Malware Analysis Report

2024-10-19 11:03

Sample ID 240524-r2zspahg89
Target RobloxPlayerInstaller.exe
SHA256 c89eda2b48317bd4da398d59213d86afa0c06034cab5e3ea5df5865e369d2a0f
Tags
adware discovery evasion persistence stealer trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

c89eda2b48317bd4da398d59213d86afa0c06034cab5e3ea5df5865e369d2a0f

Threat Level: Likely malicious

The file RobloxPlayerInstaller.exe was found to be: Likely malicious.

Malicious Activity Summary

adware discovery evasion persistence stealer trojan

Downloads MZ/PE file

Modifies Installed Components in the registry

Sets file execution options in registry

Executes dropped EXE

Registers COM server for autorun

Loads dropped DLL

Adds Run key to start application

Checks installed software on the system

Installs/modifies Browser Helper Object

Checks whether UAC is enabled

Checks system information in the registry

Drops file in System32 directory

Suspicious use of NtSetInformationThreadHideFromDebugger

Suspicious use of NtCreateThreadExHideFromDebugger

Drops file in Windows directory

Drops file in Program Files directory

Enumerates physical storage devices

Modifies Internet Explorer settings

Suspicious use of AdjustPrivilegeToken

Enumerates system info in registry

Modifies data under HKEY_USERS

Suspicious use of SendNotifyMessage

Uses Task Scheduler COM API

Suspicious use of WriteProcessMemory

Modifies registry class

Suspicious use of UnmapMainImage

System policy modification

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious behavior: EnumeratesProcesses

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-24 14:42

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-24 14:42

Reported

2024-05-24 15:13

Platform

win11-20240419-en

Max time kernel

1799s

Max time network

1801s

Command Line

"C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe"

Signatures

Downloads MZ/PE file

Modifies Installed Components in the registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A

Sets file execution options in registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EUEDF2.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EUEDF2.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU78F3.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU78F3.tmp\MicrosoftEdgeUpdate.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\MicrosoftEdge_X64_125.0.2535.51.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\EDGEMITMP_87134.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\EDGEMITMP_87134.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2B21C4A8-A833-4DB7-9DC2-0C8E6907051D}\MicrosoftEdgeUpdateSetup_X86_1.3.187.37.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUEDF2.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2CA01475-9F97-4412-8ABA-D40E00E7ECAF}\BGAUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{28469698-CD59-4845-9E1F-EA596A4566EA}\MicrosoftEdgeUpdateSetup_X86_1.3.187.39.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU78F3.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\MicrosoftEdge_X64_125.0.2535.51.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUEDF2.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU78F3.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Registers COM server for autorun

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\notification_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\EBWebView\\x64\\EmbeddedBrowserWebView.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\PdfPreview\\PdfPreviewHandler.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\!BCILauncher = "\"C:\\Windows\\Temp\\MUBSTemp\\BCILauncher.EXE\" bgaupmi=33C0FD452FDC4BA88CD6C4D82A77F7A8" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2CA01475-9F97-4412-8ABA-D40E00E7ECAF}\BGAUpdate.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A

Installs/modifies Browser Helper Object

stealer adware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EUEDF2.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU78F3.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU78F3.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EUEDF2.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of NtCreateThreadExHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\TerrainTools\mtrl_snow_2022.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\Controls\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EUEDF2.tmp\msedgeupdateres_ca-Es-VALENCIA.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2B21C4A8-A833-4DB7-9DC2-0C8E6907051D}\MicrosoftEdgeUpdateSetup_X86_1.3.187.37.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\MaterialManager\chevrons-right.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ViewSelector\right_zh_cn.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\LuaApp\graphic\CompactView_purplelayer.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\pwahelper.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\EDGEMITMP_87134.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\icon_friendrequestrecieved-16.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\Controls\XboxController\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ViewSelector\top.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_am.dll C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_gl.dll C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU78F3.tmp\msedgeupdateres_sr-Latn-RS.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{28469698-CD59-4845-9E1F-EA596A4566EA}\MicrosoftEdgeUpdateSetup_X86_1.3.187.39.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\avatar\defaultDynamicHead.rbxm C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\shaders\keepme C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\AnimationEditor\button_loop.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\TerrainTools\mtrl_ground_2022.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\Controls\DesignSystem\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\LuaChat\graphic\gr-indicator-online-10x10.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Locales\en-GB.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\configs\DateTimeLocaleConfigs\ja-jp.json C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\9SliceEditor\Dragger2OutlinedLeft.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\GameSettings\search.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\MaterialGenerator\Copy_16x16.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Locales\he.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\EDGEMITMP_87134.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\TopBar\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\VR\buttonHover.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Locales\sr-Latn-RS.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\EDGEMITMP_87134.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\WidevineCdm\manifest.json C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Trust Protection Lists\Mu\Analytics C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\StudioSharedUI\radio_selected_enabled_dark.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\btn_grey.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\Capture\CloseButton.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\Controls\DefaultController\DPadRight.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\Lobby\Buttons\scroll_up.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\VoiceChat\SpeakerLight\Unmuted60.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\AppImageAtlas\img_set_2x_20.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\Controls\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\LuaChat\icons\ic-game.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\vk_swiftshader_icd.json C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\EDGEMITMP_87134.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU78F3.tmp\NOTICE.TXT C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{28469698-CD59-4845-9E1F-EA596A4566EA}\MicrosoftEdgeUpdateSetup_X86_1.3.187.39.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Locales\cy.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\ImageSet\LuaApp\img_set_3x_3.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\StudioSharedUI\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\StudioToolbox\AssetConfig\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\TerrainTools\mtrl_concrete_2022.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\TerrainTools\progress_bar.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\Controls\XboxController\ButtonSelect.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\Emotes\Large\CircleBackground.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\PlayerList\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\TagEditor\Visibility.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\AppImageAtlas\img_set_2x_2.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\TagEditor\VisibilityOnLightTheme.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\Keyboard\key_selection_9slice.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\AppImageAtlas\img_set_2x_24.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\msvcp140_codecvt_ids.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\EDGEMITMP_87134.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Trust Protection Lists\Sigma\Content C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\EDGEMITMP_87134.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\AppImageAtlas\img_set_3x_9.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\AvatarEditorImages\Sliders\gr-slider.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\AppImageAtlas\img_set_3x_12.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\VisualElements\LogoDev.png C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\models\AssetImporter\bonePreviewMesh.mesh C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\fonts\Creepster-Regular.ttf C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\fonts\Oswald-Regular.ttf C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\EDGEMITMP_87134.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\EDGEMITMP_87134.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\EDGEMITMP_87134.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A
File created C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\EDGEMITMP_87134.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\EDGEMITMP_87134.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\EDGEMITMP_87134.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\EDGEMITMP_87134.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\EDGEMITMP_87134.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods\ = "5" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\Elevation C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\ProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebSvc C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ = "ICoCreateAsync" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreClass\CurVer\ = "MicrosoftEdgeUpdate.CoreClass.1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\PROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\NumMethods\ = "8" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachineFallback\CurVer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ProxyStubClsid32\ = "{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ProxyStubClsid32\ = "{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\ProxyStubClsid32\ = "{2B1EC306-3EDE-4012-9BB0-FB836132FF52}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\Elevation\IconReference = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\msedgeupdate.dll,-1004" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\NumMethods\ = "27" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\NumMethods\ = "17" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\MSEdgeHTM\DefaultIcon C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\NumMethods\ = "24" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\NumMethods\ = "17" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\ = "IPackage" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\MicrosoftEdgeUpdateBroker.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\ProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8F09CD6C-5964-4573-82E3-EBFF7702865B}\VersionIndependentProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ = "IPolicyStatus2" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}\Elevation\Enabled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CredentialDialogMachine\CurVer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32\ = "{2B1EC306-3EDE-4012-9BB0-FB836132FF52}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ = "IAppVersion" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\NumMethods\ = "10" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ = "IAppVersionWeb" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\ = "PSFactoryBuffer" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ProxyStubClsid32\ = "{2B1EC306-3EDE-4012-9BB0-FB836132FF52}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AppID C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\VersionIndependentProgID\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{5F6A18BB-6231-424B-8242-19E5BB94F8ED}\VersionIndependentProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\.mhtml\OpenWithProgids C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ProxyStubClsid32\ = "{2B1EC306-3EDE-4012-9BB0-FB836132FF52}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachineFallback.1.0 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachineFallback\CurVer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassSvc\CurVer\ = "MicrosoftEdgeUpdate.OnDemandCOMClassSvc.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ = "ICoCreateAsync" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreMachineClass\ = "Microsoft Edge Update Core Class" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebSvc.1.0\ = "Microsoft Edge Update Update3Web" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ProxyStubClsid32\ = "{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CredentialDialogMachine.1.0\CLSID\ = "{5F6A18BB-6231-424B-8242-19E5BB94F8ED}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgeMHT\Application\ApplicationName = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUEDF2.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUEDF2.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU78F3.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU78F3.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of UnmapMainImage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2804 wrote to memory of 4416 N/A C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
PID 2804 wrote to memory of 4416 N/A C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
PID 2804 wrote to memory of 4416 N/A C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
PID 4416 wrote to memory of 1548 N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe
PID 4416 wrote to memory of 1548 N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe
PID 4416 wrote to memory of 1548 N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe
PID 1548 wrote to memory of 4688 N/A C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 1548 wrote to memory of 4688 N/A C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 1548 wrote to memory of 4688 N/A C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 1548 wrote to memory of 988 N/A C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 1548 wrote to memory of 988 N/A C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 1548 wrote to memory of 988 N/A C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 988 wrote to memory of 2388 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
PID 988 wrote to memory of 2388 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
PID 988 wrote to memory of 3316 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
PID 988 wrote to memory of 3316 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
PID 988 wrote to memory of 4676 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
PID 988 wrote to memory of 4676 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
PID 1548 wrote to memory of 4468 N/A C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 1548 wrote to memory of 4468 N/A C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 1548 wrote to memory of 4468 N/A C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 1548 wrote to memory of 1888 N/A C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 1548 wrote to memory of 1888 N/A C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 1548 wrote to memory of 1888 N/A C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 1508 wrote to memory of 2300 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 1508 wrote to memory of 2300 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 1508 wrote to memory of 2300 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 1508 wrote to memory of 1948 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\MicrosoftEdge_X64_125.0.2535.51.exe
PID 1508 wrote to memory of 1948 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\MicrosoftEdge_X64_125.0.2535.51.exe
PID 1948 wrote to memory of 3128 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\MicrosoftEdge_X64_125.0.2535.51.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\EDGEMITMP_87134.tmp\setup.exe
PID 1948 wrote to memory of 3128 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\MicrosoftEdge_X64_125.0.2535.51.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\EDGEMITMP_87134.tmp\setup.exe
PID 3128 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\EDGEMITMP_87134.tmp\setup.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\EDGEMITMP_87134.tmp\setup.exe
PID 3128 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\EDGEMITMP_87134.tmp\setup.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\EDGEMITMP_87134.tmp\setup.exe
PID 1508 wrote to memory of 124 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 1508 wrote to memory of 124 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 1508 wrote to memory of 124 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
PID 2804 wrote to memory of 2132 N/A C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe
PID 2804 wrote to memory of 2132 N/A C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe
PID 2656 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2656 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1044 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1044 wrote to memory of 4536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2188 wrote to memory of 1636 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2188 wrote to memory of 1636 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2656 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2656 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2656 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2656 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2656 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2656 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2656 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2656 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2656 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2656 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2656 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2656 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2656 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2656 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2656 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2656 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2656 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2656 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2656 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2656 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

System policy modification

evasion
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe N/A

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe

"C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller.exe"

C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OTI0NkMzMUYtOTUyQS00NkY1LUI3NjktQUYyMDM3NzRCNENEfSIgdXNlcmlkPSJ7NDE5Mjk2OUEtNDAwMi00NjEwLUI0N0YtOEQ2QjI5RDg3MTJDfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins0RENDMzU5QS1BMUFDLTRBODQtQTRDQS0wRUUyRTA3NkIwQzJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE0My41NyIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjQ2OTExOTQ2NzciIGluc3RhbGxfdGltZV9tcz0iNzgzIi8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{9246C31F-952A-46F5-B769-AF203774B4CD}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OTI0NkMzMUYtOTUyQS00NkY1LUI3NjktQUYyMDM3NzRCNENEfSIgdXNlcmlkPSJ7NDE5Mjk2OUEtNDAwMi00NjEwLUI0N0YtOEQ2QjI5RDg3MTJDfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins5QTFDM0M4My02NjI5LTRBN0YtOUQzOC01NEExRTBGMDVBMEV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTIzLjAuNjMxMi4xMDYiIG5leHR2ZXJzaW9uPSIxMjMuMC42MzEyLjEwNiIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9IjQ2OTU1NTQ3MjkiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\MicrosoftEdge_X64_125.0.2535.51.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\MicrosoftEdge_X64_125.0.2535.51.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\EDGEMITMP_87134.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\EDGEMITMP_87134.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\MicrosoftEdge_X64_125.0.2535.51.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\EDGEMITMP_87134.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\EDGEMITMP_87134.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BE73FCC4-287B-4906-953E-1D21381203C7}\EDGEMITMP_87134.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.51 --initial-client-data=0x244,0x248,0x24c,0x220,0x250,0x7ff79ba04b18,0x7ff79ba04b24,0x7ff79ba04b30

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OTI0NkMzMUYtOTUyQS00NkY1LUI3NjktQUYyMDM3NzRCNENEfSIgdXNlcmlkPSJ7NDE5Mjk2OUEtNDAwMi00NjEwLUI0N0YtOEQ2QjI5RDg3MTJDfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InsyMEI1NEY3Ny0zNTIwLTRCQTUtQjlDMS1CRkE4RDEzMTc3MDB9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIxMjUuMC4yNTM1LjUxIiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI0NzAxODc0ODA0IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNDcwMTk2NDY2MiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjQ4OTc5OTU3MTAiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5mLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzRiZTA1OWQ2LWE4YWItNDVkNC1hMTA1LTUxMTUwNDVjYThkMD9QMT0xNzE3MTY2NTk3JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PUFRMSUyZkIzRjY4VUcxYm5NRXZVZXpaVDBqYzVqRlhHa3VQUHVHN0YxVTMlMmJaYVVMYjRqNTNWJTJmbWVZaU1QYXhYdmx4eG9iS2NlJTJialpzNlU1YWdhJTJmYWFxQSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE3MzY0MjI4OCIgdG90YWw9IjE3MzY0MjI4OCIgZG93bmxvYWRfdGltZV9tcz0iMTI4NDQiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI0ODk4MDc0NjAzIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNDkxMTc1NDY2NiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iNTM2NDkxNDU2NSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjI3NCIgZG93bmxvYWRfdGltZV9tcz0iMTk2MDIiIGRvd25sb2FkZWQ9IjE3MzY0MjI4OCIgdG90YWw9IjE3MzY0MjI4OCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iNDUzMDEiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" -app -isInstallerLaunch

C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe"

C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe"

C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb8a8ccc40,0x7ffb8a8ccc4c,0x7ffb8a8ccc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb8a8ccc40,0x7ffb8a8ccc4c,0x7ffb8a8ccc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffb8a8ccc40,0x7ffb8a8ccc4c,0x7ffb8a8ccc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1816,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=1812 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1928,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2112 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2196,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2212 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3088,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3188 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3096,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3296 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb8a8ccc40,0x7ffb8a8ccc4c,0x7ffb8a8ccc58

