Malware Analysis Report

2025-01-18 22:11

Sample ID 240502-sydlqadh93
Target sample
SHA256 bb76ed8606711a007d823cb620c4603537bc06fcc7e728f3a47efbd4b7c0d1c2
Tags
adware discovery evasion execution persistence stealer trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

bb76ed8606711a007d823cb620c4603537bc06fcc7e728f3a47efbd4b7c0d1c2

Threat Level: Likely malicious

The file sample was found to be: Likely malicious.

Malicious Activity Summary

adware discovery evasion execution persistence stealer trojan

Modifies Installed Components in the registry

Sets file execution options in registry

Downloads MZ/PE file

Registers COM server for autorun

Executes dropped EXE

Loads dropped DLL

Checks whether UAC is enabled

Adds Run key to start application

Checks installed software on the system

Installs/modifies Browser Helper Object

Drops desktop.ini file(s)

Suspicious use of NtCreateThreadExHideFromDebugger

Checks system information in the registry

Suspicious use of NtSetInformationThreadHideFromDebugger

Drops file in System32 directory

Drops file in Windows directory

Drops file in Program Files directory

Enumerates physical storage devices

Command and Scripting Interpreter: JavaScript

System policy modification

Suspicious use of UnmapMainImage

Modifies registry class

Enumerates system info in registry

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

Checks processor information in registry

Suspicious behavior: GetForegroundWindowSpam

Suspicious behavior: AddClipboardFormatListener

Suspicious behavior: EnumeratesProcesses

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

NTFS ADS

Modifies data under HKEY_USERS

Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Checks SCSI registry key(s)

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-02 15:31

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-02 15:31

Reported

2024-05-02 15:49

Platform

win11-20240426-en

Max time kernel

1049s

Max time network

1051s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\sample.js

Signatures

Downloads MZ/PE file

Modifies Installed Components in the registry

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A

Sets file execution options in registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU8868.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU8868.tmp\MicrosoftEdgeUpdate.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU42AC.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\MicrosoftEdge_X64_124.0.2478.67.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\EDGEMITMP_6074F.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\EDGEMITMP_6074F.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2E15E86A-61D1-4A1B-9E7E-468EFFBEBDBF}\MicrosoftEdge_X64_124.0.2478.67.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2E15E86A-61D1-4A1B-9E7E-468EFFBEBDBF}\EDGEMITMP_53FDF.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2E15E86A-61D1-4A1B-9E7E-468EFFBEBDBF}\EDGEMITMP_53FDF.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{54C661F3-D211-4AD0-8160-2FA1CEB4E09B}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU8868.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{76EB64B5-3AEF-4072-A0A4-F7671F328B00}\BGAUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\MicrosoftEdge_X64_124.0.2478.67.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU42AC.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A

Registers COM server for autorun

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\notification_helper.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\PdfPreview\\PdfPreviewHandler.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\EBWebView\\x64\\EmbeddedBrowserWebView.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\notification_click_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\notification_click_helper.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\BHO\\ie_to_edge_bho_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\!BCILauncher = "\"C:\\Windows\\Temp\\MUBSTemp\\BCILauncher.EXE\" bgaupmi=DDB378256049435CB4B852A41A5AF564" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{76EB64B5-3AEF-4072-A0A4-F7671F328B00}\BGAUpdate.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A

Drops desktop.ini file(s)

Description Indicator Process Target
File opened for modification C:\Users\Admin\Videos\Captures\desktop.ini C:\Windows\system32\svchost.exe N/A

Installs/modifies Browser Helper Object

stealer adware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU8868.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU8868.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU42AC.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU42AC.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\MicrosoftEdgeUpdate.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\Controls\XboxController\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\Locales\nb.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\EDGEMITMP_6074F.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\homeButton.png C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\Controls\DesignSystem\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\Cryo\Cryo\default.rbxp C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\content\textures\R15Migrator\Icon_AnimationConversionTab.png C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\InGameMenu\CircleCutout.png C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\Qml\QtQuick\Controls.2\Imagine\RadioDelegate.qml C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\textures\ui\LuaChat\icons\[email protected] C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\LuaPackages\AppTempCommon\LuaApp\Actions\SetGameUserIsPlaying.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Locales\ar.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\EDGEMITMP_6074F.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\content\studio_svg_textures\Shared\InsertableObjects\Light\Large\[email protected] C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\scripts\CoreScripts\Modules\InGameMenu\Flags\GetFFlagIGMControllerBarRefactor.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\EdgeWebView.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\EDGEMITMP_6074F.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\ExtraContent\textures\ui\LuaChat\graphic\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\BuiltInPlugins\DepFiles\RobloxClassic.d C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\content\studio_svg_textures\Shared\WidgetIcons\Light\Standard\[email protected] C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\scripts\CoreScripts\Modules\InspectAndBuy\Reducers\Overlay.spec.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\LuaPackages\Packages\_Index\RoduxPresence-50d7e209-c2fcb3b0\RoduxPresence\Selectors\getUserPresenceByUserId.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\CommunityLinks\CommunityLinks\default.rbxp C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\RobloxAppHooks\RobloxAppEnums.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\TenFootUiTesting\SharedFlags.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\ExtraContent\textures\ui\InGameMenu\TouchControls\touch_action_rotate_camera.png C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\content\studio_svg_textures\Shared\Navigation\Light\Standard\[email protected] C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\content\studio_svg_textures\Shared\InsertableObjects\Dark\Standard\BodyForce.png C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\Screenshots\Rodux.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\DeveloperStorybook\Collapse.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\content\studio_svg_textures\Shared\WidgetIcons\Light\Large\[email protected] C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\scripts\CoreScripts\Modules\DevConsole\Components\DataContext.spec.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\scripts\CoreScripts\Modules\DevConsole\Components\ScriptProfiler\Actions\SetFrequency.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\scripts\CoreScripts\Modules\AvatarEditorPrompts\Thunks\PerformUpdateOutfit.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\ExperienceService\MessageBus.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\Chat\ToggleChatDown.png C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\Qml\QtQuick\Controls.2\Universal\qtquickcontrols2universalstyleplugin.dll C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\scripts\CoreScripts\Modules\Settings\Pages\ShareGame\Components\ShareButton.spec.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\ExtraContent\textures\ui\LuaApp\icons\ic-favorite-filled.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\content\textures\GameSettings\RadioButton.png C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\content\textures\StudioSharedUI\RoundedRightBackground.png C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\LuaPackages\Packages\_Index\JestEach-edcba0e9-2.4.1\JestEach\nilPlaceholder.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\ExtraContent\textures\ui\LuaChat\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\content\textures\ui\Controls\DefaultController\[email protected] C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\LuaPackages\Packages\_Index\RoactCompat\RoactCompat\setGlobalConfig.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\Menu\HamburgerDown.png C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\PlatformContent\pc\textures\water\normal_20.dds C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\scripts\CoreScripts\Modules\PurchasePrompt\Misc\Constants.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\Controls\DefaultController\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\Settings\Radial\EmptyTopLeft.png C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\Emotes\Small\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\SocialContextToasts\Promise.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\CompositorDebugger\blend2d.png C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\PlatformContent\pc\textures\slate\diffuse.dds C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\scripts\CoreScripts\Modules\Flags\GetFFlagSubscriptionFailureUX.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\SocialPolicies\SocialPolicies\default.rbxp C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\VoiceChat\New\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\content\studio_svg_textures\Shared\Clipboard\Dark\Standard\[email protected] C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\textures\ui\LuaChat\icons\[email protected] C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\AmpUpsell\RoactRodux.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\StudioSharedUI\MeatballMenu.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Locales\mi.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\content\studio_svg_textures\Shared\InsertableObjects\Dark\Standard\[email protected] C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\Controls\XboxController\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\content\textures\AvatarEditorImages\[email protected] C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\content\studio_svg_textures\Shared\InsertableObjects\Dark\Large\Attachment.png C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\LuaPackages\Packages\_Index\LuauPolyfill-12e911c4-0c4b13ff\LuauPolyfill\Array\slice.lua C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2E15E86A-61D1-4A1B-9E7E-468EFFBEBDBF}\EDGEMITMP_53FDF.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2E15E86A-61D1-4A1B-9E7E-468EFFBEBDBF}\EDGEMITMP_53FDF.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\EDGEMITMP_6074F.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\EDGEMITMP_6074F.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\EDGEMITMP_6074F.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\EDGEMITMP_6074F.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2E15E86A-61D1-4A1B-9E7E-468EFFBEBDBF}\EDGEMITMP_53FDF.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\EDGEMITMP_6074F.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\EDGEMITMP_6074F.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2E15E86A-61D1-4A1B-9E7E-468EFFBEBDBF}\EDGEMITMP_53FDF.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2E15E86A-61D1-4A1B-9E7E-468EFFBEBDBF}\EDGEMITMP_53FDF.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\EDGEMITMP_6074F.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\EDGEMITMP_6074F.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2E15E86A-61D1-4A1B-9E7E-468EFFBEBDBF}\EDGEMITMP_53FDF.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A

Command and Scripting Interpreter: JavaScript

execution

Enumerates physical storage devices

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\System32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key opened \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\System32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\System32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key opened \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\System32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key opened \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\System32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\System32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\PROTOCOLEXECUTE\ROBLOX-PLAYER C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio-auth\WarnOnOpen = "0" C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\PROTOCOLEXECUTE\ROBLOX C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\PROTOCOLEXECUTE\ROBLOX-STUDIO C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio-auth C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "24" C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "43" C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "28" C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "8" C:\Windows\System32\svchost.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge\InstallerPinned = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "17" C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "39" C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "36" C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "35" C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "27" C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "2" C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "9" C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "13" C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.rbxlx\ = "Roblox.Place" C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\NumMethods\ = "10" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ = "IGoogleUpdate3" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\ProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\NumMethods\ = "10" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{C9C2B807-7731-4F34-81B7-44FF7779522B}\1.0\0\win32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\elevation_service.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachine C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachineFallback\ = "Microsoft Edge Update Legacy On Demand" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ = "IGoogleUpdate3Web" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ = "ICoCreateAsync" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\shell\open\command C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebMachine.1.0 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods\ = "26" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods\ = "26" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ = "IProcessLauncher" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\NumMethods\ = "9" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\NumMethods\ = "8" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\VersionIndependentProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\ = "PSFactoryBuffer" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachineFallback C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ = "IPolicyStatus3" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\.xml C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\NumMethods\ = "24" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\ProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\NumMethods\ = "6" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2551177587-3778486488-1329702901-1000_Classes\Local Settings\MuiCache C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.Update3COMClassService" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU42AC.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU42AC.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU42AC.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU42AC.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU8868.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU8868.tmp\MicrosoftEdgeUpdate.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4760 wrote to memory of 428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4760 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

System policy modification

evasion
Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe N/A

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\sample.js

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffe6866ab58,0x7ffe6866ab68,0x7ffe6866ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1696 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2188 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3100 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3176 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4292 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4392 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4568 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4692 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4816 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4896 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4980 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2472 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3304 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5012 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4528 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5212 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5172 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3328 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5396 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"

C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe

"C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe"

C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe

C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe -relaunch

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=6072 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MkRDQUQ1MzQtQ0Y0Ny00NDhGLUExREQtRTU3MEQxQjNFODlCfSIgdXNlcmlkPSJ7NjkyNjVEMzEtRjAwMi00MTg4LUJGN0UtQUZCODkyNzBCMDVCfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins1OTU2OEFCMS1GNzgxLTQ2RDEtODc2Qy1FRDE0MjM0QzNERjJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE0My41NyIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU0MzE3MTQyNTQiIGluc3RhbGxfdGltZV9tcz0iNTU2Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{2DCAD534-CF47-448F-A1DD-E570D1B3E89B}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MkRDQUQ1MzQtQ0Y0Ny00NDhGLUExREQtRTU3MEQxQjNFODlCfSIgdXNlcmlkPSJ7NjkyNjVEMzEtRjAwMi00MTg4LUJGN0UtQUZCODkyNzBCMDVCfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntEQkNCNjJCNi1ERUQ2LTQ0OTctQkM3My0wODBGMjI5NjkwNEF9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTEwLjAuNTQ4MS4xMDQiIG5leHR2ZXJzaW9uPSIxMTAuMC41NDgxLjEwNCIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU0MzU0MzQxNzkiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4504 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8

C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5084 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:2

C:\Program Files (x86)\Microsoft\Temp\EU42AC.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU42AC.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /healthcheck

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NzdEMTY0RjctRUVDOS00M0ZDLUEzNUItRTMwNjY3OENBQjhFfSIgdXNlcmlkPSJ7NjkyNjVEMzEtRjAwMi00MTg4LUJGN0UtQUZCODkyNzBCMDVCfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins0NTNFRDRCQi1DQTFDLTQxN0EtQjk2Ny1ENDY5ODVFMkRBNzJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTcxLjM5IiBuZXh0dmVyc2lvbj0iMS4zLjE3MS4zOSIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNTgwODExNDMxNiIgaW5zdGFsbF90aW1lX21zPSIzOSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{77D164F7-EEC9-43FC-A35B-E306678CAB8E}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\MicrosoftEdge_X64_124.0.2478.67.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\EDGEMITMP_6074F.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\EDGEMITMP_6074F.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\EDGEMITMP_6074F.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\EDGEMITMP_6074F.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\EDGEMITMP_6074F.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x244,0x248,0x24c,0x220,0x250,0x7ff7287388c0,0x7ff7287388cc,0x7ff7287388d8

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2E15E86A-61D1-4A1B-9E7E-468EFFBEBDBF}\MicrosoftEdge_X64_124.0.2478.67.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2E15E86A-61D1-4A1B-9E7E-468EFFBEBDBF}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MkRDQUQ1MzQtQ0Y0Ny00NDhGLUExREQtRTU3MEQxQjNFODlCfSIgdXNlcmlkPSJ7NjkyNjVEMzEtRjAwMi00MTg4LUJGN0UtQUZCODkyNzBCMDVCfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins3NDY3NUU1Qy04RjZFLTQ3OTEtODgxRC02N0Y2OEQzRDI2Q0N9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIxMjQuMC4yNDc4LjY3IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1NDgzODcxMTEwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNTQ4Mzg5NDIyNiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU4MzYwMzQzMjciIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5mLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzEzMWJkNWQ3LTljNjUtNDc2YS05MDc1LWUyNDk0ZjhkYTllND9QMT0xNzE1MjY4ODExJmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PWl3NDdWZ1JRZTkybWg0MTVnVHdiVXNNWFBYJTJmZ3JJSGxVdkZXU2lvYXYlMmZvTm5BSllKVEltWkp6MFJ4NncxM2RBZ3NwWjV3RkVQS3RxNyUyYlF1cTY4NkFRJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTcyNzIzNzY4IiB0b3RhbD0iMTcyNzIzNzY4IiBkb3dubG9hZF90aW1lX21zPSIyNjY5MSIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU4MzYxNDQyMzUiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1ODU4NTk0MjQ2IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI2MzEzNTI0MTUyIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iMzY2MSIgZG93bmxvYWRfdGltZV9tcz0iMzUyMjEiIGRvd25sb2FkZWQ9IjE3MjcyMzc2OCIgdG90YWw9IjE3MjcyMzc2OCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iNDU0OTAiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe" -app -isInstallerLaunch

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2E15E86A-61D1-4A1B-9E7E-468EFFBEBDBF}\EDGEMITMP_53FDF.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2E15E86A-61D1-4A1B-9E7E-468EFFBEBDBF}\EDGEMITMP_53FDF.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2E15E86A-61D1-4A1B-9E7E-468EFFBEBDBF}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2E15E86A-61D1-4A1B-9E7E-468EFFBEBDBF}\EDGEMITMP_53FDF.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2E15E86A-61D1-4A1B-9E7E-468EFFBEBDBF}\EDGEMITMP_53FDF.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2E15E86A-61D1-4A1B-9E7E-468EFFBEBDBF}\EDGEMITMP_53FDF.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x244,0x248,0x24c,0x220,0x250,0x7ff6cea288c0,0x7ff6cea288cc,0x7ff6cea288d8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=3840 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5196 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3892 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4540 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=216 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=4968 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=6200 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6292 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8

C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:DnzAnXuKw9eYghys8Fqrr_qi7bK42wAEiy3glQn4VYDH_ZLxwmCXdslVeT0Ulfb9s3zUxWHOYR4Lizu7p8xpaLNyy-dDGlh1x7mj4BTAOIFVgvZkBAp0KEcANsOZwL0APuKSoKCLYTvkEb-31D4Wf4frEdq2ld_FUtIyae9ABbNS4FM6lk2bVjhAjGG-bpU80A7OTDnR0b6usI91_gHMjIIkko05WYH4bDbJKUXvXJg+launchtime:1714664114324+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1714663963941008%26placeId%3D2753915549%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3Dc2b140e2-41cd-4322-afad-06956baf765e%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1714663963941008+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NzdEMTY0RjctRUVDOS00M0ZDLUEzNUItRTMwNjY3OENBQjhFfSIgdXNlcmlkPSJ7NjkyNjVEMzEtRjAwMi00MTg4LUJGN0UtQUZCODkyNzBCMDVCfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntDRDNEMUYzQS0yNDRELTQ2NkQtODMwNC0zNEY1NTFCM0Y3NzV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIxMjQuMC4yNDc4LjY3IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1ODI0NjU0Mjg1IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNTgyNDc1NDE2NCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU4NTg2MTQyMTAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI2MzEzNTM4Njg0IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI2Njc2MDUxMTQ1IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iMzM1IiBkb3dubG9hZGVkPSIxNzI3MjM3NjgiIHRvdGFsPSIxNzI3MjM3NjgiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIxIiBpbnN0YWxsX3RpbWVfbXM9IjM2MjUwIi8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe" -startEvent www.roblox.com/robloxQTStudioStartedEvent -firstLaunch

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 623, 0, 6230555" --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --enable-features=MojoIpcz --mojo-named-platform-channel-pipe=2532.336.12217195397381761707

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=124.0.2478.67 --initial-client-data=0x17c,0x180,0x184,0x158,0x18c,0x7ffe50b9ceb8,0x7ffe50b9cec4,0x7ffe50b9ced0

C:\Windows\System32\GameBarPresenceWriter.exe

"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 623, 0, 6230555" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1780,i,4998448274985824269,5458823139138981001,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=1772 /prefetch:2

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 623, 0, 6230555" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --field-trial-handle=2004,i,4998448274985824269,5458823139138981001,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=2020 /prefetch:3

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 623, 0, 6230555" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --field-trial-handle=2180,i,4998448274985824269,5458823139138981001,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=2188 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 623, 0, 6230555" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3480,i,4998448274985824269,5458823139138981001,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3476 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 623, 0, 6230555" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3668,i,4998448274985824269,5458823139138981001,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3620 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 623, 0, 6230555" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3460,i,4998448274985824269,5458823139138981001,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3712 /prefetch:1

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004B8 0x00000000000004C4

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{54C661F3-D211-4AD0-8160-2FA1CEB4E09B}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{54C661F3-D211-4AD0-8160-2FA1CEB4E09B}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe" /update /sessionid "{D218110E-7580-4EE6-8F1A-783C1680E365}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RDIxODExMEUtNzU4MC00RUU2LThGMUEtNzgzQzE2ODBFMzY1fSIgdXNlcmlkPSJ7NjkyNjVEMzEtRjAwMi00MTg4LUJGN0UtQUZCODkyNzBCMDVCfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins4Qzk4QjVEQi0zNDc2LTQ5NjAtOUU1RC1FMzMwM0I1MUY1MTN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTcxLjM5IiBuZXh0dmVyc2lvbj0iMS4zLjE4NS4yOSIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijg5NDg1NTA1MDMiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODk0ODU4MDQ3OSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMCIgZXJyb3Jjb2RlPSItMjE0NzAyMzgzOCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTI0OTUxMzA5MCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iZG8iIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzcyZWQ4MDg3LWVlOTgtNDI5Yy05MzMwLWNhM2MxOTNkNDFhZj9QMT0xNzE1MjY5MTU5JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PUtQWFZkSUxja1VlVlZYcVJEZ3VQUTB6b0pyMUF2VVVHaGZ6cGlBa1pUSXk5NXI5SVZXMmR6NGJObkZLRU14WWg0a3hCeVJWdU1Fa3JTZ1dnN1dobkl3JTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMCIgdG90YWw9IjAiIGRvd25sb2FkX3RpbWVfbXM9IjIiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTI0OTUyMjE2MSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNzJlZDgwODctZWU5OC00MjljLTkzMzAtY2EzYzE5M2Q0MWFmP1AxPTE3MTUyNjkxNTkmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9S1BYVmRJTGNrVWVWVlhxUkRndVBRMHpvSnIxQXZVVUdoZnpwaUFrWlRJeTk1cjlJVlcyZHo0Yk5uRktFTXhZaDRreEJ5UlZ1TUVrclNnV2c3V2huSXclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNjMwNzkyIiB0b3RhbD0iMTYzMDc5MiIgZG93bmxvYWRfdGltZV9tcz0iMjU3OTIiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTI0OTU3MjE2MyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5MjU0NzQ0OTAxIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PHBpbmcgcj0iLTEiIHJkPSItMSIvPjwvYXBwPjxhcHAgYXBwaWQ9Ins1NkVCMThGOC1CMDA4LTRDQkQtQjZEMi04Qzk3RkU3RTkwNjJ9IiB2ZXJzaW9uPSI5MC4wLjgxOC42NiIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1ODYyMDA2MzI3Mjk3MjAiPjx1cGRhdGVjaGVjay8-PHBpbmcgYWN0aXZlPSIxIiBhPSItMSIgcj0iLTEiIGFkPSItMSIgcmQ9Ii0xIi8-PC9hcHA-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IjEyNC4wLjI0NzguNjciIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgdXBkYXRlX2NvdW50PSIxIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1OTEzNzczNzQ3NzgxMDAiPjx1cGRhdGVjaGVjay8-PHBpbmcgYWN0aXZlPSIxIiBhPSItMSIgcj0iLTEiIGFkPSItMSIgcmQ9Ii0xIiBwaW5nX2ZyZXNobmVzcz0ie0YxMDMwNTgyLUMzOTUtNDI1RS1CMzU2LTExNjg5ODgzMUYwOX0iLz48L2FwcD48L3JlcXVlc3Q-

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Program Files (x86)\Microsoft\Temp\EU8868.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU8868.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{D218110E-7580-4EE6-8F1A-783C1680E365}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RDIxODExMEUtNzU4MC00RUU2LThGMUEtNzgzQzE2ODBFMzY1fSIgdXNlcmlkPSJ7NjkyNjVEMzEtRjAwMi00MTg4LUJGN0UtQUZCODkyNzBCMDVCfSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7RjYxRDQyNDItNkUwMy00NTM5LTg3NjYtREUyNEU3QUVGNTQ0fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xODUuMjkiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIwIiBpbnN0YWxsZGF0ZXRpbWU9IjE3MTQ2NjQwMDYiPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjkyNjk3MTIzNjQiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe"

C:\Windows\System32\GameBarPresenceWriter.exe

"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://checkout.stripe.com/c/pay/cs_live_a1RPuIPY8ZMBmATwo6dbkbWqdfW9Bu2T7Nx4jB0ijmnwjqpk4v0wAAOKop#fid1d2BpamRhQ2prcSc%2FJ0hqa3F2YHd3ZHEnKSdkdWxOYHwnPyd1blppbHNgWjA0SU51SjxGPXFPUkJtTjFNQE1xa3w8QWIyfV1sVE80bDYxPGZ0M05HQXB2Z2k9Z1dNSjJUaEZOTm1dND1JVW9WbHdIS1FzbzZxYHZ0M2htTFRwVWxqYERhNTUzN19GYmpDNicpJ2N3amhWYHdzYHcnP3F3cGApJ2lkfGpwcVF8dWAnPyd2bGtiaWBabHFgaCcpJ2BrZGdpYFVpZGZgbWppYWB3dic%2FcXdwYHgl

