Malware Analysis Report

2024-10-19 11:03

Sample ID 240523-z1jn3sgg27
Target http://roblox.com
Tags
adware discovery evasion persistence spyware stealer trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file http://roblox.com was found to be: Likely malicious.

Malicious Activity Summary

adware discovery evasion persistence spyware stealer trojan

Downloads MZ/PE file

Sets file execution options in registry

Modifies Installed Components in the registry

Registers COM server for autorun

Executes dropped EXE

Reads user/profile data of web browsers

Loads dropped DLL

Checks installed software on the system

Checks whether UAC is enabled

Adds Run key to start application

Installs/modifies Browser Helper Object

Checks system information in the registry

Drops file in Program Files directory

Drops file in Windows directory

Enumerates physical storage devices

Modifies data under HKEY_USERS

Suspicious use of SendNotifyMessage

Suspicious use of AdjustPrivilegeToken

System policy modification

Suspicious behavior: GetForegroundWindowSpam

Suspicious behavior: EnumeratesProcesses

Uses Task Scheduler COM API

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Modifies registry class

Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

NTFS ADS

Checks processor information in registry

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-23 21:10

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-23 21:10

Reported

2024-05-23 21:43

Platform

win11-20240508-en

Max time kernel

1792s

Max time network

1783s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://roblox.com

Signatures

Downloads MZ/PE file

Modifies Installed Components in the registry

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A

Sets file execution options in registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\MicrosoftEdgeUpdate.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\MicrosoftEdgeSetup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\MicrosoftEdge_X64_125.0.2535.51.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateBroker.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateBroker.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateBroker.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\elevation_service.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\elevation_service.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\cookie_exporter.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Reads user/profile data of web browsers

spyware stealer

Registers COM server for autorun

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\notification_click_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\BHO\\ie_to_edge_bho_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\notification_helper.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\notification_click_helper.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\EBWebView\\x64\\EmbeddedBrowserWebView.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\PdfPreview\\PdfPreviewHandler.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\notification_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\!BCILauncher = "\"C:\\Windows\\Temp\\MUBSTemp\\BCILauncher.EXE\" bgaupmi=E0B99C4D759A4DC0989865679587F962" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BA012DBB-A536-4245-84DE-22E9EF271C65}\BGAUpdate.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Installs/modifies Browser Helper Object

stealer adware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\msedgeupdateres_zh-TW.dll C:\Users\Admin\Downloads\MicrosoftEdgeSetup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\onnxruntime.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\msvcp140_codecvt_ids.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Locales\or.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\VisualElements\LogoCanary.png C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Locales\tt.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\wns_push_client.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\msedgeupdateres_ka.dll C:\Users\Admin\Downloads\MicrosoftEdgeSetup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Locales\zh-TW.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\4824_13360972740985233_4824.pma C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.97\prefs_enclave_x64.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.97\Locales\fi.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\msedgeupdateres_ca.dll C:\Users\Admin\Downloads\MicrosoftEdgeSetup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Locales\ca-Es-VALENCIA.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.97\Locales\bn-IN.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\identity_proxy\win11\identity_helper.Sparse.Canary.msix C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Locales\fil.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.97\Trust Protection Lists\Mu\Entities C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\msedgeupdateres_hu.dll C:\Users\Admin\Downloads\MicrosoftEdgeSetup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.97\vk_swiftshader_icd.json C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.97\Locales\mk.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\v8_context_snapshot.bin C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\VisualElements\Logo.png C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Locales\kok.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.97\webview2_integration.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.97\VisualElements\SmallLogoBeta.png C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.97\Trust Protection Lists\Mu\Fingerprinting C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.97\Locales\he.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\msedgeupdateres_pt-PT.dll C:\Users\Admin\Downloads\MicrosoftEdgeSetup.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\msedgeupdateres_lb.dll C:\Users\Admin\Downloads\MicrosoftEdgeSetup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Locales\ru.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Locales\fa.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.97\Locales\ko.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.97\oneds.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.97\Locales\ur.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.97\Trust Protection Lists\Mu\Fingerprinting C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.97\Locales\ug.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Locales\sl.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\244_13360972843361526_244.pma C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.97\vccorlib140.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\vk_swiftshader_icd.json C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Locales\ka.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Locales\nb.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Locales\km.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\oneauth.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.97\Trust Protection Lists\Mu\Content C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\msedgeupdateres_tr.dll C:\Users\Admin\Downloads\MicrosoftEdgeSetup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\identity_proxy\win10\identity_helper.Sparse.Dev.msix C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.97\Trust Protection Lists\Sigma\Other C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\identity_proxy\win11\identity_helper.Sparse.Stable.msix C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Trust Protection Lists\Sigma\Analytics C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.97\mip_core.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.97\VisualElements\SmallLogoCanary.png C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\msedgeupdateres_ug.dll C:\Users\Admin\Downloads\MicrosoftEdgeSetup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.97\Locales\gd.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.97\prefs_enclave_x64.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.97\edge_feedback\mf_trace.wprp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.97\Trust Protection Lists\Sigma\Social C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\msedgeupdateres_te.dll C:\Users\Admin\Downloads\MicrosoftEdgeSetup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\elevation_service.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Locales\bs.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\identity_proxy\win10\identity_helper.Sparse.Canary.msix C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\identity_proxy\win10\identity_helper.Sparse.Dev.msix C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\json\i18n-notification-shared\pt-PT\strings.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\json\i18n-notification-shared\zh-Hans\strings.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\json\wallet\README.md C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_942454664\manifest.fingerprint C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_1441369776\EdgeTippingBloomFilter.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\setuperr.log C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\json\i18n-shared-components\en-GB\strings.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\Tokenized-Card\tokenized-card.html C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_1905628864\hyph-cy.hyb C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_1905628864\hyph-et.hyb C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_1242462729\shopping_iframe_driver.js C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_1576174460\data.txt C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_566316664\classification.js C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\json\i18n-mobile-hub\de\strings.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\json\i18n-notification\zh-Hant\strings.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\json\i18n-shared-components\fr\strings.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_1905628864\hyph-bg.hyb C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_1905628864\hyph-hu.hyb C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_440911590\LICENSE C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\json\i18n-ec\en-GB\strings.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\json\wallet\wallet-tokenization-config.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_238443477\crs.pb C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_1905628864\hyph-da.hyb C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\json\i18n-mobile-hub\nl\strings.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_1905628864\hyph-tk.hyb C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_1257311109\typosquatting_list.pb C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\Notification\notification.html C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_942454664\edge_autofill_field_data.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_440911590\manifest.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\json\i18n-ec\fr-CA\strings.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\json\i18n-tokenized-card\pt-BR\strings.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\json\wallet\wallet-checkout\merchant-site-info.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\wallet_donation_driver.js C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\json\i18n-ec\de\strings.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\Wallet-Checkout\load-ec-deps.bundle.js C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\json\i18n-notification-shared\fi\strings.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\json\i18n-shared-components\zh-Hans\strings.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_1905628864\hyph-bn.hyb C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\json\i18n-ec\ar\strings.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\json\i18n-hub\ar\strings.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_1905628864\hyph-gu.hyb C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_440911590\Part-IT C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\json\i18n-notification-shared\ko\strings.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\json\i18n-notification\es\strings.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\json\i18n-notification\zh-Hans\strings.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_476643154\sets.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\driver-signature.txt C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\json\i18n-hub\zh-Hant\strings.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\json\i18n-notification-shared\ja\strings.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_1905628864\hyph-ta.hyb C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_1242462729\edge_driver.js C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\json\i18n-shared-components\sv\strings.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\Wallet-BuyNow\wallet-buynow.bundle.js C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\wallet-icon.svg C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\json\i18n-notification-shared\el\strings.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\json\wallet\wallet-notification-config.json C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_1755669562\load-hub-i18n.bundle.js C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\SysWOW64\wermgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\SysWOW64\wermgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\SysWOW64\wermgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Identifier C:\Windows\SysWOW64\wermgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Windows\SysWOW64\wermgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Platform Specific Field 1 C:\Windows\SysWOW64\wermgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Windows\SysWOW64\wermgr.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU C:\Windows\SysWOW64\wermgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\BIOS C:\Windows\SysWOW64\wermgr.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\RestartManager\Session0000 C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (data) \REGISTRY\USER\.DEFAULT\Software\Microsoft\RestartManager\Session0000\Owner = 101400003ac0d90f57adda01 C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (data) \REGISTRY\USER\.DEFAULT\Software\Microsoft\RestartManager\Session0000\SessionHash = e8610a9e014d902c990fb00445bea5bcb8d935dbb216c3ffecd9b2fc66a3ab17 C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\.html\OpenWithProgids C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\NumMethods\ = "12" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\NumMethods\ = "8" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.PolicyStatusSvc" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ = "IProcessLauncher" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods\ = "8" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3COMClassService\CLSID\ = "{CECDDD22-2E72-4832-9606-A9B0E5E344B2}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\NumMethods\ = "12" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\AppId = "{628ACE20-B77A-456F-A88D-547DB6CEEDD5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface\{C9C2B807-7731-4F34-81B7-44FF7779522B}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ = "ICoCreateAsync" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ProxyStubClsid32\ = "{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\ = "IGoogleUpdateCore" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachineFallback.1.0 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\BHO\\ie_to_edge_bho_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\AppID = "{CECDDD22-2E72-4832-9606-A9B0E5E344B2}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ProxyStubClsid32\ = "{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\NumMethods\ = "11" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1D3747B6-FED9-4795-BB56-E077C582FB69}\InprocHandler32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusSvc.1.0 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ = "IAppVersion" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ = "IJobObserver2" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachineFallback\CurVer\ = "MicrosoftEdgeUpdate.PolicyStatusMachineFallback.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{5F6A18BB-6231-424B-8242-19E5BB94F8ED}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\MicrosoftEdgeUpdateOnDemand.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A}\ = "Microsoft Edge Update Update3Web" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ = "IProcessLauncher" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\NumMethods\ = "41" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\NumMethods\ = "10" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ProxyStubClsid32\ = "{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods\ = "5" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ = "IJobObserver2" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\ = "Microsoft Edge Update Legacy On Demand" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/pdf C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ = "IAppBundleWeb" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\ = "IAppCommandWeb" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ProxyStubClsid32\ = "{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1672260578-815027929-964132517-1000\{E185B13A-0FCA-43B5-8D70-BDC8230E81EE} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ = "ICoCreateAsync" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\NumMethods\ = "10" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 940260.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\MicrosoftEdgeSetup.exe:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\MicrosoftEdgeUpdateSetup.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\MicrosoftEdgeSetup.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\MicrosoftEdgeUpdateSetup.exe\:Zone.Identifier:$DATA C:\Users\Admin\Downloads\MicrosoftEdgeSetup.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3016 wrote to memory of 1940 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 1940 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 3620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 1020 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 1020 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 4868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 4868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 4868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 4868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 4868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 4868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 4868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 4868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 4868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 4868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 4868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 4868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 4868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 4868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 4868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 4868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 4868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 4868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 4868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3016 wrote to memory of 4868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

System policy modification

evasion
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe N/A

Uses Task Scheduler COM API

persistence

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://roblox.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc2d763cb8,0x7ffc2d763cc8,0x7ffc2d763cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1900 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2392 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2820 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5024 /prefetch:1

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc

C:\Windows\System32\oobe\UserOOBEBroker.exe

C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5544 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3532 /prefetch:8

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5020 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3540 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5756 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5776 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5160 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4912 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4832 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5024 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3524 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5092 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4800 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6300 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6052 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4740 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3484 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6428 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6540 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3544 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaService --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=6752 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1964 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6848 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6548 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6332 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7020 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7532 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6868 /prefetch:8

C:\Users\Admin\Downloads\MicrosoftEdgeSetup.exe

"C:\Users\Admin\Downloads\MicrosoftEdgeSetup.exe"

C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\MicrosoftEdgeUpdate.exe" /installsource taggedmi /install "appguid={56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}&appname=Microsoft%20Edge&needsadmin=prefers&lang=en&brand=M100"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzciIHNoZWxsX3ZlcnNpb249IjEuMy4xODcuMzciIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RDRFRERBMTgtOURERS00NjNCLThFMjgtQkY4MDAwODRFRjU5fSIgdXNlcmlkPSJ7MzI1M0FBNUMtRTQ5NC00QUIxLThBNzktNzAxQTlEODBBNkE3fSIgaW5zdGFsbHNvdXJjZT0idGFnZ2VkbWkiIHJlcXVlc3RpZD0iezZCQjEwNzVGLUZDNTUtNDU2Mi1BNkE1LTcwRjYwNzM0NzMxOH0iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgbG9naWNhbF9jcHVzPSI4IiBwaHlzbWVtb3J5PSI4IiBkaXNrX3R5cGU9IjIiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjEwLjAuMjIwMDAuNDkzIiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTQzLjU3IiBuZXh0dmVyc2lvbj0iMS4zLjE4Ny4zNyIgbGFuZz0iZW4iIGJyYW5kPSJNMTAwIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNzQ5OTI2OTc5MyIgaW5zdGFsbF90aW1lX21zPSI4MDgiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}&appname=Microsoft%20Edge&needsadmin=prefers&lang=en&brand=M100" /installsource taggedmi /sessionid "{D4EDDA18-9DDE-463B-8E28-BF800084EF59}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzciIHNoZWxsX3ZlcnNpb249IjEuMy4xODcuMzciIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RDRFRERBMTgtOURERS00NjNCLThFMjgtQkY4MDAwODRFRjU5fSIgdXNlcmlkPSJ7MzI1M0FBNUMtRTQ5NC00QUIxLThBNzktNzAxQTlEODBBNkE3fSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7OTVFNDA5QzItMTM0OS00MURCLUE5NUUtOTcxMjEzRUQzQTQ4fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7RDZqeFBlVW1LZmg4eXR5NkYwN1l4TTFlWkRIL1RWNkZRVDJmZkRpWnl3dz0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTEwLjAuNTQ4MS4xMDQiIG5leHR2ZXJzaW9uPSIiIGxhbmc9ImVuIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjE1IiBpbnN0YWxsZGF0ZXRpbWU9IjE3MTUxODEyMTYiIG9vYmVfaW5zdGFsbF90aW1lPSIxMzM1OTY3OTA5MDg2NjkwMjkiIGZpcnN0X2ZyZV9zZWVuX3RpbWU9IjEzMzYwOTcyNjE5MDI5MTI2MCI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjIzMTA2NzYiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijc1MDI1NDcyNjYiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\MicrosoftEdge_X64_125.0.2535.51.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\MicrosoftEdge_X64_125.0.2535.51.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\MicrosoftEdge_X64_125.0.2535.51.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.51 --initial-client-data=0x244,0x248,0x24c,0x220,0x250,0x7ff7b4164b18,0x7ff7b4164b24,0x7ff7b4164b30

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3F012417-FA4C-4C3B-A249-AABADC8339CF}\EDGEMITMP_93EEA.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.51 --initial-client-data=0x244,0x248,0x24c,0x220,0x250,0x7ff7b4164b18,0x7ff7b4164b24,0x7ff7b4164b30

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzciIHNoZWxsX3ZlcnNpb249IjEuMy4xODcuMzciIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RDRFRERBMTgtOURERS00NjNCLThFMjgtQkY4MDAwODRFRjU5fSIgdXNlcmlkPSJ7MzI1M0FBNUMtRTQ5NC00QUIxLThBNzktNzAxQTlEODBBNkE3fSIgaW5zdGFsbHNvdXJjZT0idGFnZ2VkbWkiIHJlcXVlc3RpZD0iezc4MzkzM0ZGLTA1OEQtNEQ4Ni1BNEE3LUFDOUIxNTFCRUVBQn0iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgbG9naWNhbF9jcHVzPSI4IiBwaHlzbWVtb3J5PSI4IiBkaXNrX3R5cGU9IjIiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjEwLjAuMjIwMDAuNDkzIiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O1ZQUW9QMUYrZnExNXdSemgxa1BMNFBNcFdoOE9STUI1aXp2ck9DL2NoalE9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezU2RUIxOEY4LUIwMDgtNENCRC1CNkQyLThDOTdGRTdFOTA2Mn0iIHZlcnNpb249IiIgbmV4dHZlcnNpb249IjEyNS4wLjI1MzUuNTEiIGxhbmc9ImVuIiBicmFuZD0iTTEwMCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBsYXN0X2xhdW5jaF9jb3VudD0iMSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNjA5NzI0MTIwNjQxMzAwIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjkiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijc1MTMzMjc2NjIiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI3NTEzNDgzOTA2IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNzcwNTcxMjU2OSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmYudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNGJlMDU5ZDYtYThhYi00NWQ0LWExMDUtNTExNTA0NWNhOGQwP1AxPTE3MTcxMDM5MTAmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9VkVZb1pyYTV1JTJmNHQ2NVJ4NjZ0ejV2QmdLaHJVSTUwelZNOXY4Q2tsdE1BNEN5ZTdjYmQxektZcE5PJTJmb0c2RjBBY0R0bFQ4WVpOcWM5bmk4bHRxWW93JTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTczNjQyMjg4IiB0b3RhbD0iMTczNjQyMjg4IiBkb3dubG9hZF90aW1lX21zPSIxMjQ4NCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijc3MDYwMjUxNjgiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI3NzE5MzE5NTgxIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4MTU4NTYzMDE5IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iNjEwIiBkb3dubG9hZF90aW1lX21zPSIxOTI1NCIgZG93bmxvYWRlZD0iMTczNjQyMjg4IiB0b3RhbD0iMTczNjQyMjg4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI0Mzg5MyIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5780 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateBroker.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateBroker.exe" -Embedding

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /broker

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /medsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateBroker.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateBroker.exe" -Embedding

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /broker

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /medsvc

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6148 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6136 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6188 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,11147257594032983614,13351876626594071583,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5632 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateBroker.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateBroker.exe" -Embedding

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /broker

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /medsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Windows\SysWOW64\wermgr.exe

"C:\Windows\system32\wermgr.exe" "-outproc" "0" "5412" "1204" "1084" "1208" "0" "0" "0" "0" "0" "0" "0" "0"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzciIHNoZWxsX3ZlcnNpb249IjEuMy4xODcuMzciIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RDI5NUI3NjQtQkNBRi00NzRELUFCRUQtODVFNzc0NDdFQjQzfSIgdXNlcmlkPSJ7MzI1M0FBNUMtRTQ5NC00QUIxLThBNzktNzAxQTlEODBBNkE3fSIgaW5zdGFsbHNvdXJjZT0idXBkYXRlM3dlYi1vbmRlbWFuZCIgcmVxdWVzdGlkPSJ7MkE2QkRCRkYtRjBEMy00NjdGLUE2ODYtMzRBRTRCMEQ2QTREfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7RDZqeFBlVW1LZmg4eXR5NkYwN1l4TTFlWkRIL1RWNkZRVDJmZkRpWnl3dz0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iMTI1LjAuMjUzNS41MSIgbmV4dHZlcnNpb249IiIgbGFuZz0iZW4iIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjMiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijg3NzU1MjQ1NjYiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzciIHNoZWxsX3ZlcnNpb249IjEuMy4xODcuMzciIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RDI5NUI3NjQtQkNBRi00NzRELUFCRUQtODVFNzc0NDdFQjQzfSIgdXNlcmlkPSJ7MzI1M0FBNUMtRTQ5NC00QUIxLThBNzktNzAxQTlEODBBNkE3fSIgaW5zdGFsbHNvdXJjZT0idXBkYXRlM3dlYi1vbmRlbWFuZCIgcmVxdWVzdGlkPSJ7Q0JGMURCQjItREUzOC00NTVFLUExRkYtMzZCM0U5QkYwRDgwfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iMTI1LjAuMjUzNS41MSIgbmV4dHZlcnNpb249IiIgbGFuZz0iZW4iIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGNvaG9ydD0icnJmQDAuNzgiIG9vYmVfaW5zdGFsbF90aW1lPSIxODQ0Njc0NDA3MzcwOTU1MTYwNiIgdXBkYXRlX2NvdW50PSIxIiBpc19waW5uZWRfc3lzdGVtPSJ0cnVlIiBsYXN0X2xhdW5jaF9jb3VudD0iMSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNjA5NzI0MTIwNjQxMzAwIj48dXBkYXRlY2hlY2svPjxwaW5nIGFjdGl2ZT0iMSIgYT0iLTEiIHI9Ii0xIiBhZD0iLTEiIHJkPSItMSIgcGluZ19mcmVzaG5lc3M9Ins1MTE2MkRBQi01REM1LTQyNjctQjc5Qy04MzIzOTBDN0QzNjh9Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\elevation_service.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\elevation_service.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe" --rename-msedge-exe --system-level --verbose-logging --msedge --channel=stable

C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.51 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff6f1924b18,0x7ff6f1924b24,0x7ff6f1924b30

C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe" --msedge --channel=stable --delete-old-versions --system-level --verbose-logging

C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe" --msedge --channel=stable --register-package-identity --verbose-logging --system-level

C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.51 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff6f1924b18,0x7ff6f1924b24,0x7ff6f1924b30

C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.51 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff6f1924b18,0x7ff6f1924b24,0x7ff6f1924b30

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.51 --initial-client-data=0x2e4,0x2e8,0x2ec,0x2e0,0x30c,0x7ffc1bfb4ef8,0x7ffc1bfb4f04,0x7ffc1bfb4f10

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2392,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=2388 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --field-trial-handle=1860,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=3492 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --field-trial-handle=2200,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=3672 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3076,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=3712 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --extension-process --renderer-sub-type=extension --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3124,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=3820 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --extension-process --renderer-sub-type=extension --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3208,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=3936 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4248,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=4268 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\elevation_service.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\elevation_service.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=5228,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=5240 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=4608,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=5456 /prefetch:8