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4564,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3560 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4724,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4732 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4736,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4848 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4716,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5016 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4388,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5060 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4544,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4384 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5144,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5140 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5152,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4880 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5244,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5260 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=4524,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5280 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=4860,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4688 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5276,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5408 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5616,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4880 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=5612,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5764 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5568,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5916 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4960,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5488 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5456,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5432 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=5480,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5584 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=5488,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5512 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6252,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=6200 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6264,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=6472 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=2676,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5956 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:negkvVpkANQp6TemaVjve_z4LviABQA2CUbu3qbefujCkBXkFaOoRKaA2BjFIjOLoAYWi7R9MxbRPKwxndEfjUxn7ahQKzApO-8p5-a6D0WSbAmqPoPunbl1d9rNhKZMhKFINBn--FEuvKeeHzSZQS7dkiN2gbVlR6UA4bdg7iTkTRZQi_TKii119OJG2y67nYovAzyoOTObMEhIvL0PumuUmFrpQoKCtT76vXcXb0U+launchtime:1716562077377+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1716562035391010%26placeId%3D14184086618%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3Dd633662b-2d73-4cfd-b7e3-b91b8614dc98%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1716562035391010+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=5600,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=6604 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:VMCbxtaXD9eTpjB6yA2OsJHHiDAS9hqb7g8TYZrpdu3xrZ_jSMeXLQPvmpHmtrQN8qtY5wSaGNieYf5w-E7GkqUFTLbRUmdQnKO43aVpETvQf16IdavGy5SoW-SfpARL543GcKb9ig7FRD56BbEB40G1QmnZUE18x-r00mn1URUJRrMAgO4gK2_Md74OUak0oFXQU08uqfSTNJKVy3BnrJfBgyURVFu-TGK9nqd3jYc+launchtime:1716562077377+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1716562035391010%26placeId%3D14184086618%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3Dd633662b-2d73-4cfd-b7e3-b91b8614dc98%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1716562035391010+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=6728,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=6744 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:sx684EpSrZhWIiw4ALxkVQYbyzR7RZES9_qB7mQVQ3nC6QKP-Q25eRO5fK4aZ5zaFBIle1sOI-g43Ez17K56heawNF4DtnfZUk9dymC-mVuQ1Qlswg4g_ksd6Uj5n6dLmpdNYfcrp9xcgV6pNthKpGFGlAKEz45a7lSrdqKx2X1RoRxfsHiZ3_2uDVSa7RQ0xanys8XHJ88wrfHlNL-J9RTmeJG0iJa5Fpe1P9vK-CQ+launchtime:1716562077377+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1716562035391010%26placeId%3D14184086618%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3Dd633662b-2d73-4cfd-b7e3-b91b8614dc98%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1716562035391010+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=6908,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=6916 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:_CJ29il7taEe0FjG1wtks5_0ZWMJ0Rhe5g9DH3aU6nrb5WrtfILqDfb8EZmcVh8vj22bsmKx8u5EkYoPBp2oe__JkTogRnbeqRrAPoSvps7Kkw6mA1zJMMbvnuuE0gXOd-KeanE7jman8WfThM3n0Xwn2y_xDruVBKeom62CpbEZOAxTTv-Wc3kcaQg4afqnG0PxwgRupzt5dwtV_8kVj_j9OBq8CN6rbQbrFi9-PLs+launchtime:1716562077377+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1716562035391010%26placeId%3D14184086618%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3Dd633662b-2d73-4cfd-b7e3-b91b8614dc98%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1716562035391010+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=6872,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=6900 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:xSlxXvp3TyuKyH5dHt8mpPaR8WBLapCOQuMZkhk0ER53zMXvoP4FI_-u3rV7u64LV9spVoYkbH1M-MK6k9goy_J_Ta8FcM5ZEdlTjWI0KYvzE57qMq5t2Z07vR6GxeKwjUeGtoplq4aW9CJUBefDtyvRKiuHaP-AKcT2IN_FAuo5J59MrZEcKgulc5lF6mS7cBC_4YmqBqwCApmfsObcRg6wRUGWyFBnyf99hCRJNeA+launchtime:1716562077377+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1716562035391010%26placeId%3D14184086618%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3Dd633662b-2d73-4cfd-b7e3-b91b8614dc98%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1716562035391010+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=6700,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5632 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:QaL4KXnqUJdxPdi0E7U6ZQ5cwcF3LR4iqS3bmc9vmp6XenCUhEjTQlIoiNdZZ934nkpIH9bYxngAT5Bz-HnQ0iLXYpoWkEBXQnHvMDFSxCnr8-HiUnR8z2Qqm_h5Rv50KHeoJQmaLUhlGoMfMlw0DClhYyO6Hwr_wtYIR669z5KdgpbemaGrFqybPhzJafSsNS8eVtSRkZeok6QAkXXG57S2L3pfqih5nCkBxIKbcGU+launchtime:1716562077377+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1716562035391010%26placeId%3D14184086618%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3Dd633662b-2d73-4cfd-b7e3-b91b8614dc98%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1716562035391010+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=5492,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=7128 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:2MOMajhfuCp9S8t17nc3zJdfH-6hiVN3zZQ7U2TMBEiAK8t1OsN92T9MCtxoGHKEDrHZQfl7Dr7Z_UDK6l8ORQvqPbrM_1Ww8q-wi9SLmJPPS9qUCBS-yEW-WCeLsUUXE_-RohDzFfLf3-YunP_fMtILvJuupeJhnYPMpWZilIZkWak5f7EmhcaYhROCU0NjzTvjvG2vsPPjrLH2yFv0fQvPgh12K3sS9VFBgSZTyiM+launchtime:1716562077377+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1716562035391010%26placeId%3D14184086618%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3Dd633662b-2d73-4cfd-b7e3-b91b8614dc98%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1716562035391010+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=5620,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5772 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:iHoxkFVDMdkSc2BJLPd4y8fYm99Z2JY5WK9h0Wrw6te0ig7u6ndhuA9VcRwR7zxHnPh05efWa1YnhGfWNevqlkIxLeMraFDLYJNzYCvnUkrLgw1anW3SREtQ79kpmIaac02dCqbaNcIJPAeTN8-J1EHnwtXWpyJXlWH_NSJ5ZF_ca32OHqNsc0oaeptSEWmlOAB4IS3SmfO2xKS3iYD9-rS9fPLgYauEALV7JL01MO8+launchtime:1716562077377+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1716562035391010%26placeId%3D14184086618%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3Dd633662b-2d73-4cfd-b7e3-b91b8614dc98%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1716562035391010+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:m3yUtbv24Za-yt7Rs9mDIrkfri28WKqH8x7iRROKo5V8s02yCsUWwZGpRQPY_5ymeV4g0d1CYhAl1gDndZtI8JJh2vPktFEcSuAN_MECojH64kXgkopvBTgaHjFt-ddx-Opa3OCeP39efKo-UTlGL5S4ti5qSy6I8_M9UymXisipH8j4FviZ0hkkqNbp6FpYMp63N-xvKLu4_Gri7Yz8JRCQ7Ad3ndTcnH9V_Bcq7dk+launchtime:1716562077377+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1716562035391010%26placeId%3D14184086618%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3Dd633662b-2d73-4cfd-b7e3-b91b8614dc98%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1716562035391010+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=6712,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=6600 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:Xix2BgZ7N3kxTrokuAiVKkS-duSm35IIoiWFyk0mMCrHfEzGFkOgfW9sKP3HqIZrGo36FHYa31cwRlcV3MGyzgxVxewqH88Cdd_S6t8pfs_NGpKd64C6hXRjNOWAJzZYAEATa0ZAiJ67kkAI0352wZdJP2Vl526aHu2tb7fUdAf_H_UuR9kGnWJ6MldfPA2NB47le1gHqanNGaOYA2GuRGJXT3PzSiKnRMSVWHAvhvY+launchtime:1716562077377+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1716562035391010%26placeId%3D14184086618%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3Dd633662b-2d73-4cfd-b7e3-b91b8614dc98%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1716562035391010+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=7152,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=6564 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:OmV43W-y0r56jL29GCbT2eINmLiAjCR6ZuVAwk67UVoCOxEl_vPM4Vtif-k5E-9_zIg8YIRRRMuOwqQ6A7IJgeNU1FFy70Fvl7Fmk0OrEI7xREYe3bYk6-2vf1uGNFxMqpLUDs5ehEiGVxoFCNh_XIe1FrV1wniCj-J647fosd6c--IJtAtFqk-Sn7uNtlJtGXNHgsts2aCwiW69LXIszsX85RStgd5H1YhczyFJrX8+launchtime:1716562077377+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1716562035391010%26placeId%3D14184086618%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3Dd633662b-2d73-4cfd-b7e3-b91b8614dc98%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1716562035391010+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6040,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=6256 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6664,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=6832 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2B21C4A8-A833-4DB7-9DC2-0C8E6907051D}\MicrosoftEdgeUpdateSetup_X86_1.3.187.37.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2B21C4A8-A833-4DB7-9DC2-0C8E6907051D}\MicrosoftEdgeUpdateSetup_X86_1.3.187.37.exe" /update /sessionid "{97464069-D365-4C30-8079-0D3EB6E7BCCE}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OTc0NjQwNjktRDM2NS00QzMwLTgwNzktMEQzRUI2RTdCQ0NFfSIgdXNlcmlkPSJ7NDE5Mjk2OUEtNDAwMi00NjEwLUI0N0YtOEQ2QjI5RDg3MTJDfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntCRUEwQjNGMS0xQTVELTQ3REUtODhEMC0zMTM3RTU5N0RDQzd9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTcxLjM5IiBuZXh0dmVyc2lvbj0iMS4zLjE4Ny4zNyIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjgwMTc3NzQ2MzUiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODAxNzg3NjE2NCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMCIgZXJyb3Jjb2RlPSItMjE0NzAyMzgzOCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODI2MDQ1Njk4MyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iZG8iIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzFkZjQyMDgzLTE3YTEtNDRiOS05NDVhLTQxNjg3MTE0NjhjMj9QMT0xNzE3MTY2OTI5JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PW14cnhEbDVJdDFrbGNIJTJiJTJiNzY3Nm9UMTZxWWdWV1pTcm4xcmNyamxCdElCQTVMSFpXeWolMmZidm4lMmZxQWslMmZCODVQMHdDT1ZCd2JkUkQ4akh5WkQ1cWs4USUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSIwIiBkb3dubG9hZF90aW1lX21zPSIyIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjgyNjA0NTY5ODMiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzFkZjQyMDgzLTE3YTEtNDRiOS05NDVhLTQxNjg3MTE0NjhjMj9QMT0xNzE3MTY2OTI5JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PW14cnhEbDVJdDFrbGNIJTJiJTJiNzY3Nm9UMTZxWWdWV1pTcm4xcmNyamxCdElCQTVMSFpXeWolMmZidm4lMmZxQWslMmZCODVQMHdDT1ZCd2JkUkQ4akh5WkQ1cWs4USUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE2MjIwNzIiIHRvdGFsPSIxNjIyMDcyIiBkb3dubG9hZF90aW1lX21zPSIxOTc1MSIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4MjYwNzY5MjY4IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjgyNjU5MjczMzkiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48cGluZyByPSItMSIgcmQ9Ii0xIi8-PC9hcHA-PGFwcCBhcHBpZD0iezU2RUIxOEY4LUIwMDgtNENCRC1CNkQyLThDOTdGRTdFOTA2Mn0iIHZlcnNpb249IjkwLjAuODE4LjY2IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGxhc3RfbGF1bmNoX3RpbWU9IjEzMzU3OTk0Nzk3NTA2MjIzMCI-PHVwZGF0ZWNoZWNrLz48cGluZyBhY3RpdmU9IjEiIGE9Ii0xIiByPSItMSIgYWQ9Ii0xIiByZD0iLTEiLz48L2FwcD48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iMTI1LjAuMjUzNS41MSIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIHVwZGF0ZV9jb3VudD0iMSI-PHVwZGF0ZWNoZWNrLz48cGluZyByPSItMSIgcmQ9Ii0xIiBwaW5nX2ZyZXNobmVzcz0iezY4ODM3RTQ3LTRBMzQtNDkxMi1BODIxLUVBMDlGQjNERDNCQn0iLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\Temp\EUEDF2.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EUEDF2.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{97464069-D365-4C30-8079-0D3EB6E7BCCE}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzciIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OTc0NjQwNjktRDM2NS00QzMwLTgwNzktMEQzRUI2RTdCQ0NFfSIgdXNlcmlkPSJ7NDE5Mjk2OUEtNDAwMi00NjEwLUI0N0YtOEQ2QjI5RDg3MTJDfSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7NDZFQ0JBQ0QtNzQ4NC00QzA5LUIwN0ItODBCQTE0RkNBNTFBfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xODcuMzciIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIwIiBpbnN0YWxsZGF0ZXRpbWU9IjE3MTY1NjE3OTUiPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjgyNzc5OTM4MTUiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=6164,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5516 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=5128,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5916 /prefetch:1

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004CC 0x00000000000004D8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6788,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4972 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6836,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5920 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=872,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5412 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=5136,i,8231208196005558206,8669995942852332356,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5372 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzciIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MEZGMkY3NDUtRjEwNi00NDQzLTkxMjUtQUQ0MDRFMkJFREY2fSIgdXNlcmlkPSJ7NDE5Mjk2OUEtNDAwMi00NjEwLUI0N0YtOEQ2QjI5RDg3MTJDfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7MUU3MUEwREItODVFOS00RUUxLUI2RTMtNEU5RkJFQzAzRjIyfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7RDZqeFBlVW1LZmg4eXR5NkYwN1l4TTFlWkRIL1RWNkZRVDJmZkRpWnl3dz0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTIzLjAuNjMxMi4xMDYiIG5leHR2ZXJzaW9uPSIiIGxhbmc9ImVuIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjM1IiBpbnN0YWxsZGF0ZXRpbWU9IjE3MTM1MTk4ODMiIG9vYmVfaW5zdGFsbF90aW1lPSIxMzM1ODAxNzc1Mjg5MzIwNTYiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIyMTE0MDY4IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMTI3Nzk2MzQ4MiIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2CA01475-9F97-4412-8ABA-D40E00E7ECAF}\BGAUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2CA01475-9F97-4412-8ABA-D40E00E7ECAF}\BGAUpdate.exe" --edgeupdate-client --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzciIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MEZGMkY3NDUtRjEwNi00NDQzLTkxMjUtQUQ0MDRFMkJFREY2fSIgdXNlcmlkPSJ7NDE5Mjk2OUEtNDAwMi00NjEwLUI0N0YtOEQ2QjI5RDg3MTJDfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntFRkNGQjJDNi0zRkIxLTQ3RTEtQjE5MC0zQTE0RDFBRUNGQ0V9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9InsxRkFCOENGRS05ODYwLTQxNUMtQTZDQS1BQTdEMTIwMjE5NDB9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIyLjAuMC4zNCIgbGFuZz0iIiBicmFuZD0iRVVGSSIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSItMSIgaW5zdGFsbGRhdGU9Ii0xIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjkiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExMjg1MTE4ODAyIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTEyODUyNzQ0MjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMCIgZXJyb3Jjb2RlPSItMjE0NzAyMzgzOCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTE3Nzk2Mzg0MTMiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImRvIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy81ZjE5NTYxMi0zODRhLTQ4ZWEtODQwOC1iNGVkZTlkYzU2YmI_UDE9MTcxNzE2NzI1NiZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1MeFZDeFNzNmtZWGElMmZBRzNYTFp2aHl6Q0klMmZhbW5oQU1QcDFJJTJmN1NVNnhjcFUlMmJieGdJZGE0TGNZRmo5VlZXMjNaRzhNQ2NkRHJENnlqR1pSTHA4eWxnJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMCIgdG90YWw9IjAiIGRvd25sb2FkX3RpbWVfbXM9IjIiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMTc3OTYzODQxMyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNWYxOTU2MTItMzg0YS00OGVhLTg0MDgtYjRlZGU5ZGM1NmJiP1AxPTE3MTcxNjcyNTYmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9THhWQ3hTczZrWVhhJTJmQUczWExadmh5ekNJJTJmYW1uaEFNUHAxSSUyZjdTVTZ4Y3BVJTJiYnhnSWRhNExjWUZqOVZWVzIzWkc4TUNjZERyRDZ5akdaUkxwOHlsZyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE4MDQ0NDQ4IiB0b3RhbD0iMTgwNDQ0NDgiIGRvd25sb2FkX3RpbWVfbXM9IjQ0OTcwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTE3Nzk5NTA5MDYiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMTc4NTkwNzAzNiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExNzg3NjI1NDA4IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iMjgyIiBkb3dubG9hZF90aW1lX21zPSI0OTQzNyIgZG93bmxvYWRlZD0iMTgwNDQ0NDgiIHRvdGFsPSIxODA0NDQ0OCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iMTcyIi8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{28469698-CD59-4845-9E1F-EA596A4566EA}\MicrosoftEdgeUpdateSetup_X86_1.3.187.39.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{28469698-CD59-4845-9E1F-EA596A4566EA}\MicrosoftEdgeUpdateSetup_X86_1.3.187.39.exe" /update /sessionid "{2C03A27E-C78F-4758-9F5E-F9D7BAE92D89}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzciIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MkMwM0EyN0UtQzc4Ri00NzU4LTlGNUUtRjlEN0JBRTkyRDg5fSIgdXNlcmlkPSJ7NDE5Mjk2OUEtNDAwMi00NjEwLUI0N0YtOEQ2QjI5RDg3MTJDfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins5OEIxRTc2Ri0yQUZDLTRDNzAtOUI1Mi1CNTZGOTMwNTkzNjd9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtENmp4UGVVbUtmaDh5dHk2RjA3WXhNMWVaREgvVFY2RlFUMmZmRGlaeXd3PSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTg3LjM3IiBuZXh0dmVyc2lvbj0iMS4zLjE4Ny4zOSIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJJc09uSW50ZXJ2YWxDb21tYW5kc0FsbG93ZWQ9LXRhcmdldF9kZXY7UHJvZHVjdHNUb1JlZ2lzdGVyPSU3QjFGQUI4Q0ZFLTk4NjAtNDE1Qy1BNkNBLUFBN0QxMjAyMTk0MCU3RCIgaW5zdGFsbGFnZT0iMCI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSIxMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTE4ODQ1MDIxMDkiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTE4ODQ2NTg1OTkiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDcwMjM4MzgiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExODkyNjI2MTQwIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJkbyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvMjIxNjY3ZGMtYmIwYS00YWNiLTgzM2QtNWExMWRjODhhOGJmP1AxPTE3MTcxNjczMTYmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9YlVJN1Q5JTJmNEp6ZHN0VUI3Y0N1YWZiM3lvRnNXbG5DdlNDU3dkTHpjb09EcTRscWJ3c3oxeThmMVolMmZxcmF1TG04bllQRkJxTWFMOXhmbmZ3Zk5nbFd3JTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMCIgdG90YWw9IjAiIGRvd25sb2FkX3RpbWVfbXM9IjEiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTE4OTI2MjYxNDAiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzIyMTY2N2RjLWJiMGEtNGFjYi04MzNkLTVhMTFkYzg4YThiZj9QMT0xNzE3MTY3MzE2JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PWJVSTdUOSUyZjRKemRzdFVCN2NDdWFmYjN5b0ZzV2xuQ3ZTQ1N3ZEx6Y29PRHE0bHFid3N6MXk4ZjFaJTJmcXJhdUxtOG5ZUEZCcU1hTDl4Zm5md2ZOZ2xXdyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE2MjEwNDgiIHRvdGFsPSIxNjIxMDQ4IiBkb3dubG9hZF90aW1lX21zPSI3MDAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTE4OTI3ODI2NjgiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTE4OTgyMjgzOTQiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48cGluZyByZD0iNjM1MyIgcGluZ19mcmVzaG5lc3M9InszMDg4OTUyNC02QkY3LTQzOTYtQTk1Ri1DRTY2MDdGMjAxMTN9Ii8-PC9hcHA-PGFwcCBhcHBpZD0iezU2RUIxOEY4LUIwMDgtNENCRC1CNkQyLThDOTdGRTdFOTA2Mn0iIHZlcnNpb249IjkwLjAuODE4LjY2IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGlzX3Bpbm5lZF9zeXN0ZW09InRydWUiIGxhc3RfbGF1bmNoX2NvdW50PSIxIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1Nzk5NDc5NzUwNjIyMzAiPjx1cGRhdGVjaGVjay8-PHBpbmcgYWN0aXZlPSIwIiByZD0iNjM1MyIgcGluZ19mcmVzaG5lc3M9Ins0MUJCRjAwNy1FNUUzLTRBMzItQjBFMC02MTAwOEFBMUY5MTR9Ii8-PC9hcHA-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IjEyNS4wLjI1MzUuNTEiIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiB1cGRhdGVfY291bnQ9IjEiPjx1cGRhdGVjaGVjay8-PHBpbmcgcmQ9IjYzNTMiIHBpbmdfZnJlc2huZXNzPSJ7RjIwMTBBRkItRTA4Ny00MzQzLTgzMzQtMEI3MjFFMzg2OTVCfSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\Temp\EU78F3.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU78F3.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{2C03A27E-C78F-4758-9F5E-F9D7BAE92D89}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MkMwM0EyN0UtQzc4Ri00NzU4LTlGNUUtRjlEN0JBRTkyRDg5fSIgdXNlcmlkPSJ7NDE5Mjk2OUEtNDAwMi00NjEwLUI0N0YtOEQ2QjI5RDg3MTJDfSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7ODM3Mjg2ODUtMUJGMS00RUY4LUEwQzktODU0Q0NGMzBFNUE0fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7RDZqeFBlVW1LZmg4eXR5NkYwN1l4TTFlWkRIL1RWNkZRVDJmZkRpWnl3dz0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4Ny4zNyIgbmV4dHZlcnNpb249IjEuMy4xODcuMzkiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIwIiBpbnN0YWxsZGF0ZXRpbWU9IjE3MTY1NjE3OTUiPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExOTA4NDU1MDA4Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\MicrosoftEdge_X64_125.0.2535.51.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\MicrosoftEdge_X64_125.0.2535.51.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\MicrosoftEdge_X64_125.0.2535.51.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.51 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff6d1174b18,0x7ff6d1174b24,0x7ff6d1174b30

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.51 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff6d1174b18,0x7ff6d1174b24,0x7ff6d1174b30

C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe" --msedge --channel=stable --register-package-identity --verbose-logging --system-level

C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.51 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff6e2c84b18,0x7ff6e2c84b24,0x7ff6e2c84b30

