Analysis Overview
SHA256
bb76ed8606711a007d823cb620c4603537bc06fcc7e728f3a47efbd4b7c0d1c2
Threat Level: Likely malicious
The file sample was found to be: Likely malicious.
Malicious Activity Summary
Modifies Installed Components in the registry
Sets file execution options in registry
Downloads MZ/PE file
Registers COM server for autorun
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
Adds Run key to start application
Checks installed software on the system
Installs/modifies Browser Helper Object
Drops desktop.ini file(s)
Suspicious use of NtCreateThreadExHideFromDebugger
Checks system information in the registry
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in System32 directory
Drops file in Windows directory
Drops file in Program Files directory
Enumerates physical storage devices
Command and Scripting Interpreter: JavaScript
System policy modification
Suspicious use of UnmapMainImage
Modifies registry class
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Checks processor information in registry
Suspicious behavior: GetForegroundWindowSpam
Suspicious behavior: AddClipboardFormatListener
Suspicious behavior: EnumeratesProcesses
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
NTFS ADS
Modifies data under HKEY_USERS
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Checks SCSI registry key(s)
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-02 15:31
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-02 15:31
Reported
2024-05-02 15:49
Platform
win11-20240426-en
Max time kernel
1049s
Max time network
1051s
Command Line
Signatures
Downloads MZ/PE file
Modifies Installed Components in the registry
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
Sets file execution options in registry
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EU8868.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EU8868.tmp\MicrosoftEdgeUpdate.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\notification_helper.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\PdfPreview\\PdfPreviewHandler.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ThreadingModel = "Apartment" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\EBWebView\\x64\\EmbeddedBrowserWebView.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\notification_click_helper.exe\"" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\notification_click_helper.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\BHO\\ie_to_edge_bho_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\!BCILauncher = "\"C:\\Windows\\Temp\\MUBSTemp\\BCILauncher.EXE\" bgaupmi=DDB378256049435CB4B852A41A5AF564" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{76EB64B5-3AEF-4072-A0A4-F7671F328B00}\BGAUpdate.exe | N/A |
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe | N/A |
Drops desktop.ini file(s)
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Videos\Captures\desktop.ini | C:\Windows\system32\svchost.exe | N/A |
Installs/modifies Browser Helper Object
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EU8868.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EU8868.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EU42AC.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EU42AC.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\MicrosoftEdgeUpdate.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
Suspicious use of NtCreateThreadExHideFromDebugger
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\Controls\XboxController\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\Locales\nb.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\EDGEMITMP_6074F.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\homeButton.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\Controls\DesignSystem\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\Cryo\Cryo\default.rbxp | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\content\textures\R15Migrator\Icon_AnimationConversionTab.png | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\InGameMenu\CircleCutout.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\Qml\QtQuick\Controls.2\Imagine\RadioDelegate.qml | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\textures\ui\LuaChat\icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\LuaPackages\AppTempCommon\LuaApp\Actions\SetGameUserIsPlaying.lua | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Locales\ar.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\EDGEMITMP_6074F.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\content\studio_svg_textures\Shared\InsertableObjects\Light\Large\[email protected] | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\scripts\CoreScripts\Modules\InGameMenu\Flags\GetFFlagIGMControllerBarRefactor.lua | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\EdgeWebView.dat | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\EDGEMITMP_6074F.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\ExtraContent\textures\ui\LuaChat\graphic\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\BuiltInPlugins\DepFiles\RobloxClassic.d | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\content\studio_svg_textures\Shared\WidgetIcons\Light\Standard\[email protected] | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\scripts\CoreScripts\Modules\InspectAndBuy\Reducers\Overlay.spec.lua | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\LuaPackages\Packages\_Index\RoduxPresence-50d7e209-c2fcb3b0\RoduxPresence\Selectors\getUserPresenceByUserId.lua | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\CommunityLinks\CommunityLinks\default.rbxp | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\RobloxAppHooks\RobloxAppEnums.lua | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\TenFootUiTesting\SharedFlags.lua | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\ExtraContent\textures\ui\InGameMenu\TouchControls\touch_action_rotate_camera.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\content\studio_svg_textures\Shared\Navigation\Light\Standard\[email protected] | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\content\studio_svg_textures\Shared\InsertableObjects\Dark\Standard\BodyForce.png | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\Screenshots\Rodux.lua | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\DeveloperStorybook\Collapse.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\content\studio_svg_textures\Shared\WidgetIcons\Light\Large\[email protected] | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\scripts\CoreScripts\Modules\DevConsole\Components\DataContext.spec.lua | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\scripts\CoreScripts\Modules\DevConsole\Components\ScriptProfiler\Actions\SetFrequency.lua | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\scripts\CoreScripts\Modules\AvatarEditorPrompts\Thunks\PerformUpdateOutfit.lua | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\ExperienceService\MessageBus.lua | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\Chat\ToggleChatDown.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\Qml\QtQuick\Controls.2\Universal\qtquickcontrols2universalstyleplugin.dll | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\scripts\CoreScripts\Modules\Settings\Pages\ShareGame\Components\ShareButton.spec.lua | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\ExtraContent\textures\ui\LuaApp\icons\ic-favorite-filled.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\content\textures\GameSettings\RadioButton.png | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\content\textures\StudioSharedUI\RoundedRightBackground.png | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\LuaPackages\Packages\_Index\JestEach-edcba0e9-2.4.1\JestEach\nilPlaceholder.lua | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\ExtraContent\textures\ui\LuaChat\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\content\textures\ui\Controls\DefaultController\[email protected] | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\LuaPackages\Packages\_Index\RoactCompat\RoactCompat\setGlobalConfig.lua | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\Menu\HamburgerDown.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\PlatformContent\pc\textures\water\normal_20.dds | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\scripts\CoreScripts\Modules\PurchasePrompt\Misc\Constants.lua | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\Controls\DefaultController\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\Settings\Radial\EmptyTopLeft.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\Emotes\Small\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\SocialContextToasts\Promise.lua | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\CompositorDebugger\blend2d.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\PlatformContent\pc\textures\slate\diffuse.dds | C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\scripts\CoreScripts\Modules\Flags\GetFFlagSubscriptionFailureUX.lua | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\SocialPolicies\SocialPolicies\default.rbxp | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\VoiceChat\New\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\content\studio_svg_textures\Shared\Clipboard\Dark\Standard\[email protected] | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\textures\ui\LuaChat\icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\AmpUpsell\RoactRodux.lua | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\StudioSharedUI\MeatballMenu.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Locales\mi.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\content\studio_svg_textures\Shared\InsertableObjects\Dark\Standard\[email protected] | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\Controls\XboxController\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\content\textures\AvatarEditorImages\[email protected] | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\content\studio_svg_textures\Shared\InsertableObjects\Dark\Large\Attachment.png | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\ExtraContent\LuaPackages\Packages\_Index\LuauPolyfill-12e911c4-0c4b13ff\LuauPolyfill\Array\slice.lua | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
Drops file in Windows directory
Command and Scripting Interpreter: JavaScript
Enumerates physical storage devices
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Windows\System32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\System32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Windows\System32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\System32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\System32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Windows\System32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Windows\system32\svchost.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\PROTOCOLEXECUTE\ROBLOX-PLAYER | C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox | C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio-auth\WarnOnOpen = "0" | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player | C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\PROTOCOLEXECUTE\ROBLOX | C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\PROTOCOLEXECUTE\ROBLOX-STUDIO | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio-auth | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "24" | C:\Windows\System32\svchost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "43" | C:\Windows\System32\svchost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "28" | C:\Windows\System32\svchost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "8" | C:\Windows\System32\svchost.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge\InstallerPinned = "0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "17" | C:\Windows\System32\svchost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "39" | C:\Windows\System32\svchost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "36" | C:\Windows\System32\svchost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "35" | C:\Windows\System32\svchost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "27" | C:\Windows\System32\svchost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "2" | C:\Windows\System32\svchost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "9" | C:\Windows\System32\svchost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "13" | C:\Windows\System32\svchost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\.rbxlx\ = "Roblox.Place" | C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\NumMethods\ = "10" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ = "IGoogleUpdate3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\ProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\NumMethods\ = "10" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{C9C2B807-7731-4F34-81B7-44FF7779522B}\1.0\0\win32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\elevation_service.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachine | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachineFallback\ = "Microsoft Edge Update Legacy On Demand" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ = "IGoogleUpdate3Web" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ = "ICoCreateAsync" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\shell\open\command | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebMachine.1.0 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods\ = "26" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods\ = "26" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ = "IProcessLauncher" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\NumMethods\ = "9" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\NumMethods\ = "8" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\VersionIndependentProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\ = "PSFactoryBuffer" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachineFallback | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ = "IPolicyStatus3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\.xml | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\NumMethods\ = "24" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\ProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\NumMethods\ = "6" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2551177587-3778486488-1329702901-1000_Classes\Local Settings\MuiCache | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.Update3COMClassService" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of UnmapMainImage
Suspicious use of WriteProcessMemory
System policy modification
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\sample.js
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffe6866ab58,0x7ffe6866ab68,0x7ffe6866ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1696 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2188 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3100 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3176 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4292 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4392 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4568 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4692 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4816 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4896 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4980 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2472 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3304 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5012 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4528 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5212 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5172 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3328 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5396 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"
C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe
"C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe"
C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe
C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_2541A\RobloxStudioInstaller.exe -relaunch
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=6072 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:1
C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
MicrosoftEdgeWebview2Setup.exe /silent /install
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MkRDQUQ1MzQtQ0Y0Ny00NDhGLUExREQtRTU3MEQxQjNFODlCfSIgdXNlcmlkPSJ7NjkyNjVEMzEtRjAwMi00MTg4LUJGN0UtQUZCODkyNzBCMDVCfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins1OTU2OEFCMS1GNzgxLTQ2RDEtODc2Qy1FRDE0MjM0QzNERjJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE0My41NyIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU0MzE3MTQyNTQiIGluc3RhbGxfdGltZV9tcz0iNTU2Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{2DCAD534-CF47-448F-A1DD-E570D1B3E89B}" /silent
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MkRDQUQ1MzQtQ0Y0Ny00NDhGLUExREQtRTU3MEQxQjNFODlCfSIgdXNlcmlkPSJ7NjkyNjVEMzEtRjAwMi00MTg4LUJGN0UtQUZCODkyNzBCMDVCfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntEQkNCNjJCNi1ERUQ2LTQ0OTctQkM3My0wODBGMjI5NjkwNEF9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTEwLjAuNTQ4MS4xMDQiIG5leHR2ZXJzaW9uPSIxMTAuMC41NDgxLjEwNCIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU0MzU0MzQxNzkiLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4504 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8
C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
MicrosoftEdgeWebview2Setup.exe /silent /install
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5084 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:2
C:\Program Files (x86)\Microsoft\Temp\EU42AC.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EU42AC.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /healthcheck
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NzdEMTY0RjctRUVDOS00M0ZDLUEzNUItRTMwNjY3OENBQjhFfSIgdXNlcmlkPSJ7NjkyNjVEMzEtRjAwMi00MTg4LUJGN0UtQUZCODkyNzBCMDVCfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins0NTNFRDRCQi1DQTFDLTQxN0EtQjk2Ny1ENDY5ODVFMkRBNzJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTcxLjM5IiBuZXh0dmVyc2lvbj0iMS4zLjE3MS4zOSIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNTgwODExNDMxNiIgaW5zdGFsbF90aW1lX21zPSIzOSIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{77D164F7-EEC9-43FC-A35B-E306678CAB8E}" /silent
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\MicrosoftEdge_X64_124.0.2478.67.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\EDGEMITMP_6074F.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\EDGEMITMP_6074F.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\EDGEMITMP_6074F.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\EDGEMITMP_6074F.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B827C38-AA12-4B76-9DE1-00713353D5BF}\EDGEMITMP_6074F.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x244,0x248,0x24c,0x220,0x250,0x7ff7287388c0,0x7ff7287388cc,0x7ff7287388d8
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2E15E86A-61D1-4A1B-9E7E-468EFFBEBDBF}\MicrosoftEdge_X64_124.0.2478.67.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2E15E86A-61D1-4A1B-9E7E-468EFFBEBDBF}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MkRDQUQ1MzQtQ0Y0Ny00NDhGLUExREQtRTU3MEQxQjNFODlCfSIgdXNlcmlkPSJ7NjkyNjVEMzEtRjAwMi00MTg4LUJGN0UtQUZCODkyNzBCMDVCfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins3NDY3NUU1Qy04RjZFLTQ3OTEtODgxRC02N0Y2OEQzRDI2Q0N9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIxMjQuMC4yNDc4LjY3IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1NDgzODcxMTEwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNTQ4Mzg5NDIyNiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU4MzYwMzQzMjciIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5mLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzEzMWJkNWQ3LTljNjUtNDc2YS05MDc1LWUyNDk0ZjhkYTllND9QMT0xNzE1MjY4ODExJmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PWl3NDdWZ1JRZTkybWg0MTVnVHdiVXNNWFBYJTJmZ3JJSGxVdkZXU2lvYXYlMmZvTm5BSllKVEltWkp6MFJ4NncxM2RBZ3NwWjV3RkVQS3RxNyUyYlF1cTY4NkFRJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTcyNzIzNzY4IiB0b3RhbD0iMTcyNzIzNzY4IiBkb3dubG9hZF90aW1lX21zPSIyNjY5MSIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU4MzYxNDQyMzUiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1ODU4NTk0MjQ2IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI2MzEzNTI0MTUyIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iMzY2MSIgZG93bmxvYWRfdGltZV9tcz0iMzUyMjEiIGRvd25sb2FkZWQ9IjE3MjcyMzc2OCIgdG90YWw9IjE3MjcyMzc2OCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iNDU0OTAiLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe" -app -isInstallerLaunch