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe -k AppReadiness -p -s AppReadiness

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=5636,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=5660 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5996,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=6124 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5992,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=6256 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=6448,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=6476 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --field-trial-handle=7016,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=7028 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\cookie_exporter.exe

cookie_exporter.exe --cookie-json=1132

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=5356,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=7116 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=7020,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=7140 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=5148,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=7200 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=6520,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=6512 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=5288,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=6688 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=7408,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=5336 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=7400,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=7560 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=7740,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=7552 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=5584,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=5792 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=7904,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=8016 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=8016,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=8044 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --field-trial-handle=6704,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=7948 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --field-trial-handle=7336,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=7296 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=7816,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=5708 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --field-trial-handle=732,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=8056 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --field-trial-handle=8048,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=4940 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=3936,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=3964 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=5672,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=6384 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=6216,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=6280 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=6372,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=5048 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=6308,i,15565250013313213483,11331195021744294192,262144 --variations-seed-version --mojo-platform-channel-handle=6176 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.51 --initial-client-data=0x240,0x244,0x248,0x23c,0x268,0x7ffc1bfb4ef8,0x7ffc1bfb4f04,0x7ffc1bfb4f10

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2240,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=2224 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --field-trial-handle=1860,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=3456 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --field-trial-handle=2260,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=3572 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\elevation_service.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\elevation_service.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --field-trial-handle=4236,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=4344 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=4396,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=4404 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --field-trial-handle=4236,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=4344 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4880,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=4944 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4888,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=4972 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5460,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=5476 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5468,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=5544 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=5948,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=5916 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=6544,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=5980 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=6932,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=6952 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --field-trial-handle=6704,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=7132 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --field-trial-handle=6512,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=6748 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=6928,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=5432 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=6100,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=7084 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=7280,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=7396 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=7364,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=7356 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --field-trial-handle=7416,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=7320 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --field-trial-handle=7304,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=7300 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=7312,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=6976 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=7076,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=6036 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=6956,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=7032 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=5432,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=5424 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=6520,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=6112 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004E4 0x00000000000004F0

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --field-trial-handle=7324,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=6772 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=5788,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=5664 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=7332,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=6740 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=5680,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=5664 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=6500,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=1000 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=7576,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=7060 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=7724,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=5892 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BA012DBB-A536-4245-84DE-22E9EF271C65}\BGAUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BA012DBB-A536-4245-84DE-22E9EF271C65}\BGAUpdate.exe" --edgeupdate-client --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzciIHNoZWxsX3ZlcnNpb249IjEuMy4xODcuMzciIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NEE2Q0REMkQtNzM3MS00MEJELTlGREQtRjQ0QUU2MDEwM0NGfSIgdXNlcmlkPSJ7MzI1M0FBNUMtRTQ5NC00QUIxLThBNzktNzAxQTlEODBBNkE3fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntERjkxMzg4Mi0wNjMzLTQyMTMtODQzNC02N0RCQzhGQUFGMDB9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtENmp4UGVVbUtmaDh5dHk2RjA3WXhNMWVaREgvVFY2RlFUMmZmRGlaeXd3PSZxdW90OyIvPjxhcHAgYXBwaWQ9InsxRkFCOENGRS05ODYwLTQxNUMtQTZDQS1BQTdEMTIwMjE5NDB9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIyLjAuMC4zNCIgbGFuZz0iIiBicmFuZD0iRVVGSSIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSItMSIgaW5zdGFsbGRhdGU9Ii0xIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjkiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwNTA3ODI2NzM0IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTA1MDgwMDg5OTgiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMCIgZXJyb3Jjb2RlPSItMjE0NzAyMzgzOCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTA1NDA2ODU3OTciIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImRvIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy81ZjE5NTYxMi0zODRhLTQ4ZWEtODQwOC1iNGVkZTlkYzU2YmI_UDE9MTcxNzEwNDIwOSZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1IQ3VBUVI5aUJUeUxXWWNyQVBFdGMzRHdlUGFYaE1STTRSc0p2MHcwRmI2RWlSWDhQNzNTbmxqak9sVEl3MDdDYllUbVdGcFRQQm1ncndtWlZxJTJmbEtnJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMCIgdG90YWw9IjAiIGRvd25sb2FkX3RpbWVfbXM9IjYiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDU0MDcxNTgwNSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNWYxOTU2MTItMzg0YS00OGVhLTg0MDgtYjRlZGU5ZGM1NmJiP1AxPTE3MTcxMDQyMDkmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9SEN1QVFSOWlCVHlMV1ljckFQRXRjM0R3ZVBhWGhNUk00UnNKdjB3MEZiNkVpUlg4UDczU25sampPbFRJdzA3Q2JZVG1XRnBUUEJtZ3J3bVpWcSUyZmxLZyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE4MDQ0NDQ4IiB0b3RhbD0iMTgwNDQ0NDgiIGRvd25sb2FkX3RpbWVfbXM9IjI3MTQiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDU0MDk5MTA2MiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwNTQ4MTU2ODY5IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTA1NTM1ODEzMzciIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSI4MDgiIGRvd25sb2FkX3RpbWVfbXM9IjMyNzciIGRvd25sb2FkZWQ9IjE4MDQ0NDQ4IiB0b3RhbD0iMTgwNDQ0NDgiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIwIiBpbnN0YWxsX3RpbWVfbXM9IjUwNyIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=6112,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=7568 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=3788,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=3876 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=5960,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=4172 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\MicrosoftEdge_X64_124.0.2478.97.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\MicrosoftEdge_X64_124.0.2478.97.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\MicrosoftEdge_X64_124.0.2478.97.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=3792,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=7676 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.201 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64BCAFF8-FBE8-457F-966C-338E959BACB9}\EDGEMITMP_FDE82.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.97 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff687bd88c0,0x7ff687bd88cc,0x7ff687bd88d8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=5916,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=6484 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_xpay_wallet.mojom.EdgeXPayWalletService --lang=en-US --service-sandbox-type=utility --field-trial-handle=7620,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=5804 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=5776,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=7600 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=5728,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=5552 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=7828,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=7840 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5740,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=7624 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=7476,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=7696 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=7432,i,15046546565406616574,18428400475385254032,262144 --variations-seed-version --mojo-platform-channel-handle=7484 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.51 --initial-client-data=0x240,0x244,0x248,0x23c,0x264,0x7ffc1bfb4ef8,0x7ffc1bfb4f04,0x7ffc1bfb4f10