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe -k AppReadiness -p -s AppReadiness

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7REQyNzg5ODYtNUU2QS00REYxLUFGQjAtNTEzQTBBNEUwRkMzfSIgdXNlcmlkPSJ7NDE5Mjk2OUEtNDAwMi00NjEwLUI0N0YtOEQ2QjI5RDg3MTJDfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntEQkQ2NkMyNy01ODA3LTRERTgtOEE4My1DN0E4MDY2QjQ3RTl9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtENmp4UGVVbUtmaDh5dHk2RjA3WXhNMWVaREgvVFY2RlFUMmZmRGlaeXd3PSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTg3LjM5IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9IklzT25JbnRlcnZhbENvbW1hbmRzQWxsb3dlZD0tdGFyZ2V0X2RldjtQcm9kdWN0c1RvUmVnaXN0ZXI9JTdCMUZBQjhDRkUtOTg2MC00MTVDLUE2Q0EtQUE3RDEyMDIxOTQwJTdEIiBpbnN0YWxsYWdlPSIwIiBjb2hvcnQ9InJyZkAwLjEwIj48dXBkYXRlY2hlY2svPjxwaW5nIHJkPSI2MzUzIiBwaW5nX2ZyZXNobmVzcz0iezE3RTg5NEI3LUZBRDktNEVENC04ODAzLTBFMzQ5MzUwMURBMH0iLz48L2FwcD48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iOTAuMC44MTguNjYiIG5leHR2ZXJzaW9uPSIxMjUuMC4yNTM1LjUxIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGlzX3Bpbm5lZF9zeXN0ZW09InRydWUiIGxhc3RfbGF1bmNoX2NvdW50PSIxIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1Nzk5NDc5NzUwNjIyMzAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE1NDUwMTE0OTU3IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE1NDUwMTE0OTU3IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE1NDc1NTcyNDcwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE1NDg4ODU4MDI3IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNTg1MDEwNjM5NSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjgyOCIgZG93bmxvYWRlZD0iMTczNjQyMjg4IiB0b3RhbD0iMTczNjQyMjg4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMiIgaW5zdGFsbF90aW1lX21zPSIzNjEyNSIvPjxwaW5nIGFjdGl2ZT0iMCIgcmQ9IjYzNTMiIHBpbmdfZnJlc2huZXNzPSJ7MDIyMDY5QTYtQ0I2RS00NUMyLTg3OUItN0Q3RDYxRTJCMUNGfSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjUuMC4yNTM1LjUxIiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgY29ob3J0PSJycmZAMC41OCIgdXBkYXRlX2NvdW50PSIxIj48dXBkYXRlY2hlY2svPjxwaW5nIHJkPSI2MzUzIiBwaW5nX2ZyZXNobmVzcz0iezY0QUI3MzUzLTUyQjItNEZFRi04RUJELTUzRjc4MDM2RjdFRX0iLz48L2FwcD48L3JlcXVlc3Q-

Network

Country Destination Domain Proto
US 8.8.8.8:53 client-telemetry.roblox.com udp
GB 128.116.119.3:443 client-telemetry.roblox.com tcp
GB 128.116.119.4:443 ecsv2.roblox.com tcp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
US 205.234.175.102:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 3.119.116.128.in-addr.arpa udp
US 8.8.8.8:53 233.69.68.104.in-addr.arpa udp
US 8.8.8.8:53 4.119.116.128.in-addr.arpa udp
US 205.234.175.102:443 setup.rbxcdn.com tcp
US 205.234.175.102:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:49725 tcp
N/A 127.0.0.1:49729 tcp
N/A 127.0.0.1:49732 tcp
N/A 127.0.0.1:49735 tcp
NL 13.95.26.4:443 msedge.api.cdp.microsoft.com tcp
GB 87.248.205.0:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.200.14:443 apis.google.com tcp
GB 142.250.179.238:443 play.google.com tcp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.187.206:443 clients2.google.com tcp
N/A 224.0.0.251:5353 udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.179.238:443 play.google.com tcp
GB 142.250.187.238:443 chrome.google.com tcp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com udp
GB 172.217.16.225:443 tpc.googlesyndication.com tcp
GB 172.217.16.225:443 tpc.googlesyndication.com udp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.187.238:443 chrome.google.com tcp
GB 172.217.16.227:443 id.google.com tcp
GB 142.250.200.42:443 content-autofill.googleapis.com tcp
GB 142.250.179.238:443 play.google.com udp
GB 128.116.119.4:443 roblox.com tcp
GB 128.116.119.4:443 roblox.com tcp
GB 128.116.119.4:443 roblox.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
BE 2.17.107.217:443 static.rbxcdn.com tcp
BE 2.17.107.217:443 static.rbxcdn.com tcp
BE 2.17.107.217:443 static.rbxcdn.com tcp
BE 2.17.107.217:443 static.rbxcdn.com tcp
BE 2.17.107.217:443 static.rbxcdn.com tcp
BE 2.17.107.217:443 static.rbxcdn.com tcp
BE 2.17.107.217:443 static.rbxcdn.com tcp
BE 2.17.107.35:443 js.rbxcdn.com tcp
BE 2.17.107.35:443 js.rbxcdn.com tcp
BE 2.17.107.35:443 js.rbxcdn.com tcp
BE 2.17.107.35:443 js.rbxcdn.com tcp
BE 2.17.107.35:443 js.rbxcdn.com tcp
BE 2.17.107.35:443 js.rbxcdn.com tcp
US 8.8.8.8:53 apis.roblox.com udp
US 172.64.154.86:443 roblox-api.arkoselabs.com tcp
GB 128.116.119.4:443 lms.roblox.com tcp
US 172.64.154.86:443 roblox-api.arkoselabs.com udp
BE 88.221.83.98:443 apis.rbxcdn.com tcp
BE 2.17.107.217:443 static.rbxcdn.com tcp
BE 2.17.107.241:443 images.rbxcdn.com tcp
BE 2.17.107.241:443 images.rbxcdn.com tcp
BE 2.17.107.241:443 images.rbxcdn.com tcp
BE 2.17.107.241:443 images.rbxcdn.com tcp
BE 2.17.107.241:443 images.rbxcdn.com tcp
BE 2.17.107.241:443 images.rbxcdn.com tcp
GB 128.116.119.4:443 lms.roblox.com udp
GB 142.250.200.42:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 241.107.17.2.in-addr.arpa udp
US 172.64.154.86:443 roblox-api.arkoselabs.com tcp
US 172.64.154.86:443 roblox-api.arkoselabs.com tcp
US 172.64.154.86:443 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 accountsettings.roblox.com udp
US 8.8.8.8:53 economy.roblox.com udp
US 8.8.8.8:53 friends.roblox.com udp
US 8.8.8.8:53 privatemessages.roblox.com udp
US 8.8.8.8:53 trades.roblox.com udp
US 8.8.8.8:53 chat.roblox.com udp
US 8.8.8.8:53 contacts.roblox.com udp
US 8.8.8.8:53 notifications.roblox.com udp
US 8.8.8.8:53 c0.rbxcdn.com udp
US 8.8.8.8:53 sin2-128-116-97-3.roblox.com udp
US 8.8.8.8:53 aws-eu-central-1b-lms.rbx.com udp
US 8.8.8.8:53 fra2-128-116-123-3.roblox.com udp
US 8.8.8.8:53 lax4-128-116-63-3.roblox.com udp
US 8.8.8.8:53 lhr2-128-116-119-3.roblox.com udp
JP 54.248.37.25:443 aws-ap-northeast-1a-lms.rbx.com tcp
GB 128.116.119.3:443 lhr2-128-116-119-3.roblox.com tcp
SG 128.116.50.3:443 sin4-128-116-50-3.roblox.com tcp
US 128.116.115.3:443 sea1-128-116-115-3.roblox.com tcp
US 128.116.63.3:443 lax4-128-116-63-3.roblox.com tcp
SG 128.116.97.3:443 sin2-128-116-97-3.roblox.com tcp
DE 128.116.123.3:443 fra2-128-116-123-3.roblox.com tcp
BE 2.17.107.152:443 c0.rbxcdn.com tcp
DE 18.158.133.106:443 aws-eu-central-1b-lms.rbx.com tcp
US 128.116.45.3:443 mia4-128-116-45-3.roblox.com tcp
JP 54.248.37.25:443 aws-ap-northeast-1a-lms.rbx.com tcp
GB 128.116.119.3:443 lhr2-128-116-119-3.roblox.com tcp
SG 128.116.50.3:443 sin4-128-116-50-3.roblox.com tcp
US 128.116.115.3:443 sea1-128-116-115-3.roblox.com tcp
US 128.116.63.3:443 lax4-128-116-63-3.roblox.com tcp
SG 128.116.97.3:443 sin2-128-116-97-3.roblox.com tcp
US 2.17.251.83:443 tr.rbxcdn.com tcp
GB 142.250.200.42:443 content-autofill.googleapis.com udp
US 151.101.0.176:443 js.stripe.com tcp
US 8.8.8.8:53 c0ak.rbxcdn.com udp
US 8.8.8.8:53 aws-ap-east-1c-lms.rbx.com udp
US 8.8.8.8:53 iad4-128-116-102-3.roblox.com udp
US 8.8.8.8:53 badges.roblox.com udp
US 128.116.99.3:443 atl1-128-116-99-3.roblox.com tcp
PL 128.116.124.3:443 waw1-128-116-124-3.roblox.com tcp
US 128.116.102.3:443 iad4-128-116-102-3.roblox.com tcp
FR 128.116.122.3:443 cdg1-128-116-122-3.roblox.com tcp
HK 18.163.43.106:443 aws-ap-east-1c-lms.rbx.com tcp
JP 52.196.197.103:443 aws-ap-northeast-1d-lms.rbx.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
US 151.101.0.176:443 m.stripe.network tcp
HK 18.163.43.106:443 aws-ap-east-1c-lms.rbx.com tcp
JP 52.196.197.103:443 aws-ap-northeast-1d-lms.rbx.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
US 151.101.0.176:443 m.stripe.network tcp
US 52.33.20.85:443 m.stripe.com tcp
US 8.8.8.8:53 3.51.116.128.in-addr.arpa udp
US 8.8.8.8:53 106.43.163.18.in-addr.arpa udp
US 52.33.20.85:443 m.stripe.com tcp
US 8.8.8.8:53 setup.rbxcdn.com udp
BE 2.17.107.82:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 82.107.17.2.in-addr.arpa udp
GB 128.116.119.4:443 badges.roblox.com udp
US 20.7.47.135:443 msedge.api.cdp.microsoft.com tcp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
US 199.232.210.172:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
DE 18.66.112.90:443 now.gg tcp
DE 18.66.112.90:443 now.gg tcp
DE 18.66.112.90:443 now.gg tcp
US 8.8.8.8:53 cdn.now.gg udp
DE 18.66.112.90:443 now.gg udp
US 2.17.251.48:443 cdn.now.gg tcp
US 2.17.251.48:443 cdn.now.gg tcp
US 2.17.251.48:443 cdn.now.gg tcp
US 2.17.251.48:443 cdn.now.gg tcp
US 3.160.150.117:443 cmp.inmobi.com tcp
US 35.190.88.7:443 sessions.bugsnag.com tcp
US 35.190.88.7:443 sessions.bugsnag.com tcp
US 2.17.251.48:443 cdn.now.gg udp
US 2.17.251.48:443 cdn.now.gg udp
GB 142.250.179.234:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 104.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 48.251.17.2.in-addr.arpa udp
US 8.8.8.8:53 117.150.160.3.in-addr.arpa udp
US 8.8.8.8:53 7.88.190.35.in-addr.arpa udp
DE 18.66.112.90:443 now.gg udp
US 35.190.88.7:443 sessions.bugsnag.com udp
US 3.160.150.117:443 cmp.inmobi.com tcp
DE 3.75.28.93:443 api.cmp.inmobi.com tcp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 216.239.32.36:443 region1.google-analytics.com udp
US 2.17.251.41:443 cms-cdn.now.gg tcp
US 2.17.251.41:443 cms-cdn.now.gg tcp
US 2.17.251.41:443 cms-cdn.now.gg tcp
US 2.17.251.41:443 cms-cdn.now.gg tcp
US 2.17.251.41:443 cms-cdn.now.gg tcp
US 2.17.251.41:443 cms-cdn.now.gg tcp
US 2.17.251.41:443 cms-cdn.now.gg udp
GB 142.250.200.34:443 www.googletagservices.com tcp
GB 142.250.200.34:443 www.googletagservices.com tcp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.179.238:443 play.google.com udp
DE 18.66.112.90:443 now.gg tcp
DE 18.66.112.90:443 now.gg tcp
DE 18.66.112.20:443 now.gg udp
DE 18.66.112.20:443 now.gg udp
DE 18.66.112.26:443 now.gg udp
IE 20.166.2.191:443 msedge.api.cdp.microsoft.com tcp
US 199.232.210.172:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
DE 18.66.112.26:443 now.gg udp
IE 20.166.2.191:443 msedge.api.cdp.microsoft.com tcp
DE 18.66.112.90:443 now.gg udp
DE 18.66.112.90:443 now.gg udp
DE 18.66.112.20:443 now.gg udp
DE 18.66.112.20:443 now.gg udp
DE 18.66.112.90:443 now.gg udp
DE 18.66.112.90:443 now.gg udp
US 13.67.191.143:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 now.gg udp
DE 18.66.112.90:443 now.gg udp
DE 18.66.112.90:443 now.gg udp
DE 18.66.112.26:443 now.gg udp
DE 18.66.112.26:443 now.gg udp
DE 18.66.112.20:443 now.gg udp
DE 18.66.112.20:443 now.gg udp
US 8.8.8.8:53 now.gg udp
DE 18.66.112.26:443 now.gg udp
DE 18.66.112.26:443 now.gg udp
DE 18.66.112.26:443 now.gg udp
DE 18.66.112.26:443 now.gg udp
DE 18.66.112.59:443 now.gg udp
DE 18.66.112.59:443 now.gg udp

Files

C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe

MD5 0469bb703f1233c733ba4e8cb45afda2
SHA1 a07afd7ecf1d0b740b0e2eddfcde79dcf6e1767f
SHA256 00314da401908da37ebfe9b642506cab81a4467c092719fcf007be045bc4a9e0
SHA512 342c9629e705eb78c7bd52b3efe4a92b6a8bece9933956390450600635e4c0511ca96ccaa25e6920e9d25ccdf444dabfea7b09f8fbcba2f371655f87633b6d67

C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\938199ca646378b696716037afc964ba

MD5 938199ca646378b696716037afc964ba
SHA1 2d865bfeccf3badef2f64e5d6453e6ab71d5f5a7
SHA256 2acc3e0879e4a71a6b08e2d6af7b238198d2eda73518b9394d82d00b010c9d7e
SHA512 1a37727c5dfaffa3023845592b400acc226face537176064698b8415d79284b6276fe68bf0e5870dc8898a846f923bd95eaac1d185613759ad6ca1068456b322

C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MD5 610b1b60dc8729bad759c92f82ee2804
SHA1 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552
SHA256 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08
SHA512 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdate.exe

MD5 4dc57ab56e37cd05e81f0d8aaafc5179
SHA1 494a90728d7680f979b0ad87f09b5b58f16d1cd5
SHA256 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718
SHA512 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdate.dll

MD5 965b3af7886e7bf6584488658c050ca2
SHA1 72daabdde7cd500c483d0eeecb1bd19708f8e4a5
SHA256 d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19
SHA512 1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_en.dll

MD5 4a1e3cf488e998ef4d22ac25ccc520a5
SHA1 dc568a6e3c9465474ef0d761581c733b3371b1cd
SHA256 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011
SHA512 ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_ar.dll

MD5 570efe7aa117a1f98c7a682f8112cb6d
SHA1 536e7c49e24e9aa068a021a8f258e3e4e69fa64f
SHA256 e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01
SHA512 5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_bs.dll

MD5 e338dccaa43962697db9f67e0265a3fc
SHA1 4c6c327efc12d21c4299df7b97bf2c45840e0d83
SHA256 99b1b7e25fbc2c64489c0607cef0ae5ff720ab529e11093ed9860d953adeba04
SHA512 e0c15b166892433ef31ddf6b086680c55e1a515bed89d51edbdf526fcac71fb4e8cb2fadc739ac75ae5c2d9819fc985ca873b0e9e2a2925f82e0a456210898f9

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_bn-IN.dll

MD5 a94cf5e8b1708a43393263a33e739edd
SHA1 1068868bdc271a52aaae6f749028ed3170b09cce
SHA256 5b01fe11016610d5606f815281c970c86025732fc597b99c031a018626cd9f3c
SHA512 920f7fed1b720afdb569aec2961bd827a6fc54b4598c0704f65da781d142b1707e5106a459f0c289e0f476b054d93c0b733806af036b68f46377dde0541af2e7

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_bn.dll

MD5 7dc58c4e27eaf84ae9984cff2cc16235
SHA1 3f53499ddc487658932a8c2bcf562ba32afd3bda
SHA256 e32f77ed3067d7735d10f80e5a0aa0c50c993b59b82dc834f2583c314e28fa98
SHA512 bdec1300cf83ea06dfd351fe1252b850fecea08f9ef9cb1207fce40ce30742348db953107ade6cdb0612af2e774345faf03a8a6476f2f26735eb89153b4256dc

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_bg.dll

MD5 8375b1b756b2a74a12def575351e6bbd
SHA1 802ec096425dc1cab723d4cf2fd1a868315d3727
SHA256 a12df15afac4eb2695626d7a8a2888bdf54c8db671043b0677180f746d8ad105
SHA512 aec4bb94fde884db79a629abcff27fd8afb7f229d055514f51fa570fb47a85f8dfc9a54a8f69607d2bcaf82fae1ec7ffab0b246795a77a589be11fad51b24d19

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_az.dll

MD5 7937c407ebe21170daf0975779f1aa49
SHA1 4c2a40e76209abd2492dfaaf65ef24de72291346
SHA256 5ab96e4e6e065dbce3b643c6be2c668f5570984ead1a8b3578bbd2056fbad4e9
SHA512 8670746941660e6573732077f5ed1b630f94a825cf4ac9dbe5018772eaac1c48216334757a2aeaa561034b4d907162a370b8f0bae83b34a09457fafe165fb5d7

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_as.dll

MD5 a8d3210e34bf6f63a35590245c16bc1b
SHA1 f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693
SHA256 3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766
SHA512 6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_am.dll

MD5 f6c1324070b6c4e2a8f8921652bfbdfa
SHA1 988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf
SHA256 986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717
SHA512 63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_af.dll

MD5 567aec2d42d02675eb515bbd852be7db
SHA1 66079ae8ac619ff34e3ddb5fb0823b1790ba7b37
SHA256 a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c
SHA512 3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\EdgeUpdate.dat

MD5 369bbc37cff290adb8963dc5e518b9b8
SHA1 de0ef569f7ef55032e4b18d3a03542cc2bbac191
SHA256 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3
SHA512 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\NOTICE.TXT

