Malware Analysis Report

2025-06-16 03:39

Sample ID 240526-j2t87sca7v
Target .
SHA256 b54bb56c0ae4aca67ff67f6e80c185fee049794dceb3e7ede872e8fa75293fd3
Tags
bootkit persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

b54bb56c0ae4aca67ff67f6e80c185fee049794dceb3e7ede872e8fa75293fd3

Threat Level: Likely malicious

The file . was found to be: Likely malicious.

Malicious Activity Summary

bootkit persistence

Downloads MZ/PE file

Executes dropped EXE

Checks computer location settings

Legitimate hosting services abused for malware hosting/C2

Writes to the Master Boot Record (MBR)

Drops file in System32 directory

Drops file in Windows directory

Enumerates physical storage devices

Suspicious use of FindShellTrayWindow

Modifies registry class

Modifies data under HKEY_USERS

Suspicious behavior: EnumeratesProcesses

Suspicious use of SetWindowsHookEx

Enumerates system info in registry

Suspicious use of AdjustPrivilegeToken

Modifies Internet Explorer settings

Suspicious use of WriteProcessMemory

Checks SCSI registry key(s)

Suspicious behavior: AddClipboardFormatListener

Suspicious behavior: GetForegroundWindowSpam

Suspicious behavior: SetClipboardViewer

Checks processor information in registry

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of SendNotifyMessage

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-26 08:10

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-26 08:10

Reported

2024-05-26 08:36

Platform

win10v2004-20240508-en

Max time kernel

1341s

Max time network

1349s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\.html

Signatures

Downloads MZ/PE file

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Downloads\MEMZ.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Downloads\MEMZ.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A

Writes to the Master Boot Record (MBR)

bootkit persistence
Description Indicator Process Target
File opened for modification \??\PhysicalDrive0 C:\Users\Admin\Downloads\MEMZ.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\System32\devmgmt.msc C:\Windows\system32\mmc.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\INF\c_extension.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_computeaccelerator.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_monitor.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\PerceptionSimulationSixDof.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fscopyprotection.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_receiptprinter.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fscfsmetadataserver.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_swcomponent.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fssystem.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_barcodescanner.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fscompression.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_cashdrawer.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\wsdprint.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_proximity.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_volume.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\rdcameradriver.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_apo.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsvirtualization.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsopenfilebackup.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsundelete.PNF C:\Windows\system32\mmc.exe N/A
File opened for modification C:\Windows\Debug\WIA\wiatrace.log C:\Windows\SysWOW64\mspaint.exe N/A
File created C:\Windows\INF\c_holographic.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_ucm.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fssecurityenhancer.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\dc1-controller.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_media.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_linedisplay.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_smrdisk.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\rawsilo.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\remoteposdrv.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_mcx.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_processor.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsencryption.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsantivirus.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_magneticstripereader.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fssystemrecovery.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsquotamgmt.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_camera.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsinfrastructure.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\digitalmediadevice.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_scmdisk.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_smrvolume.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\ts_generic.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fshsm.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_sslaccel.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fscontinuousbackup.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_firmware.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fscontentscreener.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_diskdrive.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_scmvolume.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsactivitymonitor.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\xusb22.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\miradisp.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsreplication.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_display.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\oposdrv.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsphysicalquotamgmt.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_netdriver.PNF C:\Windows\system32\mmc.exe N/A

Enumerates physical storage devices

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\SysWOW64\Taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName C:\Windows\SysWOW64\Taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 C:\Windows\SysWOW64\Taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\FriendlyName C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName C:\Windows\system32\mmc.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\Hardware\Description\System\BIOS C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\Locked = "1" C:\Windows\explorer.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133611848720360901" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\FirewallControlPanel.dll,-12123#immutable1 = "Set firewall security options to help protect your computer from hackers and malicious software." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\devmgr.dll,-4#immutable1 = "Device Manager" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\autoplay.dll,-2#immutable1 = "Change default settings for CDs, DVDs, and devices so that you can automatically play music, view pictures, install software, and play games." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\inetcpl.cpl,-4312#immutable1 = "Internet Options" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\FFlags = "18874385" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\Speech\SpeechUX\speechuxcpl.dll,-1#immutable1 = "Speech Recognition" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\intl.cpl,-3#immutable1 = "Region" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\accessibilitycpl.dll,-45#immutable1 = "Make your computer easier to use." C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = ffffffff C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\LogicalViewMode = "2" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\RADCUI.dll,-15301#immutable1 = "Manage your RemoteApp and Desktop Connections" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-100#immutable1 = "Mouse" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-102#immutable1 = "Keyboard" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\systemcpl.dll,-1#immutable1 = "System" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\timedate.cpl,-52#immutable1 = "Set the date, time, and time zone for your computer." C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\usercpl.dll,-1#immutable1 = "User Accounts" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\devmgr.dll,-5#immutable1 = "View and update your device hardware settings and driver software." C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\FFlags = "18874369" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\powercpl.dll,-2#immutable1 = "Conserve energy or maximize performance by choosing how your computer manages power." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\SyncCenter.dll,-3001#immutable1 = "Sync files between your computer and network folders" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sdcpl.dll,-101#immutable1 = "Backup and Restore (Windows 7)" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sdcpl.dll,-100#immutable1 = "Recover copies of your files backed up in Windows 7" C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1 C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\IconSize = "48" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\GroupByDirection = "1" C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings C:\Windows\SysWOW64\calc.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sud.dll,-1#immutable1 = "Default Programs" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\telephon.cpl,-2#immutable1 = "Configure your telephone dialing rules and modem settings." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\srchadmin.dll,-602#immutable1 = "Change how Windows indexes to search faster" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\recovery.dll,-101#immutable1 = "Recovery" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\recovery.dll,-2#immutable1 = "Recovery" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\inetcpl.cpl,-4313#immutable1 = "Configure your Internet display and connection settings." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\systemcpl.dll,-2#immutable1 = "View information about your computer, and change settings for hardware, performance, and remote connections." C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\RADCUI.dll,-15300#immutable1 = "RemoteApp and Desktop Connections" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\usercpl.dll,-2#immutable1 = "Change user account settings and passwords for people who share this computer." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-103#immutable1 = "Customize your keyboard settings, such as the cursor blink rate and the character repeat rate." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\colorcpl.exe,-7#immutable1 = "Change advanced color management settings for displays, scanners, and printers." C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000010000001800000030f125b7ef471a10a5f102608c9eebac0a00000000000000 C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings C:\Windows\SysWOW64\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\netcenter.dll,-1#immutable1 = "Network and Sharing Center" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\GroupByKey:PID = "0" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\Vault.dll,-1#immutable1 = "Credential Manager" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\SyncCenter.dll,-3000#immutable1 = "Sync Center" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\DeviceCenter.dll,-1000#immutable1 = "Devices and Printers" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\DeviceCenter.dll,-2000#immutable1 = "View and manage devices, printers, and print jobs" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\DiagCpl.dll,-1#immutable1 = "Troubleshooting" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fvecpl.dll,-1#immutable1 = "BitLocker Drive Encryption" C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fhcpl.dll,-52#immutable1 = "File History" C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307} C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\srchadmin.dll,-601#immutable1 = "Indexing Options" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\colorcpl.exe,-6#immutable1 = "Color Management" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\mmsys.cpl,-301#immutable1 = "Configure your audio devices or change the sound scheme for your computer." C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\Mode = "6" C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings C:\Windows\SysWOW64\calc.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\intl.cpl,-2#immutable1 = "Customize settings for the display of languages, numbers, times, and dates." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\appwiz.cpl,-159#immutable1 = "Programs and Features" C:\Windows\explorer.exe N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE N/A
N/A N/A C:\Windows\explorer.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\SysWOW64\Taskmgr.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: SetClipboardViewer

Description Indicator Process Target
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE N/A
N/A N/A C:\Windows\SysWOW64\mmc.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Windows\SysWOW64\mmc.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Windows\SysWOW64\mmc.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Windows\SysWOW64\mmc.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe N/A
N/A N/A C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe N/A
N/A N/A C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe N/A
N/A N/A C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe N/A
N/A N/A C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3828 wrote to memory of 2824 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 2824 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4268 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 4268 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3828 wrote to memory of 1176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\.html

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffee015ab58,0x7ffee015ab68,0x7ffee015ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1608 --field-trial-handle=1908,i,12126176761419637945,10470133837113731471,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1908,i,12126176761419637945,10470133837113731471,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2228 --field-trial-handle=1908,i,12126176761419637945,10470133837113731471,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3012 --field-trial-handle=1908,i,12126176761419637945,10470133837113731471,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3020 --field-trial-handle=1908,i,12126176761419637945,10470133837113731471,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4292 --field-trial-handle=1908,i,12126176761419637945,10470133837113731471,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4524 --field-trial-handle=1908,i,12126176761419637945,10470133837113731471,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4696 --field-trial-handle=1908,i,12126176761419637945,10470133837113731471,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4704 --field-trial-handle=1908,i,12126176761419637945,10470133837113731471,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3372 --field-trial-handle=1908,i,12126176761419637945,10470133837113731471,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3380 --field-trial-handle=1908,i,12126176761419637945,10470133837113731471,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4892 --field-trial-handle=1908,i,12126176761419637945,10470133837113731471,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4904 --field-trial-handle=1908,i,12126176761419637945,10470133837113731471,131072 /prefetch:2

C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE

"C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\Desktop\PingRestart.xlsx"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=2476 --field-trial-handle=1908,i,12126176761419637945,10470133837113731471,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=1528 --field-trial-handle=1908,i,12126176761419637945,10470133837113731471,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4320 --field-trial-handle=1908,i,12126176761419637945,10470133837113731471,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4944 --field-trial-handle=1908,i,12126176761419637945,10470133837113731471,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5044 --field-trial-handle=1908,i,12126176761419637945,10470133837113731471,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=4816 --field-trial-handle=1908,i,12126176761419637945,10470133837113731471,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=1736 --field-trial-handle=1908,i,12126176761419637945,10470133837113731471,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4408 --field-trial-handle=1908,i,12126176761419637945,10470133837113731471,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4184 --field-trial-handle=1908,i,12126176761419637945,10470133837113731471,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5344 --field-trial-handle=1908,i,12126176761419637945,10470133837113731471,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5396 --field-trial-handle=1908,i,12126176761419637945,10470133837113731471,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1536 --field-trial-handle=1908,i,12126176761419637945,10470133837113731471,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5320 --field-trial-handle=1908,i,12126176761419637945,10470133837113731471,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4200 --field-trial-handle=1908,i,12126176761419637945,10470133837113731471,131072 /prefetch:8

C:\Users\Admin\Downloads\MEMZ.exe

"C:\Users\Admin\Downloads\MEMZ.exe"

C:\Users\Admin\Downloads\MEMZ.exe

"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog

C:\Users\Admin\Downloads\MEMZ.exe

"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog

C:\Users\Admin\Downloads\MEMZ.exe

"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog

C:\Users\Admin\Downloads\MEMZ.exe

"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog

C:\Users\Admin\Downloads\MEMZ.exe

"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog

C:\Users\Admin\Downloads\MEMZ.exe

"C:\Users\Admin\Downloads\MEMZ.exe" /main

C:\Windows\SysWOW64\notepad.exe

"C:\Windows\System32\notepad.exe" \note.txt

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=virus+builder+legit+free+download

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1988,5077946299354737989,2326617441295593453,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2036 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1988,5077946299354737989,2326617441295593453,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2400 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1988,5077946299354737989,2326617441295593453,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2836 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,5077946299354737989,2326617441295593453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,5077946299354737989,2326617441295593453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,5077946299354737989,2326617441295593453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5000 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1988,5077946299354737989,2326617441295593453,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3728 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1988,5077946299354737989,2326617441295593453,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3728 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,5077946299354737989,2326617441295593453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5236 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,5077946299354737989,2326617441295593453,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,5077946299354737989,2326617441295593453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5640 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,5077946299354737989,2326617441295593453,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5760 /prefetch:1

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /7

C:\Windows\SysWOW64\mmc.exe

"C:\Windows\System32\mmc.exe"

C:\Windows\system32\mmc.exe

"C:\Windows\system32\mmc.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=virus.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2188,5927255954211618124,12540354162684846960,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2196 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2188,5927255954211618124,12540354162684846960,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2248 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2188,5927255954211618124,12540354162684846960,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2820 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,5927255954211618124,12540354162684846960,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,5927255954211618124,12540354162684846960,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,5927255954211618124,12540354162684846960,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4968 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2188,5927255954211618124,12540354162684846960,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5312 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2188,5927255954211618124,12540354162684846960,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5312 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,5927255954211618124,12540354162684846960,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,5927255954211618124,12540354162684846960,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5440 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,5927255954211618124,12540354162684846960,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,5927255954211618124,12540354162684846960,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5036 /prefetch:1

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x518 0x510

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+download+memz

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,5927255954211618124,12540354162684846960,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5692 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,5927255954211618124,12540354162684846960,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5720 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,5927255954211618124,12540354162684846960,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5460 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+remove+memz+trojan+virus

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0x11c,0x12c,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,5927255954211618124,12540354162684846960,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2664 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,5927255954211618124,12540354162684846960,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6076 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pcoptimizerpro.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x128,0x12c,0x130,0x104,0x134,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,5927255954211618124,12540354162684846960,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2264 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=montage+parody+making+program+2016

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,5927255954211618124,12540354162684846960,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5020 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,5927255954211618124,12540354162684846960,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6512 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,5927255954211618124,12540354162684846960,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1924 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://softonic.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,1753054621683441847,10901070690263963178,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,1753054621683441847,10901070690263963178,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2156,1753054621683441847,10901070690263963178,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2988 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1753054621683441847,10901070690263963178,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1753054621683441847,10901070690263963178,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1753054621683441847,10901070690263963178,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5100 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2156,1753054621683441847,10901070690263963178,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4112 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2156,1753054621683441847,10901070690263963178,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4112 /prefetch:8

C:\Windows\SysWOW64\control.exe

"C:\Windows\System32\control.exe"

C:\Windows\explorer.exe

C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://motherboard.vice.com/read/watch-this-malware-turn-a-computer-into-a-digital-hellscape

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2060 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2288 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2908 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2852 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4032 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5280 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5480 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5636 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6412 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6412 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6228 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6456 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6624 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6528 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6172 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6112 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6532 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6972 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6964 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=mcafee+vs+norton

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x128,0x12c,0x130,0x104,0x134,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6224 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7160 /prefetch:1

C:\Windows\SysWOW64\Taskmgr.exe

"C:\Windows\System32\Taskmgr.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=virus+builder+legit+free+download

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6152 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=bonzi+buddy+download+free

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1768 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7596 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://motherboard.vice.com/read/watch-this-malware-turn-a-computer-into-a-digital-hellscape

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7336 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7408 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7756 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=half+life+3+release+date

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7528 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8148 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7840 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://softonic.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7412 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8068 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=half+life+3+release+date

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8528 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8692 /prefetch:1

C:\Windows\SysWOW64\notepad.exe

"C:\Windows\System32\notepad.exe"

C:\Windows\SysWOW64\notepad.exe

"C:\Windows\System32\notepad.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=montage+parody+making+program+2016

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0x11c,0x12c,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7112 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7544 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=what+happens+if+you+delete+system32

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0x104,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8472 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,15074106758446857074,13901052390838120891,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8992 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=my+computer+is+doing+weird+things+wtf+is+happenin+plz+halp

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x128,0x12c,0x130,0x104,0x134,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2208 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2860 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3356 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5112 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3724 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5420 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5420 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5360 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5532 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3732 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5748 /prefetch:1

C:\Windows\SysWOW64\mmc.exe

"C:\Windows\system32\mmc.exe" "C:\Windows\System32\devmgmt.msc"

C:\Windows\system32\mmc.exe

"C:\Windows\System32\devmgmt.msc" "C:\Windows\System32\devmgmt.msc"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=is+illuminati+real

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3776 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6040 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=stanky+danky+maymays

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2628 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3708 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+remove+memz+trojan+virus

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6196 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6304 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=virus.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6452 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6016 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=g3t+r3kt

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6260 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6860 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+2+remove+a+virus

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0x104,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3996 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6968 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=stanky+danky+maymays

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6704 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7192 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pcoptimizerpro.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7108 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7540 /prefetch:2

C:\Windows\SysWOW64\mmc.exe

"C:\Windows\System32\mmc.exe"

C:\Windows\system32\mmc.exe

"C:\Windows\system32\mmc.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=stanky+danky+maymays

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=224 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7968 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8096 /prefetch:1

C:\Windows\SysWOW64\mmc.exe

"C:\Windows\System32\mmc.exe"

C:\Windows\system32\mmc.exe

"C:\Windows\system32\mmc.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=the+memz+are+real

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0xf8,0x130,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7916 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7444 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=the+memz+are+real

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7100 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7056 /prefetch:1

C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe

"C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe"

C:\Windows\splwow64.exe

C:\Windows\splwow64.exe 12288

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k PrintWorkflow -s PrintWorkflowUserSvc

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=vinesauce+meme+collection

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xf8,0x12c,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8080 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8116 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=is+illuminati+real

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6820 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8324 /prefetch:1

C:\Windows\SysWOW64\notepad.exe

"C:\Windows\System32\notepad.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://softonic.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x104,0xf8,0x124,0xfc,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6024 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7684 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=bonzi+buddy+download+free

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8200 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8768 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=best+way+to+kill+yourself

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6968 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8692 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=batch+virus+download

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8896 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9020 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://motherboard.vice.com/read/watch-this-malware-turn-a-computer-into-a-digital-hellscape

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0x120,0x124,0xfc,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8688 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8832 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8836 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8840 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9712 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9148 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=skrillex+scay+onster+an+nice+sprites+midi

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10200 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10016 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9184 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9012 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9160 /prefetch:1

C:\Windows\SysWOW64\Taskmgr.exe

"C:\Windows\System32\Taskmgr.exe"

C:\Windows\SysWOW64\calc.exe

"C:\Windows\System32\calc.exe"

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=vinesauce+meme+collection

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10084 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10064 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\SysWOW64\explorer.exe

"C:\Windows\System32\explorer.exe"

C:\Windows\SysWOW64\mspaint.exe

"C:\Windows\System32\mspaint.exe"

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=half+life+3+release+date

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8312 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11100 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=minecraft+hax+download+no+virus

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11024 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10896 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+2+buy+weed

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8676 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11320 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=dank+memz

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9256 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11468 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+create+your+own+ransomware

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10692 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11684 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=is+illuminati+real

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11632 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11660 /prefetch:1

C:\Windows\SysWOW64\calc.exe

"C:\Windows\System32\calc.exe"

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=montage+parody+making+program+2016

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10928 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11424 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=montage+parody+making+program+2016

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x128,0x12c,0x130,0x104,0x134,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11008 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12344 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=the+memz+are+real

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9168 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12336 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=stanky+danky+maymays

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeceb146f8,0x7ffeceb14708,0x7ffeceb14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9716 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8640591201588779923,1032690055480553170,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12616 /prefetch:1

C:\Windows\SysWOW64\calc.exe

"C:\Windows\System32\calc.exe"