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2E15E86A-61D1-4A1B-9E7E-468EFFBEBDBF}\EDGEMITMP_53FDF.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2E15E86A-61D1-4A1B-9E7E-468EFFBEBDBF}\EDGEMITMP_53FDF.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2E15E86A-61D1-4A1B-9E7E-468EFFBEBDBF}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2E15E86A-61D1-4A1B-9E7E-468EFFBEBDBF}\EDGEMITMP_53FDF.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2E15E86A-61D1-4A1B-9E7E-468EFFBEBDBF}\EDGEMITMP_53FDF.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2E15E86A-61D1-4A1B-9E7E-468EFFBEBDBF}\EDGEMITMP_53FDF.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x244,0x248,0x24c,0x220,0x250,0x7ff6cea288c0,0x7ff6cea288cc,0x7ff6cea288d8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=3840 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5196 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3892 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4540 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=216 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=4968 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=6200 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6292 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8
C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:DnzAnXuKw9eYghys8Fqrr_qi7bK42wAEiy3glQn4VYDH_ZLxwmCXdslVeT0Ulfb9s3zUxWHOYR4Lizu7p8xpaLNyy-dDGlh1x7mj4BTAOIFVgvZkBAp0KEcANsOZwL0APuKSoKCLYTvkEb-31D4Wf4frEdq2ld_FUtIyae9ABbNS4FM6lk2bVjhAjGG-bpU80A7OTDnR0b6usI91_gHMjIIkko05WYH4bDbJKUXvXJg+launchtime:1714664114324+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1714663963941008%26placeId%3D2753915549%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3Dc2b140e2-41cd-4322-afad-06956baf765e%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1714663963941008+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NzdEMTY0RjctRUVDOS00M0ZDLUEzNUItRTMwNjY3OENBQjhFfSIgdXNlcmlkPSJ7NjkyNjVEMzEtRjAwMi00MTg4LUJGN0UtQUZCODkyNzBCMDVCfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntDRDNEMUYzQS0yNDRELTQ2NkQtODMwNC0zNEY1NTFCM0Y3NzV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIxMjQuMC4yNDc4LjY3IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1ODI0NjU0Mjg1IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNTgyNDc1NDE2NCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU4NTg2MTQyMTAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI2MzEzNTM4Njg0IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI2Njc2MDUxMTQ1IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iMzM1IiBkb3dubG9hZGVkPSIxNzI3MjM3NjgiIHRvdGFsPSIxNzI3MjM3NjgiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIxIiBpbnN0YWxsX3RpbWVfbXM9IjM2MjUwIi8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe" -startEvent www.roblox.com/robloxQTStudioStartedEvent -firstLaunch
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 623, 0, 6230555" --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --enable-features=MojoIpcz --mojo-named-platform-channel-pipe=2532.336.12217195397381761707
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=124.0.2478.67 --initial-client-data=0x17c,0x180,0x184,0x158,0x18c,0x7ffe50b9ceb8,0x7ffe50b9cec4,0x7ffe50b9ced0
C:\Windows\System32\GameBarPresenceWriter.exe
"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 623, 0, 6230555" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1780,i,4998448274985824269,5458823139138981001,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=1772 /prefetch:2
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 623, 0, 6230555" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --field-trial-handle=2004,i,4998448274985824269,5458823139138981001,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=2020 /prefetch:3
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 623, 0, 6230555" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --field-trial-handle=2180,i,4998448274985824269,5458823139138981001,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=2188 /prefetch:8
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 623, 0, 6230555" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3480,i,4998448274985824269,5458823139138981001,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3476 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 623, 0, 6230555" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3668,i,4998448274985824269,5458823139138981001,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3620 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 623, 0, 6230555" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3460,i,4998448274985824269,5458823139138981001,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3712 /prefetch:1
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004B8 0x00000000000004C4
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{54C661F3-D211-4AD0-8160-2FA1CEB4E09B}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{54C661F3-D211-4AD0-8160-2FA1CEB4E09B}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe" /update /sessionid "{D218110E-7580-4EE6-8F1A-783C1680E365}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RDIxODExMEUtNzU4MC00RUU2LThGMUEtNzgzQzE2ODBFMzY1fSIgdXNlcmlkPSJ7NjkyNjVEMzEtRjAwMi00MTg4LUJGN0UtQUZCODkyNzBCMDVCfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins4Qzk4QjVEQi0zNDc2LTQ5NjAtOUU1RC1FMzMwM0I1MUY1MTN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTcxLjM5IiBuZXh0dmVyc2lvbj0iMS4zLjE4NS4yOSIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijg5NDg1NTA1MDMiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODk0ODU4MDQ3OSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMCIgZXJyb3Jjb2RlPSItMjE0NzAyMzgzOCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTI0OTUxMzA5MCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iZG8iIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzcyZWQ4MDg3LWVlOTgtNDI5Yy05MzMwLWNhM2MxOTNkNDFhZj9QMT0xNzE1MjY5MTU5JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PUtQWFZkSUxja1VlVlZYcVJEZ3VQUTB6b0pyMUF2VVVHaGZ6cGlBa1pUSXk5NXI5SVZXMmR6NGJObkZLRU14WWg0a3hCeVJWdU1Fa3JTZ1dnN1dobkl3JTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMCIgdG90YWw9IjAiIGRvd25sb2FkX3RpbWVfbXM9IjIiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTI0OTUyMjE2MSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNzJlZDgwODctZWU5OC00MjljLTkzMzAtY2EzYzE5M2Q0MWFmP1AxPTE3MTUyNjkxNTkmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9S1BYVmRJTGNrVWVWVlhxUkRndVBRMHpvSnIxQXZVVUdoZnpwaUFrWlRJeTk1cjlJVlcyZHo0Yk5uRktFTXhZaDRreEJ5UlZ1TUVrclNnV2c3V2huSXclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNjMwNzkyIiB0b3RhbD0iMTYzMDc5MiIgZG93bmxvYWRfdGltZV9tcz0iMjU3OTIiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTI0OTU3MjE2MyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5MjU0NzQ0OTAxIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PHBpbmcgcj0iLTEiIHJkPSItMSIvPjwvYXBwPjxhcHAgYXBwaWQ9Ins1NkVCMThGOC1CMDA4LTRDQkQtQjZEMi04Qzk3RkU3RTkwNjJ9IiB2ZXJzaW9uPSI5MC4wLjgxOC42NiIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1ODYyMDA2MzI3Mjk3MjAiPjx1cGRhdGVjaGVjay8-PHBpbmcgYWN0aXZlPSIxIiBhPSItMSIgcj0iLTEiIGFkPSItMSIgcmQ9Ii0xIi8-PC9hcHA-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IjEyNC4wLjI0NzguNjciIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgdXBkYXRlX2NvdW50PSIxIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1OTEzNzczNzQ3NzgxMDAiPjx1cGRhdGVjaGVjay8-PHBpbmcgYWN0aXZlPSIxIiBhPSItMSIgcj0iLTEiIGFkPSItMSIgcmQ9Ii0xIiBwaW5nX2ZyZXNobmVzcz0ie0YxMDMwNTgyLUMzOTUtNDI1RS1CMzU2LTExNjg5ODgzMUYwOX0iLz48L2FwcD48L3JlcXVlc3Q-
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
C:\Program Files (x86)\Microsoft\Temp\EU8868.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EU8868.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{D218110E-7580-4EE6-8F1A-783C1680E365}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RDIxODExMEUtNzU4MC00RUU2LThGMUEtNzgzQzE2ODBFMzY1fSIgdXNlcmlkPSJ7NjkyNjVEMzEtRjAwMi00MTg4LUJGN0UtQUZCODkyNzBCMDVCfSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7RjYxRDQyNDItNkUwMy00NTM5LTg3NjYtREUyNEU3QUVGNTQ0fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xODUuMjkiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIwIiBpbnN0YWxsZGF0ZXRpbWU9IjE3MTQ2NjQwMDYiPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjkyNjk3MTIzNjQiLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-f0582db71b134926\RobloxStudioBeta.exe"
C:\Windows\System32\GameBarPresenceWriter.exe
"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://checkout.stripe.com/c/pay/cs_live_a1RPuIPY8ZMBmATwo6dbkbWqdfW9Bu2T7Nx4jB0ijmnwjqpk4v0wAAOKop#fid1d2BpamRhQ2prcSc%2FJ0hqa3F2YHd3ZHEnKSdkdWxOYHwnPyd1blppbHNgWjA0SU51SjxGPXFPUkJtTjFNQE1xa3w8QWIyfV1sVE80bDYxPGZ0M05HQXB2Z2k9Z1dNSjJUaEZOTm1dND1JVW9WbHdIS1FzbzZxYHZ0M2htTFRwVWxqYERhNTUzN19GYmpDNicpJ2N3amhWYHdzYHcnP3F3cGApJ2lkfGpwcVF8dWAnPyd2bGtiaWBabHFgaCcpJ2BrZGdpYFVpZGZgbWppYWB3dic%2FcXdwYHgl
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffe54203cb8,0x7ffe54203cc8,0x7ffe54203cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1948,13447022605649258980,9469556324527833072,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1992 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1948,13447022605649258980,9469556324527833072,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 /prefetch:3
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1948,13447022605649258980,9469556324527833072,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2560 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,13447022605649258980,9469556324527833072,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,13447022605649258980,9469556324527833072,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,13447022605649258980,9469556324527833072,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NTRFMkI0OEYtNkI2My00MkYzLUEzQkEtRDdDN0FBMjI0ODhGfSIgdXNlcmlkPSJ7NjkyNjVEMzEtRjAwMi00MTg4LUJGN0UtQUZCODkyNzBCMDVCfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7QjNBMEE0ODctQjA1MC00REZDLTkxQkQtNDUyNzdFMzYxODEyfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7RHhPYmpIR2ErblJhMmF0QzN3bytJRXBDNzgrWlllQVVia1hwREMyY2o3VT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTEwLjAuNTQ4MS4xMDQiIG5leHR2ZXJzaW9uPSIiIGxhbmc9ImVuIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjYiIGluc3RhbGxkYXRldGltZT0iMTcxNDE0NTAwOSIgb29iZV9pbnN0YWxsX3RpbWU9IjEzMzU4NjQyOTMwODY5MDUzNyI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjIxMTQwNjgiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyMjczNDY5NzA3Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{76EB64B5-3AEF-4072-A0A4-F7671F328B00}\BGAUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{76EB64B5-3AEF-4072-A0A4-F7671F328B00}\BGAUpdate.exe" --edgeupdate-client --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NTRFMkI0OEYtNkI2My00MkYzLUEzQkEtRDdDN0FBMjI0ODhGfSIgdXNlcmlkPSJ7NjkyNjVEMzEtRjAwMi00MTg4LUJGN0UtQUZCODkyNzBCMDVCfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntCMzdGRkM1RS05OTYyLTRBMzctOTUwQy1CQUREMTQyMDgxRTZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9InsxRkFCOENGRS05ODYwLTQxNUMtQTZDQS1BQTdEMTIwMjE5NDB9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIyLjAuMC4zNCIgbGFuZz0iIiBicmFuZD0iRVVGSSIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSItMSIgaW5zdGFsbGRhdGU9Ii0xIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjkiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyMjg5MTg5NjQ1IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTIyODkyNzk1NjEiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMCIgZXJyb3Jjb2RlPSItMjE0NzAyMzgzOCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTIzOTc4NzQ5MDciIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImRvIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy81ZjE5NTYxMi0zODRhLTQ4ZWEtODQwOC1iNGVkZTlkYzU2YmI_UDE9MTcxNTI2OTQ5MyZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1KbVJhSTBkS0NyMExkbzBWQllOayUyZmoycFRtM2xHVGY0cG4lMmJKRVN2VzY2aHV2cEVBYnFFTE41NTgweUxrUklUV2dyMTJSaFVYb09vcVVrJTJicGszZmpHUSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSIwIiBkb3dubG9hZF90aW1lX21zPSIzIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDUzODYzODUiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyMzk4MjE2MDM0IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy81ZjE5NTYxMi0zODRhLTQ4ZWEtODQwOC1iNGVkZTlkYzU2YmI_UDE9MTcxNTI2OTQ5MyZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1KbVJhSTBkS0NyMExkbzBWQllOayUyZmoycFRtM2xHVGY0cG4lMmJKRVN2VzY2aHV2cEVBYnFFTE41NTgweUxrUklUV2dyMTJSaFVYb09vcVVrJTJicGszZmpHUSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSItMSIgZG93bmxvYWRfdGltZV9tcz0iNDYiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjM5ODI2NDk2NiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0id2luaHR0cCIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNWYxOTU2MTItMzg0YS00OGVhLTg0MDgtYjRlZGU5ZGM1NmJiP1AxPTE3MTUyNjk0OTMmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9Sm1SYUkwZEtDcjBMZG8wVkJZTmslMmZqMnBUbTNsR1RmNHBuJTJiSkVTdlc2Nmh1dnBFQWJxRUxONTU4MHlMa1JJVFdncjEyUmhVWG9Pb3FVayUyYnBrM2ZqR1ElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIxOTkuMjMyLjIxMC4xNzIiIGNkbl9jaWQ9IjMiIGNkbl9jY2M9IkdCIiBjZG5fbXNlZGdlX3JlZj0iUmVmIEE6IDJERDc4ODU2RjEwNjQxREM4RjAzQzJDN0FGNzA5MUMyIFJlZiBCOiBMVFNFREdFMTcxMCBSZWYgQzogMjAyNC0wNC0xNVQyMDo0MzoxM1oiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iUmVmIEE6IDNFNTdDMDE4NkRGNDQyNzlBNDMzQjJCOTc0RkYzOUY0IFJlZiBCOiBBTVMyMzEwMjIwMTEwMjUgUmVmIEM6IDIwMjQtMDQtMTVUMjA6NDM6MTNaIiBjZG5fY2FjaGU9IkhJVCwgSElUIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE4MDQ0NDQ4IiB0b3RhbD0iMTgwNDQ0NDgiIGRvd25sb2FkX3RpbWVfbXM9IjQ3NTMiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjM5ODMwNDg4MyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyNDA1MTY0ODcyIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTI0MjkxNDA0MzIiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSI2NjYiIGRvd25sb2FkX3RpbWVfbXM9IjEwODE3IiBkb3dubG9hZGVkPSIxODA0NDQ0OCIgdG90YWw9IjE4MDQ0NDQ4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSIyMzkzIi8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\MicrosoftEdge_X64_124.0.2478.67.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff780fa88c0,0x7ff780fa88cc,0x7ff780fa88d8
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A9E20BB1-CC1E-4ACC-9BF2-DF434715E15F}\EDGEMITMP_1C86B.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff780fa88c0,0x7ff780fa88cc,0x7ff780fa88d8
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MzYwNTUyNDItRDc3OC00RTFFLTkzMEItNzQyNzdDMTg5NEZGfSIgdXNlcmlkPSJ7NjkyNjVEMzEtRjAwMi00MTg4LUJGN0UtQUZCODkyNzBCMDVCfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntFQ0QzMjFGRC00OEE5LTQ4RDEtQjRBNi02RDU5NDVBMkMwOTJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtEeE9iakhHYStuUmEyYXRDM3dvK0lFcEM3OCtaWWVBVWJrWHBEQzJjajdVPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTg1LjI5IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9IklzT25JbnRlcnZhbENvbW1hbmRzQWxsb3dlZD0tdGFyZ2V0X2RldjtQcm9kdWN0c1RvUmVnaXN0ZXI9JTdCMUZBQjhDRkUtOTg2MC00MTVDLUE2Q0EtQUE3RDEyMDIxOTQwJTdEIiBpbnN0YWxsYWdlPSIwIiBjb2hvcnQ9InJyZkAwLjA4Ij48dXBkYXRlY2hlY2svPjxwaW5nIHJkPSI2MzMxIiBwaW5nX2ZyZXNobmVzcz0iezA1OUM5QzE5LTY2NEItNEQ3NS1CREI1LTM5RDFCMDUxNkZCRX0iLz48L2FwcD48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iOTAuMC44MTguNjYiIG5leHR2ZXJzaW9uPSIxMjQuMC4yNDc4LjY3IiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGlzX3Bpbm5lZF9zeXN0ZW09InRydWUiIGxhc3RfbGF1bmNoX2NvdW50PSIxIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1OTEzODI1MDExMzI1NTAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyODQ5NDMxNjg3IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyODUxOTMxMzQzIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyOTA0OTAxMzY5IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyOTc5OTIwOTAxIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzYwNzYwMDU2MCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjMxMDAiIGRvd25sb2FkZWQ9IjE3MjcyMzc2OCIgdG90YWw9IjE3MjcyMzc2OCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjIiIGluc3RhbGxfdGltZV9tcz0iNjI2OTYiLz48cGluZyBhY3RpdmU9IjEiIGFkPSI2MzMxIiByZD0iNjMzMSIgcGluZ19mcmVzaG5lc3M9InsyOTdFMDlGOC0wRUE4LTRBOTUtOUE0OC0zMTRBNEFCMjk5OUJ9Ii8-PC9hcHA-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IjEyNC4wLjI0NzguNjciIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgY29ob3J0PSJycmZAMC44OCIgdXBkYXRlX2NvdW50PSIxIiBsYXN0X2xhdW5jaF9jb3VudD0iMSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNTkxMzc3Mzc0Nzc4MTAwIj48dXBkYXRlY2hlY2svPjxwaW5nIGFjdGl2ZT0iMCIgcmQ9IjYzMzEiIHBpbmdfZnJlc2huZXNzPSJ7RUNGNkI4NTItRDhGMi00Q0Y3LUI2RTgtRjJFQTJFMkY4NzhBfSIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe"
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4296 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4292 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4248 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6428 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4368 --field-trial-handle=1836,i,16374107990088333966,13610147938274170235,131072 /prefetch:8
C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe
"C:\Users\Admin\Downloads\RobloxPlayerInstaller (1).exe"
C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe" -app -isInstallerLaunch
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /0
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.178.4:443 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.178.250.142.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 172.217.16.238:443 | consent.google.com | udp |
| GB | 172.217.16.238:443 | consent.google.com | tcp |
| GB | 172.217.16.238:443 | consent.google.com | tcp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | tcp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | tcp |
| DE | 128.116.123.4:443 | apis.roblox.com | tcp |
| DE | 128.116.123.4:443 | apis.roblox.com | tcp |
| GB | 13.224.81.77:443 | css.rbxcdn.com | tcp |
| GB | 13.224.81.77:443 | css.rbxcdn.com | tcp |
| GB | 13.224.81.77:443 | css.rbxcdn.com | tcp |
| GB | 13.224.81.77:443 | css.rbxcdn.com | tcp |
| GB | 13.224.81.77:443 | css.rbxcdn.com | tcp |
| GB | 13.224.81.77:443 | css.rbxcdn.com | tcp |
| GB | 13.224.81.80:443 | js.rbxcdn.com | tcp |
| GB | 13.224.81.80:443 | js.rbxcdn.com | tcp |
| GB | 13.224.81.80:443 | js.rbxcdn.com | tcp |
| GB | 13.224.81.80:443 | js.rbxcdn.com | tcp |
| GB | 13.224.81.80:443 | js.rbxcdn.com | tcp |
| GB | 13.224.81.80:443 | js.rbxcdn.com | tcp |
| GB | 3.162.20.13:443 | static.rbxcdn.com | tcp |
| GB | 3.162.20.13:443 | static.rbxcdn.com | tcp |
| GB | 128.116.119.4:443 | roblox.com | tcp |
| GB | 3.162.20.91:443 | images.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 13.20.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| DE | 128.116.123.4:443 | locale.roblox.com | tcp |
| US | 2.18.190.76:443 | apis.rbxcdn.com | tcp |
| GB | 13.224.81.77:443 | css.rbxcdn.com | tcp |
| DE | 128.116.123.4:443 | locale.roblox.com | udp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | udp |
| GB | 18.172.89.122:443 | setup.rbxcdn.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| GB | 18.172.89.15:443 | setup.rbxcdn.com | tcp |
| N/A | 127.0.0.1:50139 | tcp | |
| GB | 18.172.89.15:443 | setup.rbxcdn.com | tcp |
| GB | 18.172.89.15:443 | setup.rbxcdn.com | tcp |
| N/A | 127.0.0.1:50143 | tcp | |
| N/A | 127.0.0.1:50146 | tcp | |
| N/A | 127.0.0.1:50149 | tcp | |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| GB | 18.172.89.15:443 | setup.rbxcdn.com | tcp |
| GB | 18.172.89.15:443 | setup.rbxcdn.com | tcp |
| GB | 18.172.89.15:443 | setup.rbxcdn.com | tcp |
| US | 52.111.229.43:443 | tcp | |
| FR | 172.217.18.195:443 | beacons.gcp.gvt2.com | tcp |
