Analysis Overview
Threat Level: Known bad
The file https://mega.nz/file/jqxVWIQT#EcaGfUbysreSEyuzDiIu9RNSIk7rIGYTYiGugzjLoqE was found to be: Known bad.
Malicious Activity Summary
NanoCore
Modifies Installed Components in the registry
Checks computer location settings
Executes dropped EXE
Checks whether UAC is enabled
Enumerates connected drives
Adds Run key to start application
Drops file in Windows directory
Drops file in Program Files directory
Enumerates physical storage devices
Suspicious use of WriteProcessMemory
Modifies registry class
NTFS ADS
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Enumerates system info in registry
Checks SCSI registry key(s)
Creates scheduled task(s)
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: EnumeratesProcesses
Suspicious use of SendNotifyMessage
Suspicious use of FindShellTrayWindow
Uses Volume Shadow Copy service COM API
Uses Task Scheduler COM API
Suspicious use of SetWindowsHookEx
Suspicious behavior: GetForegroundWindowSpam
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-05 08:08
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-05 08:08
Reported
2024-05-05 08:21
Platform
win10v2004-20240426-en
Max time kernel
429s
Max time network
779s
Command Line
Signatures
NanoCore
Modifies Installed Components in the registry
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000\Software\Microsoft\Active Setup\Installed Components | C:\Windows\explorer.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\godhuntermode.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\godhuntermode.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\DHCP Subsystem = "C:\\Program Files\\DHCP Subsystem\\dhcpss.exe" | C:\Users\Admin\Downloads\godhuntermode.exe | N/A |
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\Downloads\godhuntermode.exe | N/A |
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\F: | C:\Windows\explorer.exe | N/A |
| File opened (read-only) | \??\D: | C:\Windows\explorer.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\DHCP Subsystem\dhcpss.exe | C:\Users\Admin\Downloads\godhuntermode.exe | N/A |
| File opened for modification | C:\Program Files\DHCP Subsystem\dhcpss.exe | C:\Users\Admin\Downloads\godhuntermode.exe | N/A |
| File created | C:\Program Files\DHCP Subsystem\dhcpss.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\godhuntermode.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\System32\mspaint.exe | N/A |
Enumerates physical storage devices
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\HardwareID | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\FriendlyName | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\HardwareID | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\HardwareID | C:\Windows\explorer.exe | N/A |
Creates scheduled task(s)
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\schtasks.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\schtasks.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000_Classes\Local Settings | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\WasEverActivated = "1" | C:\Windows\system32\sihost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000_Classes\Local Settings\MuiCache | C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000_Classes\Local Settings\MuiCache | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\SOFTWARE\Microsoft\Speech_OneCore\Isolated\ohDO1Sgy3MzgdEgEb4WYfDS4ei | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3906287020-2915474608-1755617787-1000\{F00F8890-8DB9-4E98-BDC6-7BD15F187268} | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\ | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\ApplicationFrame\Microsoft.Windows.PeopleExperienceHo = 6801000088020000 | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.Windows.Search_cw5n1h2txyewy\WasEverActivated = "1" | C:\Windows\system32\sihost.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\SOFTWARE\Microsoft\Speech_OneCore\Isolated\ohDO1Sgy3MzgdEgEb4WYfDS4ei = "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Speech_OneCore\\Recognizers\\Tokens\\MS-1033-110-WINMO-DNN" | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000_Classes\Local Settings | C:\Users\Admin\Downloads\godhuntermode.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Windows\explorer.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 64681.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\DHCP Subsystem\dhcpss.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\godhuntermode.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\godhuntermode.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\Downloads\godhuntermode.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\Downloads\godhuntermode.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Windows\system32\vssvc.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\vssvc.exe | N/A |
| Token: SeAuditPrivilege | N/A | C:\Windows\system32\vssvc.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy service COM API
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://mega.nz/file/jqxVWIQT#EcaGfUbysreSEyuzDiIu9RNSIk7rIGYTYiGugzjLoqE
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffceba246f8,0x7ffceba24708,0x7ffceba24718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,8954252987890860282,4179672308508578317,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2084 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2132,8954252987890860282,4179672308508578317,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2260 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2132,8954252987890860282,4179672308508578317,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2752 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8954252987890860282,4179672308508578317,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8954252987890860282,4179672308508578317,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,8954252987890860282,4179672308508578317,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5284 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,8954252987890860282,4179672308508578317,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5284 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2132,8954252987890860282,4179672308508578317,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3964 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x300 0x470
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8954252987890860282,4179672308508578317,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8954252987890860282,4179672308508578317,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8954252987890860282,4179672308508578317,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5544 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8954252987890860282,4179672308508578317,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2132,8954252987890860282,4179672308508578317,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=3348 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8954252987890860282,4179672308508578317,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2132,8954252987890860282,4179672308508578317,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6440 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2132,8954252987890860282,4179672308508578317,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6244 /prefetch:8
C:\Users\Admin\Downloads\godhuntermode.exe
"C:\Users\Admin\Downloads\godhuntermode.exe"
C:\Windows\SYSTEM32\schtasks.exe
"schtasks.exe" /create /f /tn "DHCP Subsystem" /xml "C:\Users\Admin\AppData\Local\Temp\tmp7772.tmp"
C:\Windows\SYSTEM32\schtasks.exe
"schtasks.exe" /create /f /tn "DHCP Subsystem Task" /xml "C:\Users\Admin\AppData\Local\Temp\tmp77A2.tmp"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\fd391afe.bat" "
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\7f9dcb29.bat" "
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,8954252987890860282,4179672308508578317,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3428 /prefetch:2
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\ba6c3171.vbs"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8954252987890860282,4179672308508578317,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8954252987890860282,4179672308508578317,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6592 /prefetch:1
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\system32\sihost.exe
sihost.exe
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\explorer.exe
explorer.exe /LOADSAVEDWINDOWS
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
"C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
"C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\system32\sihost.exe