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

Network

Country Destination Domain Proto
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 82.90.14.23.in-addr.arpa udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 69.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
NL 23.62.61.194:443 www.bing.com tcp
US 8.8.8.8:53 194.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 88.156.103.20.in-addr.arpa udp
NL 23.62.61.194:443 www.bing.com tcp
US 8.8.8.8:53 149.220.183.52.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 bigappboi.com udp
US 23.22.126.183:443 bigappboi.com tcp
US 23.22.126.183:443 bigappboi.com tcp
US 8.8.8.8:53 js-agent.newrelic.com udp
US 162.247.243.39:443 js-agent.newrelic.com tcp
US 8.8.8.8:53 183.126.22.23.in-addr.arpa udp
US 8.8.8.8:53 bam.nr-data.net udp
US 162.247.243.29:443 bam.nr-data.net tcp
US 8.8.8.8:53 sdk.lockertools.ai udp
US 8.8.8.8:53 cdn.bigappboi.com udp
US 3.162.140.50:443 sdk.lockertools.ai tcp
US 3.162.140.124:443 cdn.bigappboi.com tcp
US 3.162.140.124:443 cdn.bigappboi.com tcp
US 3.162.140.124:443 cdn.bigappboi.com tcp
US 8.8.8.8:53 ws-us2.pusher.com udp
US 3.136.178.142:443 ws-us2.pusher.com tcp
US 8.8.8.8:53 stats.pusher.com udp
US 18.215.47.202:443 stats.pusher.com tcp
US 8.8.8.8:53 29.243.247.162.in-addr.arpa udp
US 8.8.8.8:53 39.243.247.162.in-addr.arpa udp
US 8.8.8.8:53 50.140.162.3.in-addr.arpa udp
US 8.8.8.8:53 124.140.162.3.in-addr.arpa udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 91.90.14.23.in-addr.arpa udp
US 8.8.8.8:53 142.178.136.3.in-addr.arpa udp
US 8.8.8.8:53 19.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 202.47.215.18.in-addr.arpa udp
US 162.247.243.29:443 bam.nr-data.net tcp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 go.rdrclk.com udp
IE 54.246.135.161:443 go.rdrclk.com tcp
IE 54.246.135.161:443 go.rdrclk.com tcp
US 8.8.8.8:53 t.afftrackr.com udp
US 52.72.186.211:443 t.afftrackr.com tcp
US 52.72.186.211:443 t.afftrackr.com tcp
US 8.8.8.8:53 nationalsconsumerscenter.co.uk udp
US 8.8.8.8:53 161.135.246.54.in-addr.arpa udp
US 172.67.145.34:443 nationalsconsumerscenter.co.uk tcp
US 172.67.145.34:443 nationalsconsumerscenter.co.uk udp
US 8.8.8.8:53 www.cdn925.com udp
US 104.16.247.135:443 www.cdn925.com tcp
US 104.16.247.135:443 www.cdn925.com tcp
US 8.8.8.8:53 www.clicken.us udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 104.16.242.248:443 www.clicken.us tcp
GB 172.217.16.234:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 fqtag.com udp
US 35.190.72.161:443 fqtag.com tcp
US 8.8.8.8:53 cdn.fqtag.com udp
US 35.190.36.172:443 cdn.fqtag.com tcp
US 8.8.8.8:53 211.186.72.52.in-addr.arpa udp
US 8.8.8.8:53 34.145.67.172.in-addr.arpa udp
US 8.8.8.8:53 135.247.16.104.in-addr.arpa udp
US 8.8.8.8:53 248.242.16.104.in-addr.arpa udp
US 8.8.8.8:53 234.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 161.72.190.35.in-addr.arpa udp
US 8.8.8.8:53 172.36.190.35.in-addr.arpa udp
US 35.190.72.161:443 fqtag.com udp
US 8.8.8.8:53 stun.2talk.com udp
US 8.8.8.8:53 stun.botonakis.com udp
US 8.8.8.8:53 stun.counterpath.com udp
US 8.8.8.8:53 stun.gradwell.com udp
US 8.8.8.8:53 stun.budgetphone.nl udp
US 8.8.8.8:53 stun.jumblo.com udp
US 8.8.8.8:53 stun.node4.co.uk udp
US 8.8.8.8:53 stun.wwdl.net udp
US 8.8.8.8:53 stun.voipzoom.com udp
US 8.8.8.8:53 stun.nas.net udp
US 8.8.8.8:53 stun.veoh.com udp
US 8.8.8.8:53 stun.voip.aebc.com udp
US 8.8.8.8:53 stun.voxox.com udp
US 27.111.12.93:3478 stun.2talk.com udp
US 216.93.246.18:3478 stun.counterpath.com udp
CA 66.51.128.11:3478 stun.voip.aebc.com udp
CA 216.145.109.98:3478 stun.nas.net udp
US 70.85.220.74:3478 stun.wwdl.net udp
DE 77.72.169.210:3478 stun.voipzoom.com udp
US 69.167.127.106:3478 stun.veoh.com udp
DE 77.72.169.211:3478 stun.voipzoom.com udp
US 8.8.8.8:53 aux.fqtag.com udp
US 35.190.13.203:443 aux.fqtag.com tcp
US 8.8.8.8:53 93.12.111.27.in-addr.arpa udp
US 8.8.8.8:53 18.246.93.216.in-addr.arpa udp
US 8.8.8.8:53 98.109.145.216.in-addr.arpa udp
US 8.8.8.8:53 11.128.51.66.in-addr.arpa udp
US 8.8.8.8:53 74.220.85.70.in-addr.arpa udp
US 8.8.8.8:53 210.169.72.77.in-addr.arpa udp
US 8.8.8.8:53 211.169.72.77.in-addr.arpa udp
US 8.8.8.8:53 106.127.167.69.in-addr.arpa udp
US 8.8.8.8:53 203.13.190.35.in-addr.arpa udp
US 35.190.13.203:443 aux.fqtag.com udp
US 8.8.8.8:53 214.80.50.20.in-addr.arpa udp
US 8.8.8.8:53 roaming.officeapps.live.com udp
GB 52.109.28.47:443 roaming.officeapps.live.com tcp
US 8.8.8.8:53 46.28.109.52.in-addr.arpa udp
US 8.8.8.8:53 47.28.109.52.in-addr.arpa udp
US 8.8.8.8:53 133.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 90.65.42.20.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 172.217.169.54:443 i.ytimg.com tcp
GB 172.217.169.54:443 i.ytimg.com tcp
GB 172.217.169.54:443 i.ytimg.com tcp
GB 172.217.16.234:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.212.238:443 www.youtube.com tcp
GB 172.217.169.54:443 i.ytimg.com udp
US 8.8.8.8:53 54.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 238.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
GB 172.217.16.226:443 googleads.g.doubleclick.net tcp
GB 216.58.213.6:443 static.doubleclick.net tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.180.10:443 jnn-pa.googleapis.com tcp
GB 172.217.16.226:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 226.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 6.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 154.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 collector.github.com udp
US 8.8.8.8:53 api.github.com udp
US 140.82.113.21:443 collector.github.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 140.82.113.21:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 21.113.82.140.in-addr.arpa udp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 185.199.108.133:443 raw.githubusercontent.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 192.178.49.195:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 195.49.178.192.in-addr.arpa udp
US 8.8.8.8:53 google.co.ck udp
GB 142.250.187.228:80 google.co.ck tcp
GB 142.250.187.228:80 google.co.ck tcp
US 8.8.8.8:53 www.google.co.ck udp
GB 216.58.213.3:80 www.google.co.ck tcp
GB 216.58.213.3:443 www.google.co.ck tcp
GB 216.58.213.3:443 www.google.co.ck udp
US 8.8.8.8:53 228.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.187.228:80 google.co.ck tcp
GB 142.250.187.228:80 google.co.ck tcp
GB 216.58.213.3:80 www.google.co.ck tcp
GB 216.58.213.3:443 www.google.co.ck udp
GB 216.58.213.3:443 www.google.co.ck tcp
US 8.8.8.8:53 id.google.co.ck udp
GB 142.250.179.227:443 id.google.co.ck tcp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com tcp
US 8.8.8.8:53 227.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
GB 142.250.179.238:443 www.youtube.com udp
GB 142.250.179.227:443 id.google.co.ck udp
GB 172.217.169.54:443 i.ytimg.com tcp
GB 172.217.169.54:443 i.ytimg.com tcp
GB 172.217.169.54:443 i.ytimg.com tcp
GB 172.217.169.54:443 i.ytimg.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.212.238:443 www.youtube.com tcp
GB 172.217.169.54:443 i.ytimg.com udp
GB 172.217.16.226:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 static.doubleclick.net udp
GB 216.58.213.6:443 static.doubleclick.net tcp
GB 142.250.180.10:443 jnn-pa.googleapis.com tcp
GB 172.217.16.226:443 googleads.g.doubleclick.net udp
GB 216.58.213.6:443 static.doubleclick.net tcp
GB 142.250.180.10:443 jnn-pa.googleapis.com tcp
GB 142.250.180.10:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 encrypted-vtbn0.gstatic.com udp
GB 142.250.180.14:443 encrypted-vtbn0.gstatic.com tcp
GB 142.250.180.14:443 encrypted-vtbn0.gstatic.com udp
US 8.8.8.8:53 14.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 ogs.google.co.ck udp
GB 142.250.187.238:443 ogs.google.co.ck tcp
US 8.8.8.8:53 ssl.gstatic.com udp
GB 172.217.169.3:443 ssl.gstatic.com tcp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
GB 142.250.179.238:443 www.youtube.com udp
US 8.8.8.8:53 pcoptimizerpro.com udp
US 50.63.8.124:80 pcoptimizerpro.com tcp
US 50.63.8.124:80 pcoptimizerpro.com tcp
US 50.63.8.124:80 pcoptimizerpro.com tcp
GB 142.250.187.228:80 google.co.ck tcp
GB 216.58.213.3:443 www.google.co.ck udp
US 8.8.8.8:53 i.ytimg.com udp
GB 172.217.169.54:443 i.ytimg.com udp
GB 172.217.16.226:443 googleads.g.doubleclick.net udp
GB 142.250.180.10:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 softonic.com udp
US 199.232.209.91:80 softonic.com tcp
US 199.232.209.91:80 softonic.com tcp
US 199.232.209.91:443 softonic.com tcp
US 8.8.8.8:53 www.softonic.com udp
US 151.101.1.91:443 www.softonic.com tcp
US 8.8.8.8:53 en.softonic.com udp
US 8.8.8.8:53 images.sftcdn.net udp
US 8.8.8.8:53 sdk.privacy-center.org udp
US 8.8.8.8:53 assets.sftcdn.net udp
US 8.8.8.8:53 91.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 91.209.232.199.in-addr.arpa udp
BE 104.68.82.93:443 images.sftcdn.net tcp
BE 104.68.82.93:443 images.sftcdn.net tcp
BE 104.68.82.93:443 images.sftcdn.net tcp
BE 104.68.82.93:443 images.sftcdn.net tcp
BE 104.68.82.93:443 images.sftcdn.net tcp
BE 104.68.82.93:443 images.sftcdn.net tcp
CH 18.165.183.75:443 sdk.privacy-center.org tcp
US 151.101.1.91:443 assets.sftcdn.net tcp
US 151.101.1.91:443 assets.sftcdn.net tcp
US 151.101.1.91:443 assets.sftcdn.net tcp
US 151.101.1.91:443 assets.sftcdn.net udp
US 151.101.1.91:443 assets.sftcdn.net udp
US 8.8.8.8:53 notix.io udp
NL 139.45.197.227:443 notix.io tcp
US 8.8.8.8:53 static.site24x7rum.eu udp
CH 18.165.183.75:443 sdk.privacy-center.org udp
CH 18.165.183.16:443 static.site24x7rum.eu tcp
US 8.8.8.8:53 ampcid.google.com udp
GB 216.58.212.206:443 ampcid.google.com tcp
US 8.8.8.8:53 104.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 93.82.68.104.in-addr.arpa udp
US 8.8.8.8:53 75.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 43.103.224.13.in-addr.arpa udp
US 8.8.8.8:53 227.197.45.139.in-addr.arpa udp
US 8.8.8.8:53 16.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 206.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
BE 64.233.166.155:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 www.google.co.uk udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.200.3:443 www.google.co.uk tcp
US 8.8.8.8:53 155.166.233.64.in-addr.arpa udp
US 8.8.8.8:53 3.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 motherboard.vice.com udp
US 151.101.2.133:80 motherboard.vice.com tcp
US 151.101.2.133:80 motherboard.vice.com tcp
US 151.101.2.133:443 motherboard.vice.com tcp
US 8.8.8.8:53 apps.identrust.com udp
NL 23.63.101.152:80 apps.identrust.com tcp
US 8.8.8.8:53 www.vice.com udp
US 8.8.8.8:53 133.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 152.101.63.23.in-addr.arpa udp
US 8.8.8.8:53 vice-web-statics-cdn.vice.com udp
US 8.8.8.8:53 htlbid.com udp
US 151.101.2.133:443 vice-web-statics-cdn.vice.com tcp
US 151.101.2.133:443 vice-web-statics-cdn.vice.com tcp
CH 13.224.103.75:443 htlbid.com tcp
US 8.8.8.8:53 oembed.vice.com udp
US 8.8.8.8:53 images.vice.com udp
US 8.8.8.8:53 sourcepoint.mgr.consensu.org udp
US 8.8.8.8:53 native.sharethrough.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 gum.criteo.com udp
US 8.8.8.8:53 video-images.vice.com udp
CH 18.165.183.102:443 native.sharethrough.com tcp
US 8.8.8.8:53 api.amplitude.com udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
US 52.11.250.54:443 api.amplitude.com tcp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 vice-sundry-assets-cdn.vice.com udp
US 8.8.8.8:53 75.103.224.13.in-addr.arpa udp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 102.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 vice-dev-web-statics-cdn.vice.com udp
US 8.8.8.8:53 www.npttech.com udp
US 172.67.155.215:443 www.npttech.com tcp
US 8.8.8.8:53 sdk.snapkit.com udp
CH 18.165.183.101:443 sdk.snapkit.com tcp
US 8.8.8.8:53 cdn.privacy-mgmt.com udp
US 8.8.8.8:53 trinitymedia.ai udp
US 3.86.133.235:443 trinitymedia.ai tcp
CH 18.165.183.18:443 cdn.privacy-mgmt.com tcp
US 8.8.8.8:53 static.anonymised.io udp
US 8.8.8.8:53 tag.aticdn.net udp
US 8.8.8.8:53 secure.quantserve.com udp
US 8.8.8.8:53 segment-data.zqtk.net udp
US 34.107.217.107:443 static.anonymised.io tcp
DE 91.228.74.244:443 secure.quantserve.com tcp
FR 172.234.63.226:443 segment-data.zqtk.net tcp
CH 18.165.183.9:443 tag.aticdn.net tcp
US 8.8.8.8:53 api.snapkit.com udp
US 35.190.43.134:443 api.snapkit.com tcp
CH 18.165.183.18:443 cdn.privacy-mgmt.com tcp
US 34.107.217.107:443 static.anonymised.io udp
GB 216.58.212.238:443 www.youtube.com udp
US 8.8.8.8:53 rules.quantcount.com udp
GB 216.58.212.238:443 www.youtube.com tcp
US 8.8.8.8:53 vd.trinitymedia.ai udp
US 8.8.8.8:53 logws1330.ati-host.net udp
CH 18.165.183.57:443 rules.quantcount.com tcp
CH 13.224.96.215:443 logws1330.ati-host.net tcp
GB 143.244.38.136:443 vd.trinitymedia.ai tcp
US 35.190.43.134:443 api.snapkit.com udp
US 8.8.8.8:53 material.anonymised.io udp
US 34.117.250.57:443 material.anonymised.io tcp
GB 172.217.169.54:443 i.ytimg.com udp
US 8.8.8.8:53 aegis.anonymised.io udp
US 34.107.217.107:443 aegis.anonymised.io tcp
US 34.117.250.57:443 material.anonymised.io udp
US 8.8.8.8:53 pub.doubleverify.com udp
US 8.8.8.8:53 54.250.11.52.in-addr.arpa udp
US 8.8.8.8:53 215.155.67.172.in-addr.arpa udp
US 104.18.166.224:443 pub.doubleverify.com tcp
US 8.8.8.8:53 101.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 18.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 244.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 9.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 107.217.107.34.in-addr.arpa udp
US 8.8.8.8:53 134.43.190.35.in-addr.arpa udp
US 8.8.8.8:53 226.63.234.172.in-addr.arpa udp
US 8.8.8.8:53 136.38.244.143.in-addr.arpa udp
US 8.8.8.8:53 57.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 215.96.224.13.in-addr.arpa udp
FR 172.234.63.226:443 segment-data.zqtk.net tcp
US 34.107.217.107:443 aegis.anonymised.io udp
US 8.8.8.8:53 scdn.cxense.com udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 8.8.8.8:53 cdn.confiant-integrations.net udp
US 8.8.8.8:53 launchpad-wrapper.privacymanager.io udp
US 8.8.8.8:53 silo50.p7cloud.net udp
BE 104.68.95.245:443 scdn.cxense.com tcp
US 104.18.43.90:443 cdn.confiant-integrations.net tcp
CH 13.224.103.121:443 silo50.p7cloud.net tcp
CH 13.224.103.40:443 launchpad-wrapper.privacymanager.io tcp
CH 18.165.187.137:443 c.amazon-adsystem.com tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 104.18.166.224:443 pub.doubleverify.com udp
GB 143.244.38.136:443 vd.trinitymedia.ai tcp
US 104.18.43.90:443 cdn.confiant-integrations.net udp
US 8.8.8.8:53 launchpad.privacymanager.io udp
CH 18.165.183.43:443 launchpad.privacymanager.io tcp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
CH 18.165.183.3:443 config.aps.amazon-adsystem.com tcp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 yield-manager.browsiprod.com udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 api.cxense.com udp
DE 167.235.124.23:443 api.cxense.com tcp
CH 18.165.181.3:443 aax.amazon-adsystem.com tcp
CH 18.165.183.89:443 yield-manager.browsiprod.com tcp
GB 142.250.187.238:443 fundingchoicesmessages.google.com tcp
US 8.8.8.8:53 57.250.117.34.in-addr.arpa udp
US 8.8.8.8:53 224.166.18.104.in-addr.arpa udp
US 8.8.8.8:53 90.43.18.104.in-addr.arpa udp
US 8.8.8.8:53 geo.privacymanager.io udp
US 8.8.8.8:53 245.95.68.104.in-addr.arpa udp
US 8.8.8.8:53 121.103.224.13.in-addr.arpa udp
US 8.8.8.8:53 40.103.224.13.in-addr.arpa udp
US 8.8.8.8:53 137.187.165.18.in-addr.arpa udp
US 8.8.8.8:53 2.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 43.183.165.18.in-addr.arpa udp
CH 18.165.183.107:443 geo.privacymanager.io tcp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 8.8.8.8:53 js.gumgum.com udp
US 8.8.8.8:53 live.primis.tech udp
US 104.22.52.86:443 cdn.id5-sync.com tcp
CH 18.165.183.7:443 js.gumgum.com tcp
CH 18.165.183.115:443 live.primis.tech tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 yt3.ggpht.com udp
GB 216.58.212.234:443 jnn-pa.googleapis.com udp
GB 216.58.213.6:443 static.doubleclick.net udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 tag.bounceexchange.com udp
GB 142.250.187.238:443 fundingchoicesmessages.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 216.58.212.234:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 ams-pageview-public.s3.amazonaws.com udp
US 3.5.9.145:443 ams-pageview-public.s3.amazonaws.com tcp
US 8.8.8.8:53 cdn.browsiprod.com udp
US 34.120.253.250:443 tag.bounceexchange.com tcp
GB 142.250.180.1:443 yt3.ggpht.com tcp
US 8.8.8.8:53 c.gumgum.com udp
US 8.8.8.8:53 g2.gumgum.com udp
US 8.8.8.8:53 aba.gumgum.com udp
CH 18.165.183.105:443 cdn.browsiprod.com tcp
CH 18.165.183.78:443 c.gumgum.com tcp
US 8.8.8.8:53 gumgum.com udp
US 8.8.8.8:53 assets.bounceexchange.com udp
CH 13.224.103.95:443 gumgum.com tcp
CH 18.165.183.10:443 aba.gumgum.com tcp
US 8.8.8.8:53 data.cdnbasket.net udp
IE 54.216.114.27:443 g2.gumgum.com tcp
US 8.8.8.8:53 events.bouncex.net udp
US 8.8.8.8:53 ids.cdnwidget.com udp
US 34.98.72.95:443 assets.bounceexchange.com tcp
US 8.8.8.8:53 page.cdnbasket.net udp
US 8.8.8.8:53 view.cdnbasket.net udp
US 8.8.8.8:53 pd.cdnwidget.com udp
US 8.8.8.8:53 api.bounceexchange.com udp
CH 18.165.183.7:443 c.gumgum.com tcp
US 34.111.8.32:443 api.bounceexchange.com tcp
US 34.149.130.207:443 pd.cdnwidget.com tcp
US 8.8.8.8:53 events.browsiprod.com udp
US 44.237.6.87:443 events.browsiprod.com tcp
US 34.98.72.95:443 assets.bounceexchange.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
GB 142.250.179.238:443 play.google.com udp
US 44.237.6.87:443 events.browsiprod.com tcp
CH 18.165.183.105:443 cdn.browsiprod.com tcp
GB 142.250.179.238:443 play.google.com tcp
US 8.8.8.8:53 3.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 23.124.235.167.in-addr.arpa udp
US 8.8.8.8:53 3.181.165.18.in-addr.arpa udp
US 8.8.8.8:53 89.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 107.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 86.52.22.104.in-addr.arpa udp
US 8.8.8.8:53 7.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 115.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 234.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 1.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 250.253.120.34.in-addr.arpa udp
US 8.8.8.8:53 105.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 145.9.5.3.in-addr.arpa udp
US 8.8.8.8:53 78.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 27.114.216.54.in-addr.arpa udp
US 8.8.8.8:53 95.103.224.13.in-addr.arpa udp
US 8.8.8.8:53 95.72.98.34.in-addr.arpa udp
US 8.8.8.8:53 10.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 32.8.111.34.in-addr.arpa udp
US 8.8.8.8:53 207.130.149.34.in-addr.arpa udp
US 8.8.8.8:53 87.6.237.44.in-addr.arpa udp
US 8.8.8.8:53 ai.browsiprod.com udp
US 8.8.8.8:53 demand-engine.browsiprod.com udp
GB 142.250.187.238:443 fundingchoicesmessages.google.com udp
CH 18.165.183.44:443 ai.browsiprod.com tcp
CH 13.224.103.43:443 demand-engine.browsiprod.com tcp
US 8.8.8.8:53 ua.p7cloud.net udp
US 8.8.8.8:53 location.p7cloud.net udp
US 8.8.8.8:53 d2tbszkvx1p56e.cloudfront.net udp
CH 18.165.185.47:443 d2tbszkvx1p56e.cloudfront.net tcp
CH 18.165.183.50:443 location.p7cloud.net tcp
CH 18.165.183.103:443 ua.p7cloud.net tcp
US 8.8.8.8:53 depart.trinitymedia.ai udp
US 162.247.243.39:443 js-agent.newrelic.com tcp
US 162.247.243.39:443 js-agent.newrelic.com tcp
DE 18.196.240.107:443 depart.trinitymedia.ai tcp
US 8.8.8.8:53 bam.nr-data.net udp
US 162.247.243.29:443 bam.nr-data.net tcp
US 8.8.8.8:53 44.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 47.185.165.18.in-addr.arpa udp
US 8.8.8.8:53 50.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 103.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 42.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 107.240.196.18.in-addr.arpa udp
US 8.8.8.8:53 226.21.18.104.in-addr.arpa udp
US 8.8.8.8:53 firebaseremoteconfig.googleapis.com udp
GB 172.217.169.74:443 firebaseremoteconfig.googleapis.com tcp
GB 172.217.169.74:443 firebaseremoteconfig.googleapis.com udp
IE 54.216.114.27:443 g2.gumgum.com tcp
US 104.18.166.224:443 pub.doubleverify.com udp
US 8.8.8.8:53 74.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 firebaselogging.googleapis.com udp
US 8.8.8.8:53 synchrobox.adswizz.com udp
US 8.8.8.8:53 playerservices.live.streamtheworld.com udp
US 8.8.8.8:53 play.adtonos.com udp
IE 46.51.168.169:443 synchrobox.adswizz.com tcp
IE 46.51.168.169:443 synchrobox.adswizz.com tcp
GB 51.89.155.117:443 play.adtonos.com tcp
GB 208.92.53.43:443 playerservices.live.streamtheworld.com tcp
GB 208.92.53.43:443 playerservices.live.streamtheworld.com tcp
US 8.8.8.8:53 delivery-cdn-cf.adswizz.com udp
US 8.8.8.8:53 yield-op-idsync.live.streamtheworld.com udp
CH 18.165.183.9:443 delivery-cdn-cf.adswizz.com tcp
CH 18.165.183.9:443 delivery-cdn-cf.adswizz.com tcp
US 208.80.55.239:443 yield-op-idsync.live.streamtheworld.com tcp
US 8.8.8.8:53 synchroscript.deliveryengine.adswizz.com udp
CH 18.165.183.115:443 synchroscript.deliveryengine.adswizz.com tcp
US 8.8.8.8:53 117.155.89.51.in-addr.arpa udp
US 8.8.8.8:53 169.168.51.46.in-addr.arpa udp
US 8.8.8.8:53 43.53.92.208.in-addr.arpa udp
US 8.8.8.8:53 239.55.80.208.in-addr.arpa udp
US 44.237.6.87:443 events.browsiprod.com tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 8.8.8.8:53 comcluster.cxense.com udp
DE 167.235.124.61:443 comcluster.cxense.com tcp
US 34.111.8.32:443 api.bounceexchange.com tcp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 prebid.a-mo.net udp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
US 8.8.8.8:53 krk2.kargo.com udp
US 35.227.252.103:443 rtb.openx.net tcp
NL 147.75.84.158:443 prebid.a-mo.net tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
CH 18.165.183.120:443 hb.yellowblue.io tcp
DE 3.124.210.62:443 krk2.kargo.com tcp
US 8.8.8.8:53 61.124.235.167.in-addr.arpa udp
US 8.8.8.8:53 103.252.227.35.in-addr.arpa udp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 158.84.75.147.in-addr.arpa udp
US 8.8.8.8:53 62.210.124.3.in-addr.arpa udp
US 8.8.8.8:53 139.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 120.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 ads.pubmatic.com udp
SE 104.73.92.198:443 ads.pubmatic.com tcp
US 8.8.8.8:53 hashtaglabs-d.openx.net udp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 34.98.64.218:443 hashtaglabs-d.openx.net tcp
BE 2.21.18.175:443 eus.rubiconproject.com tcp
US 8.8.8.8:53 api.rlcdn.com udp
US 8.8.8.8:53 id5-sync.com udp
DE 141.95.98.64:443 id5-sync.com tcp
CH 18.165.183.34:443 aba.gumgum.com tcp
US 34.120.133.55:443 api.rlcdn.com tcp
US 8.8.8.8:53 218.64.98.34.in-addr.arpa udp
US 8.8.8.8:53 175.18.21.2.in-addr.arpa udp
US 8.8.8.8:53 token.rubiconproject.com udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 8.8.8.8:53 55.133.120.34.in-addr.arpa udp
US 8.8.8.8:53 34.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 64.98.95.141.in-addr.arpa udp
US 8.8.8.8:53 148.156.173.69.in-addr.arpa udp
GB 142.250.187.228:80 google.co.ck tcp
GB 142.250.187.228:80 google.co.ck tcp
GB 216.58.213.3:443 www.google.co.ck udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 192.178.49.195:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 motherboard.vice.com udp
US 8.8.8.8:53 www.vice.com udp
US 8.8.8.8:53 sourcepoint.mgr.consensu.org udp
US 8.8.8.8:53 native.sharethrough.com udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 api.amplitude.com udp
CH 18.165.183.115:443 native.sharethrough.com tcp
US 52.39.210.70:443 api.amplitude.com tcp
US 8.8.8.8:53 vice-web-statics-cdn.vice.com udp
US 8.8.8.8:53 vice-dev-web-statics-cdn.vice.com udp
US 8.8.8.8:53 70.210.39.52.in-addr.arpa udp
US 8.8.8.8:53 oembed.vice.com udp
US 8.8.8.8:53 trinitymedia.ai udp
US 34.192.154.111:443 trinitymedia.ai tcp
US 104.18.166.224:443 pub.doubleverify.com udp
FR 172.234.63.226:443 segment-data.zqtk.net tcp
US 104.18.43.90:443 cdn.confiant-integrations.net udp
US 8.8.8.8:53 api.snapkit.com udp
US 35.190.43.134:443 api.snapkit.com udp
GB 172.217.169.54:443 i.ytimg.com udp
US 8.8.8.8:53 111.154.192.34.in-addr.arpa udp
US 8.8.8.8:53 cdn.privacy-mgmt.com udp
DE 167.235.124.23:443 api.cxense.com tcp
US 8.8.8.8:53 silo50.p7cloud.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 142.250.180.2:443 googleads.g.doubleclick.net udp
GB 142.250.180.2:443 googleads.g.doubleclick.net tcp
GB 216.58.212.234:443 firebaselogging.googleapis.com udp
GB 216.58.212.234:443 firebaselogging.googleapis.com tcp
US 34.117.250.57:443 material.anonymised.io udp
US 34.107.217.107:443 aegis.anonymised.io udp
US 8.8.8.8:53 ams-pageview-public.s3.amazonaws.com udp
US 8.8.8.8:53 live.primis.tech udp
US 8.8.8.8:53 tag.bounceexchange.com udp
GB 142.250.187.238:443 www.youtube.com udp
US 52.217.164.17:443 ams-pageview-public.s3.amazonaws.com tcp
US 34.120.253.250:443 tag.bounceexchange.com udp
CH 18.165.183.26:443 live.primis.tech udp
US 8.8.8.8:53 c.gumgum.com udp
US 8.8.8.8:53 g2.gumgum.com udp
US 8.8.8.8:53 aba.gumgum.com udp
IE 108.129.15.138:443 g2.gumgum.com tcp
CH 18.165.183.58:443 aba.gumgum.com tcp
US 8.8.8.8:53 gumgum.com udp
US 8.8.8.8:53 js.gumgum.com udp
CH 18.165.183.41:443 c.gumgum.com tcp
CH 18.165.183.96:443 js.gumgum.com tcp
CH 13.224.103.70:443 gumgum.com tcp
US 34.149.130.207:443 pd.cdnwidget.com tcp
US 8.8.8.8:53 api.bounceexchange.com udp
US 8.8.8.8:53 assets.bounceexchange.com udp
US 34.111.8.32:443 api.bounceexchange.com tcp
US 8.8.8.8:53 events.browsiprod.com udp
US 8.8.8.8:53 2.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 26.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 17.164.217.52.in-addr.arpa udp
US 44.238.197.96:443 events.browsiprod.com tcp
US 44.238.197.96:443 events.browsiprod.com tcp
US 8.8.8.8:53 depart.trinitymedia.ai udp
DE 18.198.252.238:443 depart.trinitymedia.ai tcp
GB 142.250.187.238:443 www.youtube.com udp
US 8.8.8.8:53 138.15.129.108.in-addr.arpa udp
US 8.8.8.8:53 58.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 41.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 70.103.224.13.in-addr.arpa udp
US 8.8.8.8:53 96.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 96.197.238.44.in-addr.arpa udp
US 8.8.8.8:53 238.252.198.18.in-addr.arpa udp
IE 108.129.15.138:443 g2.gumgum.com tcp
US 8.8.8.8:53 synchrobox.adswizz.com udp
US 8.8.8.8:53 play.adtonos.com udp
US 8.8.8.8:53 playerservices.live.streamtheworld.com udp
GB 51.89.155.117:443 play.adtonos.com tcp
IE 52.211.17.116:443 synchrobox.adswizz.com tcp
IE 52.211.17.116:443 synchrobox.adswizz.com tcp
CA 192.173.29.77:443 playerservices.live.streamtheworld.com tcp
US 8.8.8.8:53 116.17.211.52.in-addr.arpa udp
US 8.8.8.8:53 synchroscript.deliveryengine.adswizz.com udp
US 8.8.8.8:53 yield-op-idsync.live.streamtheworld.com udp
US 208.80.55.239:443 yield-op-idsync.live.streamtheworld.com tcp
US 8.8.8.8:53 eu.ads.audio.thisisdax.com udp
NL 35.214.251.236:443 eu.ads.audio.thisisdax.com tcp
US 8.8.8.8:53 match.adsby.bidtheatre.com udp
US 8.8.8.8:53 loadm.exelator.com udp
NL 134.122.57.34:443 match.adsby.bidtheatre.com tcp
IE 34.254.143.3:443 loadm.exelator.com tcp
US 151.101.2.49:443 rtd.tubemogul.com tcp
US 8.8.8.8:53 rtd-tm.everesttech.net udp
US 151.101.2.49:443 rtd-tm.everesttech.net tcp
US 8.8.8.8:53 77.29.173.192.in-addr.arpa udp
US 8.8.8.8:53 236.251.214.35.in-addr.arpa udp
US 8.8.8.8:53 34.57.122.134.in-addr.arpa udp
US 8.8.8.8:53 3.143.254.34.in-addr.arpa udp
US 8.8.8.8:53 49.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 prebid.a-mo.net udp
US 8.8.8.8:53 krk2.kargo.com udp
US 35.227.252.103:443 rtb.openx.net udp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
DE 3.121.68.25:443 krk2.kargo.com tcp
NL 145.40.97.66:443 prebid.a-mo.net tcp
US 34.111.8.32:443 api.bounceexchange.com udp
US 8.8.8.8:53 66.97.40.145.in-addr.arpa udp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 34.98.64.218:443 hashtaglabs-d.openx.net udp
DE 141.95.98.64:443 id5-sync.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 8.8.8.8:53 bam.nr-data.net udp
US 162.247.243.29:443 bam.nr-data.net tcp
US 8.8.8.8:53 google.co.ck udp
US 8.8.8.8:53 www.google.co.ck udp
GB 142.250.187.228:80 google.co.ck tcp
US 44.238.197.96:443 events.browsiprod.com tcp
DE 167.235.124.61:443 comcluster.cxense.com tcp
GB 216.58.213.6:443 static.doubleclick.net udp
US 162.247.243.29:443 bam.nr-data.net tcp
US 199.232.209.91:443 softonic.com udp
US 8.8.8.8:53 www.softonic.com udp
US 8.8.8.8:53 en.softonic.com udp
US 151.101.1.91:443 en.softonic.com udp
US 8.8.8.8:53 sdk.privacy-center.org udp
US 8.8.8.8:53 images.sftcdn.net udp
BE 104.68.82.93:443 images.sftcdn.net tcp
CH 18.165.183.54:443 sdk.privacy-center.org udp
US 8.8.8.8:53 b-code.liadm.com udp
CH 13.224.103.54:443 b-code.liadm.com tcp
US 8.8.8.8:53 static.site24x7rum.eu udp
CH 18.165.183.113:443 static.site24x7rum.eu tcp
BE 64.233.166.155:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.200.3:443 www.google.co.uk udp
US 8.8.8.8:53 113.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 54.103.224.13.in-addr.arpa udp
NL 139.45.197.227:443 notix.io tcp
GB 142.250.179.238:443 www.youtube.com udp
GB 142.250.179.238:443 www.youtube.com tcp
GB 172.217.169.54:443 i.ytimg.com udp
GB 142.250.187.228:80 google.co.ck tcp
GB 172.217.169.54:443 i.ytimg.com udp
GB 142.250.180.2:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 depart.trinitymedia.ai udp
DE 18.196.240.107:443 depart.trinitymedia.ai tcp
US 162.247.243.29:443 bam.nr-data.net tcp
GB 142.250.187.228:80 google.co.ck tcp
GB 142.250.187.228:80 google.co.ck tcp
GB 216.58.213.3:443 www.google.co.ck udp
GB 216.58.213.3:443 www.google.co.ck tcp
GB 172.217.169.54:443 i.ytimg.com udp
GB 172.217.169.54:443 i.ytimg.com tcp
GB 216.58.212.238:443 www.youtube.com udp
GB 216.58.212.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com udp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.180.2:443 googleads.g.doubleclick.net udp
GB 142.250.180.2:443 googleads.g.doubleclick.net tcp
GB 216.58.212.234:443 firebaselogging.googleapis.com udp
GB 216.58.212.234:443 firebaselogging.googleapis.com tcp
US 8.8.8.8:53 ogs.google.co.ck udp
US 8.8.8.8:53 ssl.gstatic.com udp
GB 172.217.169.3:443 ssl.gstatic.com udp
US 8.8.8.8:53 227.212.58.216.in-addr.arpa udp
GB 142.250.179.238:443 www.youtube.com udp
GB 142.250.179.238:443 www.youtube.com tcp
GB 172.217.169.54:443 i.ytimg.com udp
US 8.8.8.8:53 encrypted-tbn3.gstatic.com udp
GB 142.250.178.14:443 encrypted-tbn3.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn3.gstatic.com tcp
GB 142.250.187.206:443 www.youtube.com tcp
GB 142.250.187.206:443 www.youtube.com tcp
US 8.8.8.8:53 206.187.250.142.in-addr.arpa udp
GB 142.250.180.2:443 googleads.g.doubleclick.net udp
GB 216.58.212.234:443 firebaselogging.googleapis.com udp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 encrypted-vtbn0.gstatic.com udp
GB 142.250.180.14:443 encrypted-vtbn0.gstatic.com udp
GB 142.250.180.14:443 encrypted-vtbn0.gstatic.com tcp
GB 142.250.187.228:80 google.co.ck tcp
GB 172.217.169.54:443 i.ytimg.com udp
US 8.8.8.8:53 www.youtube.com udp
US 50.63.8.124:80 pcoptimizerpro.com tcp
US 50.63.8.124:80 pcoptimizerpro.com tcp
US 50.63.8.124:80 pcoptimizerpro.com tcp
GB 142.250.187.228:80 google.co.ck tcp
GB 172.217.169.54:443 i.ytimg.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.212.202:443 jnn-pa.googleapis.com udp
GB 216.58.212.202:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 202.212.58.216.in-addr.arpa udp
GB 172.217.169.54:443 i.ytimg.com udp
GB 142.250.187.206:443 www.youtube.com udp
US 8.8.8.8:53 www.google.co.ck udp
GB 216.58.212.202:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 google.co.ck udp
GB 142.250.187.228:80 google.co.ck tcp
US 199.232.209.91:443 softonic.com udp
US 8.8.8.8:53 www.softonic.com udp
US 8.8.8.8:53 en.softonic.com udp
US 8.8.8.8:53 images.sftcdn.net udp
US 8.8.8.8:53 sdk.privacy-center.org udp
BE 104.68.82.93:443 images.sftcdn.net tcp
CH 18.165.183.4:443 sdk.privacy-center.org udp
US 8.8.8.8:53 notix.io udp
NL 139.45.197.227:443 notix.io tcp
US 8.8.8.8:53 4.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 static.site24x7rum.eu udp
CH 18.165.183.16:443 static.site24x7rum.eu tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
BE 64.233.166.157:443 stats.g.doubleclick.net udp
BE 64.233.166.157:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 www.google.co.uk udp
GB 142.250.200.3:443 www.google.co.uk udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.200.3:443 www.google.co.uk tcp
US 8.8.8.8:53 motherboard.vice.com udp
US 151.101.2.133:443 motherboard.vice.com tcp
US 8.8.8.8:53 www.vice.com udp
US 8.8.8.8:53 sourcepoint.mgr.consensu.org udp
US 8.8.8.8:53 native.sharethrough.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 api.amplitude.com udp
CH 18.165.183.102:443 native.sharethrough.com tcp
US 44.236.216.210:443 api.amplitude.com tcp
US 8.8.8.8:53 images.vice.com udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 vice-sundry-assets-cdn.vice.com udp
US 151.101.2.133:443 vice-sundry-assets-cdn.vice.com tcp
US 8.8.8.8:53 vice-web-statics-cdn.vice.com udp
US 8.8.8.8:53 vice-dev-web-statics-cdn.vice.com udp
US 8.8.8.8:53 cdn.privacy-mgmt.com udp
CH 18.165.183.57:443 cdn.privacy-mgmt.com tcp
US 8.8.8.8:53 oembed.vice.com udp
US 8.8.8.8:53 trinitymedia.ai udp
US 34.231.181.230:443 trinitymedia.ai tcp
CH 18.165.183.57:443 cdn.privacy-mgmt.com tcp
US 34.107.217.107:443 aegis.anonymised.io udp
US 8.8.8.8:53 segment-data.zqtk.net udp
US 34.107.217.107:443 aegis.anonymised.io tcp
FR 172.234.63.226:443 segment-data.zqtk.net tcp
US 8.8.8.8:53 pub.doubleverify.com udp
US 8.8.8.8:53 210.216.236.44.in-addr.arpa udp
US 8.8.8.8:53 230.181.231.34.in-addr.arpa udp
US 104.18.167.224:443 pub.doubleverify.com udp
US 8.8.8.8:53 api.snapkit.com udp
US 8.8.8.8:53 silo50.p7cloud.net udp
CH 13.224.103.41:443 silo50.p7cloud.net tcp
US 35.190.43.134:443 api.snapkit.com udp
US 8.8.8.8:53 logws1330.ati-host.net udp
GB 172.217.169.54:443 i.ytimg.com udp
CH 13.224.96.215:443 logws1330.ati-host.net tcp
US 8.8.8.8:53 api.cxense.com udp
DE 167.235.124.25:443 api.cxense.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 material.anonymised.io udp
US 34.107.217.107:443 aegis.anonymised.io udp
US 34.107.217.107:443 aegis.anonymised.io tcp
US 34.117.250.57:443 material.anonymised.io udp
US 34.117.250.57:443 material.anonymised.io tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.200.10:443 jnn-pa.googleapis.com udp
GB 142.250.200.10:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 224.167.18.104.in-addr.arpa udp
US 8.8.8.8:53 41.103.224.13.in-addr.arpa udp
US 8.8.8.8:53 25.124.235.167.in-addr.arpa udp
US 8.8.8.8:53 ams-pageview-public.s3.amazonaws.com udp
US 8.8.8.8:53 tag.bounceexchange.com udp
US 34.120.253.250:443 tag.bounceexchange.com udp
US 52.217.113.81:443 ams-pageview-public.s3.amazonaws.com tcp
US 8.8.8.8:53 api.bounceexchange.com udp
US 8.8.8.8:53 pd.cdnwidget.com udp
US 8.8.8.8:53 assets.bounceexchange.com udp
US 8.8.8.8:53 live.primis.tech udp
CH 18.165.183.45:443 live.primis.tech udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 34.149.130.207:443 pd.cdnwidget.com tcp
US 8.8.8.8:53 yield-manager.browsiprod.com udp
US 34.111.8.32:443 api.bounceexchange.com tcp
US 8.8.8.8:53 gumgum.com udp
US 8.8.8.8:53 c.gumgum.com udp
US 8.8.8.8:53 js.gumgum.com udp
CH 13.224.103.70:443 gumgum.com tcp
CH 18.165.183.66:443 yield-manager.browsiprod.com tcp
US 8.8.8.8:53 g2.gumgum.com udp
CH 18.165.183.125:443 js.gumgum.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.187.238:443 fundingchoicesmessages.google.com udp
CH 18.165.181.3:443 aax.amazon-adsystem.com tcp
US 8.8.8.8:53 aba.gumgum.com udp
CH 18.165.183.41:443 c.gumgum.com tcp
US 8.8.8.8:53 events.bouncex.net udp
IE 18.200.82.199:443 g2.gumgum.com tcp
GB 142.250.187.238:443 fundingchoicesmessages.google.com tcp
GB 142.250.179.238:443 play.google.com udp
CH 18.165.183.10:443 aba.gumgum.com tcp
US 8.8.8.8:53 ids.cdnwidget.com udp
GB 142.250.179.238:443 play.google.com tcp
US 8.8.8.8:53 events.browsiprod.com udp
US 52.26.112.13:443 events.browsiprod.com tcp
US 8.8.8.8:53 10.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 45.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 81.113.217.52.in-addr.arpa udp
US 8.8.8.8:53 66.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 125.183.165.18.in-addr.arpa udp
US 8.8.8.8:53 199.82.200.18.in-addr.arpa udp
US 8.8.8.8:53 ai.browsiprod.com udp
US 8.8.8.8:53 demand-engine.browsiprod.com udp
CH 18.165.183.23:443 ai.browsiprod.com tcp
CH 13.224.103.57:443 demand-engine.browsiprod.com tcp
US 8.8.8.8:53 depart.trinitymedia.ai udp
DE 18.198.252.238:443 depart.trinitymedia.ai tcp
US 8.8.8.8:53 bam.nr-data.net udp
US 162.247.243.29:443 bam.nr-data.net tcp
GB 142.250.187.238:443 fundingchoicesmessages.google.com udp
GB 142.250.187.238:443 fundingchoicesmessages.google.com tcp
US 8.8.8.8:53 13.112.26.52.in-addr.arpa udp
US 8.8.8.8:53 57.103.224.13.in-addr.arpa udp
IE 18.200.82.199:443 g2.gumgum.com tcp
US 8.8.8.8:53 play.adtonos.com udp
US 8.8.8.8:53 synchrobox.adswizz.com udp
US 8.8.8.8:53 playerservices.live.streamtheworld.com udp
GB 51.89.155.117:443 play.adtonos.com tcp
IE 52.211.17.116:443 synchrobox.adswizz.com tcp
IE 52.211.17.116:443 synchrobox.adswizz.com tcp
GB 208.92.53.43:443 playerservices.live.streamtheworld.com tcp
US 8.8.8.8:53 yield-op-idsync.live.streamtheworld.com udp
CA 192.173.29.84:443 yield-op-idsync.live.streamtheworld.com tcp
US 8.8.8.8:53 synchroscript.deliveryengine.adswizz.com udp
CH 18.165.183.40:443 synchroscript.deliveryengine.adswizz.com tcp
US 8.8.8.8:53 firebaselogging.googleapis.com udp
US 8.8.8.8:53 84.29.173.192.in-addr.arpa udp
US 8.8.8.8:53 40.183.165.18.in-addr.arpa udp
GB 142.250.187.228:80 google.co.ck tcp
US 52.26.112.13:443 events.browsiprod.com tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 8.8.8.8:53 comcluster.cxense.com udp
DE 167.235.124.60:443 comcluster.cxense.com tcp
US 34.111.8.32:443 events.bouncex.net udp
US 52.26.112.13:443 events.browsiprod.com tcp
US 34.111.8.32:443 events.bouncex.net tcp
IE 18.200.82.199:443 g2.gumgum.com tcp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 krk2.kargo.com udp
US 8.8.8.8:53 prebid.a-mo.net udp
US 35.227.252.103:443 rtb.openx.net udp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
DE 54.93.153.110:443 krk2.kargo.com tcp
CH 13.224.103.10:443 hb.yellowblue.io tcp
NL 145.40.97.67:443 prebid.a-mo.net tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
US 8.8.8.8:53 60.124.235.167.in-addr.arpa udp
US 8.8.8.8:53 110.153.93.54.in-addr.arpa udp
US 8.8.8.8:53 67.97.40.145.in-addr.arpa udp
US 8.8.8.8:53 10.103.224.13.in-addr.arpa udp
CH 13.224.103.41:443 silo50.p7cloud.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 8.8.8.8:53 hashtaglabs-d.openx.net udp
US 34.98.64.218:443 hashtaglabs-d.openx.net udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 8.8.8.8:53 id5-sync.com udp
DE 141.95.98.65:443 id5-sync.com tcp
US 8.8.8.8:53 token.rubiconproject.com udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 8.8.8.8:53 65.98.95.141.in-addr.arpa udp
GB 142.250.187.228:80 google.co.ck tcp
US 162.247.243.29:443 bam.nr-data.net tcp
CH 13.224.103.41:443 silo50.p7cloud.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
CH 13.224.103.41:443 silo50.p7cloud.net tcp
US 8.8.8.8:53 56.94.73.104.in-addr.arpa udp
US 162.247.243.29:443 bam.nr-data.net tcp
CH 13.224.103.41:443 silo50.p7cloud.net tcp
GB 142.250.187.228:80 google.co.ck tcp
GB 142.250.187.228:80 google.co.ck tcp
GB 172.217.169.54:443 i.ytimg.com udp
GB 142.250.187.228:80 google.co.ck tcp
GB 142.250.187.228:80 google.co.ck tcp
GB 142.250.178.14:443 www.youtube.com udp
US 162.247.243.29:443 bam.nr-data.net tcp
US 8.8.8.8:53 silo50.p7cloud.net udp
CH 13.224.103.104:443 silo50.p7cloud.net tcp
US 8.8.8.8:53 104.103.224.13.in-addr.arpa udp
GB 142.250.180.14:443 www.youtube.com udp
US 162.247.243.29:443 bam.nr-data.net tcp
GB 142.250.187.228:80 google.co.ck tcp
GB 142.250.187.228:80 google.co.ck tcp
GB 142.250.179.238:443 play.google.com udp
US 162.247.243.29:443 bam.nr-data.net tcp
GB 142.250.187.228:80 google.co.ck tcp
GB 142.250.187.228:80 google.co.ck tcp
CH 13.224.103.104:443 silo50.p7cloud.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
GB 142.250.187.228:80 google.co.ck tcp
GB 142.250.187.228:80 google.co.ck tcp
US 162.247.243.29:443 bam.nr-data.net tcp
CH 13.224.103.104:443 silo50.p7cloud.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
GB 142.250.187.228:80 google.co.ck tcp
GB 142.250.187.228:80 google.co.ck tcp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.187.228:80 google.co.ck tcp
GB 142.250.187.228:80 google.co.ck tcp
US 8.8.8.8:53 bam.nr-data.net udp
US 162.247.243.29:443 bam.nr-data.net tcp
GB 172.217.169.54:443 i.ytimg.com udp
US 8.8.8.8:53 silo50.p7cloud.net udp
CH 13.224.103.121:443 silo50.p7cloud.net tcp
GB 142.250.187.228:80 google.co.ck tcp
GB 142.250.187.228:80 google.co.ck tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp