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffe54203cb8,0x7ffe54203cc8,0x7ffe54203cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1948,13447022605649258980,9469556324527833072,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1992 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1948,13447022605649258980,9469556324527833072,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1948,13447022605649258980,9469556324527833072,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2560 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,13447022605649258980,9469556324527833072,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,13447022605649258980,9469556324527833072,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,13447022605649258980,9469556324527833072,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NTRFMkI0OEYtNkI2My00MkYzLUEzQkEtRDdDN0FBMjI0ODhGfSIgdXNlcmlkPSJ7NjkyNjVEMzEtRjAwMi00MTg4LUJGN0UtQUZCODkyNzBCMDVCfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7QjNBMEE0ODctQjA1MC00REZDLTkxQkQtNDUyNzdFMzYxODEyfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7RHhPYmpIR2ErblJhMmF0QzN3bytJRXBDNzgrWlllQVVia1hwREMyY2o3VT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTEwLjAuNTQ4MS4xMDQiIG5leHR2ZXJzaW9uPSIiIGxhbmc9ImVuIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjYiIGluc3RhbGxkYXRldGltZT0iMTcxNDE0NTAwOSIgb29iZV9pbnN0YWxsX3RpbWU9IjEzMzU4NjQyOTMwODY5MDUzNyI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjIxMTQwNjgiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyMjczNDY5NzA3Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{76EB64B5-3AEF-4072-A0A4-F7671F328B00}\BGAUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{76EB64B5-3AEF-4072-A0A4-F7671F328B00}\BGAUpdate.exe" --edgeupdate-client --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NTRFMkI0OEYtNkI2My00MkYzLUEzQkEtRDdDN0FBMjI0ODhGfSIgdXNlcmlkPSJ7NjkyNjVEMzEtRjAwMi00MTg4LUJGN0UtQUZCODkyNzBCMDVCfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntCMzdGRkM1RS05OTYyLTRBMzctOTUwQy1CQUREMTQyMDgxRTZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9InsxRkFCOENGRS05ODYwLTQxNUMtQTZDQS1BQTdEMTIwMjE5NDB9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIyLjAuMC4zNCIgbGFuZz0iIiBicmFuZD0iRVVGSSIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSItMSIgaW5zdGFsbGRhdGU9Ii0xIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjkiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyMjg5MTg5NjQ1IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTIyODkyNzk1NjEiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMCIgZXJyb3Jjb2RlPSItMjE0NzAyMzgzOCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTIzOTc4NzQ5MDciIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImRvIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy81ZjE5NTYxMi0zODRhLTQ4ZWEtODQwOC1iNGVkZTlkYzU2YmI_UDE9MTcxNTI2OTQ5MyZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1KbVJhSTBkS0NyMExkbzBWQllOayUyZmoycFRtM2xHVGY0cG4lMmJKRVN2VzY2aHV2cEVBYnFFTE41NTgweUxrUklUV2dyMTJSaFVYb09vcVVrJTJicGszZmpHUSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSIwIiBkb3dubG9hZF90aW1lX21zPSIzIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDUzODYzODUiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyMzk4MjE2MDM0IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy81ZjE5NTYxMi0zODRhLTQ4ZWEtODQwOC1iNGVkZTlkYzU2YmI_UDE9MTcxNTI2OTQ5MyZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1KbVJhSTBkS0NyMExkbzBWQllOayUyZmoycFRtM2xHVGY0cG4lMmJKRVN2VzY2aHV2cEVBYnFFTE41NTgweUxrUklUV2dyMTJSaFVYb09vcVVrJTJicGszZmpHUSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSItMSIgZG93bmxvYWRfdGltZV9tcz0iNDYiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjM5ODI2NDk2NiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0id2luaHR0cCIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNWYxOTU2MTItMzg0YS00OGVhLTg0MDgtYjRlZGU5ZGM1NmJiP1AxPTE3MTUyNjk0OTMmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9Sm1SYUkwZEtDcjBMZG8wVkJZTmslMmZqMnBUbTNsR1RmNHBuJTJiSkVTdlc2Nmh1dnBFQWJxRUxONTU4MHlMa1JJVFdncjEyUmhVWG9Pb3FVayUyYnBrM2ZqR1ElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIxOTkuMjMyLjIxMC4xNzIiIGNkbl9jaWQ9IjMiIGNkbl9jY2M9IkdCIiBjZG5fbXNlZGdlX3JlZj0iUmVmIEE6IDJERDc4ODU2RjEwNjQxREM4RjAzQzJDN0FGNzA5MUMyIFJlZiBCOiBMVFNFREdFMTcxMCBSZWYgQzogMjAyNC0wNC0xNVQyMDo0MzoxM1oiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iUmVmIEE6IDNFNTdDMDE4NkRGNDQyNzlBNDMzQjJCOTc0RkYzOUY0IFJlZiBCOiBBTVMyMzEwMjIwMTEwMjUgUmVmIEM6IDIwMjQtMDQtMTVUMjA6NDM6MTNaIiBjZG5fY2FjaGU9IkhJVCwgSElUIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE4MDQ0NDQ4IiB0b3RhbD0iMTgwNDQ0NDgiIGRvd25sb2FkX3RpbWVfbXM9IjQ3NTMiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjM5ODMwNDg4MyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyNDA1MTY0ODcyIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTI0MjkxNDA0MzIiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSI2NjYiIGRvd25sb2FkX3RpbWVfbXM9IjEwODE3IiBkb3dubG9hZGVkPSIxODA0NDQ0OCIgdG90YWw9IjE4MDQ0NDQ4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSIyMzkzIi8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\MicrosoftEdge_X64_124.0.2478.67.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff780fa88c0,0x7ff780fa88cc,0x7ff780fa88d8

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff780fa88c0,0x7ff780fa88cc,0x7ff780fa88d8

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MzYwNTUyNDItRDc3OC00RTFFLTkzMEItNzQyNzdDMTg5NEZGfSIgdXNlcmlkPSJ7NjkyNjVEMzEtRjAwMi00MTg4LUJGN0UtQUZCODkyNzBCMDVCfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntFQ0QzMjFGRC00OEE5LTQ4RDEtQjRBNi02RDU5NDVBMkMwOTJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtEeE9iakhHYStuUmEyYXRDM3dvK0lFcEM3OCtaWWVBVWJrWHBEQzJjajdVPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTg1LjI5IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9IklzT25JbnRlcnZhbENvbW1hbmRzQWxsb3dlZD0tdGFyZ2V0X2RldjtQcm9kdWN0c1RvUmVnaXN0ZXI9JTdCMUZBQjhDRkUtOTg2MC00MTVDLUE2Q0EtQUE3RDEyMDIxOTQwJTdEIiBpbnN0YWxsYWdlPSIwIiBjb2hvcnQ9InJyZkAwLjA4Ij48dXBkYXRlY2hlY2svPjxwaW5nIHJkPSI2MzMxIiBwaW5nX2ZyZXNobmVzcz0iezA1OUM5QzE5LTY2NEItNEQ3NS1CREI1LTM5RDFCMDUxNkZCRX0iLz48L2FwcD48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iOTAuMC44MTguNjYiIG5leHR2ZXJzaW9uPSIxMjQuMC4yNDc4LjY3IiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGlzX3Bpbm5lZF9zeXN0ZW09InRydWUiIGxhc3RfbGF1bmNoX2NvdW50PSIxIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1OTEzODI1MDExMzI1NTAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyODQ5NDMxNjg3IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyODUxOTMxMzQzIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyOTA0OTAxMzY5IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyOTc5OTIwOTAxIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzYwNzYwMDU2MCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjMxMDAiIGRvd25sb2FkZWQ9IjE3MjcyMzc2OCIgdG90YWw9IjE3MjcyMzc2OCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjIiIGluc3RhbGxfdGltZV9tcz0iNjI2OTYiLz48cGluZyBhY3RpdmU9IjEiIGFkPSI2MzMxIiByZD0iNjMzMSIgcGluZ19mcmVzaG5lc3M9InsyOTdFMDlGOC0wRUE4LTRBOTUtOUE0OC0zMTRBNEFCMjk5OUJ9Ii8-PC9hcHA-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IjEyNC4wLjI0NzguNjciIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgY29ob3J0PSJycmZAMC44OCIgdXBkYXRlX2NvdW50PSIxIiBsYXN0X2xhdW5jaF9jb3VudD0iMSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNTkxMzc3Mzc0Nzc4MTAwIj48dXBkYXRlY2hlY2svPjxwaW5nIGFjdGl2ZT0iMCIgcmQ9IjYzMzEiIHBpbmdfZnJlc2huZXNzPSJ7RUNGNkI4NTItRDhGMi00Q0Y3LUI2RTgtRjJFQTJFMkY4NzhBfSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe"

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe

"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4296 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4292 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4248 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6428 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4368 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8

C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe

"C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe"

C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe" -app -isInstallerLaunch

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /0

Network

Country Destination Domain Proto
GB 142.250.178.4:443 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 4.178.250.142.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
GB 172.217.16.238:443 consent.google.com udp
GB 172.217.16.238:443 consent.google.com tcp
GB 172.217.16.238:443 consent.google.com tcp
GB 142.250.200.42:443 content-autofill.googleapis.com tcp
GB 142.250.200.42:443 content-autofill.googleapis.com tcp
DE 128.116.123.4:443 apis.roblox.com tcp
DE 128.116.123.4:443 apis.roblox.com tcp
GB 13.224.81.77:443 css.rbxcdn.com tcp
GB 13.224.81.77:443 css.rbxcdn.com tcp
GB 13.224.81.77:443 css.rbxcdn.com tcp
GB 13.224.81.77:443 css.rbxcdn.com tcp
GB 13.224.81.77:443 css.rbxcdn.com tcp
GB 13.224.81.77:443 css.rbxcdn.com tcp
GB 13.224.81.80:443 js.rbxcdn.com tcp
GB 13.224.81.80:443 js.rbxcdn.com tcp
GB 13.224.81.80:443 js.rbxcdn.com tcp
GB 13.224.81.80:443 js.rbxcdn.com tcp
GB 13.224.81.80:443 js.rbxcdn.com tcp
GB 13.224.81.80:443 js.rbxcdn.com tcp
GB 3.162.20.13:443 static.rbxcdn.com tcp
GB 3.162.20.13:443 static.rbxcdn.com tcp
GB 128.116.119.4:443 roblox.com tcp
GB 3.162.20.91:443 images.rbxcdn.com tcp
US 8.8.8.8:53 13.20.162.3.in-addr.arpa udp
US 8.8.8.8:53 metrics.roblox.com udp
DE 128.116.123.4:443 locale.roblox.com tcp
US 2.18.190.76:443 apis.rbxcdn.com tcp
GB 13.224.81.77:443 css.rbxcdn.com tcp
DE 128.116.123.4:443 locale.roblox.com udp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com udp
GB 18.172.89.122:443 setup.rbxcdn.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
GB 18.172.89.15:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:50139 tcp
GB 18.172.89.15:443 setup.rbxcdn.com tcp
GB 18.172.89.15:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:50143 tcp
N/A 127.0.0.1:50146 tcp
N/A 127.0.0.1:50149 tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
GB 18.172.89.15:443 setup.rbxcdn.com tcp
GB 18.172.89.15:443 setup.rbxcdn.com tcp
GB 18.172.89.15:443 setup.rbxcdn.com tcp
US 52.111.229.43:443 tcp
FR 172.217.18.195:443 beacons.gcp.gvt2.com tcp
N/A 127.0.0.1:50203 tcp
N/A 127.0.0.1:50213 tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:50227 tcp
N/A 127.0.0.1:50232 tcp
GB 142.250.178.4:443 www.google.com udp
DE 128.116.123.4:443 locale.roblox.com udp
DE 128.116.123.4:443 locale.roblox.com udp
DE 128.116.123.4:443 locale.roblox.com udp
US 172.64.154.86:443 roblox-api.arkoselabs.com tcp
N/A 127.0.0.1:50235 tcp
GB 142.250.200.42:443 content-autofill.googleapis.com udp
US 172.64.154.86:443 roblox-api.arkoselabs.com udp
US 20.7.47.135:443 tcp
GB 23.73.139.75:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
DE 128.116.123.4:443 locale.roblox.com udp
FR 172.217.18.195:443 beacons.gcp.gvt2.com udp
DE 128.116.123.4:443 www.roblox.com udp
DE 128.116.123.4:443 www.roblox.com udp
DE 128.116.123.4:443 www.roblox.com udp
US 172.64.154.86:443 roblox-api.arkoselabs.com udp
GB 142.250.200.42:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
GB 23.73.139.67:443 tr.rbxcdn.com tcp
GB 3.162.20.44:443 static.rbxcdn.com tcp
DE 128.116.123.3:443 realtime-signalr.roblox.com tcp
US 8.8.8.8:53 accountsettings.roblox.com udp
US 8.8.8.8:53 44.20.162.3.in-addr.arpa udp
US 8.8.8.8:53 c0cfly.rbxcdn.com udp
US 8.8.8.8:53 dfw2-128-116-95-3.roblox.com udp
US 8.8.8.8:53 gold.roblox.com udp
US 8.8.8.8:53 sea1-128-116-115-3.roblox.com udp
US 8.8.8.8:53 economy.roblox.com udp
US 8.8.8.8:53 lga2-128-116-32-3.roblox.com udp
US 8.8.8.8:53 silver.roblox.com udp
US 8.8.8.8:53 mia4-128-116-45-3.roblox.com udp
US 8.8.8.8:53 fra4-128-116-44-3.roblox.com udp
US 8.8.8.8:53 friends.roblox.com udp
US 8.8.8.8:53 privatemessages.roblox.com udp
US 8.8.8.8:53 trades.roblox.com udp
IN 128.116.104.4:443 bom1-128-116-104-4.roblox.com tcp
US 128.116.116.3:443 lax2-128-116-116-3.roblox.com tcp
US 205.234.175.102:443 t7.rbxcdn.com tcp
US 128.116.45.3:443 mia4-128-116-45-3.roblox.com tcp
DE 128.116.44.3:443 fra4-128-116-44-3.roblox.com tcp
GB 128.116.119.3:443 silver.roblox.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
US 128.116.32.3:443 lga2-128-116-32-3.roblox.com tcp
US 128.116.95.3:443 dfw2-128-116-95-3.roblox.com tcp
US 128.116.115.3:443 sea1-128-116-115-3.roblox.com tcp
US 151.101.0.176:443 m.stripe.network tcp
US 52.14.203.156:443 aws-us-east-2b-lms.rbx.com tcp
GB 3.11.108.22:443 aws-eu-west-2a-lms.rbx.com tcp
PL 128.116.124.3:443 waw1-128-116-124-3.roblox.com tcp
US 128.116.102.3:443 iad4-128-116-102-3.roblox.com tcp
GB 13.224.81.89:443 c0.rbxcdn.com tcp
GB 13.224.81.64:443 c0.rbxcdn.com tcp
DE 18.194.96.40:443 s.ns1p.net tcp
DE 18.185.246.39:443 s.ns1p.net tcp
US 128.116.102.3:443 iad4-128-116-102-3.roblox.com tcp
DE 128.116.44.3:443 fra4-128-116-44-3.roblox.com tcp
US 128.116.116.3:443 lax2-128-116-116-3.roblox.com tcp
US 44.240.201.86:443 m.stripe.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:52096 tcp
FR 172.217.18.195:443 beacons.gcp.gvt2.com udp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:52312 tcp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
DE 128.116.123.4:443 thumbnails.roblox.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
DE 128.116.123.4:443 thumbnails.roblox.com tcp
N/A 127.0.0.1:52323 tcp
N/A 127.0.0.1:52340 tcp
N/A 127.0.0.1:52343 tcp
N/A 127.0.0.1:52347 tcp
N/A 127.0.0.1:52351 tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 apis.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
DE 128.116.123.4:443 apis.roblox.com tcp
DE 128.116.123.4:443 apis.roblox.com tcp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
GB 13.224.81.99:443 css.rbxcdn.com tcp
GB 13.224.81.99:443 css.rbxcdn.com tcp
GB 13.224.81.99:443 css.rbxcdn.com tcp
GB 13.224.81.99:443 css.rbxcdn.com tcp
GB 13.224.81.99:443 css.rbxcdn.com tcp
GB 13.224.81.99:443 css.rbxcdn.com tcp
GB 3.162.20.13:443 static.rbxcdn.com tcp
GB 3.162.20.13:443 static.rbxcdn.com tcp
GB 13.224.81.33:443 js.rbxcdn.com tcp
GB 13.224.81.33:443 js.rbxcdn.com tcp
GB 13.224.81.33:443 js.rbxcdn.com tcp
GB 13.224.81.33:443 js.rbxcdn.com tcp
GB 13.224.81.33:443 js.rbxcdn.com tcp
GB 13.224.81.33:443 js.rbxcdn.com tcp
GB 3.162.20.91:443 images.rbxcdn.com tcp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
GB 13.224.81.99:443 css.rbxcdn.com tcp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 metrics.roblox.com udp
US 172.64.154.86:443 roblox-api.arkoselabs.com tcp
US 128.116.32.4:443 roblox.com tcp
DE 128.116.123.4:443 metrics.roblox.com udp
DE 128.116.123.4:443 metrics.roblox.com tcp
US 8.8.8.8:53 apis.rbxcdn.com udp
US 8.8.8.8:53 apis.rbxcdn.com udp
US 2.18.190.83:443 apis.rbxcdn.com tcp
US 172.64.154.86:443 roblox-api.arkoselabs.com udp
DE 128.116.123.4:443 metrics.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.4.4:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
DE 128.116.123.4:443 auth.roblox.com udp
US 8.8.4.4:443 dns.google udp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:52871 tcp
N/A 127.0.0.1:53065 tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
N/A 127.0.0.1:54335 tcp
N/A 127.0.0.1:54337 tcp
N/A 127.0.0.1:54339 tcp
N/A 127.0.0.1:54351 tcp
N/A 127.0.0.1:54354 tcp
N/A 127.0.0.1:54465 tcp
GB 23.73.139.67:443 tr.rbxcdn.com tcp
GB 23.73.139.67:443 tr.rbxcdn.com tcp
GB 23.73.139.67:443 tr.rbxcdn.com tcp
GB 23.73.139.67:443 tr.rbxcdn.com tcp
GB 23.73.139.67:443 tr.rbxcdn.com tcp
GB 23.73.139.67:443 tr.rbxcdn.com tcp
GB 23.73.139.67:443 tr.rbxcdn.com tcp
GB 13.224.81.107:443 t7.rbxcdn.com tcp
N/A 127.0.0.1:54475 tcp
N/A 127.0.0.1:54484 tcp
N/A 127.0.0.1:54504 tcp
N/A 127.0.0.1:54555 tcp
N/A 127.0.0.1:54557 tcp
N/A 127.0.0.1:54559 tcp
N/A 127.0.0.1:54575 tcp
GB 23.73.139.67:443 tr.rbxcdn.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:54778 tcp
N/A 127.0.0.1:54781 tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
US 18.239.208.31:443 c1.rbxcdn.com tcp
N/A 127.0.0.1:54797 tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
GB 13.224.81.89:443 c0.rbxcdn.com tcp
GB 18.172.89.91:443 c3.rbxcdn.com tcp
GB 13.224.81.90:443 t3.rbxcdn.com tcp
GB 13.224.81.19:443 t6.rbxcdn.com tcp
GB 13.224.81.19:443 t6.rbxcdn.com tcp
GB 18.165.160.34:443 c2.rbxcdn.com tcp
N/A 127.0.0.1:54809 tcp
DE 128.116.123.4:443 auth.roblox.com tcp
N/A 127.0.0.1:54827 tcp
N/A 127.0.0.1:54842 tcp
N/A 127.0.0.1:54853 tcp
N/A 127.0.0.1:54855 tcp
N/A 127.0.0.1:54861 tcp
N/A 127.0.0.1:54876 tcp
N/A 127.0.0.1:54896 tcp
N/A 127.0.0.1:54936 tcp
DE 128.116.123.4:443 auth.roblox.com tcp
N/A 127.0.0.1:54939 tcp
N/A 127.0.0.1:54941 tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
N/A 127.0.0.1:54943 tcp
GB 184.28.176.106:443 tcp
US 20.189.173.23:443 browser.pipe.aria.microsoft.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
N/A 127.0.0.1:55084 tcp
NL 13.95.26.4:443 msedge.api.cdp.microsoft.com tcp
GB 217.20.56.34:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
GB 23.73.139.26:443 tr.rbxcdn.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
US 205.234.175.102:443 t7.rbxcdn.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
N/A 127.0.0.1:56459 tcp
N/A 127.0.0.1:56461 tcp
N/A 127.0.0.1:56565 tcp
N/A 127.0.0.1:56567 tcp
N/A 127.0.0.1:56569 tcp
N/A 127.0.0.1:56571 tcp
N/A 127.0.0.1:56573 tcp
N/A 127.0.0.1:56575 tcp
N/A 127.0.0.1:56577 tcp
N/A 127.0.0.1:56615 tcp
N/A 127.0.0.1:56617 tcp
N/A 127.0.0.1:56619 tcp
N/A 127.0.0.1:56621 tcp
N/A 127.0.0.1:56623 tcp
N/A 127.0.0.1:56752 tcp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
N/A 127.0.0.1:56778 tcp
N/A 127.0.0.1:56785 tcp
N/A 127.0.0.1:56789 tcp
N/A 127.0.0.1:56792 tcp
DE 128.116.123.4:443 auth.roblox.com tcp
N/A 127.0.0.1:56799 tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
N/A 127.0.0.1:56802 tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
N/A 127.0.0.1:58083 tcp
N/A 127.0.0.1:58085 tcp
N/A 127.0.0.1:58087 tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
GB 23.73.139.26:443 tr.rbxcdn.com tcp
GB 23.73.139.26:443 tr.rbxcdn.com tcp
GB 23.73.139.26:443 tr.rbxcdn.com tcp
GB 23.73.139.26:443 tr.rbxcdn.com tcp
GB 23.73.139.26:443 tr.rbxcdn.com tcp
GB 23.73.139.26:443 tr.rbxcdn.com tcp
GB 23.73.139.26:443 tr.rbxcdn.com tcp
US 205.234.175.102:443 t7.rbxcdn.com tcp
N/A 127.0.0.1:58098 tcp
N/A 127.0.0.1:58101 tcp
N/A 127.0.0.1:58212 tcp
N/A 127.0.0.1:58221 tcp
N/A 127.0.0.1:58231 tcp
N/A 127.0.0.1:58313 tcp
GB 23.73.139.26:443 tr.rbxcdn.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
GB 18.172.89.116:443 c1.rbxcdn.com tcp
N/A 127.0.0.1:58503 tcp
N/A 127.0.0.1:58506 tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
N/A 127.0.0.1:58516 tcp
N/A 127.0.0.1:58518 tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
N/A 127.0.0.1:58569 tcp
DE 128.116.123.4:443 auth.roblox.com tcp
N/A 127.0.0.1:58572 tcp
N/A 127.0.0.1:58574 tcp
N/A 127.0.0.1:58576 tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
N/A 127.0.0.1:55285 udp
N/A 127.0.0.1:58606 tcp
N/A 127.0.0.1:58625 tcp
N/A 127.0.0.1:58629 tcp
GB 13.224.81.10:443 c0.rbxcdn.com tcp
GB 13.224.81.10:443 c0.rbxcdn.com tcp
GB 18.172.89.127:443 c6.rbxcdn.com tcp
GB 18.172.89.127:443 c6.rbxcdn.com tcp
GB 18.172.89.127:443 c6.rbxcdn.com tcp
GB 18.172.89.127:443 c6.rbxcdn.com tcp
GB 18.172.89.13:443 c1.rbxcdn.com tcp
GB 18.165.160.65:443 c2.rbxcdn.com tcp
GB 18.165.160.65:443 c2.rbxcdn.com tcp
GB 18.172.89.64:443 c5.rbxcdn.com tcp
US 8.8.8.8:53 64.89.172.18.in-addr.arpa udp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
N/A 127.0.0.1:58645 tcp
GB 18.165.160.20:443 c4.rbxcdn.com tcp
GB 18.165.160.20:443 c4.rbxcdn.com tcp
GB 18.165.160.20:443 c4.rbxcdn.com tcp
GB 18.165.160.20:443 c4.rbxcdn.com tcp
N/A 127.0.0.1:58655 tcp
GB 18.172.89.116:443 c1.rbxcdn.com tcp
GB 18.172.89.13:443 c1.rbxcdn.com tcp
GB 18.165.160.20:443 c4.rbxcdn.com tcp
GB 18.172.89.116:443 c1.rbxcdn.com tcp
N/A 127.0.0.1:58657 tcp
GB 18.172.89.78:443 c7.rbxcdn.com tcp
N/A 127.0.0.1:58661 tcp
N/A 127.0.0.1:58667 tcp
GB 18.165.160.65:443 c2.rbxcdn.com tcp
N/A 127.0.0.1:58669 tcp
N/A 127.0.0.1:58677 tcp
N/A 127.0.0.1:58679 tcp
N/A 127.0.0.1:58712 tcp
N/A 127.0.0.1:58747 tcp
N/A 127.0.0.1:58749 tcp
N/A 127.0.0.1:58754 tcp
N/A 127.0.0.1:58757 tcp
N/A 127.0.0.1:58776 tcp
N/A 127.0.0.1:58778 tcp
N/A 127.0.0.1:58804 tcp
N/A 127.0.0.1:58810 tcp
N/A 127.0.0.1:58842 tcp
DE 128.116.123.4:443 auth.roblox.com tcp
US 205.234.175.102:443 t7.rbxcdn.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:59214 tcp
DE 128.116.123.4:443 auth.roblox.com tcp
N/A 127.0.0.1:59228 tcp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
N/A 127.0.0.1:59231 tcp
DE 128.116.123.4:443 auth.roblox.com tcp
N/A 127.0.0.1:59420 tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
N/A 127.0.0.1:59453 tcp
N/A 127.0.0.1:59455 tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
N/A 127.0.0.1:59495 tcp
GB 23.73.139.17:443 tr.rbxcdn.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
N/A 127.0.0.1:59498 tcp
DE 128.116.123.4:443 auth.roblox.com tcp
N/A 127.0.0.1:59500 tcp
DE 128.116.123.4:443 auth.roblox.com tcp
GB 23.73.139.17:443 tr.rbxcdn.com tcp
GB 23.73.139.17:443 tr.rbxcdn.com tcp
N/A 127.0.0.1:59504 tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
GB 13.224.81.64:443 c0.rbxcdn.com tcp
N/A 127.0.0.1:59550 tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
N/A 127.0.0.1:59556 tcp
GB 18.172.89.28:443 c7.rbxcdn.com tcp
GB 18.172.89.71:443 c5.rbxcdn.com tcp
GB 18.172.89.28:443 c7.rbxcdn.com tcp
GB 18.172.89.55:443 c6.rbxcdn.com tcp
GB 18.165.160.46:443 c4.rbxcdn.com tcp
GB 18.172.89.41:443 c1.rbxcdn.com tcp
N/A 127.0.0.1:59585 tcp
N/A 127.0.0.1:59594 tcp
N/A 127.0.0.1:59609 tcp
N/A 127.0.0.1:59611 tcp
N/A 127.0.0.1:59613 tcp
US 8.8.8.8:53 41.89.172.18.in-addr.arpa udp
DE 128.116.123.4:443 auth.roblox.com tcp
N/A 127.0.0.1:59718 tcp
DE 128.116.123.4:443 auth.roblox.com tcp
DE 128.116.123.4:443 auth.roblox.com tcp
N/A 127.0.0.1:59725 tcp
N/A 127.0.0.1:59727 tcp
US 151.101.0.176:443 m.stripe.network tcp
US 8.8.8.8:53 merchant-ui-api.stripe.com udp
US 8.8.8.8:53 api.stripe.com udp
US 54.186.23.98:443 r.stripe.com tcp
IE 34.250.29.31:443 api.stripe.com tcp
US 198.202.176.201:443 merchant-ui-api.stripe.com tcp
US 151.101.0.176:443 b.stripecdn.com tcp
US 198.202.176.201:443 merchant-ui-api.stripe.com tcp
US 198.202.176.141:443 checkout-cookies.stripe.com tcp
US 8.8.8.8:53 201.176.202.198.in-addr.arpa udp
US 104.18.124.91:443 hcaptcha.com tcp
US 2.18.190.80:80 apps.identrust.com tcp
GB 18.165.158.156:443 d1wqzb5bdbcre6.cloudfront.net tcp
US 54.186.23.98:443 r.stripe.com tcp
US 54.186.23.98:443 r.stripe.com tcp
DE 128.116.123.4:443 ephemeralcounters.api.roblox.com tcp
US 151.101.0.176:443 b.stripecdn.com tcp
DE 128.116.123.4:443 ephemeralcounters.api.roblox.com tcp
IE 20.166.2.191:443 msedge.api.cdp.microsoft.com tcp
DE 128.116.123.4:443 ephemeralcounters.api.roblox.com tcp
DE 128.116.123.4:443 ephemeralcounters.api.roblox.com tcp
US 199.232.210.172:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
N/A 127.0.0.1:59865 tcp
US 8.8.8.8:53 realtime-signalr.roblox.com udp
DE 128.116.123.3:443 realtime-signalr.roblox.com tcp
N/A 127.0.0.1:59992 tcp
N/A 127.0.0.1:60002 tcp
US 20.114.58.89:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 89.58.114.20.in-addr.arpa udp
US 8.8.8.8:53 www.roblox.com udp
DE 128.116.123.4:443 chat.roblox.com udp
DE 128.116.123.4:443 chat.roblox.com tcp
DE 128.116.123.4:443 chat.roblox.com tcp
DE 128.116.123.4:443 chat.roblox.com tcp
N/A 127.0.0.1:60076 tcp
N/A 127.0.0.1:60079 tcp
DE 128.116.123.4:443 chat.roblox.com tcp
DE 128.116.123.4:443 chat.roblox.com tcp
DE 128.116.123.4:443 chat.roblox.com tcp
DE 128.116.123.4:443 chat.roblox.com tcp
DE 128.116.123.4:443 chat.roblox.com tcp
N/A 127.0.0.1:60082 tcp
N/A 127.0.0.1:60084 tcp
N/A 127.0.0.1:60086 tcp
N/A 127.0.0.1:60091 tcp
N/A 127.0.0.1:60094 tcp
N/A 127.0.0.1:60102 tcp
GB 13.224.81.32:443 t7.rbxcdn.com tcp
US 8.8.8.8:53 apis.roblox.com udp
GB 23.73.139.67:443 tr.rbxcdn.com tcp
DE 128.116.123.4:443 itemconfiguration.roblox.com tcp
DE 128.116.123.4:443 itemconfiguration.roblox.com udp
DE 128.116.123.4:443 itemconfiguration.roblox.com tcp
DE 128.116.123.4:443 itemconfiguration.roblox.com tcp
DE 128.116.123.4:443 itemconfiguration.roblox.com tcp
GB 23.73.139.67:443 tr.rbxcdn.com tcp
GB 23.73.139.67:443 tr.rbxcdn.com tcp
GB 23.73.139.67:443 tr.rbxcdn.com tcp
GB 23.73.139.67:443 tr.rbxcdn.com tcp
GB 23.73.139.67:443 tr.rbxcdn.com tcp
GB 13.224.81.128:443 t4.rbxcdn.com tcp
DE 128.116.123.4:443 itemconfiguration.roblox.com tcp
N/A 127.0.0.1:61151 tcp
N/A 127.0.0.1:61154 tcp
N/A 127.0.0.1:61541 tcp
N/A 127.0.0.1:61771 tcp
DE 128.116.5.33:53447 udp
N/A 127.0.0.1:61813 tcp
DE 128.116.123.4:443 itemconfiguration.roblox.com tcp
DE 128.116.123.4:443 itemconfiguration.roblox.com tcp
DE 128.116.123.4:443 itemconfiguration.roblox.com tcp
N/A 127.0.0.1:61893 tcp
DE 128.116.123.4:443 itemconfiguration.roblox.com tcp
DE 128.116.123.4:443 itemconfiguration.roblox.com tcp
DE 128.116.123.4:443 itemconfiguration.roblox.com tcp
N/A 127.0.0.1:61903 tcp
N/A 127.0.0.1:61905 tcp
N/A 127.0.0.1:62065 tcp
N/A 127.0.0.1:62067 tcp
N/A 127.0.0.1:62069 tcp
N/A 127.0.0.1:62071 tcp
N/A 127.0.0.1:62073 tcp
N/A 127.0.0.1:62075 tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:62200 tcp
GB 13.224.81.90:443 t3.rbxcdn.com tcp
GB 13.224.81.109:443 t2.rbxcdn.com tcp
N/A 127.0.0.1:62243 tcp
US 8.8.8.8:53 109.81.224.13.in-addr.arpa udp
US 8.8.8.8:53 tr.rbxcdn.com udp
GB 23.73.139.67:443 tr.rbxcdn.com tcp
DE 128.116.123.4:443 www.roblox.com tcp
DE 128.116.123.4:443 www.roblox.com tcp
GB 23.73.139.67:443 tr.rbxcdn.com tcp
GB 23.73.139.67:443 tr.rbxcdn.com tcp
GB 23.73.139.67:443 tr.rbxcdn.com tcp
GB 23.73.139.67:443 tr.rbxcdn.com tcp
GB 13.224.81.61:443 t4.rbxcdn.com tcp
N/A 127.0.0.1:63336 tcp
N/A 127.0.0.1:63622 tcp
N/A 127.0.0.1:63624 tcp
N/A 127.0.0.1:63932 tcp
GB 23.73.139.67:443 tr.rbxcdn.com tcp
GB 23.73.139.67:443 tr.rbxcdn.com tcp
DE 128.116.123.4:443 www.roblox.com tcp
DE 128.116.123.4:443 www.roblox.com tcp
N/A 127.0.0.1:63974 tcp
N/A 127.0.0.1:63976 tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
DE 128.116.123.4:443 www.roblox.com udp
GB 18.172.89.122:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 tr.rbxcdn.com udp
GB 23.73.139.26:443 tr.rbxcdn.com tcp
DE 128.116.123.3:443 ecsv2.roblox.com tcp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
N/A 127.0.0.1:64146 tcp
N/A 127.0.0.1:64149 tcp
GB 18.172.89.15:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:64165 tcp
GB 184.28.176.106:443 tcp
US 8.8.8.8:53 r.bing.com udp
GB 184.28.176.106:443 tcp
NL 23.62.61.112:443 r.bing.com tcp
NL 23.62.61.112:443 r.bing.com tcp
NL 23.62.61.112:443 r.bing.com tcp
NL 23.62.61.112:443 r.bing.com tcp
NL 23.62.61.112:443 r.bing.com tcp
NL 23.62.61.112:443 r.bing.com tcp
NL 23.62.61.112:443 r.bing.com tcp
NL 23.62.61.112:443 r.bing.com tcp
GB 184.28.176.106:443 tcp
US 20.189.173.23:443 browser.pipe.aria.microsoft.com tcp
DE 128.116.123.3:443 client-telemetry.roblox.com tcp
N/A 127.0.0.1:64296 tcp

