media.Capture.Internal.BroadcastDVRServer

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --enable-features=MojoIpcz --mojo-named-platform-channel-pipe=4592.2108.15773086174111696761

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=124.0.2478.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x12c,0x7ffa4e47ceb8,0x7ffa4e47cec4,0x7ffa4e47ced0

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1720,i,1109333198927496350,318598929924948646,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=1716 /prefetch:2

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --field-trial-handle=1612,i,1109333198927496350,318598929924948646,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=1900 /prefetch:3

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --field-trial-handle=1236,i,1109333198927496350,318598929924948646,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=2012 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3220,i,1109333198927496350,318598929924948646,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3232 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3792,i,1109333198927496350,318598929924948646,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3796 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3784,i,1109333198927496350,318598929924948646,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3240 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=4500,i,1109333198927496350,318598929924948646,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3700 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --field-trial-handle=4832,i,1109333198927496350,318598929924948646,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=4656 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --field-trial-handle=4836,i,1109333198927496350,318598929924948646,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=4680 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x338

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=5508 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5724 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8

C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe" roblox-studio:1+launchtime:1714511425834+avatar+browsertrackerid:1714511280050003+robloxLocale:en-US+gameLocale:en-US+channel:+browser:chrome+userId:4155035591+distributorType:Global+launchmode:edit+task:Default

C:\Windows\System32\GameBarPresenceWriter.exe

"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer

C:\Windows\System32\GamePanel.exe

"C:\Windows\System32\GamePanel.exe" 0000000000060220 /startuptips

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=4308 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe" roblox-studio:1+launchtime:1714511507939+avatar+browsertrackerid:1714511280050003+robloxLocale:en-US+gameLocale:en-US+channel:+browser:chrome+userId:4155035591+distributorType:Global+launchmode:edit+task:EditPlace+placeId:15350820071+universeId:5294748261

C:\Windows\System32\GameBarPresenceWriter.exe

"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer

C:\Windows\System32\GamePanel.exe

"C:\Windows\System32\GamePanel.exe" 00000000000602B8 /startuptips

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7511CA2B-0D3F-432D-B5EC-404CC2D7F20C}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7511CA2B-0D3F-432D-B5EC-404CC2D7F20C}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe" /update /sessionid "{ACA3EA24-F51F-4C66-AD83-381AFDE1565D}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QUNBM0VBMjQtRjUxRi00QzY2LUFEODMtMzgxQUZERTE1NjVEfSIgdXNlcmlkPSJ7RjEzRjkxNUYtNTM2OC00RjVBLUJERkEtNDY1MDg1RTkyMThDfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntDMDlDNkU2Ny00NTAxLTQ3NDEtQjcyMC1DRkVDQkVENTlBNkF9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE1MDYzLjAiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iUUVNVSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNzEuMzkiIG5leHR2ZXJzaW9uPSIxLjMuMTg1LjI5IiBsYW5nPSIiIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9IjAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExNDUyMzU0Mjc1IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExNDUyNDg5MjYxIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExNzgxNDM1NTk0IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy83MmVkODA4Ny1lZTk4LTQyOWMtOTMzMC1jYTNjMTkzZDQxYWY_UDE9MTcxNTExNjM4OCZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1CdFB2aGNaaHZkVUh6Z091Y2RraTZyaUl6JTJiejdpOWEycDZ2V2ZNMXNWMmJDWG53SWVESXBab0VmJTJiNWRqaVZCaDk5T1R3JTJieEN4b1IyR0JzaGdPeSUyZnBBJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTYzMDc5MiIgdG90YWw9IjE2MzA3OTIiIGRvd25sb2FkX3RpbWVfbXM9IjI5OTA1Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExNzgxNDYwNjE3IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExNzg2NzcwNjY3IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PHBpbmcgcj0iLTEiIHJkPSItMSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjQuMC4yNDc4LjY3IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMCIgaW5zdGFsbGRhdGU9IjYzMjgiIGxhc3RfbGF1bmNoX3RpbWU9IjEzMzU4OTg0OTg0MTYwNDIyMCI-PHVwZGF0ZWNoZWNrLz48cGluZyBhY3RpdmU9IjEiIGE9Ii0xIiByPSItMSIgYWQ9Ii0xIiByZD0iLTEiIHBpbmdfZnJlc2huZXNzPSJ7NzI0Qjk3NDktNjI5Ni00OUE5LTg5RUQtQjhCMjlFQjUxNEMwfSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\Temp\EU4F53.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU4F53.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{ACA3EA24-F51F-4C66-AD83-381AFDE1565D}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QUNBM0VBMjQtRjUxRi00QzY2LUFEODMtMzgxQUZERTE1NjVEfSIgdXNlcmlkPSJ7RjEzRjkxNUYtNTM2OC00RjVBLUJERkEtNDY1MDg1RTkyMThDfSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7MzI4NUI2QjktOURENi00RjEwLUIyNjAtQjE0ODg0NDY0NUU3fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xNTA2My4wIiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IlFFTVUiIHByb2R1Y3RfbmFtZT0iU3RhbmRhcmQgUEMgKFEzNSArIElDSDksIDIwMDkpIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTcxLjM5IiBuZXh0dmVyc2lvbj0iMS4zLjE4NS4yOSIgbGFuZz0iIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiIGluc3RhbGxkYXRlPSI2MzI4IiBpbnN0YWxsZGF0ZXRpbWU9IjE3MTQ1MTEyNjYiPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyMDAxNzY4MDMwIi8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QzdBODIyMjUtRkM0RC00MUMzLTg1MzYtMDQwNDZDMjYxNTg3fSIgdXNlcmlkPSJ7RjEzRjkxNUYtNTM2OC00RjVBLUJERkEtNDY1MDg1RTkyMThDfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7M0IzQzFERTMtNzU0OC00NkE1LUJDMzktMDA3OTI5NjQyQkZEfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xNTA2My4wIiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IlFFTVUiIHByb2R1Y3RfbmFtZT0iU3RhbmRhcmQgUEMgKFEzNSArIElDSDksIDIwMDkpIi8-PGV4cCBldGFnPSImcXVvdDtzRzlESjZNM2Zaa1A3Q0VMV0duRHhDK3dhUmFRRXVFTHZMSWZYay9NQXRjPSZxdW90OyIvPjxhcHAgYXBwaWQ9Ins4QTY5RDM0NS1ENTY0LTQ2M2MtQUZGMS1BNjlEOUU1MzBGOTZ9IiB2ZXJzaW9uPSIxMDYuMC41MjQ5LjExOSIgbmV4dHZlcnNpb249IiIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMjYiIGluc3RhbGxkYXRldGltZT0iMTcxMjIzMzcxMiIgb29iZV9pbnN0YWxsX3RpbWU9IjEzMzU2NzMxNzIyMTY5ODcxOCI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjIxMTQwNjgiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE1MDgyMTE4ODA3Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QzdBODIyMjUtRkM0RC00MUMzLTg1MzYtMDQwNDZDMjYxNTg3fSIgdXNlcmlkPSJ7RjEzRjkxNUYtNTM2OC00RjVBLUJERkEtNDY1MDg1RTkyMThDfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins0MzA2NTAwRS03MjRDLTQ0OTktQkIxMC0wOTdBOUQxRTNFMUZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE1MDYzLjAiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iUUVNVSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiZxdW90O1ZQUW9QMUYrZnExNXdSemgxa1BMNFBNcFdoOE9STUI1aXp2ck9DL2NoalE9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xODUuMjkiIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iMCIgaW5zdGFsbGRhdGU9IjYzMjgiIGNvaG9ydD0icnJmQDAuNDciPjx1cGRhdGVjaGVjay8-PHBpbmcgcmQ9IjYzMjkiIHBpbmdfZnJlc2huZXNzPSJ7MTI5RkE0QjAtOTBDNS00MTU1LUE0RkYtNTA4RjQ2OURFNDJBfSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjQuMC4yNDc4LjY3IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMCIgaW5zdGFsbGRhdGU9IjYzMjgiIGNvaG9ydD0icnJmQDAuNTEiIGxhc3RfbGF1bmNoX2NvdW50PSIxIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1ODk4NDk4NDE2MDQyMjAiPjx1cGRhdGVjaGVjay8-PHBpbmcgYWN0aXZlPSIwIiByZD0iNjMyOSIgcGluZ19mcmVzaG5lc3M9IntEMUM3NkZBOS1CMzNCLTRBMjEtQjZFMC1EQjU2M0Y5Q0VCMUR9Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