Files

\??\pipe\crashpad_3828_WZLDZXFLGYNAIVMT

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 78a9638b957affd1f9cce2340041e2b8
SHA1 b1b540f0c0a45a8b05c5ebf74d01aa57de8113f2
SHA256 c41ef6fe9d3d41c2c07c8e4894e7aa3fc8ab5aa2278ed6d7c4530d4109c8485d
SHA512 5c073ee2e4339a3c07247c65ab5809b1eba8560c7cd219a100b220a10be602c38eafa0a9cae848626634fb277b14a5b267e7f4c09ef8b52ca7b258579c85e813

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 472f2df3be9c4d927f0b90e3a07cf4f0
SHA1 d541d4c0f4f028dbfe0e6eed57012683840328de
SHA256 dbb961a0bf076a00828ecd1670410c4a86f4675233845c6d7e67b9cd46586b79
SHA512 689c3067b477ede26b26ebc0472458a50a051361a2565305cd0dd0d6f9610c41faf558a8d5a48b5e55dcec14245bd9743e452f7d15aafa38582f6d9cf3ad063b

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 e1a2cf35e5a4650e865b3e7b30f4e3ca
SHA1 6affdab68b73254e58f165eb7ae2a0911ca272ea
SHA256 34d283989ffff2b61e6233d62df26ba808ed140e9552d94161b600f21e225096
SHA512 2b705e53f55452332d025e581d35acb6d3e1e22253635a956969ff8ec079010fe594bddcaf6d6e54661085122e4c7222ba79bdc0ccab159474afb7d38e19b972

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57ab05.TMP

MD5 15564450605458eb384a485cc8dd7518
SHA1 964c0384454ab12e3cf27d8bf937b77da675b58c
SHA256 a74415cf5da7d6c9a5a2808fb78a2a777e7da0cf24e41d93f57857231b641ec2
SHA512 37ceff1779935f96ba9d0cdcf66025248c851bfa74468eb5bde32e3ca32157762625b4045faae1d14b55fe1eecc8340b000b062e5e8dbb62d9f7d3f0bfd347b2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 56eb2838d23e8ec735aa2eacf5ee26a4
SHA1 1844ba07c7972b8c3755802cfcf066e71fe67ef1
SHA256 1757ca23e43d777c4582a58f616cf2606b08cc7add2958896363bd4e8493c1f5
SHA512 348cb6a29ad667d0a88c4596d96393c6e5a3f260bd1e14ce2cc08e4bb2bd354bb844e340abf140abd8b88ba64f01856f0208d1d85fd94314251a4ac676714939