Files

\??\pipe\crashpad_4760_OQJBKHQKJLXNLYPQ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\4da8e101-ea96-40bf-886b-595b991a622b.tmp

MD5 ae27a7889e669fcaa2bdc60d93458419
SHA1 bf50f1f18cad98df672ada010416079bbd5bd805
SHA256 0a9a68ff906387eb15fa1817a1f56affe58d50a63b212c745af69d8523a8a460
SHA512 5a0f866ba1dc11bbfb9700af03fdf415bcabf5beb2f706b6ab965e185d50a62618963d557363de3ddc4c8b877c7b98a283c921844e41827122861f7d4a0b1380

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a32fa6a1264157afc23467178f015832
SHA1 bd3cfcb697b8bc897659b6876b6c251f8ac128f1
SHA256 301c3d54ceaacca1588f7886b3c3ba58c90ef4b9d17865ee2bfa1a4b7d7c9f7b
SHA512 5591e60776e688a0e85dbfb70bd6932bb3ade88c549cf17179356371aae0968e0cbefd94b320b4ec1866a9ed1ebc5a1348a40dbbfa395a240bb677980445a959

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 14e9c138023dc70cf28cb549f5e392f8
SHA1 1f8f44c002fb592ce0e0ffd9cdfaf1bc3bf01141
SHA256 f608caaed3725a1551c01d22a43d123bafee5a4317afee2d940e603b618b2a4b
SHA512 5893f8d2ece721d60658a56c52e876997a036a11aa6bde71c192c27738f32bf96d239af1f012cf8761ab74f4b1cbe5ea66750d60e373271b739f314f843cdff0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 3fa9ccdb899161f8c83659d4577dce19
SHA1 ea62ff2b3b0de4d51eb73aa9be7846686b0b084e
SHA256 ad51cf30b36675defef72a3e5e088529b2fbe29a7972e124e6f4e87e6f6db997
SHA512 0460f134322b6cdec22f4582ad2c93f1b6162ce0b069a109847be5963ae171fa040cd4cd4552c2f6500edb6ecd1443dc1470f8a541d85f520797d8ff3add366c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d71095fa2a49739cc21cb7701aad0e27
SHA1 73c884094b177c4fc0b5c5ebb24cadc861ff9b3b
SHA256 0cfd26b45db5d27f1e7019fa78f4a1b8141057fd1dde57bd78a4fab69465e383
SHA512 65226508e1fb003b44b911f208f1eb593baa468372eb97019b68d12024d0813969d7fc103decf41095e91cdee63e02635a3962d9e8d6787ed23866137fbd272f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7f70b472e3c12052391359f32146936f
SHA1 b969dacd0a1bbb75e52979bb6b3aeab390eb992e
SHA256 29c4ee2484a31b20d44effa634cbd63072ea50a0f201f8bd6437d5dd969e305d
SHA512 181cc607945623c3dec0cfc83f20c891915749c2d5d3fb9d22fccda06a5c5546368ee883027f86c180d63ef0c12816ae84591ed5114a23673a7cd691dc8fba10

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 db724623a4bc9161a26bf8fa293da49c
SHA1 586cb605f7d7c6d32231e4d304cdf0010b934c97
SHA256 90769cb9670fb5ad65295228938d119b201960224da904918599c04be0e45332
SHA512 ec6229685522977bdfd21d179b5dfd30fb4243d8a2b91259f6643b83f47d96a88fa83aff14b8f5387dbad7000c2fb3331a93c868755138c71d2b4794fa113931

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dc25d5157edc3742ae1e9d7207e2fe50
SHA1 ec76cfbe41f15fb312372a42d3843422dad351bb
SHA256 02964c6261819bca2f85e9384c58d04ccec4a05578436f3f8e761f80deec07a0
SHA512 674290a77f596e7a2f12f7a9c101ec4f93c1f698c336fdccc164a61439009dfc02a859c5ed0df3feae64292953ed178345e3dbcc254b1c6e753e09d948490352

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a0202aadd8b69e0dd60978ed805d0ee3
SHA1 d28a0f35fea2f8748991587334b7406a7215d5cd
SHA256 f140d6501eb07fb43260f3d4d5c9ba32f85bd5318e1c15fee34917019d2d0f94
SHA512 9e10c80205262ae11c384e5ea810579212d56afab680db74be651c77bf89151dee599cc60829bb07c6e322e3116988a1712e5af08fadd357ef825e3ca83f7161

C:\Users\Admin\Downloads\Unconfirmed 956060.crdownload

MD5 a2f58a117c60b1622eede88d2163ef19
SHA1 91ed6cf5b0efb2c0bd3e06ab5775775ccd1bd631
SHA256 e74d896bc3469b5a28eb5a04ea364a9ab32737d573868fb08a327820ea624c04
SHA512 19964984f66876032ef15283c25e31737e1f56c27a3f9d7fe204dccdc0a45c64e3380a5924f4b82301e55a5371bd7c9c61776e8ae6cb15a0e0502d189384c14f

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe:Zone.Identifier

MD5 fbccf14d504b7b2dbcb5a5bda75bd93b
SHA1 d59fc84cdd5217c6cf74785703655f78da6b582b
SHA256 eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
SHA512 aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8f71a38eead4e675ccb35bdeb64eba9a
SHA1 084726b74789550b778fdcdf5f0ec0ab625c7f2c
SHA256 334e22ce69ba4861204ade2afc4dbaec0b038af4f16ffeded33837437a070ac2
SHA512 5c30ca0d10fb67d6eccb9daa3503776007a5e4ca94cebbd7150c8d657f4157668df91562634be1bbd067420eb0525e6350984ca7e89f664cb1f9d4c4bb52b231

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 09a586cd984e03708643315e6301201d
SHA1 287b2ffb24a9824595758b05f3effa3d008a9d13
SHA256 db9cde0fa06816b997955b27b409eec338cf587dca73ff29491f295ae42a8251
SHA512 f04c445568d1efac3b28de50cc0c3a2686e70be1e98485b1008e4ef10bb5baa0b9abcd6a6604d71e9be76b4aeb01fdb704e7950098ddee6a1607e478810eaabf

C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe

MD5 e284a7bdf53b953d5514c6abe985ed60
SHA1 91655419b0e29b53bebbd102127056f396af6bb0
SHA256 de29073ba5d2f701473a80f14c9dc35b2a11194918b8f682357b09d57c2aeb2e
SHA512 2066d8dd92d2c64df6eae441fc25914a6214ff52ad264a38c156f59fd1587d6a7627f19a1b537fd82d95b7c66acaf73169b855df55fce0163bd3b05333377195

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 daacead4f652f96426b7aaba06b3f6c2
SHA1 b500dbd433248f64d51705f8e124c3a631a63160
SHA256 810c71b56cc28a59f261e1b3cc9e6bb9eaf84df57b58da022d578762fd1b968c
SHA512 dd22c07f56dfeb38cac040dbe16251f6b34150640e1904241bee1401cf5795e8deff75334040b4801cae1b1ea39e285beaf132f2777a3684fbf3d4e81e3aa521

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 939b24e6c58e45db31e9530764a9d1c2
SHA1 8a9dbd891835579e4ee1d7108cc6d7b71666cf3c
SHA256 3ae030311bd70d4350206dbbb1d6bb842be6dac932def46203ebcdc39e3247e0
SHA512 858879a737384cee8f9b87e719ebbd035b5b2721e066b4fb1233d632e920f2945b8f277b0766b689be114b4bfa474f385ab6ace3d383798007a82ed4dbcff56a

C:\Users\Admin\AppData\Local\Roblox\logs\cacert.pem

MD5 0194eb945475f93844c0fae769c0fa0b
SHA1 d72876a801c702348ea5b4b4a333c484f2a721fd
SHA256 a6bc06b8255e4afe2eeff34684605d04df9ec246fc201bf5e44137987189a0d3
SHA512 72a00fe6b9111cab22f1f424f815a617be2041a3857a6265b004ca1bfd10f345ca33369cd43009b483f9436ccbcd69c70f7033a85d94527b1f39846b75b43c17

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 ca6ed05c9e761d06fd3451d93f365b4e
SHA1 ea7ec50ca982fc9b5d96eadebd77869180f04f2e
SHA256 7055a8e00d009f7f8265bd3dc81d5b60dac219777ec1240ca2c95a53d251265f
SHA512 f485ad1f4fa8fae7193c2c8714079e7420364d93a0993a8fb202367a5378e7c0c4e43a0328331d404416e7ebc58f1f29ed73381f36dc513795c762d275b5622e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58726c.TMP

MD5 8086189d71ea9bb5d03382f1a74cf138
SHA1 7610d519b71af020567c1310c1996e81a8b500e5
SHA256 0652168d69730ccaeefaf7e08d605c5a329afc334d4f01bceb9b6feebb7e9e37
SHA512 c8d30f60207c137c493963a77e9fec3de327a436eee77b144108bd3642c27fd92e2d55194225dc87bfedf2e9f156c3747790a40116a1b24ed3f55ba4aabb9c05

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 40c9c0225d00cb2a0966ee10a9f6a393
SHA1 1bc392d214c59d17864a10a1b9e11016e51b4ba4
SHA256 3d6de60df3f4161a3b90b4a33626241ef57cb3d11d1ffe1d01d3228d774748a1
SHA512 dfbf1cbf0c2cb6b54f2509655d337327b7050e5bf0106e9510075b5e4b959097e3210472c378e27cdebae725eb82239ff0bb95397ef67c1918f767012b87e13c

C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\523f61d67bf4c528e001c52e84c35ef0

MD5 523f61d67bf4c528e001c52e84c35ef0
SHA1 f26774809dc1ea0bc7376606964ebcc06bfdc398
SHA256 834bd41f708d1393a528da769b015538b45b279b4af4969e1df54c0c426add3a
SHA512 d99d834d3632804160428367360f8a4c0ab6e1c9146ab12b07d6f44c30def1482809d5cac41ae84a64e5d8b99a4fcf2090c74e39b2692094168737501301b15f

C:\Users\Admin\AppData\Local\Temp\Roblox\http\8913724486d5e3c463c493b25346ca31

MD5 973d5074c403795a4846185ee0f26ff8
SHA1 99f3a2137364306fcda7003778975b56f8069135
SHA256 0bac3dc4e01fcd0bd9ad3c4cefb39aba8d757e2e14079540cd98f2c594ec709b
SHA512 b98b488bb9f99f7c0d01606be27ae0f099102a572bedd2adecbba7219bf819f5665de526b6e367a5fa19cbda0f00bb581a1c9c8f1e66317a2b2fb3270092c7c3

C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MD5 610b1b60dc8729bad759c92f82ee2804
SHA1 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552
SHA256 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08
SHA512 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bb054db612e96ef064a16e26ab24f17d
SHA1 2d5ff2fe14c21a5e15fa333e4f34f7c3ee9d9ea2
SHA256 f678ffcb38c1686115cd00f3bea104434005b6a2196e5bb4e8d4fdb964564f2b
SHA512 1569a2e12bad9a5a28a7c028d837825d386e08eaeccbe42def253a9745d52dd5e219a80f0516f50b1cb553b1e20cfd561d4ac93456d3bbe869867efa2cbefe0d

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\MicrosoftEdgeUpdate.exe

MD5 4dc57ab56e37cd05e81f0d8aaafc5179
SHA1 494a90728d7680f979b0ad87f09b5b58f16d1cd5
SHA256 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718
SHA512 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdate.dll

MD5 965b3af7886e7bf6584488658c050ca2
SHA1 72daabdde7cd500c483d0eeecb1bd19708f8e4a5
SHA256 d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19
SHA512 1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_en.dll

MD5 4a1e3cf488e998ef4d22ac25ccc520a5
SHA1 dc568a6e3c9465474ef0d761581c733b3371b1cd
SHA256 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011
SHA512 ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_fa.dll

MD5 cbe3454843ce2f36201460e316af1404
SHA1 0883394c28cb60be8276cb690496318fcabea424
SHA256 c66c4024847d353e9985eb9b2f060b2d84f12cc77fb6479df5ffc55dbda97e59
SHA512 f39e660f3bfab288871d3ec40135c16d31c6eb1a84136e065b54ff306f6f8016a788c713d4d8e46ad62e459f9073d2307a6ed650919b2dd00577bbfd04e5bd73

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 6dfe941ebe9f56fbdc29fb58167450f0
SHA1 79b60d995f7624e01f7daf522fe63a9bc8cb25fd
SHA256 cf6e27c6a837203bc515dd71b3bf1c008657e51775d76699fc977875a6e918e2
SHA512 2b1528cde768a9fd7952e327863bf8690ad07220332e9b6d0f5561be1d4f4d24b4f91e8f59974912ef368296ac8e987a528a0d628c9b3fd087223bb05d16e5f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7c12fca58edd6b83a3f3b9f73223acaf
SHA1 7b4add3545079579c57cd872fcfcef972c78a69a
SHA256 92a5adcc764b2a3c61703b482579a92818b647d58143904c4d8fe03a7de17501
SHA512 65875f7fed50f4da2cabb47d3e9b5878a4bda30d9a1d44e004e837401fb6ba889aec3bdbafb39fd91781eb5ad0d926cf191b0054e1d8900be478bea03942b447

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_eu.dll

MD5 a7e1f4f482522a647311735699bec186
SHA1 3b4b4b6e6a5e0c1981c62b6b33a0ca78f82b7bbd
SHA256 e5615c838a71b533b26d308509954907bcc0eb4032cdbaa3db621eede5e6bfa4
SHA512 22131600bbac8d9c2dab358e244ec85315a1aaebfc0fb62aaa1493c418c8832c3a6fbf24a6f8cf4704fdc4bc10a66c88839a719116b4a3d85264b7ad93c54d57

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_et.dll

MD5 b78cba3088ecdc571412955742ea560b
SHA1 bc04cf9014cec5b9f240235b5ff0f29dbdb22926
SHA256 f0a4cfd96c85f2d98a3c9ecfadd41c0c139fdb20470c8004f4c112dd3d69e085
SHA512 04c8ab8e62017df63e411a49fb6218c341672f348cb9950b1f0d2b2a48016036f395b4568da70989f038e8e28efea65ddd284dfd490e93b6731d9e3e0e0813cf