| N/A | 127.0.0.1:50203 | tcp | |
| N/A | 127.0.0.1:50213 | tcp | |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| N/A | 127.0.0.1:50227 | tcp | |
| N/A | 127.0.0.1:50232 | tcp | |
| GB | 142.250.178.4:443 | www.google.com | udp |
| DE | 128.116.123.4:443 | locale.roblox.com | udp |
| DE | 128.116.123.4:443 | locale.roblox.com | udp |
| DE | 128.116.123.4:443 | locale.roblox.com | udp |
| US | 172.64.154.86:443 | roblox-api.arkoselabs.com | tcp |
| N/A | 127.0.0.1:50235 | tcp | |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | udp |
| US | 172.64.154.86:443 | roblox-api.arkoselabs.com | udp |
| US | 20.7.47.135:443 | tcp | |
| GB | 23.73.139.75:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| DE | 128.116.123.4:443 | locale.roblox.com | udp |
| FR | 172.217.18.195:443 | beacons.gcp.gvt2.com | udp |
| DE | 128.116.123.4:443 | www.roblox.com | udp |
| DE | 128.116.123.4:443 | www.roblox.com | udp |
| DE | 128.116.123.4:443 | www.roblox.com | udp |
| US | 172.64.154.86:443 | roblox-api.arkoselabs.com | udp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| GB | 23.73.139.67:443 | tr.rbxcdn.com | tcp |
| GB | 3.162.20.44:443 | static.rbxcdn.com | tcp |
| DE | 128.116.123.3:443 | realtime-signalr.roblox.com | tcp |
| US | 8.8.8.8:53 | accountsettings.roblox.com | udp |
| US | 8.8.8.8:53 | 44.20.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c0cfly.rbxcdn.com | udp |
| US | 8.8.8.8:53 | dfw2-128-116-95-3.roblox.com | udp |
| US | 8.8.8.8:53 | gold.roblox.com | udp |
| US | 8.8.8.8:53 | sea1-128-116-115-3.roblox.com | udp |
| US | 8.8.8.8:53 | economy.roblox.com | udp |
| US | 8.8.8.8:53 | lga2-128-116-32-3.roblox.com | udp |
| US | 8.8.8.8:53 | silver.roblox.com | udp |
| US | 8.8.8.8:53 | mia4-128-116-45-3.roblox.com | udp |
| US | 8.8.8.8:53 | fra4-128-116-44-3.roblox.com | udp |
| US | 8.8.8.8:53 | friends.roblox.com | udp |
| US | 8.8.8.8:53 | privatemessages.roblox.com | udp |
| US | 8.8.8.8:53 | trades.roblox.com | udp |
| IN | 128.116.104.4:443 | bom1-128-116-104-4.roblox.com | tcp |
| US | 128.116.116.3:443 | lax2-128-116-116-3.roblox.com | tcp |
| US | 205.234.175.102:443 | t7.rbxcdn.com | tcp |
| US | 128.116.45.3:443 | mia4-128-116-45-3.roblox.com | tcp |
| DE | 128.116.44.3:443 | fra4-128-116-44-3.roblox.com | tcp |
| GB | 128.116.119.3:443 | silver.roblox.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| US | 128.116.32.3:443 | lga2-128-116-32-3.roblox.com | tcp |
| US | 128.116.95.3:443 | dfw2-128-116-95-3.roblox.com | tcp |
| US | 128.116.115.3:443 | sea1-128-116-115-3.roblox.com | tcp |
| US | 151.101.0.176:443 | m.stripe.network | tcp |
| US | 52.14.203.156:443 | aws-us-east-2b-lms.rbx.com | tcp |
| GB | 3.11.108.22:443 | aws-eu-west-2a-lms.rbx.com | tcp |
| PL | 128.116.124.3:443 | waw1-128-116-124-3.roblox.com | tcp |
| US | 128.116.102.3:443 | iad4-128-116-102-3.roblox.com | tcp |
| GB | 13.224.81.89:443 | c0.rbxcdn.com | tcp |
| GB | 13.224.81.64:443 | c0.rbxcdn.com | tcp |
| DE | 18.194.96.40:443 | s.ns1p.net | tcp |
| DE | 18.185.246.39:443 | s.ns1p.net | tcp |
| US | 128.116.102.3:443 | iad4-128-116-102-3.roblox.com | tcp |
| DE | 128.116.44.3:443 | fra4-128-116-44-3.roblox.com | tcp |
| US | 128.116.116.3:443 | lax2-128-116-116-3.roblox.com | tcp |
| US | 44.240.201.86:443 | m.stripe.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| N/A | 127.0.0.1:52096 | tcp | |
| FR | 172.217.18.195:443 | beacons.gcp.gvt2.com | udp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| N/A | 127.0.0.1:52312 | tcp | |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| DE | 128.116.123.4:443 | thumbnails.roblox.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.123.4:443 | thumbnails.roblox.com | tcp |
| N/A | 127.0.0.1:52323 | tcp | |
| N/A | 127.0.0.1:52340 | tcp | |
| N/A | 127.0.0.1:52343 | tcp | |
| N/A | 127.0.0.1:52347 | tcp | |
| N/A | 127.0.0.1:52351 | tcp | |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| DE | 128.116.123.4:443 | apis.roblox.com | tcp |
| DE | 128.116.123.4:443 | apis.roblox.com | tcp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| GB | 13.224.81.99:443 | css.rbxcdn.com | tcp |
| GB | 13.224.81.99:443 | css.rbxcdn.com | tcp |
| GB | 13.224.81.99:443 | css.rbxcdn.com | tcp |
| GB | 13.224.81.99:443 | css.rbxcdn.com | tcp |
| GB | 13.224.81.99:443 | css.rbxcdn.com | tcp |
| GB | 13.224.81.99:443 | css.rbxcdn.com | tcp |
| GB | 3.162.20.13:443 | static.rbxcdn.com | tcp |
| GB | 3.162.20.13:443 | static.rbxcdn.com | tcp |
| GB | 13.224.81.33:443 | js.rbxcdn.com | tcp |
| GB | 13.224.81.33:443 | js.rbxcdn.com | tcp |
| GB | 13.224.81.33:443 | js.rbxcdn.com | tcp |
| GB | 13.224.81.33:443 | js.rbxcdn.com | tcp |
| GB | 13.224.81.33:443 | js.rbxcdn.com | tcp |
| GB | 13.224.81.33:443 | js.rbxcdn.com | tcp |
| GB | 3.162.20.91:443 | images.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| GB | 13.224.81.99:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| US | 172.64.154.86:443 | roblox-api.arkoselabs.com | tcp |
| US | 128.116.32.4:443 | roblox.com | tcp |
| DE | 128.116.123.4:443 | metrics.roblox.com | udp |
| DE | 128.116.123.4:443 | metrics.roblox.com | tcp |
| US | 8.8.8.8:53 | apis.rbxcdn.com | udp |
| US | 8.8.8.8:53 | apis.rbxcdn.com | udp |
| US | 2.18.190.83:443 | apis.rbxcdn.com | tcp |
| US | 172.64.154.86:443 | roblox-api.arkoselabs.com | udp |
| DE | 128.116.123.4:443 | metrics.roblox.com | udp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| N/A | 127.0.0.1:52871 | tcp | |
| N/A | 127.0.0.1:53065 | tcp | |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:54335 | tcp | |
| N/A | 127.0.0.1:54337 | tcp | |
| N/A | 127.0.0.1:54339 | tcp | |
| N/A | 127.0.0.1:54351 | tcp | |
| N/A | 127.0.0.1:54354 | tcp | |
| N/A | 127.0.0.1:54465 | tcp | |
| GB | 23.73.139.67:443 | tr.rbxcdn.com | tcp |
| GB | 23.73.139.67:443 | tr.rbxcdn.com | tcp |
| GB | 23.73.139.67:443 | tr.rbxcdn.com | tcp |
| GB | 23.73.139.67:443 | tr.rbxcdn.com | tcp |
| GB | 23.73.139.67:443 | tr.rbxcdn.com | tcp |
| GB | 23.73.139.67:443 | tr.rbxcdn.com | tcp |
| GB | 23.73.139.67:443 | tr.rbxcdn.com | tcp |
| GB | 13.224.81.107:443 | t7.rbxcdn.com | tcp |
| N/A | 127.0.0.1:54475 | tcp | |
| N/A | 127.0.0.1:54484 | tcp | |
| N/A | 127.0.0.1:54504 | tcp | |
| N/A | 127.0.0.1:54555 | tcp | |
| N/A | 127.0.0.1:54557 | tcp | |
| N/A | 127.0.0.1:54559 | tcp | |
| N/A | 127.0.0.1:54575 | tcp | |
| GB | 23.73.139.67:443 | tr.rbxcdn.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| N/A | 127.0.0.1:54778 | tcp | |
| N/A | 127.0.0.1:54781 | tcp | |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| US | 18.239.208.31:443 | c1.rbxcdn.com | tcp |
| N/A | 127.0.0.1:54797 | tcp | |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| GB | 13.224.81.89:443 | c0.rbxcdn.com | tcp |
| GB | 18.172.89.91:443 | c3.rbxcdn.com | tcp |
| GB | 13.224.81.90:443 | t3.rbxcdn.com | tcp |
| GB | 13.224.81.19:443 | t6.rbxcdn.com | tcp |
| GB | 13.224.81.19:443 | t6.rbxcdn.com | tcp |
| GB | 18.165.160.34:443 | c2.rbxcdn.com | tcp |
| N/A | 127.0.0.1:54809 | tcp | |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:54827 | tcp | |
| N/A | 127.0.0.1:54842 | tcp | |
| N/A | 127.0.0.1:54853 | tcp | |
| N/A | 127.0.0.1:54855 | tcp | |
| N/A | 127.0.0.1:54861 | tcp | |
| N/A | 127.0.0.1:54876 | tcp | |
| N/A | 127.0.0.1:54896 | tcp | |
| N/A | 127.0.0.1:54936 | tcp | |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:54939 | tcp | |
| N/A | 127.0.0.1:54941 | tcp | |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:54943 | tcp | |
| GB | 184.28.176.106:443 | tcp | |
| US | 20.189.173.23:443 | browser.pipe.aria.microsoft.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:55084 | tcp | |
| NL | 13.95.26.4:443 | msedge.api.cdp.microsoft.com | tcp |
| GB | 217.20.56.34:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| GB | 23.73.139.26:443 | tr.rbxcdn.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| US | 205.234.175.102:443 | t7.rbxcdn.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:56459 | tcp | |
| N/A | 127.0.0.1:56461 | tcp | |
| N/A | 127.0.0.1:56565 | tcp | |
| N/A | 127.0.0.1:56567 | tcp | |
| N/A | 127.0.0.1:56569 | tcp | |
| N/A | 127.0.0.1:56571 | tcp | |
| N/A | 127.0.0.1:56573 | tcp | |
| N/A | 127.0.0.1:56575 | tcp | |
| N/A | 127.0.0.1:56577 | tcp | |
| N/A | 127.0.0.1:56615 | tcp | |
| N/A | 127.0.0.1:56617 | tcp | |
| N/A | 127.0.0.1:56619 | tcp | |
| N/A | 127.0.0.1:56621 | tcp | |
| N/A | 127.0.0.1:56623 | tcp | |
| N/A | 127.0.0.1:56752 | tcp | |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:56778 | tcp | |
| N/A | 127.0.0.1:56785 | tcp | |
| N/A | 127.0.0.1:56789 | tcp | |
| N/A | 127.0.0.1:56792 | tcp | |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:56799 | tcp | |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:56802 | tcp | |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:58083 | tcp | |
| N/A | 127.0.0.1:58085 | tcp | |
| N/A | 127.0.0.1:58087 | tcp | |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| GB | 23.73.139.26:443 | tr.rbxcdn.com | tcp |
| GB | 23.73.139.26:443 | tr.rbxcdn.com | tcp |
| GB | 23.73.139.26:443 | tr.rbxcdn.com | tcp |
| GB | 23.73.139.26:443 | tr.rbxcdn.com | tcp |
| GB | 23.73.139.26:443 | tr.rbxcdn.com | tcp |
| GB | 23.73.139.26:443 | tr.rbxcdn.com | tcp |
| GB | 23.73.139.26:443 | tr.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | t7.rbxcdn.com | tcp |
| N/A | 127.0.0.1:58098 | tcp | |
| N/A | 127.0.0.1:58101 | tcp | |
| N/A | 127.0.0.1:58212 | tcp | |
| N/A | 127.0.0.1:58221 | tcp | |
| N/A | 127.0.0.1:58231 | tcp | |
| N/A | 127.0.0.1:58313 | tcp | |
| GB | 23.73.139.26:443 | tr.rbxcdn.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| GB | 18.172.89.116:443 | c1.rbxcdn.com | tcp |
| N/A | 127.0.0.1:58503 | tcp | |
| N/A | 127.0.0.1:58506 | tcp | |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:58516 | tcp | |
| N/A | 127.0.0.1:58518 | tcp | |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:58569 | tcp | |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:58572 | tcp | |
| N/A | 127.0.0.1:58574 | tcp | |
| N/A | 127.0.0.1:58576 | tcp | |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:55285 | udp | |
| N/A | 127.0.0.1:58606 | tcp | |
| N/A | 127.0.0.1:58625 | tcp | |
| N/A | 127.0.0.1:58629 | tcp | |
| GB | 13.224.81.10:443 | c0.rbxcdn.com | tcp |
| GB | 13.224.81.10:443 | c0.rbxcdn.com | tcp |
| GB | 18.172.89.127:443 | c6.rbxcdn.com | tcp |
| GB | 18.172.89.127:443 | c6.rbxcdn.com | tcp |
| GB | 18.172.89.127:443 | c6.rbxcdn.com | tcp |
| GB | 18.172.89.127:443 | c6.rbxcdn.com | tcp |
| GB | 18.172.89.13:443 | c1.rbxcdn.com | tcp |
| GB | 18.165.160.65:443 | c2.rbxcdn.com | tcp |
| GB | 18.165.160.65:443 | c2.rbxcdn.com | tcp |
| GB | 18.172.89.64:443 | c5.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 64.89.172.18.in-addr.arpa | udp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:58645 | tcp | |
| GB | 18.165.160.20:443 | c4.rbxcdn.com | tcp |
| GB | 18.165.160.20:443 | c4.rbxcdn.com | tcp |
| GB | 18.165.160.20:443 | c4.rbxcdn.com | tcp |
| GB | 18.165.160.20:443 | c4.rbxcdn.com | tcp |
| N/A | 127.0.0.1:58655 | tcp | |
| GB | 18.172.89.116:443 | c1.rbxcdn.com | tcp |
| GB | 18.172.89.13:443 | c1.rbxcdn.com | tcp |
| GB | 18.165.160.20:443 | c4.rbxcdn.com | tcp |
| GB | 18.172.89.116:443 | c1.rbxcdn.com | tcp |
| N/A | 127.0.0.1:58657 | tcp | |
| GB | 18.172.89.78:443 | c7.rbxcdn.com | tcp |
| N/A | 127.0.0.1:58661 | tcp | |
| N/A | 127.0.0.1:58667 | tcp | |
| GB | 18.165.160.65:443 | c2.rbxcdn.com | tcp |
| N/A | 127.0.0.1:58669 | tcp | |
| N/A | 127.0.0.1:58677 | tcp | |
| N/A | 127.0.0.1:58679 | tcp | |
| N/A | 127.0.0.1:58712 | tcp | |
| N/A | 127.0.0.1:58747 | tcp | |
| N/A | 127.0.0.1:58749 | tcp | |
| N/A | 127.0.0.1:58754 | tcp | |
| N/A | 127.0.0.1:58757 | tcp | |
| N/A | 127.0.0.1:58776 | tcp | |
| N/A | 127.0.0.1:58778 | tcp | |
| N/A | 127.0.0.1:58804 | tcp | |
| N/A | 127.0.0.1:58810 | tcp | |
| N/A | 127.0.0.1:58842 | tcp | |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| US | 205.234.175.102:443 | t7.rbxcdn.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| N/A | 127.0.0.1:59214 | tcp | |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:59228 | tcp | |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| N/A | 127.0.0.1:59231 | tcp | |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:59420 | tcp | |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:59453 | tcp | |
| N/A | 127.0.0.1:59455 | tcp | |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:59495 | tcp | |
| GB | 23.73.139.17:443 | tr.rbxcdn.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:59498 | tcp | |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:59500 | tcp | |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| GB | 23.73.139.17:443 | tr.rbxcdn.com | tcp |
| GB | 23.73.139.17:443 | tr.rbxcdn.com | tcp |
| N/A | 127.0.0.1:59504 | tcp | |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| GB | 13.224.81.64:443 | c0.rbxcdn.com | tcp |
| N/A | 127.0.0.1:59550 | tcp | |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:59556 | tcp | |
| GB | 18.172.89.28:443 | c7.rbxcdn.com | tcp |
| GB | 18.172.89.71:443 | c5.rbxcdn.com | tcp |
| GB | 18.172.89.28:443 | c7.rbxcdn.com | tcp |
| GB | 18.172.89.55:443 | c6.rbxcdn.com | tcp |
| GB | 18.165.160.46:443 | c4.rbxcdn.com | tcp |
| GB | 18.172.89.41:443 | c1.rbxcdn.com | tcp |
| N/A | 127.0.0.1:59585 | tcp | |
| N/A | 127.0.0.1:59594 | tcp | |
| N/A | 127.0.0.1:59609 | tcp | |
| N/A | 127.0.0.1:59611 | tcp | |
| N/A | 127.0.0.1:59613 | tcp | |
| US | 8.8.8.8:53 | 41.89.172.18.in-addr.arpa | udp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:59718 | tcp | |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| DE | 128.116.123.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:59725 | tcp | |
| N/A | 127.0.0.1:59727 | tcp | |
| US | 151.101.0.176:443 | m.stripe.network | tcp |
| US | 8.8.8.8:53 | merchant-ui-api.stripe.com | udp |
| US | 8.8.8.8:53 | api.stripe.com | udp |
| US | 54.186.23.98:443 | r.stripe.com | tcp |
| IE | 34.250.29.31:443 | api.stripe.com | tcp |
| US | 198.202.176.201:443 | merchant-ui-api.stripe.com | tcp |
| US | 151.101.0.176:443 | b.stripecdn.com | tcp |
| US | 198.202.176.201:443 | merchant-ui-api.stripe.com | tcp |
| US | 198.202.176.141:443 | checkout-cookies.stripe.com | tcp |
| US | 8.8.8.8:53 | 201.176.202.198.in-addr.arpa | udp |
| US | 104.18.124.91:443 | hcaptcha.com | tcp |
| US | 2.18.190.80:80 | apps.identrust.com | tcp |
| GB | 18.165.158.156:443 | d1wqzb5bdbcre6.cloudfront.net | tcp |
| US | 54.186.23.98:443 | r.stripe.com | tcp |
| US | 54.186.23.98:443 | r.stripe.com | tcp |
| DE | 128.116.123.4:443 | ephemeralcounters.api.roblox.com | tcp |
| US | 151.101.0.176:443 | b.stripecdn.com | tcp |
| DE | 128.116.123.4:443 | ephemeralcounters.api.roblox.com | tcp |
| IE | 20.166.2.191:443 | msedge.api.cdp.microsoft.com | tcp |
| DE | 128.116.123.4:443 | ephemeralcounters.api.roblox.com | tcp |
| DE | 128.116.123.4:443 | ephemeralcounters.api.roblox.com | tcp |
| US | 199.232.210.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| N/A | 127.0.0.1:59865 | tcp | |
| US | 8.8.8.8:53 | realtime-signalr.roblox.com | udp |
| DE | 128.116.123.3:443 | realtime-signalr.roblox.com | tcp |
| N/A | 127.0.0.1:59992 | tcp | |
| N/A | 127.0.0.1:60002 | tcp | |
| US | 20.114.58.89:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 89.58.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| DE | 128.116.123.4:443 | chat.roblox.com | udp |
| DE | 128.116.123.4:443 | chat.roblox.com | tcp |
| DE | 128.116.123.4:443 | chat.roblox.com | tcp |
| DE | 128.116.123.4:443 | chat.roblox.com | tcp |
| N/A | 127.0.0.1:60076 | tcp | |
| N/A | 127.0.0.1:60079 | tcp | |
| DE | 128.116.123.4:443 | chat.roblox.com | tcp |
| DE | 128.116.123.4:443 | chat.roblox.com | tcp |
| DE | 128.116.123.4:443 | chat.roblox.com | tcp |
| DE | 128.116.123.4:443 | chat.roblox.com | tcp |
| DE | 128.116.123.4:443 | chat.roblox.com | tcp |
| N/A | 127.0.0.1:60082 | tcp | |
| N/A | 127.0.0.1:60084 | tcp | |
| N/A | 127.0.0.1:60086 | tcp | |
| N/A | 127.0.0.1:60091 | tcp | |
| N/A | 127.0.0.1:60094 | tcp | |
| N/A | 127.0.0.1:60102 | tcp | |
| GB | 13.224.81.32:443 | t7.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| GB | 23.73.139.67:443 | tr.rbxcdn.com | tcp |
| DE | 128.116.123.4:443 | itemconfiguration.roblox.com | tcp |
| DE | 128.116.123.4:443 | itemconfiguration.roblox.com | udp |
| DE | 128.116.123.4:443 | itemconfiguration.roblox.com | tcp |
| DE | 128.116.123.4:443 | itemconfiguration.roblox.com | tcp |
| DE | 128.116.123.4:443 | itemconfiguration.roblox.com | tcp |
| GB | 23.73.139.67:443 | tr.rbxcdn.com | tcp |
| GB | 23.73.139.67:443 | tr.rbxcdn.com | tcp |
| GB | 23.73.139.67:443 | tr.rbxcdn.com | tcp |
| GB | 23.73.139.67:443 | tr.rbxcdn.com | tcp |
| GB | 23.73.139.67:443 | tr.rbxcdn.com | tcp |
| GB | 13.224.81.128:443 | t4.rbxcdn.com | tcp |
| DE | 128.116.123.4:443 | itemconfiguration.roblox.com | tcp |
| N/A | 127.0.0.1:61151 | tcp | |
| N/A | 127.0.0.1:61154 | tcp | |
| N/A | 127.0.0.1:61541 | tcp | |
| N/A | 127.0.0.1:61771 | tcp | |
| DE | 128.116.5.33:53447 | udp | |
| N/A | 127.0.0.1:61813 | tcp | |
| DE | 128.116.123.4:443 | itemconfiguration.roblox.com | tcp |
| DE | 128.116.123.4:443 | itemconfiguration.roblox.com | tcp |
| DE | 128.116.123.4:443 | itemconfiguration.roblox.com | tcp |
| N/A | 127.0.0.1:61893 | tcp | |
| DE | 128.116.123.4:443 | itemconfiguration.roblox.com | tcp |
| DE | 128.116.123.4:443 | itemconfiguration.roblox.com | tcp |
| DE | 128.116.123.4:443 | itemconfiguration.roblox.com | tcp |
| N/A | 127.0.0.1:61903 | tcp | |
| N/A | 127.0.0.1:61905 | tcp | |
| N/A | 127.0.0.1:62065 | tcp | |
| N/A | 127.0.0.1:62067 | tcp | |
| N/A | 127.0.0.1:62069 | tcp | |
| N/A | 127.0.0.1:62071 | tcp | |
| N/A | 127.0.0.1:62073 | tcp | |
| N/A | 127.0.0.1:62075 | tcp | |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| N/A | 127.0.0.1:62200 | tcp | |
| GB | 13.224.81.90:443 | t3.rbxcdn.com | tcp |
| GB | 13.224.81.109:443 | t2.rbxcdn.com | tcp |
| N/A | 127.0.0.1:62243 | tcp | |
| US | 8.8.8.8:53 | 109.81.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| GB | 23.73.139.67:443 | tr.rbxcdn.com | tcp |
| DE | 128.116.123.4:443 | www.roblox.com | tcp |
| DE | 128.116.123.4:443 | www.roblox.com | tcp |
| GB | 23.73.139.67:443 | tr.rbxcdn.com | tcp |
| GB | 23.73.139.67:443 | tr.rbxcdn.com | tcp |
| GB | 23.73.139.67:443 | tr.rbxcdn.com | tcp |
| GB | 23.73.139.67:443 | tr.rbxcdn.com | tcp |
| GB | 13.224.81.61:443 | t4.rbxcdn.com | tcp |
| N/A | 127.0.0.1:63336 | tcp | |
| N/A | 127.0.0.1:63622 | tcp | |
| N/A | 127.0.0.1:63624 | tcp | |
| N/A | 127.0.0.1:63932 | tcp | |
| GB | 23.73.139.67:443 | tr.rbxcdn.com | tcp |
| GB | 23.73.139.67:443 | tr.rbxcdn.com | tcp |
| DE | 128.116.123.4:443 | www.roblox.com | tcp |
| DE | 128.116.123.4:443 | www.roblox.com | tcp |
| N/A | 127.0.0.1:63974 | tcp | |
| N/A | 127.0.0.1:63976 | tcp | |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.123.4:443 | www.roblox.com | udp |
| GB | 18.172.89.122:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| GB | 23.73.139.26:443 | tr.rbxcdn.com | tcp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| N/A | 127.0.0.1:64146 | tcp | |
| N/A | 127.0.0.1:64149 | tcp | |
| GB | 18.172.89.15:443 | setup.rbxcdn.com | tcp |
| N/A | 127.0.0.1:64165 | tcp | |
| GB | 184.28.176.106:443 | tcp | |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 184.28.176.106:443 | tcp | |
| NL | 23.62.61.112:443 | r.bing.com | tcp |
| NL | 23.62.61.112:443 | r.bing.com | tcp |
| NL | 23.62.61.112:443 | r.bing.com | tcp |
| NL | 23.62.61.112:443 | r.bing.com | tcp |
| NL | 23.62.61.112:443 | r.bing.com | tcp |
| NL | 23.62.61.112:443 | r.bing.com | tcp |
| NL | 23.62.61.112:443 | r.bing.com | tcp |
| NL | 23.62.61.112:443 | r.bing.com | tcp |
| GB | 184.28.176.106:443 | tcp | |
| US | 20.189.173.23:443 | browser.pipe.aria.microsoft.com | tcp |
| DE | 128.116.123.3:443 | client-telemetry.roblox.com | tcp |
| N/A | 127.0.0.1:64296 | tcp |
Files
\??\pipe\crashpad_4760_OQJBKHQKJLXNLYPQ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\4da8e101-ea96-40bf-886b-595b991a622b.tmp
| MD5 | ae27a7889e669fcaa2bdc60d93458419 |