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 956055cf9613a46aabe8d11be0f931a8
SHA1 fb14aeda6e9778a36ba24f9c2462ab1f78e205c6
SHA256 9edaac55da766237c1f85e745a17dda4bd5bd9d0221255f33a3b284ea51e2562
SHA512 fdfd5d77bbdc39e3cfcacf27d821d48c16b7747635c777a2943aebb096a819f11a6875ac9a8dad569de61f7e07da6361a86c2c38b6a2298422bacf69730baee7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9f3827f2e22d52086918b0e360412f54
SHA1 31fa13100bb4b5f5fa9314f7da3827f88e4ae8fc
SHA256 b125d5133ffeaa2894e1d7161a2b1197341415e3973df440cdc559ad42e0b175
SHA512 6062e1f8a29ed34ea13268679ddce45c2b8f6fb3c2220918ce8b35effd2de2fc97619e6563beb9ab61e47f4ec661761ae3c1b40e9e30fac46b6d4ef2159257a7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 bd3e673f5c7f6056f717a5495e0a66db
SHA1 7c469f3c78c50521667f86c1787c069927c3dc09
SHA256 9c816c730ade80c677629e228dc853e531bc7c00709e7d26c61cf12aad0ba8b5
SHA512 3fefdef6ee51845affcf78a51a9600bf2269e66295c1b0fb93776d66d6da617a17c44721bdf585eee8e2bf3fa33e2c83bc0b8c7e6c1ea96981fc08dde583005b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 eb23bd6c83f7d8ebfd61410d81f60f81
SHA1 6856761f9563267fe2e821cb76c1d58ee87d171b
SHA256 b7a7eda739b8590a8b82ad1c9d612f21f0cd2612a1a0605c012caae45f63548b
SHA512 7f298ffd136cde41308d428a3b4324e736bebc13ce7d371467a90f122e99ed3cc56f11711b44e46ff5f2ed798a26bda173fe27754726b7c2c0601823fdb091cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 fb4271fb3f687e2b2eb079998d6a9e40
SHA1 62516d8c84db1f6bd18b1c98fb8b9b29cb7d578d
SHA256 275a4bb5247913953a92ffc2b1c17b1635d4f259a2c25dd81b20f006dd7fbbb9
SHA512 7025432cf76134256bebe9ed16b1286440720371e87258de2e76bde9a8afcbb317666205a54fd4ba07e91137a978408f21ebcd8c472e38e1974fd7a72967e833

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 cec97474b3ffa2bfb52008e2ab77951e
SHA1 8468f7aedb6181177e2f3a0853a1a672c6f9dce2
SHA256 1c760743c4d6f8cc4aaf3da212471cd58cc1d835b2defca6c0950bdd182c21f7
SHA512 f8de6a9f63b74c9ce5a7a9db15f125524558104b124ffb1bfca9f04d2d39902e0d2a1f575b7a65a0106ea8bc60174ce67f70c3450283f4c91d50e163e276ddb8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 233f67fcee32aaabb90c3edb43ac9bb0
SHA1 c36697d275103f4fd849ad1f1ea8033e213757a5
SHA256 218d872bc95c7cf64adecac8e1fbc7ce075ce650e99f2caeb6bcf82c059c9818
SHA512 8e93c8ec3e3787f1833cd9ade1f0e0fef01e4517b7da5c2b3aeb8349b63d2c4be1f7ba2138a8cb10c82b6d95e609bef6317290e035a749a2549b4693fdad3aa5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1069d9d67ae9b018dae7a9c46b3c4944
SHA1 ccda4db0792567b78fbf30c9fd5af1a7abf1571e
SHA256 e871d4f79cce76f34eca72e88082e6f9593782476df3643346eaf7270e9626dc
SHA512 4ecff511db7d743476f2f431123c1d023b321dd2f5cfc3b039e3ee7dd536b5ab557f42c89ddac22090981bb60a98dbafe101fed05938905c6ce38a2103c34ad8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 adbf01378671ab68e31acdbb80ee43c8
SHA1 e35102bf1d63769009d3a6bdb0c09eddbdc32995
SHA256 f3c48ad9d81c061231092c9c2ec8e64ecf2c4456f2279c8540049c17297ae107
SHA512 f521f050f29f70425cf498f4b6be40ce1ceb4ecc51f6a2675953306fe1d1780a5a3209bfdcafa71f474ced8e0f19b58ef4e66058d42666a72d5df547c09c6c0d

memory/5008-244-0x00007FFEAEE70000-0x00007FFEAEE80000-memory.dmp

memory/5008-246-0x00007FFEAEE70000-0x00007FFEAEE80000-memory.dmp

memory/5008-245-0x00007FFEAEE70000-0x00007FFEAEE80000-memory.dmp

memory/5008-249-0x00007FFEEEDF0000-0x00007FFEEEFE5000-memory.dmp

memory/5008-248-0x00007FFEAEE70000-0x00007FFEAEE80000-memory.dmp

memory/5008-247-0x00007FFEEEE8D000-0x00007FFEEEE8E000-memory.dmp

memory/5008-256-0x00007FFEEEDF0000-0x00007FFEEEFE5000-memory.dmp

memory/5008-259-0x00007FFEEEDF0000-0x00007FFEEEFE5000-memory.dmp

memory/5008-258-0x00007FFEEEDF0000-0x00007FFEEEFE5000-memory.dmp

memory/5008-257-0x00007FFEEEDF0000-0x00007FFEEEFE5000-memory.dmp

memory/5008-260-0x00007FFEACBB0000-0x00007FFEACBC0000-memory.dmp

memory/5008-255-0x00007FFEEEDF0000-0x00007FFEEEFE5000-memory.dmp

memory/5008-254-0x00007FFEEEDF0000-0x00007FFEEEFE5000-memory.dmp

memory/5008-253-0x00007FFEEEDF0000-0x00007FFEEEFE5000-memory.dmp

memory/5008-252-0x00007FFEEEDF0000-0x00007FFEEEFE5000-memory.dmp

memory/5008-251-0x00007FFEEEDF0000-0x00007FFEEEFE5000-memory.dmp

memory/5008-250-0x00007FFEAEE70000-0x00007FFEAEE80000-memory.dmp

memory/5008-261-0x00007FFEACBB0000-0x00007FFEACBC0000-memory.dmp

memory/5008-285-0x00007FFEAEE70000-0x00007FFEAEE80000-memory.dmp

memory/5008-286-0x00007FFEAEE70000-0x00007FFEAEE80000-memory.dmp

memory/5008-288-0x00007FFEAEE70000-0x00007FFEAEE80000-memory.dmp

memory/5008-287-0x00007FFEAEE70000-0x00007FFEAEE80000-memory.dmp

memory/5008-289-0x00007FFEEEDF0000-0x00007FFEEEFE5000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9db0f18c35fd02a3f9d037b81a402577
SHA1 43d1b5af9ce685086574718bba793c98379d6478
SHA256 10468e84795f97d07dcd6c62e5f7cdb8eb7ee0b3e9721f8a4f3321251a77742b
SHA512 9ac41cbdad1200b57919d558f8b2c04578977cf9ca9521a19e7346478ae7d767fabf417dcfd3ac92a221fd9e0c69f32cb53e87c5d05585bd083eac0a3768a93f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 3bfbc8d010fb6f37c774ad4bb9c48310
SHA1 7da509a54c2cff884a020a97dbcbb2cd0e071aba
SHA256 22286b73af4d6aa81ffab19b2e40799f88b599f6e7901f725aa9fdd9f2f77539
SHA512 7a7f1d31933315705b5006075b9a8860ac53c356372a45b931ddff15f74545a1bbdcc915831c1787c2f5d081373b9426d9341289ed2a4adbbec6039f6e018d00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b4259d22418f62734d631c5066096530
SHA1 3acb7dbd441981cb3bd480a988e8b3e934c48f89
SHA256 58162ca494076c5fd5dab724e1cf20a88b110509c6f894fddeeef709c9d03d5c
SHA512 5cfa2e076f8bc46ecaf48101c1c2c44318a24814329bea6cf4492d9a12c85235b3f87093a972c3fd4d382f8a9db79b3440abee76c56a24e59eda3ad18f2c4063

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b45e2353242c19e10032b64b1fe322a3
SHA1 fb3e6928b0c1af6e8c30a967e8826151e0269d9a
SHA256 1e0634eb2ead3f83d5e6a7cd683dacfa9daea610ab812a638fbc63bb912f316b
SHA512 3d00c78c1525cea1927395c64778ad5acd366601382423cc112f5096c33b3af05327096dec131c67372fd1bf2cea395da7060344804b2365f00817fe33cdb6ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 ae1bccd6831ebfe5ad03b482ee266e4f
SHA1 01f4179f48f1af383b275d7ee338dd160b6f558a
SHA256 1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649
SHA512 baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5d644a.TMP

MD5 c5834060f5698981374cd0e353bc62e3
SHA1 7ebb723b868575a6159954ee9f916c42aa04faeb
SHA256 5e0a5aab0f422805887244149717ac386f10da3ba8e22aba5f67be5fa6959b13
SHA512 5b91ac1d533cb0e0953d3053e5fa982bcf996938e0df5a5a94d013429e6408a62a60faeaa1d20a240e845e1b8b8ebfb7c4625500eb8acd898df8fd3c2b1aee0d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e663e785d05b502cd404fa95f0f4f150
SHA1 17c5ca051be84183743aa5aa786a4db0c30a516d
SHA256 ed656aaa96f5418cd1d9f7306f8d28acc9c7a8c337b78325b91211b529205d9b
SHA512 0276ec565d68c72aae3baf83b6d42baff3d6a0d7b1b8fd0579dc7943d7729b33c88b4825ff4b8ded1521faa9452fec319778518af640625d2add038c0a14d3f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5a46d8d2d1723fdf2ab78878eeba9b37
SHA1 ed2717dbceb0621fa4657d7ddda1c763dbea9b11
SHA256 1c21fc42e7f33ac9a342f5472fb500023c96af0af3a2107f72ed9e4808711bc2
SHA512 defbfb1c816fb2cb7968529944cf92a698fc6fe1177bd8ea4d18266ae429168c74e1f1da1b2616db29657fdeaba18b53d5b0fb003b21ebb2eb2ff75bf548116e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b79c2acd414beb7f988037f8f54ce32e
SHA1 208da19e87ba0e7173966e305c655e71fc7a138a
SHA256 d35106b3ad78ee4ebe3fdd706e11cb0c59a4f4f4da7d33bab3f470c1fc5ef9dd
SHA512 35ac7f0dda8e6769d5423fb8631bf3287111ea85d4f2cd66a282f737b91bbc45f62f993ede67d4dc3402c36c5dbbf3df75725da61354230b438ff3459fad48c4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1476e350436a5402e76896430a6904b2
SHA1 97fb44640c0231bdf08b0f25bc1e37c94c27877d
SHA256 8b28bacc8653c0e724131f7d1ea4f0209fbdcddc74108271d5bcf30a474f97be
SHA512 977c96382c8f686b59608d2b1b22b609f1fe3ff7162d565493aa0356273cca2647b8fd05ec694a8dfa46dd8e6a08b23034f49464ad70fedbaed1b4c9658629f3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4c97aeadffbdf411d87089fbbf6c4757
SHA1 d0b468d675af39f68dc42fb684526edfd23cf457
SHA256 e75050de88522b866e4652a33fc868a8057ec7dda97889ebf492e5d466dcb85a
SHA512 89fe9e28f8fff53dcd3282115f84bf946fdf8171d43e4aa898bc1cf717feaac46e2c1d7cd1879fe2e6f4ef6debedb3ef799e0ad6fbb8134f57d1c9590e606902

C:\Users\Admin\Downloads\MEMZ.exe

MD5 1d5ad9c8d3fee874d0feb8bfac220a11
SHA1 ca6d3f7e6c784155f664a9179ca64e4034df9595
SHA256 3872c12d31fc9825e8661ac01ecee2572460677afbc7093f920a8436a42e28ff
SHA512 c8246f4137416be33b6d1ac89f2428b7c44d9376ac8489a9fbf65ef128a6c53fb50479e1e400c8e201c8611992ab1d6c1bd3d6cece89013edb4d35cdd22305b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 df1137803dcaa96331cd22db18fc97c1
SHA1 a5a98708a706ad4faa9694d4dc8624c26282bc93
SHA256 b5ea292f9974511107b2f81a35fa71d883d81a5061f3fd33d7aeb459bc730cf2
SHA512 181214c63e0f4c9b3d7eee909cd6539dc42fb51703f116a44d69e5f0f567419065677fc8925dffe5115170fc4f0f961c715a3741e3e1753787e2e7a1dbfccd6c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 2d3ce0ce6a984feb3d0bd52173b0b3fb
SHA1 bfab94f197a5dd2ed991046acff860bf21657c28
SHA256 9218b2ab5a5b46e04deaaadf719c45deec728ec0fce4c8c294f15f052f93a137
SHA512 e5ee12238eb682ea79c1bbba1a2275e3a152679f8ff946876aecb578cfc5de9ea5719c605c40eee3c863122330f2f7d0b0b11a805f8f365f7d2918552aa47f83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 207f99a22ae498945f72dca6e1779bba
SHA1 6ccc5bbfcf047ee4dcb17210829188a793a0553c
SHA256 286b0284b46cff4f230daf4f65dd1d50fcc334731248b4f9f38336b5d7ff9792
SHA512 b72cc901b9ae9b8d3146dc99e1f136d2c01185456d4a3cf05c43783d5315742821ce9004e72bb743d05c56c813d1b09d9b695e7d538db64cb14504a896091960

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 53174e5bd7f1075f77b1d919aff74e19
SHA1 d51bb8a17771f92a60783f63ee55aa1a12e43de6
SHA256 17b63f8c67239cc115e14db59dcd66435d67c5defc4d09a13cb891512e2612bb
SHA512 b6f87507ebf0932f737b387c6aef2c4120e280ef0051f5d770289e5d7ba14c73b2e2fb1afe37a00bccaa0e8f462bdab5a58966cae8a9f6e1084305b9f122d66b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 23b6e9f3eeeb8d077500ef4a8148bcbb
SHA1 63038d697ad71619054057b1dedc875b5c676745
SHA256 1b152317d0613883a79bb8ac5799ae22b8784a1b353356d09dcb27f7b89a0e2e
SHA512 ba6395d60be3a7efe9f560ea280300e2fd013183855312dd70612acd68b8a33d65694d74b0bb9a928c711683496040022f387a6f02699e9a98d6bbf967e85f0c

C:\note.txt

MD5 afa6955439b8d516721231029fb9ca1b
SHA1 087a043cc123c0c0df2ffadcf8e71e3ac86bbae9
SHA256 8e9f20f6864c66576536c0b866c6ffdcf11397db67fe120e972e244c3c022270
SHA512 5da21a31fbc4e8250dffed30f66b896bdf007ac91948140334fe36a3f010e1bac3e70a07e9f3eb9da8633189091fd5cadcabbaacd3e01da0fe7ae28a11b3dddf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 75d7fcb3f8d60f187e2b90ba40afd9cf
SHA1 f665762540033edaa386fb85eec857bd2a5df590
SHA256 e3a7239894126323ee9694aad3545c3ea6f36476247f298b9a0bea05e2423658
SHA512 943824e8c1c2c9e9f15a188b29ee82069f99ca8bc398528f0ad965ffd0d48720f792b5806e6aec83599cd97f60d83a056e3eff1d0543c1ba45dd0dc6c8bb7a56

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e918ab9c6a9628eb1de6b5aca72a19ae
SHA1 712845b0258574c22d8575cd98f0edb84e1c15a4
SHA256 3679138db101089c5238f1bd9ef626124843a702285fad38571aa368b3f76524
SHA512 1c1478b2a459d9922405b6f610856681d8d6ef98346a98c812a4b257c969532e4920f0cd53bebd055efb210fc556740fbac163789f17a1d243feb5cd318a3fa4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 eaa3db555ab5bc0cb364826204aad3f0
SHA1 a4cdfaac8de49e6e6e88b335cfeaa7c9e3c563ca
SHA256 ef7baeb1b2ab05ff3c5fbb76c2759db49294654548706c7c8e87f0cde855b86b
SHA512 e13981da51b52c15261ecabb98af32f9b920651b46b10ce0cc823c5878b22eb1420258c80deef204070d1e0bdd3a64d875ac2522e3713a3cf11657aa55aeccd4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 4b4f91fa1b362ba5341ecb2836438dea
SHA1 9561f5aabed742404d455da735259a2c6781fa07
SHA256 d824b742eace197ddc8b6ed5d918f390fde4b0fbf0e371b8e1f2ed40a3b6455c
SHA512 fef22217dcdd8000bc193e25129699d4b8f7a103ca4fe1613baf73ccf67090d9fbae27eb93e4bb8747455853a0a4326f2d0c38df41c8d42351cdcd4132418dac

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f1ee406bb1edda3efe4aa106db2b9f2b
SHA1 03d77216d34f560b374044e7d36a8d0be8134a4f
SHA256 7d2e357b24f0532586f2144a1410cbccda5f4be03b6da566cf5e3d1a03f1a2c0
SHA512 d5c97d7ba5d6c9051e451d14002ecf362ac3fd780d315bcc451126773bfffbb5dc73ba2795ec264bc771baaab674ab75a51391f891abab1c45603b1b97c0656d

C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\49dbe2955480c7f6ef8cec9c4320c9868d9293fd.tbres

MD5 3756b9a29428667404b3f3330c11ad68
SHA1 0d9d331717f3df0051f33e245e082a0a2e0ff86c
SHA256 b8464beac9f409633692bdb0b159a3caa08f615b1c486a506ce5b12ff656610f
SHA512 6ce926de1b9d32b92d0c90172396e3aa73bb21ecfdff66a11dd481253bef0f63e9798520589576d3563af015167078b4631b730b7bfb23529f3d582f95134d51

C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\089d66ba04a8cec4bdc5267f42f39cf84278bb67.tbres

MD5 68ad81b662e88ebbbbf4b8c6e9168711
SHA1 abe8242eb5c3274f4d3fe2738e48fb39868178b6
SHA256 245154d94e94a03a5439b17b5746bed19268f7037d134277f85011a7ac6e6e77
SHA512 bf116e6297772c1d32a69809ead0558a17b1f7c589b98a0034c0cb285bfea3c1f7b6cd757b8e02f9d3f76c7297dc0664614dffa928cac5b28e34185fa962eb28

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

memory/5476-807-0x000002220DC90000-0x000002220DC91000-memory.dmp

memory/5476-808-0x000002220DC90000-0x000002220DC91000-memory.dmp

memory/5476-809-0x000002220DC90000-0x000002220DC91000-memory.dmp

memory/5476-819-0x000002220DC90000-0x000002220DC91000-memory.dmp

memory/5476-818-0x000002220DC90000-0x000002220DC91000-memory.dmp

memory/5476-817-0x000002220DC90000-0x000002220DC91000-memory.dmp

memory/5476-816-0x000002220DC90000-0x000002220DC91000-memory.dmp

memory/5476-815-0x000002220DC90000-0x000002220DC91000-memory.dmp

memory/5476-814-0x000002220DC90000-0x000002220DC91000-memory.dmp

memory/5476-813-0x000002220DC90000-0x000002220DC91000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 005738dc673742eb141bbca2de915f7f
SHA1 c677037f09b33449c8bd6c83dac323c47cdd19e6
SHA256 616b307d277fb974fec8d1534e08cae4591310f58f378dad0af2e94aa6e5cbc6
SHA512 9383699e7682ad7b68fc15003b9fcb4df0bb9b1fc598aea1fdf3ffd73e13fddb3d0112496c06038cd2a5e2ec3199ed8043c21617b3ff8dcc002378255b9fc432

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6d2dfa3ac3e6210bf8438faef3b9ce71
SHA1 2574ed455d199675193082f3d7a1fe2b441af3c4
SHA256 5117c5d8d564f41669bca6838530b0ce74a1821b129bea7774915ad10fc60e50
SHA512 3567026e6d41ba9cc0366adf367e76c2f76f1b2f2f1af271abffac2cc05a4d3c44d8401cb4a066e2d4b97fdf0f86ee68e5ec7280a8f6db194dfeb9e4b031a7c0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 7942a563431bcb6872edb3a0343a44ec
SHA1 bc7071fdfd9fd6c366abbae4f8489dc25a7c3682
SHA256 b920a9a36db01da20a7932b653aee550da26037fa32c9ea58ce9e69d6cf6047d
SHA512 51f8820b39150eb67b2eee4498f6a9e47a71546f51868ea1a3ff2e75202b94d2f1670d00d283419d95201cd133a42dc048135ceb2cf688077db2925e771926fa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 55636a89e6771458251c6778f4785cd1
SHA1 6e7917be19f16a89aff4f03395e0549eaf5b9fb2
SHA256 0d9ba556ebffd16a473599eeb4f9791a27c37caae5b40e03dff18b1469872577
SHA512 1557cacb1e579ffd268da77b63402ca95a9c40b67ec0ecfc7d384fbcf63c2661a06d32d9c25804486c34b5988f0d50881c2fc5b5137fff09f0c0ba9cc9156574

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 2f12047e2a322ab5428491685055565b
SHA1 83791c28692161d16d69fad1016930e8556c5659
SHA256 c96dc03989b76d3bbf692b0836d4816b7f84a819fb136a9be506799d6fe5e076
SHA512 3b1280cc355b450c0fb8572dcb246330363dbfaa1d48af0f1349b458a6d59dc20995d47fe768722e3de9eb5056618f44ed3f4196ce22a628f1219d7480028c69

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4d2b4914aa249052ce17c6bde66b3183
SHA1 66e0caa7737719f9cdbf70ba96e4349bd3480280
SHA256 3a1b104a437009e0d058662a8771958e4c51a4cb1716c20e741e105efa25ccad
SHA512 115f7361e296cd32e21e37df3cfb63a05dc9a3b8b3f1b1dc98259f3fe117d41303c62151a8fa8c7766b9aef1cc328eb331bdfdd7c07580fc292447703ebac90e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 09a86bed5244053e4d357f5f6c06b674
SHA1 9bffc74675de99c2d9ecf26d647a99f5331cbfa6
SHA256 efa1eff573429549c791a164a21896ace7f0c63cbf0b0c082fb895f4392ffa52
SHA512 27974f13fd96989005845c75c593badf70edf36e19d2e738c2e5d2738620dd6ca81f335681a9b4969f2566d04ac02fd574dcdf7b9588661bdd84a734a93962a7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 0d9726f43ae2e96b5f2ec236f79e3d14
SHA1 4bd600841acf5e523b59f74950e1702e153d2d3e
SHA256 6066a6b3cd93d129282a2620f454c7fd9ff37c232bdce244d324d6b68d958703
SHA512 12ecbce2d2bdbe81337b486777691183af15903ddf3463aeb82aeddbf0a2956817a48a2d492545ba2718e1f41ddd0d175e9cbffcc6171c5e5630c5edcfbed9b3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

MD5 838a7b32aefb618130392bc7d006aa2e
SHA1 5159e0f18c9e68f0e75e2239875aa994847b8290
SHA256 ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa
SHA512 9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log

MD5 854d982aa822d8df0075f05efcd2f8be
SHA1 07630238e611c4ef3337f4bd9b02e2d93176e8fb
SHA256 9b58934227e55ad581f447e00d7559c9fd4417a2017ee96429cc9bb89d948090
SHA512 d3adc45b74ce70c9bdd25e0a04186850072239d40825a07d6f6539cd0d7c26fe10cf946457755ee778f6fbd1eb8d61d48fd7feb858d845c907790adae52e175b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

MD5 cc260f15142cbcfd578cd36810ac3a73
SHA1 8f2c27f98d0b984383963a603a8e38199873cd46
SHA256 a613fe12c6045d9a0bfce5b48cbfcc29a31dd9b846e30229b35ef6349f5a20ad
SHA512 6f3307cab5a5032393e8c13d5558b24cd657e64396835f6331fde55b19c54b37c70ec5ee761b6df506f492d148a0d7b989472096726be4e4a9d1689e489e12af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