MD5 6dd5bf0743f2366a0bdd37e302783bcd
SHA1 e5ff6e044c40c02b1fc78304804fe1f993fed2e6
SHA256 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5
SHA512 f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeComRegisterShellARM64.exe

MD5 7a160c6016922713345454265807f08d
SHA1 e36ee184edd449252eb2dfd3016d5b0d2edad3c6
SHA256 35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9
SHA512 c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe

MD5 60dba9b06b56e58f5aea1a4149c743d2
SHA1 a7e456acf64dd99ca30259cf45b88cf2515a69b3
SHA256 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112
SHA512 e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\MicrosoftEdgeUpdateCore.exe

MD5 c044dcfa4d518df8fc9d4a161d49cece
SHA1 91bd4e933b22c010454fd6d3e3b042ab6e8b2149
SHA256 9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2
SHA512 f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_ca.dll

MD5 39551d8d284c108a17dc5f74a7084bb5
SHA1 6e43fc5cec4b4b0d44f3b45253c5e0b032e8e884
SHA256 8dbd55ed532073874f4fe006ef456e31642317145bd18ddc30f681ce9e0c8e07
SHA512 6fa5013a9ce62deca9fa90a98849401b6e164bbad8bef00a8a8b228427520dd584e28cba19c71e2c658692390fe29be28f0398cb6c0f9324c56290bb245d06d2

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_ca-Es-VALENCIA.dll

MD5 2929e8d496d95739f207b9f59b13f925
SHA1 7c1c574194d9e31ca91e2a21a5c671e5e95c734c
SHA256 2726c48a468f8f6debc2d9a6a0706b640b2852c885e603e6b2dec638756160df
SHA512 ea459305d3c3fa7a546194f649722b76072f31e75d59da149c57ff05f4af8f38a809066054df809303937bbca917e67441da2f0e1ea37b50007c25ae99429957

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_cs.dll

MD5 16c84ad1222284f40968a851f541d6bb
SHA1 bc26d50e15ccaed6a5fbe801943117269b3b8e6b
SHA256 e0f0026ddcbeafc6c991da6ba7c52927d050f928dba4a7153552efcea893a35b
SHA512 d3018619469ed25d84713bd6b6515c9a27528810765ed41741ac92caf0a3f72345c465a5bda825041df69e1264aada322b62e10c7ed20b3d1bcde82c7e146b7e

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_cy.dll

MD5 34d991980016595b803d212dc356d765
SHA1 e3a35df6488c3463c2a7adf89029e1dd8308f816
SHA256 252b6f9bf5a9cb59ad1c072e289cc9695c0040b363d4bfbcc9618a12df77d18e
SHA512 8a6cbcf812af37e3ead789fbec6cba9c4e1829dbeea6200f0abbdae15efd1eda38c3a2576e819d95ed2df0aafd2370480daa24a3fe6aeb8081a936d5e1f8d8ed

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_de.dll

MD5 aab01f0d7bdc51b190f27ce58701c1da
SHA1 1a21aabab0875651efd974100a81cda52c462997
SHA256 061a7cdaff9867ddb0bd3de2c0760d6919d8d2ca7c7f889ec2d32265d7e7a75c
SHA512 5edbda45205b61ac48ea6e874411bb1031989001539650de6e424528f72ec8071bd709c037c956450bb0558ee37d026c26fdb966efceb990ed1219f135b09e6e

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_es.dll

MD5 9db7f66f9dc417ebba021bc45af5d34b
SHA1 6815318b05019f521d65f6046cf340ad88e40971
SHA256 e652159a75cbab76217ecbb4340020f277175838b316b32cf71e18d83da4a819
SHA512 943d8fc0d308c5ccd5ab068fc10e799b92465a22841ce700c636e7ae1c12995d99c0a93ab85c1ae27fefce869eabadbeafee0f2f5f010ad3b35fa4f748b54952

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_fa.dll

MD5 cbe3454843ce2f36201460e316af1404
SHA1 0883394c28cb60be8276cb690496318fcabea424
SHA256 c66c4024847d353e9985eb9b2f060b2d84f12cc77fb6479df5ffc55dbda97e59
SHA512 f39e660f3bfab288871d3ec40135c16d31c6eb1a84136e065b54ff306f6f8016a788c713d4d8e46ad62e459f9073d2307a6ed650919b2dd00577bbfd04e5bd73

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_hi.dll

MD5 34cbaeb5ec7984362a3dabe5c14a08ec
SHA1 d88ec7ac1997b7355e81226444ec4740b69670d7
SHA256 024c5eae16e45abe2237c2a5d868563550ac596f1f7d777e25234c17d9461dd9
SHA512 008c8443a3e93c4643a9e8735a1c59c24ba2f7a789606a86da54c921c34cbc0cb11c88594544d8509a8e71b6a287c043b1ffe2d39b90af53b4cde3847d891ba8

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_lb.dll

MD5 269e84b82973e7b9ee03a5b2ef475e4d
SHA1 4021af3bfde8c52040ad4f9390eb29ae2a69104b
SHA256 c3fb0cae3dc5cdd86518d60f998c3adec1c0c5804a74ffbb9a346a73d598af07
SHA512 db716e2f6527af2dfeba4c22ff00e159d7cc0b482fc126e87b8b3d35b714bb382676066097352b6ebb87c8dfe7f6144e83100f0c9a9990b0d23c810b6c575c21

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_mi.dll

MD5 1866ddadd9397dbf01c82c73496b6bff
SHA1 b210a9df7d6a5e116fe7a9ff8d455b6cbfb5663b
SHA256 9b4bb2ca3366a1935b4869796efc0601f94356b45e8613d28e023dd516f48d17
SHA512 76fa5cade101d79d012e00904bf18692f85967ceea0ed7e81da4df65b85afc125a00127d9e06c8c59ffbfd2dcdc88488157b61922960559fa17d13dedca3ee59

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_lv.dll

MD5 30849a9c16061b9a46a66e8e7d42ff81
SHA1 2d0e86535d964acce8912c6bef3cc12346b22a6c
SHA256 b8075c09d33cc6b6ff22fdb29ccc3dd319ce867f4b77a1d165f6f8d8cb4977e9
SHA512 298ee10ff6cab7ff38d31e3a7826dedeab8e9ccc616eae4ca2e5ec333f42e5c6744650857031d8bf35034bd46c7c01a2646362ffbbef1f421995c73ba999ff0b

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_lt.dll

MD5 7071c732cf3e4b3144cf07c49d8eb44f
SHA1 3800bf304b44d9d27ac26bed6ccc899669dc3b4f
SHA256 9c75ef5c3f53c643d7bb8c5907a0cba6ca2d1d64e6bea39ce06b4ad5a20454b6
SHA512 be3a0942e2af843adeb8e9b6acc7cd8adec956b761f71d8eb0a02835ee5be115ac064fda7088b0813d40ec3a24e7bb77816e9b67ef0cbdce1562c36880b15049

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_lo.dll

MD5 864edbc77831a64a3e3ab972291233bb
SHA1 fa1f3eb3320c1b1a329cbe786abecf2a8e625cbe
SHA256 aecab1eb46075d1a1432b3e14537f860a2ded49a13ca82f17fac44b40ad2da51
SHA512 3d54efd01d6317fb4746b55db2c847a506f594cff055f0db84a72ede02dbe3aa03d8e65ea06c5ae365f44312a26cdbc45ad5f9a0de46d2b9c878aeeb24566b89

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_kok.dll

MD5 ca3465347e57624ee2a5dd2299d4f4cd
SHA1 551a151a8d49489c90400e18c34633aa2c2b8a4b
SHA256 5b9509a1ae34d89c89c8e657742495037d28cd03e1cd48aef4dfaa7aeebe29f0
SHA512 a4bdd458a7628a9f0664e1000512e056718cc924510a21704ff8c69b0b251a5a1c7f6f267d66325cadda1536aaee78440348be128d082112c71732e485ac93f3

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_ko.dll

MD5 cf91a1f111762d2bc01f8a002bd9544d
SHA1 db2603af55b08538a41c51fc0676bc0ed041d284
SHA256 baa9fae4fb8939e0b5fe0c7f393ab1ca40b52534f37bf2158a9a36331a221e75
SHA512 9db864dbd194885b46f7bed9875f1e531e48f7644ce4494b8dc482c7516a6f783cd35129d2565b272dc674491a08c844a6da88bf9fa7843fcf89c96b4e0af799

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_kn.dll

MD5 60dfe673999d07f1a52716c57ba425a8
SHA1 019ce650320f90914e83010f77347351ec9958ab
SHA256 ef749f70e71424d7f548d5c12283be70a6d6c59cffb1c8101b74f37ecacb64af
SHA512 46bfe77a49f14293988863a8e4dd0543202b954b670940d9ad5dc6d2b46e46104d8d6206be08a941f7e02b8ff3e2e2366b7b795d02352cff18971f8d0df5fcdc

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_km.dll

MD5 2ea1200fdfb4fcc368cea7d0cdc32bc2
SHA1 4acb60908e6e974c9fa0f19be94cb295494ee989
SHA256 6fd21b94f62ee7474b3c3029590ddf06936105508f9bf3509620c42dc37486c3
SHA512 e63b80a5929200c85c7a30a3054bd51eee2f27e603501f105073868690906f4619a27a52e58c90ac2ab5d5c34a4739dfdd2a511574afeb7d0118de88c5544f42

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_mk.dll

MD5 064035858a1df697913f06c972461901
SHA1 b6be99ae8e55207949076955389bc8fec81937fd
SHA256 4850260d2cbb4b4ff3490eb90ce55a412268ad699f946b1cd686ddf9f0403bd6
SHA512 9459056e919854213117b874e61b526af4ba35c3c3e195b204c5c3e59cc4dfa2b4a45c32551e1de144842844f246f5e0d025cdcc78dbf7265ba5e26e7209cd91

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_kk.dll

MD5 bcb1c5f3ef6c633e35603eade528c0f2
SHA1 84fac96d72341dc8238a0aa2b98eb7631b1eaf4e
SHA256 fdd6bffdb9eca4542975f3afe3ac68feac190b8963f0a7244b4b8fa6382381d1
SHA512 ecd79ddd9f3e6db1d0471132c453c324ab55bdead21de77392f418281bc8a2dd43e9009912896ffa3d55d4d3ef17b0aa847a084369b619eb04a2d2313641d520

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_ms.dll

MD5 51230a1b9ab0dad791e583b7ee57afe4
SHA1 957ba3e5d9b2df16ea3e099aab5b7e74d2055e46
SHA256 a47fc6a9a75875e75f3415f068c357dd499e533849381b875272d5994c163670
SHA512 5a3d754cefa1ab28748cb38021b5cbebd93fe513da0f4a7cbae98c0938acb10cdda939171d0842b09e97cb4c73f19272be665f767642ba1c5b25c709b5417edb

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_mr.dll

MD5 468a420700d239a0cd90b95896b0d6da
SHA1 ce57e3abf57c7ae13e99546b2a5e19dec03cb9b7
SHA256 24b304bd40f8e63848f8d2a1ca6ac8bc032b7a700161efad61ad445787650c87
SHA512 604c4cc8132c520da70c4870514610364648ec6446afa47128ac3aa8a9157932705da93e8ed4e33d56f5191d611b26b76aeba1514e9dff1a13dd32693cfddb8b

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_ka.dll

MD5 3bc0d9dd2119a72a1dc705d794dc6507
SHA1 5c3947e9783b90805d4d3a305dd2d0f2b2e03461
SHA256 4449ee24c676e34fea4d151b3a752e8d0e7c82f419884e80da60d4d4c1b0f8cb
SHA512 8df01ad484bf2924892129c59317f3da4f79611be2ca29e208114e5ed2cb96a63f753511dc4fe97e281417366246f2fb576cc6ef2618a67803ae7ac01be7b067

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_ja.dll

MD5 b507a146eb5de3b02271106218223b93
SHA1 0f1faddb06d775bcabbe8c7d83840505e094b8d6
SHA256 5f4234e2b965656e3d6e127660f52e370dc133632d451ef04975f3b70194b2ed
SHA512 54864e9130b91b6fd68b1947968c446f45a582f22714716bfd70b6dc814841fffe939bc2f573a257ec8c62b4ff939643211fb29cabc0c45b78a6cc70eaa3752c

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_it.dll

MD5 497ca0a8950ae5c8c31c46eb91819f58
SHA1 01e7e61c04de64d2df73322c22208a87d6331fc8
SHA256 abe2360a585b6671ec3a69d14077b43ae8f9e92b6077b80a147dfe36792bb1b7
SHA512 070398af980f193ff90b4afaecb3822534ef3171eca7228bce395af11ca38364bc47cab7df1e71187ef291f90978bdc37a8611d2992b1800cd1de6aa7fda09d9

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_ml.dll

MD5 7e90d4306c5768dfd1160ad9e2168a19
SHA1 4f7b17843ad226d51cfb0090235b55a29b5a674a
SHA256 8ebe88477b1493733140f1fced91903276ec69c7302deed3281054b49573eb3c
SHA512 f6d8b538915fa70bfb784ea7e6d4047759d8eecc822e4b76ac9666997a41901c8269a8185f29e5472bcfaa87e4b97483bd544f3fc8f656b60dca71d63b44d291

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_iw.dll

MD5 45e971cdc476b8ea951613dbd96e8943
SHA1 8d87b4edfce31dfa4eebdcc319268e81c1e01356
SHA256 fd5ba39c8b319c6ba2febf896c6947a0a7bae6aa0b4957bd124d55589f41849d
SHA512 f1c9fccf742fa450be249dbbf7e551a426c050ae4af3d2e909f9750068a2bdc801f618eb77a6a82d13421d27949c9f2a9681a44bcb410ccdeec66b24a70f6a9a

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_is.dll

MD5 5664c7a059ceb096d4cdaae6e2b96b8f
SHA1 bf0095cd7470bf4d7c9566ba0fd3b75c8b9e57ec
SHA256 a3a2947064267d17474c168d3189b0d372e36e53bf0efb9c228d314fc802d98e
SHA512 015dcb17b297a0aaad41c7b0b2199187e435855fd3977d16402be774622cc4f6b55d04ba9159a89e26e350c5602928c76dd9386be3974437b41888a0cfdddfa8

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_id.dll

MD5 03d4c35b188204f62fc1c46320e80802
SHA1 07efb737c8b072f71b3892b807df8c895b20868c
SHA256 192585d7f4a8a0cd95e338863c14233cdd8150f9f6f7dd8a405da0670110ee95
SHA512 7e67ea953ea58ff43e049ce519ae077eec631325604896479526627d688f2fa3bfc855a55ac23a76b1c9ef8cd75274265b8238423b95a2437be7250db0db31b1

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_hu.dll

MD5 f4976c580ba37fc9079693ebf5234fea
SHA1 7326d2aa8f6109084728323d44a7fb975fc1ed3f
SHA256 b16755fdbcc796ef4eb937759fe2c3518c694f5d186970d55a5a5e5d906cb791
SHA512 e43636d8c947e981258e649712ad43f37c1aab01916539b93c082959fb5c6764c9c44979650092202839e812e6f252c6c3eaf66d3d195c1efd39c74c81ad1981

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_hr.dll

MD5 0b475965c311203bf3a592be2f5d5e00
SHA1 b5ff1957c0903a93737666dee0920b1043ddaf70
SHA256 65915ad11b9457d145795a1e8d151f898ec2dcb8b136967e6592884699867eb0
SHA512 bec513125f272c24477b9ddbaa5706d1e1bb958babac46829b28df99fa1dd82f3f1e3c7066dc2fe3e59118c536675a22fc2128de916ca4c478950b9992372007

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_gu.dll

MD5 f9646357cf6ce93d7ba9cfb3fa362928
SHA1 a072cc350ea8ea6d8a01af335691057132b04025
SHA256 838ccd8243caa1a5d9e72eb1179ac8ae59d2acb453ed86be01e0722a8e917150
SHA512 654c4a5200f20411c56c59dbb30a63bfe2da27781c081e2049b31f0371a31d679e3c9378c7eb9cf0fb9166a3f0fba33a58c3268193119b06f91bebe164a82528

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_gl.dll

MD5 84a1cea9a31be831155aa1e12518e446
SHA1 670f4edd4dc8df97af8925f56241375757afb3da
SHA256 e4eb716f1041160fd323b0f229b88851e153025d5d79f49b7d6ecb7eb2442c57
SHA512 5f1318119102fcee1c828565737ce914493ff86e2a18a94f5ff2b6b394d584ace75c37258d589cce1d5afd8e37d617168a7d7372cfd68dd6a2afcd4577a0bc51

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_gd.dll

MD5 c90f33303c5bd706776e90c12aefabee
SHA1 1965550fe34b68ea37a24c8708eef1a0d561fb11
SHA256 e3acc61d06942408369c85365ac0d731c5f3c9bc26e3f1e3bb24226d0879ad9c
SHA512 b0c1a9d7df57d68e5daf527703f0b6154a2ef72af1a3933bda2804408f6684b5b09b822522193243fd0756f80f13d3ab0647c90d2bed1a57b4a9fea933b0aa9a

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_ga.dll

MD5 3b8a5301c4cf21b439953c97bd3c441c
SHA1 8a7b48bb3d75279de5f5eb88b5a83437c9a2014a
SHA256 abc9822ee193c9a98a21202648a48ecd69b0cb19ff31c9bbf0c79dab5f9609b0
SHA512 068166cfdf879caf4e54fe43c5265a692fcaf6a9dcbf151335fd054bbec06260bc5ed489de6d46ca3fc0044bc61fa1468fea85373c6c66349620618ee869383a

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_fr-CA.dll

MD5 b534e068001e8729faf212ad3c0da16c
SHA1 999fa33c5ea856d305cc359c18ea8e994a83f7a9
SHA256 445051ef15c6c872bed6d904169793837e41029a8578eaf81d78a4641ef53511
SHA512 e937d2e0f43ade3f4a5e9cdeb6dd8c8ad8b5b50a7b6b779bda727a4fe1ced93abd06720395cc69a274ce3b0f7c6b65e1eba1ecf069db64edb80d007fbb4eedbb

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_fr.dll

MD5 64c47a66830992f0bdfd05036a290498
SHA1 88b1b8faa511ee9f4a0e944a0289db48a8680640
SHA256 a9b72fcb3bdb5e021b8d23b2de0caeca80ddc50420088b988a5b7503f2d7c961
SHA512 426546310c12aeb80d56e6b40973a5f4dffef72e14d1ac79e3f267e4df2a0022b89e08bba8ab2ffa24f90b0c035a009bed3066201e30fe961d84ed854e48f9c5

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_fil.dll

MD5 7c66526dc65de144f3444556c3dba7b8
SHA1 6721a1f45ac779e82eecc9a584bcf4bcee365940
SHA256 e622823096fc656f63d5a7bbdf3744745ef389c92ec1b804d3b874578e18c89d
SHA512 dbc803c593ae0b18fd989fdc5e9e6aee8f16b893ae8d17e9d88436e2cd8cae23d06e32e4c8a8bf67fc5311b6f2a184c4e6795fed6d15b3d766ef5affc8923e2f