| SHA1 | bf50f1f18cad98df672ada010416079bbd5bd805 |
| SHA256 | 0a9a68ff906387eb15fa1817a1f56affe58d50a63b212c745af69d8523a8a460 |
| SHA512 | 5a0f866ba1dc11bbfb9700af03fdf415bcabf5beb2f706b6ab965e185d50a62618963d557363de3ddc4c8b877c7b98a283c921844e41827122861f7d4a0b1380 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a32fa6a1264157afc23467178f015832 |
| SHA1 | bd3cfcb697b8bc897659b6876b6c251f8ac128f1 |
| SHA256 | 301c3d54ceaacca1588f7886b3c3ba58c90ef4b9d17865ee2bfa1a4b7d7c9f7b |
| SHA512 | 5591e60776e688a0e85dbfb70bd6932bb3ade88c549cf17179356371aae0968e0cbefd94b320b4ec1866a9ed1ebc5a1348a40dbbfa395a240bb677980445a959 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 14e9c138023dc70cf28cb549f5e392f8 |
| SHA1 | 1f8f44c002fb592ce0e0ffd9cdfaf1bc3bf01141 |
| SHA256 | f608caaed3725a1551c01d22a43d123bafee5a4317afee2d940e603b618b2a4b |
| SHA512 | 5893f8d2ece721d60658a56c52e876997a036a11aa6bde71c192c27738f32bf96d239af1f012cf8761ab74f4b1cbe5ea66750d60e373271b739f314f843cdff0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 3fa9ccdb899161f8c83659d4577dce19 |
| SHA1 | ea62ff2b3b0de4d51eb73aa9be7846686b0b084e |
| SHA256 | ad51cf30b36675defef72a3e5e088529b2fbe29a7972e124e6f4e87e6f6db997 |
| SHA512 | 0460f134322b6cdec22f4582ad2c93f1b6162ce0b069a109847be5963ae171fa040cd4cd4552c2f6500edb6ecd1443dc1470f8a541d85f520797d8ff3add366c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d71095fa2a49739cc21cb7701aad0e27 |
| SHA1 | 73c884094b177c4fc0b5c5ebb24cadc861ff9b3b |
| SHA256 | 0cfd26b45db5d27f1e7019fa78f4a1b8141057fd1dde57bd78a4fab69465e383 |
| SHA512 | 65226508e1fb003b44b911f208f1eb593baa468372eb97019b68d12024d0813969d7fc103decf41095e91cdee63e02635a3962d9e8d6787ed23866137fbd272f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7f70b472e3c12052391359f32146936f |
| SHA1 | b969dacd0a1bbb75e52979bb6b3aeab390eb992e |
| SHA256 | 29c4ee2484a31b20d44effa634cbd63072ea50a0f201f8bd6437d5dd969e305d |
| SHA512 | 181cc607945623c3dec0cfc83f20c891915749c2d5d3fb9d22fccda06a5c5546368ee883027f86c180d63ef0c12816ae84591ed5114a23673a7cd691dc8fba10 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | db724623a4bc9161a26bf8fa293da49c |
| SHA1 | 586cb605f7d7c6d32231e4d304cdf0010b934c97 |
| SHA256 | 90769cb9670fb5ad65295228938d119b201960224da904918599c04be0e45332 |
| SHA512 | ec6229685522977bdfd21d179b5dfd30fb4243d8a2b91259f6643b83f47d96a88fa83aff14b8f5387dbad7000c2fb3331a93c868755138c71d2b4794fa113931 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dc25d5157edc3742ae1e9d7207e2fe50 |
| SHA1 | ec76cfbe41f15fb312372a42d3843422dad351bb |
| SHA256 | 02964c6261819bca2f85e9384c58d04ccec4a05578436f3f8e761f80deec07a0 |
| SHA512 | 674290a77f596e7a2f12f7a9c101ec4f93c1f698c336fdccc164a61439009dfc02a859c5ed0df3feae64292953ed178345e3dbcc254b1c6e753e09d948490352 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a0202aadd8b69e0dd60978ed805d0ee3 |
| SHA1 | d28a0f35fea2f8748991587334b7406a7215d5cd |
| SHA256 | f140d6501eb07fb43260f3d4d5c9ba32f85bd5318e1c15fee34917019d2d0f94 |
| SHA512 | 9e10c80205262ae11c384e5ea810579212d56afab680db74be651c77bf89151dee599cc60829bb07c6e322e3116988a1712e5af08fadd357ef825e3ca83f7161 |
C:\Users\Admin\Downloads\Unconfirmed 956060.crdownload
| MD5 | a2f58a117c60b1622eede88d2163ef19 |
| SHA1 | 91ed6cf5b0efb2c0bd3e06ab5775775ccd1bd631 |
| SHA256 | e74d896bc3469b5a28eb5a04ea364a9ab32737d573868fb08a327820ea624c04 |
| SHA512 | 19964984f66876032ef15283c25e31737e1f56c27a3f9d7fe204dccdc0a45c64e3380a5924f4b82301e55a5371bd7c9c61776e8ae6cb15a0e0502d189384c14f |
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8f71a38eead4e675ccb35bdeb64eba9a |
| SHA1 | 084726b74789550b778fdcdf5f0ec0ab625c7f2c |
| SHA256 | 334e22ce69ba4861204ade2afc4dbaec0b038af4f16ffeded33837437a070ac2 |
| SHA512 | 5c30ca0d10fb67d6eccb9daa3503776007a5e4ca94cebbd7150c8d657f4157668df91562634be1bbd067420eb0525e6350984ca7e89f664cb1f9d4c4bb52b231 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 09a586cd984e03708643315e6301201d |
| SHA1 | 287b2ffb24a9824595758b05f3effa3d008a9d13 |
| SHA256 | db9cde0fa06816b997955b27b409eec338cf587dca73ff29491f295ae42a8251 |
| SHA512 | f04c445568d1efac3b28de50cc0c3a2686e70be1e98485b1008e4ef10bb5baa0b9abcd6a6604d71e9be76b4aeb01fdb704e7950098ddee6a1607e478810eaabf |
C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe
| MD5 | e284a7bdf53b953d5514c6abe985ed60 |
| SHA1 | 91655419b0e29b53bebbd102127056f396af6bb0 |
| SHA256 | de29073ba5d2f701473a80f14c9dc35b2a11194918b8f682357b09d57c2aeb2e |
| SHA512 | 2066d8dd92d2c64df6eae441fc25914a6214ff52ad264a38c156f59fd1587d6a7627f19a1b537fd82d95b7c66acaf73169b855df55fce0163bd3b05333377195 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | daacead4f652f96426b7aaba06b3f6c2 |
| SHA1 | b500dbd433248f64d51705f8e124c3a631a63160 |
| SHA256 | 810c71b56cc28a59f261e1b3cc9e6bb9eaf84df57b58da022d578762fd1b968c |
| SHA512 | dd22c07f56dfeb38cac040dbe16251f6b34150640e1904241bee1401cf5795e8deff75334040b4801cae1b1ea39e285beaf132f2777a3684fbf3d4e81e3aa521 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 939b24e6c58e45db31e9530764a9d1c2 |
| SHA1 | 8a9dbd891835579e4ee1d7108cc6d7b71666cf3c |
| SHA256 | 3ae030311bd70d4350206dbbb1d6bb842be6dac932def46203ebcdc39e3247e0 |
| SHA512 | 858879a737384cee8f9b87e719ebbd035b5b2721e066b4fb1233d632e920f2945b8f277b0766b689be114b4bfa474f385ab6ace3d383798007a82ed4dbcff56a |
C:\Users\Admin\AppData\Local\Roblox\logs\cacert.pem
| MD5 | 0194eb945475f93844c0fae769c0fa0b |
| SHA1 | d72876a801c702348ea5b4b4a333c484f2a721fd |
| SHA256 | a6bc06b8255e4afe2eeff34684605d04df9ec246fc201bf5e44137987189a0d3 |
| SHA512 | 72a00fe6b9111cab22f1f424f815a617be2041a3857a6265b004ca1bfd10f345ca33369cd43009b483f9436ccbcd69c70f7033a85d94527b1f39846b75b43c17 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | ca6ed05c9e761d06fd3451d93f365b4e |
| SHA1 | ea7ec50ca982fc9b5d96eadebd77869180f04f2e |
| SHA256 | 7055a8e00d009f7f8265bd3dc81d5b60dac219777ec1240ca2c95a53d251265f |
| SHA512 | f485ad1f4fa8fae7193c2c8714079e7420364d93a0993a8fb202367a5378e7c0c4e43a0328331d404416e7ebc58f1f29ed73381f36dc513795c762d275b5622e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58726c.TMP
| MD5 | 8086189d71ea9bb5d03382f1a74cf138 |
| SHA1 | 7610d519b71af020567c1310c1996e81a8b500e5 |
| SHA256 | 0652168d69730ccaeefaf7e08d605c5a329afc334d4f01bceb9b6feebb7e9e37 |
| SHA512 | c8d30f60207c137c493963a77e9fec3de327a436eee77b144108bd3642c27fd92e2d55194225dc87bfedf2e9f156c3747790a40116a1b24ed3f55ba4aabb9c05 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 40c9c0225d00cb2a0966ee10a9f6a393 |
| SHA1 | 1bc392d214c59d17864a10a1b9e11016e51b4ba4 |
| SHA256 | 3d6de60df3f4161a3b90b4a33626241ef57cb3d11d1ffe1d01d3228d774748a1 |
| SHA512 | dfbf1cbf0c2cb6b54f2509655d337327b7050e5bf0106e9510075b5e4b959097e3210472c378e27cdebae725eb82239ff0bb95397ef67c1918f767012b87e13c |
C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\523f61d67bf4c528e001c52e84c35ef0
| MD5 | 523f61d67bf4c528e001c52e84c35ef0 |
| SHA1 | f26774809dc1ea0bc7376606964ebcc06bfdc398 |
| SHA256 | 834bd41f708d1393a528da769b015538b45b279b4af4969e1df54c0c426add3a |
| SHA512 | d99d834d3632804160428367360f8a4c0ab6e1c9146ab12b07d6f44c30def1482809d5cac41ae84a64e5d8b99a4fcf2090c74e39b2692094168737501301b15f |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\8913724486d5e3c463c493b25346ca31
| MD5 | 973d5074c403795a4846185ee0f26ff8 |
| SHA1 | 99f3a2137364306fcda7003778975b56f8069135 |
| SHA256 | 0bac3dc4e01fcd0bd9ad3c4cefb39aba8d757e2e14079540cd98f2c594ec709b |
| SHA512 | b98b488bb9f99f7c0d01606be27ae0f099102a572bedd2adecbba7219bf819f5665de526b6e367a5fa19cbda0f00bb581a1c9c8f1e66317a2b2fb3270092c7c3 |
C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
| MD5 | 610b1b60dc8729bad759c92f82ee2804 |
| SHA1 | 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552 |
| SHA256 | 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08 |
| SHA512 | 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | bb054db612e96ef064a16e26ab24f17d |
| SHA1 | 2d5ff2fe14c21a5e15fa333e4f34f7c3ee9d9ea2 |
| SHA256 | f678ffcb38c1686115cd00f3bea104434005b6a2196e5bb4e8d4fdb964564f2b |
| SHA512 | 1569a2e12bad9a5a28a7c028d837825d386e08eaeccbe42def253a9745d52dd5e219a80f0516f50b1cb553b1e20cfd561d4ac93456d3bbe869867efa2cbefe0d |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\MicrosoftEdgeUpdate.exe
| MD5 | 4dc57ab56e37cd05e81f0d8aaafc5179 |
| SHA1 | 494a90728d7680f979b0ad87f09b5b58f16d1cd5 |
| SHA256 | 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718 |
| SHA512 | 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdate.dll
| MD5 | 965b3af7886e7bf6584488658c050ca2 |
| SHA1 | 72daabdde7cd500c483d0eeecb1bd19708f8e4a5 |
| SHA256 | d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19 |
| SHA512 | 1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4 |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_en.dll
| MD5 | 4a1e3cf488e998ef4d22ac25ccc520a5 |
| SHA1 | dc568a6e3c9465474ef0d761581c733b3371b1cd |
| SHA256 | 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011 |
| SHA512 | ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245 |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_fa.dll
| MD5 | cbe3454843ce2f36201460e316af1404 |
| SHA1 | 0883394c28cb60be8276cb690496318fcabea424 |
| SHA256 | c66c4024847d353e9985eb9b2f060b2d84f12cc77fb6479df5ffc55dbda97e59 |
| SHA512 | f39e660f3bfab288871d3ec40135c16d31c6eb1a84136e065b54ff306f6f8016a788c713d4d8e46ad62e459f9073d2307a6ed650919b2dd00577bbfd04e5bd73 |
C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
| MD5 | 6dfe941ebe9f56fbdc29fb58167450f0 |
| SHA1 | 79b60d995f7624e01f7daf522fe63a9bc8cb25fd |
| SHA256 | cf6e27c6a837203bc515dd71b3bf1c008657e51775d76699fc977875a6e918e2 |
| SHA512 | 2b1528cde768a9fd7952e327863bf8690ad07220332e9b6d0f5561be1d4f4d24b4f91e8f59974912ef368296ac8e987a528a0d628c9b3fd087223bb05d16e5f8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7c12fca58edd6b83a3f3b9f73223acaf |
| SHA1 | 7b4add3545079579c57cd872fcfcef972c78a69a |
| SHA256 | 92a5adcc764b2a3c61703b482579a92818b647d58143904c4d8fe03a7de17501 |
| SHA512 | 65875f7fed50f4da2cabb47d3e9b5878a4bda30d9a1d44e004e837401fb6ba889aec3bdbafb39fd91781eb5ad0d926cf191b0054e1d8900be478bea03942b447 |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_eu.dll
| MD5 | a7e1f4f482522a647311735699bec186 |
| SHA1 | 3b4b4b6e6a5e0c1981c62b6b33a0ca78f82b7bbd |
| SHA256 | e5615c838a71b533b26d308509954907bcc0eb4032cdbaa3db621eede5e6bfa4 |
| SHA512 | 22131600bbac8d9c2dab358e244ec85315a1aaebfc0fb62aaa1493c418c8832c3a6fbf24a6f8cf4704fdc4bc10a66c88839a719116b4a3d85264b7ad93c54d57 |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_et.dll
| MD5 | b78cba3088ecdc571412955742ea560b |
| SHA1 | bc04cf9014cec5b9f240235b5ff0f29dbdb22926 |
| SHA256 | f0a4cfd96c85f2d98a3c9ecfadd41c0c139fdb20470c8004f4c112dd3d69e085 |
| SHA512 | 04c8ab8e62017df63e411a49fb6218c341672f348cb9950b1f0d2b2a48016036f395b4568da70989f038e8e28efea65ddd284dfd490e93b6731d9e3e0e0813cf |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_es-419.dll
| MD5 | 28fefc59008ef0325682a0611f8dba70 |
| SHA1 | f528803c731c11d8d92c5660cb4125c26bb75265 |
| SHA256 | 55a69ce2d6fc4109d16172ba6d9edb59dbadbc8af6746cc71dc4045aa549022d |
| SHA512 | 2ec71244303beac7d5ce0905001fe5b0fb996ad1d1c35e63eecd4d9b87751f0633a281554b3f0aa02ee44b8ceaad85a671ef6c34589055797912324e48cc23ed |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_es.dll
| MD5 | 9db7f66f9dc417ebba021bc45af5d34b |
| SHA1 | 6815318b05019f521d65f6046cf340ad88e40971 |
| SHA256 | e652159a75cbab76217ecbb4340020f277175838b316b32cf71e18d83da4a819 |
| SHA512 | 943d8fc0d308c5ccd5ab068fc10e799b92465a22841ce700c636e7ae1c12995d99c0a93ab85c1ae27fefce869eabadbeafee0f2f5f010ad3b35fa4f748b54952 |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_en-GB.dll
| MD5 | d749e093f263244d276b6ffcf4ef4b42 |
| SHA1 | 69f024c769632cdbb019943552bac5281d4cbe05 |
| SHA256 | fd90699e7f29b6028a2e8e6f3ae82d26cdc6942bd39c4f07b221d87c5dbbfe1e |
| SHA512 | 48d51b006ce0cd903154fa03d17e76591db739c4bfb64243725d21d4aa17db57a852077be00b9a51815d09664d18f9e6ad61d9bc41b3d013ed24aaec8f477ad9 |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_el.dll
| MD5 | ac275b6e825c3bd87d96b52eac36c0f6 |
| SHA1 | 29e537d81f5d997285b62cd2efea088c3284d18f |
| SHA256 | 223d2db0bc2cc82bda04a0a2cd2b7f6cb589e2fa5c0471a2d5eb04d2ffcfcfa0 |
| SHA512 | bba581412c4297c4daf245550a2656cdc2923f77158b171e0eacf6e933c174eac84580864813cf6d75d73d1a58e0caf46170aee3cee9d84dc468379252b16679 |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_de.dll
| MD5 | aab01f0d7bdc51b190f27ce58701c1da |
| SHA1 | 1a21aabab0875651efd974100a81cda52c462997 |
| SHA256 | 061a7cdaff9867ddb0bd3de2c0760d6919d8d2ca7c7f889ec2d32265d7e7a75c |
| SHA512 | 5edbda45205b61ac48ea6e874411bb1031989001539650de6e424528f72ec8071bd709c037c956450bb0558ee37d026c26fdb966efceb990ed1219f135b09e6e |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_da.dll
| MD5 | d34380d302b16eab40d5b63cfb4ed0fe |
| SHA1 | 1d3047119e353a55dc215666f2b7b69f0ede775b |
| SHA256 | fd98159338d1f3b03814af31440d37d15ab183c1a230e6261fbb90e402f85d5f |
| SHA512 | 45ce58f4343755e392037a9c6fc301ad9392e280a72b9d4b6d328866fe26877b2988c39e05c4e7f1d5b046c0864714b897d35285e222fd668f0d71b7b10e6538 |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_cy.dll
| MD5 | 34d991980016595b803d212dc356d765 |
| SHA1 | e3a35df6488c3463c2a7adf89029e1dd8308f816 |
| SHA256 | 252b6f9bf5a9cb59ad1c072e289cc9695c0040b363d4bfbcc9618a12df77d18e |
| SHA512 | 8a6cbcf812af37e3ead789fbec6cba9c4e1829dbeea6200f0abbdae15efd1eda38c3a2576e819d95ed2df0aafd2370480daa24a3fe6aeb8081a936d5e1f8d8ed |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_cs.dll
| MD5 | 16c84ad1222284f40968a851f541d6bb |
| SHA1 | bc26d50e15ccaed6a5fbe801943117269b3b8e6b |
| SHA256 | e0f0026ddcbeafc6c991da6ba7c52927d050f928dba4a7153552efcea893a35b |
| SHA512 | d3018619469ed25d84713bd6b6515c9a27528810765ed41741ac92caf0a3f72345c465a5bda825041df69e1264aada322b62e10c7ed20b3d1bcde82c7e146b7e |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_ca-Es-VALENCIA.dll
| MD5 | 2929e8d496d95739f207b9f59b13f925 |
| SHA1 | 7c1c574194d9e31ca91e2a21a5c671e5e95c734c |
| SHA256 | 2726c48a468f8f6debc2d9a6a0706b640b2852c885e603e6b2dec638756160df |
| SHA512 | ea459305d3c3fa7a546194f649722b76072f31e75d59da149c57ff05f4af8f38a809066054df809303937bbca917e67441da2f0e1ea37b50007c25ae99429957 |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_ca.dll
| MD5 | 39551d8d284c108a17dc5f74a7084bb5 |
| SHA1 | 6e43fc5cec4b4b0d44f3b45253c5e0b032e8e884 |
| SHA256 | 8dbd55ed532073874f4fe006ef456e31642317145bd18ddc30f681ce9e0c8e07 |
| SHA512 | 6fa5013a9ce62deca9fa90a98849401b6e164bbad8bef00a8a8b228427520dd584e28cba19c71e2c658692390fe29be28f0398cb6c0f9324c56290bb245d06d2 |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_bs.dll
| MD5 | e338dccaa43962697db9f67e0265a3fc |
| SHA1 | 4c6c327efc12d21c4299df7b97bf2c45840e0d83 |
| SHA256 | 99b1b7e25fbc2c64489c0607cef0ae5ff720ab529e11093ed9860d953adeba04 |
| SHA512 | e0c15b166892433ef31ddf6b086680c55e1a515bed89d51edbdf526fcac71fb4e8cb2fadc739ac75ae5c2d9819fc985ca873b0e9e2a2925f82e0a456210898f9 |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_bn-IN.dll
| MD5 | a94cf5e8b1708a43393263a33e739edd |
| SHA1 | 1068868bdc271a52aaae6f749028ed3170b09cce |
| SHA256 | 5b01fe11016610d5606f815281c970c86025732fc597b99c031a018626cd9f3c |
| SHA512 | 920f7fed1b720afdb569aec2961bd827a6fc54b4598c0704f65da781d142b1707e5106a459f0c289e0f476b054d93c0b733806af036b68f46377dde0541af2e7 |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_bn.dll
| MD5 | 7dc58c4e27eaf84ae9984cff2cc16235 |
| SHA1 | 3f53499ddc487658932a8c2bcf562ba32afd3bda |
| SHA256 | e32f77ed3067d7735d10f80e5a0aa0c50c993b59b82dc834f2583c314e28fa98 |
| SHA512 | bdec1300cf83ea06dfd351fe1252b850fecea08f9ef9cb1207fce40ce30742348db953107ade6cdb0612af2e774345faf03a8a6476f2f26735eb89153b4256dc |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_bg.dll
| MD5 | 8375b1b756b2a74a12def575351e6bbd |
| SHA1 | 802ec096425dc1cab723d4cf2fd1a868315d3727 |
| SHA256 | a12df15afac4eb2695626d7a8a2888bdf54c8db671043b0677180f746d8ad105 |
| SHA512 | aec4bb94fde884db79a629abcff27fd8afb7f229d055514f51fa570fb47a85f8dfc9a54a8f69607d2bcaf82fae1ec7ffab0b246795a77a589be11fad51b24d19 |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_az.dll
| MD5 | 7937c407ebe21170daf0975779f1aa49 |
| SHA1 | 4c2a40e76209abd2492dfaaf65ef24de72291346 |
| SHA256 | 5ab96e4e6e065dbce3b643c6be2c668f5570984ead1a8b3578bbd2056fbad4e9 |
| SHA512 | 8670746941660e6573732077f5ed1b630f94a825cf4ac9dbe5018772eaac1c48216334757a2aeaa561034b4d907162a370b8f0bae83b34a09457fafe165fb5d7 |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_as.dll
| MD5 | a8d3210e34bf6f63a35590245c16bc1b |
| SHA1 | f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693 |
| SHA256 | 3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766 |
| SHA512 | 6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_ar.dll
| MD5 | 570efe7aa117a1f98c7a682f8112cb6d |
| SHA1 | 536e7c49e24e9aa068a021a8f258e3e4e69fa64f |
| SHA256 | e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01 |
| SHA512 | 5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8 |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_am.dll
| MD5 | f6c1324070b6c4e2a8f8921652bfbdfa |
| SHA1 | 988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf |
| SHA256 | 986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717 |
| SHA512 | 63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100 |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\msedgeupdateres_af.dll
| MD5 | 567aec2d42d02675eb515bbd852be7db |
| SHA1 | 66079ae8ac619ff34e3ddb5fb0823b1790ba7b37 |
| SHA256 | a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c |
| SHA512 | 3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3 |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\EdgeUpdate.dat
| MD5 | 369bbc37cff290adb8963dc5e518b9b8 |
| SHA1 | de0ef569f7ef55032e4b18d3a03542cc2bbac191 |
| SHA256 | 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3 |
| SHA512 | 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1 |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\NOTICE.TXT
| MD5 | 6dd5bf0743f2366a0bdd37e302783bcd |
| SHA1 | e5ff6e044c40c02b1fc78304804fe1f993fed2e6 |
| SHA256 | 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5 |
| SHA512 | f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\MicrosoftEdgeComRegisterShellARM64.exe
| MD5 | 7a160c6016922713345454265807f08d |
| SHA1 | e36ee184edd449252eb2dfd3016d5b0d2edad3c6 |
| SHA256 | 35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9 |
| SHA512 | c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe
| MD5 | 60dba9b06b56e58f5aea1a4149c743d2 |
| SHA1 | a7e456acf64dd99ca30259cf45b88cf2515a69b3 |
| SHA256 | 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112 |
| SHA512 | e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7 |
C:\Program Files (x86)\Microsoft\Temp\EUABEB.tmp\MicrosoftEdgeUpdateCore.exe
| MD5 | c044dcfa4d518df8fc9d4a161d49cece |
| SHA1 | 91bd4e933b22c010454fd6d3e3b042ab6e8b2149 |
| SHA256 | 9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2 |
| SHA512 | f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8b76dc3d4a6d6ca2907416d651f63177 |
| SHA1 | ec3772880a783fb24a7d0fb19338ce56a71b6843 |
| SHA256 | d860d5c5f9c1076bf26d6db194419d92ae3491f4eabae140cd3aed6022678539 |
| SHA512 | 823d411aed6e01591030b02f9d5c98be1e8f87cd5e3b3d66da9ecb38bedb5c98cf193223ee6899ce526b71c302fb715118226c40f58f49fa234a9eb1d57133b6 |
memory/2960-976-0x00000000734D0000-0x00000000736E0000-memory.dmp
memory/2960-975-0x0000000000FA0000-0x0000000000FD5000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | ab03354526268178cd9dfcd71c1a6367 |
| SHA1 | 02535e71dd5a884bd4fe04cf4fec2855990611a4 |
| SHA256 | a6da500f48e9b2076b18554d7ba322f37e1a74b940618b50db5ead7e37b1e0e2 |
| SHA512 | 556d16e08fd5f46020936dc221db80ecee1e57a0f3cb5947f3891e11066d1534b6f6c89eb30d7c1117df59fe9bd5812a2265ec1dbf8f51eb72833a2086223d21 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4e4716ea1a85f0d73017bfffd751ebe6 |
| SHA1 | b1b5f830e49af770a41f09d99f9fc99ac7a5985f |
| SHA256 | f02f44b58b696528fe5c73822c1e97f462bd2bcfcb84d48587c96dfe005a2b08 |
| SHA512 | cc8778daed28d8ee69d98890a58f85350f122cb1593734b5f60d2350a68bd5da32b87478a4268dc8c18133f880757e1a026fdac14c48c3923bafc00226b04139 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f9e4a07481400533be1a120f6d5ffe9e |