Network

Country Destination Domain Proto
US 8.8.8.8:53 create.roblox.com udp
GB 18.244.155.74:443 create.roblox.com tcp
GB 18.244.155.74:443 create.roblox.com tcp
US 8.8.8.8:53 o293668.ingest.sentry.io udp
US 34.120.195.249:443 o293668.ingest.sentry.io tcp
US 8.8.8.8:53 apis.roblox.com udp
US 8.8.8.8:53 74.155.244.18.in-addr.arpa udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 107.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 232.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
US 8.8.8.8:53 economy.roblox.com udp
US 8.8.8.8:53 locale.roblox.com udp
US 8.8.8.8:53 users.roblox.com udp
DE 128.116.44.4:443 users.roblox.com tcp
DE 128.116.44.4:443 users.roblox.com tcp
DE 128.116.44.4:443 users.roblox.com tcp
DE 128.116.44.4:443 users.roblox.com tcp
DE 128.116.44.4:443 users.roblox.com tcp
DE 128.116.44.4:443 users.roblox.com tcp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 webblox.roblox.com udp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
GB 99.84.9.116:443 webblox.roblox.com tcp
GB 99.84.9.116:443 webblox.roblox.com tcp
US 8.8.8.8:53 ncs.roblox.com udp
DE 128.116.44.4:443 ncs.roblox.com udp
DE 128.116.44.4:443 ncs.roblox.com tcp
DE 128.116.44.4:443 ncs.roblox.com udp
DE 128.116.44.3:443 ecsv2.roblox.com udp
US 8.8.8.8:53 games.roblox.com udp
DE 128.116.44.4:443 games.roblox.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 249.195.120.34.in-addr.arpa udp
US 8.8.8.8:53 233.69.68.104.in-addr.arpa udp
US 8.8.8.8:53 4.44.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.44.116.128.in-addr.arpa udp
US 8.8.8.8:53 116.9.84.99.in-addr.arpa udp
US 8.8.8.8:53 14.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 thumbnails.roblox.com udp
US 8.8.8.8:53 tr.rbxcdn.com udp
US 2.17.251.18:443 tr.rbxcdn.com tcp
US 2.17.251.18:443 tr.rbxcdn.com tcp
US 2.17.251.18:443 tr.rbxcdn.com tcp
US 2.17.251.18:443 tr.rbxcdn.com tcp
US 2.17.251.18:443 tr.rbxcdn.com tcp
US 2.17.251.18:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 18.251.17.2.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 216.239.34.36:443 region1.google-analytics.com udp
DE 128.116.44.4:443 thumbnails.roblox.com udp
US 8.8.8.8:53 19.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 214.143.182.52.in-addr.arpa udp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 create.roblox.com udp
US 8.8.8.8:53 clientsettings.roblox.com udp
DE 128.116.44.3:443 ecsv2.roblox.com udp
GB 18.244.155.97:443 create.roblox.com tcp
DE 128.116.44.4:443 clientsettings.roblox.com tcp
US 8.8.8.8:53 97.155.244.18.in-addr.arpa udp
US 8.8.8.8:53 setup.rbxcdn.com udp
GB 13.224.245.123:443 setup.rbxcdn.com tcp
GB 13.224.245.123:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 123.245.224.13.in-addr.arpa udp
US 8.8.8.8:53 client-telemetry.roblox.com udp
DE 128.116.44.3:443 client-telemetry.roblox.com tcp
US 8.8.8.8:53 ecsv2.roblox.com udp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 setup.rbxcdn.com udp
GB 13.224.245.39:443 setup.rbxcdn.com tcp
GB 13.224.245.39:443 setup.rbxcdn.com tcp
GB 13.224.245.39:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 39.245.224.13.in-addr.arpa udp
N/A 127.0.0.1:50041 tcp
N/A 127.0.0.1:50045 tcp
N/A 127.0.0.1:50048 tcp
N/A 127.0.0.1:50052 tcp
US 8.8.8.8:53 26.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 88.65.42.20.in-addr.arpa udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
NL 13.95.26.4:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 4.26.95.13.in-addr.arpa udp
US 8.8.8.8:53 msedge.f.tlu.dl.delivery.mp.microsoft.com udp
US 199.232.210.172:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 apis.roblox.com udp
DE 128.116.44.4:443 apis.roblox.com udp
DE 128.116.44.4:443 apis.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
DE 128.116.44.3:443 ecsv2.roblox.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 ncs.roblox.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 216.239.32.36:443 region1.google-analytics.com udp
DE 128.116.44.4:443 ncs.roblox.com tcp
GB 18.245.253.89:443 js.rbxcdn.com tcp
GB 18.245.253.89:443 js.rbxcdn.com tcp
GB 18.245.253.89:443 js.rbxcdn.com tcp
GB 18.245.253.89:443 js.rbxcdn.com tcp
GB 18.245.253.89:443 js.rbxcdn.com tcp
GB 18.245.253.89:443 js.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 108.138.217.124:443 static.rbxcdn.com tcp
GB 108.138.217.124:443 static.rbxcdn.com tcp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
GB 216.137.44.23:443 css.rbxcdn.com tcp
US 8.8.8.8:53 metrics.roblox.com udp
NL 128.116.21.4:443 roblox.com tcp
US 172.64.154.86:443 roblox-api.arkoselabs.com tcp
GB 216.137.44.124:443 images.rbxcdn.com tcp
GB 216.137.44.124:443 images.rbxcdn.com tcp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 89.253.245.18.in-addr.arpa udp
US 8.8.8.8:53 23.44.137.216.in-addr.arpa udp
US 8.8.8.8:53 124.217.138.108.in-addr.arpa udp
US 8.8.8.8:53 4.21.116.128.in-addr.arpa udp
US 8.8.8.8:53 86.154.64.172.in-addr.arpa udp
US 8.8.8.8:53 124.44.137.216.in-addr.arpa udp
US 8.8.8.8:53 apis.rbxcdn.com udp
US 2.18.190.76:443 apis.rbxcdn.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 172.64.154.86:443 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 76.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 assetgame.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
US 172.64.154.86:443 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 o293668.ingest.sentry.io udp
US 34.120.195.249:443 o293668.ingest.sentry.io udp
US 8.8.8.8:53 economy.roblox.com udp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
US 8.8.8.8:53 users.roblox.com udp
US 8.8.8.8:53 locale.roblox.com udp
US 8.8.8.8:53 webblox.roblox.com udp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
GB 99.84.9.56:443 webblox.roblox.com tcp
US 8.8.8.8:53 games.roblox.com udp
US 8.8.8.8:53 realtime-signalr.roblox.com udp
US 8.8.8.8:53 56.9.84.99.in-addr.arpa udp
US 8.8.8.8:53 178.32.239.216.in-addr.arpa udp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
US 8.8.8.8:53 thumbnails.roblox.com udp
US 8.8.8.8:53 tr.rbxcdn.com udp
US 2.17.251.12:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 12.251.17.2.in-addr.arpa udp
GB 99.84.9.56:443 webblox.roblox.com tcp
US 8.8.8.8:53 create.roblox.com udp
US 34.120.195.249:443 o293668.ingest.sentry.io udp
DE 128.116.44.4:443 thumbnails.roblox.com udp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
US 8.8.8.8:53 itemconfiguration.roblox.com udp
US 8.8.8.8:53 premiumfeatures.roblox.com udp
DE 128.116.44.4:443 premiumfeatures.roblox.com udp
US 8.8.8.8:53 t4.rbxcdn.com udp
US 8.8.8.8:53 t7.rbxcdn.com udp
GB 108.138.217.55:443 t4.rbxcdn.com tcp
GB 18.154.84.20:443 t7.rbxcdn.com tcp
GB 18.154.84.20:443 t7.rbxcdn.com tcp
US 8.8.8.8:53 55.217.138.108.in-addr.arpa udp
US 8.8.8.8:53 20.84.154.18.in-addr.arpa udp
US 8.8.8.8:53 develop.roblox.com udp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
N/A 127.0.0.1:51000 tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
N/A 127.0.0.1:51008 tcp
N/A 127.0.0.1:51016 tcp
US 8.8.8.8:53 ephemeralcounters.api.roblox.com udp
DE 128.116.44.4:443 ephemeralcounters.api.roblox.com tcp
N/A 127.0.0.1:51019 tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
N/A 127.0.0.1:51023 tcp
US 8.8.8.8:53 apis.roblox.com udp
DE 128.116.44.4:443 apis.roblox.com tcp
NL 52.142.223.178:80 tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
N/A 127.0.0.1:51027 tcp
US 8.8.8.8:53 apis.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
DE 128.116.44.4:443 apis.roblox.com tcp
DE 128.116.44.4:443 apis.roblox.com tcp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
GB 216.137.44.38:443 css.rbxcdn.com tcp
GB 216.137.44.38:443 css.rbxcdn.com tcp
GB 216.137.44.38:443 css.rbxcdn.com tcp
GB 216.137.44.38:443 css.rbxcdn.com tcp
GB 216.137.44.38:443 css.rbxcdn.com tcp
GB 216.137.44.38:443 css.rbxcdn.com tcp
US 205.234.175.102:443 static.rbxcdn.com tcp
US 205.234.175.102:443 static.rbxcdn.com tcp
GB 18.245.253.103:443 js.rbxcdn.com tcp
GB 18.245.253.103:443 js.rbxcdn.com tcp
GB 18.245.253.103:443 js.rbxcdn.com tcp
GB 18.245.253.103:443 js.rbxcdn.com tcp
GB 18.245.253.103:443 js.rbxcdn.com tcp
GB 18.245.253.103:443 js.rbxcdn.com tcp
GB 216.137.44.38:443 css.rbxcdn.com tcp
US 8.8.8.8:53 images.rbxcdn.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
US 8.8.8.8:53 25.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 38.44.137.216.in-addr.arpa udp
US 8.8.8.8:53 103.253.245.18.in-addr.arpa udp
US 8.8.8.8:53 102.175.234.205.in-addr.arpa udp
US 8.8.8.8:53 images.rbxcdn.com udp
GB 216.137.44.8:443 images.rbxcdn.com tcp
GB 216.137.44.8:443 images.rbxcdn.com tcp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 metrics.roblox.com udp
DE 128.116.44.4:443 metrics.roblox.com udp
GB 216.137.44.38:443 css.rbxcdn.com tcp
DE 128.116.44.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 roblox.com tcp
US 172.64.154.86:443 roblox-api.arkoselabs.com tcp
US 8.8.8.8:53 8.44.137.216.in-addr.arpa udp
US 172.64.154.86:443 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 apis.rbxcdn.com udp
US 8.8.8.8:53 apis.rbxcdn.com udp
US 2.18.190.76:443 apis.rbxcdn.com tcp
DE 128.116.44.4:443 metrics.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.4.4:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google udp
DE 128.116.44.3:443 ecsv2.roblox.com udp
US 8.8.8.8:53 4.4.8.8.in-addr.arpa udp
US 8.8.8.8:53 150.1.37.23.in-addr.arpa udp
US 8.8.8.8:53 81.171.91.138.in-addr.arpa udp
DE 128.116.44.4:443 auth.roblox.com udp
US 104.18.33.170:443 roblox-api.arkoselabs.com tcp
US 104.18.33.170:443 roblox-api.arkoselabs.com udp
US 8.8.4.4:443 dns.google udp
GB 51.140.244.186:443 tcp
GB 172.165.61.93:443 tcp
GB 172.165.61.93:443 tcp
GB 172.165.61.93:443 tcp
US 8.8.8.8:53 170.33.18.104.in-addr.arpa udp
US 8.8.8.8:53 73.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 186.244.140.51.in-addr.arpa udp
US 8.8.8.8:53 93.61.165.172.in-addr.arpa udp
N/A 127.0.0.1:51607 tcp
US 8.8.8.8:53 users.roblox.com udp
DE 128.116.44.4:443 users.roblox.com tcp
DE 128.116.44.4:443 users.roblox.com tcp
DE 128.116.44.4:443 users.roblox.com tcp
US 8.8.8.8:53 realtime-signalr.roblox.com udp
DE 128.116.44.4:443 users.roblox.com tcp
DE 128.116.44.4:443 users.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
N/A 127.0.0.1:51835 tcp
N/A 127.0.0.1:53070 tcp
US 8.8.8.8:53 develop.roblox.com udp
N/A 127.0.0.1:53072 tcp
N/A 127.0.0.1:53074 tcp
DE 128.116.44.4:443 develop.roblox.com tcp
DE 128.116.44.4:443 develop.roblox.com tcp
DE 128.116.44.4:443 develop.roblox.com tcp
US 8.8.8.8:53 assetgame.roblox.com udp
DE 128.116.44.4:443 assetgame.roblox.com tcp
US 8.8.8.8:53 clientsettings.roblox.com udp
DE 128.116.44.4:443 clientsettings.roblox.com tcp
US 8.8.8.8:53 www.roblox.com udp
DE 128.116.44.4:443 www.roblox.com tcp
US 8.8.8.8:53 thumbnails.roblox.com udp
DE 128.116.44.4:443 thumbnails.roblox.com tcp
DE 128.116.44.4:443 thumbnails.roblox.com tcp
US 8.8.8.8:53 assetdelivery.roblox.com udp
DE 128.116.44.4:443 assetdelivery.roblox.com tcp
DE 128.116.44.4:443 assetdelivery.roblox.com tcp
DE 128.116.44.4:443 assetdelivery.roblox.com tcp
DE 128.116.44.4:443 assetdelivery.roblox.com tcp
US 8.8.8.8:53 tr.rbxcdn.com udp
GB 104.91.71.132:443 tr.rbxcdn.com tcp
GB 104.91.71.132:443 tr.rbxcdn.com tcp
GB 104.91.71.132:443 tr.rbxcdn.com tcp
GB 104.91.71.132:443 tr.rbxcdn.com tcp
GB 104.91.71.132:443 tr.rbxcdn.com tcp
GB 104.91.71.132:443 tr.rbxcdn.com tcp
GB 104.91.71.132:443 tr.rbxcdn.com tcp
GB 104.91.71.132:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 t7.rbxcdn.com udp
GB 18.154.84.19:443 t7.rbxcdn.com tcp
GB 18.154.84.19:443 t7.rbxcdn.com tcp
US 8.8.8.8:53 t4.rbxcdn.com udp
GB 108.138.217.96:443 t4.rbxcdn.com tcp
US 8.8.8.8:53 c2.rbxcdn.com udp
GB 18.245.253.95:443 c2.rbxcdn.com tcp
N/A 127.0.0.1:53088 tcp
N/A 127.0.0.1:53091 tcp
N/A 127.0.0.1:53205 tcp
N/A 127.0.0.1:53247 tcp
N/A 127.0.0.1:53255 tcp
N/A 127.0.0.1:53266 tcp
N/A 127.0.0.1:53272 tcp
N/A 127.0.0.1:53282 tcp
N/A 127.0.0.1:53290 tcp
N/A 127.0.0.1:53316 tcp
N/A 127.0.0.1:53322 tcp
N/A 127.0.0.1:53328 tcp
N/A 127.0.0.1:53343 tcp
N/A 127.0.0.1:53517 tcp
N/A 127.0.0.1:53522 tcp
N/A 127.0.0.1:53527 tcp
US 8.8.8.8:53 132.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 19.84.154.18.in-addr.arpa udp
US 8.8.8.8:53 96.217.138.108.in-addr.arpa udp
US 8.8.8.8:53 95.253.245.18.in-addr.arpa udp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.4:443 assetdelivery.roblox.com tcp
DE 128.116.44.4:443 assetdelivery.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
N/A 127.0.0.1:53563 tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com udp
DE 128.116.44.4:443 assetdelivery.roblox.com udp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
DE 128.116.44.4:443 assetdelivery.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.4:443 assetdelivery.roblox.com tcp
N/A 127.0.0.1:53577 tcp
N/A 127.0.0.1:53584 tcp
N/A 127.0.0.1:53587 tcp
N/A 127.0.0.1:53590 tcp
DE 128.116.44.4:443 assetdelivery.roblox.com tcp
DE 128.116.44.4:443 assetdelivery.roblox.com tcp
DE 128.116.44.4:443 assetdelivery.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.4:443 assetdelivery.roblox.com tcp
DE 128.116.44.4:443 assetdelivery.roblox.com tcp
DE 128.116.44.4:443 assetdelivery.roblox.com tcp
DE 128.116.44.4:443 assetdelivery.roblox.com tcp
DE 128.116.44.4:443 assetdelivery.roblox.com tcp
DE 128.116.44.4:443 assetdelivery.roblox.com tcp
N/A 127.0.0.1:53599 tcp
N/A 127.0.0.1:53606 tcp
N/A 127.0.0.1:54839 tcp
N/A 127.0.0.1:54841 tcp
N/A 127.0.0.1:54843 tcp
N/A 127.0.0.1:54859 tcp
N/A 127.0.0.1:54862 tcp
DE 128.116.44.4:443 assetdelivery.roblox.com tcp
DE 128.116.44.4:443 assetdelivery.roblox.com tcp
DE 128.116.44.4:443 assetdelivery.roblox.com tcp
DE 128.116.44.4:443 assetdelivery.roblox.com tcp
DE 128.116.44.4:443 assetdelivery.roblox.com tcp
DE 128.116.44.4:443 assetdelivery.roblox.com tcp
DE 128.116.44.4:443 assetdelivery.roblox.com tcp
US 8.8.8.8:53 tr.rbxcdn.com udp
GB 104.91.71.132:443 tr.rbxcdn.com tcp
GB 104.91.71.132:443 tr.rbxcdn.com tcp
GB 104.91.71.132:443 tr.rbxcdn.com tcp
GB 104.91.71.132:443 tr.rbxcdn.com tcp
GB 104.91.71.132:443 tr.rbxcdn.com tcp
GB 104.91.71.132:443 tr.rbxcdn.com tcp
GB 104.91.71.132:443 tr.rbxcdn.com tcp
GB 104.91.71.132:443 tr.rbxcdn.com tcp
GB 18.154.84.19:443 t7.rbxcdn.com tcp
GB 108.138.217.96:443 t4.rbxcdn.com tcp
GB 18.154.84.19:443 t7.rbxcdn.com tcp
N/A 127.0.0.1:54976 tcp
N/A 127.0.0.1:55016 tcp
N/A 127.0.0.1:55035 tcp
N/A 127.0.0.1:55055 tcp
N/A 127.0.0.1:55057 tcp
N/A 127.0.0.1:55064 tcp
N/A 127.0.0.1:55086 tcp
N/A 127.0.0.1:55088 tcp
N/A 127.0.0.1:55090 tcp
N/A 127.0.0.1:55112 tcp
N/A 127.0.0.1:55287 tcp
N/A 127.0.0.1:55290 tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.4:443 assetdelivery.roblox.com tcp
US 8.8.8.8:53 c1.rbxcdn.com udp
GB 143.204.194.13:443 c1.rbxcdn.com tcp
N/A 127.0.0.1:55321 tcp
N/A 127.0.0.1:55324 tcp
N/A 127.0.0.1:55327 tcp
US 8.8.8.8:53 economy.roblox.com udp
DE 128.116.44.4:443 economy.roblox.com tcp
DE 128.116.44.4:443 economy.roblox.com tcp
DE 128.116.44.4:443 economy.roblox.com tcp
DE 128.116.44.4:443 economy.roblox.com tcp
DE 128.116.44.4:443 economy.roblox.com tcp
DE 128.116.44.4:443 economy.roblox.com tcp
DE 128.116.44.4:443 economy.roblox.com tcp
DE 128.116.44.4:443 economy.roblox.com tcp
US 8.8.8.8:53 13.194.204.143.in-addr.arpa udp
US 8.8.8.8:53 c0.rbxcdn.com udp
GB 18.239.236.70:443 c0.rbxcdn.com tcp
US 8.8.8.8:53 c3.rbxcdn.com udp
GB 18.245.253.95:443 c2.rbxcdn.com tcp
US 8.8.8.8:53 t6.rbxcdn.com udp
US 8.8.8.8:53 t3.rbxcdn.com udp
GB 108.138.233.3:443 t6.rbxcdn.com tcp
GB 18.244.114.60:443 t3.rbxcdn.com tcp
GB 108.138.233.3:443 t6.rbxcdn.com tcp
GB 216.137.44.11:443 c3.rbxcdn.com tcp
N/A 127.0.0.1:55357 tcp
N/A 127.0.0.1:55370 tcp
N/A 127.0.0.1:55372 tcp
N/A 127.0.0.1:55375 tcp
N/A 127.0.0.1:55377 tcp
N/A 127.0.0.1:55379 tcp
US 8.8.8.8:53 70.236.239.18.in-addr.arpa udp
US 8.8.8.8:53 3.233.138.108.in-addr.arpa udp
US 8.8.8.8:53 60.114.244.18.in-addr.arpa udp
US 8.8.8.8:53 11.44.137.216.in-addr.arpa udp
US 8.8.8.8:53 itemconfiguration.roblox.com udp
DE 128.116.44.4:443 itemconfiguration.roblox.com tcp
US 8.8.8.8:53 inventory.roblox.com udp
DE 128.116.44.4:443 inventory.roblox.com tcp
DE 128.116.44.4:443 inventory.roblox.com tcp
DE 128.116.44.4:443 inventory.roblox.com tcp
N/A 127.0.0.1:55460 tcp
N/A 127.0.0.1:55463 tcp
N/A 127.0.0.1:55465 tcp
N/A 127.0.0.1:55467 tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.4:443 inventory.roblox.com tcp
DE 128.116.44.4:443 inventory.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
N/A 127.0.0.1:56851 tcp
US 8.8.8.8:53 apis.roblox.com udp
DE 128.116.44.4:443 apis.roblox.com udp
DE 128.116.44.3:443 realtime-signalr.roblox.com udp
US 8.8.8.8:53 develop.roblox.com udp
US 8.8.8.8:53 gamejoin.roblox.com udp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
DE 128.116.44.4:443 gamejoin.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.4:443 gamejoin.roblox.com tcp
N/A 127.0.0.1:56899 tcp
N/A 127.0.0.1:56907 tcp
N/A 127.0.0.1:56910 tcp
N/A 127.0.0.1:56913 tcp
DE 128.116.44.4:443 gamejoin.roblox.com tcp
DE 128.116.44.4:443 gamejoin.roblox.com tcp
DE 128.116.44.4:443 gamejoin.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.4:443 gamejoin.roblox.com tcp
DE 128.116.44.4:443 gamejoin.roblox.com tcp
DE 128.116.44.4:443 gamejoin.roblox.com tcp
DE 128.116.44.4:443 gamejoin.roblox.com tcp
DE 128.116.44.4:443 gamejoin.roblox.com tcp
N/A 127.0.0.1:56922 tcp
N/A 127.0.0.1:56929 tcp
N/A 127.0.0.1:58162 tcp
N/A 127.0.0.1:58164 tcp
N/A 127.0.0.1:58166 tcp
DE 128.116.44.4:443 gamejoin.roblox.com tcp
US 8.8.8.8:53 www.roblox.com udp
DE 128.116.44.4:443 www.roblox.com tcp
US 8.8.8.8:53 gamejoin.roblox.com udp
DE 128.116.44.4:443 gamejoin.roblox.com tcp
DE 128.116.44.4:443 gamejoin.roblox.com tcp
DE 128.116.44.4:443 gamejoin.roblox.com tcp
DE 128.116.44.4:443 gamejoin.roblox.com tcp
DE 128.116.44.4:443 gamejoin.roblox.com tcp
US 8.8.8.8:53 tr.rbxcdn.com udp
GB 104.91.71.146:443 tr.rbxcdn.com tcp
GB 104.91.71.146:443 tr.rbxcdn.com tcp
GB 104.91.71.146:443 tr.rbxcdn.com tcp
GB 104.91.71.146:443 tr.rbxcdn.com tcp
GB 104.91.71.146:443 tr.rbxcdn.com tcp
GB 104.91.71.146:443 tr.rbxcdn.com tcp
GB 104.91.71.146:443 tr.rbxcdn.com tcp
GB 104.91.71.146:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 avatar.roblox.com udp
NL 128.116.21.33:61929 udp
DE 128.116.44.4:443 avatar.roblox.com tcp
US 8.8.8.8:53 t7.rbxcdn.com udp
US 8.8.8.8:53 t4.rbxcdn.com udp
GB 18.154.84.20:443 t7.rbxcdn.com tcp
GB 18.154.84.20:443 t7.rbxcdn.com tcp
GB 108.138.217.96:443 t4.rbxcdn.com tcp
N/A 127.0.0.1:58182 tcp
N/A 127.0.0.1:58185 tcp
N/A 127.0.0.1:58188 tcp
N/A 127.0.0.1:58190 tcp
N/A 127.0.0.1:58363 tcp
N/A 127.0.0.1:58366 tcp
N/A 127.0.0.1:58381 tcp
N/A 127.0.0.1:58388 tcp
N/A 127.0.0.1:58404 tcp
N/A 127.0.0.1:58432 tcp
N/A 127.0.0.1:58434 tcp
N/A 127.0.0.1:58436 tcp
N/A 127.0.0.1:58610 tcp
N/A 127.0.0.1:58613 tcp
N/A 127.0.0.1:58615 tcp
N/A 127.0.0.1:58617 tcp
DE 128.116.44.4:443 avatar.roblox.com tcp
US 8.8.8.8:53 chat.roblox.com udp
DE 128.116.44.4:443 chat.roblox.com tcp
US 8.8.8.8:53 146.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 33.21.116.128.in-addr.arpa udp
DE 128.116.44.4:443 chat.roblox.com tcp
N/A 127.0.0.1:58626 tcp
N/A 127.0.0.1:58629 tcp
N/A 127.0.0.1:58632 tcp
DE 128.116.44.4:443 chat.roblox.com tcp
N/A 127.0.0.1:58637 tcp
N/A 127.0.0.1:58639 tcp
N/A 127.0.0.1:58641 tcp
N/A 127.0.0.1:58643 tcp
N/A 127.0.0.1:58645 tcp
DE 128.116.44.4:443 chat.roblox.com tcp
DE 128.116.44.4:443 chat.roblox.com tcp
DE 128.116.44.4:443 chat.roblox.com tcp
DE 128.116.44.4:443 chat.roblox.com tcp
DE 128.116.44.4:443 chat.roblox.com tcp
DE 128.116.44.4:443 chat.roblox.com tcp
DE 128.116.44.4:443 chat.roblox.com tcp
DE 128.116.44.4:443 chat.roblox.com tcp
US 8.8.8.8:53 t0.rbxcdn.com udp
US 8.8.8.8:53 t5.rbxcdn.com udp
US 8.8.8.8:53 t1.rbxcdn.com udp
GB 108.138.217.96:443 t4.rbxcdn.com tcp
GB 108.138.217.96:443 t4.rbxcdn.com tcp
GB 18.245.253.95:443 t0.rbxcdn.com tcp
GB 13.224.245.64:443 t5.rbxcdn.com tcp
GB 143.204.194.77:443 t1.rbxcdn.com tcp
US 8.8.8.8:53 t6.rbxcdn.com udp
GB 143.204.194.77:443 t1.rbxcdn.com tcp
GB 13.224.245.64:443 t5.rbxcdn.com tcp
GB 143.204.194.77:443 t1.rbxcdn.com tcp
GB 18.245.253.95:443 t0.rbxcdn.com tcp
US 8.8.8.8:53 t2.rbxcdn.com udp
US 2.18.190.133:443 t6.rbxcdn.com tcp
US 2.18.190.133:443 t6.rbxcdn.com tcp
GB 99.86.114.5:443 t2.rbxcdn.com tcp
GB 99.86.114.5:443 t2.rbxcdn.com tcp
GB 18.245.253.95:443 t0.rbxcdn.com tcp
GB 18.245.253.95:443 t0.rbxcdn.com tcp
US 2.18.190.133:443 t6.rbxcdn.com tcp
US 8.8.8.8:53 77.194.204.143.in-addr.arpa udp
US 8.8.8.8:53 64.245.224.13.in-addr.arpa udp
US 8.8.8.8:53 133.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 5.114.86.99.in-addr.arpa udp
GB 99.86.114.5:443 t2.rbxcdn.com tcp
GB 99.86.114.5:443 t2.rbxcdn.com tcp
GB 13.224.245.64:443 t5.rbxcdn.com tcp
US 8.8.8.8:53 t3.rbxcdn.com udp
GB 18.244.114.60:443 t3.rbxcdn.com tcp
GB 18.244.114.60:443 t3.rbxcdn.com tcp
GB 18.244.114.60:443 t3.rbxcdn.com tcp
GB 18.154.84.20:443 t7.rbxcdn.com tcp
GB 143.204.194.77:443 t1.rbxcdn.com tcp
GB 13.224.245.64:443 t5.rbxcdn.com tcp
GB 13.224.245.64:443 t5.rbxcdn.com tcp
US 2.18.190.133:443 t6.rbxcdn.com tcp
N/A 127.0.0.1:58672 tcp
N/A 127.0.0.1:58674 tcp
N/A 127.0.0.1:58678 tcp
GB 18.154.84.20:443 t7.rbxcdn.com tcp
GB 18.154.84.20:443 t7.rbxcdn.com tcp
DE 128.116.44.4:443 chat.roblox.com tcp
US 8.8.8.8:53 itemconfiguration.roblox.com udp
DE 128.116.44.4:443 itemconfiguration.roblox.com tcp
DE 128.116.44.4:443 itemconfiguration.roblox.com tcp
DE 128.116.44.4:443 itemconfiguration.roblox.com tcp
DE 128.116.44.4:443 itemconfiguration.roblox.com tcp
DE 128.116.44.4:443 itemconfiguration.roblox.com tcp
DE 128.116.44.4:443 itemconfiguration.roblox.com tcp
N/A 127.0.0.1:58758 tcp
N/A 127.0.0.1:58764 tcp
N/A 127.0.0.1:58766 tcp
N/A 127.0.0.1:58768 tcp
N/A 127.0.0.1:59062 tcp
N/A 127.0.0.1:59074 tcp
N/A 127.0.0.1:59562 tcp
DE 128.116.44.4:443 itemconfiguration.roblox.com tcp
DE 128.116.44.4:443 itemconfiguration.roblox.com tcp
DE 128.116.44.4:443 itemconfiguration.roblox.com tcp
DE 128.116.44.4:443 itemconfiguration.roblox.com tcp
N/A 127.0.0.1:59617 tcp
GB 104.91.71.146:443 tr.rbxcdn.com tcp
GB 104.91.71.146:443 tr.rbxcdn.com tcp
GB 104.91.71.146:443 tr.rbxcdn.com tcp
N/A 127.0.0.1:59619 tcp
N/A 127.0.0.1:59621 tcp
N/A 127.0.0.1:59623 tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
DE 128.116.44.3:443 realtime-signalr.roblox.com tcp
US 8.8.8.8:53 c7.rbxcdn.com udp
US 2.18.190.134:443 c7.rbxcdn.com tcp
US 8.8.8.8:53 134.190.18.2.in-addr.arpa udp
N/A 127.0.0.1:59655 tcp
DE 128.116.44.4:443 itemconfiguration.roblox.com tcp
N/A 127.0.0.1:59672 tcp
US 8.8.8.8:53 client-telemetry.roblox.com udp
DE 128.116.44.3:443 client-telemetry.roblox.com tcp
N/A 127.0.0.1:59675 tcp
DE 128.116.44.4:443 itemconfiguration.roblox.com tcp
DE 128.116.44.4:443 itemconfiguration.roblox.com tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
N/A 127.0.0.1:59688 tcp
N/A 127.0.0.1:59691 tcp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 20.114.58.89:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 89.58.114.20.in-addr.arpa udp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
GB 104.91.71.138:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 138.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 174.117.168.52.in-addr.arpa udp
US 8.8.8.8:53 170.117.168.52.in-addr.arpa udp
DE 128.116.44.4:443 itemconfiguration.roblox.com tcp
N/A 127.0.0.1:60148 tcp
US 8.8.8.8:53 friends.roblox.com udp
DE 128.116.44.4:443 friends.roblox.com tcp
N/A 127.0.0.1:60159 tcp
N/A 127.0.0.1:60211 tcp
US 8.8.8.8:53 inventory.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
DE 128.116.44.4:443 apis.roblox.com tcp
DE 128.116.44.4:443 apis.roblox.com tcp
DE 128.116.44.4:443 apis.roblox.com tcp
DE 128.116.44.4:443 apis.roblox.com tcp
DE 128.116.44.4:443 apis.roblox.com tcp
DE 128.116.44.4:443 apis.roblox.com tcp
DE 128.116.44.4:443 apis.roblox.com tcp
DE 128.116.44.4:443 apis.roblox.com tcp
N/A 127.0.0.1:60213 tcp
N/A 127.0.0.1:60215 tcp
DE 128.116.44.4:443 apis.roblox.com tcp
DE 128.116.44.4:443 apis.roblox.com tcp
DE 128.116.44.4:443 apis.roblox.com tcp
DE 128.116.44.4:443 apis.roblox.com tcp
N/A 127.0.0.1:60217 tcp
N/A 127.0.0.1:60219 tcp
N/A 127.0.0.1:60221 tcp
N/A 127.0.0.1:60223 tcp
US 8.8.8.8:53 tr.rbxcdn.com udp
N/A 127.0.0.1:60225 tcp
GB 104.91.71.140:443 tr.rbxcdn.com tcp
GB 104.91.71.140:443 tr.rbxcdn.com tcp
GB 104.91.71.140:443 tr.rbxcdn.com tcp
GB 104.91.71.140:443 tr.rbxcdn.com tcp
GB 104.91.71.140:443 tr.rbxcdn.com tcp
GB 104.91.71.140:443 tr.rbxcdn.com tcp
N/A 127.0.0.1:60227 tcp
N/A 127.0.0.1:60229 tcp
N/A 127.0.0.1:60231 tcp
N/A 127.0.0.1:60233 tcp
US 8.8.8.8:53 140.71.91.104.in-addr.arpa udp
N/A 127.0.0.1:60249 tcp
N/A 127.0.0.1:60251 tcp
N/A 127.0.0.1:60253 tcp
N/A 127.0.0.1:60255 tcp
N/A 127.0.0.1:60257 tcp
N/A 127.0.0.1:60259 tcp
N/A 127.0.0.1:60363 tcp
US 8.8.8.8:53 ecsv2.roblox.com udp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 ephemeralcounters.api.roblox.com udp
DE 128.116.44.4:443 ephemeralcounters.api.roblox.com tcp
DE 128.116.44.4:443 ephemeralcounters.api.roblox.com tcp
N/A 127.0.0.1:60387 tcp
N/A 127.0.0.1:60389 tcp
US 8.8.8.8:53 assetgame.roblox.com udp
DE 128.116.44.4:443 assetgame.roblox.com tcp
N/A 127.0.0.1:60393 tcp
DE 128.116.44.4:443 assetgame.roblox.com tcp
N/A 127.0.0.1:60418 tcp
US 8.8.8.8:53 50.192.11.51.in-addr.arpa udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 20.114.58.89:443 msedge.api.cdp.microsoft.com tcp
N/A 127.0.0.1:60455 tcp
DE 128.116.44.4:443 assetgame.roblox.com tcp
US 8.8.8.8:53 apis.roblox.com udp
N/A 127.0.0.1:60469 tcp
DE 128.116.44.4:443 apis.roblox.com tcp
DE 128.116.44.3:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:60476 tcp
N/A 127.0.0.1:60511 tcp
US 8.8.8.8:53 ephemeralcounters.api.roblox.com udp
DE 128.116.44.4:443 ephemeralcounters.api.roblox.com tcp
US 8.8.8.8:53 apis.roblox.com udp
DE 128.116.44.4:443 apis.roblox.com tcp
N/A 127.0.0.1:60554 tcp
N/A 127.0.0.1:60559 tcp
US 8.8.8.8:53 ephemeralcounters.api.roblox.com udp
DE 128.116.44.4:443 ephemeralcounters.api.roblox.com tcp
N/A 127.0.0.1:60603 tcp
US 8.8.8.8:53 ephemeralcounters.api.roblox.com udp
DE 128.116.44.4:443 ephemeralcounters.api.roblox.com tcp
US 8.8.8.8:53 ephemeralcounters.api.roblox.com udp
DE 128.116.44.4:443 ephemeralcounters.api.roblox.com tcp
N/A 127.0.0.1:60638 tcp
US 8.8.8.8:53 apis.roblox.com udp
DE 128.116.44.4:443 apis.roblox.com tcp
N/A 127.0.0.1:60643 tcp