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_fi.dll

MD5 d45f2d476ed78fa3e30f16e11c1c61ea
SHA1 8c8c5d5f77cd8764c4ca0c389daee89e658dfd5e
SHA256 acf42b90190110ccf30bcfb2626dd999a14e42a72a3983928cba98d44f0a72e2
SHA512 2a876e0313a03e75b837d43e9c5bb10fcec385fbb0638faa984ee4bb68b485b04d14c59cd4ed561aaa7f746975e459954e276e73fc3f5f4605ae7f333ce85f1b

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_eu.dll

MD5 a7e1f4f482522a647311735699bec186
SHA1 3b4b4b6e6a5e0c1981c62b6b33a0ca78f82b7bbd
SHA256 e5615c838a71b533b26d308509954907bcc0eb4032cdbaa3db621eede5e6bfa4
SHA512 22131600bbac8d9c2dab358e244ec85315a1aaebfc0fb62aaa1493c418c8832c3a6fbf24a6f8cf4704fdc4bc10a66c88839a719116b4a3d85264b7ad93c54d57

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_et.dll

MD5 b78cba3088ecdc571412955742ea560b
SHA1 bc04cf9014cec5b9f240235b5ff0f29dbdb22926
SHA256 f0a4cfd96c85f2d98a3c9ecfadd41c0c139fdb20470c8004f4c112dd3d69e085
SHA512 04c8ab8e62017df63e411a49fb6218c341672f348cb9950b1f0d2b2a48016036f395b4568da70989f038e8e28efea65ddd284dfd490e93b6731d9e3e0e0813cf

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_es-419.dll

MD5 28fefc59008ef0325682a0611f8dba70
SHA1 f528803c731c11d8d92c5660cb4125c26bb75265
SHA256 55a69ce2d6fc4109d16172ba6d9edb59dbadbc8af6746cc71dc4045aa549022d
SHA512 2ec71244303beac7d5ce0905001fe5b0fb996ad1d1c35e63eecd4d9b87751f0633a281554b3f0aa02ee44b8ceaad85a671ef6c34589055797912324e48cc23ed

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_en-GB.dll

MD5 d749e093f263244d276b6ffcf4ef4b42
SHA1 69f024c769632cdbb019943552bac5281d4cbe05
SHA256 fd90699e7f29b6028a2e8e6f3ae82d26cdc6942bd39c4f07b221d87c5dbbfe1e
SHA512 48d51b006ce0cd903154fa03d17e76591db739c4bfb64243725d21d4aa17db57a852077be00b9a51815d09664d18f9e6ad61d9bc41b3d013ed24aaec8f477ad9

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_el.dll

MD5 ac275b6e825c3bd87d96b52eac36c0f6
SHA1 29e537d81f5d997285b62cd2efea088c3284d18f
SHA256 223d2db0bc2cc82bda04a0a2cd2b7f6cb589e2fa5c0471a2d5eb04d2ffcfcfa0
SHA512 bba581412c4297c4daf245550a2656cdc2923f77158b171e0eacf6e933c174eac84580864813cf6d75d73d1a58e0caf46170aee3cee9d84dc468379252b16679

C:\Program Files (x86)\Microsoft\Temp\EU72A0.tmp\msedgeupdateres_da.dll

MD5 d34380d302b16eab40d5b63cfb4ed0fe
SHA1 1d3047119e353a55dc215666f2b7b69f0ede775b
SHA256 fd98159338d1f3b03814af31440d37d15ab183c1a230e6261fbb90e402f85d5f
SHA512 45ce58f4343755e392037a9c6fc301ad9392e280a72b9d4b6d328866fe26877b2988c39e05c4e7f1d5b046c0864714b897d35285e222fd668f0d71b7b10e6538

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 bebb5491a7ba6491c6f3ff66c35a8370
SHA1 0461fd36b81b84568df78274218a457097a3cf4c
SHA256 dcc94ee9cb86386dfb6bddc521b73c4875ad9780f33ed51a548062da7ae99c1f
SHA512 214b4a81d417eeb070555f188e5ebeb3be8eeab26775ec0f64777a9667725b6b0d5f283ffeb4ded2d81dde90ba8cd84e43852030ac8ecfe973a04a861829937b

memory/1548-257-0x0000000000E60000-0x0000000000E95000-memory.dmp

memory/1548-258-0x0000000073740000-0x0000000073950000-memory.dmp

C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat

MD5 51edf8903b6cc145beeeb39e218955c4
SHA1 7d59e0ebc67640c81051ad8766fdd4e03258ab21
SHA256 fecf6238abf439b1b37ae22e6250674066aea4b91df68e6c3c09ce8e54ffbca1
SHA512 42f459e75677fb0697696c0e7e4ce24e607f6072d52e6122dbb023ea7b2918b9cc6552b1ce05d2c112b9c6b36f520949df3226d16483c331e3cf9d1b28fa5697

memory/1548-284-0x0000000073740000-0x0000000073950000-memory.dmp

C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Installer\setup.exe

MD5 0e2485bb7949cd48315238d8b4e0b26e
SHA1 afa46533ba37cef46189ed676db4bf586e187fb4
SHA256 1a3d50530e998787561309b08a797f10fe97833e5a6c1f5b35a26b9068d8c3e8
SHA512 e40fcfb989e370606469cb4ca4519ce1b98704d38dbfa044bf1ad4b49dbcaf39e05e76822e7dc34cb1bb8f52e8d556c3cbf3adb4646869aba0181c6212806b96

memory/1548-312-0x0000000000E60000-0x0000000000E95000-memory.dmp

memory/2132-317-0x00007FFB90E20000-0x00007FFB90E30000-memory.dmp

memory/2132-323-0x00007FFB90F90000-0x00007FFB90FC0000-memory.dmp

memory/2132-326-0x00007FFB91020000-0x00007FFB91029000-memory.dmp

memory/2132-325-0x00007FFB90F90000-0x00007FFB90FC0000-memory.dmp

memory/2132-324-0x00007FFB90F90000-0x00007FFB90FC0000-memory.dmp

memory/2132-322-0x00007FFB90F90000-0x00007FFB90FC0000-memory.dmp

memory/2132-336-0x00007FFB90930000-0x00007FFB9093C000-memory.dmp

memory/2132-335-0x00007FFB90840000-0x00007FFB90860000-memory.dmp

memory/2132-346-0x00007FFB8E9F0000-0x00007FFB8EA00000-memory.dmp

memory/2132-348-0x00007FFB90400000-0x00007FFB90410000-memory.dmp

memory/2132-355-0x00007FFB904B0000-0x00007FFB904BD000-memory.dmp

memory/2132-354-0x00007FFB904B0000-0x00007FFB904BD000-memory.dmp

memory/2132-353-0x00007FFB904B0000-0x00007FFB904BD000-memory.dmp

memory/2132-352-0x00007FFB904B0000-0x00007FFB904BD000-memory.dmp

memory/2132-351-0x00007FFB904B0000-0x00007FFB904BD000-memory.dmp

memory/2132-350-0x00007FFB90470000-0x00007FFB90480000-memory.dmp

memory/2132-349-0x00007FFB90470000-0x00007FFB90480000-memory.dmp

memory/2132-347-0x00007FFB90400000-0x00007FFB90410000-memory.dmp

memory/2132-345-0x00007FFB8E9F0000-0x00007FFB8EA00000-memory.dmp

memory/2132-344-0x00007FFB8E9F0000-0x00007FFB8EA00000-memory.dmp

memory/2132-343-0x00007FFB8E9D0000-0x00007FFB8E9E0000-memory.dmp

memory/2132-342-0x00007FFB8E9D0000-0x00007FFB8E9E0000-memory.dmp

memory/2132-341-0x00007FFB8E9D0000-0x00007FFB8E9E0000-memory.dmp

memory/2132-340-0x00007FFB8E820000-0x00007FFB8E830000-memory.dmp

memory/2132-339-0x00007FFB8E820000-0x00007FFB8E830000-memory.dmp

memory/2132-338-0x00007FFB8E6B0000-0x00007FFB8E6C0000-memory.dmp

memory/2132-337-0x00007FFB8E6B0000-0x00007FFB8E6C0000-memory.dmp

memory/2132-334-0x00007FFB90840000-0x00007FFB90860000-memory.dmp

memory/2132-333-0x00007FFB90840000-0x00007FFB90860000-memory.dmp

memory/2132-332-0x00007FFB90840000-0x00007FFB90860000-memory.dmp

memory/2132-331-0x00007FFB90840000-0x00007FFB90860000-memory.dmp

memory/2132-330-0x00007FFB90820000-0x00007FFB90830000-memory.dmp

memory/2132-329-0x00007FFB90820000-0x00007FFB90830000-memory.dmp

memory/2132-328-0x00007FFB90790000-0x00007FFB907A0000-memory.dmp

memory/2132-327-0x00007FFB90790000-0x00007FFB907A0000-memory.dmp

memory/2132-321-0x00007FFB90F90000-0x00007FFB90FC0000-memory.dmp

memory/2132-320-0x00007FFB90F40000-0x00007FFB90F50000-memory.dmp

memory/2132-319-0x00007FFB90F40000-0x00007FFB90F50000-memory.dmp

memory/2132-318-0x00007FFB90E20000-0x00007FFB90E30000-memory.dmp

memory/2132-367-0x00007FFB8EC60000-0x00007FFB8EC70000-memory.dmp

memory/2132-366-0x00007FFB8EC60000-0x00007FFB8EC70000-memory.dmp

memory/2132-365-0x00007FFB8EB50000-0x00007FFB8EB60000-memory.dmp

memory/2132-364-0x00007FFB8EB50000-0x00007FFB8EB60000-memory.dmp

memory/2132-363-0x00007FFB8F9C0000-0x00007FFB8F9C9000-memory.dmp

memory/2132-362-0x00007FFB8F9C0000-0x00007FFB8F9C9000-memory.dmp

memory/2132-361-0x00007FFB8F9C0000-0x00007FFB8F9C9000-memory.dmp

memory/2132-360-0x00007FFB8F9C0000-0x00007FFB8F9C9000-memory.dmp

memory/2132-359-0x00007FFB8F9C0000-0x00007FFB8F9C9000-memory.dmp

memory/2132-358-0x00007FFB8F9A0000-0x00007FFB8F9B0000-memory.dmp

memory/2132-357-0x00007FFB8F9A0000-0x00007FFB8F9B0000-memory.dmp

memory/2132-356-0x00007FFB8F9A0000-0x00007FFB8F9B0000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 316ec3764327e9957c7ea45d42a87bad
SHA1 a440f5c87ce4829bb3403b9b2c36337d0c28c84e
SHA256 6931c9d12cad8884368e1b26e22a21ba66b26771eb040944fd8af4d5d7916e21
SHA512 a5790bdd790172678167280a8a2705e21c221fb6b4403b381f0de552f3ff2949c6e8536bfcdd86172d3f456f9ca02f794be505b0cce0997f1f86be4ee2f60be8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 ac7cc47bce84e905ae0e71d17a349b7e
SHA1 f77ddcf874f7252b1c975242708a32fe9b4b7f40
SHA256 536acddfc5f8d43e11c960059d4968617b70d01e0a1d4960d70987e0dd301c32
SHA512 9b6e5662505b69d5ced3393357462792747cba523a30ac866a3678f9665ffcf642632ff5ed31dfa00346a93221cdb0e3417ae3520ce85d3582e72a3801ea9f2a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b64ff338334477548c454512e159f97f
SHA1 558bcba25901b0257cee47c0c28da787d3dfd905
SHA256 01901ced058b879ee2535c284f501db474df05d3cd783b7a5d541e1c794d3b22
SHA512 37ef61239507ccfe19f58c5a3e48f63e483e3923cd3f64252fbdccac7a2c217bcfc024f9e1adb2ac613a0058afc5247cd46dcbbaae2354a81fc85bb6b39efbfe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 deb589d5f8136871457555fefbd164ea
SHA1 bffa12109a9eb0cdcc68ea2e4740de37474031a0
SHA256 dcc80219c193ce143a6a6fd89fe1a9c5155b84b47e113d682d2cd1ae3349e4e9
SHA512 e16783cffa8db71b5ac1294ea4565223c9b0224ccf89c5bfc50e17d129bedcc169acdc97f202d1c36ad3224cc79bf40813ed63eb46760d81624736acb4c61342

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f059f0205309800780af40673a70d43f
SHA1 adb506b147808381e9c319640a4763b245df602f
SHA256 be3903b70890a52f95f9d74ec54565568040b9a30c001eb5a12248026f77a8d5
SHA512 f3c6c89daf91052455ff43af7744e3d48cb7fcef4df9573f9864feda40030dce9891df88e8ca230884d4ca1f30b7bca9f941cdf27689ed08982fcd8af6f387d6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 740007bfda60fbfd5202dc2101c94c3f
SHA1 3471025afcb18acb5ff6e8f17db743ec868584e4
SHA256 47a77aacb92dad7c0e19ccfe193e107dde7e3b04a35fe4786993acb5fa6ffaf9
SHA512 4bda921868992e6c3a1b7befa0fb698f35fec7c1739fab71f0f2793adcad5abe81bcb6d5d2a08019940177c09a07a89ada67bb9437d7f5ab88d783ee49500cbd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9b0fbf9aa741ec1ebdc2712ff8237362
SHA1 5f8a9e9b342391cbac55a3063f209eb042bd0186
SHA256 ba5f7cffd2ae4070c060f78905cdc609218b129869e67f8de9ec0b3ec39800a6
SHA512 70f01f39b44507053bd4fe22fbea82af3d2087480a2d637317e6521f705f5c997f23a3e8a80adf273ec799e27e4b5f6eea41dd55f5bc458d3752ea029fee6a22

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 6e5673a0e43fc294253de1c16d17e3a4
SHA1 d00e9d664e632e3a5301afe692063f7b501e1c22
SHA256 93c3c1b4f1cc5104bacf331215a3f1bd3cd9dbdb2d636daf0a9892381cb255aa
SHA512 6e77210c85bbc28dfb962c72abacaf855c5f5ceb0425d01efbe38596d60fc6cf8c5b863f845cac9d446e68a69c2ba5e17e4c034d196a34bf9db16099583a17b0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d3edb1f616c2290941479e328676666c
SHA1 393f9dcdd1e3ef49e7bddbc51299e199185be8ce
SHA256 65af15632f34ced2962de7894648cd9c025d400581b1c41ac0131a9e9e4e55d5
SHA512 bab98d0b28e87e6aacf4ea3ce7179e50740f915dd4798927e28e85e849945547600d0bf5a7bf3ae001fdb262dedae6e026026ad3a6092d36edace70a065c91af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f99d5015351b5b8c3cadb585cc4aca40
SHA1 49d186b8554ad7bf64680f072022e20d0cb92188
SHA256 a576f7a45a200885df2dd274fda6ab09ab711a0e6979ad37f5c2b42fa1cf151c
SHA512 8dc41ff1acb4fed61f4a5016e468daca3e6799afc60df0b73f7b6794fec52697aa9cfc813134d0bbf57dfa70a95ac9b4ca8a10b8ea0aa7a20dbd680428a1a9f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4a75742292980c9b222fac0352ea761e
SHA1 8be46da3a94710ed232d7b7d41f89c6775b7b091
SHA256 b3f32cd706bf03f470c8053a20f2fc1426cc1e5a5f09718df22f4e0740fbbab5
SHA512 797590c9498d2478a806c4f0c3734d34a9814bc5edc09d9bcecd9fd77c6bd7adfd7c71c79c3745ddf6949c27fe32f2ca9748e28ab6d03f88f5da939e1c555642

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6ac7d66ae5169025b8393bdb7d9f8557
SHA1 f64091cdeea7cf46eedb0b65b3ffdb52979a048b
SHA256 ebbb1d794530b67d9112378ce6208d4096c44d83995f6d3859e299e8b66a43ff
SHA512 11171802f75d2d43bde4a35e631594ddf734e137d0696b95b49a1974f93e8a90bac68f79f984a7670bc017e6e4d1d2f4c9c3d7e3220660407f2f80aa6cf52d55

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 8be5006500daad77b21555c4d9b83e53
SHA1 0baefd28ca6f875aa600d71614bde252822002c2
SHA256 a45743a8063be8c66dd9aefdb45ad2de7262cade4b8e02ee5038b22d3683e938
SHA512 7443a2b0fc1e89490392768a632bfd45ba65d3a167afca45b397ef5dc2190fa4dda0cf46bbd27bb1b649c8e7156aaaa87bd63f1d43f637823a55435f4af1353e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9a2b1838ec599cfd770ceebd809f41cc
SHA1 da7c71d8cc2f91022b7246e6a6bc3d29a407c780
SHA256 04ac46d1f76ac2cc3b4d90013510d07b1d931c6c7a8c678a59b4b21ebf986072
SHA512 1a1519c433c141670e6bbb230c809bd154147edb7d2084fdc2eda56d18a4be0388ed5361351ca8eb010ae185a843bef7baf007c27ff1df23f658c0721a822445

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 f1bc71a10adc6075e53233062446c983
SHA1 c4f59cc7140a4fe6610fe76f7cc22e2a23003930
SHA256 cb33105674c58f9d13742fd7a3264d8ec7e3a6ce52e1b1693d5b1b8d36197ffe
SHA512 0ef9c581639c636bb266e11de9e03b7d6e2a786800d63ff17298bf2eb986e9be4c37c636bf262c252bc42b8feb10fdca5dc13ec7db6b6bbba9772048248ce018

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0f9f72a4930a4d106e1bec4bda6835f8
SHA1 d4cbf0154a4385b927397f1a7e42ea4d2fe3fe36
SHA256 7e667a70d1f2c3500c67b18ae097ab263ac2de40caf8529d0c46691c2327c923
SHA512 db88ee10b92fe72d117e5d4a99b67dc1d791834ee8f1b98be78dbdcbf6df05507459a4858a661277a8f21e7c2ef5e6406a4f9817f3a5fb70b0e97b970a40d8ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0ad9ad4a72a4b316cc420df54a3fea49
SHA1 42943e49b7da2def8444a7573414e27b97eae028
SHA256 b33a06530d0ad2c43299802b9a966e1bc08dd8329baf3e2170855a3f15834fb4
SHA512 c05131219373098183f9f128ba202459b8ca147a39e44ed424d606904f2dbaaadb86513e78365cbcad6cbc44d9c8698b05387d0e9b6776f33d867d835eb7745d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8b0889bc253284757e6662b118122862
SHA1 80b79cce49415ba531862462edb29399afeec81a
SHA256 f7adb4638866c4c283d6cdbf42e852eda9d25f684515e9da70dc92e12cce8b85
SHA512 64d2a3683313a76cd97820bce5208ab0f0111d8df73647cd5a758913b6abe2d7d34b1b22f81c5cc32414ff148f28638c3b21e4f704daf4424f55a9d369d5f7c2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c7835afeec7e5a7a76e680f81b5535e5
SHA1 18ff738958bd2439f8c82068136ecbc192ecb72d
SHA256 d91bb492639fc085cd71de3bb63b1add5ae475c32841b9057258e306fd8f6bcf
SHA512 f0700bf571cf93ebc6e93a9d69292564544fee4edad31d636bbb611345448dc377bf847804f2a356972ba97ac766737a17f028b8828179d443b9c40fb5726c83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c06b50fa92c6764f5751c9699b7d5da3
SHA1 324548eb416ecc72c7d7378a19225e0c3fd0891e
SHA256 8334f84a0b44132914163fcf76ec1e8e34c07a6e574753064c5e35fd09129fb0
SHA512 2bbe3221e0fda723a8139a54c4cffd5abe028c30ad563ff917a844b18f65a8204a42322c1b46036e05a1bc715d7614a39fb675d957419c698b1e53d613497bca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 813c973154e3551e2f09d97a55b42f3c
SHA1 973bad9355f1741caf6487e86b2557736c601254
SHA256 09de7ed464b0a03338b38af47f5b47b767951b500f3e6a9231369b8625c9931f
SHA512 3be34120e98df815afeab639248ac588ba3c89a0951eaf801582c3118164d41c82bc710d92416cba7b53ba7f76330ed83d6f73c9e40d7321013d088de7b08c06