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_es-419.dll

MD5 28fefc59008ef0325682a0611f8dba70
SHA1 f528803c731c11d8d92c5660cb4125c26bb75265
SHA256 55a69ce2d6fc4109d16172ba6d9edb59dbadbc8af6746cc71dc4045aa549022d
SHA512 2ec71244303beac7d5ce0905001fe5b0fb996ad1d1c35e63eecd4d9b87751f0633a281554b3f0aa02ee44b8ceaad85a671ef6c34589055797912324e48cc23ed

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_es.dll

MD5 9db7f66f9dc417ebba021bc45af5d34b
SHA1 6815318b05019f521d65f6046cf340ad88e40971
SHA256 e652159a75cbab76217ecbb4340020f277175838b316b32cf71e18d83da4a819
SHA512 943d8fc0d308c5ccd5ab068fc10e799b92465a22841ce700c636e7ae1c12995d99c0a93ab85c1ae27fefce869eabadbeafee0f2f5f010ad3b35fa4f748b54952

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_en-GB.dll

MD5 d749e093f263244d276b6ffcf4ef4b42
SHA1 69f024c769632cdbb019943552bac5281d4cbe05
SHA256 fd90699e7f29b6028a2e8e6f3ae82d26cdc6942bd39c4f07b221d87c5dbbfe1e
SHA512 48d51b006ce0cd903154fa03d17e76591db739c4bfb64243725d21d4aa17db57a852077be00b9a51815d09664d18f9e6ad61d9bc41b3d013ed24aaec8f477ad9

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_el.dll

MD5 ac275b6e825c3bd87d96b52eac36c0f6
SHA1 29e537d81f5d997285b62cd2efea088c3284d18f
SHA256 223d2db0bc2cc82bda04a0a2cd2b7f6cb589e2fa5c0471a2d5eb04d2ffcfcfa0
SHA512 bba581412c4297c4daf245550a2656cdc2923f77158b171e0eacf6e933c174eac84580864813cf6d75d73d1a58e0caf46170aee3cee9d84dc468379252b16679

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_de.dll

MD5 aab01f0d7bdc51b190f27ce58701c1da
SHA1 1a21aabab0875651efd974100a81cda52c462997
SHA256 061a7cdaff9867ddb0bd3de2c0760d6919d8d2ca7c7f889ec2d32265d7e7a75c
SHA512 5edbda45205b61ac48ea6e874411bb1031989001539650de6e424528f72ec8071bd709c037c956450bb0558ee37d026c26fdb966efceb990ed1219f135b09e6e

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_da.dll

MD5 d34380d302b16eab40d5b63cfb4ed0fe
SHA1 1d3047119e353a55dc215666f2b7b69f0ede775b
SHA256 fd98159338d1f3b03814af31440d37d15ab183c1a230e6261fbb90e402f85d5f
SHA512 45ce58f4343755e392037a9c6fc301ad9392e280a72b9d4b6d328866fe26877b2988c39e05c4e7f1d5b046c0864714b897d35285e222fd668f0d71b7b10e6538

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_cy.dll

MD5 34d991980016595b803d212dc356d765
SHA1 e3a35df6488c3463c2a7adf89029e1dd8308f816
SHA256 252b6f9bf5a9cb59ad1c072e289cc9695c0040b363d4bfbcc9618a12df77d18e
SHA512 8a6cbcf812af37e3ead789fbec6cba9c4e1829dbeea6200f0abbdae15efd1eda38c3a2576e819d95ed2df0aafd2370480daa24a3fe6aeb8081a936d5e1f8d8ed

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_cs.dll

MD5 16c84ad1222284f40968a851f541d6bb
SHA1 bc26d50e15ccaed6a5fbe801943117269b3b8e6b
SHA256 e0f0026ddcbeafc6c991da6ba7c52927d050f928dba4a7153552efcea893a35b
SHA512 d3018619469ed25d84713bd6b6515c9a27528810765ed41741ac92caf0a3f72345c465a5bda825041df69e1264aada322b62e10c7ed20b3d1bcde82c7e146b7e

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_ca-Es-VALENCIA.dll

MD5 2929e8d496d95739f207b9f59b13f925
SHA1 7c1c574194d9e31ca91e2a21a5c671e5e95c734c
SHA256 2726c48a468f8f6debc2d9a6a0706b640b2852c885e603e6b2dec638756160df
SHA512 ea459305d3c3fa7a546194f649722b76072f31e75d59da149c57ff05f4af8f38a809066054df809303937bbca917e67441da2f0e1ea37b50007c25ae99429957

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_ca.dll

MD5 39551d8d284c108a17dc5f74a7084bb5
SHA1 6e43fc5cec4b4b0d44f3b45253c5e0b032e8e884
SHA256 8dbd55ed532073874f4fe006ef456e31642317145bd18ddc30f681ce9e0c8e07
SHA512 6fa5013a9ce62deca9fa90a98849401b6e164bbad8bef00a8a8b228427520dd584e28cba19c71e2c658692390fe29be28f0398cb6c0f9324c56290bb245d06d2

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_bs.dll

MD5 e338dccaa43962697db9f67e0265a3fc
SHA1 4c6c327efc12d21c4299df7b97bf2c45840e0d83
SHA256 99b1b7e25fbc2c64489c0607cef0ae5ff720ab529e11093ed9860d953adeba04
SHA512 e0c15b166892433ef31ddf6b086680c55e1a515bed89d51edbdf526fcac71fb4e8cb2fadc739ac75ae5c2d9819fc985ca873b0e9e2a2925f82e0a456210898f9

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_bn-IN.dll

MD5 a94cf5e8b1708a43393263a33e739edd
SHA1 1068868bdc271a52aaae6f749028ed3170b09cce
SHA256 5b01fe11016610d5606f815281c970c86025732fc597b99c031a018626cd9f3c
SHA512 920f7fed1b720afdb569aec2961bd827a6fc54b4598c0704f65da781d142b1707e5106a459f0c289e0f476b054d93c0b733806af036b68f46377dde0541af2e7

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_bn.dll

MD5 7dc58c4e27eaf84ae9984cff2cc16235
SHA1 3f53499ddc487658932a8c2bcf562ba32afd3bda
SHA256 e32f77ed3067d7735d10f80e5a0aa0c50c993b59b82dc834f2583c314e28fa98
SHA512 bdec1300cf83ea06dfd351fe1252b850fecea08f9ef9cb1207fce40ce30742348db953107ade6cdb0612af2e774345faf03a8a6476f2f26735eb89153b4256dc

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_bg.dll

MD5 8375b1b756b2a74a12def575351e6bbd
SHA1 802ec096425dc1cab723d4cf2fd1a868315d3727
SHA256 a12df15afac4eb2695626d7a8a2888bdf54c8db671043b0677180f746d8ad105
SHA512 aec4bb94fde884db79a629abcff27fd8afb7f229d055514f51fa570fb47a85f8dfc9a54a8f69607d2bcaf82fae1ec7ffab0b246795a77a589be11fad51b24d19

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_az.dll

MD5 7937c407ebe21170daf0975779f1aa49
SHA1 4c2a40e76209abd2492dfaaf65ef24de72291346
SHA256 5ab96e4e6e065dbce3b643c6be2c668f5570984ead1a8b3578bbd2056fbad4e9
SHA512 8670746941660e6573732077f5ed1b630f94a825cf4ac9dbe5018772eaac1c48216334757a2aeaa561034b4d907162a370b8f0bae83b34a09457fafe165fb5d7

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_as.dll

MD5 a8d3210e34bf6f63a35590245c16bc1b
SHA1 f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693
SHA256 3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766
SHA512 6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_ar.dll

MD5 570efe7aa117a1f98c7a682f8112cb6d
SHA1 536e7c49e24e9aa068a021a8f258e3e4e69fa64f
SHA256 e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01
SHA512 5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_am.dll

MD5 f6c1324070b6c4e2a8f8921652bfbdfa
SHA1 988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf
SHA256 986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717
SHA512 63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_af.dll

MD5 567aec2d42d02675eb515bbd852be7db
SHA1 66079ae8ac619ff34e3ddb5fb0823b1790ba7b37
SHA256 a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c
SHA512 3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\EdgeUpdate.dat

MD5 369bbc37cff290adb8963dc5e518b9b8
SHA1 de0ef569f7ef55032e4b18d3a03542cc2bbac191
SHA256 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3
SHA512 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\NOTICE.TXT

MD5 6dd5bf0743f2366a0bdd37e302783bcd
SHA1 e5ff6e044c40c02b1fc78304804fe1f993fed2e6
SHA256 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5
SHA512 f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\MicrosoftEdgeComRegisterShellARM64.exe

MD5 7a160c6016922713345454265807f08d
SHA1 e36ee184edd449252eb2dfd3016d5b0d2edad3c6
SHA256 35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9
SHA512 c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe

MD5 60dba9b06b56e58f5aea1a4149c743d2
SHA1 a7e456acf64dd99ca30259cf45b88cf2515a69b3
SHA256 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112
SHA512 e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7

C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\MicrosoftEdgeUpdateCore.exe

MD5 c044dcfa4d518df8fc9d4a161d49cece
SHA1 91bd4e933b22c010454fd6d3e3b042ab6e8b2149
SHA256 9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2
SHA512 f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8b76dc3d4a6d6ca2907416d651f63177
SHA1 ec3772880a783fb24a7d0fb19338ce56a71b6843
SHA256 d860d5c5f9c1076bf26d6db194419d92ae3491f4eabae140cd3aed6022678539
SHA512 823d411aed6e01591030b02f9d5c98be1e8f87cd5e3b3d66da9ecb38bedb5c98cf193223ee6899ce526b71c302fb715118226c40f58f49fa234a9eb1d57133b6

memory/2960-976-0x00000000734D0000-0x00000000736E0000-memory.dmp

memory/2960-975-0x0000000000FA0000-0x0000000000FD5000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 ab03354526268178cd9dfcd71c1a6367
SHA1 02535e71dd5a884bd4fe04cf4fec2855990611a4
SHA256 a6da500f48e9b2076b18554d7ba322f37e1a74b940618b50db5ead7e37b1e0e2
SHA512 556d16e08fd5f46020936dc221db80ecee1e57a0f3cb5947f3891e11066d1534b6f6c89eb30d7c1117df59fe9bd5812a2265ec1dbf8f51eb72833a2086223d21

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4e4716ea1a85f0d73017bfffd751ebe6
SHA1 b1b5f830e49af770a41f09d99f9fc99ac7a5985f
SHA256 f02f44b58b696528fe5c73822c1e97f462bd2bcfcb84d48587c96dfe005a2b08
SHA512 cc8778daed28d8ee69d98890a58f85350f122cb1593734b5f60d2350a68bd5da32b87478a4268dc8c18133f880757e1a026fdac14c48c3923bafc00226b04139

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f9e4a07481400533be1a120f6d5ffe9e
SHA1 4e004e35462c64df7ceca63fb5d1a865595314ff
SHA256 428d87a700b1fb290909785333775d4cbf2b324a33b00992bd4dd815c4cd63b4
SHA512 a5577dc68e11239828aa47fc3c8eab9d04c351a22ff6dc68a6881b204f3e83ca649538230e305558e780e835df5cddad9d5f982a5a7208e2227990fba15241ca

memory/2960-1068-0x00000000734D0000-0x00000000736E0000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 533ac9e9e1181c3ebbd0012819b9d656
SHA1 13db967d54833e7ad7900cb0a9b0d806f265c4db
SHA256 a2cc0c18a4636fcbbe9fd8a47f6f3c4033283bcaa493181c3bde17c3ec3371ec
SHA512 f90369a6a738eca24e6cecb06dd3c9a7d4373e2904cd84cb52ea572795166c763ca630b3405a2e0e98ed15ed264eb10865a87a0ab13eb794b7a3fa9c57922649

C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat

MD5 bb58262aafab5056b6d5695b769a2c95
SHA1 94799d0ad2b8a2184602102e6b97fe9ec34c0c15
SHA256 1f9c744b6daf8d546a50cab7e895b26ef9cd79b4e4d3abee1bab6b4d46a70daa
SHA512 35be19be9ba4779bb4dc458ccf5168e09e446b749d17ef05969e38fe688895de3edcc2d2a4e402d2c4134a6930b8af287a6aed207cb082510a9b9dee5cca791b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 111e98f9ec40093680a6a76ab28b40e8
SHA1 150fd629c6807adf8f0f8d3224fc076ab0511040
SHA256 057f8cd9c20db5acf5cbe267bf2a8e9f54367836bba8a5c252bb78aa8b1093d9
SHA512 f6b79d88ae2ffbb3452d73c21737561532b5319b5dc29573cbb943436e7030bdfe06dad9abef6d98723513f37e1191b4250733fc28e59d5aa25809ae318c40e1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 9aee1906dba7d99baede61a44b1022f6
SHA1 225e353ea0cf5280c9d01c126e714cce94ed912e
SHA256 98266e58258ffac502afdc9c8fa293b819d7edbbee9faa78371084ce9a2b34fb
SHA512 21b1f580e24639998b143fa1b404999b4a9b124a56a253dd6484243a7cf296d5bfcf6a73ea79ce531980af9e66e10ae2ee057ce588203e0f5c6c5824dba039e4

C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Installer\setup.exe

MD5 c31297188ec9fbaa60449f769339963e
SHA1 8502d9e0cef18137529f0a46ad6e69a1577e6cae
SHA256 2e2eff110475dd3dfd732ab514e4692032e67b2d228d0081634a87f45cde5ff9
SHA512 9525e3e08b953fe36270c7b4868959e9bded055c5577e5ca94d79606b671e6660d180f763b54a276bf356e82d7073901c373e0b40cfca924cc4b38384c20e22a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f6d782a42464ce73f9278f28fbf78c46
SHA1 0f7e3edf13a16b4cef972b13fe812ee92ed160c7
SHA256 edbf6d925aeab6f1b83786f54848b2bbf47f21d30b058dede3bbb6897718321e
SHA512 3158ffb279b95f986889cefce6878c7af40f2839ace2eb43f9cd0a6e22e7f8f91abc6c896e4e18171d3aae46aeea58a4653ca158b0b5a7be7246d54bd0b86ba9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 de8c543700e723303c24effd2b34b7c8
SHA1 1cf1f78c4c666f3c8b0917bc1a7dfb90b2d3d446
SHA256 0cf9e998d7526aae4166ae98f5a4463e1ed34fd754f150ee339586a8f51c7ed3
SHA512 4eca9f899138d2b2dc33b5cb6732d5b8463b7f0242d1695f78dde8195561048c16986fe1de599e09029b0c2798ab5319d567344a758a871a0cf3b15f0fa2f792

memory/2960-1289-0x0000000000FA0000-0x0000000000FD5000-memory.dmp

memory/2356-1304-0x00007FFE77840000-0x00007FFE77849000-memory.dmp

memory/2356-1303-0x00007FFE777B0000-0x00007FFE777E0000-memory.dmp

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2E15E86A-61D1-4A1B-9E7E-468EFFBEBDBF}\EDGEMITMP_53FDF.tmp\SETUP.EX_

MD5 5070a34dbada1aaa375cc572b5fc7d0c
SHA1 e74b7ef714755870976abe3d2b4a7db0b9cc21e5
SHA256 03e7a32e1f10fced6a07dfa4e6cfd92510d4bf6929d423798e4fb5ca91fe6c20
SHA512 fed3fcbb64a59070b0efd677ca2edc982d28e37cdf7283f2777af8aca7d3760a7eefb8d01b3c2bf4b4ec3708a74c3412f0dede91e31dca1b6f8a4e4edc673aa7

memory/2356-1302-0x00007FFE777B0000-0x00007FFE777E0000-memory.dmp

memory/2356-1317-0x00007FFE77510000-0x00007FFE7751C000-memory.dmp

memory/2356-1316-0x00007FFE77420000-0x00007FFE77440000-memory.dmp

memory/2356-1315-0x00007FFE77420000-0x00007FFE77440000-memory.dmp

memory/2356-1329-0x00007FFE75380000-0x00007FFE75390000-memory.dmp

memory/2356-1328-0x00007FFE75380000-0x00007FFE75390000-memory.dmp

memory/2356-1338-0x00007FFE76E40000-0x00007FFE76E4D000-memory.dmp

memory/2356-1346-0x00007FFE766D0000-0x00007FFE766D9000-memory.dmp

memory/2356-1345-0x00007FFE766D0000-0x00007FFE766D9000-memory.dmp

memory/2356-1344-0x00007FFE766D0000-0x00007FFE766D9000-memory.dmp

memory/2356-1343-0x00007FFE766D0000-0x00007FFE766D9000-memory.dmp

memory/2356-1342-0x00007FFE766D0000-0x00007FFE766D9000-memory.dmp

memory/2356-1341-0x00007FFE766B0000-0x00007FFE766C0000-memory.dmp

memory/2356-1340-0x00007FFE766B0000-0x00007FFE766C0000-memory.dmp

memory/2356-1339-0x00007FFE766B0000-0x00007FFE766C0000-memory.dmp

memory/2356-1337-0x00007FFE76E40000-0x00007FFE76E4D000-memory.dmp

memory/2356-1336-0x00007FFE76E40000-0x00007FFE76E4D000-memory.dmp

memory/2356-1335-0x00007FFE76E40000-0x00007FFE76E4D000-memory.dmp

memory/2356-1334-0x00007FFE76E40000-0x00007FFE76E4D000-memory.dmp

memory/2356-1333-0x00007FFE76E00000-0x00007FFE76E10000-memory.dmp

memory/2356-1332-0x00007FFE76E00000-0x00007FFE76E10000-memory.dmp

memory/2356-1331-0x00007FFE76D90000-0x00007FFE76DA0000-memory.dmp

memory/2356-1330-0x00007FFE76D90000-0x00007FFE76DA0000-memory.dmp

memory/2356-1327-0x00007FFE75380000-0x00007FFE75390000-memory.dmp

memory/2356-1326-0x00007FFE75360000-0x00007FFE75370000-memory.dmp

memory/2356-1325-0x00007FFE75360000-0x00007FFE75370000-memory.dmp

memory/2356-1324-0x00007FFE75360000-0x00007FFE75370000-memory.dmp

memory/2356-1323-0x00007FFE751B0000-0x00007FFE751C0000-memory.dmp

memory/2356-1322-0x00007FFE751B0000-0x00007FFE751C0000-memory.dmp

memory/2356-1321-0x00007FFE75040000-0x00007FFE75050000-memory.dmp

memory/2356-1320-0x00007FFE75040000-0x00007FFE75050000-memory.dmp

memory/2356-1314-0x00007FFE77420000-0x00007FFE77440000-memory.dmp

memory/2356-1313-0x00007FFE77420000-0x00007FFE77440000-memory.dmp

memory/2356-1312-0x00007FFE77420000-0x00007FFE77440000-memory.dmp

memory/2356-1311-0x00007FFE77400000-0x00007FFE77410000-memory.dmp

memory/2356-1310-0x00007FFE77400000-0x00007FFE77410000-memory.dmp

memory/2356-1309-0x00007FFE77370000-0x00007FFE77380000-memory.dmp

memory/2356-1308-0x00007FFE77370000-0x00007FFE77380000-memory.dmp

memory/2356-1301-0x00007FFE777B0000-0x00007FFE777E0000-memory.dmp

memory/2356-1300-0x00007FFE777B0000-0x00007FFE777E0000-memory.dmp

memory/2356-1299-0x00007FFE777B0000-0x00007FFE777E0000-memory.dmp

memory/2356-1298-0x00007FFE77760000-0x00007FFE77770000-memory.dmp

memory/2356-1297-0x00007FFE77760000-0x00007FFE77770000-memory.dmp

memory/2356-1296-0x00007FFE77640000-0x00007FFE77650000-memory.dmp

memory/2356-1295-0x00007FFE77640000-0x00007FFE77650000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

MD5 903351785c6d1035f5981effb0986406
SHA1 321c14288fe3d79aa26693f46b4c5076e7bb3381
SHA256 45ec7eb947af3c2b6679920e7ddb8d94f5c65c212214c8c6a312a6e7f08c53ca
SHA512 556595babd363b7d6d0b2599ab5e2e3f50b6de0fa753a7733dd6f4f3de7e48c5caf12ecc12adaee651440d5afb3f9b817ef48ddb29281187663e525fbcbba451

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a9b58b7518853c8e80818ef2a138abc8
SHA1 de51497c1ac88fcbda7e42ab4bfa0b39396d251f
SHA256 7e647f2cdd1147966c9b3dad67719b016b4e0e5e65096b18197632a4c193c622
SHA512 105d3e7191d81a47693cf08378282b07bdb4404a0679eff93f1d8b6bb35b2665849a11820d02f938154dd4890ff2c41523bf17dac2fad34e00d8bd2bfd835bf1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\a167daa8-c9b4-4812-a4b0-11f6c587ed9d.tmp

MD5 a4ba73a473566bff40e00e1ef5bf0962
SHA1 bdaafa495f96b3585670c146f48980c379a34263
SHA256 ee042079fdef73a9808d75b79fdc1fceea75ba0326bebbcc7de37f4eb1fb2f0a
SHA512 7d5b32b0cdbfb1ea5c115336625b59635f5395975149d422baa3e451526ac356f62db0efd5c848c84d7487d68e95579f9e3ef1b200bbe94662155bf3b160cde4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bb5b905d9d88cda8a07ca7f2abec7985
SHA1 6bbe03ca75cb909df2589d825279325170496fe1
SHA256 ee0eda291e01474251b44a510be05199206709d5366836cdd4d9365359a3d695
SHA512 ce4217bc25d307232ec2b14b2d40e5447a7e8f523921de2d423667b354fb768722ffd1abfa37ed393bbbda5c024a789244553d6b121ce1d6f5fee0b0f2a0d281

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d7

MD5 588ee33c26fe83cb97ca65e3c66b2e87
SHA1 842429b803132c3e7827af42fe4dc7a66e736b37
SHA256 bbc4044fe46acd7ab69d8a4e3db46e7e3ca713b05fa8ecb096ebe9e133bba760
SHA512 6f7500b12fc7a9f57c00711af2bc8a7c62973f9a8e37012b88a0726d06063add02077420bc280e7163302d5f3a005ac8796aee97042c40954144d84c26adbd04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a432be0dcfa76dbd0b75246b8ba81aed
SHA1 108525d6b7076a29c64fdcc7227ddca0c59c0b41
SHA256 dc57a198c86cdb883172549c35b9d1559eee8d6a0067097a8ea51d13133477a1
SHA512 5866a52f99039d8408a4e1d9dfd4b00ecd72146ac95cd8e1ac9db0c2e48e2c769d1c6eda607184cf3b186bb291d88a97c439c9fa91b72652b681f01e3ad27b01

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 59e20c7f11187d9cfbb4b58cbeca0702
SHA1 af6b153a0314b52e98e4dcaad873c46cf4ab6c08
SHA256 c3c4011ab5de2402da6b6499252841efd0892a7f07cd144e7476ca6440771e60
SHA512 4e310059af2b0c448d5741b19b99f563fa54375ca28d19248b451529de7318fd28470d7e9c006714dfc83b051b11b2aa130a24fe3d248524325c7074b3f7bea8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 62480de18387e8b8baf070255ed461be
SHA1 2eebcafadc627ac632847c9113eb693c66c7bcb5
SHA256 561182282fb2193ae5feb063a2a6b94e1582c13c1b124ccbf9b0fbfd5641574b
SHA512 855e0a775ac5f549548ef73f9e12a8e512941a58dd7be4f9367735469c92594d84b572606ae46d2d40511eca71a9375ac5533c51a3cd4f5177213299e52d9a8f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5e4496f67f54d897645cedac21480f82
SHA1 d0e1ed60c69001c3d4e4059cbda37b7c1a8dac8e
SHA256 e594b3b0b5b39b7fed5307410094a5da62be040b60892737f37d1e096f4b5100
SHA512 c6ec816ae4b730c11a58550fbbe68b70d7e3af77cd37ba40aedb1c8d7be209646b470fefd5ef26f2fde5e5e480ae9cf6760ddb8a04129c3db9eae9907f211645

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State~RFe5ab0d3.TMP

MD5 29fe579ba7401ba6d9a86df46d4aa042
SHA1 c5bcce89cd008259b543878dc3b22f07233fbd49
SHA256 e0ccba2284ec085ec1e07a47488d57af48e07c89a3464f215ac78e518d7edb9e
SHA512 88d0bd357306c8e7ed769ad562a0d53604740479329907fbcf12223c69c38b1f6bce69cff1995b5ab2686aca2e777f662c5d0852e8e3ea73abd35044cb703d42