| SHA1 | 4e004e35462c64df7ceca63fb5d1a865595314ff |
| SHA256 | 428d87a700b1fb290909785333775d4cbf2b324a33b00992bd4dd815c4cd63b4 |
| SHA512 | a5577dc68e11239828aa47fc3c8eab9d04c351a22ff6dc68a6881b204f3e83ca649538230e305558e780e835df5cddad9d5f982a5a7208e2227990fba15241ca |
memory/2960-1068-0x00000000734D0000-0x00000000736E0000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 533ac9e9e1181c3ebbd0012819b9d656 |
| SHA1 | 13db967d54833e7ad7900cb0a9b0d806f265c4db |
| SHA256 | a2cc0c18a4636fcbbe9fd8a47f6f3c4033283bcaa493181c3bde17c3ec3371ec |
| SHA512 | f90369a6a738eca24e6cecb06dd3c9a7d4373e2904cd84cb52ea572795166c763ca630b3405a2e0e98ed15ed264eb10865a87a0ab13eb794b7a3fa9c57922649 |
C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat
| MD5 | bb58262aafab5056b6d5695b769a2c95 |
| SHA1 | 94799d0ad2b8a2184602102e6b97fe9ec34c0c15 |
| SHA256 | 1f9c744b6daf8d546a50cab7e895b26ef9cd79b4e4d3abee1bab6b4d46a70daa |
| SHA512 | 35be19be9ba4779bb4dc458ccf5168e09e446b749d17ef05969e38fe688895de3edcc2d2a4e402d2c4134a6930b8af287a6aed207cb082510a9b9dee5cca791b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 111e98f9ec40093680a6a76ab28b40e8 |
| SHA1 | 150fd629c6807adf8f0f8d3224fc076ab0511040 |
| SHA256 | 057f8cd9c20db5acf5cbe267bf2a8e9f54367836bba8a5c252bb78aa8b1093d9 |
| SHA512 | f6b79d88ae2ffbb3452d73c21737561532b5319b5dc29573cbb943436e7030bdfe06dad9abef6d98723513f37e1191b4250733fc28e59d5aa25809ae318c40e1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 9aee1906dba7d99baede61a44b1022f6 |
| SHA1 | 225e353ea0cf5280c9d01c126e714cce94ed912e |
| SHA256 | 98266e58258ffac502afdc9c8fa293b819d7edbbee9faa78371084ce9a2b34fb |
| SHA512 | 21b1f580e24639998b143fa1b404999b4a9b124a56a253dd6484243a7cf296d5bfcf6a73ea79ce531980af9e66e10ae2ee057ce588203e0f5c6c5824dba039e4 |
C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Installer\setup.exe
| MD5 | c31297188ec9fbaa60449f769339963e |
| SHA1 | 8502d9e0cef18137529f0a46ad6e69a1577e6cae |
| SHA256 | 2e2eff110475dd3dfd732ab514e4692032e67b2d228d0081634a87f45cde5ff9 |
| SHA512 | 9525e3e08b953fe36270c7b4868959e9bded055c5577e5ca94d79606b671e6660d180f763b54a276bf356e82d7073901c373e0b40cfca924cc4b38384c20e22a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f6d782a42464ce73f9278f28fbf78c46 |
| SHA1 | 0f7e3edf13a16b4cef972b13fe812ee92ed160c7 |
| SHA256 | edbf6d925aeab6f1b83786f54848b2bbf47f21d30b058dede3bbb6897718321e |
| SHA512 | 3158ffb279b95f986889cefce6878c7af40f2839ace2eb43f9cd0a6e22e7f8f91abc6c896e4e18171d3aae46aeea58a4653ca158b0b5a7be7246d54bd0b86ba9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | de8c543700e723303c24effd2b34b7c8 |
| SHA1 | 1cf1f78c4c666f3c8b0917bc1a7dfb90b2d3d446 |
| SHA256 | 0cf9e998d7526aae4166ae98f5a4463e1ed34fd754f150ee339586a8f51c7ed3 |
| SHA512 | 4eca9f899138d2b2dc33b5cb6732d5b8463b7f0242d1695f78dde8195561048c16986fe1de599e09029b0c2798ab5319d567344a758a871a0cf3b15f0fa2f792 |
memory/2960-1289-0x0000000000FA0000-0x0000000000FD5000-memory.dmp
memory/2356-1304-0x00007FFE77840000-0x00007FFE77849000-memory.dmp
memory/2356-1303-0x00007FFE777B0000-0x00007FFE777E0000-memory.dmp
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2E15E86A-61D1-4A1B-9E7E-468EFFBEBDBF}\EDGEMITMP_53FDF.tmp\SETUP.EX_
| MD5 | 5070a34dbada1aaa375cc572b5fc7d0c |
| SHA1 | e74b7ef714755870976abe3d2b4a7db0b9cc21e5 |
| SHA256 | 03e7a32e1f10fced6a07dfa4e6cfd92510d4bf6929d423798e4fb5ca91fe6c20 |
| SHA512 | fed3fcbb64a59070b0efd677ca2edc982d28e37cdf7283f2777af8aca7d3760a7eefb8d01b3c2bf4b4ec3708a74c3412f0dede91e31dca1b6f8a4e4edc673aa7 |
memory/2356-1302-0x00007FFE777B0000-0x00007FFE777E0000-memory.dmp
memory/2356-1317-0x00007FFE77510000-0x00007FFE7751C000-memory.dmp
memory/2356-1316-0x00007FFE77420000-0x00007FFE77440000-memory.dmp
memory/2356-1315-0x00007FFE77420000-0x00007FFE77440000-memory.dmp
memory/2356-1329-0x00007FFE75380000-0x00007FFE75390000-memory.dmp
memory/2356-1328-0x00007FFE75380000-0x00007FFE75390000-memory.dmp
memory/2356-1338-0x00007FFE76E40000-0x00007FFE76E4D000-memory.dmp
memory/2356-1346-0x00007FFE766D0000-0x00007FFE766D9000-memory.dmp
memory/2356-1345-0x00007FFE766D0000-0x00007FFE766D9000-memory.dmp
memory/2356-1344-0x00007FFE766D0000-0x00007FFE766D9000-memory.dmp
memory/2356-1343-0x00007FFE766D0000-0x00007FFE766D9000-memory.dmp
memory/2356-1342-0x00007FFE766D0000-0x00007FFE766D9000-memory.dmp
memory/2356-1341-0x00007FFE766B0000-0x00007FFE766C0000-memory.dmp
memory/2356-1340-0x00007FFE766B0000-0x00007FFE766C0000-memory.dmp
memory/2356-1339-0x00007FFE766B0000-0x00007FFE766C0000-memory.dmp
memory/2356-1337-0x00007FFE76E40000-0x00007FFE76E4D000-memory.dmp
memory/2356-1336-0x00007FFE76E40000-0x00007FFE76E4D000-memory.dmp
memory/2356-1335-0x00007FFE76E40000-0x00007FFE76E4D000-memory.dmp
memory/2356-1334-0x00007FFE76E40000-0x00007FFE76E4D000-memory.dmp
memory/2356-1333-0x00007FFE76E00000-0x00007FFE76E10000-memory.dmp
memory/2356-1332-0x00007FFE76E00000-0x00007FFE76E10000-memory.dmp
memory/2356-1331-0x00007FFE76D90000-0x00007FFE76DA0000-memory.dmp
memory/2356-1330-0x00007FFE76D90000-0x00007FFE76DA0000-memory.dmp
memory/2356-1327-0x00007FFE75380000-0x00007FFE75390000-memory.dmp
memory/2356-1326-0x00007FFE75360000-0x00007FFE75370000-memory.dmp
memory/2356-1325-0x00007FFE75360000-0x00007FFE75370000-memory.dmp
memory/2356-1324-0x00007FFE75360000-0x00007FFE75370000-memory.dmp
memory/2356-1323-0x00007FFE751B0000-0x00007FFE751C0000-memory.dmp
memory/2356-1322-0x00007FFE751B0000-0x00007FFE751C0000-memory.dmp
memory/2356-1321-0x00007FFE75040000-0x00007FFE75050000-memory.dmp
memory/2356-1320-0x00007FFE75040000-0x00007FFE75050000-memory.dmp
memory/2356-1314-0x00007FFE77420000-0x00007FFE77440000-memory.dmp
memory/2356-1313-0x00007FFE77420000-0x00007FFE77440000-memory.dmp
memory/2356-1312-0x00007FFE77420000-0x00007FFE77440000-memory.dmp
memory/2356-1311-0x00007FFE77400000-0x00007FFE77410000-memory.dmp
memory/2356-1310-0x00007FFE77400000-0x00007FFE77410000-memory.dmp
memory/2356-1309-0x00007FFE77370000-0x00007FFE77380000-memory.dmp
memory/2356-1308-0x00007FFE77370000-0x00007FFE77380000-memory.dmp
memory/2356-1301-0x00007FFE777B0000-0x00007FFE777E0000-memory.dmp
memory/2356-1300-0x00007FFE777B0000-0x00007FFE777E0000-memory.dmp
memory/2356-1299-0x00007FFE777B0000-0x00007FFE777E0000-memory.dmp
memory/2356-1298-0x00007FFE77760000-0x00007FFE77770000-memory.dmp
memory/2356-1297-0x00007FFE77760000-0x00007FFE77770000-memory.dmp
memory/2356-1296-0x00007FFE77640000-0x00007FFE77650000-memory.dmp
memory/2356-1295-0x00007FFE77640000-0x00007FFE77650000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f
| MD5 | 903351785c6d1035f5981effb0986406 |
| SHA1 | 321c14288fe3d79aa26693f46b4c5076e7bb3381 |
| SHA256 | 45ec7eb947af3c2b6679920e7ddb8d94f5c65c212214c8c6a312a6e7f08c53ca |
| SHA512 | 556595babd363b7d6d0b2599ab5e2e3f50b6de0fa753a7733dd6f4f3de7e48c5caf12ecc12adaee651440d5afb3f9b817ef48ddb29281187663e525fbcbba451 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a9b58b7518853c8e80818ef2a138abc8 |
| SHA1 | de51497c1ac88fcbda7e42ab4bfa0b39396d251f |
| SHA256 | 7e647f2cdd1147966c9b3dad67719b016b4e0e5e65096b18197632a4c193c622 |
| SHA512 | 105d3e7191d81a47693cf08378282b07bdb4404a0679eff93f1d8b6bb35b2665849a11820d02f938154dd4890ff2c41523bf17dac2fad34e00d8bd2bfd835bf1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\a167daa8-c9b4-4812-a4b0-11f6c587ed9d.tmp
| MD5 | a4ba73a473566bff40e00e1ef5bf0962 |
| SHA1 | bdaafa495f96b3585670c146f48980c379a34263 |
| SHA256 | ee042079fdef73a9808d75b79fdc1fceea75ba0326bebbcc7de37f4eb1fb2f0a |
| SHA512 | 7d5b32b0cdbfb1ea5c115336625b59635f5395975149d422baa3e451526ac356f62db0efd5c848c84d7487d68e95579f9e3ef1b200bbe94662155bf3b160cde4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bb5b905d9d88cda8a07ca7f2abec7985 |
| SHA1 | 6bbe03ca75cb909df2589d825279325170496fe1 |
| SHA256 | ee0eda291e01474251b44a510be05199206709d5366836cdd4d9365359a3d695 |
| SHA512 | ce4217bc25d307232ec2b14b2d40e5447a7e8f523921de2d423667b354fb768722ffd1abfa37ed393bbbda5c024a789244553d6b121ce1d6f5fee0b0f2a0d281 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d7
| MD5 | 588ee33c26fe83cb97ca65e3c66b2e87 |
| SHA1 | 842429b803132c3e7827af42fe4dc7a66e736b37 |
| SHA256 | bbc4044fe46acd7ab69d8a4e3db46e7e3ca713b05fa8ecb096ebe9e133bba760 |
| SHA512 | 6f7500b12fc7a9f57c00711af2bc8a7c62973f9a8e37012b88a0726d06063add02077420bc280e7163302d5f3a005ac8796aee97042c40954144d84c26adbd04 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a432be0dcfa76dbd0b75246b8ba81aed |
| SHA1 | 108525d6b7076a29c64fdcc7227ddca0c59c0b41 |
| SHA256 | dc57a198c86cdb883172549c35b9d1559eee8d6a0067097a8ea51d13133477a1 |
| SHA512 | 5866a52f99039d8408a4e1d9dfd4b00ecd72146ac95cd8e1ac9db0c2e48e2c769d1c6eda607184cf3b186bb291d88a97c439c9fa91b72652b681f01e3ad27b01 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 59e20c7f11187d9cfbb4b58cbeca0702 |
| SHA1 | af6b153a0314b52e98e4dcaad873c46cf4ab6c08 |
| SHA256 | c3c4011ab5de2402da6b6499252841efd0892a7f07cd144e7476ca6440771e60 |
| SHA512 | 4e310059af2b0c448d5741b19b99f563fa54375ca28d19248b451529de7318fd28470d7e9c006714dfc83b051b11b2aa130a24fe3d248524325c7074b3f7bea8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 62480de18387e8b8baf070255ed461be |
| SHA1 | 2eebcafadc627ac632847c9113eb693c66c7bcb5 |
| SHA256 | 561182282fb2193ae5feb063a2a6b94e1582c13c1b124ccbf9b0fbfd5641574b |
| SHA512 | 855e0a775ac5f549548ef73f9e12a8e512941a58dd7be4f9367735469c92594d84b572606ae46d2d40511eca71a9375ac5533c51a3cd4f5177213299e52d9a8f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5e4496f67f54d897645cedac21480f82 |
| SHA1 | d0e1ed60c69001c3d4e4059cbda37b7c1a8dac8e |
| SHA256 | e594b3b0b5b39b7fed5307410094a5da62be040b60892737f37d1e096f4b5100 |
| SHA512 | c6ec816ae4b730c11a58550fbbe68b70d7e3af77cd37ba40aedb1c8d7be209646b470fefd5ef26f2fde5e5e480ae9cf6760ddb8a04129c3db9eae9907f211645 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State~RFe5ab0d3.TMP
| MD5 | 29fe579ba7401ba6d9a86df46d4aa042 |
| SHA1 | c5bcce89cd008259b543878dc3b22f07233fbd49 |
| SHA256 | e0ccba2284ec085ec1e07a47488d57af48e07c89a3464f215ac78e518d7edb9e |
| SHA512 | 88d0bd357306c8e7ed769ad562a0d53604740479329907fbcf12223c69c38b1f6bce69cff1995b5ab2686aca2e777f662c5d0852e8e3ea73abd35044cb703d42 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad\settings.dat
| MD5 | f229bed7b6bf7f65755fa0b75f98f38e |
| SHA1 | 5c45aa799a36baa41a3cbbe9cc8e6e39afa0946c |
| SHA256 | bd378644ff5ca8d687db03814b834aee2fc1d77964682c59369c148937934a84 |
| SHA512 | 1ac06ef46c0bd1b716d00c87fb9aff0d90f7d0ef7dcb347940ce1f2a97eaa8323f9a79cd24f59c3218aa9c2c29c7c7173cabfb2ab530b3812f4b5d4e37a0fe91 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Extension Rules\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State
| MD5 | fa16d18930b2d9cf2a18e3375fceec20 |
| SHA1 | d081b608b0516155cdc7ef4641eff85b05f75556 |
| SHA256 | c50504955bec4f533d5e6974bc51dbe6077241a154b1e6fbf210adfc7b2fbcc7 |
| SHA512 | 18947d80c298b12bc923f3d0d68fff50f32a7cba9ac7e1e7dcc7358ff2b843dfa719b2e6913b928138a0380e7a919b405028b2a19acdf56f7ad48f2e10331e58 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State
| MD5 | 7d0ed5735b1b9e0b8968f22a407015ea |
| SHA1 | d711d05c0c557c4a51505b6a0012d611d0c25244 |
| SHA256 | 0eb9058ed3d8a272bd0605621559d9aec4a7ddce0c25cbf18948dbb089648e52 |
| SHA512 | 2c85f63758d4ac76e4c05de7923e96afb80d5a3cb2b10eb4491782467e9f5c2a8c28a9933d24d12247568f5a506ed9339d757e15831666d10de4e5d184dc883e |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Sync Data\LevelDB\000001.dbtmp
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GraphiteDawnCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GrShaderCache\data_0
| MD5 | 822cc6475e369e48b82bf3d4e6423f9b |
| SHA1 | f64f6ef4dcf7ac28583421759207e4cd0aff8702 |
| SHA256 | 15fdcb9094aeac96f68fa672a69ad7e48a61edf7dbc0a95663497e78a0c51a62 |
| SHA512 | b16765b04fde071b6a0c70a5cc84721e89bb5b3efa2c6f21f4353bbd50386ca24d111450a7a6b9d0443f0dd09906bed681dfcbaf168c9139cae00d4ece78bde4 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GrShaderCache\data_1
| MD5 | d0d388f3865d0523e451d6ba0be34cc4 |
| SHA1 | 8571c6a52aacc2747c048e3419e5657b74612995 |
| SHA256 | 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b |
| SHA512 | 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GrShaderCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | ab071c1f29747fd161ce087951afb46a |
| SHA1 | 352cc33d146156e2cb43b61e29a2368a429ae806 |
| SHA256 | 5f583a4962c1601dbfc148539ebc8c23c8f13a486c0f99218b92696aa388a29c |
| SHA512 | a85708bf4eb42300fc94212778972d983335f2055182d614a01294948f861445fc26b91683dc91264ad8e7b851c642d897ac2b6d52dd3646fac0b0b05e88741b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 708b407a525c4386862c55e1c96d706e |
| SHA1 | e28b0ac0f8042c72f198bae29294813ba853b01b |
| SHA256 | 0a35b35a0b45bfa140e2167952ed67b23c5ed110255cd29deb5a5989a9de88bf |
| SHA512 | 868338f2b5074bdc26af0c5f3967d23533714e41c54a8ffbb57b33512fb94e1487e9d89da0f943a21b54c94f752b28ce0651576be29b05bf9370b4c487734c72 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e358abdd8a030a88e4d5bbfbab4d9de6 |
| SHA1 | 89f87235260d052952dfc324cac9b89d5d979ecd |
| SHA256 | 3f1b83dda73d39322846640e94aa0ceac1bc6405b41fe939d6d2b8343f33f94c |
| SHA512 | 5d5ba051204e8643796526b5595993b7e74232cfff36c615b85d4b48bf9ad6617fcfe7d566d186b44f476df111a9fe481fcb4f5fdfc4d9c41b2a0199e7a10cf4 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_000003
| MD5 | 77c7ed1cb5ec7515f4c8ce137084dae6 |
| SHA1 | 961394a4abc483eb13f14b3f0fcd7c6b119b6223 |
| SHA256 | 5fa73b28ecce415789f72ab4dc7359e3df477def53efc465ef9675900eef92ad |
| SHA512 | 678e4c946bbbc2fd15d36c0508500e7261e0e0646e5db9c2f69aaafd5be71b78342a0f2e2b94937b8165b097b3b5149fef22628baf4c6436d35d004e0ccde4e6 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_000004
| MD5 | b942415d2a132be1cfcf8b0ded8ece04 |
| SHA1 | 169c03e6b77de770fe42866dedf3658adbb89326 |
| SHA256 | a4d5f1a1e0faeb6ec076fdd5b5fb7da029b62a7365285b6af8032452a1004b31 |
| SHA512 | ef714df7fc94da977f8d1add9f18cec974bf59bc22b17aeb71181f60490ec4e0c45614efb63284f976f3df500cbd32b72a6f7160f76f3554030e9955773e81de |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_000005
| MD5 | 51e425656585790a0dbd28f882bc1354 |
| SHA1 | 7b6cb621a5350cfe3cbc9513a04cf2bf527ff510 |
| SHA256 | 6e49113dddf1c5a7c9c51f2b2c8aef166e6b80e04b2df7dda0fb0808df9b3b43 |
| SHA512 | 3b2941995cee2c807a27e43da24024ea07cec0c65914997638e709e9e0d113f24b396e9d0ba9033268a5a825cbd7c8491fae7536e61e70b5b40f06296fe9578b |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_000006
| MD5 | 230b416cce0fc66fd5d5e519fec536b9 |
| SHA1 | de389f9fb8bf91e9b31e7404cce266b9c56d00a6 |
| SHA256 | b8531b8359ac8cdf0475bf23eabb77981d5ee6eed8cd049e031a56764d90369b |
| SHA512 | 9c6aefd331786125d79c08db84dce3ea18449b669cda5eb6a8e583689e7070851c77e71bc1414a1b677bc7d0c56b875be9bcddad41d95e60b1963f4c86343344 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_000009
| MD5 | e5ea13ff2527bc1a08ddebc522dcead1 |
| SHA1 | 13b8e4d8c1636eb534384e891b48dbd67cc90752 |
| SHA256 | ac338a2550bdc8ef6b7f6e2548b19ab563242e971d512795832c0ecafa1fd2ff |
| SHA512 | 32033ebaa0c8cd51af00c0d223ce5cb3b6547fa005fb4f3c1c5675d78e801e7fe1d4efb7c4696824ce25e457e7d1f607b0906aefb00dea1cb253e9211b9670c8 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_00000d
| MD5 | 03ca33f546bc5756e3ac28342a36db66 |
| SHA1 | d9b0336e536bbfaf915e4f09bfc0718684feddc1 |
| SHA256 | 9b83838060000c85ddd7d43e3dabcd519d18bbe3fb73d3bda4fa9c3731cf54df |
| SHA512 | ff17fdc55d6f39795fde4887d8dfa92000cba72a29758cf723e9f79bc1165598026314fe9772b04dab83944c4aaa743277b61c25280c7def57516d781b57f8eb |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_00000c
| MD5 | bc204a546c48c0774a959fefcda02a26 |
| SHA1 | 5870bec813cd2df43b31da5c3d9205833c3b250f |
| SHA256 | a1623e630cfd13334a505142e86b148477e4e718a913b6c37ce5cbf9f1cd25bf |
| SHA512 | 982289689f0ba4aa035431b7cf520fc8d9420d8ebd9ef056dc1f00daef958c3d76df2fe54aa1bbd72edc457800a5470415959af6a6326554c9d638dcb065c684 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_00000b
| MD5 | 31a679839e0bc5558ae5b7082b25fc69 |
| SHA1 | 5ec6c6e3be22b6f45ee3b3bb430a338cf983d568 |
| SHA256 | 0cee97dc1e3f8975092346d9172129f09a7c60f951621de29d162287e8e94945 |
| SHA512 | b1f74c649b57a16f7fd381b9aada62face02f6ce6bfd36e1febd269bcce3c5ca759644073e6109a1b0927c490fb7ecae21bc14cc7822bdc60f2d502a7aa19596 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_000008
| MD5 | 47f39c90f6f8bfd0bcdcae296daf8236 |
| SHA1 | 9f85fedeeed63d141d785b24e0e27805526d4f77 |
| SHA256 | bc5375ad52c1781f0bb4b0aa01d04f76b3da9781b4b22c6176549dc3ab9ef18f |
| SHA512 | 4c59f76ce39e6fdd4b1f3cdd6668044f266920835665f68d2bd721e95b0a63241476b0b335ede1597048e6b78b3dd10320d85a93dac66cbeba838d7ad0c09af1 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_00000a
| MD5 | 734b2634d6bd90f79c11a5a66d4b0c76 |
| SHA1 | 63297828a39564595668077443578dba231ca1b4 |
| SHA256 | c5fd9976795f9981f0d993158313738de59b80ae32ebb71d7e649eae4d95cd76 |
| SHA512 | f1faf57cce672d4561dfd5e388764db715611f27df6d24c5600672bfa576328ed2497f7f29ff6008b2882a85b8c18eff96a0c05070440a95a7114061f1dfc605 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_00000e
| MD5 | f2468f22e37106265d27a9314261e01e |
| SHA1 | 210b3e5b45ecadd56a72206a1309c8c8ffc12f3b |
| SHA256 | b28773d7b44c01e78e442493c63af55723c31afdf7898196f35979d373105ba8 |
| SHA512 | 1a33612856fc3d3adb942b151b8e6c9ea9cce2061d11dc809351523117510628ff271ab7a762c979c487752893870327b6232c626e9d9d84b3d4a83f6362618f |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_00000f
| MD5 | b3acbb29b1e830610c17f0582e6ae589 |
| SHA1 | fc5797a80e6c6851343d05ab0d3f7113650ef05a |
| SHA256 | 1adb50c0b3684164e427f4055f27bcb153531edfa36b16116b4d8133d4777e11 |
| SHA512 | b24d35c3643723df7eac5c5123f7b43dc74bed0bae844305ba72014990a655f70a193f0a7013d0513349af3172adf057ebe9bb41ad3135194bb542974a0db142 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_000013
| MD5 | 8144e6637f4c38fe7104aee0830e8639 |
| SHA1 | baf44459604befb30853dccba736a3929e9c5689 |
| SHA256 | d6d2c4389707b0a2e0c54a631af49952a1ea4aa268683ac235558ef784a53c56 |
| SHA512 | 3fb1affb4b87e03284b19e866206da00ad0c9b6015a649342967e8aba535db9796b2787dd2dbd00c75ae362ae6b1174cb0ffb994cd86c14c8326d50d381f3c10 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_000016
| MD5 | 35546a327f10cd0a628389300e5fb929 |
| SHA1 | b13f9d279958adcbb5eddb91ecee6e44d57fdd62 |
| SHA256 | bf339c1b4d253fcc92a0943c8337e2a8c2d048eee6e1d5b1ffe3a97fd9b7e458 |
| SHA512 | 202b01da6cbeff283a3381ea700ece914b52cd9d1255e5728ccb8cfdca831d0941f7e525bccb304de9dd1c32391575815a9f329389104abdc85201712c15a06d |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_000012
| MD5 | 21ff44e23aa4ac52d5a4918d42dfa206 |
| SHA1 | 1c27cca46bb81fc0a911d267274954ae51771740 |
| SHA256 | 6559c591bc68390f48c416f509703d015ec88d5bbc2d26c45c29275f09e2531d |
| SHA512 | 5cc990fd3ed4cac83d4a15dcfe59ad36b8467607bf9d865e117428ea0f215d6575ce9061d02888ab0c4d2c3e6956aed9abe367b18c1ec6d6edac40fa83d4d898 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_000011
| MD5 | 6eafc48312528e2515d622428b6b95cc |
| SHA1 | 8c21c748004366757a93c587668ab55cb6a4bdf0 |
| SHA256 | dee6942321440ad24c989d45fd96bf0c0c11e63e04357af2128118eb75eb887b |
| SHA512 | c501160df9b93014d510cd22060704b434fac4c6ba242d3e625e1bb6e838aca31889197e74fd4d082f4333147ec18197b2a31619d55d37c9157ec275621ee64a |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_00001a
| MD5 | 66d562e3299ee732a53db150038c026e |
| SHA1 | f514a9e346cd443d196c1bc401f078a9fa147323 |
| SHA256 | 252d971616775193836fe6c0c057edc13c511ed2bdbdb61fbe3c4567a3a8e530 |
| SHA512 | ee24be2709cb98ccbde710654eb1ba533e432819caa8c6bf1fedfeceec452fa3c5f3b2402efc06e75d59e55b6e7beaa71f88bd049fad8e17449c0fde217a6468 |
C:\Users\Admin\Videos\Captures\desktop.ini
| MD5 | b0d27eaec71f1cd73b015f5ceeb15f9d |
| SHA1 | 62264f8b5c2f5034a1e4143df6e8c787165fbc2f |
| SHA256 | 86d9f822aeb989755fac82929e8db369b3f5f04117ef96fd76e3d5f920a501d2 |
| SHA512 | 7b5c9783a0a14b600b156825639d24cbbc000f5066c48ce9fecc195255603fc55129aaaca336d7ce6ad4e941d5492b756562f2c7a1d151fcfc2dabac76f3946c |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State
| MD5 | 83a61f3886e1878b9678cf854276e4e3 |
| SHA1 | 1651b075098528481981678e3d52f81ba0c35bcf |