sihost.exe
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2200 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2260 /prefetch:3
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2896 /prefetch:8
C:\Windows\explorer.exe
explorer.exe /LOADSAVEDWINDOWS
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3552 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3592 /prefetch:1
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4872 /prefetch:1
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4088 /prefetch:1
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xd4,0x10c,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xd8,0x10c,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3708 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6036 /prefetch:1
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5748 /prefetch:1
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6848 /prefetch:1
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5848 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6016 /prefetch:1
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7616 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6388 /prefetch:1
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0xf8,0xf4,0x124,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
"C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
"C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x108,0xd8,0xdc,0x10c,0xe0,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0xe0,0x100,0xd4,0x104,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x40,0x100,0x104,0xdc,0x108,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8440 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7672 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8480 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8524 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8540 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8572 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9156 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xfc,0x10c,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5484 /prefetch:1
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10096 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9292 /prefetch:1
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10436 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10452 /prefetch:1
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd4,0x108,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xb4,0x108,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7138413558253227350,12288916614247194872,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8500 /prefetch:1
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0xdc,0xc0,0x108,0x7ffce33e46f8,0x7ffce33e4708,0x7ffce33e4718
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\system32\sihost.exe
sihost.exe
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\explorer.exe
explorer.exe /LOADSAVEDWINDOWS
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffcec9846f8,0x7ffcec984708,0x7ffcec984718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcec9846f8,0x7ffcec984708,0x7ffcec984718
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffcec9846f8,0x7ffcec984708,0x7ffcec984718
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcec9846f8,0x7ffcec984708,0x7ffcec984718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2892 /prefetch:8
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4164 /prefetch:1
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2188,6541626517622421692,1912925466605200789,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xe8,0x108,0x7ffcec9846f8,0x7ffcec984708,0x7ffcec984718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5072 /prefetch:1
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1524,3795070441996784804,18419501745391962985,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5112 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5744 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xd8,0x100,0x104,0xfc,0x108,0x7ffcec9846f8,0x7ffcec984708,0x7ffcec984718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5904 /prefetch:1
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5824 /prefetch:1
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6224 /prefetch:1
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3996 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x108,0x10c,0x110,0xd8,0xdc,0x7ffcec9846f8,0x7ffcec984708,0x7ffcec984718
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcec9846f8,0x7ffcec984708,0x7ffcec984718
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
"C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcec9846f8,0x7ffcec984708,0x7ffcec984718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffcec9846f8,0x7ffcec984708,0x7ffcec984718
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcec9846f8,0x7ffcec984708,0x7ffcec984718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcec9846f8,0x7ffcec984708,0x7ffcec984718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcec9846f8,0x7ffcec984708,0x7ffcec984718
C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
"C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcec9846f8,0x7ffcec984708,0x7ffcec984718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcec9846f8,0x7ffcec984708,0x7ffcec984718
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcec9846f8,0x7ffcec984708,0x7ffcec984718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcec9846f8,0x7ffcec984708,0x7ffcec984718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffcec9846f8,0x7ffcec984708,0x7ffcec984718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcec9846f8,0x7ffcec984708,0x7ffcec984718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcec9846f8,0x7ffcec984708,0x7ffcec984718
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffcec9846f8,0x7ffcec984708,0x7ffcec984718
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcec9846f8,0x7ffcec984708,0x7ffcec984718
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x104,0x108,0x10c,0x100,0xd8,0x7ffcec9846f8,0x7ffcec984708,0x7ffcec984718
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcec9846f8,0x7ffcec984708,0x7ffcec984718
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3884 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5236 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5856 /prefetch:1
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6620 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6712 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6672 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5492 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6924 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6856 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6960 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6680 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4256 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7196 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7192 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2420 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5096 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6896 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4176 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcec9846f8,0x7ffcec984708,0x7ffcec984718
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11000 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:1
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcec9846f8,0x7ffcec984708,0x7ffcec984718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2738675195520079679,3850033831590456740,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xdc,0x108,0x7ffcec9846f8,0x7ffcec984708,0x7ffcec984718
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pornhub.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcec9846f8,0x7ffcec984708,0x7ffcec984718
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\system32\sihost.exe
sihost.exe
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\explorer.exe
explorer.exe /LOADSAVEDWINDOWS
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\System32\chkdsk.exe
"C:\Windows\System32\chkdsk.exe"
C:\Windows\System32\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\System32\dwm.exe
"C:\Windows\System32\dwm.exe"
C:\Windows\System32\notepad.exe
"C:\Windows\System32\notepad.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mega.nz | udp |
| LU | 31.216.144.5:443 | mega.nz | tcp |
| LU | 31.216.144.5:443 | mega.nz | tcp |
| US | 8.8.8.8:53 | eu.static.mega.co.nz | udp |
| LU | 89.44.169.132:443 | eu.static.mega.co.nz | tcp |
| LU | 89.44.169.132:443 | eu.static.mega.co.nz | tcp |