Files

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b9ba420423b3916356ad0d2398d3ac09
SHA1 dfc12a9f6b36ff4a5500d541b88c443611d3228f
SHA256 66126f3b725934303d8c1ed6ad982f6ff12eaaf1a846f1c32b23476b80f0a782
SHA512 a492efbfe608e20af029244fce36bc1af53b04013d3ba4872c0cfe82c5528f04530a00282f4d5ff9da58622020d76c616ed990f4bb476b33304b07c3ce503152

\??\pipe\crashpad_4684_ZLWCUWSNBNSQRDHF

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c10cb9f0f97369dee1726f04425fd66d
SHA1 bf730799489b7ffc0cfee7d75af770b756af5b7e
SHA256 b4c8ee55bb7f1e7d4d46c87d05f8a5d7bc70ddcebef976c78ab48dc4d611546a
SHA512 53720dc2cd5139f90a1e8091035f68e3de0fccb6c4dfab525575d03f086da523b1838ef1fd38aa4eb954282727c754aaca1731fd1cb919123fe1deff5b895dab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 48a16bf409f05aafd354a216b549f7ac
SHA1 36f90eb2984df5825b987cfb3dd4217f21cf17c6
SHA256 f088a3500e4114026792fc1671049fb463da77991985cb26cb249ceb932f74f1
SHA512 bc829c394f2a94596241f11f6e9800ec10091c2da9b7a1d0208bd0e824b16837151caa4eac3f699c96c6014eb26fe4ac6081ab53cf4033b03f36d3136586d5ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f9f5e09eed85200ac5cac7005fd52d05
SHA1 56496b432c40bb6007d4c27f396f85785a1cc8a7
SHA256 3c5c2bb298feba14494f259db03768fbb4fc91c9978b4e55bea8a336bbf1e35a
SHA512 e14dab15a1e15722fc4cbb3d5b6d881dcfb47bf67363140d90d688be16c0f7b169ef686afd23d1247980e58dca898def911e262fb1eebbc016f56cf45e379769

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 390039ca5cedd5a14510ca10b6e6aa02
SHA1 fed52224e06ae1b4efc47ed0a19fde47c67b45b7
SHA256 f8253253228a316e502fa0a668a4968a405377b390eadf0480324970343ae357
SHA512 8795b681cc85956e44596dc0ceba25cc5ccf18a32c46104e105e3c55d38361f242eb6eeb53c94246b17cc899859c66c3e5d5a0abe73c72f4c2f3e2382dbacadf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 701a83d1483e727a4ab260dbf6e3f16e
SHA1 84ce840c3a5a5d45a80b5137580351bfc9118ca5
SHA256 d5aa77452486e273d10ab2a02c6f61a6cf85f96bb36346b6b3e99273fdfb6f1a
SHA512 a945246fbd30a0a3769d21db2699dde84060de2456a8df1813610715500816774772dfb4a072c74f6ab30b817f5d775292f3b4991d27dacec4de5e486b10756d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 5134706e36db0cd6b65df696cbcf949e
SHA1 eee414bfb98661497d4157ef03c4d57139ff3ddf
SHA256 dbd4063adfcb38d3c55ca5980afdb04e99e9405fc33f19a4877056efe12b6d4a
SHA512 9cd8fb822b0ae09ceff8a3e604fe7a7c5e0701eb1775ec373fbb36d047bd68e69b953570d831952e28efb302a675c70da98823d1f86d54e1a59631101c676286

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 0521c2a091ea90e9f797ba4db495c3d9
SHA1 7aa7f3bcbd0fdb83cfa8ad5a69c282a554586d4f
SHA256 79d2bae628dd39b675414cdf52d17a9b5930f0796e6020e0b197747b46bf9bd1
SHA512 543336aa5738a92fd8b3c19bb4133ea6e52730997632ac499c514c46fbfae3d58601d9a43573ed4dce9bb6f27fa24d27deac4175b5bec3f43e75febbbdf2594a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 4e368131b5eb355cf5fdbcc7b4f32a17
SHA1 e8921f18b4719fb2e2500247ebf44163fe66d9e7
SHA256 2d9a503cb5617e83fc43cb84fe33014624bdbcf3e6c141167aab5662ac9ed0ae
SHA512 fbd26e1457c63d8808a469fc76dc6fda3948a097fa2683ff3e439e1cdf075b9a91acd704071566d6b20275bd9a147bf664d303b8055370ff25d0450365a7b217

C:\Users\Admin\Downloads\Unconfirmed 388127.crdownload

MD5 911c020a364b10fe1de664c01de4534c
SHA1 8731aee51722d2e1604864eb8f03abe3e6d35441
SHA256 cb84418aa6ff71e927125f05cd74b10cef07b40fe19a17f9ba5c3bd57f2d9591
SHA512 7e2c2259dde1fcb1a10a3864b1e24f892fb28d1c0a9a8b1b32d6b512d9f49b031cf6119f55dad008f0b2a5dc87ae606ee0c2918fdc44fc307d56bc933537db7b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 81eb3c0d7b1738fd0741a501875a9ab5
SHA1 0a2293bdb62bf7c64cbe2e1a05fce9c77758cc24
SHA256 c711cad8c3f8c5ac1e40041a47951884fd242a94c57a6aa2c08682f14964f428
SHA512 af88fcc21c77cf62ace93e60c7795045ecbd8eb6629260ed8f16ab366edce47c9476926a6b59418e96254d385f4a779f0d8d5181609fb6f8e298f3324d732ad9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 01b344c6a86ebdc31e67c462b8acf2ca
SHA1 947afb1d63cb4fd71dfcd4ad783527d844e90288
SHA256 5ed7dbb09a9ed65ec91b1c65edfed2a9074b965c673e7cc63fea438d74f5446b
SHA512 2a094093d779e4d9b4d17d94e42d437fbd74abdb4404ffa1e64b8d6a2c1543bbdb0294751115e50fc55a0eaaeb4810c4617979a0270167d60356b5846258277b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 61af8c7d332f9540391170dfcc4c41fa
SHA1 bd77ba5c0d1c9598dfa2a7077918ce2279af1c8a
SHA256 3e3203978c5be42d2abdc2399eee8c7d6c51311730e27a42f5eae6483ac5bfc6
SHA512 01d2aa44b34ba43aa03da56d47d4aa3e660125497626f07017609dc68d473eab3570ed8964571a06e86fad885224f05a564c14edf3cea51bd4d5cafec7ce060a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 c5c3bf142a9613a1c99228bf6138eea7
SHA1 96c3707d8b85055c7f2e4158be03c35227653632
SHA256 ba7d429271f16e97a1e9060082b29c63df9aecda52d4a19f2ae918ea52799ea0
SHA512 6b2b50ee3884adb976ffa23ec46b3f09b4f498cd3ec64ae0b3a021b9f49cef7c3f69786011a53d7786371747d41d3894f575d78da4cebec496428b7e4ef6a414

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5c8bec.TMP

MD5 018369e4f4a0df5b716e7e633f6fb8f0
SHA1 d38b4f3edc7c0d85f7a27253bd6db251066a3386
SHA256 48619f645e7cf00d05d678b79727b2b769698c32303191ddd6f3a3ec2d4595c5
SHA512 032d6e7126f583e747b2635ecd66a1835dc2a02aae4e7bca62035115b1d7c063917482865626fd3c29b40a622800128fdb3ba5e5ed33f9921cd2fa9fba6c7807

C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MD5 610b1b60dc8729bad759c92f82ee2804
SHA1 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552
SHA256 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08
SHA512 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\MicrosoftEdgeUpdate.exe

MD5 4dc57ab56e37cd05e81f0d8aaafc5179
SHA1 494a90728d7680f979b0ad87f09b5b58f16d1cd5
SHA256 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718
SHA512 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdate.dll

MD5 965b3af7886e7bf6584488658c050ca2
SHA1 72daabdde7cd500c483d0eeecb1bd19708f8e4a5
SHA256 d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19
SHA512 1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_en.dll

MD5 4a1e3cf488e998ef4d22ac25ccc520a5
SHA1 dc568a6e3c9465474ef0d761581c733b3371b1cd
SHA256 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011
SHA512 ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\MicrosoftEdgeUpdateCore.exe

MD5 c044dcfa4d518df8fc9d4a161d49cece
SHA1 91bd4e933b22c010454fd6d3e3b042ab6e8b2149
SHA256 9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2
SHA512 f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe

MD5 60dba9b06b56e58f5aea1a4149c743d2
SHA1 a7e456acf64dd99ca30259cf45b88cf2515a69b3
SHA256 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112
SHA512 e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\MicrosoftEdgeComRegisterShellARM64.exe

MD5 7a160c6016922713345454265807f08d
SHA1 e36ee184edd449252eb2dfd3016d5b0d2edad3c6
SHA256 35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9
SHA512 c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\NOTICE.TXT

MD5 6dd5bf0743f2366a0bdd37e302783bcd
SHA1 e5ff6e044c40c02b1fc78304804fe1f993fed2e6
SHA256 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5
SHA512 f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_af.dll

MD5 567aec2d42d02675eb515bbd852be7db
SHA1 66079ae8ac619ff34e3ddb5fb0823b1790ba7b37
SHA256 a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c
SHA512 3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_as.dll

MD5 a8d3210e34bf6f63a35590245c16bc1b
SHA1 f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693
SHA256 3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766
SHA512 6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_az.dll

MD5 7937c407ebe21170daf0975779f1aa49
SHA1 4c2a40e76209abd2492dfaaf65ef24de72291346
SHA256 5ab96e4e6e065dbce3b643c6be2c668f5570984ead1a8b3578bbd2056fbad4e9
SHA512 8670746941660e6573732077f5ed1b630f94a825cf4ac9dbe5018772eaac1c48216334757a2aeaa561034b4d907162a370b8f0bae83b34a09457fafe165fb5d7

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_ca.dll

MD5 39551d8d284c108a17dc5f74a7084bb5
SHA1 6e43fc5cec4b4b0d44f3b45253c5e0b032e8e884
SHA256 8dbd55ed532073874f4fe006ef456e31642317145bd18ddc30f681ce9e0c8e07
SHA512 6fa5013a9ce62deca9fa90a98849401b6e164bbad8bef00a8a8b228427520dd584e28cba19c71e2c658692390fe29be28f0398cb6c0f9324c56290bb245d06d2

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_bs.dll

MD5 e338dccaa43962697db9f67e0265a3fc
SHA1 4c6c327efc12d21c4299df7b97bf2c45840e0d83
SHA256 99b1b7e25fbc2c64489c0607cef0ae5ff720ab529e11093ed9860d953adeba04
SHA512 e0c15b166892433ef31ddf6b086680c55e1a515bed89d51edbdf526fcac71fb4e8cb2fadc739ac75ae5c2d9819fc985ca873b0e9e2a2925f82e0a456210898f9

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_bn-IN.dll

MD5 a94cf5e8b1708a43393263a33e739edd
SHA1 1068868bdc271a52aaae6f749028ed3170b09cce
SHA256 5b01fe11016610d5606f815281c970c86025732fc597b99c031a018626cd9f3c
SHA512 920f7fed1b720afdb569aec2961bd827a6fc54b4598c0704f65da781d142b1707e5106a459f0c289e0f476b054d93c0b733806af036b68f46377dde0541af2e7

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_bn.dll

MD5 7dc58c4e27eaf84ae9984cff2cc16235
SHA1 3f53499ddc487658932a8c2bcf562ba32afd3bda
SHA256 e32f77ed3067d7735d10f80e5a0aa0c50c993b59b82dc834f2583c314e28fa98
SHA512 bdec1300cf83ea06dfd351fe1252b850fecea08f9ef9cb1207fce40ce30742348db953107ade6cdb0612af2e774345faf03a8a6476f2f26735eb89153b4256dc

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_bg.dll

MD5 8375b1b756b2a74a12def575351e6bbd
SHA1 802ec096425dc1cab723d4cf2fd1a868315d3727
SHA256 a12df15afac4eb2695626d7a8a2888bdf54c8db671043b0677180f746d8ad105
SHA512 aec4bb94fde884db79a629abcff27fd8afb7f229d055514f51fa570fb47a85f8dfc9a54a8f69607d2bcaf82fae1ec7ffab0b246795a77a589be11fad51b24d19

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_ca-Es-VALENCIA.dll

MD5 2929e8d496d95739f207b9f59b13f925
SHA1 7c1c574194d9e31ca91e2a21a5c671e5e95c734c
SHA256 2726c48a468f8f6debc2d9a6a0706b640b2852c885e603e6b2dec638756160df
SHA512 ea459305d3c3fa7a546194f649722b76072f31e75d59da149c57ff05f4af8f38a809066054df809303937bbca917e67441da2f0e1ea37b50007c25ae99429957

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_ar.dll

MD5 570efe7aa117a1f98c7a682f8112cb6d
SHA1 536e7c49e24e9aa068a021a8f258e3e4e69fa64f
SHA256 e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01
SHA512 5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_am.dll

MD5 f6c1324070b6c4e2a8f8921652bfbdfa
SHA1 988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf
SHA256 986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717
SHA512 63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\EdgeUpdate.dat

MD5 369bbc37cff290adb8963dc5e518b9b8
SHA1 de0ef569f7ef55032e4b18d3a03542cc2bbac191
SHA256 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3
SHA512 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_cy.dll

MD5 34d991980016595b803d212dc356d765
SHA1 e3a35df6488c3463c2a7adf89029e1dd8308f816
SHA256 252b6f9bf5a9cb59ad1c072e289cc9695c0040b363d4bfbcc9618a12df77d18e
SHA512 8a6cbcf812af37e3ead789fbec6cba9c4e1829dbeea6200f0abbdae15efd1eda38c3a2576e819d95ed2df0aafd2370480daa24a3fe6aeb8081a936d5e1f8d8ed

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_de.dll

MD5 aab01f0d7bdc51b190f27ce58701c1da
SHA1 1a21aabab0875651efd974100a81cda52c462997
SHA256 061a7cdaff9867ddb0bd3de2c0760d6919d8d2ca7c7f889ec2d32265d7e7a75c
SHA512 5edbda45205b61ac48ea6e874411bb1031989001539650de6e424528f72ec8071bd709c037c956450bb0558ee37d026c26fdb966efceb990ed1219f135b09e6e

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_da.dll

MD5 d34380d302b16eab40d5b63cfb4ed0fe
SHA1 1d3047119e353a55dc215666f2b7b69f0ede775b
SHA256 fd98159338d1f3b03814af31440d37d15ab183c1a230e6261fbb90e402f85d5f
SHA512 45ce58f4343755e392037a9c6fc301ad9392e280a72b9d4b6d328866fe26877b2988c39e05c4e7f1d5b046c0864714b897d35285e222fd668f0d71b7b10e6538

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_cs.dll

MD5 16c84ad1222284f40968a851f541d6bb
SHA1 bc26d50e15ccaed6a5fbe801943117269b3b8e6b
SHA256 e0f0026ddcbeafc6c991da6ba7c52927d050f928dba4a7153552efcea893a35b
SHA512 d3018619469ed25d84713bd6b6515c9a27528810765ed41741ac92caf0a3f72345c465a5bda825041df69e1264aada322b62e10c7ed20b3d1bcde82c7e146b7e

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_el.dll

MD5 ac275b6e825c3bd87d96b52eac36c0f6
SHA1 29e537d81f5d997285b62cd2efea088c3284d18f
SHA256 223d2db0bc2cc82bda04a0a2cd2b7f6cb589e2fa5c0471a2d5eb04d2ffcfcfa0
SHA512 bba581412c4297c4daf245550a2656cdc2923f77158b171e0eacf6e933c174eac84580864813cf6d75d73d1a58e0caf46170aee3cee9d84dc468379252b16679

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_en-GB.dll

MD5 d749e093f263244d276b6ffcf4ef4b42
SHA1 69f024c769632cdbb019943552bac5281d4cbe05
SHA256 fd90699e7f29b6028a2e8e6f3ae82d26cdc6942bd39c4f07b221d87c5dbbfe1e
SHA512 48d51b006ce0cd903154fa03d17e76591db739c4bfb64243725d21d4aa17db57a852077be00b9a51815d09664d18f9e6ad61d9bc41b3d013ed24aaec8f477ad9

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_es-419.dll

MD5 28fefc59008ef0325682a0611f8dba70
SHA1 f528803c731c11d8d92c5660cb4125c26bb75265
SHA256 55a69ce2d6fc4109d16172ba6d9edb59dbadbc8af6746cc71dc4045aa549022d
SHA512 2ec71244303beac7d5ce0905001fe5b0fb996ad1d1c35e63eecd4d9b87751f0633a281554b3f0aa02ee44b8ceaad85a671ef6c34589055797912324e48cc23ed

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_et.dll

MD5 b78cba3088ecdc571412955742ea560b
SHA1 bc04cf9014cec5b9f240235b5ff0f29dbdb22926
SHA256 f0a4cfd96c85f2d98a3c9ecfadd41c0c139fdb20470c8004f4c112dd3d69e085
SHA512 04c8ab8e62017df63e411a49fb6218c341672f348cb9950b1f0d2b2a48016036f395b4568da70989f038e8e28efea65ddd284dfd490e93b6731d9e3e0e0813cf

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_es.dll

MD5 9db7f66f9dc417ebba021bc45af5d34b
SHA1 6815318b05019f521d65f6046cf340ad88e40971
SHA256 e652159a75cbab76217ecbb4340020f277175838b316b32cf71e18d83da4a819
SHA512 943d8fc0d308c5ccd5ab068fc10e799b92465a22841ce700c636e7ae1c12995d99c0a93ab85c1ae27fefce869eabadbeafee0f2f5f010ad3b35fa4f748b54952

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_eu.dll

MD5 a7e1f4f482522a647311735699bec186
SHA1 3b4b4b6e6a5e0c1981c62b6b33a0ca78f82b7bbd
SHA256 e5615c838a71b533b26d308509954907bcc0eb4032cdbaa3db621eede5e6bfa4
SHA512 22131600bbac8d9c2dab358e244ec85315a1aaebfc0fb62aaa1493c418c8832c3a6fbf24a6f8cf4704fdc4bc10a66c88839a719116b4a3d85264b7ad93c54d57

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_fa.dll

MD5 cbe3454843ce2f36201460e316af1404
SHA1 0883394c28cb60be8276cb690496318fcabea424
SHA256 c66c4024847d353e9985eb9b2f060b2d84f12cc77fb6479df5ffc55dbda97e59
SHA512 f39e660f3bfab288871d3ec40135c16d31c6eb1a84136e065b54ff306f6f8016a788c713d4d8e46ad62e459f9073d2307a6ed650919b2dd00577bbfd04e5bd73

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_fi.dll

MD5 d45f2d476ed78fa3e30f16e11c1c61ea
SHA1 8c8c5d5f77cd8764c4ca0c389daee89e658dfd5e
SHA256 acf42b90190110ccf30bcfb2626dd999a14e42a72a3983928cba98d44f0a72e2
SHA512 2a876e0313a03e75b837d43e9c5bb10fcec385fbb0638faa984ee4bb68b485b04d14c59cd4ed561aaa7f746975e459954e276e73fc3f5f4605ae7f333ce85f1b