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad\settings.dat

MD5 f229bed7b6bf7f65755fa0b75f98f38e
SHA1 5c45aa799a36baa41a3cbbe9cc8e6e39afa0946c
SHA256 bd378644ff5ca8d687db03814b834aee2fc1d77964682c59369c148937934a84
SHA512 1ac06ef46c0bd1b716d00c87fb9aff0d90f7d0ef7dcb347940ce1f2a97eaa8323f9a79cd24f59c3218aa9c2c29c7c7173cabfb2ab530b3812f4b5d4e37a0fe91

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Extension Rules\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 fa16d18930b2d9cf2a18e3375fceec20
SHA1 d081b608b0516155cdc7ef4641eff85b05f75556
SHA256 c50504955bec4f533d5e6974bc51dbe6077241a154b1e6fbf210adfc7b2fbcc7
SHA512 18947d80c298b12bc923f3d0d68fff50f32a7cba9ac7e1e7dcc7358ff2b843dfa719b2e6913b928138a0380e7a919b405028b2a19acdf56f7ad48f2e10331e58

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 7d0ed5735b1b9e0b8968f22a407015ea
SHA1 d711d05c0c557c4a51505b6a0012d611d0c25244
SHA256 0eb9058ed3d8a272bd0605621559d9aec4a7ddce0c25cbf18948dbb089648e52
SHA512 2c85f63758d4ac76e4c05de7923e96afb80d5a3cb2b10eb4491782467e9f5c2a8c28a9933d24d12247568f5a506ed9339d757e15831666d10de4e5d184dc883e

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Sync Data\LevelDB\000001.dbtmp

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GraphiteDawnCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GrShaderCache\data_0

MD5 822cc6475e369e48b82bf3d4e6423f9b
SHA1 f64f6ef4dcf7ac28583421759207e4cd0aff8702
SHA256 15fdcb9094aeac96f68fa672a69ad7e48a61edf7dbc0a95663497e78a0c51a62
SHA512 b16765b04fde071b6a0c70a5cc84721e89bb5b3efa2c6f21f4353bbd50386ca24d111450a7a6b9d0443f0dd09906bed681dfcbaf168c9139cae00d4ece78bde4

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GrShaderCache\data_1

MD5 d0d388f3865d0523e451d6ba0be34cc4
SHA1 8571c6a52aacc2747c048e3419e5657b74612995
SHA256 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b
SHA512 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GrShaderCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 ab071c1f29747fd161ce087951afb46a
SHA1 352cc33d146156e2cb43b61e29a2368a429ae806
SHA256 5f583a4962c1601dbfc148539ebc8c23c8f13a486c0f99218b92696aa388a29c
SHA512 a85708bf4eb42300fc94212778972d983335f2055182d614a01294948f861445fc26b91683dc91264ad8e7b851c642d897ac2b6d52dd3646fac0b0b05e88741b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 708b407a525c4386862c55e1c96d706e
SHA1 e28b0ac0f8042c72f198bae29294813ba853b01b
SHA256 0a35b35a0b45bfa140e2167952ed67b23c5ed110255cd29deb5a5989a9de88bf
SHA512 868338f2b5074bdc26af0c5f3967d23533714e41c54a8ffbb57b33512fb94e1487e9d89da0f943a21b54c94f752b28ce0651576be29b05bf9370b4c487734c72

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e358abdd8a030a88e4d5bbfbab4d9de6
SHA1 89f87235260d052952dfc324cac9b89d5d979ecd
SHA256 3f1b83dda73d39322846640e94aa0ceac1bc6405b41fe939d6d2b8343f33f94c
SHA512 5d5ba051204e8643796526b5595993b7e74232cfff36c615b85d4b48bf9ad6617fcfe7d566d186b44f476df111a9fe481fcb4f5fdfc4d9c41b2a0199e7a10cf4

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_000003

MD5 77c7ed1cb5ec7515f4c8ce137084dae6
SHA1 961394a4abc483eb13f14b3f0fcd7c6b119b6223
SHA256 5fa73b28ecce415789f72ab4dc7359e3df477def53efc465ef9675900eef92ad
SHA512 678e4c946bbbc2fd15d36c0508500e7261e0e0646e5db9c2f69aaafd5be71b78342a0f2e2b94937b8165b097b3b5149fef22628baf4c6436d35d004e0ccde4e6

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_000004

MD5 b942415d2a132be1cfcf8b0ded8ece04
SHA1 169c03e6b77de770fe42866dedf3658adbb89326
SHA256 a4d5f1a1e0faeb6ec076fdd5b5fb7da029b62a7365285b6af8032452a1004b31
SHA512 ef714df7fc94da977f8d1add9f18cec974bf59bc22b17aeb71181f60490ec4e0c45614efb63284f976f3df500cbd32b72a6f7160f76f3554030e9955773e81de

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_000005

MD5 51e425656585790a0dbd28f882bc1354
SHA1 7b6cb621a5350cfe3cbc9513a04cf2bf527ff510
SHA256 6e49113dddf1c5a7c9c51f2b2c8aef166e6b80e04b2df7dda0fb0808df9b3b43
SHA512 3b2941995cee2c807a27e43da24024ea07cec0c65914997638e709e9e0d113f24b396e9d0ba9033268a5a825cbd7c8491fae7536e61e70b5b40f06296fe9578b

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_000006

MD5 230b416cce0fc66fd5d5e519fec536b9
SHA1 de389f9fb8bf91e9b31e7404cce266b9c56d00a6
SHA256 b8531b8359ac8cdf0475bf23eabb77981d5ee6eed8cd049e031a56764d90369b
SHA512 9c6aefd331786125d79c08db84dce3ea18449b669cda5eb6a8e583689e7070851c77e71bc1414a1b677bc7d0c56b875be9bcddad41d95e60b1963f4c86343344

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_000009

MD5 e5ea13ff2527bc1a08ddebc522dcead1
SHA1 13b8e4d8c1636eb534384e891b48dbd67cc90752
SHA256 ac338a2550bdc8ef6b7f6e2548b19ab563242e971d512795832c0ecafa1fd2ff
SHA512 32033ebaa0c8cd51af00c0d223ce5cb3b6547fa005fb4f3c1c5675d78e801e7fe1d4efb7c4696824ce25e457e7d1f607b0906aefb00dea1cb253e9211b9670c8

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_00000d

MD5 03ca33f546bc5756e3ac28342a36db66
SHA1 d9b0336e536bbfaf915e4f09bfc0718684feddc1
SHA256 9b83838060000c85ddd7d43e3dabcd519d18bbe3fb73d3bda4fa9c3731cf54df
SHA512 ff17fdc55d6f39795fde4887d8dfa92000cba72a29758cf723e9f79bc1165598026314fe9772b04dab83944c4aaa743277b61c25280c7def57516d781b57f8eb

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_00000c

MD5 bc204a546c48c0774a959fefcda02a26
SHA1 5870bec813cd2df43b31da5c3d9205833c3b250f
SHA256 a1623e630cfd13334a505142e86b148477e4e718a913b6c37ce5cbf9f1cd25bf
SHA512 982289689f0ba4aa035431b7cf520fc8d9420d8ebd9ef056dc1f00daef958c3d76df2fe54aa1bbd72edc457800a5470415959af6a6326554c9d638dcb065c684

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_00000b

MD5 31a679839e0bc5558ae5b7082b25fc69
SHA1 5ec6c6e3be22b6f45ee3b3bb430a338cf983d568
SHA256 0cee97dc1e3f8975092346d9172129f09a7c60f951621de29d162287e8e94945
SHA512 b1f74c649b57a16f7fd381b9aada62face02f6ce6bfd36e1febd269bcce3c5ca759644073e6109a1b0927c490fb7ecae21bc14cc7822bdc60f2d502a7aa19596

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_000008

MD5 47f39c90f6f8bfd0bcdcae296daf8236
SHA1 9f85fedeeed63d141d785b24e0e27805526d4f77
SHA256 bc5375ad52c1781f0bb4b0aa01d04f76b3da9781b4b22c6176549dc3ab9ef18f
SHA512 4c59f76ce39e6fdd4b1f3cdd6668044f266920835665f68d2bd721e95b0a63241476b0b335ede1597048e6b78b3dd10320d85a93dac66cbeba838d7ad0c09af1

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_00000a

MD5 734b2634d6bd90f79c11a5a66d4b0c76
SHA1 63297828a39564595668077443578dba231ca1b4
SHA256 c5fd9976795f9981f0d993158313738de59b80ae32ebb71d7e649eae4d95cd76
SHA512 f1faf57cce672d4561dfd5e388764db715611f27df6d24c5600672bfa576328ed2497f7f29ff6008b2882a85b8c18eff96a0c05070440a95a7114061f1dfc605

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_00000e

MD5 f2468f22e37106265d27a9314261e01e
SHA1 210b3e5b45ecadd56a72206a1309c8c8ffc12f3b
SHA256 b28773d7b44c01e78e442493c63af55723c31afdf7898196f35979d373105ba8
SHA512 1a33612856fc3d3adb942b151b8e6c9ea9cce2061d11dc809351523117510628ff271ab7a762c979c487752893870327b6232c626e9d9d84b3d4a83f6362618f

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_00000f

MD5 b3acbb29b1e830610c17f0582e6ae589
SHA1 fc5797a80e6c6851343d05ab0d3f7113650ef05a
SHA256 1adb50c0b3684164e427f4055f27bcb153531edfa36b16116b4d8133d4777e11
SHA512 b24d35c3643723df7eac5c5123f7b43dc74bed0bae844305ba72014990a655f70a193f0a7013d0513349af3172adf057ebe9bb41ad3135194bb542974a0db142

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_000013

MD5 8144e6637f4c38fe7104aee0830e8639
SHA1 baf44459604befb30853dccba736a3929e9c5689
SHA256 d6d2c4389707b0a2e0c54a631af49952a1ea4aa268683ac235558ef784a53c56
SHA512 3fb1affb4b87e03284b19e866206da00ad0c9b6015a649342967e8aba535db9796b2787dd2dbd00c75ae362ae6b1174cb0ffb994cd86c14c8326d50d381f3c10

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_000016

MD5 35546a327f10cd0a628389300e5fb929
SHA1 b13f9d279958adcbb5eddb91ecee6e44d57fdd62
SHA256 bf339c1b4d253fcc92a0943c8337e2a8c2d048eee6e1d5b1ffe3a97fd9b7e458
SHA512 202b01da6cbeff283a3381ea700ece914b52cd9d1255e5728ccb8cfdca831d0941f7e525bccb304de9dd1c32391575815a9f329389104abdc85201712c15a06d

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_000012

MD5 21ff44e23aa4ac52d5a4918d42dfa206
SHA1 1c27cca46bb81fc0a911d267274954ae51771740
SHA256 6559c591bc68390f48c416f509703d015ec88d5bbc2d26c45c29275f09e2531d
SHA512 5cc990fd3ed4cac83d4a15dcfe59ad36b8467607bf9d865e117428ea0f215d6575ce9061d02888ab0c4d2c3e6956aed9abe367b18c1ec6d6edac40fa83d4d898

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_000011

MD5 6eafc48312528e2515d622428b6b95cc
SHA1 8c21c748004366757a93c587668ab55cb6a4bdf0
SHA256 dee6942321440ad24c989d45fd96bf0c0c11e63e04357af2128118eb75eb887b
SHA512 c501160df9b93014d510cd22060704b434fac4c6ba242d3e625e1bb6e838aca31889197e74fd4d082f4333147ec18197b2a31619d55d37c9157ec275621ee64a

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_00001a

MD5 66d562e3299ee732a53db150038c026e
SHA1 f514a9e346cd443d196c1bc401f078a9fa147323
SHA256 252d971616775193836fe6c0c057edc13c511ed2bdbdb61fbe3c4567a3a8e530
SHA512 ee24be2709cb98ccbde710654eb1ba533e432819caa8c6bf1fedfeceec452fa3c5f3b2402efc06e75d59e55b6e7beaa71f88bd049fad8e17449c0fde217a6468

C:\Users\Admin\Videos\Captures\desktop.ini

MD5 b0d27eaec71f1cd73b015f5ceeb15f9d
SHA1 62264f8b5c2f5034a1e4143df6e8c787165fbc2f
SHA256 86d9f822aeb989755fac82929e8db369b3f5f04117ef96fd76e3d5f920a501d2
SHA512 7b5c9783a0a14b600b156825639d24cbbc000f5066c48ce9fecc195255603fc55129aaaca336d7ce6ad4e941d5492b756562f2c7a1d151fcfc2dabac76f3946c

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 83a61f3886e1878b9678cf854276e4e3
SHA1 1651b075098528481981678e3d52f81ba0c35bcf
SHA256 e2d2d19890f42e9074965568f9202ec2e73d6d6aae37cd853d8e039dac5f9143
SHA512 66bc86e5b036bc1b0b62d667065b14c4a7d1db21a3058ff4d6f453ef043efc07ebfb617dd0d52416962a00d089bad15fda941439bb39bdd1cebd8544fc449076

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 23efef94933accd1eaf37c8237427ea2
SHA1 05b1d8f27d121821e68cb964410174f309e7a476
SHA256 bf44a45b04a18268e19a72dea42837d53277ecc328cddaa8a65a46eb56612a19
SHA512 278834a73e40f4fba042305337c39ec7fcd2d991c7b9ae6f57a86c52b4590ffb3790e55bee46a227fcdf7001573bd7d87a19dcedd69c48add19e88a753ec5467

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences

MD5 41e0d0c831b89d759c46d2ee53fb6fa8
SHA1 bd4c1d196d7108e07f9b74119942deef132c1ca2
SHA256 8ca1fe307f5dced38640996f3d7742fc5f6f8074b2c7ac0b3a9df9cd1ef5fa03
SHA512 7c9df365aa23b4ab4f47142fe86487516569e6b4b71ba1e34b5e442f8700a092e7025e6c1d0092e6b9fde0aaebd7088f1c970beba93f35b77d30c180f7e710af

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences~RFe5b08a7.TMP

MD5 28e5edf4a4bef0ce3f3ed98b474c37a4
SHA1 b66f50b277083e3f91b0caf59f4eb3027f3083e7
SHA256 67d6fda686c0ee73bd0bac716e123bc636dc17f762eb7fdd34832b8b3aacdbf8
SHA512 0873732c366d14469fb1005afd350a5e9050bff12c72fe0a4e847806a8a61b344e164dbb8e807815cb12b428548ec287fd5a8c9fb4bab529b5dedd8979a395b5

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity

MD5 ec3bb479d05227d2337fa5e63a0757ce
SHA1 f42f4160b3289b8ea838d2436c4bddf0793993df
SHA256 5d154c543e7569f31d5eae595a9e36a7268e8fd852f4f3e5ac5d65c83e17f429
SHA512 9829968d908c445f2b2808af96fea0182af5aa6ddd88a45fa31dad1f9e5c8606dbc000ba3e29f90da500ef1a98eb69183b1971b52326ca8e7c10b0b50eb8a1dd

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity~RFe5b0a9b.TMP

MD5 b24849d6bc639a3f32cebc7e0303e7a5
SHA1 2081dad3e11ef28273d5faee614affcd3f13a347
SHA256 38c866d3a79e8b13c9131f0d033329d67b568afa3653f05dba9456d1c3b7262a
SHA512 dc07e6fa8a99dcfbea3a2afcb1dc370b8fb280bf4d966f9b6be5f7d471b45c091ad9cd8ee48f990e61189cfc906447ae369ffa100dd2273a9c25f0a95da8ffb3

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index~RFe5b0c31.TMP

MD5 261b218079627e90aaf8f0baed242dd4
SHA1 df453be538db7cbe4dd432c6e35407f5f725d1e0
SHA256 5fe926f307871fbc9819d3a9dc8afab2d44c5bce7d205fdcc7468313d4df62ad
SHA512 094cc7b64c60fdf77fe950b3c9b37717c19b3e719098a098e1a448f12eb2eb69d3da1c42f9204c293be49fa4442784164290dc4039e8ab619acbe973d146e46a

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index

MD5 6da2c88fc2c1f6e25d41a5aca485e251
SHA1 bf5f6aa1589b3b2539519180a4e8a8e4bff161e3
SHA256 5437d843fed7e4df8c86199ff1090d2aedc2bc05661b6569033c18f1c2b3b760
SHA512 e73c9a70c507959614f32a4814ab2292fbee4c21f7bd407a2b81ac6d950bf65caff866ddb1d7de9b70256f316d4466c3a1d98f22346372dd7bf4d7742287eb6d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b16b991e7d9a26d1eb0804ab29e376dc
SHA1 dde625645c64a43f97ed677d772d63c987559ae6
SHA256 14ec82dc6aa695eff2b7c5457ad3fa6fe9a7a228c02671b9cc65c3358ab81120
SHA512 c5b1bc2ee4cb5106a22b43873a70e2f35531ebe12fe88c7b5a9ca3365ebe6ac445f0b274a32be95daa1f9e0dbef20377cb0726a986113bc1a51feaff2e92c0dd

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\745622ba-d4b2-48de-ac30-fe5400f60285.tmp

MD5 c4dfd53c895b76690c291628f56fbaf3
SHA1 7fdb0b1b20d35c04161872c2358f9d6fd23d1ebb
SHA256 2e7a4ceb7a21c8f112bea5645bbeedafd4a50feee8ccbbf1576eec2bdb880802
SHA512 2b98723369585e402bac6c9c1c6f20ea10ad14d87d22e198c6a3bf5e5b86d69aad73930930e46ab187b947550b0d6e5ffc3f301c9a6f35a831cc56da4b7a97cf

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences

MD5 2e0970663c00c6560091e3e4ecb12711
SHA1 778fe692ab868831deb749a6550abdefe405ff62
SHA256 8ccf090d874e59d44a4455194886483ec61e75d9eb5c1125110c8144fe91b482
SHA512 ca7ecaf1e7506bc65fae2a838310e3fc5411f7842acec14abbe290eb72972315c6e30afc99cd4683fa15637906cc7c910b54f59be1b7e5c0a92fc561ac9005d3

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity

MD5 0d6207524fb593277dfcfe2d09116b93
SHA1 dfe80bad59c5b045e292089b2c5a8a463c6ba933
SHA256 053c750111710c46cc9463923460f15592ec88e17b2194cbae5dc7f4a3a62b65
SHA512 20e92ac5f12d4d704ecdd4d96bb0ebe3c8b81e752d4b0a97ecdb5c687d8edb806b905d6599c867b8b8cfda9889499a54a1e979a97391a64302db7acf882e487d

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\Network Persistent State

MD5 da778a3fd73cb0b755f8bdb443ca634a
SHA1 92005e918ce983aa008615026d68e8fa55d49091
SHA256 a60fb7d9d7a5a0a46aad7e423f46b12699fd3fd838e7c1fc01222b252fe629cd
SHA512 c4598943201e410ff9257e0a3021f834a9358a389cb75126aca39b1ae5481092fd70f6949ab2a57c1ce0d2c83d6c113592dbc0ca320df5f9cca838af9771b483

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\Network Persistent State~RFe5b1ecf.TMP

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 02e5fbf0a295b3c26f2340243e0e1a85
SHA1 b993c61aafce42ec0367b1d4faf801f37d529245
SHA256 a99b2e9e8882dac2c7e02ef96eeb0273716f49c02050876f15a929b92c259353
SHA512 4e94805c3623e7d5ceb744465e71a782ad98d94de7f7589a3eabc4bb24afc25b4546924ed6134701b27b954d84359e5e85ba91ad7a308a9008e5aa798da3cdf7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 383ee4d7a7630b350eb63f5c9e1cff89
SHA1 d6190ed2a054bce9cae80ececf31919dfc26d385
SHA256 84bfa7835bf8d8245b286f482bcf9316dc81fc0d181f6fb9f3fa3c83d985c496
SHA512 4e2b9a3c1a085791bd92d9fcbfc8012763678bdc5cd271503dda7e63ccbaf448b418c6d9daa12d48e62fc0273c209e9df0813811b1dfb1bf3f8bdc47e3728a34

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 393aeee9eba404ee3e6e843fad8f142c
SHA1 7401c928cc39468cb8801d255dad35bbd34adcdc
SHA256 9a969b7088c638a0149a59e369141e2b30e1848d8b1bfc0c71b8fd34090b48cb
SHA512 690f6ee1ffd25618bc65df664193e63ba6bc06fe7d228704e49fa25a0488488e064b6f9dc77056f3d16cbb8ab056f9702e262a758b11b11ecee10d06b0566c50

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 774e6f95efcb44a6bf7e6ca7ddf98ba8
SHA1 919730b7e41991f373a45c066cfd298c22291928
SHA256 49526d2653b4d1119838c4474d72b1d1f51eafa1b426c5c0d3e72a1b6df18384
SHA512 34a6454bfadc394833b813ac4857a1f3672b05cfe1cbdfcd724d576feb50c63f8e5432627490ac336e3d981c2c6152185e8a7e2d8574c74f66b51f5870182630

C:\Users\Admin\AppData\Local\Temp\Roblox\http\5d34a1f5416fdc978c6e0c7edc7d67a2

MD5 c76ac26f80988d0fcf03874d625b86af
SHA1 b04a5e95018f8eca571daa4077e66626b9ba0de6
SHA256 3dca66141315cdee30f7604013deab2fcc1dd74af93f9630fb700b7606f531ab
SHA512 23ba1357212eb135ad87fcbb81bf73fcf2e189da34f08ca1cccd40d763a856e9ca8ce5514af395caeefca2b0dd3a6fe3b8d43e060c5baf5139fb357fedb90a59

C:\Users\Admin\AppData\Local\Temp\Roblox\http\ceea000e430b7c9714bd62a61ef5eb0d

MD5 e6bf3b994b7bd85aa47c17406d367d2b
SHA1 b18be2803acd9576aaa72bb19116b09680f0cbd0
SHA256 92638ea5cef2b20242923fd21757df86c8c434ff12243d480250364b8480f2fa
SHA512 3e207bfe1b30c981fb533971769a4051c0c87ffbfcabc012606ec939c5b66f2bf59cefeb85c2b903856d6396584b2c96472965c11d90d6a1ac9f59b29cf3d664

C:\Users\Admin\AppData\Local\Temp\Roblox\http\a1aac6bdbb2642f3f23fbed64d042c3f

MD5 2c65a49f36fbe81aed88d7626a0112e3
SHA1 832fc429cd021f288f5ef9531e7dad6c9c6507fc
SHA256 eb8f138e67962a5c7db64722b78454da2e3c3d656ec8d72c9bec566f10a942de
SHA512 4fe7c7a7e439f6b43bc13af9291994ff913fa65ab1d77f162c97b18ae505b1c46ffb2c9236b7c9010580b095526a58204bf182aa5d476e3d0a006b2ca450d181

C:\Users\Admin\AppData\Local\Temp\Roblox\http\b0cd0725ce628c802aea646becfd46a5

MD5 b7c03229a5a8d6586e4532281bf1bcf6
SHA1 e2cf4dcb1a5ed9ec90882b05fd92a1cb2d9b7031
SHA256 2f68626defe72fe2f0f653e4f329dc40a4da28ec0b6805b7e372df74503490e4
SHA512 4b33587bd1e348c0c3c90ab22556c1a1634c9c16a7986d5ca92cf409a6bc9a2d4ef6ff29f1c56fbaeea7ea42b9e6bcac980f3a13869c7321dfa94b3d4c68498b

C:\Users\Admin\AppData\Local\Temp\Roblox\http\0cbacc9a3c6aa07deb13db83f658936d

MD5 e3690a37568ee9fe7f191a17a47e2146
SHA1 476c939e0ca065001820946509e36ac2842fb1fa
SHA256 b8da756d34febd98745815e7ee643c49dfdf1adeece7fbdeda22487c06472f28
SHA512 c7b777cb3616fbe210b58c1e2395ffb378ffb36c2fed3af8c634e7d39667b9b433386d1a284f936a1d4e10e76c7a678e97216fe801cf95a0fc3fb313fc4514a3

C:\Users\Admin\AppData\Local\Temp\Roblox\http\95d98e1cfee595f720d12856399cbd72

MD5 39be6457e3ff988375205765c4660895
SHA1 8e946b84ba320df9c28aaa6e759e24719ec38aba
SHA256 1194e8aa1e2ff45887bca03f3ddee55de61436c660e162ae343ee64e7d146da1
SHA512 80f75601d5887291d0f2884945dd2ca197090431fb30dab6e6ee9ef601076950922a75f23a577dc58824a8ea7f57c48c1a742cdbc13a28215bead6b2b0b47033