| US | 8.8.8.8:53 | 5.144.216.31.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.api.mega.co.nz | udp |
| LU | 66.203.125.13:443 | g.api.mega.co.nz | tcp |
| LU | 66.203.125.13:443 | g.api.mega.co.nz | tcp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 132.169.44.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.125.203.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| NL | 23.62.61.138:443 | www.bing.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 138.61.62.23.in-addr.arpa | udp |
| LU | 89.44.169.132:443 | eu.static.mega.co.nz | tcp |
| N/A | 127.0.0.1:6341 | tcp | |
| N/A | 127.0.0.1:6341 | tcp | |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| NL | 23.62.61.138:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | gfs270n070.userstorage.mega.co.nz | udp |
| LU | 31.216.148.27:443 | gfs270n070.userstorage.mega.co.nz | tcp |
| LU | 31.216.148.27:443 | gfs270n070.userstorage.mega.co.nz | tcp |
| US | 8.8.8.8:53 | 27.148.216.31.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | july-pty.at.ply.gg | udp |
| DE | 209.25.141.212:32243 | july-pty.at.ply.gg | tcp |
| US | 8.8.8.8:53 | 212.141.25.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 57.169.31.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 239.249.30.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.171.91.138.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.239.69.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pornhub.com | udp |
| US | 66.254.114.41:80 | pornhub.com | tcp |
| US | 66.254.114.41:80 | pornhub.com | tcp |
| US | 66.254.114.41:443 | pornhub.com | tcp |
| US | 66.254.114.41:443 | pornhub.com | tcp |
| US | 8.8.8.8:53 | 41.114.254.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.pornhub.com | udp |
| US | 8.8.8.8:53 | static.trafficjunky.com | udp |
| US | 8.8.8.8:53 | ei.phncdn.com | udp |
| GB | 64.210.156.22:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.22:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.22:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.22:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.22:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.22:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phncdn.com | tcp |
| US | 8.8.8.8:53 | 22.156.210.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.156.210.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | media.trafficjunky.net | udp |
| US | 8.8.8.8:53 | cdn1-smallimg.phncdn.com | udp |
| US | 66.254.114.156:443 | cdn1-smallimg.phncdn.com | tcp |
| GB | 64.210.156.16:443 | media.trafficjunky.net | tcp |
| US | 66.254.114.156:443 | cdn1-smallimg.phncdn.com | tcp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.156.210.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.114.254.66.in-addr.arpa | udp |
| GB | 64.210.156.22:443 | media.trafficjunky.net | tcp |
| GB | 64.210.156.22:443 | media.trafficjunky.net | tcp |
| US | 8.8.8.8:53 | ei.phprcdn.com | udp |
| GB | 64.210.156.22:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.22:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.22:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.22:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.22:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.22:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.22:443 | ei.phprcdn.com | tcp |
| US | 66.254.114.41:443 | www.pornhub.com | tcp |
| US | 66.254.114.41:443 | www.pornhub.com | tcp |
| US | 66.254.114.156:443 | cdn1-smallimg.phncdn.com | tcp |
| GB | 64.210.156.22:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.22:443 | ei.phprcdn.com | tcp |
| US | 8.8.8.8:53 | unpkg.com | udp |
| US | 104.17.245.203:443 | unpkg.com | tcp |
| US | 8.8.8.8:53 | ads.trafficjunky.net | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 66.254.114.154:443 | ads.trafficjunky.net | tcp |
| US | 8.8.8.8:53 | a.adtng.com | udp |
| US | 66.254.114.171:443 | a.adtng.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | 203.245.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.114.254.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.114.254.66.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 66.254.114.41:443 | www.pornhub.com | tcp |
| US | 8.8.8.8:53 | ss.phncdn.com | udp |
| GB | 64.210.156.16:443 | ss.phncdn.com | tcp |
| GB | 64.210.156.22:443 | ss.phncdn.com | tcp |
| GB | 64.210.156.22:443 | ss.phncdn.com | tcp |
| US | 8.8.8.8:53 | hw-cdn2.trafficjunky.net | udp |
| US | 8.8.8.8:53 | ht-cdn2.trafficjunky.net | udp |
| GB | 64.210.156.22:443 | ht-cdn2.trafficjunky.net | tcp |
| GB | 64.210.156.0:443 | hw-cdn2.trafficjunky.net | tcp |
| GB | 64.210.156.22:443 | ht-cdn2.trafficjunky.net | tcp |
| GB | 64.210.156.0:443 | hw-cdn2.trafficjunky.net | tcp |
| US | 8.8.8.8:53 | 0.156.210.64.in-addr.arpa | udp |
| US | 66.254.114.41:443 | www.pornhub.com | tcp |
| US | 8.8.8.8:53 | july-pty.at.ply.gg | udp |
| DE | 209.25.141.212:32243 | july-pty.at.ply.gg | tcp |
| US | 66.254.114.41:80 | www.pornhub.com | tcp |
| US | 66.254.114.41:80 | www.pornhub.com | tcp |
| US | 66.254.114.41:443 | www.pornhub.com | tcp |
| US | 8.8.8.8:53 | july-pty.at.ply.gg | udp |
| DE | 209.25.141.212:32243 | july-pty.at.ply.gg | tcp |
| US | 8.8.8.8:53 | ei.phncdn.com | udp |
| GB | 64.210.156.21:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.21:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.21:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.21:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.21:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.21:443 | ei.phncdn.com | tcp |
| US | 8.8.8.8:53 | 21.156.210.64.in-addr.arpa | udp |
| US | 66.254.114.41:443 | www.pornhub.com | tcp |
| US | 66.254.114.171:443 | a.adtng.com | tcp |
| US | 66.254.114.154:443 | ads.trafficjunky.net | tcp |
| US | 104.17.245.203:443 | unpkg.com | tcp |
| US | 8.8.8.8:53 | ht-cdn2.adtng.com | udp |
| GB | 64.210.156.0:443 | hw-cdn2.trafficjunky.net | tcp |
| GB | 64.210.156.22:443 | ht-cdn2.adtng.com | tcp |
| GB | 64.210.156.16:443 | ht-cdn2.adtng.com | tcp |
| GB | 64.210.156.16:443 | ht-cdn2.adtng.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | hw-cdn2.adtng.com | udp |
| GB | 64.210.156.1:443 | hw-cdn2.adtng.com | tcp |
| GB | 64.210.156.1:443 | hw-cdn2.adtng.com | tcp |
| US | 8.8.8.8:53 | 1.156.210.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | storage.googleapis.com | udp |
| GB | 172.217.169.27:443 | storage.googleapis.com | tcp |
| US | 8.8.8.8:53 | 27.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | july-pty.at.ply.gg | udp |
| DE | 209.25.141.212:32243 | july-pty.at.ply.gg | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| GB | 64.210.156.21:443 | ht-cdn2.adtng.com | tcp |
| US | 66.254.114.41:443 | www.pornhub.com | tcp |
| US | 66.254.114.41:443 | www.pornhub.com | tcp |
| US | 66.254.114.171:443 | a.adtng.com | tcp |
| GB | 64.210.156.1:443 | hw-cdn2.adtng.com | tcp |
| US | 104.17.245.203:443 | unpkg.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | f53207a5ca2ef5c7e976cbb3cb26d870 |
| SHA1 | 49a8cc44f53da77bb3dfb36fc7676ed54675db43 |
| SHA256 | 19ab4e3c9da6d9cedda7461efdba9a2085e743513ab89f1dd0fd5a8f9486ad23 |
| SHA512 | be734c7e8afda19f445912aef0d78f9941add29baebd4a812bff27f10a1d78b52aeb11c551468c8644443c86e1a2a6b2e4aead3d7f81d39925e3c20406ac1499 |
\??\pipe\LOCAL\crashpad_2196_CHZPLBVZPZRZXYVO
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | ae54e9db2e89f2c54da8cc0bfcbd26bd |
| SHA1 | a88af6c673609ecbc51a1a60dfbc8577830d2b5d |
| SHA256 | 5009d3c953de63cfd14a7d911156c514e179ff07d2b94382d9caac6040cb72af |
| SHA512 | e3b70e5eb7321b9deca6f6a17424a15b9fd5c4008bd3789bd01099fd13cb2f4a2f37fe4b920fb51c50517745b576c1f94df83efd1a7e75949551163985599998 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a07fcd7a6323ce5863cd03978af4c54d |
| SHA1 | acadd8c06b8067ba29459344c6997787dda75306 |
| SHA256 | 20b323d94d628e1c875396b81c22979315a840fa5392f9ad2426a30a5c88b7ef |
| SHA512 | a30acdf1c3cb9902f9e0f75eadfd3ed8f2b4bf954591de671dff1d26619a30e00c4eea646c7d9343b82245c9a0391c961eca73e67f55faadfd2455d1e0bffaa3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 286b72e2d6040ec167f3b094c3bce0e7 |
| SHA1 | e362eac9c8591591a5c417155581f640a6b3c1fd |
| SHA256 | 2b77efe294e0952d3ad4153ebf106c0998331b547df91fc48a801e6c752c9d7e |
| SHA512 | 95fa2df0adbaac5aec036c28975e7fa24b038134b13787741f7f6a3736a0487abd41eff808e0c6553a9a6668b63030e7969dfd98098d76d92e6a968a2476c649 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bc415c88249a28b24a3e88e2ab90a0da |
| SHA1 | 209bc411afffb7cc4209b9b0de33841dc079952d |
| SHA256 | 4692d58a7f877e173c60dff37434624472264c693f5203a58727cf87299d9c90 |
| SHA512 | 37f8962d60e8ab524453dfb1dbd6be57cd02a9dbac5cc8452800d929b283a4ecb2619fe2d0e6964c9e070cef9761ddd87d68a1a9304ee481b18a837a9db64454 |