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_fil.dll

MD5 7c66526dc65de144f3444556c3dba7b8
SHA1 6721a1f45ac779e82eecc9a584bcf4bcee365940
SHA256 e622823096fc656f63d5a7bbdf3744745ef389c92ec1b804d3b874578e18c89d
SHA512 dbc803c593ae0b18fd989fdc5e9e6aee8f16b893ae8d17e9d88436e2cd8cae23d06e32e4c8a8bf67fc5311b6f2a184c4e6795fed6d15b3d766ef5affc8923e2f

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_fr.dll

MD5 64c47a66830992f0bdfd05036a290498
SHA1 88b1b8faa511ee9f4a0e944a0289db48a8680640
SHA256 a9b72fcb3bdb5e021b8d23b2de0caeca80ddc50420088b988a5b7503f2d7c961
SHA512 426546310c12aeb80d56e6b40973a5f4dffef72e14d1ac79e3f267e4df2a0022b89e08bba8ab2ffa24f90b0c035a009bed3066201e30fe961d84ed854e48f9c5

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_fr-CA.dll

MD5 b534e068001e8729faf212ad3c0da16c
SHA1 999fa33c5ea856d305cc359c18ea8e994a83f7a9
SHA256 445051ef15c6c872bed6d904169793837e41029a8578eaf81d78a4641ef53511
SHA512 e937d2e0f43ade3f4a5e9cdeb6dd8c8ad8b5b50a7b6b779bda727a4fe1ced93abd06720395cc69a274ce3b0f7c6b65e1eba1ecf069db64edb80d007fbb4eedbb

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_ga.dll

MD5 3b8a5301c4cf21b439953c97bd3c441c
SHA1 8a7b48bb3d75279de5f5eb88b5a83437c9a2014a
SHA256 abc9822ee193c9a98a21202648a48ecd69b0cb19ff31c9bbf0c79dab5f9609b0
SHA512 068166cfdf879caf4e54fe43c5265a692fcaf6a9dcbf151335fd054bbec06260bc5ed489de6d46ca3fc0044bc61fa1468fea85373c6c66349620618ee869383a

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_gd.dll

MD5 c90f33303c5bd706776e90c12aefabee
SHA1 1965550fe34b68ea37a24c8708eef1a0d561fb11
SHA256 e3acc61d06942408369c85365ac0d731c5f3c9bc26e3f1e3bb24226d0879ad9c
SHA512 b0c1a9d7df57d68e5daf527703f0b6154a2ef72af1a3933bda2804408f6684b5b09b822522193243fd0756f80f13d3ab0647c90d2bed1a57b4a9fea933b0aa9a

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_gl.dll

MD5 84a1cea9a31be831155aa1e12518e446
SHA1 670f4edd4dc8df97af8925f56241375757afb3da
SHA256 e4eb716f1041160fd323b0f229b88851e153025d5d79f49b7d6ecb7eb2442c57
SHA512 5f1318119102fcee1c828565737ce914493ff86e2a18a94f5ff2b6b394d584ace75c37258d589cce1d5afd8e37d617168a7d7372cfd68dd6a2afcd4577a0bc51

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_gu.dll

MD5 f9646357cf6ce93d7ba9cfb3fa362928
SHA1 a072cc350ea8ea6d8a01af335691057132b04025
SHA256 838ccd8243caa1a5d9e72eb1179ac8ae59d2acb453ed86be01e0722a8e917150
SHA512 654c4a5200f20411c56c59dbb30a63bfe2da27781c081e2049b31f0371a31d679e3c9378c7eb9cf0fb9166a3f0fba33a58c3268193119b06f91bebe164a82528

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_hi.dll

MD5 34cbaeb5ec7984362a3dabe5c14a08ec
SHA1 d88ec7ac1997b7355e81226444ec4740b69670d7
SHA256 024c5eae16e45abe2237c2a5d868563550ac596f1f7d777e25234c17d9461dd9
SHA512 008c8443a3e93c4643a9e8735a1c59c24ba2f7a789606a86da54c921c34cbc0cb11c88594544d8509a8e71b6a287c043b1ffe2d39b90af53b4cde3847d891ba8

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_hu.dll

MD5 f4976c580ba37fc9079693ebf5234fea
SHA1 7326d2aa8f6109084728323d44a7fb975fc1ed3f
SHA256 b16755fdbcc796ef4eb937759fe2c3518c694f5d186970d55a5a5e5d906cb791
SHA512 e43636d8c947e981258e649712ad43f37c1aab01916539b93c082959fb5c6764c9c44979650092202839e812e6f252c6c3eaf66d3d195c1efd39c74c81ad1981

C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_hr.dll

MD5 0b475965c311203bf3a592be2f5d5e00
SHA1 b5ff1957c0903a93737666dee0920b1043ddaf70
SHA256 65915ad11b9457d145795a1e8d151f898ec2dcb8b136967e6592884699867eb0
SHA512 bec513125f272c24477b9ddbaa5706d1e1bb958babac46829b28df99fa1dd82f3f1e3c7066dc2fe3e59118c536675a22fc2128de916ca4c478950b9992372007

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 8fb8a919ac41ef05f33b612e817bf770
SHA1 e1ed084e38b375061630c118b5c0fc7b414c8796
SHA256 9d3ac6c13fbb864e090c12102053d128dda2df47eae3943111e325ca233eb5ce
SHA512 9221f407426b8b1b5748ae6bcb8885f62456ba55d29847c1cc054a81ca0e3e56556ed40ba66e59daaf78ea6c29a60a74b59c05a561549b240782fc0bd1f8ec12

memory/4124-548-0x0000000000200000-0x0000000000235000-memory.dmp

memory/4124-549-0x00000000732C0000-0x00000000734D0000-memory.dmp

memory/2812-559-0x00000000732C0000-0x00000000734D0000-memory.dmp

memory/3196-560-0x00000000732C0000-0x00000000734D0000-memory.dmp

memory/3196-724-0x00000000732C0000-0x00000000734D0000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 53f9f7c3d35caece4e5d4b07e3deb5d0
SHA1 a601c21af1dba42b67252e77263ad49fc249a65a
SHA256 d80c9f4d943b4f54f4eab128a8f583b2f1893307deaa166af4a86408d04d9203
SHA512 3ecba18da891542185d244e7bb387226ba31ee78e1e481958377ac138e9de9b776c868b44cf4956b5ab595e80f70c7a2aedc4dadfcc3c89476622a7dc65da899

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ab168073f387b9d36ebbda89abf037b0
SHA1 e9bdb9621520da5865d24dc16bf7cc3c27eb28ab
SHA256 fd4e471de675c24cc079b44c1499f30d64a336836a1487a6f98fce593a8f50b9
SHA512 a14564ec3d28bdd1b45f0fe0ef6dfdf9fc235dd8f32f29b8d39deda540aa89931ae04c66e23acd6df5f21ef8b14f0e62608cb06bdb02b3a3f2de2c3300a298a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 4406dc86f2b1daf83a386a0905fb8b2c
SHA1 c3346b19878c98427ee5e77bec200a58c852d3f5
SHA256 a62cac2041fe87aa86fc73344736d3f482aa3af7f73d8141eba71b1552eb3ed3
SHA512 2df033ceb814588a3e8d66ee4d9e88227183bd4ca76c9064339b000bff417c8356472679f1c3adfebfe8ec0b78b58939e80e929562bf143dacd4aed150aee19b

memory/3196-873-0x00000000732C0000-0x00000000734D0000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fb325282612627b7fa50bfbb0dd64340
SHA1 0fd843b5b408e2f6281622f5d96a399ec5eccf0a
SHA256 c005b3377438e4bb480dbb445d007d62d8f37fd6027b24fc0a85ae73fc341637
SHA512 deaac8d9941afad4dd8d03d61e94a285874c1f4965e91afd84b00516dd1ed83783f03c859f4796a474e449e35550561c3c605949a98f31f38eff3d0426731750

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 725701b1cecf8e788aa39a79e29352f1
SHA1 71fdb4d4950a242a5fdf18495821d96ebfb83794
SHA256 b14c1cb3cf5799fe7a93dcc7ab21d5efc59de9425b781cc19ad8a441b0ed374a
SHA512 1e4e585a500e4eaf567dfdc6740c54fafd78c8e0e092fbeb8141e02ad31163d72aaaf8151b47a4b8d6d75b27697b361fbb4174c31635150bdd19c6e25b1a3af8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2111c130782d084dbfea32352c74f487
SHA1 321f3b24e52e694441aab5d0e28acb274348b994
SHA256 fc75d03dcddd50f0f212da315d44af12ad328dbb9ad3f3d3e73a86b31a995b62
SHA512 fc6c8f2fc0eed637fe521ac46bd6430cf350d395426984a318974e49d34794bd5bca68823106df7e3399d6db745a118d53dd77eea3b6851098addf51b99ffab2

memory/4124-905-0x00000000732C0000-0x00000000734D0000-memory.dmp

memory/3196-907-0x00000000732C0000-0x00000000734D0000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 1a3b8cce1124347c7ba11aa524ee3fc3
SHA1 3a63531fdda655845ba6997f22efcfafe1322f6f
SHA256 a0ebacb553b2527b3e95c7d5468fb185cd69fb183851d1daaa4e2dca18185dd9
SHA512 342f78f2dbf0188e2d4d6639f492a1730ebf56bf5cbfc86f46b1c80f24071c6e7ecc026de0c6347d6b3d198dec072bb19368872e02ac2172dbbd96282294550d

memory/3196-920-0x00000000732C0000-0x00000000734D0000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

MD5 088e87ddb2c40f3095994e339b594afc
SHA1 2cc12dba4f3494555599e694d50aaa3a1abd34a2
SHA256 ff9c95010b284c696a195b3ddb357b3e006dec26ee3e301b8e283e35d03f1ec9
SHA512 c471af36df5fa3ddcbcaf35088a795e3cdafa15b1de569db3e4763cdd1085fffba4fc847dc9a323ccdfe74a1a66ed1d9c3973177271357de187dcfaf8fbe2c3b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

MD5 8adb35257977af9c83ec424616de9a01
SHA1 bc2b0f93895b081bb58aa6a873d8357dd683b392
SHA256 5e53ea6453da517a15374a9864f231084387e9dfbfb711990c05ed1def7ed66d
SHA512 dd70ae52f7199bc1c75d21159cc0ac91dce0feb529d115840a720479ab3dd0372742245d47fc9d196789574f617631f12b76a2032647cd5d84cc356a28d14472

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

memory/3196-1035-0x00000000732C0000-0x00000000734D0000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0e6de32fb54c6dc52b4d04a947e580be
SHA1 d7cd07589f0d1795ee7255c24d265813d2b27933
SHA256 609bdb6bc3f5a30583e70b9d420b28f2edf4bc35b17a83c8bb597b1a60ef861c
SHA512 e1ba0e2768fcf8aaf4c8809cfeed3d76d672c8305487bcae41927de1d0d6a7c56f20545dd1e96b738e572f9962120cb8939f87f2482c59480bf14b2c3990e087

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}\124.0.2478.67\MicrosoftEdge_X64_124.0.2478.67.exe

MD5 dabc3160a804b9fadd89ceb0fcecf388
SHA1 b52f15e866a18637683bdf0ea4eaa326b787396f
SHA256 53eb39a92ee0d2eb94f6d33c015097bddd9cfe5c4129d3ac9a9facbfb5087bfe
SHA512 74fc0f21d7cf99e07c079224e2af8a4a51bff98a97bc471cfedfbd3a28d3ee681fbd63fa7239948c3c0bf4f9af56dc582dd128f8c08b54cb73389e85f949f431

C:\Program Files\MsEdgeCrashpad\settings.dat

MD5 900946d326ed3f064ea69048cdf56e81
SHA1 3d770eb686bd930fe266de3d25cb9a6b2946c695
SHA256 ae1a16b3fe0283e101be99bb0330d5659b2a2eda31a03f6b1ea5c17e75383b4e
SHA512 49412cae164ac2af63228e9377fefaa08cbc3581c65ea0a5f4c95168388ab6b926ed93e4518700ddb94de9ab95e3441e1be5b5a754c6a5b67212ffcbbe558576

memory/3196-1081-0x00000000732C0000-0x00000000734D0000-memory.dmp

C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Installer\setup.exe

MD5 c31297188ec9fbaa60449f769339963e
SHA1 8502d9e0cef18137529f0a46ad6e69a1577e6cae
SHA256 2e2eff110475dd3dfd732ab514e4692032e67b2d228d0081634a87f45cde5ff9
SHA512 9525e3e08b953fe36270c7b4868959e9bded055c5577e5ca94d79606b671e6660d180f763b54a276bf356e82d7073901c373e0b40cfca924cc4b38384c20e22a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 3c8f3f4b9ab13beb5ee6bbcdd5651550
SHA1 8d009574353a905f77f75e68623311d9d84aa0dd
SHA256 e46b1c55f3947f30e2e1d197674a837de5a49a64b24aa8205dc313ddb80fb07a
SHA512 e5463c5a4fc3a6ef198d376b0029f211e43ee9adcb8bc68b2a742f1c266eb6a395512fbf7d3fab58f00cdd849d0b60829efed4888bc1c3f5c35497bc5aa32b9c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 23a3e15afb48791f898a86cf9b70843d
SHA1 f57540b3e3c586fc123350256441cc2a524658b5
SHA256 70d1cb614f3ba0ec48e77dc9e8b3b20022a7bc44e7284aad07338596c8d4813c
SHA512 6d47c96a8a4e5657cb19816f0f798938921c2d99612def8a450fe14190e7d158d748b521bdd0b8e0fbdde791e8d6cd15cc0b0d43cd81cbf0763b2e4a1d2768a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 136fdf3cd50305a0af3218a308181199
SHA1 79b76dda3ebaba0358a3293480862275c176f898
SHA256 6b362257ed4c3437e54888524fcfadeefa7253bdcf855b990963548b9b85cd06
SHA512 b3d0e834fdb05b33acb818022120a163510515421894fbba523c3e3cc862b5853008b65cfe5488dcd2b9621ff1be306623be4a6449b0d908e017031d96c0a58a

memory/3196-1134-0x00000000732C0000-0x00000000734D0000-memory.dmp

memory/4124-1141-0x0000000000200000-0x0000000000235000-memory.dmp

memory/3196-1145-0x00000000732C0000-0x00000000734D0000-memory.dmp

memory/4592-1147-0x00007FFA53230000-0x00007FFA5377C000-memory.dmp

memory/4592-1146-0x00007FFA54D50000-0x00007FFA55152000-memory.dmp

memory/4592-1148-0x00007FF63F5B0000-0x00007FF6405B0000-memory.dmp

C:\Users\Admin\Videos\Captures\desktop.ini

MD5 b0d27eaec71f1cd73b015f5ceeb15f9d
SHA1 62264f8b5c2f5034a1e4143df6e8c787165fbc2f
SHA256 86d9f822aeb989755fac82929e8db369b3f5f04117ef96fd76e3d5f920a501d2
SHA512 7b5c9783a0a14b600b156825639d24cbbc000f5066c48ce9fecc195255603fc55129aaaca336d7ce6ad4e941d5492b756562f2c7a1d151fcfc2dabac76f3946c

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Site Characteristics Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

memory/664-1229-0x00007FFA72370000-0x00007FFA72371000-memory.dmp

memory/3660-1237-0x00007FFA71E10000-0x00007FFA71E11000-memory.dmp

memory/3660-1234-0x00007FFA6FF10000-0x00007FFA6FF11000-memory.dmp

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 decc5b6a965399a85c132902bec4b303
SHA1 e3ddcd4995c75e0fc7723a000ba73461a00382bf
SHA256 e6618e90dc7ee813a79490833c69eec4cfc08cdaba420442c27b352dff1fd40c
SHA512 049c4bae23eba2c0f2395acbe2f3930f585a2ef19aa61852a1c2789d37c90275c0ed28bb94bf91c10fc58c5f6d015131bdaac37ce7ebd26792b8ea8984dac04f

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 b16e7d082024adbb0b55c2cadc931e49
SHA1 fb2dd23eeacbf4cd5b45b8a5409ffb6c28f7ef58
SHA256 31fde70484f6b3f166952f71bd085f8b40673acd42f00dcda42b09747b43abed
SHA512 85a1fa46b29ba5950141a1514427c58ffbbcd1a4330295545ee76c85a5ee6f49ac3d82929a884c509412095f0f02404c01045c31737f1ca2ba7063ef61c9b223

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State~RFe5eb39e.TMP

MD5 43ae45ad1fe98438a534a8aa0ad7be82
SHA1 64f78bf16791de630fbe68a0a420d27917cbffc7
SHA256 37997a3c79754c8e211ccf2cb1f63fcbc3b5ca4b0007492edfa587e068db8e54
SHA512 d4d2ebe192d00b6a7810c0b5090cf7811dc4d3cdc76e1c230dc25f7ae5cfa4e5f41d9b3d10194fb143bb78d9487092c2faa3680e780af3c7fceeced6fb91c3d7

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Extension Rules\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad\settings.dat

MD5 bd7fab506a834914686a8f13e5bd91c6
SHA1 e04208673d25e81a805b4bd6a817d8c4f9021b95
SHA256 10b567d442d8532ca57dc127cbe547f4c3c1fd1a2c1ca178795a156367164054
SHA512 5b2365961a416a929ccc7ec7d765bafae3a30e33832ab975b25edb945158139d42e289e1ba118ac1d4d950383230de0fd25ecd16eeb8bccb5ad0a3ec9ae3956c

memory/5208-1309-0x00007FFA72370000-0x00007FFA72371000-memory.dmp

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GrShaderCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GrShaderCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GrShaderCache\data_1

MD5 d0d388f3865d0523e451d6ba0be34cc4
SHA1 8571c6a52aacc2747c048e3419e5657b74612995
SHA256 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b
SHA512 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GrShaderCache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

memory/5208-1371-0x000001CA67030000-0x000001CA670CD000-memory.dmp

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

memory/5512-1394-0x000001BBB6F20000-0x000001BBB6FBD000-memory.dmp

memory/1528-1412-0x00000000732C0000-0x00000000734D0000-memory.dmp

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 35f078038de5cf94414a7a4578f3815e
SHA1 291ebdc1b34a916fe9604e26b1b8a66472e6bdcb
SHA256 19abeb518eb39f147e5a042dc9d1aba3b068849e723877ed9ec895eae85812d1
SHA512 4cb8c99680c284061540cb120339eb9eb710cee862427e65c5c5347563ea0b216a250507116e6f527fe55932def0e667501129c1a7bf3607409bdbf145919eb5

memory/664-1609-0x0000011200520000-0x00000112005BD000-memory.dmp

memory/5740-1615-0x000002C43E8F0000-0x000002C43E98D000-memory.dmp

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\SmartScreen\local\uriCache_

MD5 47d41a980668e9bfae197488d6d56feb
SHA1 8acd8919b112d637a18e4c2f79f61fd62d2a1e6d
SHA256 87c1ba0f3a75480bef554b38abd51d7858bbe2cff07d4fd29162b4468d2b6c43
SHA512 165cf9913129bab36c22399c3636960cff235313256262439bea6a1ed78cf80d65690254cc63148e7e13bb515b513037ab6be7d20efdfb12b07985339ada36fb

memory/5824-1726-0x0000023D7A6A0000-0x0000023D7A73D000-memory.dmp

memory/5740-1725-0x000002C43E8F0000-0x000002C43E98D000-memory.dmp

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad\settings.dat

MD5 e38d690459707f8801fc22873155503c
SHA1 232651199a9fb40d1202cad2727bb446e6d64dcd
SHA256 08a47de3b279c528421afb96965bc1bcff136ba3eabec02c54927399e71b45c2
SHA512 e8bdedc59294cab0e45e78e1a33ca142ce418532a700fc0a6c66611bb28acbc951fd159d727d55b0dc706c1b8d25525426063ee4cba0a0106aeb69e71ecf45f2

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 5e1c0a4b2b266e2baa5bd5649b596706
SHA1 e6f0ce27463056dfd6259432dffc6701cf15560e
SHA256 55c538424cdc0a76abb9fb8d60a90293e703d42280c8fb20c6e29e4d21c3b67c
SHA512 c483d0f50394f6e4b073a4fd24a5fabafd514dd727181f5ca5d8cd6048aab414457924bafd8bc93fc5eb7d0831b52c79ea4674df8bc55afea14103f321e604b4

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index

MD5 0b936182564717af4f46c03df728e148
SHA1 a9a5fbf22d005eccc796604996ff7e43d73f50d5
SHA256 6e867e5b09aede579f4ab281e612a429bcbab6f20c83092bbe1cd1306efa857f
SHA512 fddb4b262035bbc4104c2a3e8b27e37ef802f0461a3a2b50556dad369aa420b0eb5d9598b13e949a7faed5b8bb364fdcf7ea09b9ea4602c86f230bc7c594e33c

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index

MD5 07d78c16ef87822b49748cafa407649a
SHA1 89648782fd778774baec2a26bf1e7bcc9554e3aa
SHA256 3d18227a572b0571caf4ab7e8b0c68c71939542941dbc016d6afc0c444bc0db1
SHA512 3c22d472ea687ff5d5e4cdbd9ccf4a130d30ae34464b3bc7a627b8b45530f3883fdd0aa8344f1f9b6fb1aecb3f63e88f2b10e2566ef62ed671b54090bb7c4576