| SHA256 | e2d2d19890f42e9074965568f9202ec2e73d6d6aae37cd853d8e039dac5f9143 |
| SHA512 | 66bc86e5b036bc1b0b62d667065b14c4a7d1db21a3058ff4d6f453ef043efc07ebfb617dd0d52416962a00d089bad15fda941439bb39bdd1cebd8544fc449076 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 23efef94933accd1eaf37c8237427ea2 |
| SHA1 | 05b1d8f27d121821e68cb964410174f309e7a476 |
| SHA256 | bf44a45b04a18268e19a72dea42837d53277ecc328cddaa8a65a46eb56612a19 |
| SHA512 | 278834a73e40f4fba042305337c39ec7fcd2d991c7b9ae6f57a86c52b4590ffb3790e55bee46a227fcdf7001573bd7d87a19dcedd69c48add19e88a753ec5467 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences
| MD5 | 41e0d0c831b89d759c46d2ee53fb6fa8 |
| SHA1 | bd4c1d196d7108e07f9b74119942deef132c1ca2 |
| SHA256 | 8ca1fe307f5dced38640996f3d7742fc5f6f8074b2c7ac0b3a9df9cd1ef5fa03 |
| SHA512 | 7c9df365aa23b4ab4f47142fe86487516569e6b4b71ba1e34b5e442f8700a092e7025e6c1d0092e6b9fde0aaebd7088f1c970beba93f35b77d30c180f7e710af |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences~RFe5b08a7.TMP
| MD5 | 28e5edf4a4bef0ce3f3ed98b474c37a4 |
| SHA1 | b66f50b277083e3f91b0caf59f4eb3027f3083e7 |
| SHA256 | 67d6fda686c0ee73bd0bac716e123bc636dc17f762eb7fdd34832b8b3aacdbf8 |
| SHA512 | 0873732c366d14469fb1005afd350a5e9050bff12c72fe0a4e847806a8a61b344e164dbb8e807815cb12b428548ec287fd5a8c9fb4bab529b5dedd8979a395b5 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity
| MD5 | ec3bb479d05227d2337fa5e63a0757ce |
| SHA1 | f42f4160b3289b8ea838d2436c4bddf0793993df |
| SHA256 | 5d154c543e7569f31d5eae595a9e36a7268e8fd852f4f3e5ac5d65c83e17f429 |
| SHA512 | 9829968d908c445f2b2808af96fea0182af5aa6ddd88a45fa31dad1f9e5c8606dbc000ba3e29f90da500ef1a98eb69183b1971b52326ca8e7c10b0b50eb8a1dd |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity~RFe5b0a9b.TMP
| MD5 | b24849d6bc639a3f32cebc7e0303e7a5 |
| SHA1 | 2081dad3e11ef28273d5faee614affcd3f13a347 |
| SHA256 | 38c866d3a79e8b13c9131f0d033329d67b568afa3653f05dba9456d1c3b7262a |
| SHA512 | dc07e6fa8a99dcfbea3a2afcb1dc370b8fb280bf4d966f9b6be5f7d471b45c091ad9cd8ee48f990e61189cfc906447ae369ffa100dd2273a9c25f0a95da8ffb3 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index~RFe5b0c31.TMP
| MD5 | 261b218079627e90aaf8f0baed242dd4 |
| SHA1 | df453be538db7cbe4dd432c6e35407f5f725d1e0 |
| SHA256 | 5fe926f307871fbc9819d3a9dc8afab2d44c5bce7d205fdcc7468313d4df62ad |
| SHA512 | 094cc7b64c60fdf77fe950b3c9b37717c19b3e719098a098e1a448f12eb2eb69d3da1c42f9204c293be49fa4442784164290dc4039e8ab619acbe973d146e46a |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6da2c88fc2c1f6e25d41a5aca485e251 |
| SHA1 | bf5f6aa1589b3b2539519180a4e8a8e4bff161e3 |
| SHA256 | 5437d843fed7e4df8c86199ff1090d2aedc2bc05661b6569033c18f1c2b3b760 |
| SHA512 | e73c9a70c507959614f32a4814ab2292fbee4c21f7bd407a2b81ac6d950bf65caff866ddb1d7de9b70256f316d4466c3a1d98f22346372dd7bf4d7742287eb6d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b16b991e7d9a26d1eb0804ab29e376dc |
| SHA1 | dde625645c64a43f97ed677d772d63c987559ae6 |
| SHA256 | 14ec82dc6aa695eff2b7c5457ad3fa6fe9a7a228c02671b9cc65c3358ab81120 |
| SHA512 | c5b1bc2ee4cb5106a22b43873a70e2f35531ebe12fe88c7b5a9ca3365ebe6ac445f0b274a32be95daa1f9e0dbef20377cb0726a986113bc1a51feaff2e92c0dd |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\745622ba-d4b2-48de-ac30-fe5400f60285.tmp
| MD5 | c4dfd53c895b76690c291628f56fbaf3 |
| SHA1 | 7fdb0b1b20d35c04161872c2358f9d6fd23d1ebb |
| SHA256 | 2e7a4ceb7a21c8f112bea5645bbeedafd4a50feee8ccbbf1576eec2bdb880802 |
| SHA512 | 2b98723369585e402bac6c9c1c6f20ea10ad14d87d22e198c6a3bf5e5b86d69aad73930930e46ab187b947550b0d6e5ffc3f301c9a6f35a831cc56da4b7a97cf |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences
| MD5 | 2e0970663c00c6560091e3e4ecb12711 |
| SHA1 | 778fe692ab868831deb749a6550abdefe405ff62 |
| SHA256 | 8ccf090d874e59d44a4455194886483ec61e75d9eb5c1125110c8144fe91b482 |
| SHA512 | ca7ecaf1e7506bc65fae2a838310e3fc5411f7842acec14abbe290eb72972315c6e30afc99cd4683fa15637906cc7c910b54f59be1b7e5c0a92fc561ac9005d3 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity
| MD5 | 0d6207524fb593277dfcfe2d09116b93 |
| SHA1 | dfe80bad59c5b045e292089b2c5a8a463c6ba933 |
| SHA256 | 053c750111710c46cc9463923460f15592ec88e17b2194cbae5dc7f4a3a62b65 |
| SHA512 | 20e92ac5f12d4d704ecdd4d96bb0ebe3c8b81e752d4b0a97ecdb5c687d8edb806b905d6599c867b8b8cfda9889499a54a1e979a97391a64302db7acf882e487d |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\Network Persistent State
| MD5 | da778a3fd73cb0b755f8bdb443ca634a |
| SHA1 | 92005e918ce983aa008615026d68e8fa55d49091 |
| SHA256 | a60fb7d9d7a5a0a46aad7e423f46b12699fd3fd838e7c1fc01222b252fe629cd |
| SHA512 | c4598943201e410ff9257e0a3021f834a9358a389cb75126aca39b1ae5481092fd70f6949ab2a57c1ce0d2c83d6c113592dbc0ca320df5f9cca838af9771b483 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\Network Persistent State~RFe5b1ecf.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 02e5fbf0a295b3c26f2340243e0e1a85 |
| SHA1 | b993c61aafce42ec0367b1d4faf801f37d529245 |
| SHA256 | a99b2e9e8882dac2c7e02ef96eeb0273716f49c02050876f15a929b92c259353 |
| SHA512 | 4e94805c3623e7d5ceb744465e71a782ad98d94de7f7589a3eabc4bb24afc25b4546924ed6134701b27b954d84359e5e85ba91ad7a308a9008e5aa798da3cdf7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 383ee4d7a7630b350eb63f5c9e1cff89 |
| SHA1 | d6190ed2a054bce9cae80ececf31919dfc26d385 |
| SHA256 | 84bfa7835bf8d8245b286f482bcf9316dc81fc0d181f6fb9f3fa3c83d985c496 |
| SHA512 | 4e2b9a3c1a085791bd92d9fcbfc8012763678bdc5cd271503dda7e63ccbaf448b418c6d9daa12d48e62fc0273c209e9df0813811b1dfb1bf3f8bdc47e3728a34 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 393aeee9eba404ee3e6e843fad8f142c |
| SHA1 | 7401c928cc39468cb8801d255dad35bbd34adcdc |
| SHA256 | 9a969b7088c638a0149a59e369141e2b30e1848d8b1bfc0c71b8fd34090b48cb |
| SHA512 | 690f6ee1ffd25618bc65df664193e63ba6bc06fe7d228704e49fa25a0488488e064b6f9dc77056f3d16cbb8ab056f9702e262a758b11b11ecee10d06b0566c50 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 774e6f95efcb44a6bf7e6ca7ddf98ba8 |
| SHA1 | 919730b7e41991f373a45c066cfd298c22291928 |
| SHA256 | 49526d2653b4d1119838c4474d72b1d1f51eafa1b426c5c0d3e72a1b6df18384 |
| SHA512 | 34a6454bfadc394833b813ac4857a1f3672b05cfe1cbdfcd724d576feb50c63f8e5432627490ac336e3d981c2c6152185e8a7e2d8574c74f66b51f5870182630 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\5d34a1f5416fdc978c6e0c7edc7d67a2
| MD5 | c76ac26f80988d0fcf03874d625b86af |
| SHA1 | b04a5e95018f8eca571daa4077e66626b9ba0de6 |
| SHA256 | 3dca66141315cdee30f7604013deab2fcc1dd74af93f9630fb700b7606f531ab |
| SHA512 | 23ba1357212eb135ad87fcbb81bf73fcf2e189da34f08ca1cccd40d763a856e9ca8ce5514af395caeefca2b0dd3a6fe3b8d43e060c5baf5139fb357fedb90a59 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\ceea000e430b7c9714bd62a61ef5eb0d
| MD5 | e6bf3b994b7bd85aa47c17406d367d2b |
| SHA1 | b18be2803acd9576aaa72bb19116b09680f0cbd0 |
| SHA256 | 92638ea5cef2b20242923fd21757df86c8c434ff12243d480250364b8480f2fa |
| SHA512 | 3e207bfe1b30c981fb533971769a4051c0c87ffbfcabc012606ec939c5b66f2bf59cefeb85c2b903856d6396584b2c96472965c11d90d6a1ac9f59b29cf3d664 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\a1aac6bdbb2642f3f23fbed64d042c3f
| MD5 | 2c65a49f36fbe81aed88d7626a0112e3 |
| SHA1 | 832fc429cd021f288f5ef9531e7dad6c9c6507fc |
| SHA256 | eb8f138e67962a5c7db64722b78454da2e3c3d656ec8d72c9bec566f10a942de |
| SHA512 | 4fe7c7a7e439f6b43bc13af9291994ff913fa65ab1d77f162c97b18ae505b1c46ffb2c9236b7c9010580b095526a58204bf182aa5d476e3d0a006b2ca450d181 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\b0cd0725ce628c802aea646becfd46a5
| MD5 | b7c03229a5a8d6586e4532281bf1bcf6 |
| SHA1 | e2cf4dcb1a5ed9ec90882b05fd92a1cb2d9b7031 |
| SHA256 | 2f68626defe72fe2f0f653e4f329dc40a4da28ec0b6805b7e372df74503490e4 |
| SHA512 | 4b33587bd1e348c0c3c90ab22556c1a1634c9c16a7986d5ca92cf409a6bc9a2d4ef6ff29f1c56fbaeea7ea42b9e6bcac980f3a13869c7321dfa94b3d4c68498b |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\0cbacc9a3c6aa07deb13db83f658936d
| MD5 | e3690a37568ee9fe7f191a17a47e2146 |
| SHA1 | 476c939e0ca065001820946509e36ac2842fb1fa |
| SHA256 | b8da756d34febd98745815e7ee643c49dfdf1adeece7fbdeda22487c06472f28 |
| SHA512 | c7b777cb3616fbe210b58c1e2395ffb378ffb36c2fed3af8c634e7d39667b9b433386d1a284f936a1d4e10e76c7a678e97216fe801cf95a0fc3fb313fc4514a3 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\95d98e1cfee595f720d12856399cbd72
| MD5 | 39be6457e3ff988375205765c4660895 |
| SHA1 | 8e946b84ba320df9c28aaa6e759e24719ec38aba |
| SHA256 | 1194e8aa1e2ff45887bca03f3ddee55de61436c660e162ae343ee64e7d146da1 |
| SHA512 | 80f75601d5887291d0f2884945dd2ca197090431fb30dab6e6ee9ef601076950922a75f23a577dc58824a8ea7f57c48c1a742cdbc13a28215bead6b2b0b47033 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\0f10b6865c21c904e29f52a54a31f37a
| MD5 | 38b25c1089062288a7a9a8876138e465 |
| SHA1 | d7dc1955cdabe9a50ef4f6b345c9012e3efeb56c |
| SHA256 | e39aceee4952e730f1a101894520b046ff21156ebc79c0f8e070e87af20fdd29 |
| SHA512 | 198469bc9aa03de2c29b322cee7714a67b1b421a8fb0b6ade7148f54fb5ea0a37f6afe5e80f052f41815174363ca2b2dc8395534c624f0f87d2f7a0e9d773dd5 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\3acc8af1251b7ed321f9b36da661d9ed
| MD5 | 808cb55c51b6fc55fa6cdb17892dc876 |
| SHA1 | 4487b86a3a42ff05e109800b1827c100390245c0 |
| SHA256 | eed0725bdeac66a2e53e7daaa033f06c360314d751df70176a0af3f23eb08c7d |
| SHA512 | 0d2e6534792e7d417a6fa8403f22397f406352a38bfe1019d87e0308d041b3e69d7defae77e2bf6b87adb3b7d59718efea7d5fad340847c681eeb293beb0f24e |
C:\Users\Admin\AppData\Local\Roblox\5849387988\InstalledPlugins\0\settings.json
| MD5 | a124ac9f9f82ce9bfa4465e75bfad473 |
| SHA1 | 465ee8d621bdb73b9987dbe479b976e1cef6917b |
| SHA256 | 97c10ff6f86f63a5fe2097b8592321a600ee8415cd1822e441c0ff138139261e |
| SHA512 | 2e5205b90c7de76a8ff73163520fc36db7ced0f891209e6f2223ec5419b0a08b0aaf866d9f57ccc7f99a1209d9b94567f840374387282090f54b33f35fe367fa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f07be0c5fa72029cd5827ff595b74444 |
| SHA1 | 973bf2d33cbc534ef95ec2fe91b081a7498c822c |
| SHA256 | 410874ac483687ce2361da9de12ba64d3f8d08748f66cee6a28838f39f258505 |
| SHA512 | e2c891c183ce6dad9c032e94ace47347a347a706c25f75fa248e689f4f4f5d9a5b7e55239d9328b683fee19700a744754d0b293132c2c2f4a60055870e834929 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3c0b5c116d5adb207d3dc7e1c0252f15 |
| SHA1 | 9b26beee55011b5ac50703d0b1d0cd82329af9ad |
| SHA256 | cc52ec9bf4c36ed7143f1ae90dcbf0626335bdebf56fb9b08841620703b68418 |
| SHA512 | af6f64d38c0a917606f1a7e417b3ee929d96e15b3cee3e48d7b0545d12a4804c8d5fdd1fd8d3194a5f331c3c240c738f23ac976f6e152ddfea440729b73a6f4c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a5167c948bec1634375c6e382084d449 |
| SHA1 | 228f1c369fa3fdbcaf9e046ca4bf92fd2007a2fc |
| SHA256 | 22687efc50de7d590d91da44499c9f1f79532dd6d402a2a20b022a3f6b170644 |
| SHA512 | 4b7fd14418ca565f0ceed7a85d9e3417cc3c7a98e3eebaf23a21b28dbb3841fa4a8e16a52d970fe1e48b5048b650cc6fb84561314e11531fc497af692dcc9c2a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f16a594c3d34f66c3ea89229493c2eb9 |
| SHA1 | 9bc51665b86a0fbbd6538722c4e5817140bc2dd2 |
| SHA256 | 9a68d6e04cc8d6696520c6674898d47dce2d9c140a1da50af0dafd7b5b4c72e3 |
| SHA512 | e2a6b85ea5b86197566e978c077e0d866c248b8fd1a06fb9b2ad599145966db9b33acd3ff707af135ba53a4df067688bb1af7ff40033d860f673553e40c8ebbe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | cc086e4c912d6f71b7c222e218e73036 |
| SHA1 | 738dd507b870f41c37540e84f6c7dd9cf3e28614 |
| SHA256 | ce46d9318ff9c0c5c298e12be90a9291531fa4be6f01ac3657a77bbe3ef6daa9 |
| SHA512 | b78ba00f1e34271b399e3478b31c96029ea97630ffb494325b13f839cc5cd30f8d5d4d0a92110985fb64093ff80b8b9daf6548b00ccb446d3ee2ec763543b38e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ae22b633ddca48024733b385219c03c8 |
| SHA1 | f00686d594991486315cc9146ef9a0623dd116ad |
| SHA256 | 9ca3c818691c2e66649f65beed4072506a5ce06e8f3271a838053bc45d508dba |
| SHA512 | e9010241cb01e3c9b08673400510d8f420e3b8f45eacc8cb68dfaf8aab4f88b86f8ecf5897bd908a15d5f5ac4c3ef8de2b8f977536471921e5b98d4f48f85956 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a6611ef7ebe0bcbfcc245efd96245443 |
| SHA1 | 7e2bbf3e957c362e00d8578c7c2ca77a410e9a01 |
| SHA256 | 80c83fbb13bda2ebd28ee7d344931fd39f8455cf224f3581f9fd90773a4a7c46 |
| SHA512 | 9be5f11113e133f703c12053e2c81de358adf6274d128255bfbfbafbce1ff09753bcc606e6750a8a43e2803bbca338af58c8c85fab73a8c7207ea12fe2e40dde |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2f34a520acfdba5b665e1115bf881507 |
| SHA1 | da992763f4c2f810d7b3d65ae4c477aea393ab29 |
| SHA256 | d77de0deee5f87229e307f304388fdae383e8f9279132b10a985330a85423a33 |
| SHA512 | 8f6797e3e70c6a0987e32055a7642e25563a92bb6b6d13754a151c435dbd31b9e9f122995a1e7aeb38efd15c4d289313599ec246c69bde740421f2ed5ec7e500 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f59040594f23f4e3f25551230d9bc52e |
| SHA1 | cdaca27daee548008b6ab05401c8d22332014b5c |
| SHA256 | ba28cd804cc77458ed85bd56bee0ab437fb5597d607b76a6a30d6ea0eea1495c |
| SHA512 | 6d61ea3d3b45c46cd1eaf3894ff912af29c8d7d505eef0571c0aecae7dc951c28fbff2398c29e580a2cb8379b88ffd64a413bfa908147696743061a2f06bab3c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1382aecf876d89d410f566b47afd748a |
| SHA1 | fe84cac893bd39119656ab39614380d191dc066a |
| SHA256 | aa5e5e474bbe255b99b886d6359eec81f31994eaa17ece78857ee126a1d61652 |
| SHA512 | f9117e93c6d67fc9a4ae8d626bc69def300e889e959c0b4c1a81ffb401e87f65830b32c8e3563e1b14f35924d04348058ea2b4e83946418ae93b588caa7d10e0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2dcf50a5da019b39543fdd39c269dd06 |
| SHA1 | 35c4fec535cda89a724ffb4d2a590654c9822ad5 |
| SHA256 | 56e426a953fd023f38b05ffb05caad04f638accfe8db896fa867e8bdf670a43f |
| SHA512 | 0b6a00d14d735bdc28932e9cf0fbb0c3205b9266a2aa98490f8dbeaaabc251a55c2601677f260fc5366e3e43d333d365e70a70876dd35df9ef8e72c1bac74dd8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 715a5773f34389f64dd439c1224496ed |
| SHA1 | 9324871f2601548669e37a59ea2999dc55954082 |
| SHA256 | b4dbede199068f669c281b75eccf1903a959627fe96dfc83c3854ca3c145c1d3 |
| SHA512 | 7e9d67dfa68344a88a0c31aaf528ab4b2d9bd74bb1036344d46a34a144a5dbac2877aefc478d45d3eeaedca568664838985ef2f1c1e25f9f76dc80a8a3faa2a6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 23decbe7c9946f52c3af86f46d2926ed |
| SHA1 | 7828604e73c8a0880b176a767eca3a223554db44 |
| SHA256 | cbe99dcc5c8b4d14322cf41454487b663d63528e00cbc493035df2e712781a97 |
| SHA512 | daea0f69b21c3c1dc21ef4a736110f11b5ad3283ad03ae122fdd5eecab31ca09e2209e8ed68fc4e3e9677602470b4988e769cf0519070410a43f55d2c3cd9cb8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f20e4485bf2c36405ad0e22f8f29b6cd |
| SHA1 | d8afe372cf165ed09d93bef58c6867e7d14b357f |
| SHA256 | 86c54f224ac296cdd3dc038bed0a7a5616eb9c6e284ff14905a5089583bd7b47 |
| SHA512 | 7505037916faa96e39fb8f3cec65cf29e76e8ca015566d2d244b6466db7c83372584a3bca872d944ebbf5838c01b50d3c6e1253f6168ea56d930f0d40bb86d74 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2e83c4cf676b7ee22836f6d5560e16e7 |
| SHA1 | ff6984b125e4d25ff99b93a333d469559805e9e9 |
| SHA256 | ad032d9edce6ec2a5697ecaa4368eed6fd8326f941b37db5178f3c77bfe2874c |
| SHA512 | cb8d450dbc004aafcdf3bc97b8498fede7dddee29fcbd55be927f3d7d3a19e0e9041843ec4f5ca65ba9e31ded9439e05a3ffba0154b3dd8def835b3ab30ce2d5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 56495d95575aad8bf476bff390582ff1 |
| SHA1 | 14d294b22c2536bb28334b63124da42158c5f647 |
| SHA256 | 98a719827693bc731f1665d5c9ca731e0dd0061be49ab0f8470daa961990e794 |
| SHA512 | 4a50859c9f00e6a669f888e283639a44d79263d160534f54a7b884b65cda1db249d12fde1332b0b1b9c6b5555239ef558c5e8d6ffa50a184e2c637ac38d7a19c |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.185.29\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe
| MD5 | b18c705b3c68cc49d9bf3649abc75c24 |
| SHA1 | 6dc8963dea0f3185368790dee2a346301b4fa24c |
| SHA256 | c2ca3135f3cafd79bf90d4cb3118943ca17f40e0d651d1fc32b1b3d22d1412aa |
| SHA512 | 7ac302c1e85c652bd897ce1af812950cd23a53c041af82fdcecb2314bbd1667bf2fc672dea40c21858e64befc9bf60190a4428f0b41c30317bb0e5ec7c00f71b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 13b9b836689a3f6ab5b43bf5270dd3e1 |
| SHA1 | cdf599fb1add2e2b14ac0751098afca364935fb4 |
| SHA256 | 88536f97b4dacc99a319f9e7398abf0a3e83b79367f9b105294ae908422d25c1 |
| SHA512 | cdb8f80acfec695ddbe739bcceb69777a9bb37fc87c0aba9ea0da3c4ef1c97ea9ca7f3860ba1e533ea29decfbc9a0072d80a1b93ff41ddd7e112229418d4032a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 561992e8c177d25c62af3fcffbfabb36 |
| SHA1 | 523464f45c5114719df1c7eab59dc0085dd8c9af |
| SHA256 | 03375a54186e6fc23b31d08f928d3ca84fed4041ca94a8e3e7e1e64ebe0c387b |
| SHA512 | 942e85d4694b3407f016a89a7a56761a0d94d93a8b1cec3b23b652ad5f9b01b5f483dc76c17d0fa66787d1f2c89ba049bee7e5d9c22e5d695323e137914c1e5f |
C:\Users\Admin\AppData\Local\Roblox\5849387988\InstalledPlugins\0\settings.json
| MD5 | 8e3d03d255856806d2e389d0903e82da |
| SHA1 | 3238b91c608151b9e7a615bd6f7a3450ee2000c2 |
| SHA256 | 5dcaab1b4cc946948d34da21bc34014b1de4dcf03d015458d6d4eb8198d2e8a6 |
| SHA512 | 183c93faf2b60fa4fab22a83d262a9b7ff3ceb76f2ba19f8048e55f238a600f79087dbfe9b8b6cf0b550413c56fc430c559feb88afb8ea98e7cee9c709a766e3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d77ea4059d901a5ac59c951803f275f2 |
| SHA1 | a5d74cf657aba938a16663b2261a5eb84b87837c |
| SHA256 | 76565e8beddb9b0d4f99ad3c6d9e0ae9a5fb50d03d794f96ad3dd8950701e8a5 |
| SHA512 | 8aff888c6852fa3567ebcf54c3b878dd50da5632fd9691d562c7d92669d7876126a4a80feccaf343792be5206005b12267f91629392cc83b74bb1f0721147d44 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ab913d7dfe3ddabb48aa9c3309cf524a |
| SHA1 | b4361e67ec164c0801419c2a57e67635e05dd76e |
| SHA256 | 28d0dcc8e8b60826fe886e6d08d5271e663250f936ef095d3099fc12dcd1fc79 |
| SHA512 | 51e1df898015664454b2338a405d198e7e5d482a0e47386e0ba96acef575fefbb8ff98b34badf973c6bbf307e40bb295ee018fcc4f0cb529a44acde0be469a86 |
C:\Users\Admin\AppData\Local\Roblox\5849387988\InstalledPlugins\0\settings.json
| MD5 | 3a4e1d1d71bb379aa1dd0ad2a7dc6d8d |
| SHA1 | 7630fbfec8b20b56a6138e8fbe577fa958ee18c6 |
| SHA256 | ca11cbb948e66ce7897fa52dde5e11d5c7f2e7f6b58de832b9b7bc6f111250f6 |
| SHA512 | ecab304ca8a2dea3a0bdf464c67a233cb2757b5d78d5d974d7dd3c4cdc02f792b0037583a53de9f6bdcc489dfd56793bb0ad5c0d418e967fdfe1a64cf97f1973 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\6c223cc2708592ceefaaad9b7f086212
| MD5 | e821d8cf21054575e38066ac27292a86 |
| SHA1 | ef47524fb1f4ed7e6c4b07508deeaf4894e3ded0 |
| SHA256 | 16e7402cc9f90651ddddb0fbfe90abaf79df4c6e6b752a1be66a7d589c96d68c |
| SHA512 | 150d470266f0f0883c4b197a39148042d1695359a8428a9822e3b892ee440b976f66c215b2101d693e614758813f4d72cd629965016a89444b966d9ff378bed8 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\7f266dcc2e03dc0423211cf87bc43ed7
| MD5 | 6e290823c054cfea6911a028759716ec |
| SHA1 | dd2d128bad8de4bcb8df6b7dc6150da3c98b4d16 |
| SHA256 | 378ce3d78d3e53ae9a29ee877d8b3800176fbb1a56540f95be71604c7266728f |
| SHA512 | 0193d729d03c1d57d0335bd0ec26a51f52573a7919bf51a2914995b1a2c86c249c3b91c85cd44b034b4aa2c0836035eca7567b99400da3d5efb6adb7892cc268 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\3f62b9b52e84cea6a365aa7b834f171a
| MD5 | 4c2e0e5bcdee0470282515a3568a67fe |
| SHA1 | a7d48d8dbca98ace474750d48100328da465b438 |
| SHA256 | 485b116c1a4322902a827659a60f6263d34fb3a5837d5f9b576ca9f9aa8228da |
| SHA512 | ec46221ac2862e01c0686bbfdccaf9ef52a91e04772dd568c5b9e3cffda899cc84c1a82f4dd868eefd29d951b82e766d99860c03ea53df756261da00d8358a5c |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\73a672f52659c8af96d223e416bf344f
| MD5 | e36fda46e52044f12489114db7bb6c0b |
| SHA1 | e240935975d1cbf0355de4c65143f6d352e67a4a |
| SHA256 | c4b534fc13650831e16502998b70a7aa239ed62305df03bf919581385880361e |
| SHA512 | 1120a2b62b02ce24b0fd4df9689eb3b0fbd7e87e19489aa7c114c2f649e31004e444f1ebd71db35eb3ae5560d5015626d3c8983769b49eb02ac648fa7b17b932 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\12884b440050e73aea034ed650922fae
| MD5 | 692cc89c1ca6a39fe4c6bcfa439903e4 |
| SHA1 | 1a8c3548d7b0236fedb802ca3a87c66a04279f01 |
| SHA256 | b5478c4399cd1539df795414ef43d81580567ae25f4c310aa7631736fbbe727a |
| SHA512 | 2553d0bf3ce56c59f996754ad98bb1f2a019fa4126c76a34427d631ed9b3f06bd23c7001399a7f0b869381fb253797824385bce5ff7f806355122e6b70e1726e |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\1b55d26883fe9a9581583eb2664291ef