MD5 fdbc4091dc558b9f0a77ba3cf5d0b379
SHA1 93d633b6a1abd2d74702335b86fd72cae3e435f5
SHA256 e83fda1f22608bbbcb0eaa12251c3c6235b52b002027e0c2ec2c0170377a12af
SHA512 0e7615e345cb949001ef9cc5fd4f45ae426189f6a597b84dc01be02e9fa0fb38292f887f769d46b0354c22a5d5cfaa464acb0da167b0431b632d55c5a674d17a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

MD5 ae7d6c8e9ba5ad1ad3076f2e639f399a
SHA1 2c3b3662396eab1dc03d7c35800923b056d149df
SHA256 468101bbe2c1568393da1b2a6bbc84ef099e68cc1a3940b55ec968d296378ee1
SHA512 6b17fdc3b637e5415d8c76e8b5ee4815a1ae0f133e769d98ee7a8aabbb3e5d665e4ea723c31d047f47a158f702c0e9263f750b457c2543d0484ecf696f428d69

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons

MD5 992013e1460d075a756cff063ccc2bc1
SHA1 7ab58033dd1386dc290634f1fb44c829f3ee3700
SHA256 6001f5ae30e83988df794af0bb5a360ab47566b834ee44406d82571d19438d0a
SHA512 3a75e438ab3481370b6f1baa949a2a24bb4881241cbe0d26a498b9de1a0884cb239b76e3597e562adfd24f66589cff880a94ab705d265fda996eb2e28c086d5e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

MD5 850ca3497220c9c3d2b6deb55e66c7c0
SHA1 24848e0fbe390778a0759c64cfe4aad81ecf3365
SHA256 85c4f4c30ebab7ae69c19b39d6fc97ec9dbf372abc7ee88d37a328531553e2aa
SHA512 0414790eb2f3f942db167dfc7d732d69fdf48d91b7c4e258612b82f0ccdd49cee559288350840bb720c9e51b89ac9ca3d17673a5299571e2c75132857d7fe1ff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13361185369953344

MD5 304ebe2d15ae143c3416c406264a9672
SHA1 13bea696bdc3fe68239ce1a41e81cda71817869e
SHA256 c70fb06298771503484923761ffb8452c356ebb1b6acc8fc222450f166cd1cda
SHA512 98433e34ded6bbf95f1e6c6cdc6267763a36b628d5ab457ce0214d6f5502592e4e28a23321572632e7a083818fc649decf6efd4060409847f50699f7d50619e5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 d9be3138e381dfabd5056b651ea1df6c
SHA1 2013741f2924f54fcd5286a9a6077c1bbcdd81eb
SHA256 98e3128e217ec35906799f0b5af65384fecc381057f0cb33772b56bc7c7c2728
SHA512 7cbf7de5585c01dcb220ac22946410e19ef2c757f02358a0045209184d3c264fa80044e8768157e0cadf3324175374ebc25fa8c8dbee74d38cf270ef0769fc7b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\2269b671-4e0d-49cd-a6b7-3bdad20af17f.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 eb4a7a78ebd1d5a0142d024d49361cfc
SHA1 3b27d8445fe4dd24dde5b707b83044bd437fb702
SHA256 e9f248462ff56f4a7fcf28308c11f65187069746fea7388cb406c95c8419e66d
SHA512 49e34b25c535511744d7220fc49dba1045f0caeef6870ffae1ba25f096b0665fc949fe29eea39736b229aaa84172dd643db783a5a64b56d564c78a5e295e5f30

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2bbbd7d118a281587a474f48c6e2fde9
SHA1 1af796b78a4591798a0a68944a5481fa4ee9c730
SHA256 efb2baaca08a55c065e05ceed3c164dd0e80688ccdb1d585e71b06346236ed27
SHA512 ade3a1e8318b5210cdea9dd45fd095047e30a0b2931a202b83bfca52e693da69a45e3ba904c213896016a9020198a106be2bcf4415b98a230bd72c5ae883b4e8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c05c788adcf8cb91013a045ed0604df8
SHA1 3a9bbd697b28152bbdbe522b012e1a7a1535c52c
SHA256 16e441f40529d50c42ad0fefec1cbbfad68971ac02d0bcf8d7e668462e085aa6
SHA512 2ba7de7c0ec1fb340894e780990e80760522687c24b496dd5a0d0b408bbea236f1b3a8e5708a415c869b721a3ad05e16d8054a1a6884082d003c56a8eae6c785

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 3a4f9686819cc941160c56cc728d06e9
SHA1 14d9b6c55cd01ad7cc915506a63e12849b09f4a1
SHA256 2eb9a2ece07e2476fb7611efebc094201083957041d7b442eb0da4607b9944eb
SHA512 0b9f3d2a8158a796ad8f9bd107d15e8783e9816e34e93066dbc82f78b0b3a8d27966e698bff54b787974177bd7b76bdfc3c7367c3bac1f9857b8355459e40fc2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

MD5 893f0140f753f010033ed2df0ccef4db
SHA1 5a35afce1a0247f5052c528556fe23a3a57b9114
SHA256 20cc61180c63402d614de30998e960ba5cf68318f233bfdacc8a3d593c6bdc8c
SHA512 4d15143b0815a14277b04671dcb7cd3595fbc19db38765672689bf0a01c845876d4b1a116a321a04129f3f0ae7095ea7b538ecba021ce262f65ee4bb24392e5c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 a3e4783ea8668df305351d0e0250b43f
SHA1 9609772ca678af2d5d6c0dca951645eaa2df0a24
SHA256 fb92226b121516dd3f16bc0ae194ceeed7d18f3a9d705d6e0546f7ca6526c954
SHA512 ecff08979d29bb8026ba7f87d1a83cfd266f0525c634b1c2ab98948fbf8a053a7a68c5be8c0f17f6c5baa2ac18d28551ef74d642492d222a9e205070ae8b04cd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 2892eee3e20e19a9ba77be6913508a54
SHA1 7c4ef82faa28393c739c517d706ac6919a8ffc49
SHA256 4f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2
SHA512 b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 562397d45724041c54fcb822930cb7ba
SHA1 e4c044a3dbe069c24ee06457c07b6578b9e9a9eb
SHA256 19e0ff074c5b99be0b06e1513f591836cea81a9fc2d1b246aff5f1457013d2e9
SHA512 a612ddd527a5f8fc7f203a2529be09c116186b52c7a0c575ff6743ee7b9807ed1f2eb17c14bed6263179754b53cc4a17728117fe54414c0750c6fa4da53f99ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 11a396af756c0c7186b357b26aa4b294
SHA1 d0ecbe9d8e19ff2042addc100b3f55118863d29a
SHA256 9b5fd74036b4343a5bad096f4fed7e814ce2d81ff3ff8245360f1477580ca2ac
SHA512 ee4624fcd6b1542c51d4c19512627ea64e5a4673837679caca6e1bb835d57b46e2c0e8405c87647bf6a2cc1b30c6b061d6e2a38b97dc166d200f73b2085fdd1b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

MD5 11774d203f184525166273d756db7951
SHA1 4a9c35f2f7d60da292cb7a716b98ec87a45269e3
SHA256 f2bbd18bf1b27fff7e15b0adfe92e98e5da705cb3a562de65541d511ed43194e
SHA512 4dab41f69231eec1e620ec46d6f3ddf88fe005c5949e5dbaab6bb4b0033a99791035573275947494c191893ed99e0131bf8bacfc0257c8b991c58dca29f51234

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 b4e4c40ba1b021933f86142b1010c253
SHA1 8901690b1040e46b360f7b39ecb9f9e342bd20af
SHA256 a1ad4fde10e0f378aeeb97ec0aaa27bbdba9ed434a0334052f0230e09fd891ae
SHA512 452cbfc40d99d69d65271ab7a6fb62c87d123813fe20898d13b938c13d54efb2e33eb04e165f18e9e91b6a0d02b3282b8e3bf2b8c65efaa974022d14c07bcfd4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

MD5 26be0b92dbbb4a8e5666c363ee2c8e95
SHA1 79858a3f9c45a2f18a737d1e7b70e41fec20dd35
SHA256 5aa03346cfa7c1d811fc97ebfb3c8eb9682dabdd4222ecf44b8a59bc1b5095bd
SHA512 8801aaa926520ed23b5e5c39178a553f2d66c7b1856f490825fffc83768f2db500b090e2a5ba1be972090fd05f61913533a8e007addcb660d635cc3e251d621b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

MD5 979291e3d66abda2f400a97521102f68
SHA1 d1f58dc303dda80b77246868acc647e50b33466b
SHA256 caf0b22c7b3e2e592dfc4f608f1ceb5aba84ab3e5ef52245391ee1af792aa830
SHA512 e1b86c1eb3843118b3425f8c344b5daeb2bddfe1318936f6057e260bf043330e3f04d6a4b7ac41ecf10d145e9e73f5a9979a72e21ecbdfc0b35214949dea14cd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

MD5 222e70874dced71ddc58d83cb1e2d23e
SHA1 c4cd55091c4230c6ee0e613d52f36e57e34f38e9
SHA256 64913a5397dd88ae7e66539c54f9230861300eb5a883d78c683f3c47dd107be8
SHA512 a2b12b5f5f39cbca58e61c8ed237b1dc542801c074ba81071bdd206eb45e87dd0a844fb81a4b830b27c4f1e587f01a3832fd75b57b5fa0569ce9f52a2f1dcf6f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 76e122926c82b7eb16ab993d8d8a2480
SHA1 92c695bcd39e1b785f1aede62d30e068e457936c
SHA256 7e2afe30ca1379066f4bd73a4bed0f239ff995d5434e87246c12daed36dffe89
SHA512 2331777281ddc347a511c6ac7d75509f307c3f5f39ee435eb5918eda63e7a1babcb30aaca7468417d9e979982773560bd763613496388ee5943a0fe01da236ee

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

MD5 94fd864eff41d2466c55e3d0d47e92c7
SHA1 2c8ab5e8d1ac7f09af3c09de7575f8ad55706094
SHA256 b7b245e311013279605a274aacf18e2f9314ea6c275aa4c54f7676c63f9b9248
SHA512 4e1f2656222174c5442a5af47a63bc56acb71d8f34809aec6f33e15f6e15d6e8e81f72a8aff925c09bc2d4a0d9f55b408d7d8dcb7ec01519e431a3dd28e1f682

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 e953c7c5387a1af09e3dc99647bd7640
SHA1 e57bf47a37f4a64c5a281b7f2325120754249eb5
SHA256 0933d569f9ca0f1b48ce33624fc0f9eb9e4dc020d61328cedfa9ff754abc0a0b
SHA512 af3100097dc21426d4b8b7175bf2a26420df0f35339c0e61c4f1e40ab41101d682079f64e44ea1a8e5474f4809281a0291e019d445a619c532c5208fd816d146

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 23297744315e701982122c6112528048
SHA1 df3ac432b33958543c22fa8b0b38f1bf544eb82d
SHA256 e08160d3fadc4de299b9ecd66d060b4018357053a75e58c756fd64cac86cb035
SHA512 6e6cd52c13ae50cd41c9711d17f1fc56a146ae2c4e6becaa3b01547064b1e11e573fb48a182b13218b09891a63f37cfc121dfb99c55804e7d6e9794e90366dce

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 bd43b691c343fe562da183def67800f5
SHA1 aacf713eb0389d915e382df2357e279316285f88
SHA256 b7cc8580acba9dc32b94295d3e0b80a019979742f1f1b538179bce3d3f11fa65
SHA512 1d7f7c098146d51b93c29fddfa4737f8f4b721b9134652aaeb2d0620b60b5626a42966b842b4ebb9abba906407be2e1c51cba9c17faa32aaf16294ca8283e609

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 88d7a0a573af8bdad672f164675d6306
SHA1 6f38a9982fc3bbfbeb4d44235d6c3b21609f28dd
SHA256 d7f9de82f942d3f50286e9af82c64a74a23311cba7c16c940ca3330c97121e0f
SHA512 b40de6b88d2601edbd7911798c72b669331728fd96cb116d372383883166cd94823d7a091b9887df3dbb55da8e3dfdb5f7d73304c4850e62e0e8163c6812a14d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ae570eb0cf32dd0861a239cfefa95749
SHA1 0a66fafe7b415a9e83896eb612fdfab4394059a6
SHA256 89bc4524b3589bd97bea2d44c9028410cf4cd420cc02cab521bc2c8d849d9910
SHA512 352fee902c0a4fe195d5adb5c6da6e7d94ca0cba82248e99d7a55fbda33b2f3e06158ee815e2786d4a2de104b8984bc5fabdcf4c3078fe040c0cba7c22215bc2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 85741aace36f3c341d8f015d031b846c
SHA1 972a311a135851fbd26fea5ade7096098255e686
SHA256 7f2b4c1e46ea07db169db2e8dc383d287ad24983b876a32417d6d74f345d5552
SHA512 94e4d704d3ebfc18ec47c3cbe4d518d9b40c0f0abf017f56ceecc17d81fd4ccb2713e728a755d4687b442132eb3229b182e7c2c624dab800023dbf08bacdb55a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b5cee4d7ca99287c2d846c3cfb6255e8
SHA1 c27a4f27c825a2f78eda3ab99ca3da147b1f849f
SHA256 c29de8c4f11ba172e76e97a01617323ece301b5e3b785d5c82e66fafb65a5d0b
SHA512 cd3f12943b83a71cb39541f811c987c08baf7da949ac0519a257f1924514b3c21663f8cc2ad238e5f5c61a2dfaca6b5c2a1423d5a26c2374129337ad22b893da

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

MD5 2d04b00e9c75d726d42fea6267e7fb30
SHA1 02a9a37aaf8cf8838de60d0f1d4a7051be03cb5c
SHA256 ffe57873efd340fe7a9634e5ea6386ada9c5edd1169d10c31640c2c6daf6c25e
SHA512 47e5cd59ff0630562ad67e6fbeb4fa60f5d8201bff58147ac14f26ea8683469bd9bb62f6e454acd785a1dcb9a84df8f5de4010924007c712da990a127b415d03

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 27c8060f406548e3a13f1048ba8ba21f
SHA1 0d71ca6efd7ab9ea4fd905d9689d449741e139b0
SHA256 2184fe795c830d27e1695b85630dca7f33421381835590da9e60b65721edb119
SHA512 3794040679412343be08172c148b3d7bb138b8ad87507e83f7dbfcb4111d18496eabcf0c3a77fa6a8e3a4849f4d106521d864503f5f37685bb5504d95c9ae757

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4aa1254104139ad881b9d5cd570978ec
SHA1 749d7d3fcb423a27f7f376ab70133c4d0d76216b
SHA256 f109fdbffca0212d1c9665681eb736505e2139729a41915c4e941eb926bc3fc9
SHA512 c20311f033279edb1906fa7653a5dc915e6588da58b7ea91373295725fa71ca53912b368c799398a479439597e72a592ac53fccfc08f0a28116406924e694f80

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 e44e690343c68d632583fdce490902fd
SHA1 34f9a7604a9b2abe4e740805df5ccd8c30e1c412
SHA256 0ec39ff6090bb320364e7785469305933795c77f7c2451b3f09931525725c13a
SHA512 a6f3f320d0d4154998f7fdbe775e76da395a03fd4ba4df4760e79d860bebee5a533c61876f33f33dbdd88e17f77a81e0595d67dbfe3f6b2cf4305c2b7b01f3d6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 1b5614b9782a89cf391d0f9e02aa4594
SHA1 161e40c2362a16691ab5fc0fbe8f8a3a7dfb53bd
SHA256 0bd61f77cebf8c708baaf388d3630bde23b5644539a2fc38c7893e5f559340de
SHA512 ffdfa7379cb8c1fce599c26669b85806377930b809304d7e304ff41e5a2c8885c7e163d7e31781cf0ee0bbbd316d46c0b2f1ee2c26bc5daf93188ca6cdb9dd59

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 513e2577db4b92dc3f05de39df126ea2
SHA1 f1f88d9b9c1f2308c5c16a57d20403842ef1aa5a
SHA256 24524c0b46a2238778f1b4e3974051dc21e9cb2362cab5d61fb38bfb02fa3b9a
SHA512 43dcff515c58d030229432bc9fda5195d97c88890b81aee47a415cb0a370a40227ff2b03123f3c4ba0d2d4832b9f38ef2bd6acc6a4186e930d00f8c7e9213069

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f18c57b52319a5862e40c60f726d3dab
SHA1 163d6a5435712e92f2ee4dcc3d87c95b7045a7cf
SHA256 07685df08ca0d9c258c97cfd83e3c87681b72d8808e70f7c44a6b3ad0b479cba
SHA512 8af92b42cef2bff8f1b5dbdc20f23931bb697bd900c483f886dcd75ceab0b35685028e41088cd57bcf67b213f894721dde9e92b65563a1b26ea61fd5bdb72b7e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

MD5 266761d20f4d092283678fea92426e34
SHA1 b1b107792515631bfefd64dfb40f0870a35ce89d
SHA256 3b236019f50c37dbc8ba16bfcb382085aa9cd54ea30489b77a50e21f7f8f5529
SHA512 5eba4ff7b17bdd9a2c8a0bc7b66ac1d42a0ce85d67e19bd75dd67c646fee441bd640feff49e01cc81edb77f37cd5db1e91ea6d55737b39cef8222d2a620edc64

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 a60e4474c3b23864e7d75971c98ed851
SHA1 7cfc9d115f7174af26043161552283d217dac33f
SHA256 cbc56fc4738ccbf35889062aeef6ec992eb2d3bbd7090ac6b918491810cdc263
SHA512 f0ae8ec08013d49417abc7f38d5bd26bccd9a695bb72d7edbd36018530dd2642b6428a25de0c761c0b14836fb22ca5a653f5d1893c217ce68e806a8dfd3a9513

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d9795cc2d8bdb9c5ad31fbb6d73f6788
SHA1 9f7204bd811fae5fd38298588ead59d0b84e713b
SHA256 f4ee88158341210532479b3ae98aebb102f20c0e556edb7986b26b72bc3c66bb
SHA512 885ab8677622f786098189e5c3e312e4d15e992f20017b629b487936b5bb711d46a3f4a59112577e76018f795712aa7001b95e8a93969211fd512eb3c9a21123

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 589c49f8a8e18ec6998a7a30b4958ebc
SHA1 cd4e0e2a5cb1fd5099ff88daf4f48bdba566332e
SHA256 26d067dbb5e448b16f93a1bb22a2541beb7134b1b3e39903346d10b96022b6b8
SHA512 e73566a037838d1f7db7e9b728eba07db08e079de471baca7c8f863c7af7beb36221e9ff77e0a898ce86d4ef4c36f83fb3af9c35e342061b7a5442ca3b9024d2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5a019c2e2731676a535adea5dcc65d19
SHA1 962c804e1759a6f7e1a081f5a6ea27da0ac96267
SHA256 af07a3ae30709612dbc7ef5910e339ffbf4cc83ccaf84060937a21a1e1e6ae7f
SHA512 5df5bd860eb60e5b1162b29a261f8551ff54bdc6bb1afdb8eb2bc46a1bd536f49754256893af1d6e8dac6a38bd6e6b50ab4cd2d114e8a80763b9220333d1bca1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\d4c0ab2f-fc18-4a55-bfa8-b20bcb7b8245.tmp

MD5 6439fb920152790f45fdfa3d2d98d1ec
SHA1 a3f064c6ee2eacafab00e37f2cbe47d2a3119e41
SHA256 995369f79d8967cfc464fab7b6ffab6632a21d991457430e3683829343bab889
SHA512 2b02b3db49084bbc7e2c6878f93c21b603ff9c9925e2560fe54dab2aa85c15eb347f8371a3f1debceca6e4d735f49b8ad3537eb6048dd2043958bd8218e710c7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 581259729e0ce0eb1ffffd4abe869c41
SHA1 ad870392cf37e3c2af430bbdbe19a3cd60f0f470
SHA256 b9af1f6cea5085345d1266097660551b83908f3bbfbb8bc73c8ed7315710e745
SHA512 36f6136ea32a2628b7d06f97b82de2b98b2bb6a6916875cd82e1a9af5eacb030c4af7ed9ec6cebf7456e626ae9abf301820f49f1e0adde580d754e757dd91817

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 a8f235071166dd753b65ba14401317dd
SHA1 f53e6b1b7ee5354c6f165d7693c2e00c53dd976f
SHA256 faa74ff3494ed34db405c8d530ecafb095a883dc7db322a69c27203cf592c42e
SHA512 baf8c984aedc98e092e3e8070aff615ff2a3710cf9e0451d144b7e55027ddb2ba53c2382e44590b00c96c56d416447711abee02d55423c8c38392001661c6fb7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2a40bfae832da723bad4b419b1834eb2
SHA1 1283bfeee7193ad6ce7a56d2d7205807e7e88409
SHA256 560fb84254bfd98396d14c38571f6b1ada618f1b03e715421b7f83d17ef279ab
SHA512 5855667bcfc422cb938b746dbfdeb36cd5cb0ebddbc2af902da3fb3c4f82c2e46ba03188877f8141a8e02bffad0dd110ca73e01cfb17f39f8b4b031b4ce4aa60

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 1791497703aad57b9c715f57b17dac08
SHA1 5b9edba9cc7b78d7903bd91550f6157727b7bda0
SHA256 303fe47a845ab8228388082967744542f5b69c3c4e8b68e86a01f708fcbf3d71
SHA512 8463b8a399a605436a1b1fad9f56ee60c880924ad3aacba0c4258ca5abda701d944438d5921c39582f0a2c7edafdffde72cf4a91128a9521e3ebee67ba0986ee

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 79de19a198722fc23d818e6ae0df0467
SHA1 22f95b575fb9caef5d770334d72031518ec0e016
SHA256 f799738f51959c0362228d3300bd28adc75d4aee1a6675eafa4d7581f255ca49
SHA512 afab054fc589bfca300d1d20bf12ef3b82952f1abbb3fcd5a73ac18efaaab8f4f8a5f2e9d42f445ed2a2f740769f6af64f66c9b04cacd02c4d6840d9e944ce88

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000054

MD5 0f978383950b924d31b77aad56c0ae79
SHA1 4481f7635c1cf3d98c542542d0106cfe498446e1
SHA256 afca43c7931d9ddc33882d9a079772bddced944debbf84143192c4eea3292c77
SHA512 b8ffaaf2d63b9582ec4917e970b2033989bd414b9bbf2b9d3b5359aa4a8a15cd3206e556514483e511df2433adab4c8cef9b8a251e2fb942fe4e7d846fdf936f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000055

MD5 f941c2c08f149ec278a55f7db3bdfee7
SHA1 24b15cb166be8be824361ba53180cdb1d292af9e
SHA256 0f6c0b2a6d8a24a748eb606d40d97cebe53b9a8dd07c65ad07cc8e2ae190cbe0
SHA512 64b7d47cd96af8ee27036de1ef430372e4950a9b75d0b2ea6d040e941fa22cbe515f8a2dcea6415eb129fa00b6f277ad51cf376e82ef2256aad78d04707dc75d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000053

MD5 16c0a2c82dc0ab50f23123f7ecb11f51
SHA1 fbaef7794f352126af25aedaa99f1bc22d131f71
SHA256 5749a98e9383a271b4f6cac8caefea4d86a6b40e203a750d45fda652e167583d
SHA512 0bf3c5458b647601a1f28c194ac1bcc424ecdeba91871fab9178e8daf1fdf2ee956ba55bbf61b3cd2f54cb1ca008dc894e6a54730f5caf754c61d9ba20da8244