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1960,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=1964 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --field-trial-handle=2156,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=2268 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --field-trial-handle=1904,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=3484 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\elevation_service.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\elevation_service.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --field-trial-handle=4376,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=4340 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=4464,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=4476 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --field-trial-handle=4376,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=4340 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=4700,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=4720 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=4856,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=4868 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=4852,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=5016 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=4568,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=4540 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5280,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=4524 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5320,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=5248 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5240,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=4500 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4756,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=5524 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=5928,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=5912 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzciIHNoZWxsX3ZlcnNpb249IjEuMy4xODcuMzciIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NEU1MkM0NEMtRjQyNC00NTlFLTgwQzItQzg0NUJBMUFCQTE0fSIgdXNlcmlkPSJ7MzI1M0FBNUMtRTQ5NC00QUIxLThBNzktNzAxQTlEODBBNkE3fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntCRDJBOEQ1RC03QURGLTQ0NUUtOUNDRC1EOTBEREI0QTgyM0F9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtENmp4UGVVbUtmaDh5dHk2RjA3WXhNMWVaREgvVFY2RlFUMmZmRGlaeXd3PSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTg3LjM3IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9IklzT25JbnRlcnZhbENvbW1hbmRzQWxsb3dlZD0tdGFyZ2V0X2RldjtQcm9kdWN0c1RvUmVnaXN0ZXI9JTdCMUZBQjhDRkUtOTg2MC00MTVDLUE2Q0EtQUE3RDEyMDIxOTQwJTdEIiBpbnN0YWxsYWdlPSIwIiBjb2hvcnQ9InJyZkAwLjc4Ij48dXBkYXRlY2hlY2svPjxwaW5nIHI9Ii0xIiByZD0iLTEiLz48L2FwcD48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iMTI1LjAuMjUzNS41MSIgbmV4dHZlcnNpb249IiIgbGFuZz0iZW4iIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGNvaG9ydD0icnJmQDAuNzgiIG9vYmVfaW5zdGFsbF90aW1lPSIxODQ0Njc0NDA3MzcwOTU1MTYwNiIgdXBkYXRlX2NvdW50PSIxIiBpc19waW5uZWRfc3lzdGVtPSJ0cnVlIiBsYXN0X2xhdW5jaF9jb3VudD0iMSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNjA5NzI4OTk2NzY2MzQwIj48dXBkYXRlY2hlY2svPjxwaW5nIGFjdGl2ZT0iMSIgYWQ9IjYzNTIiIHJkPSI2MzUyIiBwaW5nX2ZyZXNobmVzcz0iezE4Qzc4Q0QyLTJDNDgtNEI4Qy04QjZBLURGMTYzRjhDNTFCM30iLz48L2FwcD48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iOTAuMC44MTguNjYiIG5leHR2ZXJzaW9uPSIxMjQuMC4yNDc4Ljk3IiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSIxMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTA2MjU5MTgxMzEiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTA2MjU5Njk4NzMiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDcwMjM4MzgiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwODc0MDA5ODM5IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJkbyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvMzI3OTk4ZTMtNDEzNC00ZWIxLWE4ZWYtMWE2NzdmZTBiMjU5P1AxPTE3MTcxMDQyMjEmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9VG5DYnhhN3FkakY4YTg0Z0dobWMzakw5TGhjNjBwZUt4JTJiV0VicDJ3ZUxpaXYzSTNDeGk5V0M1clB1QlZsZmtxUUt4ZFkweXlrczl1ZzY5VUEwdDI2ZyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSIwIiBkb3dubG9hZF90aW1lX21zPSIxIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwODc0MTU5ODE0IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy8zMjc5OThlMy00MTM0LTRlYjEtYThlZi0xYTY3N2ZlMGIyNTk_UDE9MTcxNzEwNDIyMSZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1UbkNieGE3cWRqRjhhODRnR2htYzNqTDlMaGM2MHBlS3glMmJXRWJwMndlTGlpdjNJM0N4aTlXQzVyUHVCVmxma3FRS3hkWTB5eWtzOXVnNjlVQTB0MjZnJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTcyODIxMDY0IiB0b3RhbD0iMTcyODIxMDY0IiBkb3dubG9hZF90aW1lX21zPSIyMTE1MiIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDg3NDMzMjUzNyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDg5NTg1NzAyMiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTE1OTY0MDI0NTciIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSI3OTgiIGRvd25sb2FkX3RpbWVfbXM9IjI0ODEwIiBkb3dubG9hZGVkPSIxNzI4MjEwNjQiIHRvdGFsPSIxNzI4MjEwNjQiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIwIiBpbnN0YWxsX3RpbWVfbXM9IjcwMDQ4Ii8-PHBpbmcgcj0iLTEiIHJkPSItMSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --field-trial-handle=568,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=6044 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --field-trial-handle=6032,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=5872 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=2776,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=4596 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=4480,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=5892 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=6104,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=5984 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=6048,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=5004 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=6160,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=5000 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=6088,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=4984 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=6108,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=6112 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=2948,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=6004 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=1044,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=4164 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=3800,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=3856 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=2748,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=4108 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=3816,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=4128 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=4108,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=5880 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=1432,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=4140 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=3912,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=6024 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=4136,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=6288 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=4172,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=5976 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=6232,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=6316 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=6324,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=6204 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=6280,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=3824 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=6184,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=6312 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=6008,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=1436 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=4140,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=6272 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=6176,i,12647286724143631411,5040698701372742018,262144 --variations-seed-version --mojo-platform-channel-handle=4036 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 roblox.com udp
DE 128.116.44.3:80 roblox.com tcp
DE 128.116.44.3:80 roblox.com tcp
DE 128.116.44.3:443 roblox.com tcp
US 8.8.8.8:53 69.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 98.251.17.2.in-addr.arpa udp
NL 128.116.21.4:443 friends.roblox.com tcp
US 18.239.208.20:443 images.rbxcdn.com tcp
US 18.239.208.20:443 images.rbxcdn.com tcp
US 18.239.208.20:443 images.rbxcdn.com tcp
US 18.239.208.20:443 images.rbxcdn.com tcp
US 18.239.208.20:443 images.rbxcdn.com tcp
US 18.239.208.20:443 images.rbxcdn.com tcp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 18.239.208.26:443 static.rbxcdn.com tcp
US 8.8.8.8:53 26.208.239.18.in-addr.arpa udp
US 8.8.8.8:53 22.208.239.18.in-addr.arpa udp
NL 128.116.21.4:443 realtime-signalr.roblox.com udp
US 172.64.154.86:443 roblox-api.arkoselabs.com tcp
NL 128.116.21.4:443 realtime-signalr.roblox.com tcp
NL 128.116.21.4:443 realtime-signalr.roblox.com udp
US 18.239.208.20:443 images.rbxcdn.com tcp
BE 23.14.90.98:443 apis.rbxcdn.com tcp
NL 128.116.21.4:443 realtime-signalr.roblox.com udp
NL 128.116.21.4:443 realtime-signalr.roblox.com udp
GB 2.18.66.57:443 tcp
US 20.42.65.90:443 browser.pipe.aria.microsoft.com tcp
GB 2.18.66.57:443 tcp
N/A 224.0.0.251:5353 udp
NL 23.62.61.88:443 www.bing.com tcp
BE 104.68.66.114:443 cxcs.microsoft.net tcp
NL 23.62.61.153:443 www.bing.com tcp
NL 23.62.61.96:443 www.bing.com tcp
NL 23.62.61.96:443 www.bing.com tcp
NL 23.62.61.96:443 www.bing.com tcp
NL 23.62.61.96:443 www.bing.com tcp
NL 23.62.61.137:443 r.bing.com tcp
NL 23.62.61.137:443 r.bing.com tcp
NL 23.62.61.137:443 r.bing.com tcp
NL 23.62.61.96:443 www.bing.com tcp
NL 23.62.61.96:443 www.bing.com tcp
NL 23.62.61.137:443 r.bing.com tcp
BE 2.21.17.194:443 www.microsoft.com tcp
BE 2.21.17.194:443 www.microsoft.com tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.5.80:443 services.bingapis.com tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.5.80:443 services.bingapis.com tcp
NL 128.116.21.4:443 realtime-signalr.roblox.com udp
NL 128.116.21.4:443 realtime-signalr.roblox.com tcp
NL 128.116.21.4:443 realtime-signalr.roblox.com udp
BE 23.14.90.88:443 apis.rbxcdn.com tcp
US 18.239.208.96:443 js.rbxcdn.com tcp
NL 128.116.21.4:443 realtime-signalr.roblox.com udp
NL 128.116.21.4:443 realtime-signalr.roblox.com tcp
US 2.17.251.47:443 tr.rbxcdn.com tcp
US 2.17.251.47:443 tr.rbxcdn.com tcp
NL 128.116.21.4:443 realtime-signalr.roblox.com udp
US 18.239.208.15:443 static.rbxcdn.com tcp
US 8.8.8.8:53 atl1-128-116-99-3.roblox.com udp
US 8.8.8.8:53 lga2-128-116-32-3.roblox.com udp
US 8.8.8.8:53 nrt1-128-116-120-3.roblox.com udp
JP 128.116.120.3:443 nrt1-128-116-120-3.roblox.com tcp
US 128.116.99.3:443 atl1-128-116-99-3.roblox.com tcp
US 128.116.32.3:443 lga2-128-116-32-3.roblox.com tcp
US 8.8.8.8:53 notifications.roblox.com udp
US 8.8.8.8:53 c0cfly.rbxcdn.com udp
US 8.8.8.8:53 aws-us-east-1b-lms.rbx.com udp
US 8.8.8.8:53 accountsettings.roblox.com udp
US 128.116.127.3:443 mia2-128-116-127-3.roblox.com tcp
US 54.193.123.198:443 aws-us-west-1a-lms.rbx.com tcp
US 34.232.130.216:443 aws-us-east-1b-lms.rbx.com tcp
NL 128.116.21.3:443 gold.roblox.com tcp
SG 128.116.97.3:443 sin2-128-116-97-3.roblox.com tcp
SG 128.116.50.3:443 sin4-128-116-50-3.roblox.com tcp
US 205.234.175.102:443 c0cfly.rbxcdn.com tcp
NL 128.116.21.4:443 privatemessages.roblox.com udp
NL 128.116.21.4:443 privatemessages.roblox.com udp
NL 128.116.21.4:443 privatemessages.roblox.com udp
NL 128.116.21.4:443 privatemessages.roblox.com udp
NL 128.116.21.4:443 privatemessages.roblox.com udp
NL 128.116.21.4:443 privatemessages.roblox.com udp
JP 128.116.120.3:443 nrt1-128-116-120-3.roblox.com tcp
SG 128.116.50.3:443 sin4-128-116-50-3.roblox.com tcp
SG 128.116.97.3:443 sin2-128-116-97-3.roblox.com tcp
NL 128.116.21.4:443 privatemessages.roblox.com udp
NL 128.116.21.4:443 privatemessages.roblox.com udp
US 8.8.8.8:53 216.130.232.34.in-addr.arpa udp
US 8.8.8.8:53 198.123.193.54.in-addr.arpa udp
US 8.8.8.8:53 3.120.116.128.in-addr.arpa udp
NL 128.116.21.4:443 ncs.roblox.com udp
NL 128.116.21.4:443 ncs.roblox.com udp
US 13.107.246.64:443 consentreceiverfd-prod.azurefd.net tcp
NL 128.116.21.4:443 ncs.roblox.com udp
NL 23.62.61.138:443 www.bing.com tcp
NL 23.62.61.99:443 th.bing.com tcp
NL 23.62.61.99:443 th.bing.com tcp
NL 23.62.61.139:443 th.bing.com tcp
NL 23.62.61.139:443 th.bing.com tcp
BE 2.21.17.194:443 www.microsoft.com tcp
US 13.107.246.64:443 consentreceiverfd-prod.azurefd.net tcp
IE 52.111.236.68:443 c2rsetup.officeapps.live.com tcp
US 20.7.47.135:443 msedge.api.cdp.microsoft.com tcp
GB 87.248.205.0:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
NL 128.116.21.4:443 ncs.roblox.com udp
US 8.8.8.8:53 snap.licdn.com udp
US 8.8.8.8:53 bat.bing.com udp
US 151.101.1.108:443 acdn.adnxs.com tcp
US 204.79.197.237:443 bat.bing.com tcp
GB 163.70.151.21:443 connect.facebook.net tcp
US 13.107.246.64:443 consentreceiverfd-prod.azurefd.net tcp
US 13.107.246.64:443 consentreceiverfd-prod.azurefd.net tcp
US 2.17.251.40:443 snap.licdn.com tcp
US 13.107.246.64:443 consentreceiverfd-prod.azurefd.net tcp
NL 185.89.210.180:443 ib.adnxs.com tcp
US 13.107.42.14:443 px.ads.linkedin.com tcp
IE 68.219.88.97:443 c.clarity.ms tcp
US 20.114.190.119:443 x.clarity.ms tcp
US 8.8.8.8:53 40.251.17.2.in-addr.arpa udp
US 8.8.8.8:53 180.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 97.88.219.68.in-addr.arpa udp
GB 157.240.221.35:443 www.facebook.com tcp
US 20.189.173.14:443 browser.events.data.microsoft.com tcp
US 20.189.173.14:443 browser.events.data.microsoft.com tcp
NL 128.116.21.4:443 apis.roblox.com udp
NL 13.95.26.4:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 ntp.msn.com udp
US 8.8.8.8:53 ntp.msn.com udp
US 8.8.8.8:53 ntp.msn.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 clients2.google.com udp
US 8.8.8.8:53 clients2.google.com udp
US 8.8.8.8:53 edge-mobile-static.azureedge.net udp
US 8.8.8.8:53 edge-mobile-static.azureedge.net udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 204.79.197.239:443 edge.microsoft.com tcp
US 13.107.6.158:443 business.bing.com tcp
US 13.107.6.158:443 business.bing.com tcp
US 13.107.246.64:443 edge-mobile-static.azureedge.net tcp
GB 142.250.187.238:443 clients2.google.com tcp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
GB 13.87.96.169:443 nav-edge.smartscreen.microsoft.com tcp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 assets.msn.com udp
US 8.8.8.8:53 assets.msn.com udp
US 2.17.251.21:443 bzib.nelreports.net tcp
SE 92.123.135.81:443 assets.msn.com tcp
US 8.8.8.8:53 data-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 data-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 clients2.googleusercontent.com udp
US 8.8.8.8:53 clients2.googleusercontent.com udp
GB 172.217.16.225:443 clients2.googleusercontent.com tcp
US 8.8.8.8:53 img-s-msn-com.akamaized.net udp
US 8.8.8.8:53 img-s-msn-com.akamaized.net udp
US 8.8.8.8:53 sb.scorecardresearch.com udp
US 8.8.8.8:53 sb.scorecardresearch.com udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 th.bing.com udp
SE 92.123.135.81:443 assets.msn.com tcp
US 8.8.8.8:53 c.msn.com udp
US 8.8.8.8:53 c.msn.com udp
US 8.8.8.8:53 c.bing.com udp
US 8.8.8.8:53 c.bing.com udp
NL 23.62.61.72:443 www.bing.com tcp
IE 68.219.88.97:443 c.msn.com tcp
US 204.79.197.237:443 c.bing.com tcp
NL 23.62.61.138:443 th.bing.com tcp
US 18.239.208.108:443 sb.scorecardresearch.com tcp
US 2.17.251.42:443 img-s-msn-com.akamaized.net tcp
US 8.8.8.8:53 225.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 72.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 108.208.239.18.in-addr.arpa udp
US 8.8.8.8:53 42.251.17.2.in-addr.arpa udp
US 8.8.8.8:53 msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com udp
US 8.8.8.8:53 msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com udp
US 152.199.21.175:443 msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 browser.events.data.msn.com udp
US 8.8.8.8:53 browser.events.data.msn.com udp
US 20.189.173.3:443 browser.events.data.msn.com tcp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 204.79.197.239:443 edge.microsoft.com tcp
US 8.8.8.8:53 srtb.msn.com udp
US 8.8.8.8:53 srtb.msn.com udp
US 8.8.8.8:53 ams3-ib.adnxs.com udp
US 8.8.8.8:53 ams3-ib.adnxs.com udp
US 8.8.8.8:53 dcdn.adnxs.com udp
US 8.8.8.8:53 dcdn.adnxs.com udp
NL 185.89.210.90:443 ams3-ib.adnxs.com tcp
US 151.101.1.108:443 dcdn.adnxs.com tcp
NL 23.62.61.72:443 www.bing.com udp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 r.msftstatic.com udp
US 8.8.8.8:53 r.msftstatic.com udp
US 204.79.197.219:443 r.msftstatic.com tcp
US 204.79.197.219:443 r.msftstatic.com tcp
NL 23.62.61.121:443 r.bing.com tcp
NL 23.62.61.121:443 r.bing.com tcp
NL 23.62.61.138:443 r.bing.com udp
NL 23.62.61.96:443 www.bing.com tcp
NL 23.62.61.72:443 www.bing.com udp
NL 23.62.61.96:443 www.bing.com udp
US 2.17.251.42:443 img-s-msn-com.akamaized.net tcp
US 8.8.8.8:53 prod-streaming-video-msn-com.akamaized.net udp
US 8.8.8.8:53 prod-streaming-video-msn-com.akamaized.net udp
US 2.17.251.10:443 prod-streaming-video-msn-com.akamaized.net tcp
US 8.8.8.8:53 ntp.msn.com udp
US 8.8.8.8:53 edgeassetservice.azureedge.net udp
US 8.8.8.8:53 edgeassetservice.azureedge.net udp
US 13.107.246.64:443 edgeassetservice.azureedge.net tcp
US 13.107.246.64:443 edgeassetservice.azureedge.net tcp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 204.79.197.239:443 edge.microsoft.com tcp
US 204.79.197.239:443 edge.microsoft.com tcp
US 204.79.197.239:443 edge.microsoft.com tcp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 th.bing.com udp
NL 23.62.61.146:443 th.bing.com tcp
NL 23.62.61.112:443 r.bing.com tcp
NL 23.62.61.112:443 r.bing.com tcp
NL 23.62.61.146:443 th.bing.com tcp
NL 23.62.61.146:443 th.bing.com udp
NL 23.62.61.112:443 r.bing.com udp
US 8.8.8.8:53 login.microsoftonline.com udp
US 8.8.8.8:53 login.microsoftonline.com udp
US 8.8.8.8:53 login.microsoftonline.com udp
IE 20.190.159.71:443 login.microsoftonline.com tcp
US 8.8.8.8:53 login.microsoftonline.com udp
US 8.8.8.8:53 services.bingapis.com udp
US 8.8.8.8:53 services.bingapis.com udp
US 13.107.5.80:443 services.bingapis.com tcp
US 172.64.154.167:443 www2.bing.com tcp
US 8.8.8.8:53 edge-consumer-static.azureedge.net udp
US 8.8.8.8:53 edge-consumer-static.azureedge.net udp
US 13.107.246.64:443 edge-consumer-static.azureedge.net tcp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
NL 128.116.21.4:443 www.roblox.com tcp
NL 128.116.21.4:443 www.roblox.com tcp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 18.239.208.98:443 css.rbxcdn.com tcp
US 18.239.208.95:443 js.rbxcdn.com tcp
US 18.239.208.26:443 static.rbxcdn.com tcp
NL 128.116.21.4:443 www.roblox.com udp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
GB 128.116.119.3:443 roblox.com tcp
US 104.18.33.170:443 roblox-api.arkoselabs.com tcp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
US 104.18.33.170:443 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 apis.rbxcdn.com udp
US 8.8.8.8:53 apis.rbxcdn.com udp
BE 23.14.90.88:443 apis.rbxcdn.com tcp
US 8.8.8.8:53 locale.roblox.com udp
US 8.8.8.8:53 locale.roblox.com udp
US 18.239.208.98:443 css.rbxcdn.com tcp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
US 18.239.208.24:443 images.rbxcdn.com tcp
US 18.239.208.24:443 images.rbxcdn.com tcp
US 18.239.208.24:443 images.rbxcdn.com tcp
US 18.239.208.24:443 images.rbxcdn.com tcp
US 18.239.208.24:443 images.rbxcdn.com tcp
US 18.239.208.24:443 images.rbxcdn.com tcp
US 18.239.208.24:443 images.rbxcdn.com tcp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 204.79.197.239:443 edge.microsoft.com tcp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 204.79.197.239:443 edge.microsoft.com tcp
US 204.79.197.239:443 edge.microsoft.com tcp
US 8.8.8.8:53 ntp.msn.com udp
US 8.8.8.8:53 ntp.msn.com udp
US 8.8.8.8:53 ntp.msn.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 13.107.6.158:443 business.bing.com tcp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 img-s-msn-com.akamaized.net udp
US 8.8.8.8:53 img-s-msn-com.akamaized.net udp
US 8.8.8.8:53 sb.scorecardresearch.com udp
US 8.8.8.8:53 sb.scorecardresearch.com udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 th.bing.com udp
US 2.17.251.21:443 bzib.nelreports.net tcp
US 8.8.8.8:53 c.msn.com udp
US 8.8.8.8:53 c.msn.com udp
US 8.8.8.8:53 c.bing.com udp
US 8.8.8.8:53 c.bing.com udp
NL 23.62.61.146:443 www.bing.com udp
US 8.8.8.8:53 assets.msn.com udp
US 8.8.8.8:53 assets.msn.com udp
US 204.79.197.237:443 c.bing.com tcp
IE 68.219.88.97:443 c.msn.com tcp
SE 92.123.135.81:443 assets.msn.com tcp
SE 92.123.135.81:443 assets.msn.com tcp
NL 23.62.61.129:443 www.bing.com udp
US 18.239.208.108:443 sb.scorecardresearch.com tcp
US 2.17.251.42:443 img-s-msn-com.akamaized.net tcp
US 8.8.8.8:53 browser.events.data.msn.com udp
US 8.8.8.8:53 browser.events.data.msn.com udp
US 20.189.173.16:443 browser.events.data.msn.com tcp
US 8.8.8.8:53 srtb.msn.com udp
US 8.8.8.8:53 srtb.msn.com udp
US 8.8.8.8:53 ams3-ib.adnxs.com udp
US 8.8.8.8:53 ams3-ib.adnxs.com udp
NL 185.89.210.90:443 ams3-ib.adnxs.com tcp
NL 23.62.61.146:443 www.bing.com udp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 r.msftstatic.com udp
US 8.8.8.8:53 r.msftstatic.com udp
US 204.79.197.219:443 r.msftstatic.com tcp
US 204.79.197.219:443 r.msftstatic.com tcp
NL 23.62.61.113:443 r.bing.com tcp
NL 23.62.61.113:443 r.bing.com tcp
NL 23.62.61.88:443 www.bing.com udp
US 8.8.8.8:53 ntp.msn.com udp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 th.bing.com udp
NL 23.62.61.152:443 th.bing.com udp
NL 23.62.61.152:443 th.bing.com udp
NL 23.62.61.155:443 th.bing.com udp
NL 23.62.61.155:443 th.bing.com udp
US 8.8.8.8:53 bing.com udp
US 8.8.8.8:53 bing.com udp
US 13.107.21.200:443 bing.com tcp
US 172.64.154.167:443 www2.bing.com udp
US 172.64.154.167:443 www2.bing.com tcp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
NL 128.116.21.4:443 www.roblox.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 18.239.208.96:443 js.rbxcdn.com tcp
US 18.239.208.27:443 css.rbxcdn.com tcp
US 18.239.208.15:443 static.rbxcdn.com tcp
NL 128.116.21.4:443 www.roblox.com tcp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
US 172.64.154.86:443 roblox-api.arkoselabs.com udp
US 172.64.154.86:443 roblox-api.arkoselabs.com tcp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 apis.rbxcdn.com udp
US 8.8.8.8:53 apis.rbxcdn.com udp
BE 23.14.90.81:443 apis.rbxcdn.com tcp
US 8.8.8.8:53 apis.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
US 8.8.8.8:53 locale.roblox.com udp
US 8.8.8.8:53 locale.roblox.com udp
NL 128.116.21.4:443 locale.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
NL 128.116.21.4:443 auth.roblox.com tcp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
US 18.239.208.74:443 images.rbxcdn.com tcp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 18.239.208.27:443 css.rbxcdn.com tcp
US 204.79.197.239:443 edge.microsoft.com tcp
US 8.8.8.8:53 nleditor.osi.office.net udp
US 8.8.8.8:53 nleditor.osi.office.net udp
FR 52.111.231.23:443 nleditor.osi.office.net tcp
US 8.8.8.8:53 edge-consumer-static.azureedge.net udp
US 8.8.8.8:53 edge-consumer-static.azureedge.net udp
US 13.107.246.64:443 edge-consumer-static.azureedge.net tcp
NL 23.62.61.113:443 r.bing.com tcp
NL 185.89.210.90:443 ams3-ib.adnxs.com tcp
US 8.8.8.8:53 ntp.msn.com udp
US 20.189.173.16:443 browser.events.data.msn.com tcp
US 8.8.8.8:53 lgbt.foundation udp
US 8.8.8.8:53 lgbt.foundation udp
US 8.8.8.8:53 lgbt.foundation udp
US 104.22.2.3:443 lgbt.foundation tcp
US 104.22.2.3:443 lgbt.foundation tcp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
GB 13.87.96.169:443 nav-edge.smartscreen.microsoft.com tcp
US 104.22.2.3:443 lgbt.foundation udp
US 8.8.8.8:53 cdn-cookieyes.com udp
US 8.8.8.8:53 cdn-cookieyes.com udp
US 172.67.20.8:443 cdn-cookieyes.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 log.cookieyes.com udp
US 8.8.8.8:53 log.cookieyes.com udp
IE 18.202.136.23:443 log.cookieyes.com tcp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 204.79.197.239:443 edge.microsoft.com tcp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 204.79.197.239:443 edge.microsoft.com tcp
US 2.17.251.23:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 23.102.129.60:443 msedge.api.cdp.microsoft.com tcp
GB 87.248.204.0:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 23.102.129.60:443 msedge.api.cdp.microsoft.com tcp
NL 23.62.61.168:443 www.bing.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
NL 23.62.61.168:443 www.bing.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
GB 142.250.178.14:443 google.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 apis.google.com udp
US 204.79.197.239:443 edge.microsoft.com tcp
GB 142.250.200.14:443 apis.google.com tcp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 xpaywalletcdn.azureedge.net udp
US 8.8.8.8:53 xpaywalletcdn.azureedge.net udp
US 13.107.246.64:443 xpaywalletcdn.azureedge.net tcp
US 13.107.246.64:443 xpaywalletcdn.azureedge.net tcp
US 13.107.246.64:443 xpaywalletcdn.azureedge.net tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
US 8.8.8.8:53 consent.google.com udp
US 8.8.8.8:53 consent.google.com udp
GB 142.250.187.238:443 consent.google.com tcp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 204.79.197.239:443 edge.microsoft.com tcp
US 8.8.8.8:53 edgeassetservice.azureedge.net udp
US 8.8.8.8:53 edgeassetservice.azureedge.net udp
US 13.107.246.64:443 edgeassetservice.azureedge.net tcp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 lh5.googleusercontent.com udp
US 8.8.8.8:53 lh5.googleusercontent.com udp
GB 172.217.16.225:443 lh5.googleusercontent.com tcp
GB 172.217.16.225:443 lh5.googleusercontent.com udp
US 8.8.8.8:53 lh4.googleusercontent.com udp
US 8.8.8.8:53 lh4.googleusercontent.com udp
GB 172.217.16.225:443 lh4.googleusercontent.com udp
US 8.8.8.8:53 lh6.googleusercontent.com udp
US 8.8.8.8:53 lh6.googleusercontent.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 id.google.com udp
US 8.8.8.8:53 id.google.com udp
GB 142.250.187.227:443 id.google.com tcp
GB 142.250.179.238:443 play.google.com udp
US 8.8.8.8:53 maps.googleapis.com udp
US 8.8.8.8:53 maps.googleapis.com udp
GB 216.58.212.234:443 maps.googleapis.com tcp
GB 216.58.212.234:443 maps.googleapis.com udp
GB 216.58.212.234:443 maps.googleapis.com udp
US 8.8.8.8:53 maps.gstatic.com udp
US 8.8.8.8:53 maps.gstatic.com udp
GB 172.217.16.227:443 maps.gstatic.com tcp
NL 23.62.61.98:443 www.bing.com udp
NL 23.62.61.98:443 www.bing.com tcp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 204.79.197.239:443 edge.microsoft.com tcp
US 204.79.197.239:443 edge.microsoft.com tcp
US 8.8.8.8:53 ntp.msn.com udp
US 8.8.8.8:53 ntp.msn.com udp
US 8.8.8.8:53 ntp.msn.com udp
US 8.8.8.8:53 img-s-msn-com.akamaized.net udp
US 8.8.8.8:53 img-s-msn-com.akamaized.net udp
US 8.8.8.8:53 sb.scorecardresearch.com udp
US 8.8.8.8:53 sb.scorecardresearch.com udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 deff.nelreports.net udp
US 8.8.8.8:53 deff.nelreports.net udp
US 8.8.8.8:53 c.msn.com udp
US 8.8.8.8:53 c.msn.com udp
US 8.8.8.8:53 c.bing.com udp
US 8.8.8.8:53 c.bing.com udp
NL 23.62.61.112:443 www.bing.com udp
US 8.8.8.8:53 assets.msn.com udp
US 8.8.8.8:53 assets.msn.com udp
IE 68.219.88.97:443 c.msn.com tcp
US 204.79.197.237:443 c.bing.com tcp
US 2.17.251.51:443 deff.nelreports.net tcp
SE 92.123.135.83:443 assets.msn.com tcp
SE 92.123.135.83:443 assets.msn.com tcp
NL 23.62.61.99:443 www.bing.com udp
US 18.239.208.4:443 sb.scorecardresearch.com tcp
US 2.17.251.42:443 img-s-msn-com.akamaized.net tcp
US 8.8.8.8:53 4.208.239.18.in-addr.arpa udp
US 8.8.8.8:53 83.135.123.92.in-addr.arpa udp
US 8.8.8.8:53 srtb.msn.com udp
US 8.8.8.8:53 srtb.msn.com udp
GB 2.18.66.57:443 tcp
GB 2.18.66.57:443 tcp
US 52.108.8.254:443 wac-ring.msedge.net tcp
US 8.8.8.8:53 edge-consumer-static.azureedge.net udp
US 8.8.8.8:53 edge-consumer-static.azureedge.net udp
US 13.107.246.64:443 edge-consumer-static.azureedge.net tcp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 204.79.197.239:443 edge.microsoft.com tcp
US 2.17.251.23:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 204.79.197.239:443 edge.microsoft.com tcp
NL 23.62.61.90:443 r.bing.com tcp
NL 23.62.61.90:443 r.bing.com tcp
NL 23.62.61.90:443 r.bing.com tcp
NL 23.62.61.90:443 r.bing.com tcp
NL 23.62.61.90:443 r.bing.com tcp
NL 23.62.61.90:443 r.bing.com tcp
GB 2.18.66.57:443 tcp
US 13.107.246.64:443 edge-consumer-static.azureedge.net tcp
US 8.8.8.8:53 90.61.62.23.in-addr.arpa udp
US 13.107.246.64:443 fp-afd-nocache-ccp.azureedge.net tcp
US 8.8.8.8:53 7481ff9e37b5e0f782f45899c57a98a7.azr.footprintdns.com udp
IT 4.232.89.175:443 7481ff9e37b5e0f782f45899c57a98a7.azr.footprintdns.com tcp
US 8.8.8.8:53 spo-ring.msedge.net udp
US 13.107.136.254:443 spo-ring.msedge.net tcp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 8.8.8.8:53 edge.microsoft.com udp
US 204.79.197.239:443 edge.microsoft.com tcp
US 8.8.8.8:53 0.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
US 8.8.8.8:53 54.120.234.20.in-addr.arpa udp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 8f2eb94e31cadfb6eb07e6bbe61ef7ae
SHA1 3f42b0d5a90408689e7f7941f8db72a67d5a2eab
SHA256 d222c8e3b19cda2657629a486faf32962e016fc66561ce0d17010afdb283c9de
SHA512 9f7f84149885b851e0bf7173c540e466a2b2eb9907d8b608f60360933328cc75d9d1b63640ea4ecc1e64ecc5dd7ee74d82903f96a8b4418ca56296641a8c0703

\??\pipe\LOCAL\crashpad_3016_JHBUMEIPCVSRMEYU

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 d56e8f308a28ac4183257a7950ab5c89
SHA1 044969c58cef041a073c2d132fa66ccc1ee553fe
SHA256 0bc24451c65457abc1e4e340be2f8faceae6b6ec7768a21d44bcd14636543bae
SHA512 fd5798559f4025ec3408f5550b8671d394b1ec83b85fdac8c005b0cc3e183272bdd07db15a156a572c9c5e5798badf235dc10aae62a052efa8dd9dfdbdca8189

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 067d0f46939d2c50cae942b34d95862e
SHA1 05dfbcf845fac665b4406a41cf331800817a6f0d
SHA256 0599ec592d33e97315ead2e60e4295c02533385516bfd8414fe61a7c22ea9909
SHA512 1ab775ed736f9ec1f27987545ea7ee78e3d7b8bf04f091db166f43966a3bb65c849241efad8caacf9ded465a8a7fbd44b7d0e4f6e3d5f2bdaa103ebca8984d13

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 53b4df6103a2d97c2752dfcc512b8b26
SHA1 19c864351880ca119ce30d8170adc627f7022918
SHA256 8148e6c6179bda0b9f597e7c94351cf16d52bc5f49b488d4c12c47289d428717
SHA512 b25ee4bb9492e7d0eff2ba06ac08610629c92c9201900ed5517c23bd650e4d68ac25619695735eaedade6c45c26fb3011a94502af737c2a98580210fe3a79cd2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d7eaf0255b462a5d18acaeef1abbe681
SHA1 56d171bbae260d832bc23273ba68f98c00596e02
SHA256 09b2126d7d5785d1af8626c8d074051344a9c2a0bdcfe1e715bcb2194edc7b8a
SHA512 f2048c7935e4a9160f458bba8e8147f9bba99920df7dfec206d724040a265aa261cc20123c5c5d3b60d23b98970f6cf97bab5a71391afb4c40b314f3deee4350

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 807419ca9a4734feaf8d8563a003b048
SHA1 a723c7d60a65886ffa068711f1e900ccc85922a6
SHA256 aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631
SHA512 f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\logs\Common\FileCoAuth-2024-5-23.2113.1636.1.odl

MD5 dd4e68ef4e0d79c41517250d0974b97b
SHA1 d6f866184904b8d879626ee123ab6b062c384c10
SHA256 5fdbe1cd3d53fe01a4f4f5bb495d8c4288f801bdc74d72275344dd3c6ae3d324
SHA512 5fd8db189eeeb3cf683299a183d80d90f3459e359e024c07a78ae3586fcc4f21e0cb368f7d2c4257e98f271693ff239a66f8a1355fe315210117a3f51e740791

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57a5f4.TMP

MD5 c6c7e3e0726ab2e1ee43887dc7a9b7f7
SHA1 49dbf3746fafd60fd3be8bba114fd129b018d16c
SHA256 ca77be290b467e0ead6fca699dab65b8df6a0430a814657bf6c265206fa4b72d
SHA512 4da177fbc9a6e56260ad216baf1191453f3d3364fa0bff7c0728c6541e51401123a0cbfbc80e10ec22e03cb3ce849686778a29f41eb20b75f6eb693748d943ac

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 23c15911d84e9dd162936ceca44614b3
SHA1 12782b45a433da5c966c5cecebde25571a62fa4a
SHA256 5c38608e737ae63827415f47f63cf491675f10c61575e70d6ccdec684259f65c
SHA512 6fe42c54becef00766c79d1f9460929620c02f18d0799defd7f7a9d2ff90d4fb9d54b26181736335fe50f398f2dd69208f33718c5053e517ce5c7100975728c3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9685c30f69265dbb872d621e264841c8
SHA1 e7fc33404798b31b17079d59acda7878c316ef92
SHA256 6854f7e2091ba8d162ff13aa53a546738b44e46024ddbe4d997399a89289aaa7
SHA512 32403cac86e5f049aaf914913813caf56da299e543f216d37c757b021e73107dc86ecadbc0611746343207a8e111a17b508a706144c780755d9168942ac248f6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 c7d427f6f91d2df15c8c5ca338ed8ed9
SHA1 3924007780b61e2117cb80ef240bd1e514c64252
SHA256 274f62339b2995c4b1a0c9edd3c5d756f7fc4456834aea2f3bb5c200710ace2f
SHA512 ec260f65b366a61b72251d933ce0e50806c20a0c73455b5cb6277577d0bc5f358305e02198eeb505d672bca7317a697dc81e05ef69057ac49257d7242fb3a628