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences

MD5 cf5710072791b5c3f794192c4f208aea
SHA1 33f6f14b74ee954b60d25dacd8fbea921d3c6c8f
SHA256 1c95b85944a7a3bff9e00c98f6b2724c73437eab4a4c51fc2f7d26e1291d4b82
SHA512 b6e02434f9d589d8137d92ad5f82b44c35cf58ece37fa4bccd0abfe3dc670a315022d3d744f95c7d1ce63cf5b51e0c4e45d0018e37d6b4cbcac79ebfcd33e861

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences~RFe5efcbd.TMP

MD5 b0a6497aede89d2e00f3baa93f4d5bbb
SHA1 d3ad86a5cb9523322ac699eb0fc850bd9bbe7948
SHA256 937b2614d279d1d34be4b03f5b4acfc9d461c001218f50b8efedf9e19da72556
SHA512 87aeb50092ff4654211b8f24bff959fc9db4acc0879d1349f2c493605f137b3c730f46b032387e2eb4211c9cacc88337b1394f9239655bfa2ffe6824bb53c480

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity

MD5 fa385faa0165ce466f50df32e9e38e10
SHA1 2a8cd6cf5c3e4dfcd2a05b92f61eb69171cd663d
SHA256 566c9fdb991d494d866afa13e0709c50ac499b3738fe387758a916e8d5e26129
SHA512 fd1338cdfaaa4624f867127abc306b9ebb4cc88218c90898085356691e470e43497b64146968732796c840e8e17c1c1affb15d84c8211621fc51dc971548d3e1

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity~RFe5efcec.TMP

MD5 22b79f4ba5f2ea596f4ee98fb8cce1ac
SHA1 13c3908e2b4595d36bd447c6233cab06656bf4a9
SHA256 8cc2ba777c3cee9b83de6a51680f53d68f298033ddfe05e088d6713a8b09cb22
SHA512 324109fbd351d6e4384f18b62b0aa457a892d437a3d7d1f3c15b6704d14234c8e037500e3443b146e3b8a33a3e9389ff407ef92e3ec537553dd11e83d8632a3d

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\Network Persistent State

MD5 7f5b38c461a4b5bbde37d3c2608a8be6
SHA1 5c37faf73a4fbe4090b67b65150258e31ff70dd1
SHA256 904b6f51d75303411e83f91e95924c3bf7cef36cca33fcabde76b49f1a5a01be
SHA512 490211a02eb966d441f27fc202e31bd4941d778cdb163ac205038f04148625c04e8fa6c60c24e4456c2d928e43e4f23953df602dd7002f2e4d2290433d63cafc

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\Network Persistent State~RFe5efcec.TMP

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

memory/4592-1918-0x00000181511B0000-0x00000181515F0000-memory.dmp

memory/4592-1921-0x0000018129DE0000-0x0000018129FE0000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e1f1d96b68e3261cf312b541611c5539

MD5 3adb865c801399c412bc73840d3d8241
SHA1 267f8332eb7486bccd7a6730cfb4f5c2152b11c0
SHA256 10fb505b7ce30ce4bf5582248b17dd47f6a39635007bb77dc5d16b963baf9905
SHA512 609793331ce25c6667067b3616791f3ece470500f797343178948e4b7af18f275fdde226f542610d957b397651e12191aed58dbb88bc1c59eff4625e550160a5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 48e1e9fb3be10738635d1983c96f55ab
SHA1 056de67e06ecfc7d7bbebf2a6a416a4884150f6f
SHA256 965e9607c7d2dc9cde037a19de2d796da03d4132c7c1f16de3c0554e20e66c7d
SHA512 9c900b1ba887335924bbd175248c96636182312d11c8cceb5b349a9ad5a02c0f13ab4e19725c9e7a8469262458758079ca8371704560f1fe3d1ce0cbd696e75b

C:\Users\Admin\AppData\Local\Roblox\4155035591\InstalledPlugins\0\settings.json

MD5 30c7b2bdc35c650d2b65150241646816
SHA1 94d466a5f5159784155b6adcc9555bfdae4710c6
SHA256 0784d39379f0a4f971777844ba07550aff31a3d5e32ce1d1eff6f4c7d49b90b1
SHA512 8d51ef924b6c8f46a7ced69f188f2ea583ef3feb7fd84f51a8af8810c51e5099052e2c1513f15ac6fb83fecbef8c984fb4e124ff524c2b20a437943dc127465d

C:\Users\Admin\AppData\Local\Roblox\OTAPlugins\Downloaded\OTAData.json

MD5 7a39cae24c1d13e38fd10bcef98c80ce
SHA1 58d8a40b4d16215399749b563ba610c5cd3e4159
SHA256 72de5cd3124d642aafeb64a4562c31204bb506a5c4fe37de302849aef41f0d40
SHA512 8f51f5fe9890099039ef275e5148299a87bcbbc1a9aab5c279105b96efd795ef445803b4422060964b3b010c180c9b4526c82f84433669e4e365812f9642c80e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8d35aef231e002676a573e12dc26559e
SHA1 964efda20755fe5fe7d5a772483837624928ca2b
SHA256 f4f72bb91e9093b95fdc601f965dce11dd799528224848b12316b16b126eafd2
SHA512 d404e0f2b50981c21abd6b579dd5140d2a7f4bf863b62dd7a75da38539a671b3f748096d06718a81022256527e0434a3288f67716dbb6d34a287d7bf55114796

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 9c6fa2ebd5478cfb7b558f64bf7bbe6f
SHA1 137f1cbc448f08be15a7eee3408773773862b9c1
SHA256 66b0dc18bf4591e17c6fa8ed24b384779b4e6dab6410140515f1df6f8b612ec6
SHA512 71fd26de5ecdcfc354ba202df6f7de76b7481852f8ec8d99711577dc83b8c12e59c4cadda81c0350f70abb3eb54e6f528e0500f92f472ac9b19e9489c3229b90

C:\Users\Admin\AppData\Local\Temp\Roblox\http\5d34a1f5416fdc978c6e0c7edc7d67a2

MD5 c76ac26f80988d0fcf03874d625b86af
SHA1 b04a5e95018f8eca571daa4077e66626b9ba0de6
SHA256 3dca66141315cdee30f7604013deab2fcc1dd74af93f9630fb700b7606f531ab
SHA512 23ba1357212eb135ad87fcbb81bf73fcf2e189da34f08ca1cccd40d763a856e9ca8ce5514af395caeefca2b0dd3a6fe3b8d43e060c5baf5139fb357fedb90a59

C:\Users\Admin\AppData\Local\Temp\Roblox\http\95d98e1cfee595f720d12856399cbd72

MD5 39be6457e3ff988375205765c4660895
SHA1 8e946b84ba320df9c28aaa6e759e24719ec38aba
SHA256 1194e8aa1e2ff45887bca03f3ddee55de61436c660e162ae343ee64e7d146da1
SHA512 80f75601d5887291d0f2884945dd2ca197090431fb30dab6e6ee9ef601076950922a75f23a577dc58824a8ea7f57c48c1a742cdbc13a28215bead6b2b0b47033

C:\Users\Admin\AppData\Local\Temp\Roblox\http\b0cd0725ce628c802aea646becfd46a5

MD5 b7c03229a5a8d6586e4532281bf1bcf6
SHA1 e2cf4dcb1a5ed9ec90882b05fd92a1cb2d9b7031
SHA256 2f68626defe72fe2f0f653e4f329dc40a4da28ec0b6805b7e372df74503490e4
SHA512 4b33587bd1e348c0c3c90ab22556c1a1634c9c16a7986d5ca92cf409a6bc9a2d4ef6ff29f1c56fbaeea7ea42b9e6bcac980f3a13869c7321dfa94b3d4c68498b

C:\Users\Admin\AppData\Local\Temp\Roblox\http\3acc8af1251b7ed321f9b36da661d9ed

MD5 808cb55c51b6fc55fa6cdb17892dc876
SHA1 4487b86a3a42ff05e109800b1827c100390245c0
SHA256 eed0725bdeac66a2e53e7daaa033f06c360314d751df70176a0af3f23eb08c7d
SHA512 0d2e6534792e7d417a6fa8403f22397f406352a38bfe1019d87e0308d041b3e69d7defae77e2bf6b87adb3b7d59718efea7d5fad340847c681eeb293beb0f24e

C:\Users\Admin\AppData\Local\Temp\Roblox\http\0cbacc9a3c6aa07deb13db83f658936d

MD5 e3690a37568ee9fe7f191a17a47e2146
SHA1 476c939e0ca065001820946509e36ac2842fb1fa
SHA256 b8da756d34febd98745815e7ee643c49dfdf1adeece7fbdeda22487c06472f28
SHA512 c7b777cb3616fbe210b58c1e2395ffb378ffb36c2fed3af8c634e7d39667b9b433386d1a284f936a1d4e10e76c7a678e97216fe801cf95a0fc3fb313fc4514a3

C:\Users\Admin\AppData\Local\Temp\Roblox\http\a1aac6bdbb2642f3f23fbed64d042c3f

MD5 2c65a49f36fbe81aed88d7626a0112e3
SHA1 832fc429cd021f288f5ef9531e7dad6c9c6507fc
SHA256 eb8f138e67962a5c7db64722b78454da2e3c3d656ec8d72c9bec566f10a942de
SHA512 4fe7c7a7e439f6b43bc13af9291994ff913fa65ab1d77f162c97b18ae505b1c46ffb2c9236b7c9010580b095526a58204bf182aa5d476e3d0a006b2ca450d181

C:\Users\Admin\AppData\Local\Temp\Roblox\http\ceea000e430b7c9714bd62a61ef5eb0d

MD5 e6bf3b994b7bd85aa47c17406d367d2b
SHA1 b18be2803acd9576aaa72bb19116b09680f0cbd0
SHA256 92638ea5cef2b20242923fd21757df86c8c434ff12243d480250364b8480f2fa
SHA512 3e207bfe1b30c981fb533971769a4051c0c87ffbfcabc012606ec939c5b66f2bf59cefeb85c2b903856d6396584b2c96472965c11d90d6a1ac9f59b29cf3d664

C:\Users\Admin\AppData\Local\Temp\Roblox\http\0f10b6865c21c904e29f52a54a31f37a

MD5 38b25c1089062288a7a9a8876138e465
SHA1 d7dc1955cdabe9a50ef4f6b345c9012e3efeb56c
SHA256 e39aceee4952e730f1a101894520b046ff21156ebc79c0f8e070e87af20fdd29
SHA512 198469bc9aa03de2c29b322cee7714a67b1b421a8fb0b6ade7148f54fb5ea0a37f6afe5e80f052f41815174363ca2b2dc8395534c624f0f87d2f7a0e9d773dd5

C:\Users\Admin\AppData\Local\Roblox\4155035591\InstalledPlugins\0\settings.json

MD5 eaef4b677b2babd4fb7b29da0f065bf5
SHA1 655dc02137cacabfeebb0705832c3378062b1598
SHA256 c5a33fdff10981930005746e120f5cab8bd1321ea949ea5cd1b2e34a88f7aaf7
SHA512 7ddab6aac206bbd23350667487335e674466d66b3f0c425ec3789a62749bd6073eea1e1f5785ca539a0b7e0bbd8a83605191508d97c8280644088cc7d8161aa3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 cc48844c588d11dfafb5bdeebd6b091c
SHA1 01c73f282b4607b42502e1f99f12fd35c59cecea
SHA256 cf5d62816bea41ca8af8fb5a3adf47260e1d534ef99dec6c74294a9d648a97cf
SHA512 da0d881c8e5ed3eebd38a82a6abb3cef005fd6cfd842fa887b4369cbae283d442127b61c26fab5ab0360b39316244544a5ec697a5e5191181a3bdb2cdc21b595

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2fb128dd16864c66ce42fee9589dd771
SHA1 b7062f30b2d0413d124a3def5e74f82546ca3d21
SHA256 3005e46a6101105628eee0e862e6eb444f7844a3fe2f85072e1e18b37ce02e01
SHA512 b13d091dbb9cbe6aab4ed9fe8f986e759ea73cceaaa62aef82b504198a5b7517ee6b9834d253d30bf73bff8530af0ff204178331067fb09ec8d8a00604d3eec0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000046

MD5 7d3226296e6f9a7f1e8aefb7fa16ad10
SHA1 716c1e7514fa52ce0ed8aff4c728ecc10694f99a
SHA256 f0e6dc11909bad0f8c4045561be9424a50788db103a13b17d0594eda5abacea8
SHA512 db5d70f1743d54f489183a39a2b324d1d0ac0beca5e9ae4e003bd3e20f845570dd024a1bc20b6a3b77497e21098d6965f116df7d7cae9410d7fcc17b3baaef45

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

MD5 70aaaf736769e4a90cdd36b88b9fd97a
SHA1 a698112feefdde7018505f9aabf106df7029d3bb
SHA256 52d6e7540c790ef65fd662fe2d440d77a7ba4c40bf47a38ce9624fe1038cf23c
SHA512 9d42cfc115a964764f0231ae0ddbd40129b237a1ed203a757c721549a66fea5904e9d807cdce17717b677e959e2bd80f4742489d3928ae7c72b33350ea8f0b17

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8076770516db274f42602a01ce4f9607
SHA1 73076a9eb52bfcad166b3ff514a9a42b909a07ad
SHA256 8b47aec189162313fec852118b97210fc7cec160b14d21d80aa5e533ba989ff9
SHA512 48995b560686a9c75b4154490fa482590dfe526d4e80a102b3bfcc4ddc7bebe7fbd6a2dd22a6a7a1cb1001f6e2a58e0a28aa623ffa79b74c2d5669d507b1efe8

C:\Users\Admin\AppData\Local\Temp\Roblox\http\cb8a45c1430998ec1304e4c79176816a

MD5 933b1f5dc544d9868d257d80e517c112
SHA1 a8d55f9cd5f79ef7f6fa1ffb229d8bcfb30ce348
SHA256 51a66f59fb6018efd308234879746581b50566d967cf1fbf63fd3fb6917f1295
SHA512 6e03ebecd629ec937171a7a2d11a88c83c0267c0f153b86194683fc967f0e1c827e6393a39af735813a1cb3fe2297cd6582d2f7578355e797a5152dd92d6e600

C:\Users\Admin\AppData\Local\Temp\Roblox\http\1a1d7a8fb35b007494a82bd5304ba1e9

MD5 2414d644ab2dc0d3c58d8546b4cd7ea0
SHA1 77a854549c69f719657f5d404ae9391c705d88f6
SHA256 28be75fd24c5225fe212cbece08722d92c4d2816e5c3a0051294826a5fe79458
SHA512 02bc18971dd372438e6f93b0db0e29a2b647b7e1acc5e8d8321f73857b746c5523e7c720ddadb96363664fd5652c30d5e396f7128813dfc0c30fe7ea4086a229

C:\Users\Admin\AppData\Local\Temp\Roblox\http\8fbe2ad68bce1f4933b291c365e04e75

MD5 d6a9f27b18ba6c1cd064cfee32420a8a
SHA1 3eb4fe70132f76c96bf7f951070f437ba176fc40
SHA256 612baaa3a5eeebe00562f3ecd4490073f3313811613ead2948c1626128191506
SHA512 1126e9b53315742eedcb4e28bec6330c03cbeff2d311c9bca1e8280720ded31b6ad7f4f4b6899aaf23656ec46b19fc2ea6566226c1fbb1ded1c3790832d9fc1a

C:\Users\Admin\AppData\Local\Temp\Roblox\http\3e2504bf31b5aa0ab48a8ae5f1dc5f1e

MD5 6abaefefcacaf36071c43e9dc51f1bda
SHA1 a562a7fc46cec9c90e86fa570267864ef2249a20
SHA256 55941590b6aff4d570b3531c493c14c46eb687ed9e4de19200de1681987f75ae
SHA512 5fc4b6db68c03630673789ec5f5d017709e5a9011f25575c0e428f4a21c30e1f6664faa9e4ed456ae79c7ea0fc45db30b8d45ad9b4e2e94f49b27c50237872c3

C:\Users\Admin\AppData\Local\Temp\Roblox\http\0d8b0fd3715ff57ba968ae5740d39a12

MD5 a3366bed53be5f4fed574fc819a07072
SHA1 a79b59561cf06c8a209fb701567a67376d83924d
SHA256 ec5c1697be4eba9851b9a413c13e1a94f9846f6dba1d8d0fa33e1ca7292e8030
SHA512 f8424133bac79bbf7547bf7076cbaf0bd0767f220778275c36878bb982bb69bfe64aede42d67c9db009047e66bcf5eb9604205f6b0aa9a801f6827e2034399fa

C:\Users\Admin\AppData\Local\Temp\Roblox\http\fcbcf8ab7914469e06c8fa6ee80f2201

MD5 958ad6c1423022b1905d452d8772d16b
SHA1 a1c5aef3f0d7550f8a9ac31ac1e295696477c02f
SHA256 8965deb3f4a35faba9f087defdbc2fb071e006f283ee7e6b1ce250c6ec12a49f
SHA512 5185a342c83ca7770ecb1103d95d061cc17c80526f755ebfac53305947b09765515221ba65b43a98eff3860e47bfc7a15f51e67d0636de7596a6859ff20804e5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e0fce80600a43748c6cbc0ac23f6cfa2

MD5 3bf49259291542dfee0f89d587c177f1
SHA1 22328c74fce75f7918f6c4b3ca5ad9e1921db437
SHA256 971101824fc41a26f9b1386d72750a69298f4725f266edb3c93b21f9600d2916
SHA512 20366e5775f42da8e313d67ace54bed3b2a010a84d9b3422276a8b544186345683c00663ce4f541c9890f906344ca3400015bef988d4ffa7dd4bf1c38161e271

C:\Users\Admin\AppData\Local\Temp\Roblox\http\31e8a63e8fa08c8135be1c5384c3e0a2

MD5 1221a85cb03fd45c001ef47af9935e7e
SHA1 f209b998e8972ecf158f58270244b831d107ace1
SHA256 e7c79bc6240600fc94d67a9c0e9c1f563a3f30698d7cae3d19b1735865835d4e
SHA512 2e6846a2ea3bcf0892703f3f2024a0acdf277251c55ad9c65e61fb5a8780c67ec707d42818b3d98103504dda9984c109ec0f8e393fc063f734bbc7bce168ad90

C:\Users\Admin\AppData\Local\Temp\Roblox\http\1daaef2a5ce0ea927443fd099437bb55

MD5 e4a239995837749223ed2039a40a3a21
SHA1 b1cc97f9ffc3a367dd3a55a1a3342d59cb610403
SHA256 36ef28d0243f78f746ddc7abb74563980829c81dcfb91abcdaf6459bc7d374af
SHA512 ad81fe4cbaed589da0a3b97c20e7e5fc0deabf5910b1c41dc7d6e6e8b8f22486f71c9577886689739bdb87e34b330ce43cb60fb2e3c1305d77984ec78cc0879b

C:\Users\Admin\AppData\Local\Temp\Roblox\http\175af5595dfe9780b5b7b10ecb943336

MD5 0c9078c249c45630688d2af7e0574c25
SHA1 8fae18c0c69cf3a58abddcc9a55fba6d81aca2b2
SHA256 b0e7f0945d5de86014379ede1d9a9528a8c944534ab33e58c7b3be1b5706500e
SHA512 24e0cfdac58bc3714541bd39f6992bf0a4bd4c47e492edc40b72d045b4f06573d582d9f4e50e0c23f964ec678d857752caeec6a65ef89b70e2ecbefe749b21f0

C:\Users\Admin\AppData\Local\Temp\Roblox\http\b80d47fd48f8d137ca2aca87e1d00059

MD5 7dae317d3e65c483f462a48cee3002cd
SHA1 330c91065d277740b721b723ffae4e5511e8da2c
SHA256 ad244e68f3ae289677897bd171703b8ab65bb03b17621b3c8f61594b906f8b78
SHA512 966a981204a7979932981d8870704fbe3d4afc2a0306cf149117eeb30a54debf852c8ef04fda90fb2d1d1261daec60db390a4c9b9fa77740d14171335384ecc9

C:\Users\Admin\AppData\Local\Temp\Roblox\http\32c38bb4f4a560d621ab93aeb6ca5d7a

MD5 f7b60787135cc235066319d2412e77e0
SHA1 ff9e626cfeeb124bc95d830d20e13b15c6427c77
SHA256 e815d7145b898343e81a796bee29e8a71a678c9c3475a7b1107cdbefeefb6152
SHA512 bb21ace97ed300299a276844630c2b30aa0aab87a3a8684391bbe37a0ce7761c82011035f741cc1f596136043f1871d16b0238249d3b943b2c08fdaab8c0d762

C:\Users\Admin\AppData\Local\Roblox\4155035591\InstalledPlugins\0\settings.json

MD5 31a96e5887399089523a54e6540560be
SHA1 c74c2067d487089656333cd57aae67655299ccf8
SHA256 9133ced3e3a9592bdd4717e1a01c083a423f7c5581306883543aa6807b1135b3
SHA512 c6a339c7d1789b951a1612602f5e3985bff84205c6712a51cbdc7728a341dc3b51fc778ee0aa19e2d6c443be20a3693317038a1ded9d143f9c65d65e32b11971