| MD5 | 584ba0316cd0385a1d6bad9d705db953 |
| SHA1 | f1bf89cc2f5e228152d6bb7e6733c87d97feb319 |
| SHA256 | 8556b70a68f86640086aae58ac266e4a363396c57dc996c3557c4e3af7476ebf |
| SHA512 | 5a4cc553642d6cdba5c0aa9b99b7a8bb0d726a849b39fb25464bb5c2e0ee4e20e518e6a77e0c8b78c4cf9ec3ed4f44d9cb77f98c72539904eac993b208b7ef96 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\eed6be1c7bd672dc6e1b5a2a2bc3caa2
| MD5 | f85b3ee692d3401e55af9f032bdd274e |
| SHA1 | 3ef101d73502aceafd770eb5b1411afa7ee24f19 |
| SHA256 | e61591a73b855562469788d5bfd3f604f93f8b5dcd2f945788c09e591e682dd7 |
| SHA512 | e91ba6d5bd40f2e4ec03aebf54341a35d165b477c8b920d763cadfc34ae59043a73b9b612ff9bc899e063dc5d3fa67f7553d6cd47330b566236eb82652c8edf1 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\efa2380b1711d88c6882b8ba1f60fe27
| MD5 | a806748d5fedced3028c99539b69eb1d |
| SHA1 | 04433737132aebba25d535cad1837dc7476311c7 |
| SHA256 | 4a77cf3c22a1466d7e68a9166b6ba818e1fbed0fe0faf3fdb8e72a74e1292905 |
| SHA512 | afbbd41c5b2cf9155009329d9d870020dad13c0dd413f2bd690ea0799d6449e6e7a01d523006a017ba2cfc77be3a9af0cadfb7f6dcb12be15a69974e4e14e39b |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\5d90ffffdade11fca3ab6d6173b10742
| MD5 | 8eb0fd433af7498b61d3380f812aa9f9 |
| SHA1 | 1c2fd03e11050b47c0b53d568292894bfa805438 |
| SHA256 | a400ccf6fadb706e69adcd72036d390b579925bb0f09bdeed0c278f7db125f66 |
| SHA512 | caf4f4b6269c6cb72f32b2eba515f83dbfd9c4de48d78c1c149a6b425a4c2ab8a8d5d1e02afd0c2ae7f11bedea1fadb60cd4f96a7deeb119640b48bc9d0dd6dd |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\2e08f0b0e949b76ee4526572a0fa02e5
| MD5 | ce9d6ca2ea8e5d55de2299f23ad98d5a |
| SHA1 | ee9e30eeb2491e1e23b32a7e86ba0607460fdb5a |
| SHA256 | 6dcb6d8067ce45b9e552d195c179de1f519bfe25104326b726bbd7e22d502d3c |
| SHA512 | 2db8283c9423017aa9de86e956937699ff1c7f6c766ad83e7a523da770aa7e2005b0da17b71317dd8e419c826acf76d1356d2b8f756acec24748a1b6a0551685 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\22b19b20581c5f62166a73f4ed0991fb
| MD5 | 908169b22541e44d56f5d1909909805e |
| SHA1 | 40f82ea8fdfd3295706176ce7ba412e753f8eeab |
| SHA256 | d52f23e90b859cc5787fcd15679a6c5ac79ea5bc9b03d5f58e6a67f57afe5bfd |
| SHA512 | b4fef403d66bc05f31fc0929d38f44ac15ff6f2d3cb02160073a9d939ba28e985fa77521e558ece1c4ffc73c720c63ff263ae14adb2ec7b19d0cdde82513efcb |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\774ad174c53c04e6b1a29c22a5f6e32e
| MD5 | 99bec00bfc46f3e950ee281f6c95acbb |
| SHA1 | 38ab6e7d03e5a58a32fa8b93cdfcf4fc1a959e48 |
| SHA256 | df51d04572d489f40be555b7273f7ed2e772480f2827e3bda6213fa38c909328 |
| SHA512 | 04d346260c3083e318e1b7025e78693f97ab7da9511927efe02e9dad7c96755df7b3dec8bafd175c53514bef532c24846b8e9c429ab0f7942bb9adcadb2c757d |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\5965db33c00199c8da043230c1beea49
| MD5 | 3ae9eece15951e58cb3c3333675f16bd |
| SHA1 | f68f72eb957241ed71bf15acf71d515361c70398 |
| SHA256 | 262a1a8b853e44e5ea0f8a61549527c9d7ad4a61c43fe03c062297251ca0ef2f |
| SHA512 | c1c4a46bae66037adce49c680b42c91f8a8f3b91fa21da308db6e0070c605f0b6a072922adb7978c11b83912faa5c82fd134d3a38ad7b34842de4c0514dadb3b |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\RBXEB68DC3BD24C4ADDB9552EC448DDB205
| MD5 | 9de52d85b06da1acd48afa0d6d1d19aa |
| SHA1 | 6683b9c8eabeb1f315873fa6bcdfaaafa9353ad6 |
| SHA256 | 8b231ef4bd7d12979f583d8c1b89c66ae7e379d6557a1bb6bfeffcafc15f1a2b |
| SHA512 | f3c1210177102ad92dc8661720f12f4c6aed3a86991b59c823471464feb2eed41cc1512acc864cdace009852380701c20a694fdc0311d5a023c2b9298979c8fd |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\576c7360d7dbf5c209ea184dee932ce8
| MD5 | 8b87e00e15e8b22c07fe61343b921def |
| SHA1 | 5275488ffd82741832f38ed90f0ba311e06a8c67 |
| SHA256 | e9bbf61c79723b15b5210f18154f102fc48902e154ef8feea2527b78e5941103 |
| SHA512 | 0aa79e6ac8b69bbfa10dd41ea6200ef2ba9c7354969a74deacbc36e5cdd79093d6f592aecf35280beef8fb51a520ad0f80a44d76e63135c1e2f5fb19bdd4ba23 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\RBX68832156929C45F29F4218AACB6F70C8
| MD5 | 934a11b8eaef18e6790e660f167b251b |
| SHA1 | 1195e4573af3ac1c966de8210b162d76f57df7e4 |
| SHA256 | 8a8ffcca05368fdf6f8941aa5ebf50c565c4946e660dac731827703d5d36665a |
| SHA512 | 7b9ec190b7cbdaa40921a775beb6cc245f9e92b12785d0c1a9fc6285a996a809a2c80546a099fbdf5e2628404e4cedc2ab652f3e02c27012fd2fb3ea6d1ddaa1 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\e508bcc64367cf9b98fe28c4255655a9
| MD5 | 82b21f9bd843529c51bc0e290ca119e5 |
| SHA1 | 697c8e0ec246effbf2d047870b81f701756b591f |
| SHA256 | a7f86e25dfed056d6c9833e367cb58dec30c5707046b9941edb54726c78620d6 |
| SHA512 | 8e1ecbea17605f90660dff9c3918bf0ca7a4f661611ca0796bb875098f15d1c1e3dc595a0337162c26ff78949aa66c27f883a71c5c8077f9c29faca1c92c4889 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\4bdacebda49ebc2c2d118b7ade154ab8
| MD5 | 46fe622ae1ed5e04c8e870d2955b0b5b |
| SHA1 | b53f9d01b0b5eed94f7e1efa209fc6fbc95e9006 |
| SHA256 | 3f64186c98498258f668809710386563ba357ebe3f72afe8da26681539ba6254 |
| SHA512 | bc03f8d6cbd1b1dc2a5d0c444d840dfafe51af93fc09b8393f921d5c1e26b58145280d4d51086c3ab9c4938191221c08f3636ad9f317ba718a45fe265b17f723 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\b36482b1edea43f2633ea464f06858ab
| MD5 | d6f5e76b38b611737bea4df7021a180a |
| SHA1 | 180495d2c8f89bc65cea42c5cbf343e0f3e0db47 |
| SHA256 | cb53664e949e16db8ddb57ebb8146b13b785a6f57b9feaf12109670963efea8b |
| SHA512 | bda67757d47ae3e15b5278a8fdca0a73c1aaee595a27e664a936085ff742dca717b3a1981340589d0a270ea93cf3ccf05f61872fe006c33bd52dad8d61301789 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\e60894907471600db01872a1741a0bdd
| MD5 | 5bc34a1c60d2a4bbe7441e8307189156 |
| SHA1 | 136eea02e3c374521146b9f530ad9c1151e20a37 |
| SHA256 | 563d0ba1f9dde1fa635ee6f29925712b5a162396d7681d8b4dae1fffabcf5626 |
| SHA512 | 5c542b3aa5f8036901247fee55c187958546966a9dc6b34c291af2d63fe0c3c8f92f3d87466e02e3b124f4972b1558a743e927520dc9c3fc5256ee8d066aafe6 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\0da1eff9a99725e6873478bb53e6ad07
| MD5 | 20a9b87070a921eb6ca606f4b49e4ee5 |
| SHA1 | 500f261fd7bbcdaf2b4b2a3a6fa6f0cc69836e49 |
| SHA256 | 0cafb5b24a63bf21914494b4800b2ab0aaadadf01fd5413b85ba98b573b8cd61 |
| SHA512 | 65279869345c2add4d752e8db9b2b5d57f2f21f7441559a76a8c1dad56c8759a37bcc0741bb96164e874fa8062e89e2c200816625328126e019b377e79a973f3 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\0e72d04ad553b3d0c14270c19eab2986
| MD5 | 71998edfcaf6236c9cbb0100558e9e10 |
| SHA1 | 6efcd23ccc8e4db8814e5a2e6df0db27e198ba81 |
| SHA256 | eba46b16e0d6b6402fb3c4ae1ddb02615263f553b1102c0ff9c7d1b939f30754 |
| SHA512 | c81c7c5c19fcd4999b9b0a7abdf044621ebd75fc6ab4058472a7e61af90f2fa021e64040e179e98ab7d31bec33ffe042d93025ea01dccfccd014fa0f72588bde |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\912f5fc3f8ee84a59c48c411e53edbb1
| MD5 | c77201c032a8d835884aaef460a86426 |
| SHA1 | 65082a70376eceba181d6a51f0398813e9e3c8dd |
| SHA256 | 6d97a18d7dd1a3971760a44b5c85aef291e6338c1e926ebabca6f5fe31c675d9 |
| SHA512 | c66c74ed3df2b1f39f047cb8ae6ef52275b0a3ba2e631ee78ab5af54122fd8a2fcd9dbb9a4d8a70585f50edfd16ab95e4200ec2e3599c28adb8289a8e61afa21 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\84757e79ec2d4ea81334496509b1a323
| MD5 | 1c289c14c895dfdf05610074041c670e |
| SHA1 | 75ec8d8c4bf89b0d0ba0c1a3487c11988019e975 |
| SHA256 | 7041f621e57bb76b41d4b329081403cc6bd5a161f8a45ef494f90942762ebbe6 |
| SHA512 | 04c7d00b7225f604b32a9428860bde90a0a432044878c1060b638761ab8aba20dd41b8ff98e38f98687b587818a13a7f95f32da5ca839956ae56da54dfe3b079 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\bbd32ecc5c32b11bcd2509d541b5579d
| MD5 | fcf7972a3c5bd7a9a8239778acbeef31 |
| SHA1 | ee81b0e3c6d7d6599776bc1d18c207d5264299c2 |
| SHA256 | 6854ba55b5f4061656e4660ceb37ef25a108dff6f96167c5b2a67e291ee9f56c |
| SHA512 | 48eea8ec572bd641c02e860baa0a11c47f65f1f450ca6be43f3502dc8294d9ac6d495ba3268990a867a271a6e2753aa2d2b80bd84bdf77d99cd1c6446a4e0209 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\0aaf6f7317997d554f4a87946e18f4bd
| MD5 | b7fcabc842e34093c2d79eddb9b0a14b |
| SHA1 | a6ac7bc76d847debd8851693a34c9d4652770ec9 |
| SHA256 | ea654e6a85aae695ed6a83519d28e14c497685a7d9a1e3113de375dfad9c0105 |
| SHA512 | 30bd3f1a0f400ec09fb702f60da46d66415fcfbeb38f0c4ccba33ad9ec0f31c536dfa514ab06a7f4fe96b7685195a69f9d30caca2244dda3ec8866193f2ce26c |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\RBX3D6EFC66522C4295A7102E9845C3D518
| MD5 | b04c0dc18c7d55cd67b193981117e8e5 |
| SHA1 | de1b8da5292626c82c5369243ab17e1fe87819e8 |
| SHA256 | 0e9e0d48cb004bf17d389dc2d43451e7c45546210703bf2c36048568477f538a |
| SHA512 | e6a2aea601a6cc021d9537fd56eaf034dbc5932f9dfeca57fa69921733af8d1c22fa4997a596f2895ca60a9a064ace6a135a8c5893381595521da9cdcfcfbef4 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\373eb9f859dfb4f553b19748d262bbb1
| MD5 | e6ac2d485aad3b98341b7d126a034c04 |
| SHA1 | 4193eed9387a9645f6cb6323b48f31d4ae7096c7 |
| SHA256 | 05defb267e9ef077e09014672106fb227f7166552fbabb131ca26195fbd32b90 |
| SHA512 | 18ec7a42adabfd627061a45546b2499f9cd51650ee7d3d64b1c5eac1920771f093da37656ae8a07cbff974ef8f1328eb74392d87d6aca52da0d8dffbef4fc700 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\b2f20103cac5461a1d3547c6e14d7587
| MD5 | 1b9490b907af8da1fcdcca50c8f65b90 |
| SHA1 | cc193d424cf6411e6354fa24ab94a1edfd252cf4 |
| SHA256 | 7332f2665454eadc72aa894f2dbbe8369ed53b1462c8951d2c0f3e1f09616397 |
| SHA512 | bbc0bd3e165b69997bce74bf28349edd89dc8e7509457c8a40df3de21745f3e63d0026101b4a31bcdebe0411a620168b49ec0f0431b7ed2315f92e346cf458b9 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\e81489ca248da128fe61473200c5d020
| MD5 | 520ab766bca67603b739d14545224a36 |
| SHA1 | f4034ed446290fc46ec6c34c2477b55d6a07476e |
| SHA256 | c7a8d3923046b6f77cedd9fe94b6dddb725568999a48265e7457c67ede70df5a |
| SHA512 | a13593c5e7f348838561d4afbd8cbb15fb413af7db59f462b0fb87727dca3393b8d1a470b18cfbae8161755f5558b84a23f7d814578882fb1c0fb51a11d0f2b1 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\26885e3cc7e7a909de717edf09e66772
| MD5 | 6e61c2bed7f3633565c4151242a39fd2 |
| SHA1 | bb9e6db391f04af939de515d031ddc6bb42f12f8 |
| SHA256 | fc5422d491323b111b2e072b8c0db84fa28c506d5e9d099033c711bf75e459b8 |
| SHA512 | 8126ca14bc31741ab57b6705da3ee06d704d146fb965e275b861a9c52b1749715b30e4c40d347a5e15e3c7a0d48ff8a2acdcc37c0033d82b0146e58555a48a73 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\ac9a0420d23fcc9947b8dd0c27f230f5
| MD5 | cf03104fcdd3395ce14edafd82e4282e |
| SHA1 | 0e52d8c790a39d199cd8b9e8cfb015298638d20b |
| SHA256 | 74924cc318663813841ac0f630625fb073dda502aabb828b271a1a1790b3efce |
| SHA512 | 73d937b526d56daea286f4673628fc60451879ae3b8104e558ecb7bd2b5d3a481555a40f50b57f9205fd0065eae0e1bfdbb8aa634248c02c7007890f863b4124 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\ea0e84a76cae851893a7db152d45000e
| MD5 | 6efa611052863602893216dc758a3d31 |
| SHA1 | cce490fbf96b26eaa505c5573c399af4d2a56181 |
| SHA256 | 49441ae297330797e40fc4a16ba63bfcc1b0a53349e0916a8309d451ed3f4f20 |
| SHA512 | c5f05c917a2c2e591bb9dcdece7b451422c4d0059cfad131a762ba9552b34c6c8c49e12452c975daee75214a804834c57aefe58cd01cafc7a9114688d7be86c4 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\175e604b5aca76fb5b330a52c04392a7
| MD5 | 8b45468eca4d67b78868d05365561305 |
| SHA1 | 1efaf5a14a11d3cd0c7fd4fbda0fdb2ceff34e54 |
| SHA256 | a1bb5229b6eeadd80f8c2ffcb3e85f2dce8dd812e9f3b5d8fcbb54435643a7c1 |
| SHA512 | cc0028840d81b992dc3233de01158caf24c74da98bad74c843b2719f5f98321f17ebcef662a1f33ffe8cd4dbd33f31a70c4d4163fbae1378767922348f6e7980 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\ca6571aa4c67841495ef5480a6a28c0f
| MD5 | aadbc876fdbaed5d67e8d1cc8d1169f5 |
| SHA1 | cd93854abde26abcd37c665dd791fce1110e32c5 |
| SHA256 | b487bbbc161db2d78018cc2a85ab8805370c422fc53ba6e49319c060d5bc755c |
| SHA512 | 94fcd64fdfe35c4d8861dcff8c886f1311eac3378326af2b33e172187dd3200aafa663a353870bac034792d69fbdbcfd3256db20250824849748b173a9446de3 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\2e9e407dd3dcdd10d7bc25d07df3aaf5
| MD5 | 27d266bee85ef7daec1d6a6498ff5ffe |
| SHA1 | 973af70f82c92511944298b7f52be2c3fdb35f2e |
| SHA256 | 8cc3f6715046e92bbb8f119bd56519cc7601164bf07a03338b29e9f766fbd2b9 |
| SHA512 | 7aae29fbf203ba465b241763d5fc3663a0634e4fbd1ee94cdae2b128a6f1f02122a51ee121b031d1d5f209b310a6537840ee72383771f4f634f6f1e91db246f2 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\505d75fb6d7bdd29cb6df5f6fcdf676a
| MD5 | 42e1a5d055d9128f25d3833f4f481af1 |
| SHA1 | 1f6fd9e9c51d4ef7b886402a54f29bed9d298733 |
| SHA256 | 385df7d5a9167a817b2861e83259c295b048711cb1c67460278273f8e1eb6569 |
| SHA512 | a296e2a9cac0246e4d210b4906154161d0e3a7cab570800bd06582112d749d5a224fe03bc49801ceec953f3f18ebb35c2495be38d5a65ece7e81b4d3c3843dff |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\e1e171eb9900986c2cc70f36f61624d1
| MD5 | 8dbf22aeaa0b91ad469a3cce690fbe50 |
| SHA1 | 502b8e489d1efed1531fc35d63daa17a17b3e7cf |
| SHA256 | 620f603279f1faa7aa897a81c5813536c8ec3b5f2a0e30f83a12a5bd2b6569d8 |
| SHA512 | 394d3dec15b3321b0f1cc5272aa45aedde062e497b2f5104bf2fb52f5523935bf25911d2a5cf490c8057f9c2368c2d5ae843f360dfa6622aac0b7b26542b082e |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\e3a604ed4f41d667e200db1f74fdf634
| MD5 | 235d9aa5f3a32c13ee3da9028266399a |
| SHA1 | 2ff6fbec4acdc47c7829237ca5bb2f0f0f70a927 |
| SHA256 | c81fe2b87d4abaae6c65e53b33ee11e360214e29a3272f40670c637ba2ea2fbd |
| SHA512 | 29a1f09adc9c5807f561b1c056fceacfb4d7f140a4bb7464c93ec16ebd71eb7e43db64a17b319f5a31bcc4e8f6a83fbf69d683377d02d56616140048678e6eb9 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\dbc2db25561420f4bafa8206e030d6d7
| MD5 | 7d1d48c415f200197c4a2b23ac4f0230 |
| SHA1 | 7ca65155ac5e16cf0461f76352a57a6591b07269 |
| SHA256 | bbd38e0698ae5df028831900812bab9e6fc2e27f5f567a84d9ae5893961eff6f |
| SHA512 | 604c0aee1c7f24de198970a82c1f7424efa83893ce55bfbe3f48e69539d67d34863fad980a47414d8c69360a214366742c0680686871829ae8a66512caac4adf |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\ea7443769825918ea39ca52c9e64c307
| MD5 | 85236de2a6128abc32b624e4f98c9255 |
| SHA1 | 74163f6bc3f27d09b6740e7de575c9c0be7cf661 |
| SHA256 | 862f9770187f55f6616194fbbaa9794cc551e3231bf12f11c85c92614dd36c36 |
| SHA512 | e3e3ea31134896829f16853c546bde201a76bb64ac8a0697db7f32c8e37fdaa67b8c8ee6c1fa919800f21e837d42756739f373cfb09e1b1efad56e4f9e942c8b |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\1c168b86beec4f66ade37b65a398d88d
| MD5 | 2c48ac5ced0e528f614dfc192d5b2e58 |
| SHA1 | c398635db55da2ef4a78ec8426703dba911ad47c |
| SHA256 | b19b28190b630d79b964b40264507797faeee1f4447ae55dc480cfd78404ae4b |
| SHA512 | 08bb7f53db97e46cc82534e466890f3928da1c781a45aa3b25a61cfb743a619c755d537171f58035b3721d71ab6b68b9d2cb4711b627c7794e58bab0b4a331bf |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\d9345821115980d266f63d57b0d4e14e
| MD5 | e1f1f6a6e94b7fe8ecf85f08fc2ee2f9 |
| SHA1 | 19390d254f426d7a6252d87dd328e671fab553d0 |
| SHA256 | a372be825aa4448fd03e28f9bd6bcb23f29aab6c98e9976d179c5a4568e66907 |
| SHA512 | d609d1e979f4211462bd932cc199c7c8d6e1a78c44df95b053344bf1fe3f54256782e33a59cea00118466926fede017b7df24460add0609ed291347bbd0d998d |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\8f82ee24e69866dd3748305b9db72c06
| MD5 | 5d98e2e6c684700e5072e39285c6d339 |
| SHA1 | 4e6ac20c340ec562d48571d916381b932a73a7ae |
| SHA256 | 54b59bd6491d18e725b30d471397b7ff53caecb7fba5a5015e47b98e26806f56 |
| SHA512 | dc8e1fc18485a58312d953004b3736ca086fe3cd2b2038573789cfd52c7ce312c7838945f2b77617434e507121c8093af7b7a738ccf97f27548673f287aca1e4 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\67bda4e27ae4e1833078882dea43b468
| MD5 | 2a7fe696e5ddf9d0300cde33ce71ba01 |
| SHA1 | d8039e7693f8a20bc8ce432b00475f1d2c1414ff |
| SHA256 | 4bc348b655f8e70815f530f4431adae6e3df3c3816b55dce328e427489b113d1 |
| SHA512 | 7091b56a7e68f3d9234d5c8bd4c74a86b15d14ae8b55a5ccbaec2cbd1d45b7ffefbf67ab3b23d9308ff00f94580d90bff89fc102afd21f1c65d01d2bc3115887 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\7fbd99f4476023b4df0e60126b4e9df1
| MD5 | b9853f8a8c0cdb5ad9c6ce6a1780da33 |
| SHA1 | 815a6935dcd5f1b4e56e3ef04e3f3a65b4639abd |
| SHA256 | 4ad77b08cc88b21d0c98ecbffd2380fa8b8697eb02aa6784bdf98ffa151db68f |
| SHA512 | be9cef1a18afc6453f10730a8e6da70243cf8ec781ab8c91ff218c003cae955c9beb6a5b574b72e3e2e10e39aa93fc66a7d87e5914332b3b416558747801cf15 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\669e0fd9b870ab37f6a09a851bf08cac
| MD5 | 00b8fcb142613a6bdccf10798865a1a4 |
| SHA1 | d090f6b86f41ccc21af6c7cb4ffb67754f929f06 |
| SHA256 | 47d7c33ffc9d7af5b929bc11bea9a237e387999211af09f7bdcf50c2c3a46d7d |
| SHA512 | d96ac3dac2dcc26ea1bae920eb042d45603c0795a07514e5122b2baa105c221f6c6eb03b54100e6cbf641689ab16efbe1d674111d41f0be14dbc18d2f16c1ebb |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\62df5184ae1f060c81401754ada047ae
| MD5 | 80696c7595540638b24e76d1557af8ba |
| SHA1 | 8d58e475d0a3c629e5e4781eac657faf6d9ca22b |
| SHA256 | 7bbb75c1d5624f35dbfc6f31ef170d3aeb92d1058ddc0784ad3f3b560412378e |
| SHA512 | 951013b48cdf1d5d071f161e100359022c300c41d9d32c5f96bea7613d94cc45fa609f7a9187214333611fefd0376bcb401d77ed9cde07ba4a5cb0211ef16d95 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\c4c85bbd2f495af1daa7a659ee154ab1
| MD5 | 836d1e8578c347f3da2dd85d5b1b172e |
| SHA1 | 646350f076ee7e12e7c9c87df37a9f981311ac47 |
| SHA256 | 2fd2ec9b6115dedaa5ccf912d614257bb19110bfbfa802b69f8b4fa899b59618 |
| SHA512 | c0d48c087ac24a3ae2822243cb38ea7e256b04223473febcbd8398540f2ac4c2dc10174451c449447bdf93683437b94d01a8384b90b6349af363142215920db5 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\5115104c7cffafdf5607ea77a3b35088
| MD5 | b65c1a6a506a176d3979b9f8f603b899 |
| SHA1 | c50bc108ca32c27c17d2bf9b3cd880cb84bada8a |
| SHA256 | d0fdeb0d693131e34fb0702794fedee4c703d8e3efaaf26a050cf8a142982c86 |
| SHA512 | 2126dca4251473b8f642b648d5eaa5d4bd59d87924c665513239772db2cf1c0002bbd75da6266506906bb29e63e7cebb7229fc632751e0a42c82c140fe138d48 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ff9647fbcdeb14b45ac72e443e3fa01c |
| SHA1 | 359dbdf390c81c89e675622d70a6abecf1756611 |
| SHA256 | 3be4626d4f94a8aa16fb8d6549a51e3b4ac0000fad53d6e9cffc64ac95377a0c |
| SHA512 | 3a630e93bd5a44570ebe2efedbb4be8c480b842c775c2a129c83820c9a0a5ddf7f6790cfaff2fd2c90c5ef2bdf1be20a1d912d15c1d0943f5d0a0ed3aacef5e5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9d5aaf172874fd24ccd6207c2527bb26 |
| SHA1 | 7012754db0a500ab899cd1b287d2268488f3081f |
| SHA256 | 4ccd1237631f2dc97732eb5d761fb5ca88c1c4607e76b741926cbe5c731824da |
| SHA512 | 306975be67f3cc51723a90ecfc882ae4fdc594f2edca05e106665bd9f4f2142e30138d20ccd856926ff6a9847175cb9fa261810bf57cdf48be93abcce3b428cd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 742c2a9dc558dcc68fd95c4037f36ce1 |
| SHA1 | c0cd53238bd906870cbcd20b684f7826a1779e37 |
| SHA256 | 37765761715e1804f6642242761a26d1063e71fe9526da3bca701d6d5a4b40ed |
| SHA512 | 51ad490b3f903d4d3e1b8655b611518875b504c53db75e7cc97cc1c2f215dc91bc34db8e552bc0edbfef74db380e32e30192f204bb41e81f8b63602edb745197 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8671eaee3c060132e4861aea9b7d39cc |
| SHA1 | d487a63eb9cdebd21ff4d898acd07bd22204e2f5 |
| SHA256 | e7eb10dcf520dafa789cf95daad21d659dcfce91b312949544f17c90f5a26c4f |
| SHA512 | 5dc825abd12cc4bdf485082347420502e7866ad08d57c1c565b0cf00db6717646802645d1bcba4f008e4ac2e60dd0f4f477694954407c15c318c706e5103bb38 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4866c99c40a5be4f531aef0fdc6cbf7c |
| SHA1 | 6cb35bbbff3be482217c95d8b122b262d01b02dd |
| SHA256 | 6cc3422a13c7aeffb3ff54e0d72ff18104208481b421d5ac789c52e7fef3020d |
| SHA512 | 368f7e2fe4f3f920f507e95b656bc9be6e52efec771442e1d9ea2cb91974176790236530552d7eab78b6cceedf07ca4b20acae32dde06c21030d6fb9e3741a9c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7340ed1e84145e742ad667012e274673 |
| SHA1 | 56d3f88e65079fb8c1037a77a9a629207c002a83 |
| SHA256 | 2ce425998c5ff00c7807a7e01199935b82327cb8150b9c054c636df92fbb200a |
| SHA512 | 4857cf6f41f1f9cb25c0313609faebdf6338f8b940201c2b21ac7d89f39f895ffabf6f6b3d87f9b89c9131119fd6ee56630f790dc8902daf685b2fe258c9af5b |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\397d69adf7e99bb671075432af507ad1
| MD5 | 94307e9d5b83aa7cc6b39b7844ce610f |