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 96d4c996ab13449c3ac95eb2f58a1863
SHA1 33c419ce641c1be618c3539e70457a7d5a6cf9b0
SHA256 31683a5fdc6570d77b376d54741c4c54d6f332db9ae6e4afe5a723759b72df11
SHA512 7c6749180f3984ffef15f405ae27155bf8ab86a56e0b16072581837b53555a43ba37a742f0538744589c32a39159a9858a30548c7ff9740eef572c45ac10bec4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\072525fb-60aa-42fe-85f6-5f29d950f876\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 60e3f691077715586b918375dd23c6b0
SHA1 476d3eab15649c40c6aebfb6ac2366db50283d1b
SHA256 e91d13722e31f9b06c5df3582cad1ea5b73547ce3dc08b12ed461f095aad48ee
SHA512 d1c146d27bbf19362d6571e2865bb472ce4fe43dc535305615d92d6a2366f98533747a8a70a578d1f00199f716a61ce39fac5cab9dd67e9c044bc49e7343130e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 480d857946d10ae2c62445ca71631be3
SHA1 8ef45e79a7b173aacdf5975e6cacae5950ee5140
SHA256 f02a016e138ca2502fe801a3389264b7ad8cd4a20addfbf0d6e1691a890cbc43
SHA512 6e380d66f9dfd2092193ddd384f7b772c89be3847acd52cc690f76f30f4f521bf77f681a88a59b8b661872a34eebe5aeda8e1ecdce0aa8277d38dc615687961d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 36d52a50f4addc098e24a06a6222cdb1
SHA1 eca5e1aebfc46a7538b7ce25d8e943d60ed63c78
SHA256 33067a34e0e60e40e739106c965e8e88ed0592b60eac7505b8115c1c0b02963c
SHA512 579a5f9abb0f856a3bb69eb018643757809fb6ec11e05b70f6373e84bbb1c8730c9100a0efae4bf5763f040aa0191cd7cc2c6a7d749905f9f4ce358847c74ebd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006f

MD5 b3456d0362c46c2b108cb1dd9818e491
SHA1 01895fa5d4f89ed55c64b308ae866a6b502e9b37
SHA256 f756a74b2a85d8399b33672b87ce71eaffc45a40eb952679420218ed80c0b37f
SHA512 94d7d9133a57e085e3795f4ebe5ae7d3e7c28909f1c0870695b01921c76074f7a6ec9d2fa53b5285fb51702bfb7bb4d83cf7921fb57ca951e535c1c0e275cf2f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 18b9e59aba6a269fbf1079b08d343b75
SHA1 eef6d75574af26d0f66618c737671fbce6cbea31
SHA256 4eed2038ea6fae3723e7ab81205d148c38a4c68a6dc1a8b6361963d9d7aa8097
SHA512 9debafd0ab95de36e54cee9c62ddf6c5dd2cb5363ad46241d4676a3797d3d85f69c4dc299d61d1755ba1f4ecd60d414d467e761cbf6404974ad9dcc4f3f6ee2d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 bd8460a131189066d0909d0c50901c17
SHA1 de2d4e7b52bde0d318f41501e7f817d17b17b3ba
SHA256 0d96c2f2e2c42649f7e4815b2df9ee3242a8e9ed3cd6d2ba18a8c12c90014e88
SHA512 6493a8caadf1e04bc7acae4df8a864098156c8b850c2f3a1cddad5120924df38c0e80cd8883e4c6f8be125a98af22ea0aa7c7b7526914b9180c2b99f38272152

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe62acc5.TMP

MD5 027761c9038ed2ba8f37ab63f1e12736
SHA1 d209cca884a266dd961128b91c3a6206766cf274
SHA256 e4229f74af7ec4368779399c1da62f89f6a8b1e468b28771e0e4686a76849889
SHA512 bc926a281b8e87fb64420c8dd4d12e355ef1b6139ce3b656a02ce75bfffc633dd8d21f6dfcda30a070da109c70b09fdd16ac141f93e385f3ffdc13329f7229dc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\56ac31f5-16ce-4a1d-b871-cc71ff7c21a3\index-dir\the-real-index

MD5 161e93316558bb1216e4d69916b0c871
SHA1 a5c2c7089a7e3561b365359631905a1edc670e4f
SHA256 c296114f0651d1767f972e7823ee1bfd17cb7a1cdfab5a10360bb8194a7941e5
SHA512 b7892a02e7cbc31afcef3b4ddffcc38836e16c86bca9b245df767cba92d6056e256ac1c132d139664cfd3339a2cabf38b71b3139d7a326dc3ec1b285fe37d4e1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\56ac31f5-16ce-4a1d-b871-cc71ff7c21a3\index-dir\the-real-index~RFe62b1b6.TMP

MD5 4e16ec82b96e9b15e625a5a3b893aa60
SHA1 59631588fc778519774aca1c3d279f3a65fc6650
SHA256 69262a64aa671fd52ed8355bd8410db05645640012ec5bba63f8389a7b74f55c
SHA512 cf3b5698afd7c18cdb09fedd671f96b00485300d3c52059b54090ed843b712e9c1d541f4a2721c9354b4ba6164eac5fe49e43a08d01ac77b4419524f2da45b94

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\index.txt

MD5 4b2c2d9ff7fe20ba5e7148070de95afd
SHA1 99f54a0867ed17989216aefbcc2d27e5f3b14a6d
SHA256 ec9e13aad380227631b8e7045187b6c8e2aebc08f2a4fc3907198d6f47a3ec2c
SHA512 f2608a11895a9e33966565d7afb69a67522baefef23cbbc4a78e48692e0ce896e315a2573cc47649be65c5af3de366cd81c3099e5e66825026c15a16b001fb80

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\index.txt

MD5 f8c19ef08b00a3fa1d98da9b3d21cd22
SHA1 81eb2f4b94f13616d6fe23a49cf0c5ae9c260b59
SHA256 6d9be9f5fdb060a059479e2b04cf7fd0f66ca88e4f15ec8e384285ffc94a8b1d
SHA512 2a9f4fed6261725b27d157b13437414b0c7cfbd122dff80eabd780bae1335cd72c48c055fff49d976bf8f0975253b1712de842b41aaef96083409a2b3f8d9e2b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2fcb3268c94b22ee0386ece6aef6b2a5
SHA1 68faa936b698fc69980ba4319ad6826b8c8137a6
SHA256 e17d1078c6ad8ba4daf6da3cd0d07cc91528af336a71c12b11db753219a2ac48
SHA512 7f762f022b5f1a6db9a54701d0b227786d220e698e8df13ee79bfe5d4c4c4631d7f4196d5da1abe44db7d9976cb89cf894951ed2b5e90de708ab827e692729ea

memory/7072-2399-0x0000000005790000-0x0000000005791000-memory.dmp

memory/7072-2398-0x0000000005790000-0x0000000005791000-memory.dmp

memory/7072-2397-0x0000000005790000-0x0000000005791000-memory.dmp

memory/7072-2408-0x0000000005790000-0x0000000005791000-memory.dmp

memory/7072-2407-0x0000000005790000-0x0000000005791000-memory.dmp

memory/7072-2406-0x0000000005790000-0x0000000005791000-memory.dmp

memory/7072-2405-0x0000000005790000-0x0000000005791000-memory.dmp

memory/7072-2404-0x0000000005790000-0x0000000005791000-memory.dmp

memory/7072-2403-0x0000000005790000-0x0000000005791000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 007802c47fa8bc5b5c824d5a31ccd568
SHA1 7b5235d11f18b27b353e72c89142f8ebc4eee37f
SHA256 1ee9d4e6644d0e1c0bca6d8dda52432f27c93984b70ca894cc40068f09531192
SHA512 66139991640d2eda7b5a348c56c2c6592a88a6b56ffd632a7f18a16ac2933bdbcd58621fbec1c2b1a43959c19d885ac2f0ced04d00b997290f1b2166df48cd9d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 dab59bcc1b617889bd110adc448a88a5
SHA1 8dcf3d74f5ede8b3538169a6e9aeba69a0b609b8
SHA256 c446c274443ddba2eb698446489cfd3093b30a0b75e787d36bb68d8ed8bb71db
SHA512 3e1ec2fabc0aa93ccc85513795d81f2ccbb0d206e8814a9ed529ade2c00ce1ff42432126c5eaa4e7277a2d29f5112b448f329a2abb5c8fc43b7f5f0b8ec04edc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 dfa947b737dec33e2b545cf4dcb4d07a
SHA1 ede5cfb7b01fc8d75daf18ee29da33e10530912f
SHA256 6df4e81709a859e9e42d14c1d8f9b6e99e068a917adc6f79e647b756eb000250
SHA512 b36c89005155375edfc8c516f705765921bd23628e95a310a9b1f52e9fa8e3acc67ed15fc2b7db67fdc447d012ffd327bbc56ef0edb813f4525205be99f7d878

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7b5cd750b39985306066e16eb844fd78
SHA1 db6089936df81d36a4548d236e02f767f0713cce
SHA256 6189e7a298cdbd47481dee8c9e3b401b75027c9d2c647c31fd3afb64ef6da312
SHA512 91ec148ee197cd97f3365922a12d44b28bb5426be567a1dab7c9baa5f124874d26dbc10a08073d1da1b8cf85f6bfa3583ae70d9d7e72eb41f4d6801b6c6ea4c5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 aca46c80d5e261d8c3abb6c4aeb3b329
SHA1 af3a9b5d4e86ba8942aeec7693f1b5857e8dcd66
SHA256 a80dc31b9eb9cc0d7d4d6a66f88a21e8b6da438999f38e7212d8ea6bd9ab6c3e
SHA512 aea8b408deb6c29919cfeedf7a31f643468a3461c6bee1d6127a0d0c82f56050005bf9c16983982436fb01a4f4bb4ccc517af1833f10f40dd2623740fb02bcdc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 4017b708c8b24555daa209d86d046897
SHA1 199635d72704bb6e452e0d464bd535418cf18d79
SHA256 5e0df3db6c231cdf7658b9193b2a6816a35654d52322203d8941e4bde1a85531
SHA512 83e146afac0a116ada03696849f21e69a139754cf2c41ad8d951543e16e87f2a9f542acdd254f840098169b5966f1ac43305fcb166ca1f22ad702f38628b8b4b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 299fa6157e8c36945c6195d5df9ded56
SHA1 062779dc0d1036ba87ba301397097a4d99da304f
SHA256 55d6f8227e0bd4202445964efb1af325872540fae18a7a1d3800c922d16295e6
SHA512 b8ebd65f5a5d911bffbb313130a9fb643a2cdb8b70badcd9932ae2f0a49c1de12b470ff5d251af99ac3257988e871a60ad1f07328d9b576f166abb1f65560084

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2e821ba84d604f412b983aaa5615e84e
SHA1 2f4ac90539300400fc6e492f26807b271e3f210a
SHA256 f91853fb27cb26f20ef0d253b2150011623c9a616738c84df97f0804b2dd033f
SHA512 d811b7a7976edd031e7ddbde23c24dbfbe13bec056a28104d78ceb2f1fa5a7204404bcd3e91a63d1081c30473cf713f0bf6f23ec448f58a6e81a9073428d7378

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\index.txt

MD5 730f0226586b78289679f59306383a8e
SHA1 c7e93ae8e5a7f6c2ecfe4529844c819d7039f1a5
SHA256 e7ab119132c26f0f9fd43457212c97f8f4dd662dbba803e431693af96c96a3e7
SHA512 e3f87de04f0c695813fb2151a44b5d55fa364754d5e8a19cb64b8fb2089950a03cb4241909eabbcd0044a26dfe42baa75749d14544feef8ccf00ba66fba19f66

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\index.txt

MD5 461b09bc25992b102a364f8525b1d5f8
SHA1 33eb26f8ca1d9290521fe775a4cf4d3e65069c7e
SHA256 90df388e5f52f10caf0bdec9bee3f2cb918332544e2b1ecef0d9776735aaf8df
SHA512 43d96b9ec7cefcf28ed76ec54fa877f701e9d3d21e32caf5f113dfc8f37aee7b2e6828b6a36b5b181c3b94aa3a043d8ac06c01758880bd0638a0f6937557844e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\index.txt

MD5 b6987ef716043306d9d967b907c74a08
SHA1 3fd7367a9d362ec7065e2c09ce9ac01a7bc97b32
SHA256 dddbe75a3d3c62c7ea5fa9aada950f36106393e50b5a70963a17fa6f01aaf197
SHA512 9b22f0db442ee7b0d0ea1e2c0a9eff293653b656756da0cf66cd76486341d43bc997698fae92084e7083a8c23049c5120479da1556a39fdaead66126cde9ba07

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000057

MD5 2822b1de017776605915afddb435791b
SHA1 306240ff8431e3bdc8d02138b3264a532cf71977
SHA256 923de313f6ebfd20b26ea6223ffa0deb1c74147d2077bca89b8961b3a888d086
SHA512 2eba16020c2dfb4fbdb2584900d0903a8d4ffc9b24735d426fce1e5c42c971a31a26ac2417a373a39326272046aeb0ff7ad0735dee9eb6df3d7b512316629f7f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 cb9003d6fa46d78ba0457ee9dfef4cfd
SHA1 40f32c9d5d22c960d3b465c8a279d5cecbe9cbee
SHA256 27e12cdd62803e093f8c58d7de06aff398fb52bf245238bfeeedd20a98c11134
SHA512 6a5611eea8a59bd5b855ef050807bbef8169f8ab0488cc855d58194ba846cc65d6212291ea9843133ed173f39c6ffc058b66a8ac8cdd5c5c6c8d1a4190caaef8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6bdd1b0ff77ee5c2baeae824091a3fe0
SHA1 1b2cacc5f05494845f767927bcaf3248f5eb2616
SHA256 5fb1a8a54523d49b497a69f5b17773567b6bbfc843ebc78b4d16d6ea941365af
SHA512 62aa4f2a3f2486d1f33e2618b76113abbe17a91b05b7c6ce4f1f9322edabf45b5c95c038af7f84597413e9e61de26a5c40fb31379b5928e148fb33d280d45990

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e2a93bf37d92e7c04e24d8d875845cff
SHA1 38a514cd32272ba641bc9394627b8df08ec88504
SHA256 56a083316c1505a15066de9edadfbdcef354dec6fc8bfa549e7ff9c09034f0bb
SHA512 f496dba2fb2ea2677caf37984974433c988e842c73d02643df8eed0d79c787aa779932d083f8d97218483cf76314fb3f34aabd05f673b2eb9c86d7391b7d63f4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 ed5400be9a5f746472d86c5665946071
SHA1 0c29054ade9019ec51e90b144eb8bbf123fe65fa
SHA256 82155b6a421ae73360ca2c551cf4c20673cec076df91f8fb3fea8e7a6c8a8b9e
SHA512 81eafcbe92a7b5ac78e0f3bd0b042bcd3c25109d96322d23404bea42bfa6aa1f21aa4755612c58dbb3cf34c49dd2630c0c7a62db174b8cf9421cd1e5e0a5d0f5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1f10e28d6c52c0b07193b5d09390e54e
SHA1 631d60d22156431f00f1ad5988c2fa25fb41ff79
SHA256 e041d57f807d900844b9a62a326fe31bd80ebee30a3bf1d0f1979205df62b3cc
SHA512 64bc2f85e1249d3f0d1738f6164bf603d7fbf997ae2408ea45a14061794f9c223d71112a5d9bf8a12da78a2981d5ca0e2a0abbeb3d4f626b7881c952ed3f50d5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\73e7cdac-c075-46d4-9e03-d12dbe8b12f0\index-dir\the-real-index

MD5 1483a506072ce623478f9f331d9ca01c
SHA1 30ad9f2fe6facab3e7ce21a436dd2488b012eac3
SHA256 db259109dba6684a974487475c041073ec6de9505809f77bcc4961646ef67b2b
SHA512 5109e72f148be663fa3a0a5a480264aeb80c331af2050458ac2d67428d4ea7a2ac455a393fd7fcb0d0ea21a21d6eb79fca85f2ef65da064783c63420db76eeb5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\73e7cdac-c075-46d4-9e03-d12dbe8b12f0\index-dir\the-real-index~RFe63efc4.TMP

MD5 7f1d6a3cc58dd1b284c66544e68c21dc
SHA1 984cfa185c11d7f6b75246f768ad6095817edea9
SHA256 dae3755423fe0664a1985f7069dfff46daa2a6f0d432cb6e04b009d6c95cbb72
SHA512 a7e4cdf785e29ad31dbca6f560872d563ba754ad813feb75b14bafacdff299968ae29d203896387297af222fff31be73d274c31b0fd037a914575656ea52f02c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\d424c60a-d7d4-4017-8167-5d8dbd3b92ce\index-dir\the-real-index

MD5 f5bfa5a13bf1edd125741ba42cba9ed0
SHA1 d42b1efa328c4b8de2ffdb7957eed4e5ae728411
SHA256 4c64a3fdf4b3669d4fe9326d0e8f2f236187d0b58e099f17d7471b20cc93761b
SHA512 72f1e3bd5170f8451f98c84f72caf1308de35f63dc6c4dc05bff2783dd0d52496e339e930097322c1249fdd262cca972307d570bad1da38511055771a4825df8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\d424c60a-d7d4-4017-8167-5d8dbd3b92ce\index-dir\the-real-index~RFe63f032.TMP

MD5 179acd1f95f65199bd03c25498e3de3b
SHA1 05a9ef657908da38d709ee3249ecb40c095f85ae
SHA256 a1198c69a9ac54d8da965edc1d93f39a634fcd05677d2e8e44218d1d51a4e219
SHA512 07309b7e0e399450142b00a76460d1fc6fdcc7c728a7542dd3176df0ce160f332a5ce9c810c204efa7dd3bad4aa70c6c4c0cbdf76f8f9c58abf76c79830507fc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 405850b6f9f1e7195a52543a58a29bb5
SHA1 3d065dfbcc6e9ce4bd9022db556fe510a0eaddbe
SHA256 b8312973f816be5308712f8843a17c4a8398c55d0fa64072470d176383f4448e
SHA512 243846fe1e1e056a628f8c138dde23ec3107931921af074c0102142a8982a2b8aa675be75f315e741a02e55f9e0167e5e6dea1e84ae47e952a7efeb3670fce7d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f5bf458059e6ff909f2af31d827dd14d
SHA1 41fa768e9dabab4828d71fe91c9e7a60db258bb5
SHA256 b483df26cfe116f3a1ad483a7b35b371a12603a8e2d6b57f10d2c13bf3c52639
SHA512 2cb78d1ca319f4947f9b592dd354c4ab814d5a4610819694cdb0ca5ef2bd85cc899a2bc8b424daaa991033d699fecf489b510edce2e5d3a2048f715bc897b4f9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\4d189bc6-eff4-4c14-9252-4e40e3a2893c\index-dir\the-real-index

MD5 f4f14b825c53159ea053961ca30630f4
SHA1 f7c63535d43d19ef352f703182526b180ebdd708
SHA256 5b283da87b33c73462c9b9a37a6a034a86e3b4feb4d11ac0d40058c5d5dbec42
SHA512 0a5de90af1cb4dc2db504933979349e8fdefe731ca11cc3e95c44dd52c5fde6834c5d23655ae1e241b948ec5b8be384999d9b6eb56e640f9932fc68f52f4affa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\4d189bc6-eff4-4c14-9252-4e40e3a2893c\index-dir\the-real-index~RFe6422fa.TMP

MD5 5775c5b8ccc619429565ba3c32aea1f2
SHA1 cbe1877d940edb70de83d11c93500bc3a0f94540
SHA256 2505d7a882ca3db6f328e631e8c58893cdfe3045ce36ea02243e74e3e3fa48d9
SHA512 6ef2ef1c6a25cb90b2fa7173f9eaa062419d3c5f8f3fa01fc7b55a6f93581e431756d747036e13b7657b84e0dad559f71801fe9cd5c7366f78e7aeb1fd1948eb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\index.txt

MD5 e500e4d8700f88bb44eb5cc9fd41ec5e
SHA1 5714da21265f35a7bddc50fe88f7f01a9df80b10
SHA256 12bbd456defeda2dd5d45c3a0ac150570f38c8fb69e91ff7a7c60293dd2beeb2
SHA512 52d8f66d0fe4d80b5223437fb14a88ce265d66cd2e7649ed82714de7f5a50c77fe7b687f149f88e4f563fd1122aa2da72b1abd21e4fbfcf72527b6b833581112

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b29bdf159113f11869a55ec12168fa7f
SHA1 0cf98c52088907ab41d2874c791f16d71302a743
SHA256 a4f9cff6c38819e716907ccf473c61ec9fed1e085a73cd57763c616bef25c342
SHA512 3c37e8813fec1c06139ef24c79e1d6d51fb4c9545cbe18ae4dad8f57490369fde0832cd67f432dfa27006e95e00f885dcee4dc70d9d43d0d6945926b748cdadd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c327be0dfc76641bf15036d1d4314e8e
SHA1 7242239d11b0588833ffafeab762f5203ba90c63
SHA256 9c97aaab207d2b8c5e63f9b96dad5342e42371a2413d7e5abeefe88824262ba7
SHA512 2aff4a0b41efb0d17b9026fceeb8dbc617762e37c6b016bd6db223c42b41d2e2fb2e3affb2dbf37a0706c2f59d2d8fa26ab15245e587559c365446d2748deb7f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 cb99a85bef06c5daf8d3f96204dfdb18
SHA1 5a1330591b25135f3c71b50626e8e9800054e440
SHA256 090d3de3b8abf86ec5349c0f013ad04a8fde3d2ff1a49bbc031e6834d8c01188
SHA512 4e499aa9547f40206b313f6137b2c318e4a95c5752a4f51910ffedb5214625c48662b317403a6ce972ef6e7d96e9f7def33ec1fa181c814588b24927cff99a38

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 4a24bffb3287d8ec9486bb474e0f71ea
SHA1 c162ee9023580f93bc544d838123e073f2c14891
SHA256 e5918e3737c7aca7e2d61ae90fd739483d3b4eb018fc9966608adfa81fac6adb
SHA512 0a793e8dff00f745af3fc43bfbcc4e58012fddfe4f787ef74683bd4ad41c5f79e4a38faddd8c1649ec5fb37db07d230f39cb3de6488952c1c517f67c83775fcb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007b

MD5 11ca12d5425cc49748a83a00ac443a59
SHA1 296acac1347c4f4ad16dd383f37a6f7470e5c3a8
SHA256 c2d625e922d6f4494bc844a03479aabf92ebb48d4d764eb5bd1cf2eb2960becc
SHA512 548827d2a3f86cfc813d5b5e264560670cb2fa46aa4dd71ddfe48bc5bf9aedfbee882053ce3fbbc8c5e959dc6b10718479b76ead091c2dc30f907d56e53aca37

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 980ce0ba9dc8eb5de2f18e3d962db769
SHA1 0af70c4d351188e539d2d922751358b4c05d3955
SHA256 589a34e0969249ebf171637128835274aa701425ca612d6ad516a091e9119e00
SHA512 a77382eee58a016b36b5f51e9ea8244e9744d3d6d3a9feb1e7e6f2ee41e944ab1e39cd6d68d76cc7728146b03e3bb9742f73450684fe4338fe4a75a4fcbd68dc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 8adc30e91ec578f0e1ead775239a3e56
SHA1 1d227f6e939bb72c1a7572d3dd9d457cf100e548
SHA256 8924f16015c394c7f5ce82b25ee6252947051c0cef243d71593ad31beb8b9034
SHA512 f495318c3af088b0d4d3ba5de51bb0ad934a1a6c6f2e379ac0d46a33bb16cd2b947684425467d7a4f118759b18f24fa4e11ae73cfeb15e413ca3e15a9a873a6e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 64ff4e9e37facdf7656bb2720ebf90a4
SHA1 197e73fa2bfa8ea2ef778ebce854d84d5253b7d9
SHA256 a0fa56228df82415304ea32262aa0d27234ccb44bad33672e076d71cbdceea02
SHA512 a289152734a39b47b61f5d8746f2c07e9768791501bd0e1d75ddab3bb76a54987a421faa9c2afdd46045ec7abc1246102e81587a4d6c4ff11d39d99d09ec233e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c2a608fd736e0c9c1c7cf73503eeb402
SHA1 76bd2d06051650c3176d00ba2f200c1030b18c0b
SHA256 0196b718ca07b119dc8069b921d98b4a4a42792d747ca760f912284b8890e506
SHA512 f5b30e35651afbb32abbc1ee1942f84539738141c968ce96dbb30b47fc192cb2f4994bfd67c596d3efc981cffcb3609390b05a317757344dc0e0b127b11b1b85