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5c2e00a619e962ceb64855c79aa33dda
SHA1 31d3c3bd753c9eaf023e6103912ce2cef9220d60
SHA256 c0baadb58ae4aeb65d8d19ec89a361b1d6ed7f81768b99132a678c7ea2975cdd
SHA512 f4b978fde962ef50c61cb9447eb3b8de955fb5a4022b1d63c45f87b30a9010872e53af665d270176a2f352d0c8bb37d745058da8777b0b526bf5a11c12793b69

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 55fa71b1bca04089fd4b689f7b0537be
SHA1 24f013639e86a1d0cff1e2a2dd5f57e0101a2772
SHA256 e856eeacf4e67d62c36a53b91ce60c13b3fabdae46f5ea7d765b77702b625b6a
SHA512 2bba5c70324425adc98b1595eb6b6b2e29cd4592ea6c2c1693b534dc6da0c5fff7188e9550b85d26ebef6609ee6f70991e3a6d053d7eb3c94ffc106d6bbc9b0c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 98e062fcc568ba5fada4a9218866c923
SHA1 d9582f056180d38a7117b8a0c8a6712fe9fc2ce7
SHA256 f983080aaac06861824c018340e7890cb58d08eb8fcc86b941f98280efe1c8b7
SHA512 e5387a2c18549056b848882c20ef76369d0ee7138da182b8e3ca668aacbec42e50b41ef23d9f915e4b863365d0fd05ad9102407871907fc00760e33862c66a67

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 aa030777fa5159848be9f22c4244817f
SHA1 c51b1b8f76c8eeb50b2290f7a009d5b8afdd10d2
SHA256 28d3028d2aee379506e70de2413e7c8de739f111b21f8226d91c42b170878d82
SHA512 4ae1f4fac113a6b94b9409510146d1afefbc802df3b8cbaca2c2d955119ed87767a304f1f2e086245d176892bf12c3c3409ed6fda2f7bec161615d605b3e27ca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9828911345a575e1f9c99538232f2fe3
SHA1 b60625014d8b637d0705aee16e935ed0388826ee
SHA256 42ea5f2d46db1e54891394a4940b5b703341b6a468a5940a935195ca4efe9d5b
SHA512 30007f238e53db510d4690f4583d0598ab5d0966f95c0a74eb4b1dcd03dc565dc9e434f531c684cb17e2c2962bca5f8d1bcf65f1208a06ccade60748f145a4a0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f5c358947e02b2e975ba6a0149bc8bfc
SHA1 74c0d8ce84a3266f3435e4e4e0f9beb52604f6a9
SHA256 23536161b5c7a399e91a3e588a4c80de5518210a96e84e1b6d83bb16a9c4ef12
SHA512 fc4b9daed6e113776524fd88bed69af1984c3a91ed331166492581c3326bbfb3d34eb6581cdc553bf436fc3ce830c518a3d5be0a2638994e08ba4de75cb9f865

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6dae0d8c9400512da673b0e90eefe211
SHA1 234d615468a98d51390fbe8a7308ad13c953502f
SHA256 a090b7eb84cfbd3db02c4e06d9a088319ffbd7aabc96c09520cbe13d8d04c4bb
SHA512 535ac4ea524eeed4f06b0361398e64f117b89abaae2530384f16f8b79dc37082618babfb640a4f4e6f1056c79855983890abe7a345e02337f8c60c3fb5354cbe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7a4e5309fd3ae82025dabc8da29bc3b3
SHA1 226c46b7deb5d8485e092c0813f55cac757c7372
SHA256 230edce20c4926dd4eb2bd09e1b2c6947ce3a6e6ee8727c483f6a64ee0f07ae9
SHA512 bb005469d50d4db4a9f373363ff07063ece86d51382782c3a7bb45ccf0cf9f00dfcf5fe9cf1965577ebd9e1ccde058d727fe918f7813d29848134676ec054914

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ae8bdc8e4a304134d12a21afe5fada8a
SHA1 f9564ff7f60f26c30ca330bc5e6fdaaffeac5dcf
SHA256 44222a15eae625148c430fcd77ce8cafbe6a8634310eb62da9496d54b18ed01b
SHA512 878721991654cb3eb282732f04c6e7fcfd37869449cdef36260d7a15115320bc877e3035c5c0b08c9f75e91834feda408027ffb11f3cfe4a052b73eceb9a0ca6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 235bea44e902beeb6b6f821e5e152e55
SHA1 bdff8f97eee33ed4cd3f4791902d0f17961f6595
SHA256 2933b4d9918053b332f90dbc798b102a181cc544406d3eaba8b1af7186292758
SHA512 19f699a429b20ca3bb0d78ffcca69869c70dcffa109629c89a250dacf743611d8247805a59fad96dfad261581fefc7532b813c7001c763e557f22fe33e821677

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ee0f0461388788f0176eaa53ea0bca52
SHA1 e8baeb548de2f353fd0d771267b8cd82378fbcfe
SHA256 e1f75e5c658a0822961276bac774a6cec4e90712b8567c18744e29c871c3f7ee
SHA512 b8994605695ecf984339f2d721cf01ec2f696298e48fad3bd4f83c5854f44d6f416a73fa5a278e5d7bf412ed6761338a5cf3612c7ca0f70a719bc60b38237354

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 30b619c54aa1c39593fbc29ba71c959f
SHA1 91d57a0fd2d9127ecdabe5a39357ceaee68368ec
SHA256 30cbaa53d17499b4bfc0cfa15b66b6eab201166c2b40a3482b9d73a769f58a19
SHA512 7aa915b5d6e3fddd0351965edbd8b65aed23144c7c0d774ffa64d38024d755c2a709f0b224c06e3d18b33b4248cd70dca88b188fb7f351b6a10e5d6fd8bd30f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9228c20e4672bc2494fa3935f4103dcc
SHA1 cfad825bbbfcaa742083ae9e34004ff7d0ce8210
SHA256 9405c3371ce16c71b5b620209a6ee9bfe4ea1870320b7826c5688b4dec9e4b3c
SHA512 a12460dd0832cf40a04eaa8d855ca32c856e7b420c94ee973ed2d71c7638ea3ff2105e5c1b82fecfced589ba33dc5ea9a827181518825f3ae701602dbc505741

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 94a96b325362ce38184823f692df77b8
SHA1 f8968665977e7e98df74225fb391669b70a6f59e
SHA256 8404287db1cec0db3852d12896d60b38376f9c7adeba078cee7677bbd71ac5c0
SHA512 02fef34ad9c2b3c9f2cb17ff29d582e7c08f0ce2d7398f3e41fc497afa828f66e15eb925755fa6938c281b19809d37014ea3b170217b961e589da54b95a5e57f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9e6b7b6bc88aea66018e352c208fa802
SHA1 a2b060fe9dd26e97a8d6f8ce65c9fe8a5f6c20ad
SHA256 654469ea5cb4cb19a8852360eeaa156349bc33c5352438e21c97d31a2fd31615
SHA512 3976a953785ad3a076d03bedd1f3cc97f90d5938c6c43df9753813270d1846ac578846577df01f996855fecc31eb357459b8132788afde9074574cb04d3c9d09

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c816bb8f2083c4e36c90231ceedcd383
SHA1 51b89d34848cb52560132f6a0083ca7b32f59424
SHA256 de96b5214c0f3ee04a3072d07d19158c070b0cbd89987cdd89c17872d3c918b8
SHA512 756150b95bd7261b69c5aebb8e27e05ddac9f93b77b2bb21c7ad5802c595e13fb30a05fc95242d787d40b3f3acd4c0e7781d9e146090e154856a8eb027e9a900

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2955675796b1ced7fbad1d8814871bce
SHA1 104fa0141cd1fd2cf085978bfad3d2eef881e980
SHA256 5043803c03607fc46398390453e5142c8dc7e168c71d802d96c7ec95457d9410
SHA512 f3e81ca8ea37ecee18e12afeb8c98c8e6b3023f36c86aef833e8ab5f5abe0e194ca1958d39fc29edee7a3995307a8d8f6b0a40ab4c624c708ec2faf6bd5556f9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9ad68a8a19836d584500ae2dd3df8688
SHA1 0e20f29a92ed42552757ecf1228fe612d3222839
SHA256 315ad81aa87eb93b6aa787b8c3b2618cd005efb62f63b93ff91f73682ca157e1
SHA512 3298526677537a8aa5105e0f3336a55cffe26ec1f807c616122d07949ee689cd79be46ff702102918ce9dddb3f816072e5e1e553566d4f31da69d0ad8394daa1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 635cd2509701cfd25cbaa0410e3ab3d3
SHA1 5f8db2c13a8d1889c2550e326d125e7d1b540d02
SHA256 155297143198dba6652d5a16ee44e44bc5e7bfb1dde9e3e087a7be07c513f431
SHA512 1b1608520a05cfdf67ec4312301aa0fef5cd492f832c62a2dce0d5721ed8bc4f6e978bc029e6c20e17e4e226913c2fd5afe622a9d0e6bd917892a6643cb34b2b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1c3380e3d345e909f0051b2d0362586c
SHA1 5906ebabea08b2bfb68298102ccaa653d6f10cea
SHA256 b62889067fd25c5bf3b08022aaa5ed53f0da56b943459e8a5f526e3277854e9c
SHA512 8f7d2ae3c657a5351140f39e0be7de11c2ebf773f199002b24d1f456ebe0f709b95b7edd0471ce9d6809f690f32d4700bcf187e9946227d059ba22b259d82259

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\a434166d-6620-492e-af92-a88cdfeaeca0.tmp

MD5 0a606c381cdb6ce30c665df25e46f9c3
SHA1 cf959a6ea682cdd0151d3b12478fda4b0e19d625
SHA256 e4025265bfc370328f07558fef385718b878172f0d22f5ce9dbd4c5b3dd79b22
SHA512 9c0dc90bfa43de05c75ed37a77f03a24d6fc069ebef3c926ea1d5297687ec44c9cffe9495f340dd62062a49aba60f46bdee37a7917a7207517d8b177f50d092d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b

MD5 76a3f1e9a452564e0f8dce6c0ee111e8
SHA1 11c3d925cbc1a52d53584fd8606f8f713aa59114
SHA256 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c
SHA512 a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

MD5 c3c0eb5e044497577bec91b5970f6d30
SHA1 d833f81cf21f68d43ba64a6c28892945adc317a6
SHA256 eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb
SHA512 83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

MD5 d2d55f8057f8b03c94a81f3839b348b9
SHA1 37c399584539734ff679e3c66309498c8b2dd4d9
SHA256 6e273f3491917d37f4dbb6c3f4d3f862cada25c20a36b245ea7c6bd860fb400c
SHA512 7bcdbb9e8d005a532ec12485a9c4b777ddec4aee66333757cdae3f84811099a574e719d45eb4487072d0162fa4654349dd73705a8d1913834535b1a3e2247dc6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a

MD5 0ea3c40e1faf37122a20a202e9b52714
SHA1 ac0d594878e4160c112d7f70b5c680523dcee1a4
SHA256 ad3eac09f7aaaed3059ec039ea0477af10919a4a9be9a8865dce7fd34776c8b0
SHA512 e19363456375a8b1a0887af217befabf3dfa5c6944b9b4b62a04d20ce6e5649af4309b86ecfaf061ebcf243011eef123c3f75ebf2dba32d18ce28140adbca52d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c

MD5 710d7637cc7e21b62fd3efe6aba1fd27
SHA1 8645d6b137064c7b38e10c736724e17787db6cf3
SHA256 c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b
SHA512 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d

MD5 b38fbbd0b5c8e8b4452b33d6f85df7dc
SHA1 386ba241790252df01a6a028b3238de2f995a559
SHA256 b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd
SHA512 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e

MD5 e8117f0a14c3cdb602bb39b3dd88d992
SHA1 b4d08bb1089be5eb84ef9408400e594fbefa05b4
SHA256 2f11c98f111e90b39ce0e3ea3d62912bbccc97a54340d17843a5cedb742c9811
SHA512 97fac38d5a5bc939a65fc289dcefb0be7c7da50ec6828653579bb306b7d3b387299e71cb45cacbfc5cfe3e442bccb31726674c4acfc0d76000fdc050b737f589

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f

MD5 81a63a086d1c0fb065b12ebecf8cd7f8
SHA1 4ae54a6f2a83df9c901b196a6c29c3436b3a3f0b
SHA256 706678b4abec74ac3221737a9c70bab8ea40cf26ee6a89cb321e6c1503fee0ce
SHA512 2d33384744684bb31c7a30b263d6d2a1fe7bdd3dbaca9867ec6955795e23e7ab5996137210c651c608c22b1d9800bc1a29ef933958fb57dcac2482e8d3922877

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 fb57d13a20081b4304070b04ef0b10d4
SHA1 95342442c87f27ee3ede8eec984190f4d0ca06a5
SHA256 5a82784541db6aa6eb1c31fb4c5de2a260b1c1f8aa25e95a25489746d14aaae1
SHA512 049de7ffbc5b67a2ed74200965a41e9e32d45ce417f7302855c982fccf91d26c6a3b86995a8d0a14f55f3f6f9fe04663cf89eb649120492cbdee51ca9aad2e2c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 004e393544f38f9bfaaa0ec7640596c4
SHA1 b08ecfcd11607991e6c168d33cc2edca8b8cbed1
SHA256 a1df37dbc04355cb948d17e082a726e374cd9bc300f52148c6dce03dc2f15d6b
SHA512 8609ab0eecac8861ca3d09623855dedc5b79306fa36bb3bf3118111aa75da65e27a810e66c719e7bda449f4f2077cbe05eb728a7b05666627ba8c39de5455e7c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2b2cd34d9a388b4b2c6ce5bb4b378b69
SHA1 77ffef397891fdeec380ed7998cbee866a69eecd
SHA256 53712deedb4c2c72102557b21488e037cdd697e5a7814a991bee0f63addd241d
SHA512 58a4ca378b59acd38edc0d0c500f70522079266126fcae51f9c0e08d2010d4fed0525d1934289096f68f7cda68f8e87b544972f1679898068c7494948ec64251

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 cbd3cdfc06270fb95cbc41f25d795851
SHA1 85de432712e084075358a6bec6b815dde0864611
SHA256 c5f7f498495ea095a7a755f6df13e0ba532be6d9993d30ee17450b1464d3c883
SHA512 98ce7749a2649dd3d7a304dd90cbc50e65be0c6b96381c82ceba8e0790e9b783567aa1a965c6f70b9adb8d022178ef13b3ea2313e247dfbaadacaec55bb4a4b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 3694218e138e902c9cae25af295e76e9
SHA1 c997810dbd518a688d0fae64c9a87d7605d3ed2f
SHA256 0c6588685ca405141f3ba5c4b399f83cc570ab0261d0ea1053c2524935da114d
SHA512 8439652c14067d9b3eb26753fe5d84092746d1ee206b6896722b207b591e1e67927201e8ea50502d1f5a93cd6fd2a37be2b41984c6845d1105d0db126bb43d83

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 10b17ddaecb697c0b0c7ccf29677311e
SHA1 6bac295fd1adcac64ea7d2aee24530ad5cfb2888
SHA256 5b21e6377db07ef70ee0ee8f721ee54c97e4822a6ca5af495460a1237632e7e7
SHA512 055cb4b50ef4cf6bae9c23ad1792e42e8079d84596cdbbfd41dbc795f0be715cc774c3931e592f74b95f262c3b5cd6550ac7ad582b360c6a33991682d3d20eb6

C:\Users\Admin\Downloads\Unconfirmed 940260.crdownload

MD5 557f62e084f4b7fadc9f8982b1514340
SHA1 164e189f1b88a14d00fad96f690e94589c07b0d7
SHA256 624a8596cdfc4033d028202af45e969b5e4cc3043c495a7123e8d65d3efe68ce
SHA512 2d07834a285de783cd6a5262b144845c0d75c9457bdb3eafce4ce96f13a85292b005a5bbcf3bc557a17990bb5ca2bec237001efef6c9913828d1396f43d70f28

C:\Users\Admin\Downloads\MicrosoftEdgeSetup.exe:Zone.Identifier

MD5 aa7a203e42a37517ab8bf510cce591c8
SHA1 b04451faf487275fac62de007db8ed5153d0bc27
SHA256 1072c6db399632ab3454b8fa60f15d2b7e7d460ce01e553cd9ead16e6e0dce67
SHA512 1313d7493fa701742826333210f8725bfe2510689d54fa5a03b68537c826b715830933571291e9ffc5870277cfc37e056c3a9ff7629ad657bab06464399a3de8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6d5e040010d2f4e57279ff8a87ebb419
SHA1 0dcdfde55d773338cacb873e7473cac5482c566e
SHA256 4c4a79be3876ec409fe3b7f3918c1dc019af0415b7c013f3a8d23e746d5d1a58
SHA512 dec9542c0d0b575a8a7aaa9bd5ff3ea03c6f5a94a53a07f8b8e6e6f2aa42c519e3a80e6739371cfd1d36bfec55267382afc49cd9720a963dae05eb751538a3cf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7525561a61e1d75ef52b96c79710cbca
SHA1 11e252046f4550f3693594c959aef8ffd38af97e
SHA256 c6641307b80eceee582d37c798e882bbbed036118cd713f1621072446bb2db53
SHA512 1cd412483ba19e288bf7a7fc094224008fbb8d2c8c0015a63062a1d84f2bd8f734957a3115e3d053820bc54a41ebd3a27e038c709f0953df09d34a5c587c89d2

C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\MicrosoftEdgeUpdate.exe

MD5 f2d14ff6375c24c821695ec218f2330b
SHA1 9d7b115c16d2ed5c3e6c3da19ccb495b3eb66b7b
SHA256 f9819b0b98e30da8b8f7c08191234ccf0bf03a33b7fd41fe93f120f974a8990a
SHA512 972814a3334ac85a30643778fceeb6f9a550d6dd578a0966fca9fbe6f36fc4e899e0a1b0534fe1d245c6f17ceb038d14d0989d31fb13f5b1556e188bb38c8b3e

C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\msedgeupdate.dll

MD5 c35fda033b1b8441ae9d88c5763a7653
SHA1 6cd921518561d65155bdbdb085ad2fdc77fd635c
SHA256 4ac4272afebc63cd0bc85a5a901403570e5ba8ecb867febffcb005efc7d65837
SHA512 3068145da7f6d3755b8d497b8ce499823292d6b3be35bb3d1735ad1e3776c8bc2bcad59b48d69dd9135cd18a2238e9f2b1ebb4c3f19d47e70c421f620c7cc5a4

C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\msedgeupdateres_en.dll

MD5 c3dcb4ad44d0abedcb962778ff50c941
SHA1 a2b48433c32f2bcf6565d59b0c2720e74ec939a7
SHA256 387385234ff48a0faef8935ea7dbaab58acb85594bb9cd67b6b66da8e2c15941
SHA512 3d98d48c57a99c9a546a9847fa238d7bf2c00e86728a5c53b2029ac1917857952c28abf94502269500fbcd26c625468a8fcc988737ed2c77a43451679ddec65c

C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\msedgeupdateres_ca.dll

MD5 695da6b2e8c2ded73fa3b35a8f3178e1
SHA1 f4fe324aa0b81bbdbe92c4eb5b08f307d8a9f770
SHA256 ebeb21625556564644993a2eb2ab10a1f4a0507c175933343025c4d0ed5b3933
SHA512 00c871d1f54fc80643ddbdf01976f00947a28f639894e8092d28582bea770ad7e68a989edf4cf7ed8de22c386225a75a500879b9151a0f8687cd6c28f6dc0310

C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\msedgeupdateres_ca-Es-VALENCIA.dll

MD5 1481af2fe87b9ce9b891b6d79db6bfee
SHA1 581b2eeae265ad4a8837d1b638e4b691bc064620
SHA256 88f78ff99301af50ebaff945557092113f27201738aad2cf9ee24d416023617a
SHA512 2eddf41b00100d55cdad663dea4fb7af405cbc77a282414c13672d315f0fd1f3578fd241d63da9ab246efc940b7510bcc19baf2772847200dccc3e0248355fd7

C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\msedgeupdateres_en-GB.dll

MD5 1bc70e3fefc50aead40833779bb05142
SHA1 faac018733971b29ce94bf81e9462b78c0c6a2bd
SHA256 0bd45524f17fcc436eb62803f42ddcb9ab4ddf9de6d6338a8d90da8ecda699aa
SHA512 b099b388e58bc0274070c74809c043e2f1a98ed14ff4e9b1be1d7ac4fc8af46ad8ecd272a1e60b0eb37d98ba5fd5f5d6e6d9008f9e050ddf20928e4866edd8da

C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\msedgeupdateres_el.dll

MD5 609bb0fa897a29dc620192a99fd20738
SHA1 204171116dab2677c16f3f8a275d52eb58baed4c
SHA256 32a516ba9e696a37815e0870c42ec9deddeab24d6c66b9020afc4b28ab5d0de8
SHA512 a2c2ef8523a01350b1d119f7ef9d9c3888b38a1ad088f0b7bd1f05124a1d720722bcb3175f88b3579b2d16d33f702b3566d3ae77d3f2f2e180c079f0428843ab

C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\msedgeupdateres_de.dll

MD5 6b3e71ac529dd6b60c52dc03958dce57
SHA1 1758a9be6ca598b88f89b2955f6e69b195abceef
SHA256 edd1374957acefc691ebbc448c74636f5a5efcb91630d901ac1f323a91f55904
SHA512 0b5f3089ffe94fea2809735b1b4d4331bfb2b438a85c549e57f34fe25295633d6785bf89da4b2f224734e9784c43255cb6ccb0de82b0c06a47770351ba566d59