C:\Users\Admin\AppData\Local\Temp\Roblox\http\ac0ab8f16fbb1afe5c7b089b5d5698e6

MD5 5bff0b6da657e8e4ed652a4a5faf57f6
SHA1 ad49b5a7c4734d26061b0eea4496fc41949bc5b2
SHA256 c80ae50ae40768b21e62b593515865bd729b4c0712a006cbaf374a66f14f956f
SHA512 146a0ca1c20471f2921f1c911692223b77c4f528f2de47da9df54c1620242230998b86be05b436a725e64665a008cfc21715e114fb0fd1b9e0786288ad20ff24

C:\Users\Admin\AppData\Local\Temp\Roblox\http\d8b4554062d011287069393d07af8706

MD5 a0c28b8252eda35f15ff0931e1817ac9
SHA1 3fa429b9d0b8926907abc63b81a301bad2442eef
SHA256 ee880812bbf7cc1f00cb363632e9746e7342cb5048765c483d56f4284e555a0d
SHA512 e49af44a8fa6e0c0fe4a5f55df2910ff43a6a9360d6e0ba507375487526fa4fae8c974763e4bb757e0907036141123920024adfb312f9d53703bf6d45a83956f

C:\Users\Admin\AppData\Local\Temp\Roblox\http\5b794cd8b1447c984ba301aa73a6625d

MD5 2740a9a1a4020c08f3ae9fce5509416d
SHA1 371eb56fa91013a45a38486d5d77ccc12ad03990
SHA256 239bce8cdaa04b7e91497dc8fad14e5af36ebf244712d7a04e37c2be5a0e0a38
SHA512 fbbad878010bb317d5ddc6de48c87d838db393fc52c564555883d07e62b77cd37a3584414566977fbaef792ce0d2a00cf851ce871e880d1cda34357d2fd4682a

C:\Users\Admin\AppData\Local\Temp\Roblox\http\4dd9b09ac0d9a7bb380a273db7cac4ac

MD5 d97f6e22eba42d95c89cfd439f36c1d4
SHA1 3a439aff0b80708f6510643f70997b897500d2bd
SHA256 25f91091126b2855bcb9c2daa26fec21fe7cc6d25319925a95a55a37cc840b6e
SHA512 52ca405f845e8313b0a04657eaa9a22d1c4fbcf758d5796d2deaf41c7ed6abc28e3597dc1f5d803c009360a63db4e686e6622fac669c252b09d2a3d8dc451e72

C:\Users\Admin\AppData\Local\Temp\Roblox\http\706b550a2be783fb6e220ca8181485e5

MD5 be4a508de308b15bf9c711a769ed61a9
SHA1 2b980f20a1466d2f1508bfaf8dc2a2558450c1d9
SHA256 0ac514138710cda19cc114cafa8a3fce046654dda1cce0915f525c6f5ed0b812
SHA512 dc71cf06e2466f17b843b96fdbec856b3b67df95105895597e73fad455340d4237f1b7cf91ac2906efb9efeac89515deb79a045859a0651420edecabfef8cf8c

C:\Users\Admin\AppData\Local\Temp\Roblox\http\bc27c501541df155b6fb12496e5bac70

MD5 f635924f866829484247044f991b14ec
SHA1 39c6f43e94e4b0d0ce9c30da5b78aab7fa5086f5
SHA256 30b18b2546442b630f0fb8c6a7c26419a9a73988e8e1a118dae5b7241e98074b
SHA512 ca145397fe454c2623651c9ccaf86fd15212fe83d758fab2f8de35e4ea00f8eb8f58aeecb2fc95a4ceda07c9bfa960ccc29b1a56c2bb317c94297c24a366be68

C:\Users\Admin\AppData\Local\Temp\Roblox\http\f469136d50a09240f313e4f48b35b40a

MD5 81927a5a1612202db2ce511c62ced773
SHA1 4414e92b078a515ca699a82cc3bc64a1e264e4bb
SHA256 a8a2313bedad3d93a06ce01ca1abb579013d083e2fec866cc22342713b7b6b2e
SHA512 33918119fc071674aac79062c0e4bab978d04cc957189cffdb8c1bb1c7add1bf7d9a0ab03b08d9e997bd8734266bcbc7a312b316f8303347e2aba876022e7cad

C:\Users\Admin\AppData\Local\Temp\Roblox\http\5477b96b8c7694aaab08397c539323cd

MD5 74efd118f986358ad4cde9a57e61dc32
SHA1 0cfe0335bb35298456edc9ed791e019b70266c31
SHA256 b973558fa71e5b3a07fe6ca6180c5bd0cffdb343af3a0d2e4e4e89b40b194ee5
SHA512 357ad98fcdea45563ac733ff39aae16b103a1327a063445b6febb89616a61fbcd140c2148eeef122965cae78c2158bb39bd3eacac6d6c70a58546489687dd733

C:\Users\Admin\AppData\Local\Temp\Roblox\http\7948b73360f27446739cb67376a2d7bf

MD5 6c261f23c63795849eba5b1ef6f17cf3
SHA1 464f91ce49db8b5546722bd62c4f59aae33dfc20
SHA256 e4274c467ca592398736e990eaa97a937f209768239400cd90ea59f9e58a27fa
SHA512 ab6f671b1939df79ee60a873148a1763c06fa880e2f17a23c9e09c5401120873167905e49be3abaf546b9fee33096b76a5573a473b72de3806c38a128ab91ab9

C:\Users\Admin\AppData\Local\Temp\Roblox\http\5c36700f9b5f405f69b210d702f6087c

MD5 94b44243d9e420ff19ff04f4e434b83f
SHA1 04687ed0f779c6873da97da0f16f042b2b459b69
SHA256 f76c45b8c4831588b971b25431b7b85f529a7214f99103ed82b4c2e97d9919e8
SHA512 b7778206ef730254f469214ace61b13f7031d0c4c751b2988decee93dd5a6c8336c40974af74b0aca6d42874d54e23dfcdfc743f5d633610aab2f05e948bea6e

C:\Users\Admin\AppData\Local\Temp\Roblox\http\0b39eb4053e10b7ff21430e80432eed8

MD5 be1dacdbf4fea39b16e7c11e286b7205
SHA1 28ae9237170d6fa225c54e7a36e35549d191d450
SHA256 3a6d14f833f7da8ddf3139d42e41b2b83d1ea0d4570db39d9c10dd98e33da800
SHA512 72cef9e399c0652a340cb12dd239cc0dfa14a2c832fa63f76dc442308ee9f91b41ddff62fb70331895716b61fdccd332f75c0ba2003f818900e3e6f260303176

C:\Users\Admin\AppData\Local\Temp\Roblox\http\d132016b6bd0b89da2690c24749f6ff7

MD5 2e2350147bec3587e3bc14b7a1e32c2a
SHA1 c275f45e728f71d24ac6d8b496865c218f972b41
SHA256 7ddec5794d779b1ad88ffec41f00c793f21046d18c930328d662a3c2d1c27d84
SHA512 670d3893ab1503dea9437b61b2b1488238d84d3703f94b74b5c20bb7bd26eaa0479e6d3d91319219bae1c1c357c6807101c5960ee2f29ff48475c0e6d9ac3adc

C:\Users\Admin\AppData\Local\Temp\Roblox\http\fcece68795e396ad03d6e2608d740126

MD5 0ba72ed050100e6779ea0f1c713ac441
SHA1 ff585cbb4b671bd3a04f3bdb2512a896ff07883b
SHA256 0949d1f525ea9da560f02a0447eb12a33ac6db673e89754b8f3d230e24ccfd06
SHA512 22c09e80f4af164d94ef40999572d2ce35bfb1dfacbd1762b380c9685889d515ed9aa064db4f8ab6746c8a26ea4ecffef9337014293905abb2f0cece7344b851

C:\Users\Admin\AppData\Local\Temp\Roblox\http\78e2b6ce1224c7617a6a8c90174aa783

MD5 22b25a819c414b6c626e5306888142d6
SHA1 e7d68968d0848af0e5203409227a1980dfeb4a0f
SHA256 275eacbd4554f5b0e4a4266514243c661edb1e4eea694a2fa01ac20a531dfcea
SHA512 bd04fe05aedb2cf10fef09648566834b019d40a6ec8532b19edcbb2348059984dbd5c04d6fd9579dac55f99a6b4de820cda159256d236450b0d0a51594e3b15d

C:\Users\Admin\AppData\Local\Temp\Roblox\http\0af1ae578b1c58a0e785712d31028c1e

MD5 4ffc139d6996c3eba2d40053423d07fa
SHA1 6da7d02805c626596d055c20cf084aafed9b9768
SHA256 0445b87f48bfd12bf0dae91d8dd7c20ee924212b4cc8be782c0a54193546f43c
SHA512 5af3417cdb0d099add05b22090b5aea9ba39069c4704d000aa323b859e47ea67328f616ab03b7b878ef8cce0d528ac0ff5c0f8fe305175b952e840368e0d4a81

C:\Users\Admin\AppData\Local\Temp\Roblox\http\77b3cd784a40d8349719b23b5c0e414b

MD5 05c43f778ddcf81fb06a2fdfb4f7624b
SHA1 616dade772feb66bb1b8dee218c7a5a39d43de06
SHA256 f4a00d60cb52477dfdb2eb264470e5daffd44139c118b73c80e8fdef16f9dd45
SHA512 a2443c678bc019dcc50fd7a49d5c19dfa0c45a7c43fffa24ca225f0f24b6839865288b2fe843bb233752fe59c712c54bff8d9b5c4e8ef5ff4ad8ef20b053feed

C:\Users\Admin\AppData\Local\Temp\Roblox\http\571e70bdfa73e0cdaa28fdbd2ca19ddd

MD5 bd289aae66f24d373fe9d4388f8ba9b2
SHA1 4d248d4f9aeffef2fdd953bffbacf81ff3ac8554
SHA256 78561a946c48755de0fce9695d30ab82d9e5dfce2eeb0ef6a0824282bc88a0d0
SHA512 50666175b0955dbdf933302016675f035df38deeef6b4a0e8d0cf40b6e3d2c3e4a089a5b78d75015e0048b2e7f91d81b69857004d55436437d3fa0754d1ef8a0

C:\Users\Admin\AppData\Local\Temp\Roblox\http\09f04b99b82b262e105a232e97395311

MD5 e3a0c050904f457b02b36bfebb1c0b6e
SHA1 a611605082957d8eb5dcb83939e1b6bd3d870bf7
SHA256 02c51e5a41d473f8e0befe8e5fb49073f0dec0ca88ee83e0e6a3c0ba3e18d399
SHA512 f2b6b3a7c193a951feaa1d5abeaf52316773d7895284e806f7267708672f6a7baf37191a244d2c044c785fe967d416353ab83517b28932b9e521172b89e22275

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e526d6628fea4b1243fbb953bdf85ac9

MD5 3964c0c8b23c560175f4b299e1a9605e
SHA1 6c155c8a5ece5d5d7340ee4ff0fcb730e4d2b0fe
SHA256 20dc4a3272ebc6ff5edf0494d9e6e2d06c690bb079a36bd04e074818f16a2dbf
SHA512 c6f53903aa3a14f3187bcec1afba4b5b07c10ebef6dd10a710f400996f2214703d29d58abff6e7e0025ea91a78ed2f799f69c542bea006dace570464acf90d64

C:\Users\Admin\AppData\Local\Temp\Roblox\http\848d350916ab0af9758cff8167a2aea2

MD5 0042d3425d57e55a4e8c899aa911012b
SHA1 f260334951b11b4ace9af45974e365ecbc6cb9cf
SHA256 f312918dae9b5ebf3028f14575ac8bdb78e7f152061fc59d0885ab7acb3e9581
SHA512 cbab405431b5a95ae3c9d3816b4a1c4d4a07cdc4dfcf64d0977ec80533a6029329db101ac36361114288fa18c769c85a3f238b13f63d2e1e83ef4ef64ae45521

C:\Users\Admin\AppData\Local\Temp\Roblox\http\be241f3cbd5449b0c30c651c4834e3da

MD5 2866f1aa81a7f9c354d34be6a58aa88e
SHA1 c470d8ad431f9876d7966796a503c15440a35345
SHA256 38baca61b0de1abef8c3a97557b6e246fbf9091d1193e3732f6011508e5f0a27
SHA512 1af43841070856ee4c509080c286285ef4850d9dd8507381a5045ed748ffdd09fc32843c0d18aaac70621a8ec88064f0a3b74036cbdfe91be207594f55b24ef3

C:\Users\Admin\AppData\Local\Temp\Roblox\http\73b0a5d180fa4202c3e9365c3d577fd4

MD5 2c2e29b04e1f7144017730d5b5ed8b87
SHA1 8a36310825cfb7d8ea6fd487afa46dde29147199
SHA256 6026fca2672513a7a42dc67687850d630434b2260621f77ef5b2634486048d5a
SHA512 bbd5097d544d3bea8b5e97f3262a4f7765b13d5c742c9df8fd07e6a56e7c021a41de575dc1c24749631eb1003db0b9548c634eba7d6d2701fe4035f0a5880615

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e665da7061b12f952145852fc21ef7ec

MD5 4cfd979bf14b07dfed01ef9a3b1279a7
SHA1 2e7aad8b8909d3117bb151bf4d34b608e3ab9c56
SHA256 589b00b0a2fbada62af8b7daa8755ce68420a009bf6ce7a53e0865fcf262f94f
SHA512 79a25e0af653d6ecb5fd1908c3652c6fc8ad3d0cf1e00510801bb369728dcbe3c5e1e66f73d058c511320badca3c8ea82f2baaa5e0682f304235b68f622685cf

C:\Users\Admin\AppData\Local\Temp\Roblox\http\90d821a0b7efe2541659a0ff6b31b88b

MD5 6f0ea4b31f2f55764db79b43833bf83d
SHA1 2522c29622377d611419babb3eba2e8cb13fe0e6
SHA256 08f380d19a3cf8307b098cdb5e9992ed1d29e5d15226340758a1af3cb4300c64
SHA512 6a5437574ce2db6feac98928a22c7002ce526501335ac00444190febe302dcab5f18ba33a5ae00bcd83f469b5f1cd356474c8cfd31d9992d186fdd0846db5641

C:\Users\Admin\AppData\Local\Temp\Roblox\http\be58ec8ab04ff195247b1536cdfb3d44

MD5 d1d2f476fd075d55fa0e77b3c507cb0d
SHA1 5976cdae821737161f6debcba500a2842f988f8c
SHA256 650bcfb9e1c7855d2b72865695c2f4d4212ccedb53584f089c26e2087cc65d41
SHA512 958c07812ae7e89143874ce4effb112eed3bec3436fc0b71ee70de38298130d08d89f6bce42d2b0696839f67be260791d121e81f46a4935f3985e241aec7b0df

C:\Users\Admin\AppData\Local\Temp\Roblox\http\f9cfb35c8f272d46d504f99d9c00054a

MD5 5a67e8e85c0ad7280e9f1ca86f138b77
SHA1 b9fc6b3311df7710e1251114946b93a72dd5d5d0
SHA256 09e7111ea12f1236be9b1da699f8c93eb68127d0a98f2ceebfc5c2d7b25f0ed2
SHA512 ac5e400ce21e5e2503a11642cf401ab5ad4e625a01ac87f1711a02a415fc924556d0d3e50386d17e29ec20bb99b5d3a2d0496dc2ac1fc1381b29774b826cd9ad

C:\Users\Admin\AppData\Local\Temp\Roblox\http\697aeac1e8e025f05cf4b76086fb70df

MD5 749deb1ff197b5082e2b07aa55a33d31
SHA1 08b4d7441ffa13b8dc3610d74a56d8eb11d8acb0
SHA256 e593f31edc529b51f9b253994d8aa93d8ab0bc8faf433e737b0a09e80cf2784a
SHA512 eff256220d72675ba4b23344191b963f7acdce9743af8be81020e2a74662d2f3f1b2735e686806b73198463c550b2d18921840271d515dca0b2d4ce226954d0d

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e385854d0ae9ba50e28a7a5629fa28be

MD5 0c889bbbf77ec231120674d4843ee0b4
SHA1 fd29658b2fa416059cb30a6729030b6a6b125e92
SHA256 5006fa1587ba1da5b7696daea22929c490049bc0f10661d9c79322b0a647efc6
SHA512 504d43f9104b8c56ba12ae9533ad3554858ebfb4f5b4b8b1692ba339deed831a66f5441a1e4706015cc59f4de4729c0128fe7da2c8c3d095b2993e92eec378f6

C:\Users\Admin\AppData\Local\Temp\Roblox\http\2d5ee01099db60480061c57d9831c261

MD5 839f812fb19680ae8e62c2ebe0355e4d
SHA1 a256751297a9f82a082bc4d5ef08d5d9d89a2c17
SHA256 b414e1186136cb1f46c6cdc69dc5b637ac5de6a390d67cf25907907c61b364a4
SHA512 f2209d8bbb8f7ce1e6b675cdd2da3a10bb450d50b4f73a596fc0639f201999f32d3c1a2418e0b92c918c0a667a5750ef122e4331361e0022b66a2fc5e489e5ed

C:\Users\Admin\AppData\Local\Temp\Roblox\http\fcf8e7398be5b1007fef514afffffa6c

MD5 864c04942289c1dee2c1aa18ea77f1c0
SHA1 1be7f1b6c2f1472adb9b34fb6f7a51d3d1ba161d
SHA256 9855931b8e0500c6753d77200447963d1981fa7f7b4fb34067bfedbdec0db442
SHA512 6f3934ea3ca2317756e45bcf065abae6cf34ab7c24e1847023ecee8e404294420f5cc978af2afcea986bf160eda88c020fa1b799f5ad75a5e3991e7268192dbe

C:\Users\Admin\AppData\Local\Temp\Roblox\http\6443205f8638cd85aaa1caed016b8ac4

MD5 20db412bf509b564fa765bbc0b917fbd
SHA1 938513617f173454649543b7c014ecc762ba5b5a
SHA256 8b7281d0d0576ed2b73ab842080238d7e006e1524ed48f423f61a86cecf3ad40
SHA512 f6c54fb0478c2df40776125a920621a1789d02239a78cdd3de8eb83a27a00464b2aaf8714776897a4b3ae5488da664befa604ec836fe12010a046d48eaa519a1

C:\Users\Admin\AppData\Local\Temp\Roblox\http\d4f8d4ffe8696350702fd146346140ac

MD5 084a09f4a178b2533a56610f28f252d4
SHA1 70c343a804ea4674a214d5ca8e24bce33cf662f5
SHA256 91b1a39172d8f6f0c98a2a3aaf8c137b29dcc4ed4c1bb4a3bd449dc16fb45e97
SHA512 fd8205ea2edc70743247666bf8ff414ef6038f6ec03bfc7590dc037024ca66eface1f3cc559511919058754a5dfc2224ca04368ed31df8aa942a7d9022b93e5f

C:\Users\Admin\AppData\Local\Temp\Roblox\http\c9d72083ee0b41e11170f5a9845c3060

MD5 92e9669fc7c748554c057eccb11a97e0
SHA1 d3fd8c1e136a2ebed238d95bfbfbf3ce61a385b7
SHA256 b29195912662d71be85e0db741dec5ef005d744d3aa0913dad8ad1e51c3aeff2
SHA512 cdc3a1b4c596fd3c9621e53887a9d503205a0d5f8663e1ee3366129ddbfa83f2b15bedef155eda2949f24d1df615ead664114310e3d3dd03f9fb2d95df2e29b2

C:\Users\Admin\AppData\Local\Temp\Roblox\http\5105c207d9317b50c40470887ccfd3aa

MD5 481555658adb9b672941de82171b343c
SHA1 7937e7bac46ac99e1897c00285fd23059828dc12
SHA256 5069797f8a4b926fcc5bcdb668c1f67ece5d5e8f05d6f19a260c55c9a67f289b
SHA512 aa9aae6ac82a3e320ce9c1b83883263d547a82369d8f31d3db0ce6d6bc5cd07ef96157ebf234d6e31b40b32e276c233f7c2c0856394a70d183bd64e03720737d

C:\Users\Admin\AppData\Local\Temp\Roblox\http\8aad44a486e1e94cb992a6a0e230f735

MD5 451b527070f0cfb1431ff5052642059b
SHA1 6021d49e6b87b9ae8fa64c3cfd0180d625c7d761
SHA256 b9391062d160f5bd861cf7e5ecda919954e84a87eeb3b000bf9b93c068057c9c
SHA512 3ec22e77061670685a576d96cc3897473d11c45c24e581688da54d8700b186d3583ffc23cc2c3395fd93af36afc45083058a2bad9cffb1362be8bf4edb20cef5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\aa3db4232d83f97f5e078c526e25a6e2

MD5 3e1ba08877dd32fe4178a730b0ea5e19
SHA1 c020afb22c7cde0c77a9d1d6be18ac8f1e62973a
SHA256 1a6447007e90d27fc71fa7bedef2219bda30eebc33447c2929e4488315e19641
SHA512 bad57ec1a48f686fbc5842a291c95f01db413600828b198b55615857bb1e50e4b3b6031d5896c8d7b9d6753c290c0253ddb83482f89c7fc348b8b80194a07286