C:\Users\Admin\AppData\Local\Temp\Roblox\http\0f10b6865c21c904e29f52a54a31f37a

MD5 38b25c1089062288a7a9a8876138e465
SHA1 d7dc1955cdabe9a50ef4f6b345c9012e3efeb56c
SHA256 e39aceee4952e730f1a101894520b046ff21156ebc79c0f8e070e87af20fdd29
SHA512 198469bc9aa03de2c29b322cee7714a67b1b421a8fb0b6ade7148f54fb5ea0a37f6afe5e80f052f41815174363ca2b2dc8395534c624f0f87d2f7a0e9d773dd5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\3acc8af1251b7ed321f9b36da661d9ed

MD5 808cb55c51b6fc55fa6cdb17892dc876
SHA1 4487b86a3a42ff05e109800b1827c100390245c0
SHA256 eed0725bdeac66a2e53e7daaa033f06c360314d751df70176a0af3f23eb08c7d
SHA512 0d2e6534792e7d417a6fa8403f22397f406352a38bfe1019d87e0308d041b3e69d7defae77e2bf6b87adb3b7d59718efea7d5fad340847c681eeb293beb0f24e

C:\Users\Admin\AppData\Local\Roblox\5849387988\InstalledPlugins\0\settings.json

MD5 a124ac9f9f82ce9bfa4465e75bfad473
SHA1 465ee8d621bdb73b9987dbe479b976e1cef6917b
SHA256 97c10ff6f86f63a5fe2097b8592321a600ee8415cd1822e441c0ff138139261e
SHA512 2e5205b90c7de76a8ff73163520fc36db7ced0f891209e6f2223ec5419b0a08b0aaf866d9f57ccc7f99a1209d9b94567f840374387282090f54b33f35fe367fa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f07be0c5fa72029cd5827ff595b74444
SHA1 973bf2d33cbc534ef95ec2fe91b081a7498c822c
SHA256 410874ac483687ce2361da9de12ba64d3f8d08748f66cee6a28838f39f258505
SHA512 e2c891c183ce6dad9c032e94ace47347a347a706c25f75fa248e689f4f4f5d9a5b7e55239d9328b683fee19700a744754d0b293132c2c2f4a60055870e834929

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3c0b5c116d5adb207d3dc7e1c0252f15
SHA1 9b26beee55011b5ac50703d0b1d0cd82329af9ad
SHA256 cc52ec9bf4c36ed7143f1ae90dcbf0626335bdebf56fb9b08841620703b68418
SHA512 af6f64d38c0a917606f1a7e417b3ee929d96e15b3cee3e48d7b0545d12a4804c8d5fdd1fd8d3194a5f331c3c240c738f23ac976f6e152ddfea440729b73a6f4c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a5167c948bec1634375c6e382084d449
SHA1 228f1c369fa3fdbcaf9e046ca4bf92fd2007a2fc
SHA256 22687efc50de7d590d91da44499c9f1f79532dd6d402a2a20b022a3f6b170644
SHA512 4b7fd14418ca565f0ceed7a85d9e3417cc3c7a98e3eebaf23a21b28dbb3841fa4a8e16a52d970fe1e48b5048b650cc6fb84561314e11531fc497af692dcc9c2a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f16a594c3d34f66c3ea89229493c2eb9
SHA1 9bc51665b86a0fbbd6538722c4e5817140bc2dd2
SHA256 9a68d6e04cc8d6696520c6674898d47dce2d9c140a1da50af0dafd7b5b4c72e3
SHA512 e2a6b85ea5b86197566e978c077e0d866c248b8fd1a06fb9b2ad599145966db9b33acd3ff707af135ba53a4df067688bb1af7ff40033d860f673553e40c8ebbe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cc086e4c912d6f71b7c222e218e73036
SHA1 738dd507b870f41c37540e84f6c7dd9cf3e28614
SHA256 ce46d9318ff9c0c5c298e12be90a9291531fa4be6f01ac3657a77bbe3ef6daa9
SHA512 b78ba00f1e34271b399e3478b31c96029ea97630ffb494325b13f839cc5cd30f8d5d4d0a92110985fb64093ff80b8b9daf6548b00ccb446d3ee2ec763543b38e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ae22b633ddca48024733b385219c03c8
SHA1 f00686d594991486315cc9146ef9a0623dd116ad
SHA256 9ca3c818691c2e66649f65beed4072506a5ce06e8f3271a838053bc45d508dba
SHA512 e9010241cb01e3c9b08673400510d8f420e3b8f45eacc8cb68dfaf8aab4f88b86f8ecf5897bd908a15d5f5ac4c3ef8de2b8f977536471921e5b98d4f48f85956

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a6611ef7ebe0bcbfcc245efd96245443
SHA1 7e2bbf3e957c362e00d8578c7c2ca77a410e9a01
SHA256 80c83fbb13bda2ebd28ee7d344931fd39f8455cf224f3581f9fd90773a4a7c46
SHA512 9be5f11113e133f703c12053e2c81de358adf6274d128255bfbfbafbce1ff09753bcc606e6750a8a43e2803bbca338af58c8c85fab73a8c7207ea12fe2e40dde

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2f34a520acfdba5b665e1115bf881507
SHA1 da992763f4c2f810d7b3d65ae4c477aea393ab29
SHA256 d77de0deee5f87229e307f304388fdae383e8f9279132b10a985330a85423a33
SHA512 8f6797e3e70c6a0987e32055a7642e25563a92bb6b6d13754a151c435dbd31b9e9f122995a1e7aeb38efd15c4d289313599ec246c69bde740421f2ed5ec7e500

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f59040594f23f4e3f25551230d9bc52e
SHA1 cdaca27daee548008b6ab05401c8d22332014b5c
SHA256 ba28cd804cc77458ed85bd56bee0ab437fb5597d607b76a6a30d6ea0eea1495c
SHA512 6d61ea3d3b45c46cd1eaf3894ff912af29c8d7d505eef0571c0aecae7dc951c28fbff2398c29e580a2cb8379b88ffd64a413bfa908147696743061a2f06bab3c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1382aecf876d89d410f566b47afd748a
SHA1 fe84cac893bd39119656ab39614380d191dc066a
SHA256 aa5e5e474bbe255b99b886d6359eec81f31994eaa17ece78857ee126a1d61652
SHA512 f9117e93c6d67fc9a4ae8d626bc69def300e889e959c0b4c1a81ffb401e87f65830b32c8e3563e1b14f35924d04348058ea2b4e83946418ae93b588caa7d10e0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2dcf50a5da019b39543fdd39c269dd06
SHA1 35c4fec535cda89a724ffb4d2a590654c9822ad5
SHA256 56e426a953fd023f38b05ffb05caad04f638accfe8db896fa867e8bdf670a43f
SHA512 0b6a00d14d735bdc28932e9cf0fbb0c3205b9266a2aa98490f8dbeaaabc251a55c2601677f260fc5366e3e43d333d365e70a70876dd35df9ef8e72c1bac74dd8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 715a5773f34389f64dd439c1224496ed
SHA1 9324871f2601548669e37a59ea2999dc55954082
SHA256 b4dbede199068f669c281b75eccf1903a959627fe96dfc83c3854ca3c145c1d3
SHA512 7e9d67dfa68344a88a0c31aaf528ab4b2d9bd74bb1036344d46a34a144a5dbac2877aefc478d45d3eeaedca568664838985ef2f1c1e25f9f76dc80a8a3faa2a6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 23decbe7c9946f52c3af86f46d2926ed
SHA1 7828604e73c8a0880b176a767eca3a223554db44
SHA256 cbe99dcc5c8b4d14322cf41454487b663d63528e00cbc493035df2e712781a97
SHA512 daea0f69b21c3c1dc21ef4a736110f11b5ad3283ad03ae122fdd5eecab31ca09e2209e8ed68fc4e3e9677602470b4988e769cf0519070410a43f55d2c3cd9cb8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f20e4485bf2c36405ad0e22f8f29b6cd
SHA1 d8afe372cf165ed09d93bef58c6867e7d14b357f
SHA256 86c54f224ac296cdd3dc038bed0a7a5616eb9c6e284ff14905a5089583bd7b47
SHA512 7505037916faa96e39fb8f3cec65cf29e76e8ca015566d2d244b6466db7c83372584a3bca872d944ebbf5838c01b50d3c6e1253f6168ea56d930f0d40bb86d74

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2e83c4cf676b7ee22836f6d5560e16e7
SHA1 ff6984b125e4d25ff99b93a333d469559805e9e9
SHA256 ad032d9edce6ec2a5697ecaa4368eed6fd8326f941b37db5178f3c77bfe2874c
SHA512 cb8d450dbc004aafcdf3bc97b8498fede7dddee29fcbd55be927f3d7d3a19e0e9041843ec4f5ca65ba9e31ded9439e05a3ffba0154b3dd8def835b3ab30ce2d5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 56495d95575aad8bf476bff390582ff1
SHA1 14d294b22c2536bb28334b63124da42158c5f647
SHA256 98a719827693bc731f1665d5c9ca731e0dd0061be49ab0f8470daa961990e794
SHA512 4a50859c9f00e6a669f888e283639a44d79263d160534f54a7b884b65cda1db249d12fde1332b0b1b9c6b5555239ef558c5e8d6ffa50a184e2c637ac38d7a19c

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.185.29\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe

MD5 b18c705b3c68cc49d9bf3649abc75c24
SHA1 6dc8963dea0f3185368790dee2a346301b4fa24c
SHA256 c2ca3135f3cafd79bf90d4cb3118943ca17f40e0d651d1fc32b1b3d22d1412aa
SHA512 7ac302c1e85c652bd897ce1af812950cd23a53c041af82fdcecb2314bbd1667bf2fc672dea40c21858e64befc9bf60190a4428f0b41c30317bb0e5ec7c00f71b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 13b9b836689a3f6ab5b43bf5270dd3e1
SHA1 cdf599fb1add2e2b14ac0751098afca364935fb4
SHA256 88536f97b4dacc99a319f9e7398abf0a3e83b79367f9b105294ae908422d25c1
SHA512 cdb8f80acfec695ddbe739bcceb69777a9bb37fc87c0aba9ea0da3c4ef1c97ea9ca7f3860ba1e533ea29decfbc9a0072d80a1b93ff41ddd7e112229418d4032a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 561992e8c177d25c62af3fcffbfabb36
SHA1 523464f45c5114719df1c7eab59dc0085dd8c9af
SHA256 03375a54186e6fc23b31d08f928d3ca84fed4041ca94a8e3e7e1e64ebe0c387b
SHA512 942e85d4694b3407f016a89a7a56761a0d94d93a8b1cec3b23b652ad5f9b01b5f483dc76c17d0fa66787d1f2c89ba049bee7e5d9c22e5d695323e137914c1e5f

C:\Users\Admin\AppData\Local\Roblox\5849387988\InstalledPlugins\0\settings.json

MD5 8e3d03d255856806d2e389d0903e82da
SHA1 3238b91c608151b9e7a615bd6f7a3450ee2000c2
SHA256 5dcaab1b4cc946948d34da21bc34014b1de4dcf03d015458d6d4eb8198d2e8a6
SHA512 183c93faf2b60fa4fab22a83d262a9b7ff3ceb76f2ba19f8048e55f238a600f79087dbfe9b8b6cf0b550413c56fc430c559feb88afb8ea98e7cee9c709a766e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d77ea4059d901a5ac59c951803f275f2
SHA1 a5d74cf657aba938a16663b2261a5eb84b87837c
SHA256 76565e8beddb9b0d4f99ad3c6d9e0ae9a5fb50d03d794f96ad3dd8950701e8a5
SHA512 8aff888c6852fa3567ebcf54c3b878dd50da5632fd9691d562c7d92669d7876126a4a80feccaf343792be5206005b12267f91629392cc83b74bb1f0721147d44

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ab913d7dfe3ddabb48aa9c3309cf524a
SHA1 b4361e67ec164c0801419c2a57e67635e05dd76e
SHA256 28d0dcc8e8b60826fe886e6d08d5271e663250f936ef095d3099fc12dcd1fc79
SHA512 51e1df898015664454b2338a405d198e7e5d482a0e47386e0ba96acef575fefbb8ff98b34badf973c6bbf307e40bb295ee018fcc4f0cb529a44acde0be469a86

C:\Users\Admin\AppData\Local\Roblox\5849387988\InstalledPlugins\0\settings.json

MD5 3a4e1d1d71bb379aa1dd0ad2a7dc6d8d
SHA1 7630fbfec8b20b56a6138e8fbe577fa958ee18c6
SHA256 ca11cbb948e66ce7897fa52dde5e11d5c7f2e7f6b58de832b9b7bc6f111250f6
SHA512 ecab304ca8a2dea3a0bdf464c67a233cb2757b5d78d5d974d7dd3c4cdc02f792b0037583a53de9f6bdcc489dfd56793bb0ad5c0d418e967fdfe1a64cf97f1973

C:\Users\Admin\AppData\Local\Temp\Roblox\http\6c223cc2708592ceefaaad9b7f086212

MD5 e821d8cf21054575e38066ac27292a86
SHA1 ef47524fb1f4ed7e6c4b07508deeaf4894e3ded0
SHA256 16e7402cc9f90651ddddb0fbfe90abaf79df4c6e6b752a1be66a7d589c96d68c
SHA512 150d470266f0f0883c4b197a39148042d1695359a8428a9822e3b892ee440b976f66c215b2101d693e614758813f4d72cd629965016a89444b966d9ff378bed8

C:\Users\Admin\AppData\Local\Temp\Roblox\http\7f266dcc2e03dc0423211cf87bc43ed7

MD5 6e290823c054cfea6911a028759716ec
SHA1 dd2d128bad8de4bcb8df6b7dc6150da3c98b4d16
SHA256 378ce3d78d3e53ae9a29ee877d8b3800176fbb1a56540f95be71604c7266728f
SHA512 0193d729d03c1d57d0335bd0ec26a51f52573a7919bf51a2914995b1a2c86c249c3b91c85cd44b034b4aa2c0836035eca7567b99400da3d5efb6adb7892cc268

C:\Users\Admin\AppData\Local\Temp\Roblox\http\3f62b9b52e84cea6a365aa7b834f171a

MD5 4c2e0e5bcdee0470282515a3568a67fe
SHA1 a7d48d8dbca98ace474750d48100328da465b438
SHA256 485b116c1a4322902a827659a60f6263d34fb3a5837d5f9b576ca9f9aa8228da
SHA512 ec46221ac2862e01c0686bbfdccaf9ef52a91e04772dd568c5b9e3cffda899cc84c1a82f4dd868eefd29d951b82e766d99860c03ea53df756261da00d8358a5c

C:\Users\Admin\AppData\Local\Temp\Roblox\http\73a672f52659c8af96d223e416bf344f

MD5 e36fda46e52044f12489114db7bb6c0b
SHA1 e240935975d1cbf0355de4c65143f6d352e67a4a
SHA256 c4b534fc13650831e16502998b70a7aa239ed62305df03bf919581385880361e
SHA512 1120a2b62b02ce24b0fd4df9689eb3b0fbd7e87e19489aa7c114c2f649e31004e444f1ebd71db35eb3ae5560d5015626d3c8983769b49eb02ac648fa7b17b932

C:\Users\Admin\AppData\Local\Temp\Roblox\http\12884b440050e73aea034ed650922fae

MD5 692cc89c1ca6a39fe4c6bcfa439903e4
SHA1 1a8c3548d7b0236fedb802ca3a87c66a04279f01
SHA256 b5478c4399cd1539df795414ef43d81580567ae25f4c310aa7631736fbbe727a
SHA512 2553d0bf3ce56c59f996754ad98bb1f2a019fa4126c76a34427d631ed9b3f06bd23c7001399a7f0b869381fb253797824385bce5ff7f806355122e6b70e1726e

C:\Users\Admin\AppData\Local\Temp\Roblox\http\1b55d26883fe9a9581583eb2664291ef

MD5 584ba0316cd0385a1d6bad9d705db953
SHA1 f1bf89cc2f5e228152d6bb7e6733c87d97feb319
SHA256 8556b70a68f86640086aae58ac266e4a363396c57dc996c3557c4e3af7476ebf
SHA512 5a4cc553642d6cdba5c0aa9b99b7a8bb0d726a849b39fb25464bb5c2e0ee4e20e518e6a77e0c8b78c4cf9ec3ed4f44d9cb77f98c72539904eac993b208b7ef96

C:\Users\Admin\AppData\Local\Temp\Roblox\http\eed6be1c7bd672dc6e1b5a2a2bc3caa2

MD5 f85b3ee692d3401e55af9f032bdd274e
SHA1 3ef101d73502aceafd770eb5b1411afa7ee24f19
SHA256 e61591a73b855562469788d5bfd3f604f93f8b5dcd2f945788c09e591e682dd7
SHA512 e91ba6d5bd40f2e4ec03aebf54341a35d165b477c8b920d763cadfc34ae59043a73b9b612ff9bc899e063dc5d3fa67f7553d6cd47330b566236eb82652c8edf1

C:\Users\Admin\AppData\Local\Temp\Roblox\http\efa2380b1711d88c6882b8ba1f60fe27

MD5 a806748d5fedced3028c99539b69eb1d
SHA1 04433737132aebba25d535cad1837dc7476311c7
SHA256 4a77cf3c22a1466d7e68a9166b6ba818e1fbed0fe0faf3fdb8e72a74e1292905
SHA512 afbbd41c5b2cf9155009329d9d870020dad13c0dd413f2bd690ea0799d6449e6e7a01d523006a017ba2cfc77be3a9af0cadfb7f6dcb12be15a69974e4e14e39b

C:\Users\Admin\AppData\Local\Temp\Roblox\http\5d90ffffdade11fca3ab6d6173b10742

MD5 8eb0fd433af7498b61d3380f812aa9f9
SHA1 1c2fd03e11050b47c0b53d568292894bfa805438
SHA256 a400ccf6fadb706e69adcd72036d390b579925bb0f09bdeed0c278f7db125f66
SHA512 caf4f4b6269c6cb72f32b2eba515f83dbfd9c4de48d78c1c149a6b425a4c2ab8a8d5d1e02afd0c2ae7f11bedea1fadb60cd4f96a7deeb119640b48bc9d0dd6dd

C:\Users\Admin\AppData\Local\Temp\Roblox\http\2e08f0b0e949b76ee4526572a0fa02e5

MD5 ce9d6ca2ea8e5d55de2299f23ad98d5a
SHA1 ee9e30eeb2491e1e23b32a7e86ba0607460fdb5a
SHA256 6dcb6d8067ce45b9e552d195c179de1f519bfe25104326b726bbd7e22d502d3c
SHA512 2db8283c9423017aa9de86e956937699ff1c7f6c766ad83e7a523da770aa7e2005b0da17b71317dd8e419c826acf76d1356d2b8f756acec24748a1b6a0551685

C:\Users\Admin\AppData\Local\Temp\Roblox\http\22b19b20581c5f62166a73f4ed0991fb

MD5 908169b22541e44d56f5d1909909805e
SHA1 40f82ea8fdfd3295706176ce7ba412e753f8eeab
SHA256 d52f23e90b859cc5787fcd15679a6c5ac79ea5bc9b03d5f58e6a67f57afe5bfd
SHA512 b4fef403d66bc05f31fc0929d38f44ac15ff6f2d3cb02160073a9d939ba28e985fa77521e558ece1c4ffc73c720c63ff263ae14adb2ec7b19d0cdde82513efcb

C:\Users\Admin\AppData\Local\Temp\Roblox\http\774ad174c53c04e6b1a29c22a5f6e32e

MD5 99bec00bfc46f3e950ee281f6c95acbb
SHA1 38ab6e7d03e5a58a32fa8b93cdfcf4fc1a959e48
SHA256 df51d04572d489f40be555b7273f7ed2e772480f2827e3bda6213fa38c909328
SHA512 04d346260c3083e318e1b7025e78693f97ab7da9511927efe02e9dad7c96755df7b3dec8bafd175c53514bef532c24846b8e9c429ab0f7942bb9adcadb2c757d

C:\Users\Admin\AppData\Local\Temp\Roblox\http\5965db33c00199c8da043230c1beea49

MD5 3ae9eece15951e58cb3c3333675f16bd
SHA1 f68f72eb957241ed71bf15acf71d515361c70398
SHA256 262a1a8b853e44e5ea0f8a61549527c9d7ad4a61c43fe03c062297251ca0ef2f
SHA512 c1c4a46bae66037adce49c680b42c91f8a8f3b91fa21da308db6e0070c605f0b6a072922adb7978c11b83912faa5c82fd134d3a38ad7b34842de4c0514dadb3b

C:\Users\Admin\AppData\Local\Temp\Roblox\http\RBXEB68DC3BD24C4ADDB9552EC448DDB205

MD5 9de52d85b06da1acd48afa0d6d1d19aa
SHA1 6683b9c8eabeb1f315873fa6bcdfaaafa9353ad6
SHA256 8b231ef4bd7d12979f583d8c1b89c66ae7e379d6557a1bb6bfeffcafc15f1a2b
SHA512 f3c1210177102ad92dc8661720f12f4c6aed3a86991b59c823471464feb2eed41cc1512acc864cdace009852380701c20a694fdc0311d5a023c2b9298979c8fd

C:\Users\Admin\AppData\Local\Temp\Roblox\http\576c7360d7dbf5c209ea184dee932ce8

MD5 8b87e00e15e8b22c07fe61343b921def
SHA1 5275488ffd82741832f38ed90f0ba311e06a8c67
SHA256 e9bbf61c79723b15b5210f18154f102fc48902e154ef8feea2527b78e5941103
SHA512 0aa79e6ac8b69bbfa10dd41ea6200ef2ba9c7354969a74deacbc36e5cdd79093d6f592aecf35280beef8fb51a520ad0f80a44d76e63135c1e2f5fb19bdd4ba23

C:\Users\Admin\AppData\Local\Temp\Roblox\http\RBX68832156929C45F29F4218AACB6F70C8

MD5 934a11b8eaef18e6790e660f167b251b
SHA1 1195e4573af3ac1c966de8210b162d76f57df7e4
SHA256 8a8ffcca05368fdf6f8941aa5ebf50c565c4946e660dac731827703d5d36665a
SHA512 7b9ec190b7cbdaa40921a775beb6cc245f9e92b12785d0c1a9fc6285a996a809a2c80546a099fbdf5e2628404e4cedc2ab652f3e02c27012fd2fb3ea6d1ddaa1

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e508bcc64367cf9b98fe28c4255655a9

MD5 82b21f9bd843529c51bc0e290ca119e5
SHA1 697c8e0ec246effbf2d047870b81f701756b591f
SHA256 a7f86e25dfed056d6c9833e367cb58dec30c5707046b9941edb54726c78620d6
SHA512 8e1ecbea17605f90660dff9c3918bf0ca7a4f661611ca0796bb875098f15d1c1e3dc595a0337162c26ff78949aa66c27f883a71c5c8077f9c29faca1c92c4889

C:\Users\Admin\AppData\Local\Temp\Roblox\http\4bdacebda49ebc2c2d118b7ade154ab8

MD5 46fe622ae1ed5e04c8e870d2955b0b5b
SHA1 b53f9d01b0b5eed94f7e1efa209fc6fbc95e9006
SHA256 3f64186c98498258f668809710386563ba357ebe3f72afe8da26681539ba6254
SHA512 bc03f8d6cbd1b1dc2a5d0c444d840dfafe51af93fc09b8393f921d5c1e26b58145280d4d51086c3ab9c4938191221c08f3636ad9f317ba718a45fe265b17f723

C:\Users\Admin\AppData\Local\Temp\Roblox\http\b36482b1edea43f2633ea464f06858ab

MD5 d6f5e76b38b611737bea4df7021a180a
SHA1 180495d2c8f89bc65cea42c5cbf343e0f3e0db47
SHA256 cb53664e949e16db8ddb57ebb8146b13b785a6f57b9feaf12109670963efea8b
SHA512 bda67757d47ae3e15b5278a8fdca0a73c1aaee595a27e664a936085ff742dca717b3a1981340589d0a270ea93cf3ccf05f61872fe006c33bd52dad8d61301789