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a9319c1374ee84dc8c79f2f13e2b04cd
SHA1 d2537dd6d096d6785612dd3192f824dcb25739b6
SHA256 274cd2fcecbb9841329bee9d5504f339551aaa37dd6a0fc3f377fead41a5c13d
SHA512 4fcb1b49367e2a090c61386fb2d073754b7b6c5f8168a3581ffc558665c95394c03a1a06e8a83e0e75840a68eaff9e44b6aa17db36cd29791fa8baa1cae2cd62

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 6e951d4aa439ae6c52dd95b733042953
SHA1 b256f5d235703c283101b9108853410ba2066830
SHA256 85561decde303fe356f453907b328ba81eafeeec9f08eb9dbd65cc6089dec831
SHA512 c089e290e2c4237bb91e389f2a97ea12b2d5fbf5334c1cadeba5bbee538e0e88ceb1520541c51bd5ac66496d29271d532497b71347752ace0a0671ace3647dff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 fba0e4d0a2a7e52573b1316611e8242f
SHA1 aa2bbb9ee7fa283c8818ac5edae677ce563aaf45
SHA256 c10425885836888403ad3ee8b438cd1c0ca9beb9b4967ab8d0c951e4c7f8a35f
SHA512 d58e0276500946b6bfb69f0524b016c301dbe1d5b51416b5a382e2fffe01904b4858d20289837f3a7d9435b073e65ea77a0986762325c547a866ddce16134eb8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\335e69ddec2b9ac6_0

MD5 947efb9fb12efaeb1d9f99997ad9cb21
SHA1 68d63a9c5b61d4ce4807b86d6e01e9d1cae7df70
SHA256 b46c7fb26b5c075e551504339109a2118c5c6872631083e41807a8c1661f32fb
SHA512 c8d1db4986f10d8f9e09999ad62775355cf08a75138453a291104aa7ff598fe818b09071bb38493076e7b1e8cfb3b8f13390ec5c2ea57d07ea076bd7ef4a5edc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4ae74487de8a2848282baaad789330b1
SHA1 de12c780263c443949711d68cf5f2449116a5e09
SHA256 6da3f0a93275edfb00ea7d25f161e1d96cbb1fbfe4bb47226472f908896ad9fd
SHA512 4bc00fa3d1cc8d60e96aebb072dd373571a30051222a9a2505f2d36ab733d97ec990513190d2f77b4fb8e492dfa69082a0105302a903a90d1a1e78628c025786

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5f438495d1ad44623494f9bd61961393
SHA1 6ed9f58dcf8b2956407624dfb12cd8a332724d16
SHA256 b666aa6386b36365350e3f2732fd1a1e60a0da02eb4e6da2805e1744579090f9
SHA512 b820b22e0a3fa45bc0bf5f952c0b525e738c5a457f03f808b19e05c401dd7cbc29d494744d1898c8c4d35c2ec5793e7205206139bff27b639a9b2ffad46c8d03

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 36ecabd458fddf91d2355323340b2ffc
SHA1 c3d2d52dbccf75fdb5ae6a6096dabab114d17679
SHA256 ff6059e5f69698790dc3f6d9f3a384c8c7da65aaee5af589d036323d34d36dbf
SHA512 b7fa175784d1de96b865bb27437fc52b1ddff1da45aba2eee6fdb595350e6a5ac3040e7c1fed689dda734fc796eeed045eaffcdcad28d936dec67c7f4830401e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a4d4a78e1db41058afeab8764608ffc2
SHA1 b8f3e1008189154bb8998d79c319a54fc8f0cd36
SHA256 5061966a809f0b6574c4ba8f09e3ea234d6251a095b3ab15161acfe03263571e
SHA512 6e7fd553f60e8fe8f7205754f9c85a4866d773aad12b26a98e266e4ec7b83a0a24e84373c6426439192ac3a8047a311fb94c3276a297ba7a72e06b1a809f2bca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 05a649080a810adc39e78228114a0f64
SHA1 5d8542a9298686a351a5a6363f402eaa93f7a2b3
SHA256 2ca99a01e8c8a954c0373c472f84fc202605d9e2c56dd8ee3eb35ba1de58a2fb
SHA512 05ef8a123fa3dcf93880e1ff4cd955d73f0de9fd52bbcd7c03b834b403faccddd9cf19e02f43337d058d4ebac99a97d1c5b6cbbde8faff2d1a49005a0b11a6a3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5b5c6fb8a971fba959bacef7036b9bd4
SHA1 c366ec9b324d554f04c9b7ba681942c6b5ce6721
SHA256 a2d80adf0e3f9d12c8f770e3e3783aa22ae2c4a1e2f6e12c99ad1590b7a34849
SHA512 009d00a79115f0e8696c904a5d17a25a7da3cd9e03497cd902e1dcbe0ac5eae06b0bace6cc7afc5d0dcc7bbf412dd18cfeb6527af39b3d7f5a36f0c6c7b68849

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 b6eaaf58a2802c645ff38d4864358b9f
SHA1 69ed403fadaf577229ad5b2af3f5e994a9759c1e
SHA256 d9ce2fef248cf350b05ae910ba2b8ce22107bf22a050fbb5abffe12a89abcd0b
SHA512 2c70df287252e901c896a679987325f120cbae5fb9c95b4f063930cec7ee8382f9cf396aa8df88384adb603059270ffac364a7c0a289e84dda3a2598a3db0cfa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7d3359f679b16c6aba0d6b9909aa9a71
SHA1 9218197ee89161c6711f617fd00d2bfa84ec3786
SHA256 ffcc99864faa70bb1879e1df5e35251142a5dfd98dad4374edb2885314938d02
SHA512 25fa3c2ec65ac0a33d5eec2d2b43bf55c40e25f14173d1079ad4d69c179cf8345dc957124120d19f953b406747ecc2070bda2858c2c9da88481f09e2fcdfb0ef

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 b538cc31df540c51b8718c877f5da026
SHA1 8740c0ce8a7717ef14efb007e17894e6afd48bba
SHA256 aaccc24bc5969c888393ed02196940d935914ec659953c4d990ff717d906abe4
SHA512 d733ddeff31386d4f2de8ef51df953f36e2202b0011f5883290d661347b888c2be38d2f9c0eab9f797c9efdc1aec76b2b0fc6c26c8dc9df07c6f606d46e235ac

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Browser

MD5 a397e5983d4a1619e36143b4d804b870
SHA1 aa135a8cc2469cfd1ef2d7955f027d95be5dfbd4
SHA256 9c70f766d3b84fc2bb298efa37cc9191f28bec336329cc11468cfadbc3b137f4
SHA512 4159ea654152d2810c95648694dd71957c84ea825fcca87b36f7e3282a72b30ef741805c610c5fa847ca186e34bde9c289aaa7b6931c5b257f1d11255cd2a816

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 ab6ab31fbc80601ffb8ed2de18f4e3d3
SHA1 983df2e897edf98f32988ea814e1b97adfc01a01
SHA256 eaab30ed3bde0318e208d83e6b0701b3ee9eb6b11da2d9fbab1552e8e4ce88f8
SHA512 41b42e6ab664319d68d86ce94a6db73789b2e34cba9b0c02d55dfb0816af654b02284aa3bfd9ae4f1a10e920087615b750fb2c54e9b3f646f721afb9a0d1aea3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 71b0241a7c5c5ab575783feef15e58f2
SHA1 32a7191ebf0edface493f6c572180744443d3db2
SHA256 b219607957bb931957af80bfa6d805008747aad9ff3272143913376cf41221c3
SHA512 599654f562b543eaf0f8ca9d66a5deee338bc4078b8fde3d2e6661f438a0b528214811ec98b514ca2643ed53dae4550d2241fcbf9c9d6859b63134d2496843fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 58b3d66a669a4c9f173d67a6278b3573
SHA1 07b66306472a435f7590daf2edb973f49ac273f6
SHA256 a5ed5e0bff22aaaae74e0f49a522c7324d8804fa2379169c8bee4cfdf24a327c
SHA512 85833c534649176e45c5e13c0eed7d1cbd2e97386892cf7d6711a488fa0a1fae1042a376a461c7b67e4b8581ed737f4bfcd93058c1e19daea596904c3ce85eee

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2b00b60a83cf23940ae6d72df1d9aaa1
SHA1 8e7240f2fcfb25c259dcf2a8214d2844a3e58a21
SHA256 e8a8a317f5a371bbe873f951aac14fb499b34e413e2c0631b2245d7510062773
SHA512 966d606fe702e3c7cceb13bb3f4c077eaf52f5660ca4dfa9fe9b517c546314dde443089d8311fb173fe8691a60678bafb68ffbcb0eada89d2e2e93b9eda79482

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 74fcd1fdf59f158cf2f87978214fe959
SHA1 05f87bf806cece23e5b99801416d57db31ed198f
SHA256 12bb43b296ad1ac6256969a5f4b7aede59960a89d59e8f258fa963aeeb06bde6
SHA512 5bfe812e31d5c042397f409b052042aed816054383c1f5d72f9b19de7eacf0386614b609c7f556ce87c0521ca41dfddbdd941357e66e9b43916fcba1676698f5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 4e614f70805e3669dd8b953a3ab5f253
SHA1 7cfe8860261b5d991413527ecbfde1f6b81ce3f1
SHA256 3629b33e390c3a5d8b82316c243901de6d6bf32a7fc5d6833e7ed9eac9ae9abb
SHA512 d7ee11394d9c18810e56f4f56dd83a279ce1cae54628fcb17e89c8c3924b14fc1e558fbbe37421fe09291f10074b14631a64f2145a04d31f314e912f7e98292c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 cba6421f76a86c8fa4d5e651205b067b
SHA1 4dc914c82a305a9ce5b8b757afa397abab63c1e3
SHA256 1f7df6cc1df667e678982bb1283327714612a653cafac7371295ceb154634fc0
SHA512 fba61ba220da9c6d0ee0a152428875ea516048e135184f541f9dd7f97e08035b0f962fb59de7f0e40be54c24cbb28b77e10aabdf59590969016f52d307960350

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\690bf741-3ce0-43e5-a468-e81db5331a80.tmp

MD5 e8499335b8ddc617fc6dc1237ca6d3e0
SHA1 a458a663e4235a66e93cdbfb4edb452988d57d22
SHA256 a7d0ca6bd4df3315890645c88d8edfd3e9b7def3d6bc0d03306b2fb5b3340b18
SHA512 520d44c758ec9913da9ed68981e84d53f2c238013ae705629870ba574c5079361e15ba71b56b7fd10ffcd41982937d13e9ebcc131f124132860fdf589e8e1a23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c6459e842468448df73e07494fab8707
SHA1 f806d09c8f4157e273db461c94308d1543664af3
SHA256 aa547259ab74f8a0199e257b0d0458f22e5b8b69f33199e6f7c33d1a1a13e748
SHA512 5afb38110fe51aa1978e4863ca2df7cf6fd66652d325354734bb4cd9c2d901909fbf7c1ee5bd4311b4fcd03f8c57fdc409cc8c5c6646ee93e2e041c9c9edcf99

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 f0c6784ec169982894630521f885c1ef
SHA1 4cd031b8cbffc96dbedc17157c6a4daf25271532
SHA256 c6b2d9752e8c9a70e10d58847455f30ba4083ea9a89bec37caf777ddb53d7cca
SHA512 48550716bf440b8c4d907c7d016461bd2a8e41079f51bc8676e6a9b0011f76a8fb3482fe07994966866d7c0972ee140aff6062e5c68d401cd259cd6a5ad69569

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e4e72063e873d56e60bddf28a98dd6dc
SHA1 9042cb9fcffc14dda5ad76a4627268cca36588ef
SHA256 b3f50760e6af0798d4ad7a4e3d5af411407edf845e2fe22953211139418dc8a0
SHA512 d0f407bfa0fd2064379fe3a828934a102e22c1dbdaaaf31a609e99fbe2cb1a05af58faec156e62ae19764ee6744dec29c5435a0d5f22ab344f721f7ebfbff02b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 afbabcf534020b5145ad8d3c2c401d61
SHA1 14939a271a2a927b7af0d7a006e665b365653b84
SHA256 4745baeb427e9cb56d3b04001d3a7571b0c99832510cbf506de87857591d78d3
SHA512 0c1835bb340eb8d4a3641ae4468300ba07c07f26dabde69783bc91a7c08e5572d0da74a6d6515cae5a383ca7e320cffd02088c688c287c0326d6f89e6c4b12f8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 c6c08e5feea07b6e752e499b9fa7bedd
SHA1 0c41583be8d2ec2d44434e5f1daf2172652d3f49
SHA256 bf8780181c00cb3b329f41b7e4242cefb71ee839575f5494443361e26f895406
SHA512 d2a43c73ae2d8b2e27fb07ae180572596cf17737e37c3d670b00f814981ad64b3628ee4e5d8e6d038e144b72aebd2df9932ef5c36cfdcb27c386e2035b51c1a6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 08a56fd233738f344965ecc537a3a1e6
SHA1 8d3eb21bd1df4a43aa117a7cb54cb12c4f61a865
SHA256 a01f84222cd634605b5c74ba363428d3a9ad8c77d13a37a87100a0ec8e180337
SHA512 31a5bd55c4d39362b6a4b52e780689d45f99953a1ce6b48fe56e3454b65eb77c7962fb2a247725f7fc0faa2358f71e2b4be8e6fb1b60ccaccfdbb3726ff583c4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 efd19e8d8deb98ceb428e946cf2a2390
SHA1 fca444e35aff78a46f79e4cad48b6c0cb6dcb1ba
SHA256 96f8fd3eb41bc7b037ce4eb81f5185c91cc8762bcd2c3ab2143c4bf18c345882
SHA512 b16102013013abbad103b031f44a697d3baf9800b6a7e250ee75c04d78b095d097dae1ae9ac82f8528b599169945b13054f8e968bc62e78dbcbc6fc9af121e54

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009a

MD5 3a548dd6563fc43efbaa22065715084a
SHA1 76ab4556ec89d75aa819569938f0f3adf80ec18c
SHA256 90885048ce409020bedd5b690aeee68259665f430c709d0c4bda5c3034627c49
SHA512 bf4dafd3b3a7a45df766b00ecabce9ec3d8e19f1aef648adcef75d3c1f840b7d02e9d3d1dac78452ab69fe5924536303a8eba257df99e098d954967fc9c90b54

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 5c14e1d41623e7f8bfe4f362ca3fb444
SHA1 5c4728b78c23139d60f781430bde868fc4b881f0
SHA256 e6f6e168fc230b3cac38ef263889a21c48fafc7363491ce47acd87c4e8183bb5
SHA512 b8a8861b36ea7ae43927a777ea873e9b261c537ec7a03f75e94a32d50b86850bdb8a50396f18c2d6515f165662e4aaa80d134aed94116c7c29a3306222f3ed58

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 310e9c2edff5bef9106d4884264498d8
SHA1 b007df75fed1729ecb79d53f7a97b53374f895d3
SHA256 0c686b5911376431f1de00bd98b43d06b85e6dc589e3aac27f9abc8e5b54b746
SHA512 044a52c09776b93e4f12b2035ceecf4bfd723532636c630f58c01ec9dc46e6eaed8e52f1ea00a7af0d9556f859b2a9eb6eb68394a927eb3813a3256c8a556593

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2585cc8e858cbe121cc5ad166413da4e
SHA1 8b352b241f31526ffd481a929b6de4d8fc0070f0
SHA256 806abe4530d36ba43178ac51dc7a23a3c93a5972657ba37260df07f19efd0bae
SHA512 9d1664d05f158b233ba30e6ee5e07818718e6a0b73ca5444ac104d14e32804bdd48a4f435d5cc7631fc09b791171bcf426b7a15f6d72b7bdc8aec10ae9e27c2d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ccb2aebbd14acbd7b59f007f08e75096
SHA1 cc027ff7a6d91a57c1f1b38dfe690a6ccd33dfbd
SHA256 7fbac6dcdec471212c2af461371e101c247651b04b92d3f739248d21c7731102
SHA512 dc54e6901014bbb90efeafcaa2b56d5af7b6660d2c01c7cb5397e3905ac3eedbebc6c6067798b0c861a582ca550606d308caa09bda1c877d3125f8269d572c63

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 5dbd247cfd65eb7826581ad2a278fe34
SHA1 2a38e65a2d26696137803a4e65839edb6f760de0
SHA256 575ee6f0d78cdad72c754851a0775817b29232655b8b7b147b4b5e14e6cd2dda
SHA512 e6fff1efa5220cce4e191bfec70daeb1532919daee528fa9b7dd6576d66a5d1d8274ea97ecb180ea72b4a987c1e6cc271d1133a549716fc8d183e533edf21732

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e0d778e28af33407c7a87b2753026445
SHA1 96317a9be13dbf3756bcd8e79d19a134ace7c035
SHA256 55c8f31a964a70d1fd8e7307a6cbd0b72ebe9dd8645be9a41b6d2f6da209d5a1
SHA512 acdcd7236d5d3e8c8d7debc0e0cd3de71df46b3183c94e1470c7c61f97c6340fd53900eb9cbda46d8d5c8015ebdb03c85f834b7a839196fe9dfa6aaebd514844

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6fc5a9d290898e400dbbfbbaf2744fc8
SHA1 08eb48703af323dc41c09a5f3bb563164a1e2db1
SHA256 6e02d23591dfe4681fb46f12a102998305e02974e09e4ba696271c82a4ec1ef4
SHA512 f8a8cf0c675a068fb5fc92b714de3232b7616c9f95042363c8e520df02f59c5d4d265b5563c25e3f95e13e6f9e36be845070cab700c483231d448679f8434cfc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8fe43f3c9e73d9e756f9d40d9b2dfb12
SHA1 4667755ee70a810095f2e827cf103a849e509c8f
SHA256 927d4f1e9661c2d220114bcc2d567a21db14699e97a6f42811c93143c6ccdfa1
SHA512 1d1d099b259a0c9a8e15823fa86e87b684473211e5faf8b77516e5858aaebe585721d36b5a2cc25bf95fb17cf5f543cc6d35f9c2065042d0036cb87c92bc999f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3f574d446371033b_0

MD5 29e9cc993ebd4fa07d9a57c94b413905
SHA1 3a72fb226d6c4da27b6b075f0f8dc70bc1f85291
SHA256 4ab03fa193a6931fe74470594750644763a2b11b4363cf8f82471659301ac283
SHA512 89f1e7fc8ed78a4082ad36abc9e9e745244e6efceb6affcb67e240ba62998f1e3cbc9ee6545dc824c7e6e9db43a64fbe3b5265c0cce6ce0fa5561d50b319e5d4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 b2b0324e187501311e5ff5ec3a91dc74
SHA1 3c8d6fdaecf0c6d53c203d8233970ae1b30f61f0
SHA256 403d81f0d980899304bacd400c45769fb0d0c99678a50e40614b8fdede2d8216
SHA512 8a081f92fedd3037d1c7c90a5ac698a12dfe6ca9a1ef3f2a19555e71997fffc2abacfc22d50ef30b429c4b8fae1704ed7001fbb5d1137e0777cb41bd891c485f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d44379c02cf77f2190d66fe73ac527fe
SHA1 2b2a64e907c2b7572761c65bcd4a62a9fd7e3643
SHA256 123372cae22f876d7e638e50c4744a02e4887f593e7505b85d271f98fb0f3fdf
SHA512 c935757648e8a686b23206e5032b6ab516f165362bb9678895f918d24b53b09edcb0d7272cbf510d44ea6fcd14c66c6cf7996db81259b6d1d3b92a6b7f7fcde5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 831aadfda29b13c6334ccc7a058fba23
SHA1 c661ef336586e6abe444d00589953df45ebf3407
SHA256 0d6ad970f56e8235af36bd763c938af099457620fc6fc8dd0de50a07c4e9dda9
SHA512 10a62c2ad563d8799d1fb583f1177c7338cf1dda878b000e6d7354ef46a1f5d4b354805a949fc04ba67a06720604c6e38f05d39a3cd33a772765727655f3debc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 57b8e199573b42a9491ae42310dc47b2
SHA1 d5d1828ae23f984098884883f0bb9034a9ad9f91
SHA256 42305509242cc35e45e1986dbf2f6406c01deb569b8ce4872119168baefcb6f6
SHA512 93c81611fe1f752f9ce587ef9bd0e3a9f747011fa24b140b60a65f75eafddaf1fc975dfa30c8e19430df59c3f35f6b1463516937664c65f464c79998173af471

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 cb2eacbe1f2ac5614b8f510abfb6550f
SHA1 f1afbb69db50782d04f0ca02b2cf95873f730a50
SHA256 9666a5a873fef0608133437dd78cfb501ea5ece70bb1a7cda2bef6671cf4ca6a
SHA512 651e89825284bcb5887496defc0890ea28f5931352e5170b479e6c1b56696ede0b7d660fbebdb0150ae51311eceac4795bfc3dbdedca10e46e1bea8f34e25ed6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008f

MD5 439f627c4d1fca1ef5e5e7d134da28af
SHA1 92de1dc4166a5da50bb53c16c9b80b5edf40ed2a
SHA256 67d8e86b0b173a1c0b470b6479c133099e222cfe13f064ca0a9f78ef829e09b2
SHA512 0814ef79e8b70cf717f568f209437910152d6a2dafecbd760c99073c88541c49cfef172655d9a3f23a267609ce35718bf4a7b4fc70f7db337c24bb7dd6a9502d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000091

MD5 1d6856db39beef9df2a13f87b95b0c21
SHA1 faa252a679852a23ef0e053a49dea4cc03d58cd8
SHA256 985b368abf43b23dec5b0ce963d1e3f2ea6bb479834f450abcdca1a6ad0f3a71
SHA512 423c7a4236f03af678c1deeaab74101f58ffe0f30bda46b1417110b7de393eec7c96386b08b52b65caae3dd9936e496a5f875cb9582fffa59952de12b8c375cf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 bd8d4b3b8e33cc8cc7a4ee3d14e8d132
SHA1 04f1827c6f750b39712a2537fcc8c75ebfdc6089
SHA256 2b8169a24555941d915ed39385c17a011535d5e4822d582a586ebaea135e2568
SHA512 08c95637da6c250254d4ccda4af05db7c2643a7f0bd1c137f19907167ac1ce1bee8dbfee8e7e85339fc7fc03c9af7c9e2255ea19e6926cda267868046227952f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7332ce9a6f26dcf84b89dd245fef9574
SHA1 b40e9f596f96cce85e6104505acb38dc19bad992
SHA256 6f1ab5a6f9a67a7ee1886333a8b1fbf3c385000acd4e6d3ff8b82423dd447e97
SHA512 0308628c5e0dc9e6e51ed045073d055ce67d6fea2534fc8924d7d04a61d037b4dcfaf0ba0f2c8cd5fd9ee45d15d0f26db8f752734544406e9eba8f4117fd78ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 f7be6235cd6673c0571a6d011981d051
SHA1 390402425ea2d8f95f825511fbdf9a1338553a20
SHA256 43f5f6273bb537b84492d3fcc3b6b823c9f6df5edc2980daa56504f4f668b059
SHA512 517737179386b68b4fdef2ab92f22811e93566f965710c6e423e09b4124ead765e8da55975c914d8106861a289165668d8f317605d66eabdae684bc1fc4d50e3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 fd0c193ddbd11d8f37eb6e197fee0523
SHA1 30e3faa9721cbb6830cfccf44b9c49af26486edb
SHA256 740ada74235e4fc31a51300f6d1884dc9d8078819747508b4444ad9d5b200c3b
SHA512 7e876df546a1aed7646329860260b90cef1d12ec1e4f5e249ad937855d57a9cc42b3ede447e599fa012048e2bd774fbfa5c5f3a94bab41ab967c8d19a17fa6f2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 e6c325bc0f4e8cd928cc74a633011785
SHA1 68fef56e5c52dc179eec0a4a1dd2483397490f78
SHA256 1f902b468102748577ffedb34950c529a7e4bec058118a865f0eb29790729f5f
SHA512 443a54b3a63fbefda956466bf1450e1dafb76963e86d44330595572275c36b64e82621dbabe312795737d788e7f560040a62dcd21e6422888c8b99314b4a51e6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 bbecf8be53fed34c0e5fff8de390444d
SHA1 21f150edc606995fe6a7cdac502be71e2456022e
SHA256 10ed73b4860ecf39a99652b5d6627ef46936fcb7a0844ab0f551bbb1cdb1c01c
SHA512 15aaa2bfde10d07287d5fcb67cd425f2e8aecff8108ef8203400e0d35e81f238f977760918e5905b40b5563d947c841407aa31e9da887a78dd214dabf7dcf87a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d80b1d7dd08f1f132fe373d45784678c
SHA1 43ebdb2f5e38b2ab1555f74d4c1e174060d4e4fe
SHA256 79c5d84b9d63a9ec43fbde452e91f19bb0ef0ff695dcf1a4ee21f24f851df1b1
SHA512 229325b8aa956d71011814d6d89c2b45f7987e57ddb8d34f48be5112fd8263af4ef86af99d0baa2ddc3d3530626abef28dd13e17742a1ef7a9342237914c2b01