C:\Users\Admin\Downloads\godhuntermode.exe
| MD5 | fa27771b02f19cbd8ffca1099538858a |
| SHA1 | ae591814aa4b40bc0ecf87a50d0fc1df9d16c7a7 |
| SHA256 | 26fa94e684087b55f0d0ae839904aba0de3d6bd7f8fc2d19ddea18e6f66b8396 |
| SHA512 | c985071e77314a5a3687a522fff337c3ee4b08d228b999694a6f5dbeaadd8b03f717b4c5c50526cb45cff319aaf666a7ddae63f402ed023e8246865750d821c8 |
memory/5680-177-0x000000001C1C0000-0x000000001C68E000-memory.dmp
memory/5680-178-0x000000001BBF0000-0x000000001BC8C000-memory.dmp
memory/5680-179-0x000000001C840000-0x000000001C8E6000-memory.dmp
memory/5680-180-0x00000000016C0000-0x00000000016C8000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\tmp7772.tmp
| MD5 | 27c110eeac8b064d06586616a32e5ccd |
| SHA1 | c02635e49bb1bbc6a2966e0b7952fff0892d3cf1 |
| SHA256 | 21ad204215b4be0d8900c4f8d19a58fc245db473b3d15101212899b8364d2294 |
| SHA512 | a6928600c976c1ccacfb98c80dd5479f40768100d638babd36da0efd1c34d4dbb7ca555b59d25a8713ad38cffbe7e4ead1c6731820286502a4c986cd93b15c7a |
C:\Users\Admin\AppData\Local\Temp\tmp77A2.tmp
| MD5 | 0fbd9807f0c83972cb1427b4e01f2d12 |
| SHA1 | 9a1852011cc1771b3e40f3430bbf9ba3713c7c7d |
| SHA256 | 5f9a59be7c04f1de60e0fb648b3fa989c62dcefda47c08f2ec31eec42c644535 |
| SHA512 | 81c962b71040be6d5185435ad661514dd1586ff859218a6a58844d20a77596f349ed96b60d3b62e48456492afd4f546491fdf6ddad4c2d8a0ba33c3ecd5a4d87 |
memory/5680-189-0x000000001D0B0000-0x000000001D0BA000-memory.dmp
memory/5680-190-0x000000001CA00000-0x000000001CA1E000-memory.dmp
memory/5680-191-0x000000001C900000-0x000000001C90A000-memory.dmp
memory/5680-194-0x000000001CA20000-0x000000001CA32000-memory.dmp
memory/5680-195-0x000000001D420000-0x000000001D43A000-memory.dmp
memory/5680-196-0x000000001D440000-0x000000001D44E000-memory.dmp
memory/5680-197-0x000000001D450000-0x000000001D462000-memory.dmp
memory/5680-200-0x000000001D690000-0x000000001D6A4000-memory.dmp
memory/5680-199-0x000000001D680000-0x000000001D68E000-memory.dmp
memory/5680-202-0x000000001BCC0000-0x000000001BCD4000-memory.dmp
memory/5680-203-0x000000001C8F0000-0x000000001C8FE000-memory.dmp
memory/5680-204-0x000000001D6A0000-0x000000001D6CE000-memory.dmp
memory/5680-205-0x000000001D030000-0x000000001D044000-memory.dmp
memory/5680-201-0x0000000001880000-0x0000000001890000-memory.dmp
memory/5680-198-0x000000001D660000-0x000000001D66C000-memory.dmp
memory/5680-206-0x000000001E380000-0x000000001E3E2000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e9801acae6e3df7b5fcc86e3a77e097c |
| SHA1 | 0cc69865adcf2d88a644076b812a78b8e58dcf41 |
| SHA256 | e656dfd8b95a17feb2c145441f72fa5afd4da5516956ba19e2e54ee950467ae8 |
| SHA512 | 84468c1ac89e58e44e1f4273ee4be832aea282ec46ac06024338c24806464314ffb2542df4165b904abdf18a904643ee5fac4ada656f9c830c3e53fcbf8a22c6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | beae77c5adf9acb6ebac78db1609ff56 |
| SHA1 | b59eb570240242f362ee8a2f88e8fc0ebd907c72 |
| SHA256 | a14fabf06de5b5f0bc390d98d07cb62ec8061cd9ee319da6af5198662c107294 |
| SHA512 | 75431a184d80814fee0339d0ebd6f58f494371da8a3fcc97bbb34d3320470420628293bd7820b984347435f3b4d4cc18c7f902e1b188eb4342a3cd117f5809f5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b6315b0f4b7796b09fefe968bfb5e313 |
| SHA1 | a1d4d536ac8702066d80622e029686212dcc6d1a |
| SHA256 | 2cbc8b551c7b42400887376215f239da5a5d5dae4161c11c2ec489907e0946d5 |
| SHA512 | fdccdf1fa33e5f8a3433590dd3201e367999e743c37cfc2f0d77a08985262c0a0b5a334bb59c0a573b26f83be80784f66bbb58e38d6e3cdee35402ed40ca9693 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe579635.TMP
| MD5 | 4fcf4f0dcb9271a7133cf6be8a2b33cc |
| SHA1 | 4c5522bad83c6e8dedf3d2736e4d49925c6be1aa |
| SHA256 | da994a4a81835c80e8478a0057e44276baf0f87b75e5ec9f95135206fd35e75a |
| SHA512 | 579a6f190cf7adb55fb17a3678b2f79550284ed35521605daad582fdb7c488a9ab7f4d19044dd0ebad01a43d62ead71e0593a4cce31fef03cebd36cdb7e02f30 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 113182a1eb9f484c36442766a910decb |
| SHA1 | 63fe54e499ec84503aa9026fd5e8eb35084c9bd6 |
| SHA256 | 0fd763c027f4943368d2c02ec24e9ade90df50ed5674e449fa1e27f27c57a493 |
| SHA512 | 842cd262cb5206305e961d4c6fdc031163ad0f66077d5c3e0d13d85a5a88f4efa9e924f823670e7441b1ab65054dc4e1edfe443e7f463f75a19d1b509c6a3d8b |
C:\Users\Admin\AppData\Local\Temp\fd391afe.bat
| MD5 | d229105818dbd31beda5c7ac688b9144 |
| SHA1 | 239f10f37e9336455831a837c37d70163428d908 |
| SHA256 | f8fb4cba52e082171390b683d30b50458bb448f96cf5aa7dcd0333ae21b6aa51 |
| SHA512 | fe491f078c34fce2878864f007d78675688684614a4c9af58f835228cb4b102d974afc70ccac8bd456b5ebd105c8b28547b2e34b13b4fd7da9e452721f914d13 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 008114e1a1a614b35e8a7515da0f3783 |
| SHA1 | 3c390d38126c7328a8d7e4a72d5848ac9f96549b |
| SHA256 | 7301b76033c2970e61bab5eaddaff5aa652c39db5c0ea5632814f989716a1d18 |
| SHA512 | a202fc891eace003c346bad7e5d2c73dadf9591d5ce950395ff4b63cc2866b17e02bd3f0ad92749df033a936685851455bcdbfad30f26e765c3c89d3309cb82b |
memory/5680-286-0x000000001EFC0000-0x000000001F4CE000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\7f9dcb29.bat
| MD5 | 9dc0d60dea713244cbc827523c242b8b |
| SHA1 | a52952c85055461fe98ab1bb4f345bccce9d8c94 |
| SHA256 | c01daa14e2e6c62ec793390f8c69bcedfb0bf01e23083e55c02af0158d46aa4f |
| SHA512 | 6407c8c582041029605a272d9004fba945d97e8a4dbcb942f6facd8049e70adf113be1a68e76f15b224d9ffa4c0b42a37fefb08aecd4879b8ff708095568ae5d |
C:\Users\Admin\AppData\Local\Temp\ba6c3171.vbs
| MD5 | 4b4eee10ca7ce39678e34812d0d99fcd |
| SHA1 | 887246ae31161c8494241e2110e4e870ab5085c7 |
| SHA256 | da36498c1ce80e0330382c43b46ec54011a48dd5359bd8633bcd6fd7d146ee34 |
| SHA512 | 6c79a237bc1f3e9a3d7e13542de75ae7b2d423bdf909ea79ab803e5b79bfb11fc818d666d7e03fb00350c97ab860d330ca6760b756b1d1d20398d094c2d791a9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b10bc071f2a7c445bd8644aa9b5a7394 |
| SHA1 | 22778e84c466ed369e532feec1d455fb7b9d5281 |
| SHA256 | 727cbd8b64ea3c6c3342c863fff7b6f132ad52b4a16463fd076ac853ede2580c |
| SHA512 | bbc78b31b7fe3e717fc49b83b1f271b3a0acec469252adf8d55af18bf0083b42a82e05a63acacc785f30514335e29970198c18efcf463806567d9cbf19b1124b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 643e63bf4bd625838ec63c14c8d12beb |
| SHA1 | 8c6f1a426125870af21a527f706a6164cfd2aac8 |
| SHA256 | 35c725da797f5ab2e3ccf1b22667c3579fbd62e9cbee5f45b08c58c7eaddb8b5 |
| SHA512 | 751d0b8cafc858f7267dc6f7bad749ab73dd6cf1528fa36855d812217f2043a83934e5f9700f46bf4509eff02a9e0a86071b5676f995654b4e16fc5ff1a259f1 |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | ef29c46ce4172fbbc4d8e4f927a80f1e |
| SHA1 | d2c4dcf4b58ef0d2c1177a07f2760534274f328c |
| SHA256 | a631e446b8b5b0a5cb0cee601aaeb3bebb2baf627f738175c8a73528fb31152b |
| SHA512 | 449d3b306f257c8642abfe43e9ae0a271d69070441f8681768bec1848ee45b7d1a4cffb12e61777399c9ffef2ed0813d3d41f1318baa8ebc0873e54daecaf595 |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | 0979af4ddaa34fee7691e228487a8d39 |
| SHA1 | 51fc98f164ed5f37c8e3068b97566b6afa353925 |
| SHA256 | 018be1c2c72b45ff53babd3f4f6d035882da3b5e4107e3668a9ab5efea859971 |
| SHA512 | 3e015bff4f83fa1604ddc9acbfd7f89ef871e0c600b2e62ef4d40521ab637f4af2d33c2cef0258722c4b4bfbd7019929aa65b774ee6a19936991bae1a212d184 |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | cba88607660bef68133cbd62bce7e05b |
| SHA1 | 41a6a8fb1f23cf27a4f548e1212924e04158f365 |
| SHA256 | 67a3e8076a1c764854db9588328cf6e68e65322e9749c020f13eb1e1962418a3 |
| SHA512 | 7b15abd0020241da55685ea44801c20e08b7b5dbd014995d567396e29e0c0b66766e5d3fa1405ad6220a19d02bd2d9968de584858a480c303f3c4c11a22cf01f |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | 7dd6557ca911b7eea1d68ed678ec3d69 |
| SHA1 | c55335d13f01880f327a208f27c192b2a7897317 |
| SHA256 | 948bccbab715d8a05d0384c71ad5b4c826c7c7dcbc5cf72e9919d4450c051931 |
| SHA512 | 0505942df21135c23fdcc73beebaad2be8bc7e25fef6096e189ba25307c6e9f0df00f607659d58e2fbbd5f51636f76f1b279ed5404e0fc27ac820ccef9703c03 |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | 5981517d59f00ffaed82e30d1f28eda6 |
| SHA1 | e0b3a0712c5f37e042bd0b21306b0b6d8f5a18d7 |
| SHA256 | 4851005fa044749c43dcb45b92ffd38e84b6f61c21f2b3e6e384a251ad658010 |
| SHA512 | 72bba8ae2a85ac0c43c4b26d7678428254d8e960d3804499545e9910eb05e6dddfa9147a6b658d6699decc0c936c0c804b0688d0ad03c3f4a83715bb9fa78ab6 |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | 9e13e847be92f3351017b6eefb207213 |
| SHA1 | 9ce1e59ece78d1f86dd9ab8b43758b7b104388eb |
| SHA256 | a62162bf980b1feb57948000980c3f352e87ad007d22e6c6d912d6eab32f45ed |
| SHA512 | 947255b7c44b364598e589227c9c4b7c829730f2e7d42c8ae6e6d4d21d836f4f61caeb09187382aa7277c50feb2f5b4ce11cd3fc118ba30705d8349ea29b6c00 |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | 8e69252cd31004db972de725f2d8b034 |