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e60894907471600db01872a1741a0bdd

MD5 5bc34a1c60d2a4bbe7441e8307189156
SHA1 136eea02e3c374521146b9f530ad9c1151e20a37
SHA256 563d0ba1f9dde1fa635ee6f29925712b5a162396d7681d8b4dae1fffabcf5626
SHA512 5c542b3aa5f8036901247fee55c187958546966a9dc6b34c291af2d63fe0c3c8f92f3d87466e02e3b124f4972b1558a743e927520dc9c3fc5256ee8d066aafe6

C:\Users\Admin\AppData\Local\Temp\Roblox\http\0da1eff9a99725e6873478bb53e6ad07

MD5 20a9b87070a921eb6ca606f4b49e4ee5
SHA1 500f261fd7bbcdaf2b4b2a3a6fa6f0cc69836e49
SHA256 0cafb5b24a63bf21914494b4800b2ab0aaadadf01fd5413b85ba98b573b8cd61
SHA512 65279869345c2add4d752e8db9b2b5d57f2f21f7441559a76a8c1dad56c8759a37bcc0741bb96164e874fa8062e89e2c200816625328126e019b377e79a973f3

C:\Users\Admin\AppData\Local\Temp\Roblox\http\0e72d04ad553b3d0c14270c19eab2986

MD5 71998edfcaf6236c9cbb0100558e9e10
SHA1 6efcd23ccc8e4db8814e5a2e6df0db27e198ba81
SHA256 eba46b16e0d6b6402fb3c4ae1ddb02615263f553b1102c0ff9c7d1b939f30754
SHA512 c81c7c5c19fcd4999b9b0a7abdf044621ebd75fc6ab4058472a7e61af90f2fa021e64040e179e98ab7d31bec33ffe042d93025ea01dccfccd014fa0f72588bde

C:\Users\Admin\AppData\Local\Temp\Roblox\http\912f5fc3f8ee84a59c48c411e53edbb1

MD5 c77201c032a8d835884aaef460a86426
SHA1 65082a70376eceba181d6a51f0398813e9e3c8dd
SHA256 6d97a18d7dd1a3971760a44b5c85aef291e6338c1e926ebabca6f5fe31c675d9
SHA512 c66c74ed3df2b1f39f047cb8ae6ef52275b0a3ba2e631ee78ab5af54122fd8a2fcd9dbb9a4d8a70585f50edfd16ab95e4200ec2e3599c28adb8289a8e61afa21

C:\Users\Admin\AppData\Local\Temp\Roblox\http\84757e79ec2d4ea81334496509b1a323

MD5 1c289c14c895dfdf05610074041c670e
SHA1 75ec8d8c4bf89b0d0ba0c1a3487c11988019e975
SHA256 7041f621e57bb76b41d4b329081403cc6bd5a161f8a45ef494f90942762ebbe6
SHA512 04c7d00b7225f604b32a9428860bde90a0a432044878c1060b638761ab8aba20dd41b8ff98e38f98687b587818a13a7f95f32da5ca839956ae56da54dfe3b079

C:\Users\Admin\AppData\Local\Temp\Roblox\http\bbd32ecc5c32b11bcd2509d541b5579d

MD5 fcf7972a3c5bd7a9a8239778acbeef31
SHA1 ee81b0e3c6d7d6599776bc1d18c207d5264299c2
SHA256 6854ba55b5f4061656e4660ceb37ef25a108dff6f96167c5b2a67e291ee9f56c
SHA512 48eea8ec572bd641c02e860baa0a11c47f65f1f450ca6be43f3502dc8294d9ac6d495ba3268990a867a271a6e2753aa2d2b80bd84bdf77d99cd1c6446a4e0209

C:\Users\Admin\AppData\Local\Temp\Roblox\http\0aaf6f7317997d554f4a87946e18f4bd

MD5 b7fcabc842e34093c2d79eddb9b0a14b
SHA1 a6ac7bc76d847debd8851693a34c9d4652770ec9
SHA256 ea654e6a85aae695ed6a83519d28e14c497685a7d9a1e3113de375dfad9c0105
SHA512 30bd3f1a0f400ec09fb702f60da46d66415fcfbeb38f0c4ccba33ad9ec0f31c536dfa514ab06a7f4fe96b7685195a69f9d30caca2244dda3ec8866193f2ce26c

C:\Users\Admin\AppData\Local\Temp\Roblox\http\RBX3D6EFC66522C4295A7102E9845C3D518

MD5 b04c0dc18c7d55cd67b193981117e8e5
SHA1 de1b8da5292626c82c5369243ab17e1fe87819e8
SHA256 0e9e0d48cb004bf17d389dc2d43451e7c45546210703bf2c36048568477f538a
SHA512 e6a2aea601a6cc021d9537fd56eaf034dbc5932f9dfeca57fa69921733af8d1c22fa4997a596f2895ca60a9a064ace6a135a8c5893381595521da9cdcfcfbef4

C:\Users\Admin\AppData\Local\Temp\Roblox\http\373eb9f859dfb4f553b19748d262bbb1

MD5 e6ac2d485aad3b98341b7d126a034c04
SHA1 4193eed9387a9645f6cb6323b48f31d4ae7096c7
SHA256 05defb267e9ef077e09014672106fb227f7166552fbabb131ca26195fbd32b90
SHA512 18ec7a42adabfd627061a45546b2499f9cd51650ee7d3d64b1c5eac1920771f093da37656ae8a07cbff974ef8f1328eb74392d87d6aca52da0d8dffbef4fc700

C:\Users\Admin\AppData\Local\Temp\Roblox\http\b2f20103cac5461a1d3547c6e14d7587

MD5 1b9490b907af8da1fcdcca50c8f65b90
SHA1 cc193d424cf6411e6354fa24ab94a1edfd252cf4
SHA256 7332f2665454eadc72aa894f2dbbe8369ed53b1462c8951d2c0f3e1f09616397
SHA512 bbc0bd3e165b69997bce74bf28349edd89dc8e7509457c8a40df3de21745f3e63d0026101b4a31bcdebe0411a620168b49ec0f0431b7ed2315f92e346cf458b9

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e81489ca248da128fe61473200c5d020

MD5 520ab766bca67603b739d14545224a36
SHA1 f4034ed446290fc46ec6c34c2477b55d6a07476e
SHA256 c7a8d3923046b6f77cedd9fe94b6dddb725568999a48265e7457c67ede70df5a
SHA512 a13593c5e7f348838561d4afbd8cbb15fb413af7db59f462b0fb87727dca3393b8d1a470b18cfbae8161755f5558b84a23f7d814578882fb1c0fb51a11d0f2b1

C:\Users\Admin\AppData\Local\Temp\Roblox\http\26885e3cc7e7a909de717edf09e66772

MD5 6e61c2bed7f3633565c4151242a39fd2
SHA1 bb9e6db391f04af939de515d031ddc6bb42f12f8
SHA256 fc5422d491323b111b2e072b8c0db84fa28c506d5e9d099033c711bf75e459b8
SHA512 8126ca14bc31741ab57b6705da3ee06d704d146fb965e275b861a9c52b1749715b30e4c40d347a5e15e3c7a0d48ff8a2acdcc37c0033d82b0146e58555a48a73

C:\Users\Admin\AppData\Local\Temp\Roblox\http\ac9a0420d23fcc9947b8dd0c27f230f5

MD5 cf03104fcdd3395ce14edafd82e4282e
SHA1 0e52d8c790a39d199cd8b9e8cfb015298638d20b
SHA256 74924cc318663813841ac0f630625fb073dda502aabb828b271a1a1790b3efce
SHA512 73d937b526d56daea286f4673628fc60451879ae3b8104e558ecb7bd2b5d3a481555a40f50b57f9205fd0065eae0e1bfdbb8aa634248c02c7007890f863b4124

C:\Users\Admin\AppData\Local\Temp\Roblox\http\ea0e84a76cae851893a7db152d45000e

MD5 6efa611052863602893216dc758a3d31
SHA1 cce490fbf96b26eaa505c5573c399af4d2a56181
SHA256 49441ae297330797e40fc4a16ba63bfcc1b0a53349e0916a8309d451ed3f4f20
SHA512 c5f05c917a2c2e591bb9dcdece7b451422c4d0059cfad131a762ba9552b34c6c8c49e12452c975daee75214a804834c57aefe58cd01cafc7a9114688d7be86c4

C:\Users\Admin\AppData\Local\Temp\Roblox\http\175e604b5aca76fb5b330a52c04392a7

MD5 8b45468eca4d67b78868d05365561305
SHA1 1efaf5a14a11d3cd0c7fd4fbda0fdb2ceff34e54
SHA256 a1bb5229b6eeadd80f8c2ffcb3e85f2dce8dd812e9f3b5d8fcbb54435643a7c1
SHA512 cc0028840d81b992dc3233de01158caf24c74da98bad74c843b2719f5f98321f17ebcef662a1f33ffe8cd4dbd33f31a70c4d4163fbae1378767922348f6e7980

C:\Users\Admin\AppData\Local\Temp\Roblox\http\ca6571aa4c67841495ef5480a6a28c0f

MD5 aadbc876fdbaed5d67e8d1cc8d1169f5
SHA1 cd93854abde26abcd37c665dd791fce1110e32c5
SHA256 b487bbbc161db2d78018cc2a85ab8805370c422fc53ba6e49319c060d5bc755c
SHA512 94fcd64fdfe35c4d8861dcff8c886f1311eac3378326af2b33e172187dd3200aafa663a353870bac034792d69fbdbcfd3256db20250824849748b173a9446de3

C:\Users\Admin\AppData\Local\Temp\Roblox\http\2e9e407dd3dcdd10d7bc25d07df3aaf5

MD5 27d266bee85ef7daec1d6a6498ff5ffe
SHA1 973af70f82c92511944298b7f52be2c3fdb35f2e
SHA256 8cc3f6715046e92bbb8f119bd56519cc7601164bf07a03338b29e9f766fbd2b9
SHA512 7aae29fbf203ba465b241763d5fc3663a0634e4fbd1ee94cdae2b128a6f1f02122a51ee121b031d1d5f209b310a6537840ee72383771f4f634f6f1e91db246f2

C:\Users\Admin\AppData\Local\Temp\Roblox\http\505d75fb6d7bdd29cb6df5f6fcdf676a

MD5 42e1a5d055d9128f25d3833f4f481af1
SHA1 1f6fd9e9c51d4ef7b886402a54f29bed9d298733
SHA256 385df7d5a9167a817b2861e83259c295b048711cb1c67460278273f8e1eb6569
SHA512 a296e2a9cac0246e4d210b4906154161d0e3a7cab570800bd06582112d749d5a224fe03bc49801ceec953f3f18ebb35c2495be38d5a65ece7e81b4d3c3843dff

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e1e171eb9900986c2cc70f36f61624d1

MD5 8dbf22aeaa0b91ad469a3cce690fbe50
SHA1 502b8e489d1efed1531fc35d63daa17a17b3e7cf
SHA256 620f603279f1faa7aa897a81c5813536c8ec3b5f2a0e30f83a12a5bd2b6569d8
SHA512 394d3dec15b3321b0f1cc5272aa45aedde062e497b2f5104bf2fb52f5523935bf25911d2a5cf490c8057f9c2368c2d5ae843f360dfa6622aac0b7b26542b082e

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e3a604ed4f41d667e200db1f74fdf634

MD5 235d9aa5f3a32c13ee3da9028266399a
SHA1 2ff6fbec4acdc47c7829237ca5bb2f0f0f70a927
SHA256 c81fe2b87d4abaae6c65e53b33ee11e360214e29a3272f40670c637ba2ea2fbd
SHA512 29a1f09adc9c5807f561b1c056fceacfb4d7f140a4bb7464c93ec16ebd71eb7e43db64a17b319f5a31bcc4e8f6a83fbf69d683377d02d56616140048678e6eb9

C:\Users\Admin\AppData\Local\Temp\Roblox\http\dbc2db25561420f4bafa8206e030d6d7

MD5 7d1d48c415f200197c4a2b23ac4f0230
SHA1 7ca65155ac5e16cf0461f76352a57a6591b07269
SHA256 bbd38e0698ae5df028831900812bab9e6fc2e27f5f567a84d9ae5893961eff6f
SHA512 604c0aee1c7f24de198970a82c1f7424efa83893ce55bfbe3f48e69539d67d34863fad980a47414d8c69360a214366742c0680686871829ae8a66512caac4adf

C:\Users\Admin\AppData\Local\Temp\Roblox\http\ea7443769825918ea39ca52c9e64c307

MD5 85236de2a6128abc32b624e4f98c9255
SHA1 74163f6bc3f27d09b6740e7de575c9c0be7cf661
SHA256 862f9770187f55f6616194fbbaa9794cc551e3231bf12f11c85c92614dd36c36
SHA512 e3e3ea31134896829f16853c546bde201a76bb64ac8a0697db7f32c8e37fdaa67b8c8ee6c1fa919800f21e837d42756739f373cfb09e1b1efad56e4f9e942c8b

C:\Users\Admin\AppData\Local\Temp\Roblox\http\1c168b86beec4f66ade37b65a398d88d

MD5 2c48ac5ced0e528f614dfc192d5b2e58
SHA1 c398635db55da2ef4a78ec8426703dba911ad47c
SHA256 b19b28190b630d79b964b40264507797faeee1f4447ae55dc480cfd78404ae4b
SHA512 08bb7f53db97e46cc82534e466890f3928da1c781a45aa3b25a61cfb743a619c755d537171f58035b3721d71ab6b68b9d2cb4711b627c7794e58bab0b4a331bf

C:\Users\Admin\AppData\Local\Temp\Roblox\http\d9345821115980d266f63d57b0d4e14e

MD5 e1f1f6a6e94b7fe8ecf85f08fc2ee2f9
SHA1 19390d254f426d7a6252d87dd328e671fab553d0
SHA256 a372be825aa4448fd03e28f9bd6bcb23f29aab6c98e9976d179c5a4568e66907
SHA512 d609d1e979f4211462bd932cc199c7c8d6e1a78c44df95b053344bf1fe3f54256782e33a59cea00118466926fede017b7df24460add0609ed291347bbd0d998d

C:\Users\Admin\AppData\Local\Temp\Roblox\http\8f82ee24e69866dd3748305b9db72c06

MD5 5d98e2e6c684700e5072e39285c6d339
SHA1 4e6ac20c340ec562d48571d916381b932a73a7ae
SHA256 54b59bd6491d18e725b30d471397b7ff53caecb7fba5a5015e47b98e26806f56
SHA512 dc8e1fc18485a58312d953004b3736ca086fe3cd2b2038573789cfd52c7ce312c7838945f2b77617434e507121c8093af7b7a738ccf97f27548673f287aca1e4

C:\Users\Admin\AppData\Local\Temp\Roblox\http\67bda4e27ae4e1833078882dea43b468

MD5 2a7fe696e5ddf9d0300cde33ce71ba01
SHA1 d8039e7693f8a20bc8ce432b00475f1d2c1414ff
SHA256 4bc348b655f8e70815f530f4431adae6e3df3c3816b55dce328e427489b113d1
SHA512 7091b56a7e68f3d9234d5c8bd4c74a86b15d14ae8b55a5ccbaec2cbd1d45b7ffefbf67ab3b23d9308ff00f94580d90bff89fc102afd21f1c65d01d2bc3115887

C:\Users\Admin\AppData\Local\Temp\Roblox\http\7fbd99f4476023b4df0e60126b4e9df1

MD5 b9853f8a8c0cdb5ad9c6ce6a1780da33
SHA1 815a6935dcd5f1b4e56e3ef04e3f3a65b4639abd
SHA256 4ad77b08cc88b21d0c98ecbffd2380fa8b8697eb02aa6784bdf98ffa151db68f
SHA512 be9cef1a18afc6453f10730a8e6da70243cf8ec781ab8c91ff218c003cae955c9beb6a5b574b72e3e2e10e39aa93fc66a7d87e5914332b3b416558747801cf15

C:\Users\Admin\AppData\Local\Temp\Roblox\http\669e0fd9b870ab37f6a09a851bf08cac

MD5 00b8fcb142613a6bdccf10798865a1a4
SHA1 d090f6b86f41ccc21af6c7cb4ffb67754f929f06
SHA256 47d7c33ffc9d7af5b929bc11bea9a237e387999211af09f7bdcf50c2c3a46d7d
SHA512 d96ac3dac2dcc26ea1bae920eb042d45603c0795a07514e5122b2baa105c221f6c6eb03b54100e6cbf641689ab16efbe1d674111d41f0be14dbc18d2f16c1ebb

C:\Users\Admin\AppData\Local\Temp\Roblox\http\62df5184ae1f060c81401754ada047ae

MD5 80696c7595540638b24e76d1557af8ba
SHA1 8d58e475d0a3c629e5e4781eac657faf6d9ca22b
SHA256 7bbb75c1d5624f35dbfc6f31ef170d3aeb92d1058ddc0784ad3f3b560412378e
SHA512 951013b48cdf1d5d071f161e100359022c300c41d9d32c5f96bea7613d94cc45fa609f7a9187214333611fefd0376bcb401d77ed9cde07ba4a5cb0211ef16d95

C:\Users\Admin\AppData\Local\Temp\Roblox\http\c4c85bbd2f495af1daa7a659ee154ab1

MD5 836d1e8578c347f3da2dd85d5b1b172e
SHA1 646350f076ee7e12e7c9c87df37a9f981311ac47
SHA256 2fd2ec9b6115dedaa5ccf912d614257bb19110bfbfa802b69f8b4fa899b59618
SHA512 c0d48c087ac24a3ae2822243cb38ea7e256b04223473febcbd8398540f2ac4c2dc10174451c449447bdf93683437b94d01a8384b90b6349af363142215920db5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\5115104c7cffafdf5607ea77a3b35088

MD5 b65c1a6a506a176d3979b9f8f603b899
SHA1 c50bc108ca32c27c17d2bf9b3cd880cb84bada8a
SHA256 d0fdeb0d693131e34fb0702794fedee4c703d8e3efaaf26a050cf8a142982c86
SHA512 2126dca4251473b8f642b648d5eaa5d4bd59d87924c665513239772db2cf1c0002bbd75da6266506906bb29e63e7cebb7229fc632751e0a42c82c140fe138d48

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ff9647fbcdeb14b45ac72e443e3fa01c
SHA1 359dbdf390c81c89e675622d70a6abecf1756611
SHA256 3be4626d4f94a8aa16fb8d6549a51e3b4ac0000fad53d6e9cffc64ac95377a0c
SHA512 3a630e93bd5a44570ebe2efedbb4be8c480b842c775c2a129c83820c9a0a5ddf7f6790cfaff2fd2c90c5ef2bdf1be20a1d912d15c1d0943f5d0a0ed3aacef5e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9d5aaf172874fd24ccd6207c2527bb26
SHA1 7012754db0a500ab899cd1b287d2268488f3081f
SHA256 4ccd1237631f2dc97732eb5d761fb5ca88c1c4607e76b741926cbe5c731824da
SHA512 306975be67f3cc51723a90ecfc882ae4fdc594f2edca05e106665bd9f4f2142e30138d20ccd856926ff6a9847175cb9fa261810bf57cdf48be93abcce3b428cd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 742c2a9dc558dcc68fd95c4037f36ce1
SHA1 c0cd53238bd906870cbcd20b684f7826a1779e37
SHA256 37765761715e1804f6642242761a26d1063e71fe9526da3bca701d6d5a4b40ed
SHA512 51ad490b3f903d4d3e1b8655b611518875b504c53db75e7cc97cc1c2f215dc91bc34db8e552bc0edbfef74db380e32e30192f204bb41e81f8b63602edb745197

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8671eaee3c060132e4861aea9b7d39cc
SHA1 d487a63eb9cdebd21ff4d898acd07bd22204e2f5
SHA256 e7eb10dcf520dafa789cf95daad21d659dcfce91b312949544f17c90f5a26c4f
SHA512 5dc825abd12cc4bdf485082347420502e7866ad08d57c1c565b0cf00db6717646802645d1bcba4f008e4ac2e60dd0f4f477694954407c15c318c706e5103bb38

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4866c99c40a5be4f531aef0fdc6cbf7c
SHA1 6cb35bbbff3be482217c95d8b122b262d01b02dd
SHA256 6cc3422a13c7aeffb3ff54e0d72ff18104208481b421d5ac789c52e7fef3020d
SHA512 368f7e2fe4f3f920f507e95b656bc9be6e52efec771442e1d9ea2cb91974176790236530552d7eab78b6cceedf07ca4b20acae32dde06c21030d6fb9e3741a9c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7340ed1e84145e742ad667012e274673
SHA1 56d3f88e65079fb8c1037a77a9a629207c002a83
SHA256 2ce425998c5ff00c7807a7e01199935b82327cb8150b9c054c636df92fbb200a
SHA512 4857cf6f41f1f9cb25c0313609faebdf6338f8b940201c2b21ac7d89f39f895ffabf6f6b3d87f9b89c9131119fd6ee56630f790dc8902daf685b2fe258c9af5b

C:\Users\Admin\AppData\Local\Temp\Roblox\http\397d69adf7e99bb671075432af507ad1

MD5 94307e9d5b83aa7cc6b39b7844ce610f
SHA1 6c03fcd9f25f12797b5d827a2f13f0094156ba6c
SHA256 bc1fdddc3ecf8f6f1ba1967233a1572d49b35fbd6d69614e6e237af2c2e3bc80
SHA512 1c9aff17dd6fac1f246ecc159bfe35965b12d4d99bc6ff13f3c6e63ecb0e4243c8348a851ee3c0646bc981a248a1c29a8311836d3d13692379f7e14785b96cb3

C:\Users\Admin\AppData\Local\Temp\Roblox\http\00017aecdf8bcdf3fa8898c25225bef2

MD5 24ceeb5ca6a3a40a13815f1c6a45f082
SHA1 c12a3a40ec7b08d4aa43eab46620c1608ac3bdfe
SHA256 f4a1d0b26221a6b5a784c71537d63f56f3bebd955f91b0acee97526b5ca46e67
SHA512 8c6ee0ff78b968fbab61dcc2a826e887cd1f06bb147b995d1c2e00ff3294b5acc6d599113e75bf22e744c4b8cffcbc9a0044a0090a2131b40df4a8e091ac1633

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7ab1a462a7b2d877035575f58650bba4
SHA1 908654b104ab0e9e48d8f2759a760df62a630cc2
SHA256 a0b4fefeaff109b455f7cae1584d4a2df0db1c7500c1e10c5fd40e7801abf4c3
SHA512 d4736ee615c0cde3ab0637d468b8fca9d3d5b51b1ca0aad32441677fdf24dccfca68e6ee2fcc71b8163aa6ccdf6a8fc19a757443908ccd91f78daf7ce537be78

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 58bf82ed18ab96b3ee934b40e754398f
SHA1 0b32b9d3d230d0fe37587700786e1b7460972e37
SHA256 86cdd38d012a4293ef6a3e7618cf4ce57680c897ae383ed6a169dd78202c935c
SHA512 d8d1533b0c2385ad2de5334dc3c798b831401f5b673773b9665fe88fefa4c0736c8db15afbab3ef4f18c620ab3c435d2b759a0e65bac56c0149f9610933b8b38

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3db67716dd51ea9625b1e3a0dd54b247
SHA1 1a974140eb94bf2c389b47e4935cfc100d4d9d78
SHA256 e5660defa1015611310a5ef268fc110092444feca2fe9567c03b1156cb55abcb
SHA512 6655c3d317b8635384bfa5beecc59be74ba93cebd0f1994a7b2a1cd64d9e6b980f6392a37d2c7f076d3c6a3c0c31fe52499ef59bea44a46e76fe1362338e3308

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9ae31daaea7e34d18b90bab0239b2406
SHA1 4e1cdda3bf737224203d8785341cca56e6b2040f
SHA256 8fbe8d7df62e8a93d1c930774713c3a10c503224d9538e83f21e84d4e70dd4ef
SHA512 ed63bc94223006f5049c0dd5ebc42e0ea4be61627a367478e7000edf7e69ab61936235ed023f1453a77d01e775a5bb04fd08b25cbbf52cd38d6a5c4a6025eb2e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b30284812eea434172692fe91863b077
SHA1 1b35a809ada2afb82ed59daf21beea89756624a6
SHA256 ff1c03711d5060cbf44b4b5aa7e3cfe8acb5c73255c391b3828ba7b9921ecda2
SHA512 7982fe8674e360ba5d9726126046acc0915a43b146d60435cf3a358ecde1b20eae6f0ebf6018f7f41e6bff0dfeb2adc831da2d75f7750c379f184e1769af0282