| SHA1 | 6c03fcd9f25f12797b5d827a2f13f0094156ba6c |
| SHA256 | bc1fdddc3ecf8f6f1ba1967233a1572d49b35fbd6d69614e6e237af2c2e3bc80 |
| SHA512 | 1c9aff17dd6fac1f246ecc159bfe35965b12d4d99bc6ff13f3c6e63ecb0e4243c8348a851ee3c0646bc981a248a1c29a8311836d3d13692379f7e14785b96cb3 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\00017aecdf8bcdf3fa8898c25225bef2
| MD5 | 24ceeb5ca6a3a40a13815f1c6a45f082 |
| SHA1 | c12a3a40ec7b08d4aa43eab46620c1608ac3bdfe |
| SHA256 | f4a1d0b26221a6b5a784c71537d63f56f3bebd955f91b0acee97526b5ca46e67 |
| SHA512 | 8c6ee0ff78b968fbab61dcc2a826e887cd1f06bb147b995d1c2e00ff3294b5acc6d599113e75bf22e744c4b8cffcbc9a0044a0090a2131b40df4a8e091ac1633 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7ab1a462a7b2d877035575f58650bba4 |
| SHA1 | 908654b104ab0e9e48d8f2759a760df62a630cc2 |
| SHA256 | a0b4fefeaff109b455f7cae1584d4a2df0db1c7500c1e10c5fd40e7801abf4c3 |
| SHA512 | d4736ee615c0cde3ab0637d468b8fca9d3d5b51b1ca0aad32441677fdf24dccfca68e6ee2fcc71b8163aa6ccdf6a8fc19a757443908ccd91f78daf7ce537be78 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 58bf82ed18ab96b3ee934b40e754398f |
| SHA1 | 0b32b9d3d230d0fe37587700786e1b7460972e37 |
| SHA256 | 86cdd38d012a4293ef6a3e7618cf4ce57680c897ae383ed6a169dd78202c935c |
| SHA512 | d8d1533b0c2385ad2de5334dc3c798b831401f5b673773b9665fe88fefa4c0736c8db15afbab3ef4f18c620ab3c435d2b759a0e65bac56c0149f9610933b8b38 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3db67716dd51ea9625b1e3a0dd54b247 |
| SHA1 | 1a974140eb94bf2c389b47e4935cfc100d4d9d78 |
| SHA256 | e5660defa1015611310a5ef268fc110092444feca2fe9567c03b1156cb55abcb |
| SHA512 | 6655c3d317b8635384bfa5beecc59be74ba93cebd0f1994a7b2a1cd64d9e6b980f6392a37d2c7f076d3c6a3c0c31fe52499ef59bea44a46e76fe1362338e3308 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9ae31daaea7e34d18b90bab0239b2406 |
| SHA1 | 4e1cdda3bf737224203d8785341cca56e6b2040f |
| SHA256 | 8fbe8d7df62e8a93d1c930774713c3a10c503224d9538e83f21e84d4e70dd4ef |
| SHA512 | ed63bc94223006f5049c0dd5ebc42e0ea4be61627a367478e7000edf7e69ab61936235ed023f1453a77d01e775a5bb04fd08b25cbbf52cd38d6a5c4a6025eb2e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b30284812eea434172692fe91863b077 |
| SHA1 | 1b35a809ada2afb82ed59daf21beea89756624a6 |
| SHA256 | ff1c03711d5060cbf44b4b5aa7e3cfe8acb5c73255c391b3828ba7b9921ecda2 |
| SHA512 | 7982fe8674e360ba5d9726126046acc0915a43b146d60435cf3a358ecde1b20eae6f0ebf6018f7f41e6bff0dfeb2adc831da2d75f7750c379f184e1769af0282 |
C:\Users\Admin\AppData\Local\Roblox\5849387988\InstalledPlugins\0\settings.json
| MD5 | ee067049d04aada92b14c4b632d6ff2e |
| SHA1 | 99365e342580ca96bc874a6a5fd7b5d5043e28fe |
| SHA256 | a4ca7bfb89b111dcf262a5c59f0eaeb08c2d121fa68558e9ff46fae3631988d5 |
| SHA512 | 967c685b234405d65e891629d4c5fe66922d2f64ebfcfb2df53619c9cf36238b3040a2a8d78f2033eea4a969c2b283c85f5dac3685263084e46f268d82147909 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3e5f03e5aff52365e275bb30fc3eaa46 |
| SHA1 | 9f42c18ea3bb4f511d630a0442cf0fd160844b90 |
| SHA256 | 0cacd1c5ebf328e849b881209ea1d47438b6809251c9b82fc2773dd849dc446f |
| SHA512 | 66698fb914f69543b0d55f414b97e26ffe42591cf0ed4514555a00f396bbaaca5ee397cd856d3b2900a26ec26e06fceab57f93ba357ff17b07a037b2552d9fa4 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\e7ea2c3809a16b0f217321ecdfdb19b2
| MD5 | 4f3dad3a5b13120cdd25f4ef2d08cb8c |
| SHA1 | 2666b86ee23d2274c8d5cb307fbdb41139f6b3d5 |
| SHA256 | c27edc932cd84de7f73c804c89f728640f993703a7f052a62e8d3e31c0554b10 |
| SHA512 | fe9b9b517ef26d5e6e6a7f8c696cdc99a298748db07ae58d76e04d77fe45bef4ec3df4f1871fd85fd6b4af5ab28ebfdffade2e5a562da7dd50913eb9918564e8 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\47395f108d1ed314d342a9afbf144e24
| MD5 | ba432db977cc8615accfcc90fc16d529 |
| SHA1 | 0caa37aaa7751462c63995431a6ab30a18f01435 |
| SHA256 | 7aedb21fde906f9c0cfe11a54e26b40f0b8a2cafcfd44565e9bacc9bb28d7dcb |
| SHA512 | ed14753f9bbd9b1da72cc5eb19d5f808648696f20ef65d3a6ef1bae645a97059ea8456d34054c72312ebf656dd95dbe5a2bcfcd297fe4282ddfbd23f0d342351 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\cf02af62e6f3ca2afed2e4464e16b792
| MD5 | 613dd742dd9578af2c7da2b334f521b4 |
| SHA1 | a5d981c6184a834dc382db3c08a8186b5ee8e515 |
| SHA256 | 59ebc5bb535292eac717e6d0d5d686ffdd75d67ed60f254e764cc1e5a621d8fd |
| SHA512 | e40c1ad6712eabc0bec641ff06264ad6cb4e49fad8162d9bbf7d119d03fe91cb99051b7fd854e0077b001d1b43a077d677e70d7011ab3046aa7a603029deb1bd |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\c0985b5a71de5784410985371381adca
| MD5 | 2094e67448880c43a6b09109c4d00ced |
| SHA1 | b1aa20aaf92160255b36d1abaf4254215abd37cc |
| SHA256 | cfa3708777a6106797a4e40b4866fb045e62fdf048e389513c782e55cb376280 |
| SHA512 | 68c59e24f042fa1a995344e6829f3e89615e3aef8ce7d5619ec6d5f434c5dcad81cae69fd604f5e05e4c8628dcbc65b9556cf5f194b99f94e5616de65c40cd55 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\dc266c54da3c16862fdb4a145d054912
| MD5 | 5399b1985b064803fd9c7d871302c014 |
| SHA1 | 447906e0298d389df488282ffffe5ae3bce3724d |
| SHA256 | 95157eda5dd3b78a17a5f899af9300047dc90240d7a0c49dda26791efedd491b |
| SHA512 | 08e4ce792e038d5ef2582e1dc44061094b99fe1e3c537c1edd08c4b5ebca1de87a52166ba1d22c833d761854dfd41a27f3b78d64cacdb38c8814b9e4751f379c |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\182d5447478261d5b04a8e81da0a845d
| MD5 | bb184d0ebde2ad7cd7e7948e143573e9 |
| SHA1 | deaf124a12af0de7ed1fdc4730bd0429410ccc2e |
| SHA256 | b6004c58a6e875010ea6045ddcec70b47731989c2b56dc214f596eedbcc240f0 |
| SHA512 | 730c4549ce46c704a5df82337b59f2cdbe8beae05421d9f3f6435fd18f226bbe4f74daed1b9c6e2edf52e2302c48f5555b2b21594969f7a8b1f4f11c09f9addb |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\a231a49cbd7a788d1ec6bba67368e991
| MD5 | 2022c9a4a0b8129d12c56e72dc600d23 |
| SHA1 | 63cf6844f6b8bb8a878a295835ef82ecc1e3c962 |
| SHA256 | 53d33a9aa7e6de77fd8f7283fc618912e65745714261023bab9e766da5476bfa |
| SHA512 | 4c4c40a0d54dae13cc5d6703489aa90302d91437ce2c78736473b58bb03249317335cbaab9ca81c2c99bd908c3810f7f77919033786e1256187d9c8d36d36da3 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\92d7d010be77611bf8e8783dc23ac7d8
| MD5 | 7ca01d118beb75cf5c25aec83704f6ea |
| SHA1 | 30aece2a8a68a3c01fecb0a938190f1beb4a1c82 |
| SHA256 | b42d47e9f25993ff824aed32f60d1e6146ac5583736aa3e8acd7f1537aff892a |
| SHA512 | 0a4eea41027fc76ca77ad6fcb23b8577f9ed7f16de011479e032e11901bde3f27f15833969e11000e799a62aba64e10ee77f45b84f072632552c8f2ba15389c0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a38e8a902a57b3e93163c98cb9c4ba1d |
| SHA1 | 5f548d2e8740073a253067cbe021af66a9a7c906 |
| SHA256 | 8fb66565f84c458e10ee20da6f8d8624e5b5fa257b248304d6b4be074efa0926 |
| SHA512 | 5eee56eb7c0fb2565d629641922f106aa3c9bcae66af70564128f0ea6630c3c7770c43d55ccd9bcd5a19b4a5d85e6a5feebf8f103d12636b252ebc806119ab68 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 64e47f08a9e45839e2c4cd324491b25c |
| SHA1 | 22002f4dc37a51915657e544697584cd95cf5bdd |
| SHA256 | edfd1e0a86beac9ac1b986eea915986fa0526e704dd03a268f6fc93f77e7f90a |
| SHA512 | 14fb657c3ca5b95668f55a6b7bbcde2a3b2cd4d22448c9952e394809d6dac9cf50f64e82acf874ec1edd566416611feb3b1a3f7482d7f07d670072cbb2b56733 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 23f7affdfb04f41a68c50bae1a84b318 |
| SHA1 | 5a9a6229a5f88c8add057f40f486a1f7b348ccee |
| SHA256 | cca275f723f458dd78c97a57902da31168de043f16f8063a34b09d0f2b7f8f4c |
| SHA512 | 7742e45fffac0157a8eab8f8d3fceb0aee89726aa24522851cd814b4c5a290a6a8eb2dd872bfc23ff3e4fef444b524b29b92e1a13115a0613d45038dfd8d1f19 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c07c61ad6175d6fa5736476955ccbe7d |
| SHA1 | 822c996b6b64d188043d80e0e6039c7c1e814a5a |
| SHA256 | f42d4ba92b2610e89e8a05007e0b721cac4144b4518ca6bfe1ba8d50b9cddc63 |
| SHA512 | 7e54b0b41e96f4de946e666ee37f254671a24e9eba6cc8b717cbe508f6a2be1d7af4fef092caf2e328f88960b642b64bc86433e378a45562e2d4e86f0c7f70c6 |
C:\Users\Admin\AppData\Local\Roblox\5849387988\InstalledPlugins\0\settings.json
| MD5 | 5c4665d4656b2e4c7890994d25157a01 |
| SHA1 | 28268792916b42d8077263d1677cb74998de7989 |
| SHA256 | 0217dca86aebc04dbfd4be3090dd8c8e6c43b8ef2e0045469ccd779a4f3bf2df |
| SHA512 | 35dc23f994d2d7b0d49a315e53000586aeff4ec7250418519a2329421cd171b477fef1d4dfffa127e238fa9ce37e456337bc13ff58ea43eafa201a5fe611ab35 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4cc4201a2366c22313a80b9709441a69 |
| SHA1 | 8ce6a8e95f3e38c413c54e3db50bc7a3c6c5898d |
| SHA256 | a032b5ebb18591c93af24e6eabac61b340316551f63a6f21c43cd5cef4951c79 |
| SHA512 | 46707afa31265b442a85e706ec548367011fef4088a7cb962524a802e569ebcae9111d2365e9d1112a8d11ed692ae3ef539155c3aec973d17ecec5632296ac09 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 7915c5c12c884cc2fa03af40f3d2e49d |
| SHA1 | d48085f85761cde9c287b0b70a918c7ce8008629 |
| SHA256 | e79d4b86d8cabd981d719da7f55e0540831df7fa0f8df5b19c0671137406c3da |
| SHA512 | 4c71eb6836546d4cfdb39cd84b6c44687b2c2dee31e2e658d12f809225cbd495f20ce69030bff1d80468605a3523d23b6dea166975cedae25b02a75479c3f217 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 9faad3e004614b187287bed750e56acc |
| SHA1 | eeea3627a208df5a8cf627b0d39561167d272ac5 |
| SHA256 | 64a60300c46447926ce44b48ce179d01eff3dba906b83b17e48db0c738ca38a9 |
| SHA512 | a7470fe359229c2932aa39417e1cd0dc47f351963cbb39f4026f3a2954e05e3238f3605e13c870c9fe24ae56a0d07e1a6943df0e891bdcd46fd9ae4b7a48ab90 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 446ceb52d67c3e2c81402dc8c2078783 |
| SHA1 | 25ed5f771a60ffed38ce9aa447dca09b91ed858a |
| SHA256 | b041bae51b72d0a7d8d07d5576080c25d3889e5695ac513b766b7c661b0d9195 |
| SHA512 | 9416eb5b21d7f6b077aa0f13de7d4cceb27e0640a232e8794a0947c6a61c0759fdd81b20bf840a741ce52b8687ee3c8baa49dad1f10d5d03fd2df6157c8091d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 924b0294d1267b80efef970a0d438753 |
| SHA1 | 6b79c261656b1b950b755f966ffc5d34ec1db8ee |
| SHA256 | ff4a5a77101df7214c59001d30115c25892f62169eac75be374e19457663dc72 |
| SHA512 | f085012ec2f31330ca58e8b8343abb68cac66007325eff8c97c5e2e081bc1993f0fe45d592ba2805c4f5926c02360fcb15df944d90b9ee5b2e27ef1c2db18ae3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e1e1e4a8cd4f85357137b8fd39b0260e |
| SHA1 | 5e267cd14a62f4b240752c8ceb63d8f6c716f430 |
| SHA256 | d2e04059d64c691db8e2ebfe59ada51501c8ab7807900c6db253260a749d8dad |
| SHA512 | 6991f8619d6d19974320f29407f5c3d948fc1c94aa8d1590ebb7357314bebf45fafaefe0e6ec5d1f4c8525483d16f830130e4a32919ee8056745d9c748b6dcf4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ff66bfd53b1fde3e32792d184a523c36 |
| SHA1 | 8d8f93833b613ac2f36aa7b5c9cb4cddb4c16cba |
| SHA256 | c56c3f49727a4f1778c158196bcac643ebe7b5f63949accbc0c592c4587459da |
| SHA512 | 2b1bfab39e251d3e187c3edfade487176bdc42fe83b7df010d153ad3ae364d1fe92dc1c3907d76c29923096143eab0691960a1f3861a781e5e81933a4b72e46a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 43892445d65301815e0c39de1cf05478 |
| SHA1 | cdf065ab331995e86dc92458a259f2de6787d89f |
| SHA256 | 478700864cbb0c010afd19cf104ba27041b0f4373878e297760ce62714122df2 |
| SHA512 | d948a8113155d640333471efdb00aa3e2e92ba456cfe6e91f20bd13883a22639213038f0fb4b9784f880807f1536f44a28463114855378240346b787bf3e6570 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8b279f1b90987f6693c014d5daf04184 |
| SHA1 | 707636f931e603eaac0a529e126ce58a96d94120 |
| SHA256 | 50b4207c352398a4fbc467e6d472d07c31a0d8a845b724448198dd41b1bab4f0 |
| SHA512 | f9c9ebc68638d781fc964c57a2eb8bf8138732c504003ba0675749e6a4b4bd17c7e918f39e95ad1f1f58e3b112e50a5994c95a11f7d8f547df4d858da39c2767 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a75bc9dc292e1ac40a713381953175bb |
| SHA1 | 8c39530f656fb3e3c88d0d4f7c8b18746e273151 |
| SHA256 | 10a77c4db798511147591693c94cab73aad29ab999b3cb00dfdd1a807b9afd80 |
| SHA512 | e3c0c2f16d34ca2932f91d381568914c62a0279f8d78ae11a3bf80c1275bbc29f9ae7d7aba55f8536e7c73db10c7acbc50d0983cdbbcb839642a475f5dd3865d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | eeba8feb8d3f86214d909eeb3bdbfa5b |
| SHA1 | 4bcdf8b3bd235a89987ee077279c10f683f89175 |
| SHA256 | 6c65d1cdf36c8199f15fb8b3553dbefb6e0a9a52c25cdd7de2b8e7836adad8f5 |
| SHA512 | ef4df51c266f4c675c09cf918399737b1bf8b5ff35dd9b1fd87afe30e19c0a8420dd7901a9a4be22a7665bc48d41f08f744c1d55a569143fd2e4fbe6ced5fae2 |
C:\Users\Admin\AppData\Local\Temp\{47785FE5-8160-42D6-A42C-8EA0D05517A7}-BGAUpdate.exe
| MD5 | 3f208f4e0dacb8661d7659d2a030f36e |
| SHA1 | 07fe69fd12637b63f6ae44e60fdf80e5e3e933ff |
| SHA256 | d3c12e642d4b032e2592c2ba6e0ed703a7e43fb424b7c3ab5b2e51b53d1d433b |
| SHA512 | 6c8fce43d04dd7e7f5c8bf275ba01e24a76531e89cc02f4b2f23ab2086f7cf70f485c4240c5ea41bf61cb7ceee471df7e7bdc1b17dfdd54c22e4b02ff4e14740 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a845fadf465cfa48767b73f4e3d59188 |
| SHA1 | 439ae1ca4c2683c3dcfadfd4b46ad13110c4377f |
| SHA256 | 4852bf3f3844b01126e0c8a6dc90cf55928358347d94762025ba165ba6176805 |
| SHA512 | 05f989b2355e7f869e6afa906e6d7adf654138e58f08bbb0e20bb57e9976bed44e14a15134bf59f93dcd5bd95625fe948fef48237c20ad1f731cc44eb5f583fa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | df26f6f533a7bc9a6bdf574d777dcc9d |
| SHA1 | de02fa279a904edebd0add49d4c14b78202c8f33 |
| SHA256 | 49445b0ae17ef9abedbc426aff763bc41b14d5df80f60085db179d7dfaf95dbd |
| SHA512 | 909897fd5f7ea75c673c1c2e25f145c8c9b891e38f43b2dfe0e61b86d34f47ad87b7e0d957b33fdc85ab644b34bb0536734fdffaa58212b5dff95db8d059c6e1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 86340f249520048d82727b96dbc96eb9 |
| SHA1 | f4d16ca89b7e83e62227c3da3b485fbce58f2102 |
| SHA256 | 112096b21961f43b3df163ca4327ae10f989452c7ca5aade1b3e9bd56df486a5 |
| SHA512 | 0899fe2fd9f0cda3ebdf3f5456b410211fbd72ea1c050fb4ef7957ff70a0aab7598a0d3d3c3d6cca561c96e32e71f89af0db604afd9215f329dd807b21b728b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a2af70be203cea3daa1ecd280ea4d645 |
| SHA1 | c1438c29abadc36617f947fd8f05d29a8460de2c |
| SHA256 | 1e6d4312a8967cec845cd2cf0af73bca30a222a97b9e27ae65860cb3da804cc5 |
| SHA512 | e9385da9269bfc89dc92fdbb0c475560cd9ffe8931474277e56d942883937746080ab4e3fe561626e319706f20913e43d55287cad8e855ef85c03bb1cf53755b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ddf0ef50677cfce8ac3a25988d89eeba |
| SHA1 | 8c9f875c80fb5701c751543d830112904c36cf17 |
| SHA256 | 831e456eeec3348fdc0a1c6c205a530ee0ed23fe290f62dfb1c9c8132d6c6643 |
| SHA512 | 094a8bbfb69c4cb9ebb09530683c3582f1a0a4f9511a7499a8949e785886c42a4d58e38191bce5d1324989eeba74bf7341e8b1f0456e60c368712aed66ae6afb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 71626564b4dca3a49046f6d46a319080 |
| SHA1 | a8d15be9c4057662454b6cbdd405f66643de54a6 |
| SHA256 | 66ab6125c6fe0fcf5434f7ed7a5a8dacf4ca11af90155b748db4ae7c58abbccb |
| SHA512 | ec06c170d4c451959d612e87c62c1d880f0e7ef4eaa627d91be7423e8a24934395fb3227d0e18d3304f34309e845cf9dfe42022f482e450e22ac4dd26f15c343 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 46c37f623533efaaf5e3de0872ebadde |
| SHA1 | 93ee176c18fc59e71fc7929a5a0b209bf4e21354 |
| SHA256 | 1aba03d66cb29e1e2fc4b23da7544a6260ffcfc43831767517a7d726c4b474a2 |
| SHA512 | 26b8cdabedb777339a768262c13da0407a62ebcf16ed989e1eb4b764bd73ed797eb5015f65e1f1fcdf0a3f102a7cd1f7fe99993a22911c02941cb6b875c9f398 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | de75a419e598ea137d8ec1d208350798 |
| SHA1 | 5df2006043308940ff01ae601facb9e955cab277 |
| SHA256 | b9d4b3896fcf959d1ed8c3031235fe4cd502cb28e6b0321bbf647812336cb4e9 |
| SHA512 | 3c7a2db5beb50b39892daabc278ae6758419ac404195eb06018972be1e8e9549a7776b60886bcd996837ff87325bba3849450c0d4198094291ff998b3630919d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | aa6264ce96d3250a7b1cbf191951ff5f |
| SHA1 | 80ebb4d4760e5f2faba91e67b38004e61b88eceb |
| SHA256 | 4ee3c0e3f494267858e0e2d2e4c81c4b6cfb9c6ac8b52d80669651866c047566 |
| SHA512 | 3ba9862d5f81b5c6347b13f97e8d02cc2c6783579653a8393f33376ebabc7a17d63f817ad0d58c0abf5e0ff353a5a217608baf032fa66ec07a674d1fd8264171 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2941765cdfbbb7422f7bdfc888f1f908 |
| SHA1 | 8bb3060140c44f16349a362baa9a620d4d05c2b9 |
| SHA256 | 625d6703eacb8d12444f784fc9786bbd6125e4a00a321ad4fe9c4e12f36d6d7e |
| SHA512 | 1e85dddfcde4eb37058277d09f54e33b0c6e2ff9d309180e426f99e78c3438ab3aaba520789189473a9032f718a065f036576ce40ef2a95b2910ce0d3e4d7c28 |
C:\Users\Admin\AppData\Local\Roblox\placeIDEState\placeIDEState_17360838627_DebuggerData.xml
| MD5 | cd0f3ddac5434868dd098599ac017cc5 |
| SHA1 | 33c095040b0528b3d59e2ebf69f1f0dbd9e6db50 |
| SHA256 | 0f509d82cdaad6c918a7c0d346c604e11eb96ec28be4ea38fa7fa67b9d50e32f |
| SHA512 | ef1a4d870a322afb2dfe19eb6c1c3bfbde17737d809d3f29d7a2b06084d6e12679a0c4e91385ed47b2dd396a8782666480eee905d5dcbfdd42f5c4338ce0841b |
C:\Users\Admin\AppData\Local\Roblox\placeIDEState\placeIDEState971760778.xml
| MD5 | a4218883a9b554e5c59991e2df8b85d9 |
| SHA1 | b11dbb9f7f2af8e8923696bd17f96acf09a396e0 |
| SHA256 | 855f00971a3740d0f44169ae1b7dd56029bd232d8f8d86695374921949101df3 |
| SHA512 | 825293eedfcb6adaf7f84f7e647b5eaa8ab5aba1c5b9c2c2d1e39a0070de68a761d16debf1eff2bf6bd9f701b6ab629791d934d51fe605e71474cbd7f0ac9fda |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 11dd7d942ad93eeb7212e21c7227c142 |
| SHA1 | 28b7089ef1bba66ef24f6ad6cc11b0af5dbb1731 |
| SHA256 | a6cd64c462af8a5610d2eb855c0dbd9298351da21a78619282ba25d683f556f3 |
| SHA512 | f70467003be0664b0e22d22d28b1f3215c6012f4ad9c3634ff9f723ab35524801133aef675fa22990efcdf82a14126153e2009a68e5af676d13b5b6d06d3d5af |
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
| MD5 | 4d839b7cd35e2dffb944ef2e34e761c9 |
| SHA1 | 7772c13f3fc918d462422300472519ca921a46e1 |
| SHA256 | 4c897b2940d269e0a0de38e5a3e8bd17d4bea315efc42d3687fbabc13cd17048 |
| SHA512 | eeda1a69c524251290e893d1595aa2869a8a927878872cbe347e56920da4367e9164773f57dbb13781fc445006114b9fa68a7beb3ef966e4ea07d76fe3f609fe |
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
| MD5 | ba45fab0e32577be18ac09552b211b45 |
| SHA1 | dcde3fa7c022ba68fca4bdb2b5ae3148baf9a7e0 |
| SHA256 | 0b30525c3517fb7bd3f718e2def208ac42f00b9b57ba95187e67b60805201c63 |
| SHA512 | 176b9dd3a52cf60ae6d736eaa2e1357ef1bb90f920faf15a7b9eb604c00bc1d6087864a330950984137ad9dc59725bd635d56a44843458409aa62aeb30352c8d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | fc43f289a5034034b3ac836e02bd50bf |
| SHA1 | f8a5e13ee6aee8b62372d97041ccf54b95790ba7 |
| SHA256 | 887d58c3fcf065920142a238c92d1718e9b2048e39dbc12b5d7d9cd1e361b221 |
| SHA512 | 794a7bd59f304be7a4eea89041eee71f418d8c3866eeceb5b376b08a8db7852492abc4259a34c8e648b1ac16b292b08dba81d8c95fa913231522d56ad39167a6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 60c1d45ed0b6ca22c57b6330c6205634 |
| SHA1 | 9609b5556f1b624f9835d18bee2b5b6480e988ec |
| SHA256 | 853c984de967041b12b6a31458bb31cf619dfcf1c1297a067cd8d91e43359b93 |
| SHA512 | ebb07ffe8d1a5f2ca3dcf9f08f1d92f0417f3312071f52b8dfd4a67a7e3bac27465e59326920bcc16e086800ca05914500494406f1ba7d13e20af90ad2dd6e9e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e0e9a344155784709606475411bb2ebf |
| SHA1 | 761ac542734343a6609a6185fe7b801a401a9576 |
| SHA256 | ce4cf1f3f0ba9e78425d1512f627c2eda1ba8fc888919195aceb9b6197e57522 |
| SHA512 | 1d6049a55785a47a0e29953f7c7395bad22104470ace31202522d512becdee581a033bb7740a765c968879bfafe4ac33dba86c50a385f5d4a8c2787e801b8be6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\9d233f2f-d3f1-439a-acb8-3a8421c6d936.tmp
| MD5 | a65ea8988d3e5319666d3b7e6ad4f502 |
| SHA1 | d7bc3c3173f1b55d274ce62b3df5783fa70acfd7 |
| SHA256 | f8fc71ce23f472885826a1c5c2b57e7128befe9c69c0f5adbcdbf60362030591 |
| SHA512 | c15fe4ef21c666153d6939cc9c8743ca4c2be5b3b8bee21134783fd9d14b52b30d86f79051c5b98cdfcec3af10c1e56c1f4f027973aa6fa03b8626eac300d004 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 730f2eb952fa15a84f2738d8c796c678 |
| SHA1 | 4f5e82e0be98f544eb3dbb7c65e02ff30f6f4b55 |
| SHA256 | 6f582f9cc77416e729f38ef13a7226952cb6c02b1a53409c743b6b4438ec6a67 |
| SHA512 | c3d6d0b3854f674342adfbfa46a742cbe8131c91a92522cef3073946e9120ff23cb84a28470df5d11e90c948aaf5a50a50608a883f5a4c0055ed146129b5d5f8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 42cce36c99dd91003f4727b2cfbceb32 |
| SHA1 | 964b392d1ad68df551d3e3bc928f80c65e0edbdc |
| SHA256 | 5e3be04ba50793c3ae5fa875f4b02e4f874826bb8c44541c1b1b7b47257d5c10 |
| SHA512 | 3066fb46093fa30a0e12048cd374c8d59cdf8395b0a11b47aef55a49c09859fe232d18bd8aae0aff05e8264f911ad1291bd41640ea040d72f6ab97a47e1339e2 |