| SHA1 | d8c684904f9a0476bbb5fc2c55d23f8eae56affb |
| SHA256 | 95d31563017d6853f5dd4e225506753e8f065124fc2169aff402febdc2ea0bfd |
| SHA512 | 5d4f05350baa8baba9010f13c9ae78720986520dbfbcaed590ab586788f2981f9099fe5f20ff2694a5fc35621024cfd93027d8dcfb2ab858fc7bce5c6b03333a |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | ffc9f542a69d0cccdf5fd65cf73e9258 |
| SHA1 | a2ffdae1fde8c2c4667e9f47b166fa714f6ccc26 |
| SHA256 | 8b58e59de128b1d819e3ec54f71bb78584cefc2dbde2f95bdf306da2a21ef2f2 |
| SHA512 | 6e529d147706abaec8c6a4464c68e962b41ee511c136e96b184a2924db7f5c5a8023b437f46c53c8da2055c8269276a4aafc24f32e87ddfbe8260c37b93820a1 |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | d8b32baf72e5c8daac1a2ca7d94c2d3d |
| SHA1 | e960299d2c453cdf00588736508386574f4a24f0 |
| SHA256 | 8597e151e9252042b9c3868493e0b7aad7ed5288fa3eecd847cdeb2c5517778f |
| SHA512 | 9bad67d47943614b701141d50588f7f7eba52539c5a33985de9eec344ed729e6f0b093cc5f9d39e9d09c02a6292dd14b99be73cdfd6556aeb61c79d87f92c553 |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | f159c496460e816be5471b59f627a855 |
| SHA1 | 251fd587086f8c169954f8271eae4a0ccd3bd883 |
| SHA256 | 4d73e777cb4fa8674254fdaff54ba33f8b4c6298264315e1f1d51a18f3b0015e |
| SHA512 | 1347e68bc61d2cdc6ead48434928ac0f30be2c902ccac6fcb52f6603c25d305188f96efe024f5741eb817167b97eb10d7fd3b5940c90d8d245d173f1644b4ec3 |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | 0db5654fe4887b726c60595dffed9262 |
| SHA1 | 136933adc8219b98a335d77c4c1eb521e52e1d73 |
| SHA256 | 1f1187ef338252aaa4ed39595795462fccda8bdf1da7532b0981b3b4743a65e8 |
| SHA512 | 45a0ff0819a9f48ca23f165bfe0a4387f49bc3210fe1a057652bc32eb1d4b50c86a9b288038f6bbcd206c0133fcee7b138dc004f8287e04ff56a3647b797a98f |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | bcf1461015a74f0bd8b4cbc6169f5cbd |
| SHA1 | 68189c6c483ce0332baeb12af64137e81555f9ee |
| SHA256 | b8119b4ad5722edcd2f367449f5e60b314ca9fe210e8c6afe43c1db156044c27 |
| SHA512 | 9aa1f447eb6fdab709b82ca99a1cd2666c1c3a6d990894418a8415a204626b78749c6f340c06a12e73e94b66e2451b1521087b7ef86f9128c6cd1536a8f805cc |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | 2cc658dcb64aaa43922158a88dadcdd3 |
| SHA1 | 727b223dafba653dc869fb8d05eb3f5889fdf954 |
| SHA256 | d1c5cf5df86ade85609ac53caf93d45c65be1e32d2919bb19c0618abb88fe539 |
| SHA512 | a10087acd022053ce8e069a5c940648483eb19649b2271ef6f2907c58c4846fda59394504860d3518cba0e6605a6e74183632270f8ea54839633c03a9a7178ca |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | abc5470349dcd7e8cc14cba8a864be96 |
| SHA1 | e47ce7a901fb5f2d7e3484d5c4075620d4958a36 |
| SHA256 | 228e320b4d063b794f05c91a52d290f28ed3ea658fdf6798b16234c8a2c76e88 |
| SHA512 | 5fa4ef35d4c7aa8b6b85ee6187a8ec088dc00d481e873e0141935297fe096333c5337dbece480104e68d68530cea321ac85ed5409d30908cd92859757fe255c1 |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | 8d78743f5136832bf4fa50a4cfc549ad |
| SHA1 | 2153da241201cffcb44d7924301f14cda6d9cfb1 |
| SHA256 | 2b3b0dc39370c9f336717f74b924f34ad820d3ed810712106226954ca9b3a202 |
| SHA512 | 61e04c8e20789b6c43071b52c424ce5aeb55d954363c8f9af2433d971b91d0eab42c8485c53d91662cc0c28e937b62981264c4e2c5e6324f80e131bc76b74375 |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | 724a0d0e86035164267984557c13b0df |
| SHA1 | 432075a940b9c747cd08bc4c5b5aedd14ced58bd |
| SHA256 | 33589104a4c21e7cee7445eabe6844f5c520c798bcb08cb96ed5f2b4d9b725d8 |
| SHA512 | c6baee3b60d3fc0d54383e85da1516c31b839c71cd12d00be52601abb986d06bc1eb4b10e03cc88b9e12f7e896136a113e6fb3135eaff6176f57779f5d1a23da |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | 9ab5dbbd217b8ca9b7ba59e3d6cdb0eb |
| SHA1 | 11cac25b6290d528647c1bf662a5618e3139d681 |
| SHA256 | db83b97e64e1ff7157fd90345187b8be261e9e3df56eaf996f8cd49bababfbc2 |
| SHA512 | eef3cedde83c8754c4fc103b763b7f01ec4277f5c762bd843cf445073abaaf6c39bac2d5993c370f148f287e1a753bb0cbf94b36c2212151e47b02e134b61557 |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | 047d7bf807285497e5c6565f2f6f9194 |
| SHA1 | b31919bac13aa0899f8cde83268ea2537e69f32c |
| SHA256 | 6a0c11d54c9e816da37a5ddea4d068be39e1971f586f3eac865e9fe25e0f2bfc |
| SHA512 | b07b063b1cf8f605107dfca3202083f811faf41919dc10850d8c7e44bef271bd5515b7ba7532d51d0c248691e4f153d3ff2994dd214432af3eb8d3d8e07fdb8d |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | da192aa3223a9730ed8ba3491cd48116 |
| SHA1 | 1cf501f3a804ceb32c81fc3a8b5e01c6eb243457 |
| SHA256 | 41bc243a81d2a4507848d6e9580299f77051faedffc813c147798bb3ce8e7d66 |
| SHA512 | b9076f49334ca2604c8ebfacff4c39066296877a88967c3a26ee3bbf7cb2cd137382b309db2710947cf73ddb5616dcf5e1665baa3c0591c5ea81fe19e5b3c2d1 |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | fff17bd4f097cd28bf7ff414dd5d616b |
| SHA1 | 7f75fee0f15360cc3d3fa6d2685cf15773701672 |
| SHA256 | 4556177e89aff1028f001cbc624a43156f69647276907c0b30365b71a93acd3f |
| SHA512 | 7da0a984e99dd90f418b0300567404f3a0875c6e5b3bf30dd6e4abf3fba578e625b6a5fa0e3f07d6fe8691359143c63bcb8f22ac2d2ec220b0c5f601025a7fe5 |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | 84a6215eca0ca047fa5417999918d5b6 |
| SHA1 | 88a907ffc477a3e54ed676eb56f26c3d269f9200 |
| SHA256 | 76ad26161ae670246f3a263d87bc8181a5e0ee57a71779fa28254b485dae4940 |
| SHA512 | d61d1f1e04a3978190e20c27b45c11e1c55b843d30c3c33622e9e35bef714099525ff538e139df59b008c3733dc5269b01664007191fb9f9fb4285ffa51af9eb |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | 0988d2fd296f7526da4ffff6524a950d |
| SHA1 | 4cfc23500165c311e8a455c5ba775678988191d4 |
| SHA256 | 111ea0b49643a7253838e1b07d19d762f36bb7ef843f1952e132c4d0cf8beba5 |
| SHA512 | 76c247c2750c02215b66c7bb1249f1a1e0d68429821b29490d85c91fc3d53e089df66d3c0a780f4edfe472525cc0b02644062f8980bf9718fe1c0a2b7093b32b |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | 365bc47099ce3ca474b33f7d8a679ad4 |
| SHA1 | af4553850b8122e027b8dfe47fe1610649f73e43 |
| SHA256 | 0fa60d6937763e2a08b3a8df7d6513ddabb9c16a9e4fe75a30e0ea5fab545f10 |
| SHA512 | 9463fa99fa4749d1aea81c38af7dd8df46299bc15e7bdfec6e861448ebb0d8bef5d2fae2a4abb7b569daf07883916abba4efe2bba52f602cd0e157dd2218304a |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | 19dede4a1561ad637f06b8dc62a30ede |
| SHA1 | 26990ff494534c3318ec2b223f3f5b409f25003e |
| SHA256 | 74e2a632db175f1ea472f066d2805b34bab9b24d1d7e37fedba5429cb38c81b7 |
| SHA512 | 3b2f24bba4b3e64efee4fc7595aaaaa4a5582da94bfdf97763f100ef3f84c17ece2f2574e48ae33477e0b895a34815f1ebc3c35132bec62c8edf6d4cc2eb3d3c |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | 434683e9aea46759a5ece31f22c7077d |
| SHA1 | 7baf1a2948ffb93b417a1b18898fa64787ef1107 |
| SHA256 | aedfeaa824ac42eebc5ea5e2c5abe68d9b41eddcf3758086f3abdf81d348e8c6 |
| SHA512 | 272ad01c599e6913c70a225c48a2fd1320340d6525d53ead97086314b859a038189755e170bfb446d6a742dcd21c6f13f09e7650d14c586b61d6e78a1d7fbac3 |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | c5702593d62f6e9490ce745809653d81 |
| SHA1 | 726cde8f693ec30db9d1279887fbdec914eaf127 |
| SHA256 | 75411f323e62c357ef3c14ce3b91b9fbdf22d1a9c5f388374079765aa5323a66 |
| SHA512 | 7d8fce4016d764101a1547898b41ab559f198c6403c86afc0203cf585bcde8478988dac3c3f26565a0b6484f96780e7579b60750af8fe1d90d44b010e3610cb1 |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | 2f538ecea140d0fdb529172bfb781887 |
| SHA1 | 71f40f8f0fa315c681d82273c1046e068979e962 |
| SHA256 | 43703dfc05d8d0e4fea6a27fc73ee99114a7261d4572fddaabc0c400563d46cd |
| SHA512 | 0b4ffe4282952b8f85cc5c9abffc0147651f11213c085d5b8dc123b56837168fc04a55a5ceb7be2cb62d4af5d4033db6fab8cbffc30cd6764ba1eccd9556b7b7 |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | 1cd2e090d7ac62f2fc02266a2902353b |
| SHA1 | bf13b1dbb7170a020510c9b57ec3b1947e16495b |
| SHA256 | ba8c7e8a0c834eb468252baf5c8a5e23480fb8c592d15aeb2bd1255d88f728e7 |
| SHA512 | be74a8b63cd1e24af3aae8e537f034afda400b03ab7a59c81b3928bd8949ff6c7fbda2a78a9866f7a0d667f8df2f9a185239bb97a5f4e73a66060c5ecf2a7c32 |
memory/5856-419-0x0000000003040000-0x0000000003041000-memory.dmp
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | b9dbd5c2f15173ec83e6f15a5be461d3 |
| SHA1 | 183b8592ff1380fb694a014484fd9d9cab0ada45 |
| SHA256 | a30f1ef359c521ace9555ccd6da2d8a4b4c9c871b3aa91bc2dec976256761e06 |
| SHA512 | 80a5b658ba56365a420283cd370f5f73300532543180025557cd8409a7bb66dc4da4a4b2be8ad4d6f9d4be41f35916cc1d08c9009f9b673199b76d3c8e1662f3 |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | 7896fc5c8697da26893043a8b8901058 |
| SHA1 | 9d67bff6e119fe33b6dbc2f0c8212c3025047874 |
| SHA256 | fc6ace5a5896755b05849ccd43b21b830bc23aa692d1e73d80272b38882ab772 |
| SHA512 | fc6b79cf62231c08f32eed4e11bd6851e12f6146b2722dfc365f8d5bd17c486fedde8522613a9f3d9aa685e0b3d21092f24dd03af8a5c007672401ea99fbfe01 |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | 58b933f0d8a389236909fc19f7eabc1b |