C:\Users\Admin\AppData\Local\Temp\Roblox\http\d27efcc314894472628caf798daafe01

MD5 bdec8723e953241ac3edc46458a6ed7e
SHA1 783605b1587b096807a81e32c488be272e0ad581
SHA256 c31b000a001faa6e08026a24043899ee4941371ce464146a9c78befc2a796e4d
SHA512 221cf258c9c88c857e34fda1da4290c67c3a34459f86b828ab968f5e57b2be53eb4f7aaced83151576fb843a7f1166c267de0efb116740ab2ac2b37ca0cd4d93

C:\Users\Admin\AppData\Local\Temp\Roblox\http\afa231f024ffddec5f9d2963d20c450b

MD5 64c05df26d12845b64880218a48e1b3f
SHA1 6ae26e09d6c23ea9ba5ad92d3d40790948b36141
SHA256 e41beb094c8bcc0d8825e031ec9ca5b13e45b94f3c93601c31c10955cfdd8da8
SHA512 d6925cf4d6eeb5275a7c008723410edfe1dd24b9097656e8573f749864f8fc7c61dac61b05230de13a7b9b7b866528c04adca85ad83e8e2831c43b46a70d4c27

C:\Users\Admin\AppData\Local\Temp\Roblox\http\77fad0fb4662c6b81630ee443153aceb

MD5 183fe999017d5e5654364c0d8fd895b8
SHA1 64cbdd4bfac3c60803acfb2871a9fc8da27d318c
SHA256 3622ef17da158e25761124720a642153fb6eee615b54da286e731ca2920216ed
SHA512 d5026e42d343185e14360a292c6d13131dbdf081ba44960598e12652d99d999b4f5c70c5c02335596d18302b1cf64128a8bd06273237a48e2cc4eb0267d12307

C:\Users\Admin\AppData\Local\Temp\Roblox\http\74f7241d43fd3efbef367cddf2de0712

MD5 1e996f012273818bd88129d26108d8f9
SHA1 c193db2eca6d190e929375e617f45790cae442bb
SHA256 c7c8ee23804c70ae96b1399c2f6730543f10f7678f5e3ee36fcbce97245aa8c8
SHA512 40ea7f36824cb96dace8ff41b1e92a03e0f7e61cac33a3a81c81cba12714812504554eaa0f4344d30061ce1d89f231ab21cab164a008e1f68d18ccfcf5525173

C:\Users\Admin\AppData\Local\Temp\Roblox\http\251c7269a8dc64cf406e8c2d5f5cc688

MD5 7e7342c1c2e3602906a1fd64acde7735
SHA1 357de58a6c39a0fe4d7e4c13c16d8c1d25f9e649
SHA256 24a5a23ded1de17bc3170afbe5eb7debbb47f0ed7b2a4b5303bc899e927a99e9
SHA512 c6313b65687a5ce03772ff6f1edf761aa91f07a29f8b61db7edebf1beb5c548fbc53aba721ede32d4c4bbdd31361dc724c676d41c06278904291579d25d93202

C:\Users\Admin\AppData\Local\Temp\Roblox\http\993f844b48dbb84a0eece0b1d1aad326

MD5 c05764b76e6db0114c1d6200b56a3588
SHA1 5f96252b5a83e5c0810e4ba604dfc433ee449639
SHA256 427939d6cefb89facb6e71e082e42ed184f0883db715e0bd8ca832a316150430
SHA512 4c6c06afb99e99d6a7466ba40146b7fd02f83de16e5c89acbe64179860547f42dad0562b2a281706cfc6acdc5558e8fba5647874ff15d2778f3f6d8c1cd983a7

C:\Users\Admin\AppData\Local\Temp\Roblox\http\2da892c80dea8811c616fe5e0e6c010e

MD5 0dbe0b49a06c4093d004ec7d44303fd5
SHA1 2bac861a6075854f8dc8db470558936c36201aee
SHA256 b136004ec10d66b813386e21fc6c5f86d37071e01e8a82437676902eb3e63e8a
SHA512 1d306115aa97102b5d68552b591f5faeade373ff3a718d9f39dbeade32892e47fd921cd78e5dd71e91072476e5ad933ff9659ee5ea1d07133b55745f00c22828

C:\Users\Admin\AppData\Local\Temp\Roblox\http\28c39719e7218d9c2d686d4daccb1b72

MD5 25a0b3d9ce5e6e1cc4cc7f4cdb328273
SHA1 4d2dddbe9502a5373e6ea99771bb1de6e828b95e
SHA256 013275e837c61c631932167d47d5d9b838ba8b9863915d39f06d8ba4914df147
SHA512 20df5153edab7085594382f80b5d7c6afa5f2a84741efb46961e36331c94369a7c7302c9799676e18aab171cf398dae8f314395c22238de6f8450726c4c992c7

C:\Users\Admin\AppData\Local\Temp\Roblox\http\83eeeca932186715a9107df83747a179

MD5 e7ee77fadd485e9a35a1bfb4be99691c
SHA1 bf1aacc9fe769fd1dd111a1009473db1dcac7399
SHA256 d98e995f0160e551443de0eba015bf29192aea408469c2fc2d9c93a5c1c82cd9
SHA512 3ae849a12cabc409e435da98308db2ec0b86f8fa8624a23632ab0ea836a0aed001853eef600bb99f67f8f907dbb641c9c6bc37bbf959dd12c1bf2ad9c8147460

C:\Users\Admin\AppData\Local\Temp\Roblox\http\c677a51b0924e108a9b1485dbdf883da

MD5 e1e4307ebd3e7f8280c75be0ccd3b5bd
SHA1 3f2a56ac3ee57082ebcf4a1ca21001821286e77e
SHA256 10dcbda8315ffe2e7215b8d61dbd26b0553b438fe94b1bdf005758b1b96d9f94
SHA512 7f3ef600e2ecca826fc163d9092bfc10fcca9a9e6206ef29fe5d61902e3e9625bb2bcc07a58ab480ad19354bd0a1c56dd9f13c4e62aed22d87da146252144ef4

C:\Users\Admin\AppData\Local\Temp\Roblox\http\584bbf8c27b2f156742be22b280cc8d6

MD5 7c0764a501b7f8f1eab14fa7f9337a4f
SHA1 2e17a9b6d5bd740c4dc91af9311e4a6e77bd55ce
SHA256 dc0524c0d7f9f637466570c86adad7021f9316e42e69745bf8d27081a98f09d2
SHA512 dba17c07bc4310c556ef62f157dfd3a0ea1a617ffbbc4324f9a046bf47be9a2bd500921bf02bb79d9ac2df1aeca3745ee1cbd7f33bbdb80fe67e1adaa0bd82bc

C:\Users\Admin\AppData\Local\Temp\Roblox\http\477a618fe08d138e560e0c8eab9f3583

MD5 4f9c826223fb8d7fb603bac0b294a706
SHA1 44a185bf8edbfee521dc92ae012e6ed18cfae3a0
SHA256 e12f126277c8b35c48dc15cb2f37850ff5ab0816e5982eaeceb571c99bd17502
SHA512 ecf987dc0d416a7fb1779289a0bd9ba55625abff41491ec3731fd77950e91d5b454b17573be388766b20fc630ee3f125d37feda44e068d2ed0cd2a87be021fda

C:\Users\Admin\AppData\Local\Temp\Roblox\http\388a60aa5e51ff44455d359825078031

MD5 eb62ee1626b44f54b2c444a487ef84fa
SHA1 d3d918dae048e4ee9c9626608693d69c4c4ae55c
SHA256 bf2f079ca21684f382d094af52836d83862c93800e8e054c2f6bc0838c442d86
SHA512 68022f2ac538c51acc24065480cd23670efff68d56a4b5dec2c28316726ab82c81b48fbfe76c44f32dc32b0af75fe3e203aeb40610f34e2e5d75bc684f712381

C:\Users\Admin\AppData\Local\Temp\Roblox\http\f1c2eede7a115f0fd9ddcfae03372516

MD5 08ba91e62331009631f755289dcf7324
SHA1 03786d766cac0b39437b98cb61e65c25d16325bd
SHA256 c50ad1d35d0b3e81ef6780da13361923d7525a39db5c9cbc6c5344a0bf5e1380
SHA512 3fe207322d4249f92893d0eb7a93f455374849ca583dd0fd00c79790ab7bc7f0699fe16de332b767689e0a104fb272992ddc37e002b6962cdb6c66a63618e3d5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\bc70073e6562a1a0cb99b092be4629f8

MD5 acc9db15cdf0932e73bfd20b9857b80e
SHA1 cb6455b641cdaa693de88e9b0d1f422744faa35e
SHA256 f0e15f7608b3829d33eb8e057f31f21e931d9d2ab4814891b11ecf47494c141c
SHA512 7ca5152691d595acc0f0398e26f82c4cf491bea98f2c81e7a972af8fe763ef5926a716ea44112c2fa257ba0109b8848f8611f071b88902901bdee1d32a315913

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e5ba3b6fc7c95f933bacb9db38c93e80

MD5 0de2eda8831ddddda130102597e758bc
SHA1 0fa49f0691a4ae61e422a22b07fd4e5def0ae5b2
SHA256 2d60885d3492996ffe223ec6dfddb240eba00a9e03ac0506d3489edc4822e1ee
SHA512 f466e1ea3867fae7618b76a2895cccabb0f646f54bf8c4cb6cf6a5c2eaf4b8e31eb4f8b42971ee53c929241d9f40af6a684647cc09395cfd709774503f274b75

C:\Users\Admin\AppData\Local\Temp\Roblox\http\b39250833fce2d9f0655b124db089d4e

MD5 639a9c5f588be3e48a6bf5601215f027
SHA1 1ab7c1d3d5df21a05324853fb235b848945c351f
SHA256 4fd48841bac69eaaeaa9c936347395f5eab6fd4f5549d65cf6fc541884a4b2d7
SHA512 c3aced88385dbd9b10841f72c422b17cabeca80ad11af01222f8901b950be3b42467851d5ef61fa3a1d92f7977724926f765b8bc594655e93e116d04223497dc

C:\Users\Admin\AppData\Local\Temp\Roblox\http\ecc495a0b2b0470e25d688a9077fd977

MD5 741a45f09ceaf9cba7f0ee5b8aac236a
SHA1 aa6b59bba687981191db42af8a8b17dc0fc9150a
SHA256 92ee9b175404bf4aa4e346ebe4948ae5c0ee7edf5693778a5e6a4a1bed508eac
SHA512 97cb36fc2281753eb7a42f762c8ad5cdef7c14665214a71f33518f88cff24ec5e91267f834a6ea5ab0206457c7e9c730dcfb4f7a2ec527e3ce48877e2f34be6d

C:\Users\Admin\AppData\Local\Temp\Roblox\http\4130cf898fa8b448f1568bfb61305e94

MD5 86df60a0980b57864a2e2d68f857e0d8
SHA1 60c24af81c8406f05ee1721b374ab8a466d878a2
SHA256 ccdedffa29231d609157ccf22019e03a721e9ca248eabf12be511b76f795c247
SHA512 c025bcd3d21ec036712ad8e40afa7da973db770bf5b9b019c73ca8b99202c8e37999e6daaeab3f1c2190f84434a5e4657a8593e8a59066e0feaf38fcd8bc41e1

C:\Users\Admin\AppData\Local\Temp\Roblox\http\6d1b0fd2905f7655bf0108dd4e655991

MD5 efe7165d72ce56eef26da49dbefa586c
SHA1 b2441c50e501f7121277d205876ec6a5811c4e67
SHA256 4e12e3ed0da10924a1dbc49e464b0b07c017970c839f1c1cb4ecf5a8019d3ae5
SHA512 195b3d7954627b571226a4d5293b19dd0b7b565d4b295b494361ed81f3d9e1c193533dd0e53b2ededa326278294694286669095147d769c5de343aa611ab0238

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e4317e6c6a87bdf6f00c6c80866345fc

MD5 fa00f598036aff7c2e4728ff840efdd6
SHA1 7873ee7205e2817fc8fdcb3afdc275aab494ea91
SHA256 18fecafdfbf34c5b261f4acbd607c439e35177802c8002a0d88221258108abb8
SHA512 f72faa02c263ed200f7a296ed86ef5da614911c1cd212aedd12923ba551aabc44b33cbced8dac80aae67dc09988d53ee191755afe3d51383ce885750bb00a944

C:\Users\Admin\AppData\Local\Temp\Roblox\http\23f316746f014ce443f0b0adb0d9d90d

MD5 4843f2fc4404a016a8a7b7f5c352f877
SHA1 1446153b0498dd65dbb53b417d5ce5db49f0dec5
SHA256 46ec4647b950351b091ab0bb34d1964bf24b0eb58760175def7a4a1d7a4e09b2
SHA512 8d5198bd48be46a6aec5cb5d9eb6e75828f88742f12102a1f5091f9c8b51167fd6db13981fb875b032795b9407fa64cf3aa54224a64008262084dbfd3d98dc27

C:\Users\Admin\AppData\Local\Temp\Roblox\http\252921e7f19d826cf6778747e86132fd

MD5 e06fafb3ee051c215c7118dcb4a75354
SHA1 c72b3e0f2bb1139344053256bcc3ac48f590174c
SHA256 ea771a4652058a4110a95a6fa24c847e7a50cdfdd711f57e02f9c7caedda7908
SHA512 83008fcb8a91bb42f76568773c98e5dcf6658b0d7972d595eb7059b5a598faf80fcc8492351e9e98a6d3a9ddfc17fca742f07ffe4af644d99c087062ed7b14b0

C:\Users\Admin\AppData\Local\Temp\Roblox\http\5c288ffb1fe759d2618c218fa0d2bee8

MD5 c914fc7a80c8ebee4ddd7216cb8e63e3
SHA1 2e4bbbe23167be5f26e5f3e9f1e1b2409b38e7ef
SHA256 c718cff1df66ac36549451bc6de0535c3f2f9e74b4fcdcea38af9eeecc42a674
SHA512 7564812cd051e0970b3d06aa1bb839c8fae5d1e95e23615eea42d2f12b6284d06f2936cedd947e9d4d33c4656fec00494121d58cd38ddaf1ce2ad8be8685d0fd

C:\Users\Admin\AppData\Local\Temp\Roblox\http\bbd52b35df5f543d23b7f35ae9e845be

MD5 2de5aeee01688c41f23b2ddc07c0b442
SHA1 68bd21cd4284ff390c1f4f5f4b61c9ff3b8f2268
SHA256 3ceb6af768ce708d114195ea3521c71370ee69172d4d0cdaeb1efff406571d73
SHA512 ce845ebebe20efbfb1a0565e69cea69e3a4f3e71289ec68379565052a2e8a3e5ac873b52e74ea26f2afae7ff64c789c348b4b9d4426ac0c0d6547d9f12290090

C:\Users\Admin\AppData\Local\Temp\Roblox\http\98c582bbf5493f077bd8f59567067f24

MD5 ed3f4356a5aa9295ec58f77ab387582f
SHA1 99f94109e03097ddf835c06292ecb6142c93fdea
SHA256 60e6db5121cddd5bc13b1019c85b5d962599e2548c347ee3c7d944cb20ff01b7
SHA512 cc7869759564fe9d5e1580be978727c4b0da340c052db74f677bf7cc24d93da0b837d01ae0199c6404e02b49d08fe47a2fec7165cfad841f1b6fbb1d7e8d7fc4

C:\Users\Admin\AppData\Local\Temp\Roblox\http\bc86756c9d8f409a887054cf26a854b3

MD5 70461ebd3bf0f7a0beafcba1d52417ab
SHA1 53dd7894e76f0fe7c02f378d7c67107ed4a03d45
SHA256 e3ef21dd9efd05fd1260691d6dd47f76155bd0b5ef1ccb62ef1e588dca161fd7
SHA512 ccc18b368873c76fb25c97009bfd17e4456d488b16da511e61fe1dee031cce48bb25d507d7fb1237345bdc2191085bd384ce45ca98a5864d10b65b28650e553e

C:\Users\Admin\AppData\Local\Temp\Roblox\http\8ead55fcc97d21deacf012df5c33fdff

MD5 16e22cfdc829405af27279c364ba2f8e
SHA1 0c75b97959d7df1586db85cd1166f99c65603c68
SHA256 aa2f6c8bba8aec6b84f7ef8a7d8c30022097b784236806e63da1f0417124a3d7
SHA512 d1f6695e255f5b7ad498ce177a16591757d5570a4ea45d396f3fa159f5658bddcb7d524c102efdd982fd9ccfa557d984280c27e57484b8f61be512ce994d7964

C:\Users\Admin\AppData\Local\Temp\Roblox\http\3ca8206460663e9e944ccfb414623b40

MD5 816be237e27ddb79f9fe0c46efa0119c
SHA1 fe0af06e1155ba784ed6ce8b97849eb3fffb5f9c
SHA256 ec6063b82a1adc4187ee0e01f413d4b5ed10277605f741295658acd3f0ceabcc
SHA512 5ca3c5bca3f5559a500de1262c133a972e776dba7192e6cade152245c0e1118fac41c48a79dd0f15c78ef177294867f041bccd3eece6a388eadcc32da8efaf00

C:\Users\Admin\AppData\Local\Temp\Roblox\http\f40c00885cbd0588eebf8bd59a345579

MD5 9c0241f7306bbf3cd085509dd7840c99
SHA1 21c2a9c916d0e537c5662db2acb565615ef79962
SHA256 e2afaf1d969e104e2ffc22494e2f7e2ec4a0bda49b9de0dcb3bbaa3da9bc8655
SHA512 afdf2c9a29559645e08604b15f023475e8610f41f650f3527a4c2199fc4bda9c291bb24e2f337e00cfac6a5347fae125d8055f0af6eaca38b92ec408343cb9b0

C:\Users\Admin\AppData\Local\Temp\Roblox\http\16f7441682caf62a1789b9d3e75ec170

MD5 cb94125a0b01b9335f3c3c9a9c6cd60f
SHA1 85ae6cca4c661270b389c00299bf7f5d81fc3943
SHA256 afd92a2c0ea64515200f7dd1c6237f18b6d1bd2065296939697d34a3d4e1b0d4
SHA512 649155baa2d26fc6afd0496d11f37d9dcb588726806eec89be58faa54fcf3b90d1becf114c4e2f3964c98e93399b87bf5bb87709a7bd9a3540c7ddb56e2da555

C:\Users\Admin\AppData\Local\Temp\Roblox\http\0407c8d6df198f6864381d3e595ae971

MD5 703dee4351832fd18ef5b85c6e1bf992
SHA1 bdea9dbbdae401cd68814d9815a17bab6f3870c2
SHA256 8fb57fee0d1c996a828a3147fdd9a38e8d1624163dad101e4bc1d44894bc3d68
SHA512 d43b5dc41be38f5fbe30a51c1abcbbc5c606c9d911dd164b5106fe2bcf0310ae8b641299c5491bbd5ba66433d87ebd17dc8a487d88d56d0ee8e81309533ef0b7

C:\Users\Admin\AppData\Local\Temp\Roblox\http\06bf3774b39be975c53ba2193da7f90d

MD5 29abb94b78b9a73db28b7ba825833346
SHA1 fd6da6bc273d4a44067d8c2b625980ab8cc52aca
SHA256 d929c9d2ba98883044b81894da3e921de179d5915e1f92ca9d4df9cc89f1424f
SHA512 d5069ac2996929a5d1622f65ab450bd152130978b049f672b1a9f28cadcf724e317024bd95a11109e0ae488834ab184f5e4b10f6a21ba3329cf056a0b7139613

C:\Users\Admin\AppData\Local\Temp\Roblox\http\a1489d1b06ae2d917aae075e6fa9b8f7

MD5 5420558b929446bbd89f3d35e72b5836
SHA1 da46e5c797831b47c4d62fb9321c420c6b0ba50c
SHA256 12d1d581ac394291754c5b042baec0904c2f3b3be6a17e0a8761b32b6e53d507
SHA512 e125c8d668b2c73d583c528f6d35bf8a1c9558c594cb3aee98e25eda051f621a6924626d845f200442da65034dd77aa4a51dd1668c07b26611909f76cf9174b4

C:\Users\Admin\AppData\Local\Temp\Roblox\http\b597c88ce139f36dee5c4afd7d80a2c1

MD5 f195c3e8ddb6711a2feaad4aec69b8b0
SHA1 20b1011f280842fe6aaa58117a05f57cc17b6c69
SHA256 9c263d2a5db10ebc2d543bbd0c125bcc5da6c2245ed133fe0abb1b308f343a71
SHA512 52ed2e19a2b991880336b6b1694016f4c8e5a5e92a9dc989ab317f7f743f38dddaeba8fb5764826bfd9aa145028a1b3f9fa34a02f39c1e5162aef7ad282b0632

C:\Users\Admin\AppData\Local\Temp\Roblox\http\1cb6044427da36923148711b8796b750

MD5 ccdd89dadb2a17edd97a48f05de218ab
SHA1 c8829afdfda3e414304f09f588a9e00cd43de4d0
SHA256 8ebad66a66dec464ea8f6a70c240e6fac36d2155ef5460b2f1cc80451e9949ec
SHA512 79976e6623479c42c3b9babb2bbec208a8f13b580dc19419df33639e3922ab973e740fcf33c94841e833ef3ca8209b5b149d2ba5c064f08e3b6a526a651432f9