C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\msedgeupdateres_da.dll

MD5 a9ee7fdeed416b6fce213235d74a6412
SHA1 d1e478398eb5cfa2490fead8842ff386e52c5e46
SHA256 30ae20bd4527f98e16af09566d67e3163d05be72a6021d9b54c493a1934f7792
SHA512 fa00b91c7ee2119d82204c4961ad303102f21151dafd21b31a28ce7532790fb4c12df2fb062a267c24cd8419abcda1312a4b829876db40a5b3b320a29d87e74e

C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\msedgeupdateres_cy.dll

MD5 904baba636f7bd537f86c96b486edde4
SHA1 c90548a30a322e0d2fb554b313ff99f0b0d12f94
SHA256 e732991010f68800ad14718687e29df53ee763264facf87db8c08eab874309ce
SHA512 ea20a7241de74b064c29f2463ab8ddc67a8b3604228f025ac5c0ca460deee2f7fa55283e82dacdb75959b8423faadd40e85c9d6b2b53f3f62f16ae37f440d07a

C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\msedgeupdateres_cs.dll

MD5 28acdb7e4762aad04b93e3462f09b16b
SHA1 4bbdaaa8411799a9108b81251c7d261c858ce7d9
SHA256 b4f889351006556944447c9c6bd3f5591442296ba9f57948eae09a6828fbc0bb
SHA512 ebf4366dc8f24253bd83d516f07b9b69033e70c09f4fd3fc9654d1e06436917e22b8f1eb10d33602bd1d72b42c22e1d89f10f98eef9b30c59e9b38133040755d

C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\msedgeupdateres_bs.dll

MD5 de8c111a65a9e98bd81041fbf51e3594
SHA1 eed2545549c5dc2072ade08321d9229cb49090f5
SHA256 42c14d538d82c44d0ea2b4424548269cf7dc9063d5c56c3e12a7a4f575a37f6e
SHA512 987c660516b27f9fb671f381b353e2dd293811e9a0effc5cf2a9ac9bf9432b3074748ee0d99677ed5485ac9fd01d46f126d3880c762b8572fcf49eff36bdd8e5

C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\msedgeupdateres_bn-IN.dll

MD5 e87a1ad4f7aa16527eb02b92fea2f590
SHA1 f3362cbd635b803e1003c3a15edf52348ba1fb77
SHA256 a248073ed5a436a921745aa78f3c039e8ac0c360372644c1f78c36737e78f87e
SHA512 8018c0325f598e0071b4f5a8d4fa201aa6f30a2eefc34cd1a0effd05f5ba75be9fec30565d6d9c9f761a896a7c121d7f0ba665a22e6cd7dc39f932f0857a8b2f

C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\msedgeupdateres_bn.dll

MD5 d84aa26e9486830f6e34485ab4e97a0e
SHA1 d4053cabcd346a9b17ec533319c0d9d3305bfd90
SHA256 75951874d4a4624d5a054fada852f046add3d57424986bfdc2a1c3bfc66be484
SHA512 52e50ced2e936ade01781b043ca518af8a32c33a64463fea4947c7163342e3375ae590d224311c47dd072969a79a85bca38e8bc41384b961f40979be7eae0a40

C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\msedgeupdateres_bg.dll

MD5 b34dfac8c3a1dbb83b0d41ae7a4b4059
SHA1 18d2696ea79d3e81356892cfeb4dbeae882517c4
SHA256 0be36d4264d8ac8af871c1ebc448672137bfb894cb0b91a07dab20743d2f344c
SHA512 f7f75859e9fe40db427c5e15446c6411a28f1628ddee73d818d840c0b6ae5b2d3176fac3fb83fe5343d3fbd8b44c294f060e09492304a49102863b99acfa4f20

C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\msedgeupdateres_as.dll

MD5 0354ed3612ce1ad066261a816d778838
SHA1 f4986dd7fe70b5e8b226ab994e082c625f1b1ed7
SHA256 6ea80179f119d72f00940dffa2b0fe11c8559052d22837d035d57cf0fa923caa
SHA512 c409c223075a50c39acee6465cc7e49d860f3ea856484ed328e3dba085d99f4ec3038c7f917eb630e6e624077c51ba086c5c13e37683f7fa698fd9d26e16d793

C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\msedgeupdateres_ar.dll

MD5 23825769098fcfeb651593ab1d9a17fb
SHA1 d8591e5c31b41b54077e72ac3190b28d13a80861
SHA256 e7a94d29115f6b575c9dce9a0d649e38058e369bfa32b4f510efeca30bb85388
SHA512 631d87f130c3aee169312de6dfb1bf7df89b2263a4c753cd8fe5de679c5f476574ecfc40492ba044353a52edb062c6f5b6dca3ce4c790f9f89e27d95aa2bcda3

C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\msedgeupdateres_am.dll

MD5 52361017f9d46715074437f4f4ef510c
SHA1 0805c5b1e97d27b0a4e9a0f9273f76a78afde60c
SHA256 1bfc89c8a6c558f70edab1a24585960276fe1c08c5f363855062e13503daf7de
SHA512 beac1313538e97f3cfc87b9bd7bf2ecfc7beec003f757d73513ff3ce6a710f554c1f036c372d8c2da227293643cbf0bcc7ad3f1ac77457bb006e3ec17f14df21

C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\msedgeupdateres_af.dll

MD5 ed0e2b7f8e5d1d1dfec64347388b4eee
SHA1 8458c853b7f53646395197a0ce7ed62a7322277c
SHA256 6c0aab9da650ff49e668f6048e7cca45d908f566e9b1ad1a2736db2abcb6a540
SHA512 9ae9ba8bc2e2e24c63c15e2568f62df74558204f2885df0333f697635a85e47690c9a23546e758b0350b56bc26a58f1046950de00498727129b175832be82044

C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\MicrosoftEdgeComRegisterShellARM64.exe

MD5 13fad1a73c960168be59885cbd8681b9
SHA1 0fae27254003eb50d58e4f410681b65b9fc23f8d
SHA256 ccdcbabb2dd8a0701bcc7cb3342ffe1b7bb633300de782c8cd0cb706894db709
SHA512 093904555288198eb8bc7b67608be14f9fc33618f19f3511d053c26d5da9d3f1963b3f18e8ca3a13460021c3c1324ad45ec5e912e6495dae84807946ba66d379

C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\MicrosoftEdgeUpdateCore.exe

MD5 0c02bf3f64e1e52e23a1ff1be975481f
SHA1 1512259afc08f95346d28dd0dc949bda6895e862
SHA256 24b93e5e53c2fae8d6430da172bf79fd3a6a6d38c5ca9d3a844494f2b7bc01ae
SHA512 609eb973c21384ab151ba700714fd8c5ef70f9f2f62bc25ed5465198542551530849c5eb066736c1c67d9fe301143c214f40bccc751d18cecba6667f054db5b1

C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\msedgeupdateres_az.dll

MD5 d2274e6ef10f7db41c95ef6f1d8e4bf3
SHA1 898c671264d58164cb27364e8857d78e40daea2c
SHA256 3cb6ba05195e7aee536d3734f7631f0fc47bd5f483c1bf6c646f57c008cd0ed3
SHA512 42355d14a248ad372e366010c2ad1b0e64d0b84f52ea34acd37c2bc1da198c525d8e1c19558edf49a780098694b98b6b049f3ce62342e27a99ef0417f0f2ebc5

C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\EdgeUpdate.dat

MD5 369bbc37cff290adb8963dc5e518b9b8
SHA1 de0ef569f7ef55032e4b18d3a03542cc2bbac191
SHA256 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3
SHA512 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1

C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\NOTICE.TXT

MD5 6dd5bf0743f2366a0bdd37e302783bcd
SHA1 e5ff6e044c40c02b1fc78304804fe1f993fed2e6
SHA256 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5
SHA512 f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e

C:\Program Files (x86)\Microsoft\Temp\EUCD3F.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe

MD5 e75a70e3642516e42905833935d9a85c
SHA1 f804b8edafa6451f8cf6bbd1c994934fec0578e3
SHA256 aa3304fccb73b3c8f3b50f6bd539bb6293fa4393b6cfc56174878b1eb352eb61
SHA512 a8a65dcdb8e0201f0e4072de035446e3e5ad543795e4abf1e47c4ebd1277dbff45e7539c528d8b5df5fb65e5479bbc830ae3dd00966d5b4aa16c4480b0e1866f

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 bb8f29c8269d658148f4e93706e3a928
SHA1 1840c72362fdb2b54c9694f0af92c0f0d1ee6e51
SHA256 aeb84c975d34c3469014fe451d3f02cf03ce15cb1730b07cd4f1efb6a2e5b895
SHA512 af346a6c4893b701f7362942173bd8e0d8f63f196da695657adb2f345a22b00ac741ca45f56c5dd26eabfbaf02b389cf27197b61a6f9def6bd65d49a05f12d54

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 626f3d8858f38e5a5fac78a830c1abc7
SHA1 242da7ffc0eae0457adb83f7a2c8379b1d119bce
SHA256 d5de7c062de79f4cce476a6cf56654405b14971361623ae143f81c94dfa62c53
SHA512 6c286b98a9ba0f716c44b1a52fc5b4982a771c8a415a402adeb096f11f8b75b73c33101b839ac37f35617eabb4fc67eb107b89615f397fed57634040ea740863

memory/5412-1900-0x00000000006F0000-0x0000000000725000-memory.dmp

memory/5412-1901-0x0000000075010000-0x000000007522F000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 330d04bc9153f475d1e1964ada6c428d
SHA1 ddd1432598b244578908f5f8855e327a97987d69
SHA256 35b71cca15c30cd389f211012567b3a96b89a7c11f5a024fe3eac4228b60315b
SHA512 2c8d2a1612f0af47120e394283f3e21869b0134f91911f7c286b16f888b921827ef65212160f0c5a1492388a148b087cfad4a33084ceb6470b9702a7d5136ecf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 67a3416548d8db6cf4ae54e75dcf604a
SHA1 6d5e17b6746fa21d6b1de5f28d8f7afc96a50151
SHA256 7562e115b12fb4156a57f511676b2858125bdd1e1b61314eeab8f46fdedb23b1
SHA512 1603215bcdc9029b3bac45a742af7a03f15017b97b9dc8175b74e73365da64b0f6c11bfee3e7f31a1bfc38fc2661a042da81171ad10f18c47463a01ace438945

C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat

MD5 fbfebd4dd6ef4832d6a3d5ddffc4c11a
SHA1 47324bb45f1151b6d60a8e51efea2fc711cbebba
SHA256 7660ead5a20158f323484c3cf42f070adb1273972832c7fbbabe27981db12a24
SHA512 7b6f175f1fda78f2ec62bee8e8a06b7e3ab94563f515913ca3044c7861b29d458c41aaddcc58e33c1972acb043c99de17ea0280e193e4030ce546d470974d045

C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Installer\setup.exe

MD5 0e2485bb7949cd48315238d8b4e0b26e
SHA1 afa46533ba37cef46189ed676db4bf586e187fb4
SHA256 1a3d50530e998787561309b08a797f10fe97833e5a6c1f5b35a26b9068d8c3e8
SHA512 e40fcfb989e370606469cb4ca4519ce1b98704d38dbfa044bf1ad4b49dbcaf39e05e76822e7dc34cb1bb8f52e8d556c3cbf3adb4646869aba0181c6212806b96

memory/5412-1985-0x0000000075010000-0x000000007522F000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 32b5890fd0c9c6c71fc584e2352d294c
SHA1 797aa37614db1c765db55e2955cc5c50f25e0fda
SHA256 5dd5c733260dfa960a937472ea0d7c2cc1859e5de8bd2a1e100316178da8ab06
SHA512 3c4b4842fc87fc011ea71e17c6e8759e05b0e82d06c86dd13c782ab49749d447495cb2d1fe7c33989757d719e9e02353c11461f40c435bb3260e4e8e8e97050f

memory/5412-2007-0x00000000006F0000-0x0000000000725000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3a866b4d9cae351e602d90931c778b1e
SHA1 a1be2d252d61bf4da1d33bfefe5482dcf5b07cc7
SHA256 6236312133ee115d53012092fb892fb850503d9b16f4264db0d65feb7ae83998
SHA512 af0f58ca955f7343f9c5764c28572f19b4de982508bb0f18a1c674edabb12936498c65cdf964ebf7428a46d4d7eba1cdf4c0a300d554f11d9ad0ccdf388c61e1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3fbbd927d9dbbf437fe367b459ead9f7
SHA1 112ba9f3024ec5df7a984dee8952b59ec310f721
SHA256 23fa609de794003d2fd991095fae3439f235645029e761752de0f614b325ef62
SHA512 0a4cf09db6924ed3b11a80a009ab2ae725e0f17767931e8e37587f0371d060c3c105995c56d5b1ddd611b5d5c8cf9eaeab38a8a38a6aee0de57cd6b07e0b45a0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2634e65b324214e4f5db68b04f2818dc
SHA1 a0cbf1548a3c3fbcb54fe7addc5165f415be1dc4
SHA256 dab336e771c03d36b8285ec27ba4327c50dbcbfcb74008e44772020da339d963
SHA512 dc8b68ad569716cc103c738cd5284c0f3965e8f0ca649f52b310d4e2977c53864c04a00edb29308ca1d12477872428a1656fd82c59a9fc73fc24999bb50a8fcd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 a73f2db777536fa2a08245ed39b2de93
SHA1 883ab158cb29725c4c0f78332a8b810c58dbd961
SHA256 74ff90681a57242097ec490b629e161049dcfdb19eae8d8f228f5da3be7657dc
SHA512 0a583a64d53040f24eb41370ab0e27fa93005e87f2e1d5cfdb3c6061d171193b4d06a3c2ad47f87b4702078dc370722e697cf5aaca0db8254184a951d21aa9ef

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 61b8a9feaebcf86c6f3e39a8cd586013
SHA1 dd4ee431463ed5da9efc77b8dfc43d9037105694
SHA256 b1b62a62be58823f1452a025f82405ed69f0a78240820abf76f26f7fc7cd204a
SHA512 fdd361ed0ae8fa00a2e6a6314f71af0426a2cb187ed6cfa09162b1f88e8e8b41869e3e6a1590a5656c6ef64a70f23fc9fa242a2a8b025789fc46d71796f7c9d5

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 242c52a95ea75bc65a946fe6139d80d2
SHA1 062b3d2f958d00b4f33ba80c2f602c567dd814c3
SHA256 35c128a80e18273be19384cb17630ee691b0c1053e59df3ef568c727b63db620
SHA512 a2bcf77b26d356d5ee1fff129670ad149386d809433c746f0c348678cfc442f6efb374a73a3819314ca739dfe71b7d6c77cb89114147ed76c2323fcdc5937e9c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 209066e1cccc03a21f3c5de6894294c6
SHA1 6fe272c1d519c197b6a25d65ca14d63ca47d9ef0
SHA256 cb2f6267438ca98a7b0b4c4de7cb5f270e556c6539d8c0d9e1b73fdec4fc67d2
SHA512 eba4ad83b074ff32cecbf6b0f95aa2091a393a83c3b9a4037c0b195b0563fd37ff0c754a905c5bc700d54584a60edd53852bf8d05a7b888e55e834359bd94a06

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ee4ea8a6bd55645b4784e017ae8fe7c3
SHA1 1b59689afe6c660e965ea648e02d6c512723bb47
SHA256 523aa955ddf1c2efef3ed2131daf8e184bc8586d06fe346d87664afd12a1dd83
SHA512 d75b017a542a6d0434fcbc55309e98d833f10bfc51e6cfcd0ee032c6af116415205ec93fc756ca4290d54419404cb2f575ee5bf12e655b394c1c09a5e72ad333

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f45e930e8b1c1c19792159b4ff76caff
SHA1 3dbda7a029a22f5d092a80dc9239b2544be7458b
SHA256 68acfbf96ce5d17d28e2549aa05347903509cfce2062d77c069ccd20e51c7708
SHA512 044807852f4e3fa0b3f0825cf5e32e074072d0b39a7c44c54f3c44eaf07069c1c1d83629941ccfdcd51aff24d96668751df17309e31fcd96c16c7866d3fe7232

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 d064f33166559cc84977fa7465847e4c
SHA1 ec441030d3fb2a7d7e8b4cf0fdb01d75cf22430d
SHA256 3ac3ff21bf5f15d4919cbfa9da14d3049a8b1660522f424ce5e8643aa95b7180
SHA512 b64b717a5f7a4a7514670f3bd9b066c780d6ccc179b773b335f1c8dbccc13bf3db565a0353763ae599ffccedd018a3172747279a6cfb185efcb52b964c98d650

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9377ad9ad711fea61f765d56e75aae0d
SHA1 1aade1bbae578ff8a29fd4099a7fda76b2c95931
SHA256 b91e63c479300d1846fbc4828b9498c4d3f9b9b299000cb0b03cd2ca6908cb7b
SHA512 b82042a7067796f3659e89df608ebc6dd02079457157a2444743391aefe47e2d11d791d46ba06f49279fe4fe19e7fddde295919a564429f571aeff771626bd7e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c01782971b301e18a642364cbdfe9b8c
SHA1 0615fd74456164b551a8d485f5873a3de532bfc6
SHA256 a729b4c0f7214127ff4e6bed35ba870fb1c9eb2dcf613af37c8ce64ed78c5b3d
SHA512 ba03841df3b442e16d5598f355d32094b25ce5b3b011d6cf19b6cf7da49148f480107a47e7a0dccfa1242f75fe9100f368cf1091254313a97b7ba3fb08fa82ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 162b48b91c25b87b64b6f2648e281adf
SHA1 316894ac9242b5db7f177f700e652bed4c52173b
SHA256 adcaa61da6fb8a8e0bbe60fb9c99e3d618c087c57aaf0746660840b031651073
SHA512 122cef786017980eb529c504222db81582de4621a3e5492d666cb091006adbcbb7131d373ba07d30fbb85285ee49e69c8ce4054548a802a2f48d14f3c6b7f211

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0e099c86251becc4afb210ee47b9bd06
SHA1 90413d8a3efd0d6f5adad44e9f01413b912b1b4d
SHA256 96f80df2c7527abb9afb64ae2e3a8803430b1559a7ce6778bc3a09eb05e67e97
SHA512 60652a916f568c8b91a52f9ba21a0b0709be6a1b965ae7d5754d952b48c61e2c9acb0c3ca04752b14d91df24a3a74a6d36ba798c8720651b1c8045461a2c74eb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 d7f22737979fb2f9ab839a4fa3274251
SHA1 404d1f38cbd032fbbfb78b1aaa591560f2ccaafc
SHA256 e6182b76a4dad12a214a9bf84e8cbd9c96c449ac967dbb0a2859ab441d099838
SHA512 a89a8350b8f3eb0d64188b34dd5eeedc3dab5909032a4d413ae4ba4bad46e6dfe1533921f42ea3a8c402bcacd0c52d077c69403e3325c413c88c6913d22619fb

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

MD5 bfd03ccba29a7b7cfcb89795d30df245
SHA1 8bd6beb1af61231295a22145aa0251fa24fe5622
SHA256 23303896fa69a7e7557af5c13469cfffc70da389ffbf9ead3fb0be38a95d368f
SHA512 d7c1f5bd7338a7eba959533b34af66eebf4be645671e24d9578643cc8d0a8b93bdb2dece287f34d762a41ecc127b9ab582452207ea577ceb9c92662a24cca48f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 1cfdb27c23abf95bbdc994f8df9cddee
SHA1 bfcb400917de349939e3353b063c09988464edc6
SHA256 f19a580936b2c6bd21e2d9b4912f0b7883b669b5b0733e30c1119e7020e0d60f
SHA512 e72ae87de298804da75dcc07dcd5cb8caf29f7509274dd3ba96108aaff720a92490cba5991f0d2139df59173ff88bc1c5e4e798a6f0b2a19cc445b9cc168d44c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\ea14c864-0a66-4d11-bc8f-0306a97f61d9.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 c887d701b8c2823774872ded32037f06
SHA1 e082c61f4528208021264c07280f487998f8ae92
SHA256 8a38ed9e65a9d60d6207747261cfc4c7d90761d57d2444a20f9ef603f693d6f1
SHA512 6e367b3ef65bec89b57c2c1e252aeb92d1207435458829aceb1a232c5c51d2bc126b06f5727aa713f602486f9167c39973eb21d569af3252e08fa5c6e9f7e978

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a4e44e34773cbe071b4b02de99761d94
SHA1 4eac6394f5d1fed5371d1a7ec755a335129e8539
SHA256 9a95d067da523840cd5bba55d9976291ba3d6ad0285a4c9aa9fd627d628c33a3
SHA512 0b7c33caaed616c465f3d25b7287153a3815f32f82e6f0eafd94885c835ba1d1199a0e7969d86031f34bdbee81aebfd86b061c068fe56196b16fab94b917a5b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 9257a7cd7c68dce6e3d2fc7ab0510da6
SHA1 7351f4888025755ba667b7b813c436c024c2db38
SHA256 923b0e131da6f0b408f4bf7683751ab3e877c6fe6c7025e35471582fe3471ade
SHA512 d56be51f4a864da3a11fdf0726359283adc7882c5c9793b133c1f15d2d44882539d22d8abeed50d2cfc0b1afb928cd09d542e576da07074f467fe94411a250a6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 98b2b3f607d7f41374f580ca322b6049
SHA1 54050644d120cf500ad713de5193ada2603c358d
SHA256 4a4a8975a4dc89fd88b55aa5989042b652d0d1d75f94c3294e54bab409074b75
SHA512 6c26fd1e4ec6dfd239026f15814d633919edcca1913e9f13560b401a412dffc3a19444f845b36c6271f72b1e76d6c8a6c0e27b0ed5a821165553a24440ace523