| SHA1 | f6bbb1107479196f6148233405d04d210e0fe868 |
| SHA256 | 60c200e01740f6b5769777c31b3cbdd0894498dab556e4e8134a6701ed02229b |
| SHA512 | 879738bad6381ec80d274419e3b0e8c013a06c53163be94ee4275546b6f480424e35d088a09c3a6611f36485055a5acd6f1f069b4712f335d61f6872915e3378 |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | e250580cde1ed4e5bcdbcbf8ae7eed38 |
| SHA1 | e75943ae16e9907062ff54f71292704608e3833f |
| SHA256 | b76c0c09872ee2424ef93b695d1ec1fbf04ed6c5e2b168942795d8835273763b |
| SHA512 | d7cb633fcdd1fa9580364464441aba063d7c555c8e90c65c7be5cc063c9dbb73ad7609a00d097dc601a277f048bffd8c4fb801dac8318fbf8d88a44e0c598c88 |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | e138f14a769267db63644d5d87310053 |
| SHA1 | 826e2fe89d8fb4e6ff301b67e4183685c53e4e79 |
| SHA256 | 7418a6527a976d3c3708e0ba4064579aa7599871963ce94c2161359dff94f097 |
| SHA512 | b1f92984ecf880762410cbecf376916e919d6a502bd7d852efa044ebbec8a96934ee79b338c69ef9d1733f5236177d3cc094af06a18da04160dcac0fc328b1f1 |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | 5411104e472f211f3ecd6d68dc811b93 |
| SHA1 | 14c9745a7417aa53efa72cdaa2a1aaa7d4ac5630 |
| SHA256 | 25e7196f6291118609132704735e57af46e5a3393d1ca11512fbdaef0a63afdf |
| SHA512 | 0416f76aaf38e5499eb4f72d808bb15fc8ae88da6aeace7db9d81d43486d01b7c8519702eb45e5705da7bbf9877c099d8474b9c50e79645c83c0670cbae0feee |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | 204782784ca651a35062fc1f069e6444 |
| SHA1 | 2512ac74e5e133368b5bb1771805efe34aca54f6 |
| SHA256 | 9e2a825ac7b4c0447f11782bf13080bc38021854637a512a8a6cde117340572f |
| SHA512 | 63fbd73a458357a341379833db72d2a86bbf749026a8a7cc84f6d2bb586f55765d090cd5d0881cee1f5f137c54fed1fe285f093592a1c03300cfe77c61d2cd04 |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | d2c693bda4c4fc8d9b7df618ae64c542 |
| SHA1 | 1066c378ce95b0c0473b45337e5c52a8f937f395 |
| SHA256 | c70b898b42fad2e56d191eb024862a1e9657cd75f09c976cbe445af1f08b31eb |
| SHA512 | de0a62d43a418b9a7824699d0ff29ed7a87e39d665857c210e9e44d07e8c53ebd2b5052c43d0c5467f46b070cd52dab504f455ec3e4b2941d73f57d2a0462f38 |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | fff67ec4347e79809037f67d39946c52 |
| SHA1 | 2bbe60f2d46f37e284b1757bf19c8e6310b71e4e |
| SHA256 | 89099851e14897121531a65f3e2b42444924bf8d7dd02c080e8725b4ee30c0e1 |
| SHA512 | 85bad4834992bdc0dbe50b54037b0f9220e8d7056687dbcd9dbd01e161927bf7f2f64a10add741c7e542b5bbb1e96ad20402dedc85d843ef2d518d8e255869da |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | 078d92c9defccedced239d5bf5244cc5 |
| SHA1 | 3ab74ab535d99ba5f7b71c35e80b98e6f4161fce |
| SHA256 | 3ff3f717768039af9d36f333750636b2caf408597d01a12fa6e38921f1c76a51 |
| SHA512 | dbac60841ffadabc9b73a43b7259e8ef96790397f8666e1c9783d1753c6a5a1a150259d30aa31c5949a88d9abd975b2d4169a4e234d230cf19cab2310c191f64 |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | d9d031bf9238f3bcf61824f8f266cddb |
| SHA1 | 7b95d7eda438f745e20d7ab13ccabe804295962d |
| SHA256 | beda1ede3eac51bee2fd4e3a9c0a3a15c5daaad24743e946434750ef3e7561d2 |
| SHA512 | 6d2287f96c711208844f5db79308f0c4bd43b3353baa6f6bc410f14ee953455f9d577a12af3770f4935e2a41207db74192869357084cceffd94fbf2833a5648c |
C:\Windows\Debug\WIA\wiatrace.log
| MD5 | cc007b791295679a0695d5440b1cc8eb |
| SHA1 | d9e1243f12dd69213ca769a536425a9c02d6090a |
| SHA256 | 758ceb38860628a6c9ff9d9fda7555ac65dcd596e334614f05920986ae3a45c8 |
| SHA512 | 79cff7c1c667c2140c3621eb82d93bcf12e52bad94ba22bc0e79770596d27504c55ce16db94240fb6dffc4af9fae6c2de5b7b3f47c4bc465902a726e621dfdf1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | ed8ffd060507259835f776ded216f54c |
| SHA1 | e9179310bba1a998b7c2dc31a62a925903d677e6 |
| SHA256 | 9211e535f90f588a54e4d9e1933a0040d93b7b84b8c3631c700f390548abba5b |
| SHA512 | a40aea2f09adf1ffbb0b629c4582fbb84f2e1c7f80fb34d00c8f8659a28c6956086cf8041e85e2219a3c8bef4a2028db119ee431717bb4f1c7dc75ae108a5924 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4de99e2e5da8fe5627b8bf11583ef1af |
| SHA1 | d9fc86065353f7801473689c1985d9b19f52b398 |
| SHA256 | 263d5f4c68e04b27ba787dbe49238a7ecfa936512a1878b2232f14ff68d8ac02 |
| SHA512 | c4888b7a3201aadac9a638c07d3ff390e65c51d1c6a5d427b0a68de26c6e6dc4be2d9172c0d352d590f29e16f6aa85da1c7a8b0579d52f426f52682248bf21b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024
| MD5 | 75f1d5724eddb6c481e2e87727c0a19d |
| SHA1 | 3cfe079018e25b2646f23e0744bc5af2114ee256 |
| SHA256 | 751f9ea75e28033193df30031bf3d33e0553e1644ccbaecb26fe7d3bda21b78c |
| SHA512 | a52fade9a438e7896f12afb5b8cccf05ab2cdd71dcc8683ba80001e74800d0c6a6d446d162e75eff573ccfc7106c1beb6f91bdd41753b81a6f5b7510c7c36b4a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5b51c72c8d620bd8e97e033ca5f77eb4 |
| SHA1 | c3b080237c17474a4ec89da8c5c05f55e8469090 |
| SHA256 | 23831756bb8a33063a3d23dea52716c579995a193fc49e5e2a7337cd62cafdd1 |
| SHA512 | 892dc4cbd19b140ccf043c3f9f62ba25158fb6c8ec9e9fc1d1a36ed34a92da4b94374409df5f64015b108d5d5f80de7573ac7a5a9b7d4c75a3a885569569a23b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 38f33c410d3ea55c91be3ef5bf8d43f8 |
| SHA1 | 573f02811e40596bbcc090cd17b1d2816503778f |
| SHA256 | 3098a29234800c729f412e14ee9e4a5d34fb05ce64784b6ac9df7cb58ad57886 |
| SHA512 | 7ee39f1b01d70e5b1b4112421f282253a5e1860edde84134ba42e6dd9483326dc38d7646fdaaaba30145158e90b8da684c05f04376281e59ee03192a541b0bef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2b442b21a1963439f3243bc4ce85fd5d |
| SHA1 | 1dfc16b62a8f443420e1e0385bc98781bd25b5c0 |
| SHA256 | 9d4922b2a1afe009bc9fe600a52e244ada74633ad29542c111d76362953319e9 |
| SHA512 | 3a7f3351939e9b35de337b6bf15502f1181b859ad5e4643ccc7c0711ffa9133f8a3829a80c55912c2a66207dcb396d1452db49051c8e0b6bc25be55db39e5c06 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 42eb72aae045b6e17763085077b7e3d2 |
| SHA1 | faf86819a6e60c69e4bb824e70a30a3a500a5d39 |
| SHA256 | 61bc6939f5f42be5c409c0cd1aa1ceb63a32970bc055c1f30ad82007455937ee |
| SHA512 | 73d094cf05a2fc843afdcbe4b9ba51b19e2b1e33a401e5c8643726fe582d76d04fc05778511a0902c00ab6daf7b9130f25ec1bd2f673c269a31cf22cf67c9b52 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f1fed202e40df316a4a56b3df8358954 |
| SHA1 | 809f42ea853fad4e22df2828cfae219bddd8ce3c |
| SHA256 | e8722731ba5df0b3cc6e36e0282eeb20810973b330e02b4a5b8ebeb986f4aba3 |
| SHA512 | a6bfe0196250b6a4e434c118d11f66a28e3e7518cbfce00eba9a9d03e9943dfe154a0c6f13a911c97d88f2e15fd6d68c7f9e3d426670e128af23d7abc273824b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a10a720a1bb4ca6a_0
| MD5 | 729eb0eab5b079a97786253ae6d2adcd |
| SHA1 | 3db2475a2f15d7b20a8e5fd0ab18e61afecda04e |
| SHA256 | cdc304fe2789f51ac5f9df3ce3f73b7a140a641673975e2286259bf351e80db0 |
| SHA512 | 04b8f4aca615863631b994660396e1885bdc3adaefe9e3db2a4fbfa44396377c0bc3c77dcf41566312aeee88a562d129eb5bc2fa8366153b59ef9b364cc6d880 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f36646a2689d6294_0
| MD5 | 078e3f2b38b1c144429867a167748812 |
| SHA1 | 80cbc87d2edad50e53fd87d32b9872e3b19b7062 |
| SHA256 | 8523565ef57b30ccba491a7d924c0e329d3bee8b0700f8c33350138155f3aee2 |
| SHA512 | 6f1d8436da9f6b5c9f49f382ee208d336225d6b2977b4d540333714b6f147dbb80c79d13905b0bdacecb37318fc661a1a94697766312998c28abf09f79c8b740 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\794a28efef760392_0
| MD5 | 87055676f2d7e112503e93ae7f5719a9 |
| SHA1 | d9ef33c4ab6f0a316219e565e9b82bc656c46486 |
| SHA256 | 6b64f0ae8ef823508ba1f87b9b0dd808d3785edd353f7502a1c3ff5c685b651a |
| SHA512 | 1481796a20695d9f9ed6f965d55d93c9d25ca63432d66e838197c3475b0241a3ce656419f38f2e465cb8a67cee1b996b942f953c5ca3d10e1c729d0a4c6d707c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a0703586a7ac1f49_0
| MD5 | b2f3abd6f546015e2dda01a44605cf92 |
| SHA1 | acb0d20341df124ee5ef3ea3612edd6fd4a1a78a |
| SHA256 | 7541691b8d9f684eb19c6aa70872d6cbea9dc50c0807dbd8ae70234bb8fb3129 |
| SHA512 | 629b6fec8641406787153034388cd5f35efdec81919a0123a716467a1e70f4a9fb2d18f193282b807a39d11d9a54dd7dea20c9cc38ac3561f30233ef3d52973b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5454766477332684_0
| MD5 | cecabbd90dc9dae750946507b73352ef |
| SHA1 | c13811202110e5cf6683ca3b81e95e769e58d4da |
| SHA256 | 7aeaf40396a7fda4a8fa1bae5cc77f18c264b95997ec17223e730f58e84e75e8 |
| SHA512 | 0b5279be90eaa32a0e23c88f2b8b2832c05f8e11568eb264c605bed2a89f1c33655f78844348927c283887cfb26ef3ea4fa8950cf856f0731cc06549a03a03ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2b217822e1e724b9_0
| MD5 | 42aa479a9079814a6c6edf12518a9784 |
| SHA1 | 8573d75b103817d891db553dd001ebdffcfc99d8 |
| SHA256 | 8158d57cd5dc6ff51ef3cdd76da033e8f301e07ce8226fd78bc3a530fe66e94b |
| SHA512 | da9812a92de44e0c8c3d436dda2e52712509bd02ed73492fbf246edd482752b0cace8b7bc42b53cb9ebccf02c134dac7088d08dd3bb69be9f73cc7b0fe5509f6 |