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2cad03ed0cf120a08615d139364c7294
SHA1 2d313aad52dd81bb0cd8477c2bc412fa68b257c2
SHA256 f190995d416f3b8d2b60766ed3dcb62b96b0a673b2d60b9136362c828bcf9586
SHA512 a3e776db0185bf87d7e311d9269615df0a06e5a3e81952ddacb954cd0832dcc0e445a9aea857fdfc1fcd227737ce676f163ad0cc6cb0d268f52f23aa396ec4bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9a57f249b6fde0bbcdafbb33fb4198d5
SHA1 b458519253c7257efb7439774aeb0c9dbac02db0
SHA256 cb8404966bf691058a583c0cc157625ae105d10c2dca9f05a54f7e698e139179
SHA512 5d27e53cefec07a690fa241e9e6fc5fb16b58e8ce4db690b21eb1315ae6512d718d65ce84a1fd5bbe5e46b9f46e1b5a70aeedbd98782d0c069f9441360773709

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000026

MD5 f996e49da547473edffff57b1b76231f
SHA1 1e0cd895f6c2a60a4cfd25cec7941000203fb91c
SHA256 429c245c93f6801d9d14dc1c9128aa0b7dfc69ac1b054b6f3f46d25d77a59bb4
SHA512 e94613f37fc596c259074736181465acef2e6c7992e39eaa8f15ffbfae240c3eaba9f0f0f500e6b415c13ccba30343eb8dd148a7d47558ebca3c007dad12240d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 aa45efee063c2b783e2a27340a7c5029
SHA1 ec3462aac2df1a641804a461e6361deda3931b65
SHA256 45e6b3430e9f643a3c36ae0a019aafb0538f7f3c9a7b2aecc5e2e795df9ca660
SHA512 f31310b1be84bd0933770dd0a8bf10a4f2bf9db08d1acfaac9fb1c8bec7e25a76cb13b41d5b34a0fe3f2b571652b2b710bc88e34134b5ec1636d1fa15d14ed96

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old~RFe5bb7b4.TMP

MD5 79dc37574f901f9e82749b6eaae51b88
SHA1 f843eb92fb92fc63586e732a89aa7dc20c8916f7
SHA256 579d513f4f043bc491cc756d963ffee406e8cecba54b84bf424499b4472a034c
SHA512 773477dc9ccc02d6b84a82b717280de468e41db13bce3b854db6a83f798ad544440804e7cc7bdced32be784d936f191b509b4b922075c68f6365d263987fdf61

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 12f35b0112f9d317648bb751a8ffdc31
SHA1 18d49d0cbff46aba9cf4b2daebfaa432f536e6b5
SHA256 437a7f2da3997ab1a7108c414b3272ef47c45f8605f044834c543e3a1f64163d
SHA512 db390bbfc9705f41e9117aae4befed088323cf12703377b3b617b732d0dd56d7426b81bee58bcf6c2a379e8eac2f7489cee19ed43964cd4c211f40625c8270eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f6

MD5 588ee33c26fe83cb97ca65e3c66b2e87
SHA1 842429b803132c3e7827af42fe4dc7a66e736b37
SHA256 bbc4044fe46acd7ab69d8a4e3db46e7e3ca713b05fa8ecb096ebe9e133bba760
SHA512 6f7500b12fc7a9f57c00711af2bc8a7c62973f9a8e37012b88a0726d06063add02077420bc280e7163302d5f3a005ac8796aee97042c40954144d84c26adbd04

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

MD5 d222b77a61527f2c177b0869e7babc24
SHA1 3f23acb984307a4aeba41ebbb70439c97ad1f268
SHA256 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747
SHA512 d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

MD5 b5ad5caaaee00cb8cf445427975ae66c
SHA1 dcde6527290a326e048f9c3a85280d3fa71e1e22
SHA256 b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8
SHA512 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b59792343d91431a6b93d180d9444191
SHA1 fd9a5b33f4328360dde82d6697975945e1015a30
SHA256 8dec5b2a704ad6cb0a7e188350fe654a135263b2372d7183a8174945b9f69504
SHA512 10d3997a967076c22a10a37e57e1fe5c25584c889f97bbe2911076f9b6b11c4c977286fc52a7218752571c63414b42f752bde7533ff2c06f32a002a12820d7db

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 63fbe667d2da8694383cc62091c3c335
SHA1 fa30fe941bf9ba21d912827bce9b082be13ef6e5
SHA256 7da7daeb9746ca42812d6a9f9e81df1bb754975c9abf3f4685080d619c20ec28
SHA512 26a67e198544e1d172d5b88f4f2fcad4dee963e3e36fa35c9d2befe3dd2165a06fa64b4aca427cb5fb98320dbb100736ab870ec70902ff2b08cd93612f7d12a1

C:\Users\Admin\Downloads\19b7fe5a-4d1e-43e5-8c28-6171831f7bf2.tmp

MD5 b09395855e53d5159d899cb5d9ddbf0b
SHA1 02c54e9f79a345a34b79f711c8a254f224d70389
SHA256 8a330e2f425d46d4f4b3fc6209ceac7719b420df91203737acb9549aabeae2eb
SHA512 6208a0644d858950119288e3477f27c8c7a5cea5d0b61ef53f7d18ac05b2b5c41360661da97385d043e1f85dd7df51aed70b4aa87fa87af7a791edb9685f2b05

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 38d6dc9a930b1a5d448de2e20aca2dc6
SHA1 eda5a7aced94449686c3e9ba005b21b6e2c0c44e
SHA256 8b86272ab6b2d71b96a234aa135c9a97db99cc902f760b1428ccb87b498ec6d9
SHA512 fe8a39af17f81713c655a6cd529a2e2fbd570d46b7bcab360206f50c34f91f277c3a47c639f712116b8aa43c39039018a82be86d0f804af1569860f02a2cab9d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a95625133730d621e926b933fc6b06b2
SHA1 5ef6515f21003a2483bb7c362ecb0a0931db90ae
SHA256 d9500e5cacf47fd6c55eed4affe091b245cea90e19e4161b0a0777f5d8116064
SHA512 5c3ef63238de018e69277b99dc6562a7a532ae8cec5e1946517cad66d2eebb606bf2cd128a9de0204c80d629c57f694045cf0fd107ea0c38995f477052028f37

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b498566103ec25a44933aacf8c863a27
SHA1 41a9d9d9f817edba3d021cced8c0a29c5cd9f928
SHA256 3a211c7fc2be37623712e90d8cdf906e9166b6f4c6c972b05326bc55b093ba5d
SHA512 b06e35a1e1598ad3bde3bd8ef1880b0d2238b28e59d3f37016faa666bd532ed5b5b8f57be205f351d719eca1472379e429b2c2113c21054452057a7b8d810eeb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d2ec6cbf4835a1b61ee1a16b307445eb
SHA1 d9712b74b3ef1562c274761eb5e6e2dbcb6ff6ce
SHA256 899d5bba167d804ae5e1249099467d9e68d2b479f502591facc3126c087c856a
SHA512 212c2b2c6041a3fe6c6df94edeb6abfae6a9cce7cd1829ba8dde0bca89f5b8b85721fe74f613e71ed9b02ef62e5cb49c413848135fee016e0d72ecbd2f4da6f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fed6cd2a22ed22d38802c61babe9938d
SHA1 9b253bb94456e18ebe79b821d0c52971d11a638c
SHA256 d40da882f398d4613a3d9f9f94f656ef642c5664df570bc9a3dcf121a304ff16
SHA512 761727d0cea35bdf45b6de86de92c6163623ac0c1f4c51a1ae267c87bce7212c24cca05846d73e453efdbbbbc9b0a179e899ee48b0c4940781a76a7ea0149737

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9f04570e81d7235e0059a6252f989013
SHA1 596e34a9ee9461ea50abaaf390cca8e856942270
SHA256 b5790af6268c134cc46cbe52d15cda70b76ff32d5ccd543cdaeebc130fb370d1
SHA512 c021d03799e0062b2841927ddfffef418293f074bebf669bdc8405df12523e52e849ae02f4896deedd3e2d12391e40b354c88ce8d5351b524c67d017b1d6fd58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 dd81de527fa42cd58cc43c8a40b39840
SHA1 38be197604034c6f13b55d4395dd213df114b3d8
SHA256 c49b0785548fe29d1f21a5262c6a589bcb213e368c9c20ad9aaf9a45f1ad356b
SHA512 d43381e346ae980898ba7bf95db1509bb2609c8f466ac2cabba731944b2b19013c881cbd12c7c0eac69777e6e24e016a2c3fcb2f27ecbef620832b3d03e25065

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dc81cdbaa286fc452d7b30cfa5d13aaf
SHA1 5518fbca93fcdf95dd086b7f6366714293fd3d65
SHA256 15bf462ad00ca9ad5a5ae011d8a58c5fd29f383b770c984d15e44bb767e651e5
SHA512 44a37aa42066367117dd0786bc2edd5a0bd46d38a2fa31f30c1746e30d68c72ba6b794768fc51e01d1be25833b0aae72f2ec99d9b5005b9bc2bf7a116fb1334d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1d9cc1aba1d9ffc2e8ab14d627ce1e78
SHA1 d2f00802a3e529fadda5087b74d64439211bc821
SHA256 ef1fc839d62e7ca38c148aea56edb2b924ff7cb892ce887b12b14cea166e1e58
SHA512 a8755fe6b81f63ab41e9d9adcdeb590f53fa0adab14bed300ce779a596740079950eb3791383d5456a26acc36991b5238cf78a2d16f4c0f1c12125c4b8c3f3cd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f011f12853fad4ed64a17f9bd1d29acd
SHA1 38aa4a1c7b2accfe8a7d5401e3079aad941f34ec
SHA256 426c81312205a30f5e5cb08de559265c5c52ef69b1e779361b146a8970800ddd
SHA512 4822e2475698b3b6a33e5f3e21345972bc9e4dfa6f9da4969e457d4c0064efbfcf96a37a16aeb1fa606104df29d0ae9fb65b020524e1eb4aa42d97b6d855381e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ca8742e111927aa6ca2a1344de958b0c
SHA1 a80e5c92fa63e8c64a605e6a050b81102c1f358d
SHA256 fedd1936d82d4b0fdeb413f2358af2180ce04ce67ea11df6d7d2d35886575576
SHA512 3cc10f9f491d79ea31927a3b2acd3073cd19dab5f1fae0051376622f900f4d975b5d4d64c24c2c6e7ac64d277f1b585e6129c405eaa108ccdeb022025c3a816c

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.187.37\MicrosoftEdgeUpdateSetup_X86_1.3.187.37.exe

MD5 160e6276e0672426a912797869c7ae17
SHA1 78ff24e7ba4271f2e00fab0cf6839afcc427f582
SHA256 503088d22461fee5d7b6b011609d73ffd5869d3ace1dbb0f00f8f3b9d122c514
SHA512 17907c756df5083341f71ec9393a7153f355536306fd991de84f51b3a9cdf510912f150df1cbe981dbf3670bfa99c4cb66d46bc3016755d25da729d01b2e63b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 77cc64b8bafc681b108d11f03454eab4
SHA1 9e43af7a8cb4ed8546f499608468e322e315006e
SHA256 90c5c85e7d3c85e15735657bd1c1f3b3aebee19bb2671fa14e16af83536de64f
SHA512 5513ab7766721cb8b82001b7355aba901f41c5dac8cc7d1c8e1a49e85e82f48d7be00437f2b59cae98c5f03fb8ddc97f6cd1a573657dd0a81da1668f93b2bbc0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 64a58ffd9fc4a1067ea71a9a72f1e14f
SHA1 a0a748b2243736926233fb41622350992d312544
SHA256 43b4ddd66f40a8370f897fe08a47ccfcbfdf902d0565ab10ab7f6b1611d3327e
SHA512 aba0295ba330b270f68a6c06fe3d2ae07b7e11d8d8f1859bbce26f72bf21b484be29530642f44eb2fd6fe384207b4c7444b165d5d7f78fcd79d5784b14dae0a3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b269a89e4a881ef9d2a1b37bbc08ae10
SHA1 084c035967f2a6a14635e92a64d18617fb29f5f7
SHA256 616d76b92fea37d1cf128c4c2c4e09035e55585bef0f132a9a794c7ab8e119c4
SHA512 77e399edec614ac191660d4af728b4a7757e04fc8e060553779ffde2262f86afe8d70b36d8572e2a6c68813de77071fe56256e47d222cf33205999c7d8882c62

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9dd87709c49f688f77e35e2335daa90a
SHA1 e05341e216a210d3553415d13c36dbaf6c40b538
SHA256 0de9feaaeef2b62096efea6c179735649a2f54ebaec262dd27905dba947aa602
SHA512 b3c5e790159da12d5b7d28dbd23047055dead591ba7f76485c4ebab45f847173be2ffe66f0ac2c1edcfd802bf86f8a4010016260a14f0f4d67af5a8339929bfb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000116

MD5 db6d94096510a63a163dc3a89fb482d1
SHA1 b87304653024b01bc59b2d2f74386bfbe86b1fd3
SHA256 2d6d20583e69370baedeb772d5529554b680daf27322648b1a6d334efd0e24c0
SHA512 b7e7355aa0b928c8270419dd510654b7d476339553536c4da949ec276711e9b78362c0e621a324dd27d7187303d610332286a3179ff691f212d3b3b75c02840a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000119

MD5 2dbce23e4981cbf2184cb46cff78b3c7
SHA1 658304d9e75fd521ae0f61a72f49f3729302e845
SHA256 775f8803dcb70650fd8f263b0b6f7802c9c554b14aa5d787838d6364df44da7e
SHA512 f060d4c81557215ac9f22f9d15f06ed4f89f4a4cc40221cb85d2ca58b488e81cd1c752761bf9ec844a9af11123f1db7d0c784255333dfa9039d752ef797aaa50

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b0146dea1ed9f6d688923950aa8c33b6
SHA1 6c1eeb1af9e08bf81f3c0e6b320c0289fe329079
SHA256 636f14fe5791f0a1d458da21d5af7d933b8406bf2b6e1883d618c8a5aa8dacc8
SHA512 4fb544093f0356421892fae8d593c324f44828328e63a550fa4b874d7c2d7898431ad667a184900d9fd168cf35b79c8d95fd5cc835601dab1c49a36be84f6d98

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fe

MD5 0e2e777834d3f47a9f1600cc1b8f910d
SHA1 d9db00dbccd72f442484a47a6b6ff678b6e11345
SHA256 0c8285c4fac7bc8079e719a14354b4e6054efed9356027dcb9c8593771e72e87
SHA512 df3f17924619aac5f09d401b9c3c2755c86fc4e4eb97e65ebd99e2eebeb3bfc357d6ec6b64b79f987532b2338e188ccc2fd9f83faac93345f6cdc24b14783426

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000100

MD5 10efb91369daa4c04cf6fd78580d3d15
SHA1 dc3214cb574ccb55aa01bc154e998662a760d93d
SHA256 ef6b412bb64be39a05223be9622f34947b0bbb9709f4a59c91f60208b2c20195
SHA512 d26a9a063e3e01453739175e103da8118d1ce58e129d9c5cb24964ab5963cc132580a2dbfc7366f7277c41c736a3a4386b19d51075a157bc561cdeb37d4644b2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00012b

MD5 9182a99ea93b5e98291886dd4e9251d0
SHA1 33644919173bfebbb4391e62594532790bd38c00
SHA256 f4d9349675a37c8036c11441a5c9d9d7fb4f1671653ef1bc5bc329d07192784d
SHA512 6801eec7edc99d0c659902e693605ef08d4f0dc47641e2b591514dfb776195f46e43e1b0cc1615d4689c4d4fcdfc41430ceacb2e9daa6525112ba8076970b855

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e91fa2ac05a2a258c93b828587fbbd5b
SHA1 8850b5ffe6443437ff19c5e86830aa4f9efc581c
SHA256 21890014e99b69cf3ba44da8426d55e7076a8e771ac1da50265db06a98e63410
SHA512 cf13ae1c347c163d6a626da973559d9ed0e2091c6554103c57e8d530a6dde6c8d55a2d2b8cc4de698e3ae0d220c74b6cbf3087ae6c9c38a2e3fae78c99423963