C:\Users\Admin\AppData\Local\Roblox\5849387988\InstalledPlugins\0\settings.json

MD5 ee067049d04aada92b14c4b632d6ff2e
SHA1 99365e342580ca96bc874a6a5fd7b5d5043e28fe
SHA256 a4ca7bfb89b111dcf262a5c59f0eaeb08c2d121fa68558e9ff46fae3631988d5
SHA512 967c685b234405d65e891629d4c5fe66922d2f64ebfcfb2df53619c9cf36238b3040a2a8d78f2033eea4a969c2b283c85f5dac3685263084e46f268d82147909

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3e5f03e5aff52365e275bb30fc3eaa46
SHA1 9f42c18ea3bb4f511d630a0442cf0fd160844b90
SHA256 0cacd1c5ebf328e849b881209ea1d47438b6809251c9b82fc2773dd849dc446f
SHA512 66698fb914f69543b0d55f414b97e26ffe42591cf0ed4514555a00f396bbaaca5ee397cd856d3b2900a26ec26e06fceab57f93ba357ff17b07a037b2552d9fa4

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e7ea2c3809a16b0f217321ecdfdb19b2

MD5 4f3dad3a5b13120cdd25f4ef2d08cb8c
SHA1 2666b86ee23d2274c8d5cb307fbdb41139f6b3d5
SHA256 c27edc932cd84de7f73c804c89f728640f993703a7f052a62e8d3e31c0554b10
SHA512 fe9b9b517ef26d5e6e6a7f8c696cdc99a298748db07ae58d76e04d77fe45bef4ec3df4f1871fd85fd6b4af5ab28ebfdffade2e5a562da7dd50913eb9918564e8

C:\Users\Admin\AppData\Local\Temp\Roblox\http\47395f108d1ed314d342a9afbf144e24

MD5 ba432db977cc8615accfcc90fc16d529
SHA1 0caa37aaa7751462c63995431a6ab30a18f01435
SHA256 7aedb21fde906f9c0cfe11a54e26b40f0b8a2cafcfd44565e9bacc9bb28d7dcb
SHA512 ed14753f9bbd9b1da72cc5eb19d5f808648696f20ef65d3a6ef1bae645a97059ea8456d34054c72312ebf656dd95dbe5a2bcfcd297fe4282ddfbd23f0d342351

C:\Users\Admin\AppData\Local\Temp\Roblox\http\cf02af62e6f3ca2afed2e4464e16b792

MD5 613dd742dd9578af2c7da2b334f521b4
SHA1 a5d981c6184a834dc382db3c08a8186b5ee8e515
SHA256 59ebc5bb535292eac717e6d0d5d686ffdd75d67ed60f254e764cc1e5a621d8fd
SHA512 e40c1ad6712eabc0bec641ff06264ad6cb4e49fad8162d9bbf7d119d03fe91cb99051b7fd854e0077b001d1b43a077d677e70d7011ab3046aa7a603029deb1bd

C:\Users\Admin\AppData\Local\Temp\Roblox\http\c0985b5a71de5784410985371381adca

MD5 2094e67448880c43a6b09109c4d00ced
SHA1 b1aa20aaf92160255b36d1abaf4254215abd37cc
SHA256 cfa3708777a6106797a4e40b4866fb045e62fdf048e389513c782e55cb376280
SHA512 68c59e24f042fa1a995344e6829f3e89615e3aef8ce7d5619ec6d5f434c5dcad81cae69fd604f5e05e4c8628dcbc65b9556cf5f194b99f94e5616de65c40cd55

C:\Users\Admin\AppData\Local\Temp\Roblox\http\dc266c54da3c16862fdb4a145d054912

MD5 5399b1985b064803fd9c7d871302c014
SHA1 447906e0298d389df488282ffffe5ae3bce3724d
SHA256 95157eda5dd3b78a17a5f899af9300047dc90240d7a0c49dda26791efedd491b
SHA512 08e4ce792e038d5ef2582e1dc44061094b99fe1e3c537c1edd08c4b5ebca1de87a52166ba1d22c833d761854dfd41a27f3b78d64cacdb38c8814b9e4751f379c

C:\Users\Admin\AppData\Local\Temp\Roblox\http\182d5447478261d5b04a8e81da0a845d

MD5 bb184d0ebde2ad7cd7e7948e143573e9
SHA1 deaf124a12af0de7ed1fdc4730bd0429410ccc2e
SHA256 b6004c58a6e875010ea6045ddcec70b47731989c2b56dc214f596eedbcc240f0
SHA512 730c4549ce46c704a5df82337b59f2cdbe8beae05421d9f3f6435fd18f226bbe4f74daed1b9c6e2edf52e2302c48f5555b2b21594969f7a8b1f4f11c09f9addb

C:\Users\Admin\AppData\Local\Temp\Roblox\http\a231a49cbd7a788d1ec6bba67368e991

MD5 2022c9a4a0b8129d12c56e72dc600d23
SHA1 63cf6844f6b8bb8a878a295835ef82ecc1e3c962
SHA256 53d33a9aa7e6de77fd8f7283fc618912e65745714261023bab9e766da5476bfa
SHA512 4c4c40a0d54dae13cc5d6703489aa90302d91437ce2c78736473b58bb03249317335cbaab9ca81c2c99bd908c3810f7f77919033786e1256187d9c8d36d36da3

C:\Users\Admin\AppData\Local\Temp\Roblox\http\92d7d010be77611bf8e8783dc23ac7d8

MD5 7ca01d118beb75cf5c25aec83704f6ea
SHA1 30aece2a8a68a3c01fecb0a938190f1beb4a1c82
SHA256 b42d47e9f25993ff824aed32f60d1e6146ac5583736aa3e8acd7f1537aff892a
SHA512 0a4eea41027fc76ca77ad6fcb23b8577f9ed7f16de011479e032e11901bde3f27f15833969e11000e799a62aba64e10ee77f45b84f072632552c8f2ba15389c0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a38e8a902a57b3e93163c98cb9c4ba1d
SHA1 5f548d2e8740073a253067cbe021af66a9a7c906
SHA256 8fb66565f84c458e10ee20da6f8d8624e5b5fa257b248304d6b4be074efa0926
SHA512 5eee56eb7c0fb2565d629641922f106aa3c9bcae66af70564128f0ea6630c3c7770c43d55ccd9bcd5a19b4a5d85e6a5feebf8f103d12636b252ebc806119ab68

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 64e47f08a9e45839e2c4cd324491b25c
SHA1 22002f4dc37a51915657e544697584cd95cf5bdd
SHA256 edfd1e0a86beac9ac1b986eea915986fa0526e704dd03a268f6fc93f77e7f90a
SHA512 14fb657c3ca5b95668f55a6b7bbcde2a3b2cd4d22448c9952e394809d6dac9cf50f64e82acf874ec1edd566416611feb3b1a3f7482d7f07d670072cbb2b56733

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 23f7affdfb04f41a68c50bae1a84b318
SHA1 5a9a6229a5f88c8add057f40f486a1f7b348ccee
SHA256 cca275f723f458dd78c97a57902da31168de043f16f8063a34b09d0f2b7f8f4c
SHA512 7742e45fffac0157a8eab8f8d3fceb0aee89726aa24522851cd814b4c5a290a6a8eb2dd872bfc23ff3e4fef444b524b29b92e1a13115a0613d45038dfd8d1f19

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c07c61ad6175d6fa5736476955ccbe7d
SHA1 822c996b6b64d188043d80e0e6039c7c1e814a5a
SHA256 f42d4ba92b2610e89e8a05007e0b721cac4144b4518ca6bfe1ba8d50b9cddc63
SHA512 7e54b0b41e96f4de946e666ee37f254671a24e9eba6cc8b717cbe508f6a2be1d7af4fef092caf2e328f88960b642b64bc86433e378a45562e2d4e86f0c7f70c6

C:\Users\Admin\AppData\Local\Roblox\5849387988\InstalledPlugins\0\settings.json

MD5 5c4665d4656b2e4c7890994d25157a01
SHA1 28268792916b42d8077263d1677cb74998de7989
SHA256 0217dca86aebc04dbfd4be3090dd8c8e6c43b8ef2e0045469ccd779a4f3bf2df
SHA512 35dc23f994d2d7b0d49a315e53000586aeff4ec7250418519a2329421cd171b477fef1d4dfffa127e238fa9ce37e456337bc13ff58ea43eafa201a5fe611ab35

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4cc4201a2366c22313a80b9709441a69
SHA1 8ce6a8e95f3e38c413c54e3db50bc7a3c6c5898d
SHA256 a032b5ebb18591c93af24e6eabac61b340316551f63a6f21c43cd5cef4951c79
SHA512 46707afa31265b442a85e706ec548367011fef4088a7cb962524a802e569ebcae9111d2365e9d1112a8d11ed692ae3ef539155c3aec973d17ecec5632296ac09

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 7915c5c12c884cc2fa03af40f3d2e49d
SHA1 d48085f85761cde9c287b0b70a918c7ce8008629
SHA256 e79d4b86d8cabd981d719da7f55e0540831df7fa0f8df5b19c0671137406c3da
SHA512 4c71eb6836546d4cfdb39cd84b6c44687b2c2dee31e2e658d12f809225cbd495f20ce69030bff1d80468605a3523d23b6dea166975cedae25b02a75479c3f217

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 9faad3e004614b187287bed750e56acc
SHA1 eeea3627a208df5a8cf627b0d39561167d272ac5
SHA256 64a60300c46447926ce44b48ce179d01eff3dba906b83b17e48db0c738ca38a9
SHA512 a7470fe359229c2932aa39417e1cd0dc47f351963cbb39f4026f3a2954e05e3238f3605e13c870c9fe24ae56a0d07e1a6943df0e891bdcd46fd9ae4b7a48ab90

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 446ceb52d67c3e2c81402dc8c2078783
SHA1 25ed5f771a60ffed38ce9aa447dca09b91ed858a
SHA256 b041bae51b72d0a7d8d07d5576080c25d3889e5695ac513b766b7c661b0d9195
SHA512 9416eb5b21d7f6b077aa0f13de7d4cceb27e0640a232e8794a0947c6a61c0759fdd81b20bf840a741ce52b8687ee3c8baa49dad1f10d5d03fd2df6157c8091d5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 924b0294d1267b80efef970a0d438753
SHA1 6b79c261656b1b950b755f966ffc5d34ec1db8ee
SHA256 ff4a5a77101df7214c59001d30115c25892f62169eac75be374e19457663dc72
SHA512 f085012ec2f31330ca58e8b8343abb68cac66007325eff8c97c5e2e081bc1993f0fe45d592ba2805c4f5926c02360fcb15df944d90b9ee5b2e27ef1c2db18ae3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e1e1e4a8cd4f85357137b8fd39b0260e
SHA1 5e267cd14a62f4b240752c8ceb63d8f6c716f430
SHA256 d2e04059d64c691db8e2ebfe59ada51501c8ab7807900c6db253260a749d8dad
SHA512 6991f8619d6d19974320f29407f5c3d948fc1c94aa8d1590ebb7357314bebf45fafaefe0e6ec5d1f4c8525483d16f830130e4a32919ee8056745d9c748b6dcf4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ff66bfd53b1fde3e32792d184a523c36
SHA1 8d8f93833b613ac2f36aa7b5c9cb4cddb4c16cba
SHA256 c56c3f49727a4f1778c158196bcac643ebe7b5f63949accbc0c592c4587459da
SHA512 2b1bfab39e251d3e187c3edfade487176bdc42fe83b7df010d153ad3ae364d1fe92dc1c3907d76c29923096143eab0691960a1f3861a781e5e81933a4b72e46a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 43892445d65301815e0c39de1cf05478
SHA1 cdf065ab331995e86dc92458a259f2de6787d89f
SHA256 478700864cbb0c010afd19cf104ba27041b0f4373878e297760ce62714122df2
SHA512 d948a8113155d640333471efdb00aa3e2e92ba456cfe6e91f20bd13883a22639213038f0fb4b9784f880807f1536f44a28463114855378240346b787bf3e6570

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8b279f1b90987f6693c014d5daf04184
SHA1 707636f931e603eaac0a529e126ce58a96d94120
SHA256 50b4207c352398a4fbc467e6d472d07c31a0d8a845b724448198dd41b1bab4f0
SHA512 f9c9ebc68638d781fc964c57a2eb8bf8138732c504003ba0675749e6a4b4bd17c7e918f39e95ad1f1f58e3b112e50a5994c95a11f7d8f547df4d858da39c2767

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a75bc9dc292e1ac40a713381953175bb
SHA1 8c39530f656fb3e3c88d0d4f7c8b18746e273151
SHA256 10a77c4db798511147591693c94cab73aad29ab999b3cb00dfdd1a807b9afd80
SHA512 e3c0c2f16d34ca2932f91d381568914c62a0279f8d78ae11a3bf80c1275bbc29f9ae7d7aba55f8536e7c73db10c7acbc50d0983cdbbcb839642a475f5dd3865d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 eeba8feb8d3f86214d909eeb3bdbfa5b
SHA1 4bcdf8b3bd235a89987ee077279c10f683f89175
SHA256 6c65d1cdf36c8199f15fb8b3553dbefb6e0a9a52c25cdd7de2b8e7836adad8f5
SHA512 ef4df51c266f4c675c09cf918399737b1bf8b5ff35dd9b1fd87afe30e19c0a8420dd7901a9a4be22a7665bc48d41f08f744c1d55a569143fd2e4fbe6ced5fae2

C:\Users\Admin\AppData\Local\Temp\{47785FE5-8160-42D6-A42C-8EA0D05517A7}-BGAUpdate.exe

MD5 3f208f4e0dacb8661d7659d2a030f36e
SHA1 07fe69fd12637b63f6ae44e60fdf80e5e3e933ff
SHA256 d3c12e642d4b032e2592c2ba6e0ed703a7e43fb424b7c3ab5b2e51b53d1d433b
SHA512 6c8fce43d04dd7e7f5c8bf275ba01e24a76531e89cc02f4b2f23ab2086f7cf70f485c4240c5ea41bf61cb7ceee471df7e7bdc1b17dfdd54c22e4b02ff4e14740

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a845fadf465cfa48767b73f4e3d59188
SHA1 439ae1ca4c2683c3dcfadfd4b46ad13110c4377f
SHA256 4852bf3f3844b01126e0c8a6dc90cf55928358347d94762025ba165ba6176805
SHA512 05f989b2355e7f869e6afa906e6d7adf654138e58f08bbb0e20bb57e9976bed44e14a15134bf59f93dcd5bd95625fe948fef48237c20ad1f731cc44eb5f583fa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 df26f6f533a7bc9a6bdf574d777dcc9d
SHA1 de02fa279a904edebd0add49d4c14b78202c8f33
SHA256 49445b0ae17ef9abedbc426aff763bc41b14d5df80f60085db179d7dfaf95dbd
SHA512 909897fd5f7ea75c673c1c2e25f145c8c9b891e38f43b2dfe0e61b86d34f47ad87b7e0d957b33fdc85ab644b34bb0536734fdffaa58212b5dff95db8d059c6e1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 86340f249520048d82727b96dbc96eb9
SHA1 f4d16ca89b7e83e62227c3da3b485fbce58f2102
SHA256 112096b21961f43b3df163ca4327ae10f989452c7ca5aade1b3e9bd56df486a5
SHA512 0899fe2fd9f0cda3ebdf3f5456b410211fbd72ea1c050fb4ef7957ff70a0aab7598a0d3d3c3d6cca561c96e32e71f89af0db604afd9215f329dd807b21b728b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a2af70be203cea3daa1ecd280ea4d645
SHA1 c1438c29abadc36617f947fd8f05d29a8460de2c
SHA256 1e6d4312a8967cec845cd2cf0af73bca30a222a97b9e27ae65860cb3da804cc5
SHA512 e9385da9269bfc89dc92fdbb0c475560cd9ffe8931474277e56d942883937746080ab4e3fe561626e319706f20913e43d55287cad8e855ef85c03bb1cf53755b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ddf0ef50677cfce8ac3a25988d89eeba
SHA1 8c9f875c80fb5701c751543d830112904c36cf17
SHA256 831e456eeec3348fdc0a1c6c205a530ee0ed23fe290f62dfb1c9c8132d6c6643
SHA512 094a8bbfb69c4cb9ebb09530683c3582f1a0a4f9511a7499a8949e785886c42a4d58e38191bce5d1324989eeba74bf7341e8b1f0456e60c368712aed66ae6afb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 71626564b4dca3a49046f6d46a319080
SHA1 a8d15be9c4057662454b6cbdd405f66643de54a6
SHA256 66ab6125c6fe0fcf5434f7ed7a5a8dacf4ca11af90155b748db4ae7c58abbccb
SHA512 ec06c170d4c451959d612e87c62c1d880f0e7ef4eaa627d91be7423e8a24934395fb3227d0e18d3304f34309e845cf9dfe42022f482e450e22ac4dd26f15c343

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 46c37f623533efaaf5e3de0872ebadde
SHA1 93ee176c18fc59e71fc7929a5a0b209bf4e21354
SHA256 1aba03d66cb29e1e2fc4b23da7544a6260ffcfc43831767517a7d726c4b474a2
SHA512 26b8cdabedb777339a768262c13da0407a62ebcf16ed989e1eb4b764bd73ed797eb5015f65e1f1fcdf0a3f102a7cd1f7fe99993a22911c02941cb6b875c9f398

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 de75a419e598ea137d8ec1d208350798
SHA1 5df2006043308940ff01ae601facb9e955cab277
SHA256 b9d4b3896fcf959d1ed8c3031235fe4cd502cb28e6b0321bbf647812336cb4e9
SHA512 3c7a2db5beb50b39892daabc278ae6758419ac404195eb06018972be1e8e9549a7776b60886bcd996837ff87325bba3849450c0d4198094291ff998b3630919d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 aa6264ce96d3250a7b1cbf191951ff5f
SHA1 80ebb4d4760e5f2faba91e67b38004e61b88eceb
SHA256 4ee3c0e3f494267858e0e2d2e4c81c4b6cfb9c6ac8b52d80669651866c047566
SHA512 3ba9862d5f81b5c6347b13f97e8d02cc2c6783579653a8393f33376ebabc7a17d63f817ad0d58c0abf5e0ff353a5a217608baf032fa66ec07a674d1fd8264171

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2941765cdfbbb7422f7bdfc888f1f908
SHA1 8bb3060140c44f16349a362baa9a620d4d05c2b9
SHA256 625d6703eacb8d12444f784fc9786bbd6125e4a00a321ad4fe9c4e12f36d6d7e
SHA512 1e85dddfcde4eb37058277d09f54e33b0c6e2ff9d309180e426f99e78c3438ab3aaba520789189473a9032f718a065f036576ce40ef2a95b2910ce0d3e4d7c28

C:\Users\Admin\AppData\Local\Roblox\placeIDEState\placeIDEState_17360838627_DebuggerData.xml

MD5 cd0f3ddac5434868dd098599ac017cc5
SHA1 33c095040b0528b3d59e2ebf69f1f0dbd9e6db50
SHA256 0f509d82cdaad6c918a7c0d346c604e11eb96ec28be4ea38fa7fa67b9d50e32f
SHA512 ef1a4d870a322afb2dfe19eb6c1c3bfbde17737d809d3f29d7a2b06084d6e12679a0c4e91385ed47b2dd396a8782666480eee905d5dcbfdd42f5c4338ce0841b

C:\Users\Admin\AppData\Local\Roblox\placeIDEState\placeIDEState971760778.xml

MD5 a4218883a9b554e5c59991e2df8b85d9
SHA1 b11dbb9f7f2af8e8923696bd17f96acf09a396e0
SHA256 855f00971a3740d0f44169ae1b7dd56029bd232d8f8d86695374921949101df3
SHA512 825293eedfcb6adaf7f84f7e647b5eaa8ab5aba1c5b9c2c2d1e39a0070de68a761d16debf1eff2bf6bd9f701b6ab629791d934d51fe605e71474cbd7f0ac9fda

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 11dd7d942ad93eeb7212e21c7227c142
SHA1 28b7089ef1bba66ef24f6ad6cc11b0af5dbb1731
SHA256 a6cd64c462af8a5610d2eb855c0dbd9298351da21a78619282ba25d683f556f3
SHA512 f70467003be0664b0e22d22d28b1f3215c6012f4ad9c3634ff9f723ab35524801133aef675fa22990efcdf82a14126153e2009a68e5af676d13b5b6d06d3d5af

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

MD5 4d839b7cd35e2dffb944ef2e34e761c9
SHA1 7772c13f3fc918d462422300472519ca921a46e1
SHA256 4c897b2940d269e0a0de38e5a3e8bd17d4bea315efc42d3687fbabc13cd17048
SHA512 eeda1a69c524251290e893d1595aa2869a8a927878872cbe347e56920da4367e9164773f57dbb13781fc445006114b9fa68a7beb3ef966e4ea07d76fe3f609fe

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

MD5 ba45fab0e32577be18ac09552b211b45
SHA1 dcde3fa7c022ba68fca4bdb2b5ae3148baf9a7e0
SHA256 0b30525c3517fb7bd3f718e2def208ac42f00b9b57ba95187e67b60805201c63
SHA512 176b9dd3a52cf60ae6d736eaa2e1357ef1bb90f920faf15a7b9eb604c00bc1d6087864a330950984137ad9dc59725bd635d56a44843458409aa62aeb30352c8d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fc43f289a5034034b3ac836e02bd50bf
SHA1 f8a5e13ee6aee8b62372d97041ccf54b95790ba7
SHA256 887d58c3fcf065920142a238c92d1718e9b2048e39dbc12b5d7d9cd1e361b221
SHA512 794a7bd59f304be7a4eea89041eee71f418d8c3866eeceb5b376b08a8db7852492abc4259a34c8e648b1ac16b292b08dba81d8c95fa913231522d56ad39167a6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 60c1d45ed0b6ca22c57b6330c6205634
SHA1 9609b5556f1b624f9835d18bee2b5b6480e988ec
SHA256 853c984de967041b12b6a31458bb31cf619dfcf1c1297a067cd8d91e43359b93
SHA512 ebb07ffe8d1a5f2ca3dcf9f08f1d92f0417f3312071f52b8dfd4a67a7e3bac27465e59326920bcc16e086800ca05914500494406f1ba7d13e20af90ad2dd6e9e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e0e9a344155784709606475411bb2ebf
SHA1 761ac542734343a6609a6185fe7b801a401a9576
SHA256 ce4cf1f3f0ba9e78425d1512f627c2eda1ba8fc888919195aceb9b6197e57522
SHA512 1d6049a55785a47a0e29953f7c7395bad22104470ace31202522d512becdee581a033bb7740a765c968879bfafe4ac33dba86c50a385f5d4a8c2787e801b8be6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\9d233f2f-d3f1-439a-acb8-3a8421c6d936.tmp

MD5 a65ea8988d3e5319666d3b7e6ad4f502
SHA1 d7bc3c3173f1b55d274ce62b3df5783fa70acfd7
SHA256 f8fc71ce23f472885826a1c5c2b57e7128befe9c69c0f5adbcdbf60362030591
SHA512 c15fe4ef21c666153d6939cc9c8743ca4c2be5b3b8bee21134783fd9d14b52b30d86f79051c5b98cdfcec3af10c1e56c1f4f027973aa6fa03b8626eac300d004

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 730f2eb952fa15a84f2738d8c796c678
SHA1 4f5e82e0be98f544eb3dbb7c65e02ff30f6f4b55
SHA256 6f582f9cc77416e729f38ef13a7226952cb6c02b1a53409c743b6b4438ec6a67
SHA512 c3d6d0b3854f674342adfbfa46a742cbe8131c91a92522cef3073946e9120ff23cb84a28470df5d11e90c948aaf5a50a50608a883f5a4c0055ed146129b5d5f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 42cce36c99dd91003f4727b2cfbceb32
SHA1 964b392d1ad68df551d3e3bc928f80c65e0edbdc
SHA256 5e3be04ba50793c3ae5fa875f4b02e4f874826bb8c44541c1b1b7b47257d5c10
SHA512 3066fb46093fa30a0e12048cd374c8d59cdf8395b0a11b47aef55a49c09859fe232d18bd8aae0aff05e8264f911ad1291bd41640ea040d72f6ab97a47e1339e2