memory/7040-703-0x0000000003A40000-0x0000000003A41000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f36646a2689d6294_0
| MD5 | 891fc45843923df81bee6687e367371c |
| SHA1 | 6aee0ef5a66bdf48a2d962bb4e49b2d0b3692ccb |
| SHA256 | a8b0ee6d02d94a41906604b5226e4921c0ca4df2694244308c82b65d312fa52b |
| SHA512 | b0a3ac2364a107c72147ba0367c7a33e8274d61722d354889e0330f1721ac75e1d1e0578371640c20c7fb1ee01f08754ed299a18ce535faa73bddce30763554b |
memory/6612-741-0x0000017770540000-0x0000017770560000-memory.dmp
memory/6612-766-0x0000017770900000-0x0000017770920000-memory.dmp
memory/6612-753-0x0000017770820000-0x0000017770840000-memory.dmp
memory/6612-857-0x0000017770E90000-0x0000017770EB0000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 95e65792d99c22e8dc1237bfa31ae928 |
| SHA1 | a678455e338960a82f65a4341e817a28798ab687 |
| SHA256 | 40b9bea697768e78f805dc2682e91954bbf4dcbce284b455882b048bcdd9e551 |
| SHA512 | 618f9ad6192ff67ba819fa866b2e42a12c8d2a09a6e5e9a373adadf07d6bf7c70c0bf3bb06eca9e0743fa8d49700b2d54220e9d41c7f624a5416514e838ee879 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a
| MD5 | 4e56495c183f58ed37b4d12ef2d175a3 |
| SHA1 | 34572eeef7ff8a59efbc7d88a63a0f51766efeb0 |
| SHA256 | 896467962b903ba642fef6baf96b80bf0542cee29654ac357aa8d76953725eb0 |
| SHA512 | 80e86ed7386bb27a3823fff3242547c85a54ef6448c0d853522345d9d9689a6b407039311b0f69067a4d3e98fccb95e52f8a656b998af8c42fa7919e10998ee2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c
| MD5 | e3ef760339fa699c028ca73c8255271e |
| SHA1 | ab589500d38d817ef0a59574a2a6ecb9cffbf459 |
| SHA256 | 64069d6d4a08911a84fc564f07c34417412b95d40d84ea31061ac7226fa0435f |
| SHA512 | 678a03adc2fc471409fe2ca2109ba47314b03bd02157e548d9b61870a32984308ffc8774b807d823f61e9fd489ef743d0c075d5e5f8b6f794f353fb6dbc1f9aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b
| MD5 | aa6ad8e9f00cbbaf2d4eb888c106909b |
| SHA1 | 9e5426a62d346e7adef24c3553c87eccded3b377 |
| SHA256 | 305c1da319eb0e629a1c13252b72db8983915199f1702878cc7ef569ff1de71f |
| SHA512 | fffc4d40393f472e84cf98d1144516f80d3eba27c586e93f697d70f306a969017d972e7b87295ec6901f66b752fe7122964e8cc93de2841dcf3bf2bd82f8b682 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029
| MD5 | 5a16d31f5aafb6faa08ac1110f135e3f |
| SHA1 | 87df7fe0aa4a6f518dd237803bd72638bd2b90cf |
| SHA256 | 91eb454ba34c3c40bd85158046f285e797a21dc861e5b60cf05ad7b604a539d8 |
| SHA512 | f55a1908999184304a213fd93edcc40dd6092db8702ec33dc61bf7ebf77980b52545f2b6a526f9165cd6206839fca42f30e72644a19d27f651f3ee73fb6f2b13 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027
| MD5 | 36f3265ba7104be29d9bf7789235fc23 |
| SHA1 | 40170cd3aa19747a12608802a9d276a63c0f2229 |
| SHA256 | 6c3c6baa2b293320a1d28d930ef91b3a19ceb105fe6a02ade44f05d447e9bbae |
| SHA512 | 690011b1b026e3a646a7160a398edef62e250c33137892e654cf88cc972ff1b0f7c79ccce40dc205020a8b25afde7eddade9001564a87b6d5a68122d3a7be13e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2b217822e1e724b9_0
| MD5 | ceb015b63c11930186e17e0b5f7ed89c |
| SHA1 | 33f708ebb9838e4c54205c4f637ed47cfd0070f6 |
| SHA256 | 4df9d2a50745e5b8f78b10d76f29a6d5d01182befe524e38cf5a11fa1151b9e3 |
| SHA512 | 34d9a96073309f8f3f84cdae93068912ec1e022a1faa96a0f2e63bb4c2a0937b8f78b924976960259533051fa4af09d6295807e6f15d94cf5f594dc285aff28f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\d1751ed4-f995-4a11-a046-c3bb3314bb3a.tmp
| MD5 | 8d9807cb258dd88d58e1fddd0e60a903 |
| SHA1 | e7ba397ca3fda28b88e8bc3a6ef5d9e8942269cb |
| SHA256 | f73072f8efdaf74b50c4771a073e76a5319459a9b541a01ed6727eee247618e5 |
| SHA512 | 4e1cbfafd066a650fd927726bf3968224cd80a7717b39a22299e92e8e8f71c6e38321361eaf0b15b48f480b12b6b7e0e6f9186f3ad8e7b0f80f74951e71aaf3b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 681df6a490ec8a294d60e10760124e5b |
| SHA1 | 3ed0d9fbc3f0c71143cf9a3f6ff285a6aade4df8 |
| SHA256 | 5300a52ac373afcc0ccb145131a1ace75858995634b3270c7f0deca99f00a16d |
| SHA512 | cb57a33834e1775900ebabefe5839f46106c1c90373f044cd891232c214becdd5a85f5c8206f2ecd57a0d9361407bfd44119956fb977c752c71ca59912d324b9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a10a720a1bb4ca6a_0
| MD5 | fae0dc5925e88faa20c3689c8db581e1 |
| SHA1 | 5fec944647256b833f1ed517b5be717a8e3d3977 |
| SHA256 | fe631608d41bdcedab3b894ad76710b125933cfd607e1cabf94d2bbbb0fcdd0e |
| SHA512 | a79fc2355ba5ba59a763edb353d761fb4131d39ce2b6c0ff6efc7d565b505f36be6d6351508b8167815b93493ff986f2ca52479185bfb06b3c16bd58bfadec62 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | db3dfb3894f6bf6dc1bc54a377cf1fdf |
| SHA1 | 5c820104c0260fd73a7228293722f3e0ceae0cd1 |
| SHA256 | b217d08bb10ed810a9c71eaf674189ea08db8df55845670a51145ddb18935ea6 |
| SHA512 | ac02386d100674bf23c88a018f102e98f1a9a0cbfe483bdba7f2050c2c56f381aa209bc460c43c707630e4196350c14b560fbf9c50615968e70f67cb43a26e24 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f36646a2689d6294_0
| MD5 | 02a08fd49c866bb13afb0f19a95f57f7 |
| SHA1 | ad6f8d87592797290e5ea613bd1d7db1ef41cc0d |
| SHA256 | efd413d0d0d90a28253767f9f95965115c48e29d9b90d0edbd971d13eabc38d7 |
| SHA512 | f453f92747a3a904f0d0a4197b4449fa0641e7ca1f994c1e5456d6f26e86ed91ce788279383f4c36683994740212a5cf25fc09929b4550f91afb3694f32cf884 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5454766477332684_0
| MD5 | e9e543382d457c1609796d773351b2ac |
| SHA1 | 602f0cc5b83031be24dc653bba298a4ca3aa78a5 |
| SHA256 | 9c8ee9ccb88f5abf8148c57f90eff8353021286de3688827c80effd237258d5c |
| SHA512 | 2d7b87cf71078e7e3603559e1369512dd5100e00cd4347bd964486b210721437010ac6374c0d7df472ee06972d1893c8c052bef11e7a3f2ad8d38049f5e68ea6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a0703586a7ac1f49_0
| MD5 | fb1c1fa8ba083632ffb1f6ab7cfd702b |
| SHA1 | e20c0d8cff62d95dd5f171731cc6b114adde0674 |
| SHA256 | dcaff21f9408ffbd54b7d8fc6c0b12e85f3af5c318e6c018ccd8f60eb1a2b3eb |
| SHA512 | 103ebb9d5253ba698db2236227402012d0fa5f94b575afe081adc4aebac136c22ce87a0c8addea29976c7c2cbc8e544301a90b62a8fc6222189c5dca7e9c5f7f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\794a28efef760392_0
| MD5 | 1d3b9cf71b3cb11c92bb8fcf8efe4da8 |
| SHA1 | e7e702437ff677ef2fe97e5397c17958e789663f |
| SHA256 | da6e91b592feffd191607b04ed44892e987d7c2826f3e4fdf06c306a5dfcdd14 |
| SHA512 | 7f6b6d204f9dbc82dc8cc791ff2a1eebdac1951cdf2770e8a94e7cb94653666a5c3990c5658f4da3a5b2ad2df3a2c522ac155d19cd4345640e03e71b9c0de00d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000044
| MD5 | 9faad3b59cdfda5a84110cd375b97bb5 |
| SHA1 | 343e69ca6d945ae1ef2b7d5d7e3ebfb57bba3578 |
| SHA256 | 967d3aa5799b4b47041ffbd3e22d8dfe8191dd88c8ad2b396720adc651e76f99 |
| SHA512 | c7520213df3a06ca6eefc4d5ca5e02650aeb9a3e74207cf2253daf28d1eb2fb2d5bc3d3a35da63bf172cd1aff8d972f6d2f931d3a467182af829b9e871ff52e0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\2bf2eaad-191e-4924-9ce6-ed3ef1e80e45.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | c1c7d9b56d1f4089f5c51c47ffaccc22 |
| SHA1 | ebd4f269e35ec329548fa76ff3efe2e9e8b10492 |
| SHA256 | a6b5e6634a0d0eedacc1e2d3a3b341a043dcb6f4718ad5991a99cf8d544a18bd |
| SHA512 | 336e16ff1472d77f05d162a29c019ee82b53956d2367a122ee038148f48d492964a16c99f29793444fa1e12c5d6b54ade5fc70918aab1ecc016087e9c9b793cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9eec18f8291c8fd25be5a16d31cbeffe |
| SHA1 | 03ff2b974a93226fee37223cffd2a135f14ce301 |
| SHA256 | fb21ef29defc12e3b3ebd80a9984cc9d03ccf4e6d160d2a8d08a1b46f38f59c9 |
| SHA512 | e0068e7729542f3a7e911e8bfc02dc23c2f14751e9d48a69f1dac924285bdfed35832a30dec95613286f7fc0c35f376f089c89cd8c80d0b36d97472e9b838331 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5b7fc708fce585b4277fa7e11c95acc5 |
| SHA1 | 892acbac4e7226183e7c3b5645f04064d31e8b82 |
| SHA256 | 771077898eebf3115c954a0d88daf869d2fbb61bf106a1ae86120de5fe3f577b |
| SHA512 | f598e612f4cbda9afbc167dd807a899bd8a52cc5eddf704b604ff3b818c438255cfccf9303c236b4ac703a83699c4f0e76e814493fa87b7b340e08f99555b2a9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3a8dffb4816887af982debcd6870451f |
| SHA1 | e98998778a9891bac7ac57de2d93ad0410b79bd1 |
| SHA256 | 59dbcf195f4f22121780645c95540e1c3ea2e185f05e858a06c0bd2ccec49c20 |
| SHA512 | 1c55e689b8da24bdcfd8dc8944e861faecbd49f05cf54f5fb173904c475f5c4a2c46205cfc8fe7032e48628bb8f8d1cdda7690efb2c4e51a5f9450252f29c246 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 533624f4a33d00b5e1f4973b9d9c74c3 |
| SHA1 | 924cf0e2c9e541710a23364249f09614890637cf |
| SHA256 | 703d3048239cfb43e209e8c8b4e579bee205d944778f3bc8c6693aee467e8e8f |
| SHA512 | d8eec3df5e48a13045319108b74da89440b341f430b582667311f710dc457c35b1e22395cff45fe7582ba3efde80195196a4324569197d52968107d59a189a09 |
memory/9588-1460-0x0000000002CA0000-0x0000000002CA1000-memory.dmp
memory/12904-1466-0x0000020A05D20000-0x0000020A05D40000-memory.dmp
memory/12904-1461-0x0000020A04D00000-0x0000020A04E00000-memory.dmp