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_1

MD5 d0d388f3865d0523e451d6ba0be34cc4
SHA1 8571c6a52aacc2747c048e3419e5657b74612995
SHA256 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b
SHA512 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\downloadCache_

MD5 47d41a980668e9bfae197488d6d56feb
SHA1 8acd8919b112d637a18e4c2f79f61fd62d2a1e6d
SHA256 87c1ba0f3a75480bef554b38abd51d7858bbe2cff07d4fd29162b4468d2b6c43
SHA512 165cf9913129bab36c22399c3636960cff235313256262439bea6a1ed78cf80d65690254cc63148e7e13bb515b513037ab6be7d20efdfb12b07985339ada36fb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt

MD5 9dc6a4d85511be1c3bcc846ec5d1ace3
SHA1 9f00ab9db75b4f3b7b10a178a687014dc0a601fb
SHA256 7162dcf75f9e01163d26664e78f20ebd59015afa2d2bb81ff4b438a42e2b11f0
SHA512 4e14ea505851fd17946a7f1f5bcc9d1f76b2b88866457ad17c4673a28d35ba4d8ab23789f76b1d4fa09ac3a197c2b190e974cf516707965ae56701f4aed063c7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\3a3a6500-c522-423a-8dce-5e84b4e8d439\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt

MD5 c0b261d4e8e4b228e2391ab50785686c
SHA1 7636b0e9fa80c527729e8fa07d34947a2ee4b51d
SHA256 f721b2342a0ca3a351a786a67b641a0df7af1ae4664ab3eed5f68ce8614e362c
SHA512 7c463f13da32443e6d5f606d493870349fbf31b673759e76b95bf6a973721cf01ef2859dafdd53ffe1601161952b416e5b6e2c0ab239cee65e007ffd0d6296c3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt~RFe5de775.TMP

MD5 8788d9a663917b2add083bca00dd3f07
SHA1 d21e094ea9ca40448106696cbbdc422ce7febf81
SHA256 e296e7b1a6587fd48fe2f852466aff413edc254d9b5b8795751aee4ce99b6ab3
SHA512 ac1465e3fdbbf701e5679016af54bdd53867467d05eba5d6ffaeec7de4492addfdd639ee14cc90ad7dd438956abc679a9fbf163065d7f3b3a639b6a3aefb213d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000005

MD5 5b7e6e30417ce18c380eaa22c4fc9c8d
SHA1 74ba4eda6a534c21b58a161eb2a79bc3475ca663
SHA256 bb437b97d96fe22d3e5471c857176038fcf0741cee59e22394b6f59a6b609e4d
SHA512 390af535bb71162b4c38f237607ca1dfa604c329cee65faacb0f9ab435c1f5908e14d2946e26711969949abea0e523325634ce366fa411a2919f9812b3935c88

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000003

MD5 fb92bff73268f05c43ce40668a57e8ca
SHA1 850ddc32fd2d79e71b9e2bdef28ba8e34b6ac525
SHA256 12442705af38009a0ed7a88e5911f1935a509393dbe3d3dc98ddc4f087c0b74f
SHA512 16d331471e890de5ada1bc12a8962b615b7df5b74d9e7c111089c7f89ee1a0bc1980d449237e3d976469eb6037dc584f5a5d7f78927a67d829020470cc02848e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000004

MD5 4edd45e281bac4e3af2b7593be78732c
SHA1 e54e2291e02593dd29958994189094bb4e6026e1
SHA256 77eef2d105d24302988b670d2092046d9deff5ba0e8f058a54f16fa701535b3a
SHA512 0fb3bc6c6262f9d5248ec7a985622f81951c11cddcefeb89195cc93b11dee7858901e90d8fc83a597abf7c761c6d52e6af93dee7a1eb8978e2ecd646c817d15e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000001

MD5 5e0aa7a56a4d341be132fd03c796c5d6
SHA1 1ea58767d1ed0512324116db69fbe224e8d86595
SHA256 97a3f2b2ce8de24e28f636d34d9f06456e8fab5f0900c1585e9bb3f939131152
SHA512 047722f37cbe3fa651623ed2653bc5b434142cbce0191336d2d580f0baf665e8258c45bfe775431e2fc51aacf4c8b6d48debe8c1cc9fa3fa8ebe8d772586ee9d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 32de5a1f6e86b97a34672c65329f5432
SHA1 191eca4971090d4b04160add9b9485e8a9476461
SHA256 2969d60efa21fd33e36671db72c291ec5cb04cdba93030f3f6340417a49268d9
SHA512 5d97cbe0b13c142e902e7c1d4144efbd414f92917b329b1d7a3bb2ac79af145e11e5ad11e82baa8401f109c333c521286c8f0590df025ab24aa46718e7551c30

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 92c94467eb55350171e176ea23bfc517
SHA1 3dc94a67743d4e68eba20f7b4b6713f39a2f695e
SHA256 296b460b38d222c152d834bac0ff9ab1cc8d1811e0ecc2cf3322d92685ff2639
SHA512 1df2b8acd284dbeef13d80a47cc46d01514e8bf647f622a6fdb4b55327a61c68e504678840c33b38862b806e5313411d9c63a970cebcf7723de89beece619242

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 dc5ae2ca80b82aab48e0f716648bf415
SHA1 b7ea2b1bb202fc343c9522769a033ca344c5b865
SHA256 0494906f0febf0f7c8ec63dc66e278bbf757819a49b1169a24bb33bfb259a276
SHA512 ef66c0fff859b7de5d7626866f9e19c39e7989daf8802c9189b86f36f5537113d4f20b7a5674673eab1e85bbe1b04232568bd8af122382e06f6322c2b9425cca

C:\Users\Admin\AppData\Local\Temp\f027c888-00cc-45c7-b48a-7727d2ba6d84.tmp

MD5 78e47dda17341bed7be45dccfd89ac87
SHA1 1afde30e46997452d11e4a2adbbf35cce7a1404f
SHA256 67d161098be68cd24febc0c7b48f515f199dda72f20ae3bbb97fcf2542bb0550
SHA512 9574a66d3756540479dc955c4057144283e09cae11ce11ebce801053bb48e536e67dc823b91895a9e3ee8d3cb27c065d5e9030c39a26cbf3f201348385b418a5

C:\Users\Admin\AppData\Local\Temp\e36cd26d-264e-4e56-980c-9990e2b9bad4.tmp

MD5 6457b577795f5c8949055da3a8d3ab2e
SHA1 515b61672fe5f3b2a78b7a64d7b83fadaf43e4e0
SHA256 52434403b00cd4ad818162921eb958ab318f2eaed1041cc0eb7216f97a63e950
SHA512 da6f36047a99bfb7d3e942bc1ad5f935ef9913899765a39e0b29cb117ab706948ab38ad5fa468507aecfb39612da9c3c0e18c707496af498390b00184ce61622

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

MD5 05b026cb1fc2e59850636167a24026a3
SHA1 6ef27b5319c0a3d4bbba640e69c078ba5847be51
SHA256 b2bf1bc0cd63a0ab9e2a9dd9961f1761dd775b26fcde263fcd125238b5ad58be
SHA512 16509d4c6736f2a82c126795dea97a3670962fce14366849a9621eaaf5916f0c77e3961fe0be69d3c16438838d97f369835ad9f5e00cc18645af3d266798a718

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\content.js

MD5 3d20584f7f6c8eac79e17cca4207fb79
SHA1 3c16dcc27ae52431c8cdd92fbaab0341524d3092
SHA256 0d40a5153cb66b5bde64906ca3ae750494098f68ad0b4d091256939eea243643
SHA512 315d1b4cc2e70c72d7eb7d51e0f304f6e64ac13ae301fd2e46d585243a6c936b2ad35a0964745d291ae9b317c316a29760b9b9782c88cc6a68599db531f87d59

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000050

MD5 3cd0f2f60ab620c7be0c2c3dbf2cda97
SHA1 47fad82bfa9a32d578c0c84aed2840c55bd27bfb
SHA256 29a3b99e23b07099e1d2a3c0b4cff458a2eba2519f4654c26cf22d03f149e36b
SHA512 ef6e3bbd7e03be8e514936bcb0b5a59b4cf4e677ad24d6d2dfca8c1ec95f134ae37f2042d8bf9a0e343b68bff98a0fd748503f35d5e9d42cdaa1dc283dec89fb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000051

MD5 cf989be758e8dab43e0a5bc0798c71e0
SHA1 97537516ffd3621ffdd0219ede2a0771a9d1e01d
SHA256 beeca69af7bea038faf8f688bf2f10fda22dee6d9d9429306d379a7a4be0c615
SHA512 f8a88edb6bcd029ad02cba25cae57fdf9bbc7fa17c26e7d03f09040eb0559bc27bd4db11025706190ae548363a1d3b3f95519b9740e562bb9531c4d51e3ca2b7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000056

MD5 3051c1e179d84292d3f84a1a0a112c80
SHA1 c11a63236373abfe574f2935a0e7024688b71ccb
SHA256 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3
SHA512 df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000057

MD5 68f0a51fa86985999964ee43de12cdd5
SHA1 bbfc7666be00c560b7394fa0b82b864237a99d8c
SHA256 f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f
SHA512 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0991c38f31b4d5c12347af1b8ee2c97a
SHA1 071bf79c5e42aa838926b9ab90a0e2a11a7a4de1
SHA256 c0da0091d46ddc18732bfb97e40e50e37115da222ef5bab2640da713a2d8203f
SHA512 1acc79e45fa1d61e69a78ede6740218104c13f64796a16f4338941686fcdea7c4b297e9a932050228f5d594f17fc8de6fef7825c290b4b90c897f656770c8bb8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 7bdcfc2258526dc6171edced0ed1b1d6
SHA1 12d3f7eb5b23d70c6512a204fd220a9dc52dd2e8
SHA256 72e6ac8aff585991619c99ef56269298a374dd96f6dcd078ceac38d593ae68c1
SHA512 c3957406c068930b543e82327b538c883b7bae7fc7e802a0fe927def2bf3766a7d16cf2b9ddf2e5fab39a0f950cabe8396a7a7c39e4d02a95047996443f32583

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

MD5 07d14937a1014d2131c1ccccc7f464ec
SHA1 c28a024c182964b92f1b4059e8087681dca73631
SHA256 40e638ca070cf672583bb5554c8925446ec8ec453854f0023d608f009f30402d
SHA512 5842720d225cebbd0be385a71e6154a018deb4a6717c236184c0cfe888e75c5ada675e052950cf1925ab9c887229cfa65664c3009c17d9344cc2858012d1806a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 d5222a38d1e460544bc88c49251bd38e
SHA1 230e7b40328a1d117adfefe6460c2d9391c88546
SHA256 79ee8dee05758a92ed3b9e73c5017b8762ddfb9fc87b69e1e7074c20b993cc6f
SHA512 7308a45a07a9b6d7b97cf2d9599d362bae800db609d6f6fec0e25ed78c35f781893ceb609080430b09ab4047ae2ecb654355f3c59786a1a782acefaa0d53e9a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5e375a.TMP

MD5 77994be1f243941df3d406e3391e5131
SHA1 152f2139a92e063df5d8ccb1e7800fce6cc4286e
SHA256 05271feedce3651807a6809ba9a723f7b4511d506c4e660ceb8dc3ea8469029a
SHA512 141de8ce4910c4be989f2dbe3437cf52fb29ab40cb97de9c8efcd6dc2b267c11f1d5eef7d8f45e8a4355289c641d0b9248f96fc0662aa378db004443697fed1e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\b52d1a25-8f01-4d66-970c-653d3a3e9260\index-dir\the-real-index

MD5 97d0c499c993cf776c5c3c0f65a60ac1
SHA1 e67fce34deb8f009be55c13eb2b0efd418c578a8
SHA256 929a7718a726ddb6d16d2123730bfbd1c66f14d21195c5f2a2225a704ec6d9a7
SHA512 fc18fd67d86b847c83f5d88775015992ce8c3cd0b69e7725f1f5298b4b13ff94f32923296c5a25dc8add8e1cd0b628a47449593ab6e4bfc64fdd2e77b32cf08c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\b52d1a25-8f01-4d66-970c-653d3a3e9260\index-dir\the-real-index

MD5 7f414dcd14eb5ada5d7ce242605cbb8c
SHA1 a49e8e4f8ba10cd32bf90682961331991cee9fd1
SHA256 978b730ac6c4062634f2d8fd2a48985ad1beaa59ae323598a6812683c8cbc4ef
SHA512 c8eb11dc696e2d10847985f26e03af456d5dffc11b44ffad2c27ab2a789b672c9eefd2fa03ee3db417cf90f4f483617d0a0ab0d9b4161ed312fcffa7efe2555d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

MD5 a8bba48ca630267794ee80dbdc9e6b4a
SHA1 3a6c939f05c53019c33f720202b5d7278b15b859
SHA256 dc4f5b32070e523fda108c66a7ff3a0b74c57fb874a52dc531642c84fd60166b
SHA512 3afd03a78ed27737492e94f4ab913ad58636f891c8af1ea6cb1df48a50f507a6ceba859abedd33a4ccf36f3c330abe15444ff2fa47bd4949178ca7c0ac2bfa6a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries~RFe5e513b.TMP

MD5 20d4b8fa017a12a108c87f540836e250
SHA1 1ac617fac131262b6d3ce1f52f5907e31d5f6f00
SHA256 6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d
SHA512 507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\3a3a6500-c522-423a-8dce-5e84b4e8d439\index-dir\the-real-index~RFe5e52e1.TMP

MD5 f425c2a3391c972580264bd8d7207085
SHA1 6389893f2aa2d5d1d94563f0e84ba106426259eb
SHA256 114753c0dbf196df605cbe93d0ff50e91f1d875183c61f8bed2f54d996c39a84
SHA512 d34710cc46b843cb4a8e2a53ee0aef560f4b1d163946eda4dd9e34f5745fe39e8db2ffe455db90a4094a874568097d83e0874cac5bd3ea257664cdf2a2ec975d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\3a3a6500-c522-423a-8dce-5e84b4e8d439\index-dir\the-real-index

MD5 1714e56b8285c1b3940b4520c478d1fd
SHA1 9ba9f27e09a2d5292d554002b5aae8af87b5be11
SHA256 9500ca4013f335464dbf15ab7b3de5ed0933e0fc44014e485c447a145f94c427
SHA512 6b91e7933f1dc32f4214d7d90bb749f9aedbfd8a1063e84cff6ca578f5e0467ec670447600f1653fb531e518481adb9ecfa71185c26246e78669c355490b96a5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt

MD5 e7f50ab2e11cbda0003a01b61b6387c6
SHA1 20658bdc8e477f981f86bd4f15a80e3a09e30210
SHA256 c6e829d8d5525935356c9a7300b77616563b484bcf62cdd25883bcfc0cf4e5f3
SHA512 a62a7aa4d31f3ad42587b1f2e6e5cab0c4caefffd84207ed5b3311fc4cd22059e962a43a145d6f416b0036bc41525465d67d5b2061b599346d5f4fd99242b2bd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 a668b5b1d3f5e9c22dddeb3c507cc543
SHA1 0ee7adf5ec0197c9fc187724f572373a3d0589ea
SHA256 d740e2d74b316aa15145f4edfae58e851aec477d595bf061b33dc39e12415912
SHA512 dd1bcc34415efeecf2addd903b1dc9e67044f8304e164e807db784b0b1383d83547d87bce91959bef1ffec75d4db2382d7b2a65c48af8427e80ffec8f11d5c4a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00005a

MD5 21b99db6353764fcff850ed4de1489ee
SHA1 e1771dc14a7d394e89c3a222993ce56c86f44236
SHA256 0791bfd5c9dad4b28433efe5937084a816644a47560926dae6831452468c718b
SHA512 c92d27c11455e82d60302a0c206e711400f1a74f91473ff1a710453d4a23aa7e4f5632e349c12e4d6b3572a03f0171495bf4782c4ec67101c705b570ed76de4e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 2d2e6d57bf305e5d129ed81fa7c706b9
SHA1 752215a967a74638c59ccf6bac327e4b1833a6d4
SHA256 e11cd2b32c9b29f946d8ee387df5dc5da1310509838a25dbbff3a2267c6737d1
SHA512 4ca0bd0f89f6105f47190d8da59afc25a0de1d86adcc1b4ac9f13e10ec7ff902cd6108513f2bd17e2011521894bc7aee9336db3c582d33622d52a9bcce6d5283

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 1d202d37c78ce6712d7d974d674ba1a5
SHA1 f9534eb46947153f1a03e64aa9d318b3371053b8
SHA256 f06ab700d429048715b0cfda140199d6755e2c7f6f265485e15d49bc701e992d
SHA512 e5c6524a6234ab92694c4133fff2cd7389d69b81b97c3c92b7631d8731119538565a9c5544ed8673cec07a4606f0cec61476c17b1919b2f2dea78330410827e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 45c25cecb0bf501d2be217441c828647
SHA1 b386dd0530296b8e25bddfd32a576a167ac227fb
SHA256 958bcb03e3bac32a75e087885e3aa742aa5adf663e204fe26651539ac44bb7d9
SHA512 6073cc28f9325a7acf1ff8b3c4aa7366196d9bb28095f862fea96a466f0a56316647f2f0ccb016e2e1ce11f3446a31a598053e4e791db6da7b2538d9ddb7820a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

MD5 f7b68c14c8e05baad879fe113569cc95
SHA1 d34e97fe779811d12fa0168771bd0a303c933848
SHA256 54961fc33db0eb8f0d34b12d9c767cea810eab02560e1c0a6fa98793099685c7
SHA512 b2619d45adaad4686d3ab4b09c6069bc3aab32ed10b9e16ad9f6b1ebd7c9b77ea997c55279e1aaf89c95f98dbfa9549fad15d9bfae9490bd1c70f0d2bdcb5bfb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

MD5 264db19b73715129476b20d97a164c3f
SHA1 ef874ec9d11c57623f8f8022d4ec27b17be74ed8
SHA256 b52268086eb340bae873d790009a8b5a104ce131fbea3daa7806f7be870a8e36
SHA512 f1ec025cce90c58f2cfb7031fbae6f6c9479bb41abe0eb2ed0f70e8f7888ced80c7d009e3e571f5117637543e36ebe29c8d8307c53fee5d0cebb67b4d2815152

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 bbeb8be03d82093503b521fa9891bfd6
SHA1 19dc23c46f057c495dbc86abda2fdeadc2cbbee7
SHA256 6e62497c6148f1697a2acbfeab36e2db98b5d5d4ba79e6ec79d86628d0c45d93
SHA512 8baf02f20ebea8b72d9f8788c0db0a91d44ce26e002cfa151b3d4e44d26b99c87767ac5bc52dac5f7d90a4296a19962469ca6b788325ef0ddd9d9ed11bc18df4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\95968b4a-04f8-4ace-bc64-e92a3d40daf0.tmp

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 694e52404f7902da16c9fe294874e575
SHA1 621ecb2ab5a0c1ea3fd781e8fecbd321b5c3cd14
SHA256 e55d305ad5057c33248523f6850bc39ab7a7b40a01f8ebb4fa471b3505c2c79f
SHA512 c48836362cbbeb33043628b8b130567c57baad36654e23202660eb0281ee0aeaa09fca3a2049740bb6793ff6a29d3b73a0d7bb0005c571f2f58a73a47c082bbe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 8a483c54f9b209543b0ba6ee9dbab7e5
SHA1 95f07a09276fe199ea089e9fbdc90f5cf99eea62
SHA256 3642f073eef642e1e6a2760aae47ded8eebd5530e2a498711c82a91b67bcc878
SHA512 4e359b6f2918366a1de44fddfd52a80cf4b5b51636af2a28abe292a60485f76c9c4877ce48e1abfa0fb468b16f313821f298bb01d5a73871b71729a118a1cb46

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007a

MD5 94e0994b2490e02dc3c51b1f54f04a81
SHA1 4fbcf76bcf6898cfc04e0e4ee2cfe4b59af2c82c
SHA256 3cbebd8ff2913c22cb5bca95e8e16ac9dca8bcd8d337740e3712d7ee68a7c307
SHA512 c08bda9f37296334e67627d1ec5f58b77d7207312b0ea1bc7c45abb3a4752f76a7ecfb88d365bf2b303dba2ab00294ffceda587a230712ba30274e7148d56f21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\b2816cd9-5d79-4a30-8b8e-cd24d1c3e7ca.tmp

MD5 0638c97626dba804c9a45d0abd909a3c
SHA1 bf8d61caeb98a4b83954824551b56443759da3cb
SHA256 a84723d64e555e4dc4436fd9b50e115efc8499c35cd6314d56c77aa42e02c706
SHA512 c716ceefff57f17a6d987423f10fa4a25a1b6525ccf9d376058d57172f0e7bafbe9876836d7788331ea5139459dd785cb9984f33f0304e0e3338edf7ac452e7a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_ntp.msn.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2c0c5b3e576a87a714fef66cf244d80a
SHA1 d4d5f9018d2f40db4e7e9cbae64a08032bbdeeed
SHA256 e93dbc52e50d48b46885160e51b6a85cd9c95b696c82799534c993454d8fefce
SHA512 1effbbe24e13cf2587121a9e48bcb70ea9e290754aa4b04dc9f511d0a1a2afa9e6a4439fd93b4f701cb8c27c86a00bab5f5f2c2382cb9d4fe23b17bb1096f2c9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt