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6694cf3c675a431edc43c4046f66fb61
SHA1 05fa9792b5eb228fd80d2beaf0dd9e6ad94f1194
SHA256 bfbdc43b1da308b3cdfa6d23fa0ea3b454ee46b5aacb870df2f8c848316faa9b
SHA512 3ab61090d8443f1ce91a494d09d3714c91fdb5425bcee4dafc373e5f8a77dbc51a40652f0369e9d848bb8ed4a960ff919e3316feef7fe820b503df5fc5f2f04f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b7223ca58dda8488bf982c3fffca7630
SHA1 0808ec5cf21052d57a3222cde70bb17b1d5365bb
SHA256 490340bbb12376571c356dfb68fab5e83fd45446072046973608c6c50260f0f0
SHA512 aa4553e487a07501d28ce766334961fc9d81602a2b4110a7a75fd99806de4ee3f06ff19a4e05146498d3d87453b4c56da8c6eb13212bd058087934df32fc27b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 439bbbef224a63907fd310301906e45f
SHA1 b6a7654b93d662d9a2d6b897041c0c3ebfec1735
SHA256 3897648c7dc79ef6f08f83e514e4b664bd11961d3fa617bf185b26641095f425
SHA512 38e95c240d390b1728445c538385fdb75319d7b62975b2e8cb61968df89535cf48c890e8ff1675466193b5f7edb07f0cdebe487f01621803e31a65de7749612c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e0b29573497da9afe3f55338341591a8
SHA1 77a2578cb3af06cbe1e5368855b63adebdb53370
SHA256 28218983dd7035d25cc207e622008d4f95a63b2468b8b28323fd0b82a99ae8d2
SHA512 fd5d42d636abe6d9b6ee58dd9aee29f54c3e73d16885d5b1600e144ee84763f18d0ada72429a5ca3de9fb519a1ab64aa11376acfe81742320c1954ff94af04d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2958d2c2cb922573b37becd943a8a42f
SHA1 852ec041087b694e4808016b1c880bf92bc58f2b
SHA256 40205a6d4e52b91c5b62e9804badc241751b125adfead523ee4b55c3177f4104
SHA512 6d59f974ad8d93c33d8f38fa4c49a1dd760f8ccadfad8b1e9f4d6b118ab656e168c29c304ed780334f61c488e3cf968b105faea7c02dff6d24a4ea4cc189d2e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c1c4dd12d5c1dc280e5ff3909de85954
SHA1 a44789b79934e569688c8f8093cf504ccec71165
SHA256 93b03a0cfd5726e285adafa34a4f72bab19bd6564722a148de96e0b9ad6cf65f
SHA512 32c7b7350411305b4a5f89dd4fd6d341b79d75fba2cce54f9ec3d2b3f929b2859eb749a286bbe078f254863571f8c0cb49df8a33eabd9ee60822918d7bd594a3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c57342c55a9537069bef20e7b39ab01e
SHA1 e39c328107f0ff713d9df75033341eccb378f0fe
SHA256 9d0fac531dff5001d0ab4c8d9c55650a880439f7c1768e38796fe0b924895107
SHA512 52be3779a9c2b5d0bc3b839747ffd148a6e7bb179cdc0b90423a7c33f20ff230db40f5b30a2d34c6a235f86023dd3d14c4475fe789ad9ea582ad05055d76bdc6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9228a1161c5354e45dcf890739a3ef50
SHA1 01a60d1f1079499675165132a42198518dc40122
SHA256 576d875c3bb682bc8aec82e5af07c8195ea1bee71ee54d128d6c2840dc21444f
SHA512 dd5dbe4915a812e6346d6907e8d1c6ca7604ad91b378812994429a0aee48ce03100230aa0e19c25e2746e823829d1acf600cba3401553a824b2d0c675f136660

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f108e26612881d67a7db497d3259f258
SHA1 af19cfa8e6aedda99779d885941b0153b08c7a2d
SHA256 2a9d9410233519726a1ea700d6fb762d3897b3aa40500538e95d9a2c1cddd2c3
SHA512 4ba3b91e00721dc6997b642ef57ed2837737bfc790638197ce84074978694f1a8f25e2092c89a41872a856802d76aac2945542d0e0493eca07d996c989a1225a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8322c60e4682becb102a56979646d0f3
SHA1 de56e4cf062c1683b5cf5630b98141c89c9b2030
SHA256 c2fe13f7165ba4f5965e52a177def5a3620e09abaff14ed7f023acc6223d1f36
SHA512 f4eb873c099b26e509b34728d5d5bd9c7abb53ec0c621ae5a6cc917b3377e2e5f30817163a4d6df61a29f1218854b6959885e6593facfefa1d1638e01ae2c4d6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6a58c5c05667b71bdd2353fa9ab99437
SHA1 3cfaed7cca85d2c2fe7b8df97154b2b9cca92cb6
SHA256 e23a466e7435c21f901a20c7f421cae7048a573aaa48477daa22a5af1d1ea186
SHA512 86905afceaea93345f35d160d5dc7cc589eecabd659918443f146007d9f87a07c020f8b257d3cea505545897bf4bddaf52478440817cb0ccb3e0b975647895ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 302e572a364780842695824cc4e3e8c4
SHA1 d4e300928ee40034254dd6e0d9500481503ee954
SHA256 c5e83709a94967326b0459cc526c1b4b69a3fd563dc763dbd88a8ae21063b197
SHA512 05e67969eb6438492167a7c5b68a49a9bd0509a801ca54117c1b4feb015eaf3b8678152d0da22a7d82c74c827573784c5104fc21278b4bf41eefb5ed995f539a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9ad3f8c0914e1048040653811416598f
SHA1 6bde628a055147b5275f0233dbee47be4ac517da
SHA256 cd1bf5bfbff944cc139c8d7763f9fb86bdc5534c0d4867159b61d267bc54aa42
SHA512 0830fee268d4e08050def3d159705a01077511d8dd5f9dc448ecef6b67a25ec08675ef19fff117d0d5287428c4143907b991fcff26d1f2d9300efc6b98875a9b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 256cce76cb21c7bc501ca73b653ce293
SHA1 130daeda774c110329041dc9293a41cb66ef4998
SHA256 b786a9fa326ea204df022f98da8daaa88f403dd1be1421d468cf99b78716df6f
SHA512 da8da5ea9ac2f2c1d38d82180f8ecae6e51aae7f55b623ecee63e5b65042e6904b5db7c3fcf99c2ca42355bc660f7df198aea9f82291966a3da2053656c66cf1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 da7c29018d3bfce3b91b3fb1c0061a8f
SHA1 b1f34b0403bed562842f19d17cbe910b9e9054f3
SHA256 b37ecaedf2846e8e227642c4a90b88fd9b0ddc7b6e0c5bc6566a012b3f6a8d71
SHA512 25dd44f31b1dafc7ce1d6ed75e0fc5ead987184d02976ccb8e169aaae479542e31d73877231a897b10cae9f4a644019b7e2beea1210b3277b8f1b647232bfddc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 002d1024e2c8eb5097d209509c82e609
SHA1 d4f738d8fbbbdd6ea0f1f8364c843c7636e0cb0a
SHA256 7a09d2ff27261f3d4bd994a6ec98c180538f4ce8a8074ffb9e6a4c5f0a82e316
SHA512 2bc1f2e0c2eb9973134b0e26351baa5ff1b1318d7e5cae2e389cb30fd2039ef6e3a51477133068eef597452dd3745e9cfcd0e7d63c029eb0c5d867159eab6edc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 786697b6d95dee28c6daa8c41f574ce5
SHA1 75c8f01827fc2932d28bbb7e59dbb67dcb8675b1
SHA256 6e4f21b074134199dfc9c153fe1a131434b7369c7072f4217702454e226cd8e5
SHA512 974e901519ef034c1cb1779d98b50febf2ea62a31d9e807cb18ce4815340c926990566774e3c28b16217afd6a1ab7238f5e2b6a4c23c2c797f5077514c671663

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1adf17d9a3d8a9b3dafd51b2a2d1157f
SHA1 c8dd20e2ee05ef8f21cabce11aea26695cc72411
SHA256 1748d0753375215ab0ec705517e2e2db86c39d63219610fcb4b07d9dc268e1f5
SHA512 7a85e754a48f01dd4796086bbe92279e53ce12311d8206ab2812285174d0a7dc964e1487a35a72407134bba1f3908cd049d6f4d15cd99587a6a21211a3d85494

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 630d75b6ed1a1d5c57bec5657140446a
SHA1 73d7a5f996b93282b81ed487c10a359f2206ab82
SHA256 4f6a50db6fae9d945b11dc2e0212eb648ffc18c17b62c2b08d45d3ad162d73cb
SHA512 c6f8a407b21ed97e1a80267dd311d540159123ed19d48edb535fcc3062024c013e4b68c237745cb71dd3bfe3994ab465a76060a88d989347fd26523731a71666

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7dfbc4ea8023308e192c3024cc1faf27
SHA1 11e9e5d1c3b680e412224434fdb67ac2ecf2463a
SHA256 123f6f95abc0b2f7214ee419b409dac821bc458254ff6f73b334c9b78694d2d5
SHA512 ac993ba31d4306bfe65e863ee17b6e1af4610260e348f9270989acca6993b1d78f179ba5e7f79b570eb5e86f25843b03b9dc4eb42a4425807305e879f844f698

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{1FAB8CFE-9860-415C-A6CA-AA7D12021940}\2.0.0.34\BGAUpdate.exe

MD5 3f208f4e0dacb8661d7659d2a030f36e
SHA1 07fe69fd12637b63f6ae44e60fdf80e5e3e933ff
SHA256 d3c12e642d4b032e2592c2ba6e0ed703a7e43fb424b7c3ab5b2e51b53d1d433b
SHA512 6c8fce43d04dd7e7f5c8bf275ba01e24a76531e89cc02f4b2f23ab2086f7cf70f485c4240c5ea41bf61cb7ceee471df7e7bdc1b17dfdd54c22e4b02ff4e14740

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.187.39\MicrosoftEdgeUpdateSetup_X86_1.3.187.39.exe

MD5 1f744e1c802560affe8b308640b6ab67
SHA1 bbfecefdf891c11d573760d4dabdf86091463421
SHA256 fa7d8a8cae60ab620d2aa887de62039d2647e4f5c1c649d75f0f52e14ec11a99
SHA512 780440aa518397e52bb429b5a8e7697bf0096db0fe343cd40a541b60f34ad4976ef7fc2204737d296a8c1fbed2951496503dc50158d6455617c67483f87f3015

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ae8aa744423412a126c63521aec8e8fa
SHA1 c197314cac0f5334e11922a39ebf2dcbb23266b3
SHA256 e3e35e8a60c3907d41c03ec0e4acc3ad95091bd75ce13261bd2c96aa913c85a5
SHA512 3c1050057d5aff0030aae910b7f05ede7ce6f675718bb9956c9ee2a52437b2b7979f071b60e3156f8f61b8768ce10e6de670ca490dc68dde00f27a135193cb37

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 95c9f2c9c9257da83e9255b18245895b
SHA1 73a54625eecb9ce6f78892c8332c809f6a00cb6f
SHA256 d0c028c2aa919d7662379455145c5e88f951a011ab2ed176cba23be875df80ca
SHA512 892573e2fc48055e4e7793e1132d20d9053808df11b445edc5b3941b4ae5036dbe752529a0e0622e8f1305bcf3f2d94d07155c3aa7908bba19b27ea62f986f48

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 23d5f2ed1d20ab04c1459779a067348f
SHA1 bf8672949f6bc3fa59ef0317861e0030d9acbd1e
SHA256 6de135d100beb29869cba32cc7b79f29e72dc589ea4863f53cf9711cf597547b
SHA512 c34d43e00f2515c055bb490f506022f9b38e999caa56bf51d13a2b3f2c073e8e58221b0d6f7614842e62f1bd42848d86072937098bd00df88416ff9124c4fa63

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 af3378fc8604a1e73666ad45b3e31d29
SHA1 f78b1b33e77bdc227f4a0170be810dab1d02732d
SHA256 5768b5e1439291467778fa0c7a28c2f723a57c12a051d6c3dfaf8d197ac23c0f
SHA512 dd9da6cf454d50a76550282ccb4117ba2f3fecdd67c7d23196ec991d1187a2cc5818624cad53fd842aafa2ccb26795d9be3d6fd0453211715672ad6eafc2974d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9a76b490d26084a781c262ff24aa8ae1
SHA1 8d77fa09f1958e96d93eab07526d777056b467d0
SHA256 8226b7a65bf07253d1cfc3bf0954c63fd63caf59cbf432defeb986b87024bb2d
SHA512 598517c44c9ca5ee4ca05198740ce0d00cfc0b6aacb5c230f48e049a025ec83e0602ff486c826ef231c7257bf4c5594d924ceec021f2003594c90669df65dea5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fc7612c2e94fdd63166b23b19182cd97
SHA1 6da80b9ea2d0aa143a8b3df5fb34e7172bb39c22
SHA256 a9c67726c733862ac95a4e95b0e0665ab53c981c0d441661d8c5f8e06deec718
SHA512 c8ecc155fb7840088323f267d6972f1d07939cf0d3c5abc2228dc7ae5c3da714397290269ab7f6e2e85bb3beb4eb284974c08bae77258e635e17f7d4b3fd55b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7d314a144839fc6a3c79b751ad641d68
SHA1 dec8f5b3854034ddcf3f02c8e2f11a9b46ea1071
SHA256 69ec7d0ddd1644f6a320921a92de78287de783ae4149042c62ab691fd08b9f34
SHA512 0d818d4ab7ff723c31b0806e248479b9b37dd3f5e193cd330d41ba8412e797e168d05ae1294fd4786dd43c7f5ac28ea137040ebb4e86b39ace9149ef521c2c43

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5e2ce02fdf0d1da8c31ae906a4c8f841
SHA1 7415dabdb539e572682455eb4f36123f38af5dcd
SHA256 38a3cebfa184fe3ab54882d676b3106b4353af0d40f2b35970b80992e4c19d9c
SHA512 6ab61902a1efc22a7cdd60dc799273465fccd27c9f8c4d1a9ff4704b3876b0960cea6ff996af19ef624866fc267e0f4f9bfda86fec8953d7da2afa967ac2d978

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e1c3fc8547d78de68d93c353fd7a0d77
SHA1 40bb08d2e67612caf0ec4f0a970317aeb6488995
SHA256 60487dce1bb139803f6d6baa2be760f3ac8f2b59c75e55a7f13d19ecfc3b1439
SHA512 f6b3c135ee5b0dd0c31960787995639ba2370245c24940270799e83206e43ca725f012a5a4efc522619f654d0433452cfc6606fe7d5b3e1212dae07375c90521

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9a70f8af85a925c566559a98486913dd
SHA1 e2455f166788a2d0a55310190862dabaf9177e32
SHA256 51a4cd57f19333608f2c0cf92a702af24ec3f95445dfd7bab7631529a43e5a72
SHA512 c6661c78044fb0669a67613ac6ee97799acf132fff336b183915cda51dc5b3fd390ef59d0e2eda4c8702163092ec5be7ab6e4366fe3cf66b36d7ef0cebf0bcc9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 76bfb2fdffc5c8027b30398caf074764
SHA1 4084ddcb753fca44b5e40f0f88a4048607fadf78
SHA256 3f58aab92cdf2c74ec56422a792eea2c10df11ab98c2fc296b9f525be340e784
SHA512 0a8c7129ac70de4c70a3cf4f5653e29a03d28b31175cbc5ed362d2936e7aff4811947028850415ce3260f82ca2b890bc48078ea99434cdc76d9251138d3a1303

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 73de9736279a0fb255a6c332f6e70802
SHA1 44ee83ac984f93ef57729696ac9104f1ecf426c2
SHA256 00e8a9b4359508a113b940a7369e4083b5afb7aea95e1557c1179d00cdcb1c63
SHA512 e5a35c3d5b96fd5e9894f5f71045085cec3fbc89578444d77f61d3ee54a14cd837b5977c85e057292d823446279a14d89143a2808218f34209f98a394f5b509f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eb6ba3c964b8666aac0dae640471a6d7
SHA1 b5c28fe7f9525a533fa3cbba3f0e5fb27c8f0f5a
SHA256 ce8a1dbce3cd9cecf4c15747d280b79dd7e5e84a554d5972b1df27fe7e447c38
SHA512 a10a54628579be639b3f0b4c031550f05940d658191510bd0652ea81ef2b193eb37d1a40db304dc7bee764d3dd79d175e38cd2bd945e5316464bd4eca092bce5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 66dc3b31d46cb1cefaeb4d263a4f70a2
SHA1 99a67f02e6fd91ea042e7e04d8aeed8ab3cb679c
SHA256 b862003aa388ccde49bcbf668ba1c003f0914cc854902b5e5f1ba911bff4fbbb
SHA512 e5510d2adb099744344ecd460b251492b061ca6cd2d461b7488664fdadb11eb8c69c8ee7457cb7c3311bf0bedaa8548b61f20f9a51b6695587927f869e2ee283

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 08846fcc01de53f9a1b93fd31ef43226
SHA1 2c9dadaf4ea129a87a799a12ff7f349a02e13ad4
SHA256 621e0533847f1fde8ffc56fb6fd0f3cea50c999339091184b82ee67f8e89cca6
SHA512 f8ba4ed3ba141173c4f54bcb7e4fad5e657e078e598746ce132962f1178c5900079a415e8f7d0d6a2291cb452a587771df28a40be07794b7bb0f63c219199de4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6370bafb7a8d8215a87c571700d51708
SHA1 812ff9692e8e11517b01db1a31ebfad2d16419c1
SHA256 aa9d48396656a33cc42a219149f4db7bc3c4c012db2559cbe752323f0be6c241
SHA512 14258456c9fb7bfbd59d1fbb77c0fdae24ce65b54e08b67e173e1dc3c4ed088e324c1a0f126590a82d2bc4fc5ec7f2049f1d2e853118d6dc953d7526af245f6c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9a2d8a48e684b268604fb30434296b38
SHA1 2cab511050e1d01e484b003b8ac55d79dfa273cf
SHA256 b7888b0ae77177388b0ff976a12d98c528d758760927f4ca9d79325294fb41b7
SHA512 76160966009471b8825b9a0c2296ecda9d6d741d122e1f5b26394c743048a4bc023bb13b593c5262fbfeadd0d484de905ed59c06b9d0015fd915f0f37fbe8ebf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f5db59036b280941629983f02e736a6a
SHA1 1d53b59d46561180a30976a85486ba2c5011d467
SHA256 ebe4a81c54f098b8cbd8e506df63aaef828b2d1b30faa4638d1c5709a35a9f50
SHA512 07592010506120c4e16e392094acb902a2720820da1e7c2b4c252672da9789387e5007701841274887b5fd6eeb746e012f879b3765cc326acce2e822c9c05a8a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cee19f16a667d1bd7c3ccfe2be7c4165
SHA1 05f9042064294c6508b06ab4800aa901d07b1f53
SHA256 497ee261e9b26a9b799cfa9461f34499e7fd075c4d2a3ad482eec9563fd253c7
SHA512 4939da2688b2d2f4a2d9571aaf4dc6c2f05dd840fc662edd2a016c57b44fd56ab374ae28ee346a18ca4b4ab54579d54bfe4d2822af43a6f3c91ba9aaa49b651a

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AA082591-7FE8-4C1D-9D36-EDC7A49BFA02}\EDGEMITMP_69657.tmp\SETUP.EX_

MD5 faedccf679a8d88c91909018d1b30a6d
SHA1 d50c43ae0441a8526e52d6bb04cce233e54d3a86
SHA256 17a00157a757420a5cbeef48ffc3585bc7794823cd607c640256d67079a982f5
SHA512 f3dfff27cb7883302486e1ce65d495612b43f61bb9dad985c6149a97f25b5fcd090d8b4ec4e14aad246ff223a70072534338f3bbe647ac2b0f2825428d2ad44d

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

MD5 bfd03ccba29a7b7cfcb89795d30df245
SHA1 8bd6beb1af61231295a22145aa0251fa24fe5622
SHA256 23303896fa69a7e7557af5c13469cfffc70da389ffbf9ead3fb0be38a95d368f
SHA512 d7c1f5bd7338a7eba959533b34af66eebf4be645671e24d9578643cc8d0a8b93bdb2dece287f34d762a41ecc127b9ab582452207ea577ceb9c92662a24cca48f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cc051dc0c4ebc70e2418dba7f4082280
SHA1 00d4c91d0ab9b5f0d45f3c4f179cd54caba47a6f
SHA256 b672f341a2b9ba26f11dcfd42a2c2e349642718ad11914036e86572dcf02f984
SHA512 b17a48624beaa721ab54a7c463d83fd81c3125146443542054b26d1ad7586704b347b789fbe9288573f157b1ce26c40dc956c733d253d42f76e50c4157c58895