memory/12904-1490-0x0000020A060F0000-0x0000020A06110000-memory.dmp
memory/12904-1480-0x0000020A06030000-0x0000020A06050000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\a37a9096-0ca4-492e-a412-07a969eeccc4.tmp
| MD5 | 0730bbf77b7ba366e4028150569e9739 |
| SHA1 | a5e833c2f5ce27f4b6790f63eba050069c0a3d66 |
| SHA256 | 33ebdf649810cf163fbba03832713c4508cfec688558ba64480ce1cf2d12b38f |
| SHA512 | 7b001568330b7782b7cb8b8f2b7b598a321b9009c8840984a253937a7b8bd61a484ba3b8515a4a9f715eb0b2407e8b2a072fe77569a5543e3e8027775b8cf2e7 |
memory/12904-1589-0x0000020A167E0000-0x0000020A16800000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 059311cc9ff2fdf0951a6c93a4bca76f |
| SHA1 | 9276701483966063a8712ef2d43264ca1121897b |
| SHA256 | d35a86b6b3d98f8d57b16615cab0c5f805411d5885f18931e0763ce11eb03000 |
| SHA512 | ca80745bfa42a95e11420126dec8238a21ab34974bb9e2b0bde96da3df6da86cbcf0b4955c820ad0abb348fbdb67ce59b11d8c232368c41cc16a7e6e2d9e2caf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9843211dc0adf611_0
| MD5 | f850f456b0cb2c50f19754491fb0033a |
| SHA1 | 380a0b4a56fb088c4b245d9f707c60a51b65f17b |
| SHA256 | 896a2b6353cf76d1b2e5bca9b5e51dececac0e3992e83ff8cf9d2ea735a50660 |
| SHA512 | c5839202ffa7f65fa432ce38ae9273c8c4495a1fd0b1760efa079144321de0692f249a26c0a87e97fb635da588b33fa12835b61b21f3f89e24a327370f9b5dca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | fcd9cba22f410513ff8f16b29f315c44 |
| SHA1 | 8a7a79e89b2f91d05345db42af683b5d4fb62b4a |
| SHA256 | 04a59b8ca67b1434046af70e29cf5e5f9067ce18bf592f768173d384e6094307 |
| SHA512 | 6c46567bf61933517942105af5b6fc005c22f0cf355340f8001f740a115c0dd35713d47cf31e4fa38295ed7a3d503821fcb23813376923a8d4bf37efd5ce9d7d |
memory/5832-1722-0x00007FFCF50B0000-0x00007FFCF514E000-memory.dmp
memory/2552-1725-0x00007FFCE7290000-0x00007FFCE767C000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 55b4a4b28a5b6254c704a904bc535095 |
| SHA1 | 59815c1ec165473513f9f332a49df6e5b58e2bf6 |
| SHA256 | a67d0efb9e3842f06c5acf23b976dddbe170f923552d22e64ea12a625c27842a |
| SHA512 | 3a0fc0d546261063fe4e6b6ac8721f23f960a7b9fb098646f203390a2c734c773732a08efa684102d379e4ab63e3c28913388a86c34199c2d04282ffc7d48a1e |
memory/13476-1760-0x00000000032E0000-0x00000000032E1000-memory.dmp
memory/5680-1773-0x000000001CEF0000-0x000000001CF00000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a33aad2a1710d4f7a7dd18266c51ca14 |
| SHA1 | 7994c33a01cbbe38bec71127fc9fd8d0242685d1 |
| SHA256 | 3dce4f06b9f0bad04fc99fcb6a4ceddf75ac1cb4cc41d4e42fac759284e390e5 |
| SHA512 | 9002658f9776df4b5361496e558f549e306813ba4c6a2d374cf221b40e12f7e365dba8b73f5872f6d4231dbb50a1c88aa0e30675d0be2cd62451e8485cdde5f4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | 838a7b32aefb618130392bc7d006aa2e |
| SHA1 | 5159e0f18c9e68f0e75e2239875aa994847b8290 |
| SHA256 | ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa |
| SHA512 | 9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | be8617a4038807331e451da3032c44ad |
| SHA1 | 01477357b7edc70b8d6e6b21167f45044c56606a |
| SHA256 | 4c19042b02a5fc82d231a97430b6bc78fed70d8fa21e7058cefb6c45b691d0c7 |
| SHA512 | b5dd5a28e1498d7891727334a8954cab6d78dbdea379c695d9f396d637ea4fb3dae18a85c0963bbdfb4503405d3358e7ebc5100ea9eef26b343a667c0cb9277b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3c3894ed261776070783baf99a7fbad1 |
| SHA1 | 204628774e2d4bf7cc07b773c34c19b3d20d86de |
| SHA256 | b2e6b504c24ec24510dcb9a570a6b5bb8c6cc969f1d74f7d30ab7abf0b80fb70 |
| SHA512 | e42614983590604d820f4892e16a3b7958e3d3d8ff7d0f63f9f107e61fed41c63ba76004dcc78ca63f9db49ff6f07a166580e260aecf0ea1a1218107652b28d7 |
memory/9500-1819-0x000000001C3D0000-0x000000001C3E2000-memory.dmp
memory/9500-1821-0x000000001BC70000-0x000000001BC84000-memory.dmp
memory/9500-1820-0x000000001CAF0000-0x000000001CB04000-memory.dmp
memory/9500-1824-0x000000001AE60000-0x000000001AE72000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0735c922b5b55a0428b16e3d3bbbc08c |
| SHA1 | 55c8d7065bd35ef33461ee52673e2581b9293c0b |
| SHA256 | bdb23ae7c8ab3c4aed2e2b424d51d4c74439b146171b27328355deb93b3078dd |
| SHA512 | 16c76f91be0919ba1d79e77c16b6214c0f853162caa12a17069157f69e43971a69b0d8e3e9c09b2f830fda8697c25545e062f3ed97a3c711bdbc4445286afa92 |
memory/18136-1911-0x000000001C580000-0x000000001C594000-memory.dmp
memory/18136-1913-0x000000001D110000-0x000000001D124000-memory.dmp
memory/18136-1912-0x0000000000FF0000-0x0000000001004000-memory.dmp
memory/11436-1916-0x0000000002DB0000-0x0000000002DB1000-memory.dmp
memory/18136-1919-0x000000001B680000-0x000000001B692000-memory.dmp
memory/2768-1925-0x00000204165E0000-0x0000020416600000-memory.dmp
memory/2768-1921-0x0000020415640000-0x0000020415740000-memory.dmp
memory/2768-1927-0x0000020416BB0000-0x0000020416BD0000-memory.dmp
memory/2768-1956-0x00000204165A0000-0x00000204165C0000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\N2176ZEZ\microsoft.windows[1].xml
| MD5 | bdd90a1d11585d1f2b7720be412bc048 |
| SHA1 | b6245dfce68b60c708dd7ecabaebeabcbb53920f |
| SHA256 | ddf2d606339b78bea2b3d3e823f4074cc7a4c8281242a81cc0c2c0332b08330e |
| SHA512 | e62ea18449d0d36f50bcb3590a2c60397a8dbb7654b375facab3ee3ef6d0efb9a1cd67ba8e4af23ac1b3ca5955a9125c7b8fa2fa6781ad214f37d0ed3ef8c950 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 589c49f8a8e18ec6998a7a30b4958ebc |
| SHA1 | cd4e0e2a5cb1fd5099ff88daf4f48bdba566332e |
| SHA256 | 26d067dbb5e448b16f93a1bb22a2541beb7134b1b3e39903346d10b96022b6b8 |
| SHA512 | e73566a037838d1f7db7e9b728eba07db08e079de471baca7c8f863c7af7beb36221e9ff77e0a898ce86d4ef4c36f83fb3af9c35e342061b7a5442ca3b9024d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7e5b78d30239b8aad0d10cf91c7de801 |
| SHA1 | 9a8bc2ef5795444db590d90bdb3928bb110fc612 |
| SHA256 | 6edfc204c9e27bc3b879358369be0cb43a7e4e9101f9757047b238af418c2db8 |
| SHA512 | 19154c6e62a0ae4aeca9c524b309fe50b703d03cb66cb149ffdd372e51f65e34b95067fa2e7220358863295b00feac163dc41e4d61f3f78757f056ceb2c51923 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133593708664047825.txt
| MD5 | 8cdd0e31fdc880d03dd47abc4b0efbf9 |
| SHA1 | 37648604549b090bc8683dffda89fe8338b18d9c |
| SHA256 | edf5f36d377aa149ebfbf55c896fe8716ea11f49a9ec61df2d327bc43c835bab |
| SHA512 | b7cb49eb50e7b5e0d36c7e971b39bde726d36383f5723ad5bb082c266435550030d5a8b53eda5c2ddfc720d73007aba4ffd36b32949161876104328d98a9a511 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b605890cf91f8b0aebda428105b5078a |
| SHA1 | a62429fe17eff9ab86529ea3114ed7ea851d9e6e |
| SHA256 | a3e3222f71116abf1c5ac9b4a5ba578e6b6e4277eff66c76421dfb1473402dba |
| SHA512 | 5e759e8327dc418c35ab5894e1fa122d57ad977370a03bc2a2427565d5f8bca28c95932be0c54c5a7a427e7538efe0d7b007d799f818077ec70d64cbc926b9bb |
memory/11460-2103-0x00000000042C0000-0x00000000042C1000-memory.dmp
memory/9140-2106-0x000001D47EB60000-0x000001D47EC60000-memory.dmp
memory/9140-2105-0x000001D47EB60000-0x000001D47EC60000-memory.dmp
memory/9140-2110-0x000001D47FAD0000-0x000001D47FAF0000-memory.dmp
memory/9140-2129-0x000001CC000A0000-0x000001CC000C0000-memory.dmp
memory/9140-2121-0x000001D47FA90000-0x000001D47FAB0000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 78ce69b7490c95de59354fd1ff3991c5 |
| SHA1 | 0e0226f95a26455970d7cef2676ece754c2f1451 |
| SHA256 | 6876ace86a94c10461dc109b1d20795f2b9c0346b79abb8aba283a6951b05b09 |
| SHA512 | d86f925506741a5fcee894eb0f73c149311eee7754a37bcc61f00bd4b1404a8aa2028b156ebfb55032fc3ffc3a224e431cb1c6a7ce40210412c0fe21a1180b1e |
memory/6208-2251-0x00000000049F0000-0x00000000049F1000-memory.dmp
memory/11396-2257-0x00000220DED60000-0x00000220DED80000-memory.dmp
memory/11396-2252-0x00000220DDC00000-0x00000220DDD00000-memory.dmp
memory/11396-2260-0x00000220DED20000-0x00000220DED40000-memory.dmp
memory/11396-2288-0x00000220DF150000-0x00000220DF170000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fa9b8c1ee469fe472ee9dc41c7956a5e |
| SHA1 | c791bf9888c024663fa2dddab3e2a5b83989a3ed |
| SHA256 | c1fd208247913792eb936d31b5c91cdf42ed12bec262ec3c6c7400df1402acb4 |
| SHA512 | b67ac73d20bcae6ad56533e01592fba3057fda5782dd341b533b0c7950e6eeb45524cf86219ce5a3926726c6bd289dc37e1a14cb9a780e102dcf2e2fe111c62d |
memory/4128-2449-0x0000000004300000-0x0000000004301000-memory.dmp
memory/16128-2450-0x0000025C76500000-0x0000025C76600000-memory.dmp
memory/16128-2472-0x0000025C779F0000-0x0000025C77A10000-memory.dmp
memory/16128-2462-0x0000025C773E0000-0x0000025C77400000-memory.dmp
memory/16128-2455-0x0000025C77620000-0x0000025C77640000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 68a3e3e5bd7e928d12246a736823ca97 |
| SHA1 | b575cfb1d0e428263c047faa7d04f45ee2e44a0b |
| SHA256 | 7edc57aafa07a44f25d53328244d01f05bbc1f274fc697f674047e668352bf4b |
| SHA512 | 13ae3719711dd7bd26fa7c93dd0e4e2313651408bf455cab2c2a1b24146ff3a35c1bf2b742aa135e89f48106d182284da3236b03098d044ac88b8f73f68874d8 |