MD5 a18de69463b8b69ba444515b4fc943a4
SHA1 185e5d602470be052fff414dc3c7b7415db80488
SHA256 c3650d2134d7ced0e7c87fc714b46f45d0bbb2f42573354c3d3c446f4cf757f4
SHA512 36ec191abb6344395a88a27afe9de54d64d3c73015a3d1b92dbee976da4f8bdd8cc2f91c04ee240e30bc7a7497655398fef2be9cbc9e35705685b6fcdded28a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 668cb384a7ba77a536b16ad1955be57b
SHA1 2ac34dcef121b1e95aced69de15993bdba29ae8f
SHA256 09cfa422352d8ffa889ceb8d6e393e6ce02ee9a51d15308e3d983a653f12b0bb
SHA512 f129ca30512f39bfeb04da5b2a3bca8ba1ba3633366ca8560c050ccd8e28024aa79f1e2eff0216d12d3a4fc9fbde0418ddeb971368f5d9d6061487d3574cbac5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

MD5 69b0d746e31f43a1bff29d8c7bb3ff29
SHA1 c09866f627a307d66ba0425250296e380c9ee11e
SHA256 5b083611efab95ec65fe63e37909d1263599f5c2cde5c09f7412926f999f8cd7
SHA512 be85e68cb4fffaf8523ebf8c294a79648b2f57fec1e6fb1cc2a2a6992bdc37fbc5199ed119106fc7f04c156e129ba02dc1fa36d28e3b49c1fd8e7486906f0ea4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a90156480ea9b8863ddec2b64a8700a6
SHA1 4b1de89c51fe36474b542e6645b84f8c1b7106fb
SHA256 7648efba7e03db363117a55476e3c4936d35f1567dd984e43ea4e9c7aaf9b80a
SHA512 b8aaaced0d682d26add08f62796131a0f6ecdc0e96bc3beeeaf666ffebc869172314c9fbc88d8e64c8f4e23ddd5b09e69bf8292a130743233d91c1dd28fd3e78

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

MD5 638af52e0e5ccc7e9fc5871395a318a9
SHA1 fc240aedf589b6f646edf3fd8b0e39c6d9f69313
SHA256 9b428534e44297b6ec4569382e87137610ce77c874d80f888eea55085ef9e4d7
SHA512 f4c05175e27892ce0838e55e35cf8bec946eeed799bfda0ed4e025ee1c029a0a1895d9f26a1840e473afce3b056d0d85aa452e6c6d69ca6128bb499f0a5ffdf3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

MD5 47e8a26284784a55a1685e79ff1b68dd
SHA1 ea910a7b2ed0deaa7d81791ec731cdb3dcd7ff9c
SHA256 79dbad856d8162077b5f2460016587041dfcf2c0c0b0b8d1dedd32e831cbc0f9
SHA512 bf24da3fc3992eb0ffa19cc6f3f4d717ed5f83a7a4746e3b93c120e441a226bad2e9e51bdf199e758dd072282ee3b2065877ca76dedba780d196f77e118d8cd9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\b52d1a25-8f01-4d66-970c-653d3a3e9260\index-dir\the-real-index

MD5 dd9cfcb4a074082983475c1154af872e
SHA1 69367d2989fe0c2def94bbc2466d3c20d0f87b8d
SHA256 c99657312e1f60a84360a2fb5358d0ebdd8ac21ef5356ae644eaa8d2092a9709
SHA512 be163e8975eb2a62cdce0a29ca707e3825f6053be3f66b6f07b1455667cdb7e58bc22c559da15e060255c700696ee358d13c73c5b618fe639f21a029a39bb45c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\b4cd490e-90bd-494b-9e5e-163b260269eb\index-dir\the-real-index

MD5 9013a16b82e35de128cd520dd3a529d6
SHA1 89400a9e74077b6159584eef91454d6e9fd5fefb
SHA256 b032fa4851088796f52e52946037395d651f09f37e72c5281ecab0c90c8e0db7
SHA512 c1f5ada8dac573f14af8f30b65ebf3f579c45f590dd5dd44b410937050d3df83232d23e90b2a42facb76afb01a2192e60978f493d5ec4ed1f3104ca1ea7b5dd3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt

MD5 bdcdb10e27e369c27c7efa719967f8db
SHA1 bd605b974265dc50ed5c8ca3f35b8200aa649eca
SHA256 de2da28e6fd2d4c119acd4f604735f696c258139dd5573db313afa15ac6b1af2
SHA512 12a86ea5aec1422f08c2479b58d8be259b40111a57ef726e80740f5c805957166d86a345d935783f4e7f210ddd977a2643fdf5c398bca1732bb998362e5f34af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\248d8540-4f54-4988-a56c-f25bf0a913c6\index-dir\the-real-index

MD5 3545dc16160bc9b6e4f33150a1236de8
SHA1 c934ad5d3a42ab8029fd20f17960aca928ac454a
SHA256 4a651492049909b619580f94501042d60f17ff165fe88b0b0c16d906b7cc70d8
SHA512 ce69f5858bfe64e3368ca27c44782e8645dc9e0a25b5114a0aa7e815cc873df4a3015fe694f5b655e8710cf821efd5e6f35e04522c8aa63a2d7535834e5518ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\248d8540-4f54-4988-a56c-f25bf0a913c6\index-dir\the-real-index~RFe5f2ae1.TMP

MD5 dca92f04974d8ebc1623cde0f5c97e94
SHA1 3fcb73defc55ff51474e2b424b7c50384ca69fa2
SHA256 9849b86812a8d79cba0cece0779fa4246abb09c494f5c27ee847be89f342ddf1
SHA512 59e445531acb43b38fe55c9502a453baa99c7bb5ff9715465ec48d0834892e898504ff5508df1695c2b2f5a99e63bcacd107b0813cc50cd5fe0231c547bdf405

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\b52d1a25-8f01-4d66-970c-653d3a3e9260\todelete_ee91b116cc2005be_0_1

MD5 39f687c9f6ed15afb0cd36f95f40b79b
SHA1 8068398e2315f44b1d49c289a1bd59535a19b7d9
SHA256 08670882ce0f62b85a608f2137f502d6c6c1a2e2cd8005e09cd46f7eb12db5ec
SHA512 991ebe4d6929ffc0c56d5e60f1125d106164ef9f2582adbabedb483b6d9de8e7c60ff20a2be38a157a2a533d4158c250d33250b187b08f256e24b7b921a03da3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\b4cd490e-90bd-494b-9e5e-163b260269eb\170ce29fd1bcbf73_0

MD5 4e100218b43419a41bdcebf3212e774f
SHA1 036b4df7b57516c8e3cbacb778e119762090e0a9
SHA256 58a3d7c5e80b18eeea642d6748ca77f06ae70b0403a5ce3fc670e0af4a6ff3ba
SHA512 6c4c3c7aa51af597a09e00b79b75a3de62773d21a4829a45c9b56d18b178d87108c7b8cc825691eed167b058be18dbfce68a1d0df1374b79cad9d72fdb47d12c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ac6b77da905839dc09748d893aac1a5d
SHA1 9c8819205294f3438f79f1bea2bc1ee4c2158e1c
SHA256 400aa2a66f59875aded95d065ecbd6ba02bb3884546995372879a0a3d750968f
SHA512 71c9864f5c7b8251019f0480ce8eea01ecad0147194fedfd09cd160e5e97e0d868b856f796855fb1845536447016e42f23c37d97a7bd563389fcc935a2abfb50

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

MD5 ab0f1511eed41dbc4bf8e177656204dc
SHA1 c69d3ad9ba2ff16649f029fc6ca9dd3d4b04c53c
SHA256 a6702b0dbb99291963a9c3017ad998bd43855089bba7e10bfec342de0124bb94
SHA512 db3d7d85e57c906d4667e10c3dbe92b3e877a3526d6ce4204d1bb913f4ba16d62eb47a559893055ba98665cd85a237747a95dd7e8be48e761621bf16f0b4570a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache

MD5 b6f7a6b03164d4bf8e3531a5cf721d30
SHA1 a2134120d4712c7c629cdceef9de6d6e48ca13fa
SHA256 3d6f3f8f1456d7ce78dd9dfa8187318b38e731a658e513f561ee178766e74d39
SHA512 4b473f45a5d45d420483ea1d9e93047794884f26781bbfe5370a554d260e80ad462e7eeb74d16025774935c3a80cbb2fd1293941ee3d7b64045b791b365f2b63

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c7363946f11cb0d46132fdd3c6aead19
SHA1 1d2b830621c04ad60c89a1045aecf9a6ce95651a
SHA256 ea4889b2a3cbb1b1851b50e4bca755673563ce883d680f1b8baaca016930adf0
SHA512 5a951f8b2dcdf54478f76f9c1672dabaeeea6cea2a500c97ba144014f5faba5320e5a8ed35a7c5a83c62adac308f9a2b9c9cc8fecd0b37bed08f3bfa414bd655

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

MD5 ab42a7a6f5dcff6bfaae308293df2ea0
SHA1 70d4fd9a7a0f833c94f05dcab94f0677574b164f
SHA256 4e88dbf40592011dca16bcad2658090b373b03db4e13b4ca3ae7f9bfd39a8485
SHA512 e5809768365706c97eaacf3d631608f225796d09afa456212a571ee1dd6ca90a1732070d79d351b2752d37f704e96dcead8d0378e936ecfd615b5521e2589524

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\b52d1a25-8f01-4d66-970c-653d3a3e9260\index-dir\the-real-index

MD5 8fb648dab23985109f5bac306293c6d4
SHA1 24799e23e9d4c45cee0d18ffc6d8efd544280090
SHA256 267b4bf4366138c16f3e30a672526725fdac75e0dc24fe3beaf351fa6048be8f
SHA512 abb2ff96e6bf507c19ef0525a507d485c4d6408dad63fcd8986b8bee46b399a5dd3e4a03883bc7c46e173b82350002830c4f4ca534de4ad1ad68e03160314b9e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\b4cd490e-90bd-494b-9e5e-163b260269eb\index-dir\the-real-index

MD5 d223f58e68d520f43cdf8c25da512068
SHA1 cd7f7ac482153c4c38a10657e70bd2c8837968d5
SHA256 2dcaad5d9fcf50d1296d1eec6cbfbeca1aeb1279c3d6b731e06611d3042d3a28
SHA512 e0c3cf5949fc0c0c663b7fd350b9900ead372ec5e075a2a684f99d2ae165a97a8cac84a62192fcccba69b5ed0ed2ae37c3d6b906f129dbe7d5dbceb5f7be532f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\248d8540-4f54-4988-a56c-f25bf0a913c6\index-dir\the-real-index

MD5 2db6447dd89e9c4d63fe5628b342b407
SHA1 8fe27b1b783cbe212d6500fadb1e5cbf998520d1
SHA256 792d2b5e34d3e9bb92c95c2a224b51bc4df6875b574aaeed0510e2b5cc773b20
SHA512 1fff1603fa471751d8ea7119746e397a23032a77ac5c83024983b942879c8c36ea3c191a1ff02010bc1aa7e46395b8b952d85ff54b62b83513dd7886ed3d0e0a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt

MD5 546f30aed02c14d8ae0a1447153a7fcb
SHA1 8cf4cb8819ee59180c6b4196e2d010402aac3726
SHA256 60f8d522f88f7808ddefa3dcf3cad019dabe56c3e7320283940d7c3757ecd63e
SHA512 7bdd81cfacfee99d7048f6f9117e3c68e21e2c255dee3cee28bb8000166243c74b6427fe55535e965cb2c793b4c0b5e405db8d7107f7f3ba205ec298545d50d4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

MD5 d78dcfe9766f84f3bab86ef14901a9de
SHA1 fa8ce957fc41d8fb07a380fc92d39b4adafe12d8
SHA256 51bbf6dcbb4570c8441668a7f5ef078a640eee02cf0d3253343e43879e4bd959
SHA512 b3465e86c90ca27433f6b98c30f1fed3b3f518a212e018d7eb528466a14d4dda90eb80788c0d9cf2940bd542d3b099bd08c4342944a64c07a8c22b58b73b0fe1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 045660b5eee343987c0cc121e333ea8a
SHA1 eafe205e94a1da6057e72073196c234edbe63a69
SHA256 196f42a0600b70031ef4f4f3fa315c1e13856a9b0bb51586a16d8943078ba4c3
SHA512 8ac361a3ceb82a7a7253f3394af8f9101aaa60b571b83f284f63026d1e926844d957d751c9dd52e12ee2944a1e0505a9eff52ddced6b8fa90308fd11cbda8efe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

MD5 31ea630579775823bffa1789436b7d06
SHA1 57fa9f1ba91cee47f69270a78520f2e633752218
SHA256 b0f5f19dc1f9becf3dd4d8438842b3e5b01f5944cfb80c17003b7911cb6c5fd9
SHA512 a58f846f409b8911700c9596a8f0ef668d2bd5afc10664f26480b2abb22a203849507825f44d04a7325092b45d1b8a607e1f84e3a3609d7b933518dcddfd3457

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_ntp.msn.com_0.indexeddb.leveldb\LOG

MD5 626ede29b230faacd52ed1e0ba8d5078
SHA1 f51764d11150ca70b483511e612e83c13b8197f4
SHA256 681711338d3b07ea374b31e0ea07da5dced346ba448897837c4af6b5078e7b09
SHA512 2b702bb2cac256332b8a44e2430849d81a4288bb2aab803c4bffd9dd9198381b08240498c8fc1b6a0f46086ae4e4eb6a4c6d68cb74b5a6afd9f9313a575cd959

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_ntp.msn.com_0.indexeddb.leveldb\000003.log

MD5 428a22a82fcbb19a62842e2c7dfd49f8
SHA1 aacdc6a7dcb1a54d79709beb44f17eab9e65c308
SHA256 aea717eea9c1d152afde7d6ba8f2f065d5bbbd50677c47c3ecf6118a796391f3
SHA512 8a54cfbbb6acf0460f0a9a168bc270c77ab16d88759ec11bfb5f7a97a88139eb552008342b140456b07c6a27d1dc938784858cc0419c2b6bdcc7ca46223bfced

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_440911590\adblock_snippet.js

MD5 4dfa3a341bfcdadb42f25a9a4bfdf152
SHA1 94cf328db1e1c355f2e008ac5408d1d929582863
SHA256 a12f977a31624efa0d30eaf0a4e613fc1924e7494411fb8584530016b6cae1c0
SHA512 5273b146edba6a1465f2360b9be46771f575c43c6240c822cab0ddb475e980d048a8f5f9c87312ce425122d70f7c8f6d6c7b700774746fe9c155c344547c9d67

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_440911590\manifest.json

MD5 178174a0125d4ff3ed5211426f1ea113
SHA1 26f72c5a2f65c767c4edb04d8da62bdadc02e809
SHA256 64986dfeefa8855069e799b28e5523b35c9efcf2ea152a2b03461471c218da1f
SHA512 c0d1d9555f4cd7e9a4b0ee5fc1b069782638ba1680d18ba9c83f796746086b6afdf1400c80b7f586422c3a2a73e51bd04fb250e2db818ef723cb4f7a8b3b15a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.52\LICENSE

MD5 aad9405766b20014ab3beb08b99536de
SHA1 486a379bdfeecdc99ed3f4617f35ae65babe9d47
SHA256 ed0f972d56566a96fb2f128a7b58091dfbf32dc365b975bc9318c9701677f44d
SHA512 bd9bf257306fdaff3f1e3e1fccb1f0d6a3181d436035124bd4953679d1af2cd5b4cc053b0e2ef17745ae44ae919cd8fd9663fbc0cd9ed36607e9b2472c206852

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.52\Filtering Rules

MD5 a97ea939d1b6d363d1a41c4ab55b9ecb
SHA1 3669e6477eddf2521e874269769b69b042620332
SHA256 97115a369f33b66a7ffcfb3d67c935c1e7a24fc723bb8380ad01971c447cfa9f
SHA512 399cb37e5790effcd4d62b9b09f706c4fb19eb2ab220f1089698f1e1c6f1efdd2f55d9f4c6d58ddbcc64d7a7cf689ab0dbbfae52ce96d5baa53c43775e018279

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{1FAB8CFE-9860-415C-A6CA-AA7D12021940}\2.0.0.34\BGAUpdate.exe

MD5 3f208f4e0dacb8661d7659d2a030f36e
SHA1 07fe69fd12637b63f6ae44e60fdf80e5e3e933ff
SHA256 d3c12e642d4b032e2592c2ba6e0ed703a7e43fb424b7c3ab5b2e51b53d1d433b
SHA512 6c8fce43d04dd7e7f5c8bf275ba01e24a76531e89cc02f4b2f23ab2086f7cf70f485c4240c5ea41bf61cb7ceee471df7e7bdc1b17dfdd54c22e4b02ff4e14740

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6dcb6f801a89a0d07327534debe55255
SHA1 8649751f354a399060664c11c58cc930b97efbf5
SHA256 048ccebac6c023077aba6bb578f22901d5f8db5252c0c63324e8fa84e69c9bd8
SHA512 34896a1bb6990d41e5d1991c86315b82b51e1cf6e037267f9949cc88164eb7762bc3dd1e4610ef747ed1af9d49e53b434b22954dc054e0b63cc7140f35ef1fed

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1472_238443477\manifest.json

MD5 8062e1b9705b274fd46fcd2dd53efc81
SHA1 61912082d21780e22403555a43408c9a6cafc59a
SHA256 2f0e67d8b541936adc77ac9766c15a98e9b5de67477905b38624765e447fcd35
SHA512 98609cf9b126c7c2ad29a6ec92f617659d35251d5f6e226fff78fd9f660f7984e4c188e890495ab05ae6cf3fbe9bf712c81d814fbd94d9f62cf4ff13bbd9521a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\PKIMetadata\13.0.0.0\kp_pinslist.pb

MD5 d43d041e531dc757a69a90cb657ef437
SHA1 09138b427565bc276cfd3ba9f59b0c8bad78e91d
SHA256 9431360a5534ad2f8eddde157cce39704b99da035fcb6d2cca11220700b11ccb
SHA512 476a98122059b9cc19492b7ae557c61381842c8c347f85c686e0a493bfd0e8707ce3491b690e7978b3fb7d7d2a4daa2767e4a590398a50562519bf32e8d12ec6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\PKIMetadata\13.0.0.0\crs.pb

MD5 981a9155cad975103b6a26acef33a866
SHA1 1965290a94d172c4def1ac7199736c26dccca33e
SHA256 971393390616fbe53c63865274a40a0b4a8e731c529664275bdc764f09a28e2d
SHA512 2d75ce25cb3a78f69f90fbd23f6e5c9f1a6ed92025f83ce0ab3e0320b64130d586fc2cd960f763e1ab2c82d35ef9650ebd7ff2a42a928a293e0e7428cc669119

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

MD5 3881e94cf27c7f49956033f22c3aec22
SHA1 ad736a9b2cc79738b1d25a9b5726d2c056d57a47
SHA256 52e3175e14866a9175b93d24ef9bf74a7b18db56d6dc58b87c5dc7c6b3f70ac7
SHA512 b1ffa2579482082be8801dd3ff28740d572bebe446208cfbeff695437fc306a438ccf3d8d8340ddce47a058cac75c8b0243c371bc6afaabab1307f71a6c6d35b

C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.97\Installer\setup.exe

MD5 7171f56da52529073c2bda6dad0fdcfa
SHA1 f29fb1d1182e46895bb3ccc38e05220087e92e93
SHA256 32c87af491ca80fc5c5594aa995669161b466957d7b444f3c388ece97b730aee
SHA512 8c81a87f1f77cbed95eff3986d14d7c05b919cdaeabfba0a1335331adadc1e97495332cb6d3969242a9d19f48aa9eb890f22b81f504af615ea5ff64b27c13c73

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 35764d75868718aa8702dd305878940a
SHA1 e5995c625cafb7c4009ae76ed760bb00f453a9a0
SHA256 5b70d432fe90875dcc4c04c139c25d88db7d01acfeccdea37d09a4969ac64b9c
SHA512 769990116ac6e30a22c0cbb30a6759bd79b9f37ade78bf16f2e1058832144cafda5a5fa5e7590d4de3af088655643dfbbe96b8184d6a6a4e11d82791a2039d15

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Indexed Rules\36\10.34.0.52\Ruleset Data

MD5 16176aa639f8d0bf6c1a823f9d973d8c
SHA1 f1f365a4705a3fcab04bc4aa8f080ed7ae2f372c
SHA256 75da3c6add63a83efb735ae0f1f4e6578607ea33187753b0f65f750a1ab0ab34
SHA512 d8711e8a2d417f1f9b81a13d04951420460d1be2dd0459916a3226f364b65cd77fc0feb4be22412df3da0a2433cd924df7d0684fab04a2c6cf3a6e9715ea9f84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 39b3af64482213c7c70aa6a1abdcb697
SHA1 b2cf0a14b9bdb73c1a55ed06a22a3917a3bcdacc
SHA256 40b6746ef75164e40aa915a73d0a49f197e4aa614e4b8c6d3dea3956776ab0da
SHA512 8e07bae6b11fe579e9e724d25711be3527c3b1eb18ccda3133dbbd67d141d62f375094ee996970b1c6fea3532daa39ffa8f527db8bc5d40c1914ad293de2ff45

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c4ff3dca1f3561b5ab1f495b86fb92e9
SHA1 acfd000507515764d23edc22aad20f8de83b1eb7
SHA256 86bb5fcca86f7cbddef0f6f2a23a76be556abb8d885fd93717fb4b03cda41361
SHA512 23d12c3b8b48bee98eca6c6412df58242a2d7f9c2af1336d96b2635b8c633d1807e480e049ea3ac84d88f8fe7e6ff8cae15f305c077fb5ea0adfa2941cca54e4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