C:\Users\Admin\AppData\Local\Temp\Roblox\http\6c536340229d1bb052a390124806163e

MD5 8dda220de3bfd073f993acca9cce3f19
SHA1 c78e343e500f592bfc59de89dcf8548cd6fa1f71
SHA256 21710259e1dbf800de1bd2dd8e19f33cf70dcf6ad306f7738a23300e40d385e3
SHA512 d21115712737f5d51c7fc887a14bb7b9dda4b9db295ecf429623a20eee02b2868956e6d66907997f100395625c42464218c36e750224e02fe0245c0292fc9e1c

C:\Users\Admin\AppData\Local\Temp\Roblox\http\8550d05ebb82e2c3691bc35b7c166899

MD5 f3e7b2683bee3c3628f500d157a7184c
SHA1 17aa34cf9e45a2a10cc370ef0047d6ec844053dd
SHA256 66d177f97d367d8181feedc6db9f92f71dbabf58cef1355439559005be6a24ac
SHA512 48994f038f0cca5a1ad783d05490ccc209ac4ff2a9fc3b508d5225348d2202f9760ac6c0334d12f74ab8227eab5a412370459ab328f44177729f8fb6b8911088

C:\Users\Admin\AppData\Local\Temp\Roblox\http\38b0d496d6e95d4a4e1f049ecb71b4d1

MD5 60dc54bc02627b188fbc37f3c81899b3
SHA1 7065242d6e88ff9ed0e0cb891a9a6f6db2be5334
SHA256 35fd7f2804d4edd74c14cb7bb1534edc993ab7ce9e2d64be997b12ffa8ee5b16
SHA512 2b43c5d1f2ee4621055d94f3e04cbfed24371eea9a7c719f8392a993464e7d05635f59bf230e294c60de5656f421f4661bd5b1b8f286c4c15e79bf9c57d686c5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\ec9a7853aa53bb67f2099830ce97922a

MD5 0ab1d8c6659dc5952cb81416c8d9a85a
SHA1 16d889c645dd70901f87cc86f6db8a632b8518a0
SHA256 1ebc2f03253024917e0b562d101603c2f9e04aa70a05accc5e63eed9976ea0b4
SHA512 657a549264297c42e4783cdfc76baff2dab9b5b9c1f991b3aa8b16f2b8f87ccdb0c1a56edc23713ea7f34ffcc4cfc95b7fbba8d5fa06ea443610f06a00433f36

C:\Users\Admin\AppData\Local\Temp\Roblox\http\05e6fbe7faeaf27e476e2247265bd7e2

MD5 774331951556eabf4930f06518bfe5f8
SHA1 79a7b332357aa2b18cf400033bfeeb5db7614627
SHA256 c4239a4d05bd3e427245f920cd4eba313e0af75c819f89553c7b6758da9b4d57
SHA512 bf67dd1c1d57779578524ee404de1648d9a4d8ed7f524fd49643ec49c3165b9321d64bda2216cfb8617c32cb500eacc2966263dc03841af51ee37facb2b1724e

C:\Users\Admin\AppData\Local\Temp\Roblox\http\7209cd4fd5e4a48a4cabe7e3498368ec

MD5 643d56f3cc2d206fc1eeafd601a0e287
SHA1 0e55be4bc02d884a40a586b44d5728f9e8fefa6e
SHA256 637c7f57eea4b46821e968a691bc2181ac0ed00252691845fefd947a4c594f66
SHA512 10cb34ff5d98467c3de396ef4993a11c7db2545329ea473eb3ffe387f2663cfda6d21d31299f87aa3f298d2bfdb88d705b9236e9f71c48c22970713c2c3f75e6

C:\Users\Admin\AppData\Local\Temp\Roblox\http\92ca8d0a36e9ce06a1c3537675677ffb

MD5 ae7d26697baf4e3c0a4f7e4fd800f89b
SHA1 4f2472e39c964861701d80139cdc33bb967b2c34
SHA256 58c1370bf264ecee15638ab670a0af85f8bc3b974670875c757751fd116f4833
SHA512 e93451a30c74751ebd6996efb038016e28370de37bfbfe2fafd1f3c3817f2e720bc3b7d96e1c0e346f08e3c581d13f77a535c30c07a487f2c4a13b4da9970a0f

C:\Users\Admin\AppData\Local\Temp\Roblox\http\7df53404f56c9f1787b277ba9d17049b

MD5 ecaba5cf9469daab7c05847af2da45d7
SHA1 78d9c8d289db9815482249769dea663f4999cac2
SHA256 23946e247fe3bb06503a06be2b8e154d724a8c2e86fa4f441fc09ba1e5781121
SHA512 4204260b2efe3b4c95584394b30ad7957b154229828f0ac90a04e5167c7eb78f254777fad0d4fce9c5675fccc390dfccae2ecbd8d17e0e73bb0a6933605df7d1

C:\Users\Admin\AppData\Local\Temp\Roblox\http\852240b4203e72d7bfa66fcea2e589eb

MD5 547ffe689cd0af21ec616bd935f78b14
SHA1 36e70f429bea53fc2c8dd76eaad82f7bf9f3742c
SHA256 abf9ebe04321f9b8926304bc16041965dd79405783b7d3ea56d5fc802863bd9c
SHA512 3683baf37d3da8ac536ae4d2d852acfb49039b3c9d4ab42d972c23e2df6dbfd178a552ef023f48c43c6887161313d516914d26b7cca0c022e2741875d62e38d2

C:\Users\Admin\AppData\Local\Temp\Roblox\http\234369d070cc483f7122fd415837b73a

MD5 51d45f80859fca2ea5720897d7f1612a
SHA1 2a7d736969502784b96328f4fd1fc7697a099273
SHA256 5bf07b195c3902c69653ca0294f2bdbf9124df501af426b14d6bcdbb87d70745
SHA512 059455bc829431130377e4c8cee87ed3652b712eb46afa6f666d9e4aff7401b59068da840b91f4914d0752880cb2ed8c64a90e79e37f45b4b90996e44f2932b5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\68119f28ce3eca78171a6a8c8822e1bd

MD5 35e84ac53c5b6ac5714c5589d7d79153
SHA1 cedd01f0263fc9e5718b8e77b3467c14a35a1b53
SHA256 47da60997e22feaa88bff58bd2db6320534331990a14e2b64b6d665df77b931c
SHA512 7cbdf8f0eaee0c4e00e3813d1e558cc5aa305d6e9861255d721bfb655cddbf08c70fe61f686e79154f1c36e7a4b5c29f2ecf2776fee9eb0b7ac1da8c87e75dff

C:\Users\Admin\AppData\Local\Temp\Roblox\http\6e62dea9b6f892b37a40251f84c9e0e3

MD5 f48177bf38c02c3a2cb322b77d627f23
SHA1 e207f206d2f707e7feddc32c02883bb71015d23d
SHA256 4a8a4eb5baa01e72889b67caa16b69a4c2e8a07aa12f84ade87376f344b2fbd9
SHA512 bb3c4ba048199ddd3cf5d554a90c279d7b868871f1a0eea4ce27c641556fb3e483cf839e3f9a27a092021783a25d604c952fb1ea34528d722db9930fe48e38a8

C:\Users\Admin\AppData\Local\Temp\Roblox\http\1f571bce12b3689efa5586c78436d68a

MD5 aa1cb968768ba580f7e7d559906a49de
SHA1 1a6a0906ac3c68f859790103094a617e0439d77b
SHA256 b9e49fcb7d0be8aac8bf1d990f2277363077dbd34af7f5109a14bea85b9fd35b
SHA512 a72d7246405dea401b6e97963ea624772f65a7b20eacf2c358fdb73d7e5c2afac79b5cd39cd548ea8c43f14b5f03cc38deee8a495e9c7a1f264c1ca7de4f2411

C:\Users\Admin\AppData\Local\Temp\Roblox\http\7deb7c677f433c0b6c649020e88fe58a

MD5 d76037dbae4ae81158187aeced5816b1
SHA1 7858adc6bdb9f9b03fcb28746d7a0d08c297d058
SHA256 8113ac3b2c1f9a16f7c5a9be473b64abfa8c9689afcbcc30750aeb3077e3e27b
SHA512 e9e1b515c621e760968098b8e0a16e00cf1fc17b74065efd2f8793add04d5e506205df5d65be1db885fb958b9c5879ca728528963b4048bfe073d4249c0dc6eb

C:\Users\Admin\AppData\Local\Temp\Roblox\http\5a479665357e877c36a8bc4ebab8ac84

MD5 f5366499a754da1e3317be61d63cc243
SHA1 8689a3cc6a2e1af5dbd2b6c23b488283362bab0a
SHA256 14873e016597bf69824fb29a219f6d81befb11b19fe2e505544115b33f030e6e
SHA512 6920f31ed14ef4621559e67c75a69ecdb7832aac639c40febd98dcf9b7c02402510e983b84cd309bdcd7b0438b394cd6b1d11bd4c32c58488d24a5d38db930c5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\a116d80baa851750ec02ad98f6a28052

MD5 db41d22b9f9f4a43ff8916ff8d513da0
SHA1 00dee570785465bff97ec8a96ebfad3d21f1d248
SHA256 31e6f7d03515207ae87b2f9e9594fc94db77038fcc28ee3990689c6590b7547c
SHA512 df4e09d0f24ec1cf13ffa1a062f9d28a5d36d99b606f27f7ab757f82e4202e51ff4e033b6554b763e6f97c73bbe77b9d133b4b842469b96056654cc2f202124c

C:\Users\Admin\AppData\Local\Temp\Roblox\http\6105c4318cc0c25a63a6c9b8db84bc28

MD5 6badf7314b5d440a6ec8dea899d7872e
SHA1 003170f75f86922af2aa5bc4b2c3c41f5f14106d
SHA256 c13071122b4ff111c8ee877e0d8bde8f34ab3569df48fa81f6f4f1b0b0ba855a
SHA512 5fd8098470eb97e06e62f6d8753d3dbef34d8db6b3ff463cdc964e61e765ab844168170a64c837fa5d60c029a79ac0fe7cc661b9bae07acbaa2400120037aa13

C:\Users\Admin\AppData\Local\Temp\Roblox\http\b00de5dcbb5ba1d0d58ba82e9c2f97bc

MD5 9a3aa49a6c57739a171e507a3b0a90ff
SHA1 f3c154299bec91f215954c1df2b03f68fa08efa3
SHA256 6d61517c2a006e117a5d5032dc1be0f993f275b6d0c8a0fbef25bda8cfc12691
SHA512 0a02917b5eefba73d3420852a5c66719bae97bc3c8f9adfb2dcad89dee9caf5852f660a3e787d84e9b86e3793ae0605b2db10c0a1463e0f09a733b614d2f4c1c

C:\Users\Admin\AppData\Local\Temp\Roblox\http\a69cb57746105c17e5ffc24141320a40

MD5 e304b20b9ad1596ed700b3a772eda6e0
SHA1 06cce004b98cfe26eebe94fa5c2970d04c4fa910
SHA256 379a98d1e9bbf2f6b14592f062fd2a105b2890fe3b471d148600f94f83f3f06a
SHA512 c575d3b3bffeacc1cb797491c44a4cefb739cc4aca18d0cfe6a1487503a633cd4fc9b6141cb8eb9831e48211804d54c29107a73524789c4ab3803e9b7afea65e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 82ad81bf9e9a2a1a935fcc7d0e5c6a9b
SHA1 c278518caafc194b208c8dc2afe8d1fd5f69525a
SHA256 815cc52abec9f7f1a52a597ba32ef5876f5d788f42c9cee1b37dc7fc20b9d31d
SHA512 07521bd4e7cf2b1ae25ecf46c81e769d4ab38db0923835ddccd34fd9a1a40b44beeb3405ff9829a1dd456f63f446fb3f39bbf19bba612486386b309108f17894

C:\Users\Admin\AppData\Local\Temp\Roblox\http\2de8b71e249ec9f3feb3c539d524775e

MD5 cb8fc3d5e40fc8d7359b5fe5a2ae5598
SHA1 14ffc44ab2fef36788db1ed3b6c7eef2d8e87195
SHA256 7bf87857170b4373f60d87d0d9dccec03b4b40ad514b909b5f79eaac2bbb378c
SHA512 9c7ed34efd88bf94a0b677129471c4b3dc4b2d2f3e890c96f75c5acc09af07ce60791e9b9ae917ed57756b63a53ac8eecfa537cdeff2450968d0599b74782d90

C:\Users\Admin\AppData\Local\Temp\Roblox\http\017b3de9988fc8ea01060584b5f2a667

MD5 7e5ac85bba3791f8a7ad2f1d32d381b4
SHA1 b7e8d0c46da0944ce2091bc9bf20f31426938f71
SHA256 7aafbc908e5fec756e8688565a3b5ac2a090361a6582d0f6c5382f4e42d5020c
SHA512 682b8334d44467614c4868476f7643127d2f919b4fa550236addffbfb24af98bdf80edd876b0e19fec4ef59095eae8d179cfe8156a5fb1deaca3de4f1bd94854

C:\Users\Admin\AppData\Local\Temp\Roblox\http\d271fad040160659fb991dc5a001f149

MD5 1942c4ffcf7fa7fdd0672d63c5c69a9f
SHA1 f4fba1c5f32e23b7d9d8c67cb4ceed4262a6d9f7
SHA256 c9947d640ec9ac21c6f3e4cd4929fb9da6bd4e373abbd4ccae223258be1f596f
SHA512 e86d66e18cb109e443c42457ad67b0f1e00bc16c721de0108bcf224649c5c62a1ec888fd52cd552707fc801b7532ab8f973319d31a3cf221f186e36efb3a4c36

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.185.29\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe

MD5 b18c705b3c68cc49d9bf3649abc75c24
SHA1 6dc8963dea0f3185368790dee2a346301b4fa24c
SHA256 c2ca3135f3cafd79bf90d4cb3118943ca17f40e0d651d1fc32b1b3d22d1412aa
SHA512 7ac302c1e85c652bd897ce1af812950cd23a53c041af82fdcecb2314bbd1667bf2fc672dea40c21858e64befc9bf60190a4428f0b41c30317bb0e5ec7c00f71b

C:\Users\Admin\AppData\Local\Roblox\4155035591\InstalledPlugins\0\settings.json

MD5 f087a8a98e8eeb430647a220faadc7e6
SHA1 07de974b409f21161c95c58740a1945b3e88488a
SHA256 6d070cbc98f5f5e19b005410b908d6a5ba0d8f7c7b600f6d6a4cb2f128a028a9
SHA512 05bd7752aa7c39c759001c2f0205111552283d6a24549b9c63c56cdcbc7474f28fc156b50adf3135ad2d43595f686c716ca6706d85c33e3f641b4027b1908663

C:\Users\Admin\AppData\Local\Roblox\4155035591\InstalledPlugins\0\settings.json

MD5 5fd135ccab04e261cc7e684a416723e2
SHA1 8570d4713813067168417a2f3c4cb381b37e3b88
SHA256 2189091f9b4b58e0659e11be445dd6e065d01f28481ecb702ad9c183d45f21ef
SHA512 7d5b497ccacd816c7f8e7f02e85816b037068b3ffbcb759439dc1862b760e2fd53573d8e84e835c593bc578bbd3f43f05ab93bb35672ed9f6b3abd5537dd694f

C:\Users\Admin\AppData\Local\Temp\Roblox\http\c81813ea34dbe699086525727806025a

MD5 eb0d86faf070236a73c5825432f4efae
SHA1 f623bc103acbec6d5183331839a4040cabea42a7
SHA256 e3814c61a4d760fdcac055412aba5a9e38d8a83f45916e5e75e901dcc88f39df
SHA512 d351fea0538ec847b51615c760ddf49ebcfd800fdf9665df835add2802ab3d100480297a8833ee251e27cae2a5adef3e71058a581b9d392e225158030070f154

C:\Users\Admin\AppData\Local\Temp\Roblox\http\9fd0b17a3402934b24f3b349c8d753a2

MD5 59e7e73fef4a9df2680ff8fe1722014f
SHA1 2b9d42140ad6207b1e3f5cf8d66b345109cb1098
SHA256 05f280e512673a8f1358b88e8706bf5a763727dc16e8c43abe1be6129a820b57
SHA512 49edc88448345ee5bbb1093bbb62bb49b0ac3c1c0a29d4a862be76845fbbacff0347ea457d66e40f721dccb8071c18e4ca7f41cbce88d57a64a02ed400f4f783

C:\Users\Admin\AppData\Local\Roblox\4155035591\InstalledPlugins\0\settings.json

MD5 94b364b0498221180dfca6391c0669af
SHA1 fb89f0ddb2fc424e58adaf6006d52eea869e6f16
SHA256 e8062919e8999d123f1201bce59b2682ac21c8b3615d34a6ef379a3cba8173ac
SHA512 c73d9735b59815f2956fbc2523ebfa0aeee802fbb5613ab6f8965328db9feae0d144d428bc4ece75e8b5fb5db1ebe7f4cf5c6db4f171bb0b49c116657ca86d0e

C:\Users\Admin\AppData\Local\Roblox\4155035591\InstalledPlugins\0\settings.json

MD5 e6105b45ad4dc19d9a194949fbcb329f
SHA1 89f8da5cc3ed29cacd0b7be0232e7732bef9b6e7
SHA256 69fdd5235c52e763388ee3504111f75db101a85fc5d641a1b849b35c680033d1
SHA512 0c216c046bce5f7916c65e830cabb103092dbf46dc5e52b564515afb4376e0a90f438b9a917f54d2410d2d19e93fc0215f93a7ad2cce9f6f1e5c46ba5de665d4

C:\Users\Admin\AppData\Local\Roblox\4155035591\InstalledPlugins\0\settings.json

MD5 38ffc26612676f2ccb22dcc339deddb6
SHA1 ad47ced3d2c6bd3ef5b035738bb7c0ceb0c48aa2
SHA256 69abfa058fcda50e394b334255c014a0c81023fc8dd35ce13ff79f7627aa060d
SHA512 33e60b03c5268e5dec8e7853d5e8ba91fb28dc8245958afa699a0a5509fca78c43ab86c2c2f952c4f44e6441d5126e95c061eabb6ff0163ea44584c78159bb86

C:\Users\Admin\AppData\Local\Roblox\4155035591\InstalledPlugins\0\settings.json

MD5 a26a2313e1e39d53f6f16d39efde2380
SHA1 1c5b54f4ef062fca115b4f7bff7b240f8283c501
SHA256 1cf6eaf73f2f33ab3ff8013359afa847b26df4874a7de562c2709852e43f9436
SHA512 b659601ecb4d8223c61d243d276ba31f2a5d7586b329ba32d64034b31ef6f16eace447371f0c51f354828a8f5d2d2798dc8a6b16bae77688572739e4e03bad36

C:\Users\Admin\AppData\Local\Temp\Roblox\http\53d827d30453e92ea03c8733cb48667c

MD5 e45967bff9902faf440830e19883a3d9
SHA1 ab2b6905e47e4bf53906b5831787fd6249bb950e
SHA256 4090048c1f74e2439e333774045e75fea72dd9fdd129d643d342f5c2149f9948
SHA512 06fe0f8f7b899b6b5179d5a474311bfe85764f508012bfab9245abd1ccb9f9810d2789bf07ef975e905a7fb5e60520de4d7dce169793f00fbdaa2418e83ee1b5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\9081687e7cf992c195ad8b48756eb5d6

MD5 d0570fd3a4dbb40d97214328e1d490c1
SHA1 810a0f7147837dc2f75bb0800530c3f19e630d68
SHA256 cdef472a1fedc3254afb67c86028a5abff6f1efddcd6387c5f7e0f115a59acae
SHA512 61176285ea3a83b63045de772c0d868dd2fde320cba77f26c98401ee1598b21beb4e757d318623758127ea04c1538983246acb7f9918eeb014a65691e1d87ba1

C:\Users\Admin\Documents\ROBLOX\AutoSaves\Place_AutoRecovery_0.rbxl.lock

MD5 48d8cc6dba5053ae4b377ad79759c04e
SHA1 237875b58ab33dea57a09ea12ec2de8a9656b60a
SHA256 923cceca61fc81fabf50ba5d867a732e580b383e545263411b578ff14a6d766d
SHA512 a5c5d46b4bb0714c4511c4ac9d3b71a91a257890a1e0a8578b83f7687d3e18e4b86562affd07bb9fdcacb9c18c42f2d1af936b2d77c75c07e3b309bf7f75780f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 3ae1590613bf3f8b1018aba06b8f5b89
SHA1 968d0193b633f6b2c6bdb21a5192415de6a24778
SHA256 e6e7220248be739167f4ab80aa731e098a0557490421a5d0236cbbad279e477a
SHA512 a81220feca5bbb551cc5bc28da0222c414633f100cc1adb4fb3a3dfd2d44aa88e9e326202f70e9ed039b5b12aaf0114a1c681a40d2eccccde4de81c2ea6308e8

C:\Users\Admin\AppData\Local\Roblox\OTAPlugins\OTADataCache.json

MD5 11a17ccab96a24de7ffcaef84e378fcc
SHA1 73f18d2438e46d1006506ae6edd754e17ea25106
SHA256 05858b9864ab11fee682bb6e6028b56d6328dca077041f58f2989f24ae14d9c1
SHA512 e3d6fee7cfb04e5b03c0782b5f647032fe948ce2a85e225b0cdecd8f2729e6ef055caf171e0cdaef50179f3e90d01a1589af44a61415889f5b4cb18db6f6b348