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e8ded6e8757a027257643f55d85ef545
SHA1 2b5fbc187caf6318e23a93a447798b3177e254ae
SHA256 b8caef8a51260e833f13509328954d9072660c6def680e2125a466cc6a9ec975
SHA512 b74c44e721d9fba437e173d9971af56f550af2071d520534308555d97e133a4c9c833987f289167edc5f71b48572585e1e0585dea63f9b3a8d2f4bac814fca7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4dcafa2740c6cb6503702b759c0f4650
SHA1 ff983422bb61e8aaf5ab58d509fa426397dc3574
SHA256 bf8f3540c9d7aab1f8b9efdd8af3311e8bd6df1f000ad507180aecc3dae59204
SHA512 50e38884804f99bced55f615e9e093ac30ae12bdc664a3722db1c6f288cf4e43ee9451c161c5f83e012963a83555da5a57f92fd28e7d9d796c2ff3f9c32bcc64

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 af8a40a66da9e6fd2b5f48d2af5e976d
SHA1 c0bef1e870106e91b98edb3999548e2f08a658e6
SHA256 e33a46b736c7bcb595c704803edffdb7a6985bdb6006a87f67b3b454c4a854df
SHA512 15738717b619067544e194625c5e966db9c77c55cce2b4179d076a9f87fb90674ba199a297ba867cc12a85e561e197978525996f658a1dd4620ea428910a05f7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 50721e704ed5621826ae689405e68d78
SHA1 13a8edb7ad375d97754cd13f144fa0531bfad341
SHA256 705334ea6e0af69f00554786b3e45230833a86e3c1233e06cb96a5a1556b7f29
SHA512 beddf42768e9a8bed1fd326f35d434b4c82f5569a48ae6104ebdc88e6df49999995cf7c7a6c1a7c3a300baa81f52784ce0f62575be9ec7b1a4c7d65a91b72c75

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bb566f8bd4b1c246b31d3b8e766d46b0
SHA1 c0d3512eeb3eafc888c6b70753ca39768014d046
SHA256 4af365ec0aeda4c8610f33fcd1b4522dedada480d932f482088268815368c903
SHA512 b49f3333cd89b396e1c990d2f5996d81e216f02799a7c59995dc64728897cd09d869d9d1c57cbe936153ef875fd963f9e4911d2c12bc226523ac815baaeb7a1f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d8c57cbf47ed434e3297cd9fab1d2295
SHA1 3f5b92b1d5ca375b0d6fbdfebb68ed56a5ceb204
SHA256 46eb73712690590834f85933440c8ec257a1ad9265082871c1ded2d981754e44
SHA512 a495f390c53117ca91791ffcb7c4d6f9caa4b01b1826ca02d663147dfd1d40e3600029d303b20848b42f1151a5fb636599e300840b9732cedbe70eace25e8175

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 962b9bc41486e3e0b384394636919eaa
SHA1 139a96ef13ffa310decdfc2eef650e161bde833d
SHA256 0c77b305a418854c89c2fc628c6cc893925bc5d63c4d790d16bba54487abbbc2
SHA512 3d122b4d3d1b79ce91924bfea91470b28a5c4f6ee6048bda6e585284c114071597ddc9076ba3e4e4bdf957b193926ea2b5965cb9e79a2c7baef272b4e392709e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c287045da44fafcfe3dd47d689ecc257
SHA1 c7039d5221319c770d6358d720769981e26c5507
SHA256 3a4d00344e1c80048331785a27c51dc81b67b1874520ec1522aa841f073245c7
SHA512 d05fd911c5229d6723ae56e8e1482d8522bc022cd41547841adf3b847d27f68acbb436eb1846f43aa541bfea3d410f960532edc3e5af9f51a7d8c24bfd839ac3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f0dc6996f67a84eb430d73b6d6390fd1
SHA1 994d65ad98d64a64b7effa66f42e9c14f03c0d7a
SHA256 3839ef4d1d31968d8a4e3b11466f38696dd2ae4149f814ff8e7e949de90e7158
SHA512 69b8be1148eb1b83157bf95fe83e102c9d849c2cadde1313c29b6436a64e9b5e333ddaf572a64f13ed486c48131abb69c4eb0893dfab44ddd7b9b6041b51746d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1eb1a1627607d4c76257ad0fe46ab59f
SHA1 9e59c030a1896ac4c7c843dbd94c02a54bfe13ee
SHA256 852df3604888b3f23dbffaed869d97a0a48636e92c4dc49dc73a3a2d76815a37
SHA512 b9de7bff500c3b27329a243a2e59737b5b2b149f023e7602bfefefe92f59d007896b7eb9c73de78990726941721115e56d1ceb42bb4243602a05df3be3aaf35d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9e3294b254a4e8d797b4f83342a79aaa
SHA1 8186da00f393ef21be5fbfcc6ae456a6199de2d9
SHA256 129ce7840057a8fe35a038ad16bf9862f04f3e938d2b3b8d040f5f09804dc53d
SHA512 724ec752a70c9f282b00e2615feb46b16c743abcc0ea7bcca2594d96941798ba1053726fac3cb79eee8fe17123b393387ad891c5ed8bcd996423db820eeb2b6f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2aac67b1aac0415395ef326292211249
SHA1 50f964c9acc477b2723a0f855f43d5ecd6df1eac
SHA256 275b8469d3d5076a3af05812c4c4e4c4c54c17ac59233a2f27f4c0eb878e296e
SHA512 6d698e564db6b7d43c9459b586e24e6aa7f9e578b073a8f4f4ab0da5a8f594f7563eeec82d0b0d2ed7a55c07ec7b996cf95e46e132c1f07e0c00742482aa3d5d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 38a2c227cd9d512cfb9c9dd62f392c81
SHA1 e3d41d566935b0a88a8b35f0260e45d902a0efbe
SHA256 7d6ba7aca8a3809e768de534bf64654a9c671d3035cca6d85779a2961cfb2f82
SHA512 a750c383d7717261eb45dfc3dac523b1426350f7398fff58b7ad785b72ffe24c38df494fba24523cea095f917b7140bbcca81628b7e3b034140c72b0477b44f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e299cdc8e424ed33dd43d55b7acda44d
SHA1 684ce5e574bffb47a50e85ac80b48ffacd23f83c
SHA256 d0651357871f47a6cd5d36b0d1c895ae96083647394561ecb008af387ad429f2
SHA512 6b166f80d77b7463c6f89e36cd422a34f3beded538253daeaa4b288dd4e0796443cce4bab2ad9ac47476ff5ee47564b3e278ebc3b5994bc4504d531a2d001b74

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4b2b3f2209c3c12b38db59b2d3d99602
SHA1 f3452df4cc7228f12d857920233138e267aa5e21
SHA256 fbf1f3f463b6426fe2e9bfa27a93033a0497866d7011c8d8fa67149e07772217
SHA512 c55c94f1f04711d03d263bcc74262fe60014dc579bd86afcb159c840964568fcd9f4c2a31d6112f81d6400efe996e63652bb75985aac20225dff7703aed1486a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b2372b5b1633a3db49c88f55aa9bf25f
SHA1 f9cc98ec41c5288639ad005863cb7cbc660546c9
SHA256 0618562ed5746b174b90616837479362d54a0863a47dacadb79aeb1697bf56b1
SHA512 743a19fea0c5903f846ec5bcde507cf17021680a8e7c09c35f5612c076a32ed4511d0bb84b77649f695083d0fd1792f1ec658df03572bb48705e41128d78e975

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 50228c304dedb3558239029d7cffd1ac
SHA1 ddf5adc5f892a277bdf31f935f4de4e6e6ab98dc
SHA256 7d1d19949dc77819a64ce2d5393187566dc85e43569a2b3c103b0c18d216547e
SHA512 11e59428a2e54b23944ed0a7134044bb61327fcb65394048fbe946bd94028f278f3db25f0ab42e6486b5eb7dea206eea495946342c95d3c9c351c095f8dc23aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a9f9e2a5886b4b08bfb93c5c4a15b254
SHA1 1cc59f35ec596a5225326bbfc273aeee7afd17e8
SHA256 4bc9e9d20436b0ef9c792c37f7a9519c9650088b660adf049e2eb501881ddbfd
SHA512 7ce7a64bd56b8ffe9bd322ba0fdb6424287f2874cc86253691cf9c61e8aa8d30a6852e4104f888abcd9b483379828d8ede55c5d5050395b00b56271edacc4869

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2c52073499410bb19db609fa889242ec
SHA1 9dcfa6e66779d457389b604d7d3918ebd4da83f0
SHA256 dab6976e2416e1a971ac361df8a34f12e57780c6442ecbe46acedf12dd7e0ce1
SHA512 e8430f7eed708319ad77e114bbdc301b4e187b5bf74ac5237abd7e761865fe6fe57066db7ae391e60922e58b5fe627552aefe2504fdbdd4165db5246994ae8aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1f74ce48dabc444ecfad91329a45ee9c
SHA1 7bcf9259891cfe65c43fa6b5fe267a55821764ee
SHA256 24bc4f10584200ec351199859a040407e3762d2f122c44689fe78253f378d0a6
SHA512 39abf7bfc68308fece1dac026e2248e94bd547cff39c4a98e48eea4fc27ca9db2b859b32e793e59b20f2f07345777bf1185577fdea677d6e4b0457277fb792ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a06df5799ee4c46bcd4f76882d0989d7
SHA1 7ea67f40e5166e8b5d41ef4d72a3b9e43008a249
SHA256 908dee3de8d0c5a09c833ebe6fde99efc9acf516807d40c930645aa17a927f6c
SHA512 d602ca6a674fb1ce44db53c652d2ca62b4332b62befd4407fc9dafcb7657de0e4bf1ad74c2943748ad1da1eec61aba7864f61b79cb54c756362f50f4bf24e44b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4216fd52857d4febbce894fe9f6a9233
SHA1 b70de9b79fe8aaf5ec6262eb674caff36b15453e
SHA256 d1c50d78099d5b37e7602b66238edaea5531448d0de286ae086af2e0ffb58371
SHA512 2843ad07dd128ba79d1a779f12a25f9c5a820751ec6d20bbfb905c0083a76b68de0eefb09260c44a001bc3651fce73f3a91b1160985d427732f3f99deb8e6140

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e206a96c41eff54ed2799bc87166bcea
SHA1 1092bccf96c15e782283d2dda64b2aca1799361f
SHA256 691000a3757b2c1932cef3a606fa7143ca3c4aad819d2864dad28f01757d61a5
SHA512 724d48a9ed9066ec76c1282f379d8a09dcffb87537ca5fc42b2588ab882809b7736a4705c9ffe3ee7ecef58cab3499c56d10d7195fd0887e923e623f9f525ba3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 75b5e09479455ba49a06e3fda0a4663e
SHA1 14d275673ed477e0193b03cba951da4a08769fca
SHA256 0330470f0223d5a68bdc431ce94825323592b16c420d61995dc69f6f223dd0a1
SHA512 520985b0690153e2c4844eaf7f71cee7280f9400617d3c36b2ab7f4df08e390eb518bf36f822c527e41cf0133828f0efcf4583fce165bfb8a4b42bf6e4baf662

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cc057c8515eb33ee114417674036b32a
SHA1 a32135606c6e41c46d0de42809ed6756ccba7c63
SHA256 10190f8c2488cede0a369a837bfbc22b87eeb136f3ca8fe490ac14ac08aa1fa6
SHA512 e8ee06c36005abb7374b5d164616b9a07595eb92688bd6886f35dc62b0964dead936bc76e5e76e77575c7baff7258ae1ee99f9c1152c738bf313f33d93109edf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ab7143e7794831986f53e6847a283b61
SHA1 dac24bcec8d305632c5f3fac958f721ae87da0f0
SHA256 907f98ac30df0d35cfe3fed7cf7110925e372abeb277e40edfa001a722308cdc
SHA512 bf4190ba13ae35864515150706df7602b88be35ee48ec116ba13724a819f1ae721f616665abfb20bcf6babc6fda3f8e2518aa47c85ca63eefae84a3a382b0209

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 76fba7e4a10e95ecf78cd4a605767832
SHA1 5ef526ccf4a93e0ede3bb348c782e8de861fd30a
SHA256 fd59245ff921208f58b983bf42cd242a5930c12da961a4d6d86fe3ce2bcd67e5
SHA512 68bfe441543ee0b006a29b8ea63daa0d488d1c6869b6b5925b907ac1b36682f62c6131001b86b7a805a63276647b5ca0027a41a3f83d27644ab8c3d6b9d35fba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 134d9a41b6822b180bd26fcd74805324
SHA1 f141d74df27e22f009f2d58b9d36c637a187d141
SHA256 6fb53d972f7d795ba603f8396ba39922f470b948f08869b42d2c407a2d10cd7b
SHA512 b36a2078ba09d65258d7b33a5d8290c5e652f227c03a94e0910c972f3e5b8f716ed1d605efd1dbbb3f934f0536e8000442c76cae0384e1009ee869608685e249

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7364204fdee1d1b5f8c8a068bab9b538
SHA1 221362e67ecc433e46e8c69440b29bd445aae320
SHA256 c0f4313b849fc2428472d19ec6e78b3282e6605307695968e6e95b76031c9fe9
SHA512 1246452da6526d8719b6857d222cfa859292c41baa3feae8f1a4a9ba4a4d190be9308f58a74f73f34001090bdf92daec97aaeb32237c9ad59f26f08ab22838eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1b3ea7d4708d7e653eaa43848e797c02
SHA1 63cbdfaf03d323c63525e496582bacce4ab4cef4
SHA256 8ef15504a9de43805fa82401819be6bd19ae157affa5e7172d285fb4eccfb11a
SHA512 6d2516c7defbbe5b6012c1ca8eec1c7705837be95e5cd058dd235f048950d21d02eb8fb46445bdf4c9eb29555ab19f9da9689c5910d65cf7909e184755eacbfd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 94988eb553132c80fed9e5dd632362db
SHA1 b19ae1ea3844e8eead7f413f7cc851f8dcc28fc1
SHA256 14d0c665f57e0c3dc5c8de70b7bd6e4a17b8fa01bc7a67da4cdc2d14ece600b0
SHA512 f8facde573d48d54a64d0aabc7870a6576b61597a95fa72d254d5258dd41f353eca99cfb0f69bf92ccb0da0873f0d6b52aeaa42adf8deb374ade5c054b5d2a82

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ed95bb6d4ed1bf44ec207393f3164636
SHA1 6a3f2b592979b05edd07c9d02e6c88a5e62dbcf0
SHA256 b621c214cfb24d8fb2184b0ccf8731cd8944477d00b6980a5bda6b87c6b39999
SHA512 d75796ea4b1188308e1af5746843875a906ee91d049581518c3adb757265bcd519e01400724619d58795dda1e70e4fc8c180d3be70a797fbc4d7f3196fe1a38b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0a352c03cbec7e91cc5c69618302aea6
SHA1 59bff8cf4930f427cfbcc799d1562086186c07c7
SHA256 c48dd6e49cf69a829a24f597b7f0d963418b6ff24dbaa94e6c5929605297055a
SHA512 1245c685e2e49968f3386a8303b0e2ed070107a797032a031a9670607fa4fa5410bf804d77e83f74829cdeac4303f3e9bc471238c15aba57819ad8f910bd8606

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 49f63f45c55a4e328b67fe01db1165ac
SHA1 415442d1ad58e26d764a32e72122401fd358c6d2
SHA256 027c803adf4d1d9b109eb2ad36b8eb80ceb4a7f45d91aaadcbe7f89dbca0ee42
SHA512 180b4f3844cf10e9c029750060d065d9bc14ec639cdf0d0a268a55f61a096e20269fec6d2c6840e8906df40be708b78bb52e0dbee8cb3ebd386ee635ebb51eba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ea151899e824de5193e0e4c086aa8e78
SHA1 0dc9bd33bac43db8b34b649e1db3c24d6d2e9327
SHA256 aa86865a7012d924c6775fe8aac101f8e90d0632df5f723ddf3f0b74148c7fae
SHA512 a2c54c8fe3445aba09d2ba9d3311c1780cb687bab1ecae63b64627bdf6902e0da5fc77bb2381be939f78428f08524d0befbd1596d301f99bff3c3e71eb2eb977

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 80b52c478f1540e6378309c1d1906313
SHA1 282b2c380ea4436c5314077f5c8fcc06707a8aa2
SHA256 4b1dbb9926eb4eb68cefe2f9b89da40eee29f734b03e1c30b9b40433c61bd82d
SHA512 7bac1230f056efeecb0a7146924d36c9ae6df4c3db8f27d5c6b5ce870864b7725fa6133660e77be545d4857355d6704620aad06b5317565cd4e49d7a28ba9b79

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b7aaf37e86dfc03c96435b60ae6f7e5e
SHA1 de71b68919a4f01b5ee6f4a50ed0f60670394b70
SHA256 eedc93cfcbdeed8a758e6daf508626ae82961dc8ad7dbf85c5a6116f77ec261f
SHA512 cf3df07321308cb2b5f539a5eb5925aa23ff89b76dcad7a7404e0e8dbd19f45d8580ecd288f471042db2552f2d890c906862963f96820acf76986c80303e576e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c5041bdfc25b0e582696709761e1a6f9
SHA1 97573f5be64f3bd4d0a3e277c7857a5424cac23c
SHA256 1cbc253e213bc42b840fe2eedd5363ead340dc23b191f41ef09bb0966987cf05
SHA512 d9ab965c1a03d269474365a44b8399bb42fd2f297adf7b62a50730e078db84d794a947c123d9a42e455e0be6b814cef8946406d73e8b355cb771d702e61f05e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 05e52ec82775723e2d1cdc5686fe9d3d
SHA1 44ed283f0018fcb711d8810784688474ead9b0d6
SHA256 0a83196436760c871584eda5acba6dd532b03b4b39f472bc433bd41b15b73599
SHA512 a88ee2a84bc62da70b34badc9be287dab35749929efbc1acf822c7f696a7072c3750582bd23aced1c64cfb78757dca32e3143fb3ad4b35c177aa175b93c7f80b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 213b764396f9fd6e0657390468b46a66
SHA1 e1f80a8f6fc1b3f0c3e40e515ec4d3f067c832e0
SHA256 6ec4e159c4d9b818cf2dc63b0191c794d69d96e497f0128795249f407bd32ca5
SHA512 3c632a86404d98ad20e403fabfb6a99cf83d4385b43594d87e29971c34495bf684149895530088779d8e0b46f5bf056c3420400f739485fe6eaa75b99654ee2e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5ab35720350dd6a00259ffdcae22922c
SHA1 a71f0297ec1f4372d3993434576d9098b5793b78
SHA256 4dec8f2e3da190e8baf70e743a97fcc534422e10b83d7cfc223448dba40139bb
SHA512 9320711f91caa3613188218d434d2a72e4686b440644444c2b05b35fc413d67f858fcf2bb5dd38cf48e48852ee78ebe539e6b85c249d5f4a03b9445995349920