MD5 937ba9da7a8632a4cb274452ff02dafd
SHA1 c1061c686899c1736b1090e760a5cf12f90c7920
SHA256 eef191b2e64730865ecdeb64d294076af7c1d048445ba73d156fc786c82b97d1
SHA512 051aff5335968181e0adf6fa701dd79b3646bccaeacff5490d6925efdcfdbeb03fddd4790a9ffaa19c175cf06856d06ccf03ad2dce1cfe8c6f85c4af7baa0566

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

MD5 1022ba2c147104b3b3cf287b4a299ea1
SHA1 a30007d300e885edf295d38bcc06df4a3b6e7754
SHA256 81cdac398ed93c3ab27f161ab0e6d4b57866b94e8ff5248014886f5b14d48c38
SHA512 ab30230170d7924d654cfbba0a8ef3419be485701d75aefe4e64f8051fbe0b81be84345dbf93af20333e1c904e0cbac2b2bb293b40d8d1163c75176f9d8a2323

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\b4cd490e-90bd-494b-9e5e-163b260269eb\index-dir\the-real-index

MD5 fd9183570ca3c0a14dae895452c4d79b
SHA1 fd4817618ba874166ea36631218bb65a84de1e36
SHA256 322688cc7c254a15a491e6815ebd62e865c927791d39e35182c9948c9476292c
SHA512 14c23d22c69d7f7f6b730b50134c502a0df72ab44917d607cc4a3d6981020431be70f2e600ca02cfa454f528d9e8434eeb600dfcfc0bf6d09ab79960edccbb29

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\b4cd490e-90bd-494b-9e5e-163b260269eb\index-dir\the-real-index~RFe623003.TMP

MD5 3b9b0fb99d7343beb4e6259561959602
SHA1 c758564e9072a017b591911976a6c787ba995abe
SHA256 4ec43ebdade693bac2d180000acfdae983c9d0e69b750126aa35b909ff6ae340
SHA512 8aea47cc3fe1c210cb1d925fb1e05d8784ace5dd9fab7ded747179401c383661acb6ef971a677e16b4c75e4477582e7461f7aaf8e03f8a3e0eb85c65ddf11b43

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\248d8540-4f54-4988-a56c-f25bf0a913c6\index-dir\the-real-index

MD5 1e7fcca0dfa3f31a0c43bc9484fe36a8
SHA1 6c5a70aea5dfc0eb4b49e3cacf064133b4e0ad75
SHA256 a9155c800f0e7fb8a628f5b36c03c18be3f2b11354eb121301016316c5e87655
SHA512 170ca3041823ef4e25d80ef4cbc9e973b609a77d152b008ba3ffd8418499de38c46d7c5c048cbeb9975ccc7060252b77fdb5579013ff24973479d72ba844c021

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt

MD5 2bb41c40385735ed3f9ccbf409493c2f
SHA1 53fa4d61566fe24e11ca7c915cc5162f2bd0daef
SHA256 9c5f4fe1c91449891dd0827b8d5d71da49573de4df63ba6e8d9e20f8d116749d
SHA512 b0de70d6cd5082ce391ea21e3da5137ba5093b02860233902541eb30afae4d81a8bd8deea5330ebdf4323e8caef7b98fd057a56172d1606d38905d738f636694

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b494650ef60c142e979277e725d1ecf1
SHA1 022c8aeb9f466fd0444c5d8d55c1c79d9e01cc56
SHA256 f54982d22e3d481d36cb9b8486b7a3c41bd12b84e414ba8ab169611aa7e9aece
SHA512 ba7b7fe0bef7054f465668663844984027bffbd7d53d59805de83dc8a10c89c48e9ea2348d03c7d1c76bc7489911b733831f9b3d2cf7cae2c4eea057612e225b

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_886686952\deny_domains.list

MD5 085a334bdb7c8e27b7d925a596bfc19a
SHA1 1e4ad53dc335af5c6a8da2e4b4a175f37fafe2f2
SHA256 f51a7acfffec56d6751561966d947d3fd199b74528c07dabdcf5fcb33d5b2e85
SHA512 c883cb43c97a136825c6fd143f539210c234c66f9b76dfd8431f6ff014094e20b9410d7462aadee2344df8ca158def6b9a807e7cadbdfa947f6f8592e7283e34

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_886686952\manifest.json

MD5 fddb71f74816a6f4db6527559a0907e6
SHA1 d78672ec9ed9f0eabd8def8618f61eef3ef63839
SHA256 d44c624400e6d1802e878d69ff2ac38ac8d2ba73da60b45dd3e46bb1dd545717
SHA512 e7739a7e9324a3a2a04b03502e0f562e3eaf70ee1607d0e3adddb3f4eb83adc2999dc2d5ca6cef79f47a65c5c1e1b0cc9c62c08edadbf9a06d7fd8a929c65f0e

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_1905628864\hyph-as.hyb

MD5 8961fdd3db036dd43002659a4e4a7365
SHA1 7b2fa321d50d5417e6c8d48145e86d15b7ff8321
SHA256 c2784e33158a807135850f7125a7eaabe472b3cfc7afb82c74f02da69ea250fe
SHA512 531ecec11d296a1ab3faeb2c7ac619da9d80c1054a2ccee8a5a0cd996346fea2a2fee159ac5a8d79b46a764a2aa8e542d6a79d86b3d7dda461e41b19c9bebe92

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_1905628864\manifest.json

MD5 273755bb7d5cc315c91f47cab6d88db9
SHA1 c933c95cc07b91294c65016d76b5fa0fa25b323b
SHA256 0e22719a850c49b3fba3f23f69c8ff785ce3dee233030ed1ad6e6563c75a9902
SHA512 0e375846a5b10cc29b7846b20a5a9193ea55ff802f668336519ff275fb3d179d8d6654fe1d410764992b85a309a3e001cede2f4acdec697957eb71bdeb234bd8

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_1905628864\hyph-hi.hyb

MD5 0807cf29fc4c5d7d87c1689eb2e0baaa
SHA1 d0914fb069469d47a36d339ca70164253fccf022
SHA256 f4df224d459fd111698dd5a13613c5bbf0ed11f04278d60230d028010eac0c42
SHA512 5324fd47c94f5804bfa1aa6df952949915896a3fc77dccaed0eeffeafe995ce087faef035aecea6b4c864a16ad32de00055f55260af974f2c41afff14dce00f3

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_1905628864\hyph-nb.hyb

MD5 677edd1a17d50f0bd11783f58725d0e7
SHA1 98fedc5862c78f3b03daed1ff9efbe5e31c205ee
SHA256 c2771fbb1bfff7db5e267dc7a4505a9675c6b98cfe7a8f7ae5686d7a5a2b3dd0
SHA512 c368f6687fa8a2ef110fcb2b65df13f6a67feac7106014bd9ea9315f16e4d7f5cbc8b4a67ba2169c6909d49642d88ae2a0a9cd3f1eb889af326f29b379cfd3ff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

MD5 47e2d072cc93ee090b8f3715ece5918c
SHA1 27c17ebf0c111d50f51c2a904ab9607b0a68f662
SHA256 2b2d4f377f7aad45c416da9464a335e00f8ac841de59284e19e86c8db8af234f
SHA512 89ff27cb8137dcdb7cb0fe3c27e299dbc0aebf8246665318a474fc257bb1e15e8f60616b09c13074938ca2363b38b225bcc948be890de12655e97fff827b48c4

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_196753163\manifest.json

MD5 c3911ceb35539db42e5654bdd60ac956
SHA1 71be0751e5fc583b119730dbceb2c723f2389f6c
SHA256 31952875f8bb2e71f49231c95349945ffc0c1dd975f06309a0d138f002cfd23d
SHA512 d8b2c7c5b7105a6f0c4bc9c79c05b1202bc8deb90e60a037fec59429c04fc688a745ee1a0d06a8311466b4d14e2921dfb4476104432178c01df1e99deb48b331

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\WorkspacesNavigationComponent\1.0.0.5\nav_config.json

MD5 499d9e568b96e759959dc69635470211
SHA1 2462a315342e0c09fd6c5fbd7f1e7ff6914c17e6
SHA256 98252dc9f9e81167e893f2c32f08ee60e9a6c43fadb454400ed3bff3a68fbf0d
SHA512 3a5922697b5356fd29ccf8dcc2e5e0e8c1fd955046a5bacf11b8ac5b7c147625d31ade6ff17be86e79c2c613104b2d2aebb11557399084d422e304f287d8b905

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Shopping\2.0.6774.0\edge_checkout_page_validator.js

MD5 4bf13e93de036cd8bbe5f6b8d2648252
SHA1 158b38f7b93cb81e1f721ed56b5f42a9abec8c9a
SHA256 8ba52eeb836dfdcb9cbec45a5a26beb21a62a257162f76a562b66367136c618e
SHA512 6242e43dfbba123df1777f6a2991a6ad896d873ef4a49d1be98ec8685bbc0d483987c22867a8ffdda8695bb867e2e631fa01005f62ca373c657248b9553daefd

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_1242462729\manifest.json

MD5 81835274c3861bb4351298986dfa532a
SHA1 98721e2e06a0c8f423dafca01cbefa6cf47de5a9
SHA256 8e1aa835a182a002b2cefa725d9c308048bc5cd517107800eba09af95b8a7668
SHA512 43aa9db724bd8c090eaf956533e8f236d5b1bf00423e4b834189c164677e7bffbf6b28b67e487281afa207496f0cb86ee67d97c3733ce717378ee0661d98100f

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_1044063559\manifest.json

MD5 25f7c066eba213487d7271bf63180765
SHA1 441d0bcb8da11dc1e3d9621b3fb9f27258828d76
SHA256 4f714a821e6026f2cb9bbe9eda4e58d9710a4a0b110f1fa534f4f827302ff069
SHA512 d8b75daa4d21302180100517132cfb1bfab671bdd724fce2e92ba91277bbe4eae79bd679c6f41119464ab772bb4ae14e1a4dcb79719ae1daa4d066f1f63924ba

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_1576174460\manifest.json

MD5 27bbd8844209af39a35b42f2eb92ec50
SHA1 b1aab874a6aad1f9fc72ec9419980ce9d1db45a4
SHA256 4b7b671546c98b7452dbe62bc705b00005359b1580da91faaa5e02d811364a7f
SHA512 c0e5cb9a19cee8e24fa9bea6180b26b17b8bba5a8ea35f6b60950fc3f707375147cf0c68acec93d9cb41bcb6b64ab66743a1c1e5de77bc40adb665fd24609e1a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\EADPData Component\4.0.3.0\data.txt

MD5 4a96cf711a5aefdc27bf11b9ddb22dfd
SHA1 811210300f79743c5ac78b28e73c46af2a8c662d
SHA256 feafc9d646607ce5bb679ba030b9f243fb7ee8d9198fe75e4baead0c928d9f1c
SHA512 87a57eb6017fe9598f261f5b7e94ac92e18e6b939dfd0381877f49ab85b193fb430d6dc71164c0bef1214f46cfef4bb985a8d9fcb16a19154634217ea5f113bf

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_566316664\manifest.json

MD5 4055ba4ebd5546fb6306d6a3151a236a
SHA1 609a989f14f8ee9ed9bffbd6ddba3214fd0d0109
SHA256 cb929ae2d466e597ecc4f588ba22faf68f7cfc204b3986819c85ac608d6f82b5
SHA512 58d39f7ae0dafd067c6dba34c686506c1718112ad5af8a255eb9a7d6ec0edca318b557565f5914c5140eb9d1b6e2ffbb08c9d596f43e7a79fdb4ef95457bf29a

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_1624881782\manifest.json

MD5 58d3ca1189df439d0538a75912496bcf
SHA1 99af5b6a006a6929cc08744d1b54e3623fec2f36
SHA256 a946db31a6a985bdb64ea9f403294b479571ca3c22215742bdc26ea1cf123437
SHA512 afd7f140e89472d4827156ec1c48da488b0d06daaa737351c7bec6bc12edfc4443460c4ac169287350934ca66fb2f883347ed8084c62caf9f883a736243194a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\AutoLaunchProtocolsComponent\1.0.0.8\protocols.json

MD5 6bbb18bb210b0af189f5d76a65f7ad80
SHA1 87b804075e78af64293611a637504273fadfe718
SHA256 01594d510a1bbc016897ec89402553eca423dfdc8b82bafbc5653bf0c976f57c
SHA512 4788edcfa3911c3bb2be8fc447166c330e8ac389f74e8c44e13238ead2fa45c8538aee325bd0d1cc40d91ad47dea1aa94a92148a62983144fdecff2130ee120d

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_1441369776\manifest.json

MD5 ba4567388c38cd975fe4288633763434
SHA1 0cfdb35b199cac669fd61d4231657ed095b1e9bf
SHA256 dd4f941794a9bf67fbdaba16e50b061fda3e08bf3128e9eda9c36fba7f1d7bef
SHA512 d5bd2d0bdcf1f9225f4ae4047d97dbe29860bb432af61d907c8a60875bfe1735564d2df41a9101c80bc0b329f3b18f208756a3d86b8e35eb9b09548cfe7536fa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Tipping\113.0.0.526\EdgeTippingBloomFilter.json

MD5 7d88043189e75d62238183c53e0fb1fe
SHA1 41d99b830b67b722920e5b0e1bca1cab652954dc
SHA256 03c680852691ac0ef2995702d5bcaa17453c455ab1458084bb3b28db9f73a6c3
SHA512 34eafa55c72f902105a52824a3756a3cd33819d91b3c088b1779187c82add318f0234f3fbc74b8ec0563b1a9c80e115abeb1ca79d2b3c03691f3580aac78d7fa

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_806802884\manifest.json

MD5 9eec88e496e995007baa564d1a4bc95e
SHA1 329ddb7a9cb8a24f8f11a443740e9b97adc0aa65
SHA256 95bc1a03a1359ba30386ea205468f4739426294f720347b1e8e88b440fefd9f0
SHA512 315b1c1b80f6a678d8b6fbfe8927f18c5b3d5749815ac2c4eda2ad01cc8e937210c55d101b32256b161ce91e19949d600a0b289ad5609a5042387c14af5f4299

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_1580313163\manifest.json

MD5 55cf847309615667a4165f3796268958
SHA1 097d7d123cb0658c6de187e42c653ad7d5bbf527
SHA256 54f5c87c918f69861d93ed21544aac7d38645d10a890fc5b903730eb16d9a877
SHA512 53c71b860711561015c09c5000804f3713651ba2db57ccf434aebee07c56e5a162bdf317ce8de55926e34899812b42c994c3ce50870487bfa1803033db9452b7

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_942454664\manifest.json

MD5 faae08d055ed123742bc415108373af6
SHA1 26f07cc260dce6c856c55c9da82c46795672c04e
SHA256 7bc64209a8d58605fcb372c5c9a486a08102dce7a711f1c03368727c37448751
SHA512 8c4ad38651a2bbc03427f6bab02a1fb4f4c18303457763c4d676ab7e5f767c11e03c92fd22ef6ed393a49164b7e73ca3eb2215d67a1e6b868b93ab6d65091880

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.0.19\autofill_bypass_cache_forms.json

MD5 22e4cc4c0eb6444f7cae2aa35a707227
SHA1 86fd42f17be0b1fa10b170cfe18d49930ed35044
SHA256 e409a4f42c50d8fc80facaad15b807779658fc97b01c871d0820577dd8f334b7
SHA512 a3e41584d8d2dab323a4846321658f759573ba694e877a8e4abb7ec08d30213db509a64bdf1b561491faf9aed5cb31be2481d505f4ef56838e5df6e1e6c820d9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.0.19\edge_autofill_field_data.json

MD5 4a19a53cbbabb95d377b2e3f3468460f
SHA1 5b7b30aebac31abd636a890c2d5bb23522438fee
SHA256 5f3a7426de195d7c991aeabad4886e7dad32ff30bcfb4058745a1accc96a64d3
SHA512 713280e28d42431f05fee1a37f019bd84c768dfcf293ca4f80644e2a0f6c1fedbe55d155083f0c980143360025469325d41bc216ac8b7c4354a120fe1df242b1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.0.19\v1FieldTypes.json

MD5 81c2a0dc6e05acb011a7eec37658c814
SHA1 5930d946399adf03ea725130acc6432d449bceff
SHA256 edd877377e627e84fe55b404b24e0bfeede2e2991d775a493dffa251f11e30f1
SHA512 20d02ae0feae878e957e5c61f3914c55ee3bb00ba08b35b2299c40184fb27b0946d300519d4ef6d5042b5a58f637b7525fb7bf2514d9d05750398bcf68df96d8

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_645008918\manifest.json

MD5 e0af88ab9c07ab73d12c59386efce120
SHA1 5d3b285ce17fff903ffe04dacb9aec8c92753c21
SHA256 d91a5fef482dcf8f7f40fdbdd3be133aa8452fbab6386bfdd37c654f2d5885d1
SHA512 abe0500b687474bc6cc42ad2ff2521293dbbcfc88c9bb1b307558f747b0532563df4dc79976635b6c897f77096234cc239bc98fb8882f28220aa0231fa0cdff9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\SafetyTips\3030\typosquatting_list.pb

MD5 17c10dbe88d84b9309e6d151923ce116
SHA1 9ad2553c061ddcc07e6f66ce4f9e30290c056bdf
SHA256 3ad368c74c9bb5da4d4750866f16d361b0675a6b6dc4e06e2edd72488663450e
SHA512 ad8ed3797941c9cad21ae2af03b77ce06a23931d9c059fe880935e2b07c08f85fc628e39873fb352c07714b4e44328799b264f4adb3513975add4e6b67e4a63c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\SafetyTips\3030\safety_tips.pb

MD5 87fff766671c837c18e55c6b97e560e1
SHA1 95466b0c2bc75aefe70b1de6ea907ff2b9b220f0
SHA256 2f2770d56bf02b605745ec87cf6c5f04238b6c49aac69e957ce3538897076ce5
SHA512 e2620e6cbb331252bc718f779d607719a8bcb1eaa43485ed6933c13ba97c5013355a9ece522a0364633bf5eb05051c29b93cf38ec6b6d5491f8b4c0e78e11f66

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_1550688468\manifest.json

MD5 f484730e3678d8a3d9d2e39ec6e43aa5
SHA1 01567fae3cbd5beaf099f5ccbd0a2f2d39f620ac
SHA256 dfc1e147364cce4708e0d4bad53e46669edc0cfe0fa9c78f773a8d5ee5bb7895
SHA512 ffb55a70258aaf3b6c3de39298cb0cd0700263c6cfb83ca26a798c41082925f2b45d49b23746d7ae971346b94e8f545f72b005b19e6f16b0955623a1313f9e33

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\TrustTokenKeyCommitments\2024.5.3.1\keys.json

MD5 e2e2e3b27dbe8ebb1e5a1689cbada547
SHA1 0f173e6f154e12ce6774b006a4cc42d7a680f7a1
SHA256 0af9be189481b755cecec6901ab03e1f41557760157501f7d57570222db5944a
SHA512 e9c6e2d78df50474ee1fd4c01bf05c135dfc180817ba204fa10fe4d7c0c7560954a905244aed474220dd773645dab7c647ccd53fe82896d70f9177efdf6a85b0

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_476643154\LICENSE

MD5 ee002cb9e51bb8dfa89640a406a1090a
SHA1 49ee3ad535947d8821ffdeb67ffc9bc37d1ebbb2
SHA256 3dbd2c90050b652d63656481c3e5871c52261575292db77d4ea63419f187a55b
SHA512 d1fdcc436b8ca8c68d4dc7077f84f803a535bf2ce31d9eb5d0c466b62d6567b2c59974995060403ed757e92245db07e70c6bddbf1c3519fed300cc5b9bf9177c

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4072_476643154\manifest.json

MD5 8e98ccdf624cf833fb4a4f350d56f2a8
SHA1 5c2cf2147f09bcc575879054752024f4637877a7
SHA256 4b5c69675e95e973feca0d3d0e08e0887f43886109b1d52770da2489c548f04c
SHA512 72df04d9e611277667eb376e42a089d95f83492d67a806c9ddc8262b46458f482ead25520fd7b7294774538d6f3088165a93da7944f922e592bac56d2ae47bc8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 da5c65839fefefb8c00c09ba8a9fd65c
SHA1 eeefff8e98b9efecafb6035ff38fbff3ac2bdf24
SHA256 24a19d6a5fefc017cc516f441aee05351adf42593db7287ffc476e7533cbea4b
SHA512 9030204b7734ae6afcf2fb9a5c13b6101d64e2e5c5e0f33e61b8f22348aebd39e90f462d0f1c8a54e75397aa54c1b66a556d1f3896a99ff29ac09721ce4f3053

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old

MD5 a952ded83a80e58d3783da83c9c1a4fd
SHA1 016bda6c68933f5e93424813abcd6418f7927e8c
SHA256 09e0f393972fe8067d874bfa53d1cad91aaa1b346d8125d83ca9158e916c2c84
SHA512 0e433e53b90ee297d4c03570ea41235f20c2c10adc6cff0c80287d9326797f6effe522da4e55b4627014ae030da9df8923b4c72675b767a1c6691fe2f331e4fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\MANIFEST-000001

MD5 d443fcc44ff98db8e6044bd14c9cf0ff
SHA1 b7b9b238b0ab0d77109ea076cc674c2d4720b8e5
SHA256 c3725a081e5d5f338f2a2b1547bc96b915fad64d5e787bd041ab02f43f823262
SHA512 1c089efd5529d09844e1afdc271b931a2eaa38ca90e91e4b2bd124c62b05db69a5113125d8e5ce041092864a66c26212b0d4cdf5e60b2758b7ce5d7a7a089197