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 404a7e89f7326adcad47df11326c6e63
SHA1 506bc6c0a5fa9fc7e19702d5b0a584d9af9e8e9e
SHA256 7e79fc3098099c55b0cbfc40bbd87ac32cf9f1588c13efd003f5d9c52f8ae527
SHA512 5210f17d253c596d17e8e029e08340154ece29df6ccf42f8b75335cd7a8fe3e42195f6732b4a7f220ae3a8816a7ee1770a3189c142cc564c926d54ba99e887a1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 056bc3afabfa9dd55729c95eda15b3ee
SHA1 4a1899b4538f2e37697d8ffcde6084ecaeb0d6f6
SHA256 46f676e8c58ae1e1b43e309d98bab8ddfde67027a8f097809a06d2e1a61998bc
SHA512 463ef646aa2e39b53531fc56bf784e7b93ccc462ef2135689d12a7bae26075c1c50f5af4e7ecc54b75d98debfafda8520ec1d976199b82961ef61c39f7d324bd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 d5e2ea45564112e23181ce4991fd67cb
SHA1 4188daf7ee845dc7cc82df6163dd574c70e90a7d
SHA256 d27604274c47c9ad49fa224e18f3fdbc557501f9c9794b2b4aeda0fdaf9012b8
SHA512 f7e8407acb18924d75746f8f1fd9426266236cb1c308cfdc82a7bab1a1fd14a68a659b390db562b10b7978961c8f8d42d976f7752db61cddb50649ccf0440df2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b4eb57ddd371a60ef754099ab25a3556
SHA1 08c90e014ccc6d4a472fbb49a7f2af4cfb760053
SHA256 39acf8facfee1b685f0c4bf3ce6f42bf4d881f72fa01a3b30b642729acc1d218
SHA512 6d33871e0e315a02eaaccfdf32f8ab437909f032c7aa352e1542f9f974fd1d3659e2d940432700d0a083aa6e4d154537d2b79fa5982468b65b2e551aa5a238c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 85a9de11e5f7a6c945d1acbca09de137
SHA1 e9dcd03ae85b4ae9079d670d216b2475eb62dbd7
SHA256 0464f2a39674e1ff3f3f1570c9f2fb8c507551ed3263e56553967617c5264cb1
SHA512 93a1f959ed973f198b7465cc5c9373d9cb8eb6c29884a100e52c29d96fd56c1feb4b532e89fd680f1f59ada172996a4f5be103cd1e0ee45375d2a32356ee3c50

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008c

MD5 90a92828b2528dbfcd7fd800f0a3bcc3
SHA1 e3b62be70033bcaec8dc12b0081d1071713bf9b2
SHA256 cd75931cf724586b3883e246f92747437c1353d755d629938b840568be26eda7
SHA512 d1aa77d6fe259de5cbfc031ea3327fce5c308690f068d78ed360695f5807af4930e1b3b7a6676f6847ec4704d94f7079bc05fc2c93985094fbf1ea005e3756f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 fcf903c27890e663d642d9d57dd36427
SHA1 7944dc35e21e561de5e7b6bacf38d1bbbce631a8
SHA256 ee2d168af39ea96dfa76725a09b41d2bc17b1ce2ef5b8999229b821cce22a220
SHA512 f497d7a83b40f3fda02816774a7aff69a6f42e3f6da08881f8e6b8a62149eb1209246280203f586820bfef3eeb947a2d0f3a59dd50e30e6358fbd7026736f31b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 662411f8260dfb37d11f72d2326d5783
SHA1 cb9e49e71bc12b11bb613dcacc223180827081f3
SHA256 6634bf136a48e87c9adde0a142055e2b758eeb2684fc5dac545cb438126faddf
SHA512 96e14200d6095cfa11cb3b6268bcfbf4dc0df3391398a53f4804ce1e01db21a54b534ff3a36f304b5fd1eaa14c3f77d8b34239b75b807ed2a111b001ef6f50f0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 7c74112ac85f4ff4b0a8cb7b49f25f2b
SHA1 07234ddb607318941f5b04108bb9a10be2f67fec
SHA256 ef6287c8c8d2ddc56059ba02af21b5e1390378e25e3992fdf08d228af60fefbf
SHA512 89b60ca890cc9cf5ed00a0249ac0faffc723498f615a344f749b155c8a7101398c6da3033d17ea3db8d240b491610abfcf87515652ba07ddda74e5b2e4896fc4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 bc4e263d3c794f585f184890917107bc
SHA1 6d9c74773041934f5a1be71dd2e3de47e0ace996
SHA256 27cbe16100c1156dc53d1187d2ba480de3c6ec559f55a81590be302cb35ee98e
SHA512 6b797c7c2080ad8f0ffa3c91522dbc6aa03f5a6669c396ce8cbcd171de9e3c4fc74f04a10b4724fb1763a69c09541aa001305557a79b3ea6ee9e8b970a3b4ab0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7a27ed29c8c58819b312e1527bd733ef
SHA1 4103605c146042934da4131e400ca2a6246f3d27
SHA256 b71a5912e176970bac8e1d722fdc467d261a491248a29435fa4db52a61c817be
SHA512 fbb55a42b27946c50c78bc820acfb4df0a9481b9469460360e76bbd07b598f62dff27e3e935c9ebe3053ae04d4f2e2dbc5392339101dc47629faf6ecab9c07b2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 bf112cf32625bb40c3d92cc014a9a2d5
SHA1 f67971ef8e7df77e1ad2dc16f44ebd80e671eae8
SHA256 abb16d6ff1aaad941d2a79a4c456f9e905a72d79ee437092b53cba70b6aa8593
SHA512 3d2c50b9819c03f61405854a2a28e5e87ae575e76a8f54af7b3cb397ee5fa878c1428d31a887020f56b344495640e58c4c42c0de5787302a0727946d51e8c9c7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9f29b6ece61d8224c20f05b688493451
SHA1 1f33131fb7743c2f1bba8cb3f2dc6426ef1c1911
SHA256 f86846bfc67a837ab8aa62c21b4dabc115bb64760b7157f5e6916d3558a35c54
SHA512 51e4c3f9ebb234def01ed08384ae56049fdb04eefc3dcec9c0de4105490bbf54a93d1dfea9db9dd51086c119b0b220833cb7b1b27e6adea32c82847709e4954b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 83dc1a6fcb2adf9d7a09303558a607d3
SHA1 62f163109fcec66a9d9b059cf94336707e9a6ba6
SHA256 e5199acc0f7798ecb2e0e7fc7a5ce0a550aa73636fda8a9f20417474403fe6ef
SHA512 9ba81f45a1193e618e4545b07d7a64bdd0240ecb26d7190b39ebb985870bddae25c97a998c7c0c687bd67bccf8791c9e0b68ce84dec0d721742587a478525041

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b8

MD5 aa273341f6132d22b17a722316a0edc5
SHA1 aaf80cd32dcd8bc9bd1f0ea6ba55a030d31c9d06
SHA256 e4540690e0e027130970e2b63a0caccc6729e926025a86169766e503a2381335
SHA512 f7c29957587601bc4a800a8727d0ff5040f69c28da19eb1dd8eb04e52c2c8df4cace113a3fd4f2ffd427006538b456875541b3d09401eb2fefbdc16cf99a9069

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 f931fb5a8e54ca7f2f093ecb9c97904d
SHA1 2df78d99ab92bec272422cd817686e33fdbeccff
SHA256 ff25d7af80c2512e7cf4390b012710324f0af25dfe59b8a611f8b5b92f1d694f
SHA512 1909ed3582cf2819462f33c03699abc0940f76cdac54206a51c0583702112981fb3f5b82e521c3cfb7b999f3917045285fe9e021f963a64e8a391da4a85ca01f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b9

MD5 006f57d0b9fc6fc643f382c93c6d28c7
SHA1 e18bc52d2d93d26ac16236ea7d280e328c29a78b
SHA256 97d47fac9e76266695a8cd6670aafea281b0bdfec51ce9c2fccd937ea46a529d
SHA512 4770c777797096c03a42ee62c31cd36d5e7d98f2058851f86efe7f0c1e8363df5acd017c443a7117778053ac5f761f11af929b0ae2fb8228c34ef66093205d40

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 29e9deb01082fddc3d2bfbf503a8212e
SHA1 80d5e641966ad9a4385f4bff0f6c1acb1df6556d
SHA256 28750e4b68358eb67e486e0c506ff70591abbdaf4a9879df3b6ed36b9b4e86c0
SHA512 ecee7ada3206e71a3ecc3f582f32bb8c5d0d69fd66c442d64e1bd992c05e281879591a4123e1b98e7c872301482b421c5289766316530244a9ac7ecd72b14534

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\4d189bc6-eff4-4c14-9252-4e40e3a2893c\0dcdf5c017a60ca4_0

MD5 7eb748fbbf404a510fc43d3e7626c02d
SHA1 69e26e4927344b74025a6b6a488f30df40eeef2b
SHA256 4413f9c3ab89a6ef0adcd3a1b06270b328fae5e577fd8318578ecd99374a9b95
SHA512 9c1d68aaef913cf7952a8a173bd095772035899922cc4e981db13aad626134ad6c85bfb90d0dbec1c2095c7adc1668c82c2bbd32af91a6e10f400b2151dd4df2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\4d189bc6-eff4-4c14-9252-4e40e3a2893c\8e1ca9b888781823_0

MD5 9566df2d6d8ebb595373fa41390865e6
SHA1 c2d056c14e015434250327164ecb08f9767892d6
SHA256 c0a3c3655ae05a1a67d175fba82fabb397afb617ab4f7d74a3f4e075da9a834b
SHA512 6b2939f47a76b5751e0fb6f62230c3ee21e2d6330a30cc247fa42ae460c66e6f7849e84383f0a6e68ef0d46de4e6db3c3825e6ff5c33618b4a23ed6d809d31e3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a8

MD5 2639b0f22929f1037b58b0147d7034cd
SHA1 5fde6e64e13ef21b68d8b1dea98e9a85a6dca44d
SHA256 db96cd3e7b03ed62497cd25ee9b47d063a4ee398362240bf359215e52c66a175
SHA512 0e38b917051267fc38d5ba9a2277e8a9d573f4428fed0f7c06e559504fa451a9173dcadaa22b31e4cae2b8dbe299320457a0e86d4682cee31c6e428c04a33724

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e9cf80b8418deee6f2a8970bb2eb3c59
SHA1 ab2b402ebe9e4169240ea2bfc44ff2a5bded86fc
SHA256 d89a3be9c262dc57569caf7b12f6ebf6200eb83573650856bfd6478a99f02f36
SHA512 5e534d896b3cb0b7bf21c92a95d58ca129d30ad3ea6b810995c94e810438d766889973554005b78f16577bb051171892464620e5cec9581bc8d41d438b78a6a9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 03b95ed16de94dae5dcc5e5127f7c6ca
SHA1 c47436d74db8d8eb62bdb44643c5669820ab419f
SHA256 853e19af7bcf9d56be8be1e3b23a1545857e940581a50390694567ce6ae93d23
SHA512 6f1ff9633534d89ada846583f5a9bbf031bb496c6d404ef90840293b122bfb3ab3b21ab6b85e3bc2f1f55b279441e371d098d37da57ae955221e39fa4e8fa02b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 4e0bb75630a8f233140b25bc084e3509
SHA1 8d3639db14e865c2428d6d8a10adf96b92bd2425
SHA256 31b035344326e0cf47b1a5c68935c72e36a0791771d2ebb122bb26d7cda531b4
SHA512 6099e8b29ba49c3259a6163cbc58c19d4f195114a216e49ea7b9ba2814c1b6d9edf51f82da3cab9031476d7930238b9f6bf5703157ac53c29a66676e71201e43

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2c1f2e68d3abf2caf2edec95efa80370
SHA1 4383e6197182164ac7c7622565d09a7594f903ac
SHA256 f905b6fe0e8296993331479080f2521231d818b979bb2e1cb25c2e0c6c9da909
SHA512 13f625e3f084f09d7d7e3d4d36513d76765dba55c22cabf61b0473e2955be8c5a0d55219b543c53d995676eeecdf90d496d385dee7af85397812390aa4a41c19

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\73e7cdac-c075-46d4-9e03-d12dbe8b12f0\index-dir\the-real-index

MD5 05af386b94bca89fb3f054574f1821cd
SHA1 76292995b0859f9a65e94e84babdb08d830c3e3a
SHA256 5837642c5644229681a002ec6d74855fc9f46055dd97e315c144a2d31b250f46
SHA512 5925900d0d6e73f38435ad4d5982efc79e35e12e68422a77c5ac31f3405282466b5aabbc2f9da5280deb8d72f33e02aa545553f67956104937cf540247bb9674

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 f4042726b3a9968cec96bbe7f0f2c46a
SHA1 eb4b8ec363a4843647fe4a85b0856443823eeae6
SHA256 c932db70d7365bdc450ab97c1d092fb515472050564aab3dee6f7bc54c14e345
SHA512 4e6ecc5217eab804a87bba00dd7eb3b86613f861ddd7de7997a5f06ee106d0b0c2cfda736d0749c960a9aa64eba9b9bac51bc74602af93c955144bac7a48c886

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 19dfaae992f4329cbb79f2c900c7dbb2
SHA1 2e7ec48c4474a28cf1a85ea7e769d059ba4c1b11
SHA256 0e3ac77233a0795d2e8f3aacf10a6db361d7508630e7f98d7bb3f8689a922f3a
SHA512 c55b161f6419c694ec69808cc818f94502bc52bdb601f33099d38999299de5921c46afe725bf7037de414de381a47a1b6a6bde8b3fe91308528254341b50fd7e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c2f620b2367de4ab72171e6ec4c4587a
SHA1 abe31d68bae3633389db3a9f54e5752ec95f3e3f
SHA256 8da9d84d55f17861b948d866bd53984429f315759713842fd924968fb2997498
SHA512 818833d0f3cc77dda00cc9d38e7b7b4453b6d61a7a3a919f5dc3de8dbd803f7ea0b2f900597aa8cf97121f5d2298999eb0b16f236131b66ad99b9ecfd0362ccb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\4d189bc6-eff4-4c14-9252-4e40e3a2893c\index-dir\the-real-index

MD5 897bc7cf8a97475c494c46390c36cfdb
SHA1 156c609f3f7182abf411f2a608798b5ed0280d38
SHA256 eacc2147257d50c62d2988d8d76f8e924e0e4ee40b5d03abffac254489fb6102
SHA512 71b66bedb9a1f0fe1ec2617909a2e2460396150ad077a59b42e4843e91ddb5a691460be62a37c0d761cd94298b87bc1fd8cec01cf07814fcebe22b1c5a2b72fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\index.txt

MD5 4bfe12452e80380bdc7904ac3001254a
SHA1 a080ecebeb6fd37f328f75aa8428258fb61492fa
SHA256 8009881548fca3a87a52d216163c11ef0e6d4c518bd24552539fde590a094e16
SHA512 1171276a5ed52b7afb65352ce0b0c6754769e43f6e5361c4dfa5e5c877739c11de0cb975881453126dc9e3ad43d1a0dcebb7680b5149f3c6dc2a380ee678600b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 0c5bbae96dd77b94b654c34447340fea
SHA1 0e6005b9c424e4654efbf17357463e5b63ba92f9
SHA256 ce2d893d0c6a58e1e1809d1d1c5e5046558a84f2ecdc78b69dc1f75b6559c63f
SHA512 b60fd320c07d228866883de5b0b8730cbad1ddfbd0a2af74b2619608b07c5f723f29420f56089a7914e240964426cd6046748e02ec95f84d5103d2f6ef49cf6c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e46b974c593a7204c5416f672c45139d
SHA1 735770c37ce0b9ffa389162ea023b9d48f3631c0
SHA256 658896274d1b8c92f7eb1644824f7a091021af95b68e0f4321f97f9e411fa489
SHA512 da2e87421ae64020907e22439039923986ccb2661380599bac9d69e5e6307e7e656a51ee90d32962e22938d60675d7eff5f740e0ebe798b761ac252ccd4c8a02

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 415e38f1b6780c56289d69eb82fe0481
SHA1 c2fe436b96701e32cb03949ee2b95d6274f376f9
SHA256 34536112e98c9ddb8119cf0d4e61769ec24fb2f277322c362a7e7a44f0a94e48
SHA512 4f04bdd51fd21a824755faefada26e7c02ec15177560c656bcb00358146cdff8ee6ea7a1fab489159e468181a34d72316f5be47b7aa41c1da41b9cc1f7757a95

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 88c83088fe9bb0e890aa05bb875deab2
SHA1 a15075510fd9fdb137233b2a4a221b0db4fa2fb2
SHA256 5757207a5ca0fc595e2ef927b419dac86d402968ab6eda97510ea2ddc05dde1f
SHA512 eff671f1051232217707acc068e332b1d28072c0397996193de59ac6ed40f83b8990a5d0a7d1c6f877acf30550255cc6f5c2dfbe11886a461710612f02a21a88

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 357303c0ae9f2f964794daf9f54ff5df
SHA1 f32675c648a3ab26cbf39c96efdab30007945d8a
SHA256 7e359eac6e2fbace5dca424ac51532b97b0910b077d7a028c346e8779920c23f
SHA512 4a5ec688134a28302545f03a56622bb31ee36519ac07233d64e29dadfd6e82fcdeff23e05383ee5980e780cdc407ed41cc02792cc5d26c14040140b73e6a16a6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c3

MD5 737aa9b42dbae53cc6980a313e375958
SHA1 f83d79ee797292d30ce60816e68a259832de9ae7
SHA256 b80a25614d9cccbeb27c25ed2561acc81a7a48d2f26b3b5efcb2c52226814d70
SHA512 b933d05bb437b183d63b3919e7de06da21ea3be57966dd9b3c35762613be140920cac6816ba3edfc3c0eb0c38464b235c1055ac218359b462a13128e34cda525

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 fc30fdd80e13d1ba3fe5e2ceabc1afc6
SHA1 77c91dd7aa9fa8fef80ebced4078aeb50863c675
SHA256 26c76b6c9bc67d5f499ed5b4a79c1bc0a849a4f913be2691c5ec5ea752dcf26a
SHA512 3794e6261cce9e5735da57b636d6ed439ed540f421b3dc7dd7b4029fb1c39d238fa9f0f80b223b3e3c36886318c0c9cd98174c63f513c32cbd2c24c5d934ba51

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 d74bda3d95e4f184f6594b7664a51eab
SHA1 de7d24657da03709fbe27a741b1fd1173eaeb490
SHA256 f06200cc5309e76bfacd166d6c306db8b8604e5082767b57ea76a443217564d3
SHA512 5360c897af44e236e4f45620a7b365589349a7c6359ecabf476b78d0fbb6768822ff13420824c0aed35fdb584aabcbcd7f35f2aaf0f7797f9aa5ee7c2435d0ef

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 084d68b8c0fa0b4c3f93f5a35b18c280
SHA1 1c452940218002a3f8519da8b47fb902f5b0bd7c
SHA256 8fb3d7fe1b464fb4bf023ee6370c1acf3a0694962f510066d444f1de2d1b6586
SHA512 ceeefd15d0b02bf536f241a83d59ba9870d09429d802f9c171153b8f2fa426755cce8960bef2a3190ece781073d95ada5d7f19bd88eb91a3f780d13361caed8f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d35ff86e690d41a8321e92b2351e1c2d
SHA1 7fcd07e3448abbd033c1f5a1b20011dc9fc1840a
SHA256 59f1f42668dbec21194b26ba6ea437474fe58df6fbd3af300aabc52f3aedd731
SHA512 c048b29d130d8d36674b1c85f5da2da036edbf4240f9c822b603d7d5475d4026d8a69aa765ad0958922f2981b9c9c0fc40150c624a4cb040be216b5d1671889b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 f80d9418a2f3e1cc5887b1b08ccf6997
SHA1 c57c5f7d8a1d260ce0b95f9e3422d2d462b8e81a
SHA256 bdc460c40cb600070a60e66d7be0e8e76cd5d10621d9e5b0d5cd327d2e0a51d8
SHA512 d68fb9e268921d84837b388f8849d3edc5b7cf76c88fdc599037f43d7c3d5b4445099ad59d005ced60d0fc2c3e9a1a1151dc027d7ea65bd5be6ec39c401ab3b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ca7899c5f6527a7992f61fb669f3c555
SHA1 c3981bba674a340b1086ac1f526c6b587f2fef09
SHA256 edd0867ad7fb67442b2fe7ecc395b67093135d6d7a2e72d4591bc36a9a251776
SHA512 552ac1eacad1430d8a47e3913d2a5a9b3fa196be8e481801d8bec6b3feac7291743e749a0d36149c834b0eeddd5cc80d1f824b31889e974db11ca3b5b28ff4d9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 83beb54115c7e6849c801078841f0833
SHA1 50e49e56419f9f757dbae1d4d78a99cc5548aa72
SHA256 8abfc94fef4c3b7fa6236cd7b8e4cb9929e547b52ff52f586097e43895427589
SHA512 84dfabe44a96c032ab69bbe95a74fdceeeaa1edffa2efc05257988a3030ad398dcfd0bd32b5673d044c48c96a16567a76c527f08ee204fc6c0be34efd2de4255

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt.tmp

MD5 262ddc8c098957a11e5b25f2cca48b0f
SHA1 348d797299bcabdfeec66c4873ba331c0dd3e03d
SHA256 7abb05f6119543972aee1b393ab2f561a269b57897b52ad18f19a7c784cf2c72
SHA512 d1ba66692823fcd9af983d77586bd9870d0464726d02f49a94be093943852ba9c417d4be66559c3f75bddf5830cdd67def82de3ae6b8bbfecb2ab0cd1a196daf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8f714b8db52f2206129ed2fa1b8d7464
SHA1 c109b9f6cbc8071fca81768b3faba4c9d2954139
SHA256 cdf456aa412b9f662872089cd518a9aa033b4c318248d4ea43bc61808d54f0ec
SHA512 2a6aa4ac8ccc7fd354cc5b1e8370524883a88d9c5b5ad3496c07ee517c81d9b6adb592d3d091b59ee9e32bdcf2a978309e2c998bf45e55ebb1fd14b9bbd4b7f1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a4d2fdafab1fd99b59457a128424be61
SHA1 af9e965b5cc69cd424e459ad3b60f0011af15c29
SHA256 758851ae334d774f5c8bd8be576ebf735943b724ab20a2c74ead1b5ba6ff2975
SHA512 edccfb52f2b43eb801f286217109de4ca5d42d10893f7fe1ade280b30359afa6d91e14b5a7f73a3eb3f501faf30cd765d9458a9f8c156badee3d4ccff96b4d49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 4c2fa6dbac1ac11723e3660f549d0dd5
SHA1 fab55c21b3b38e2147878740832a6ee2602b3fa6
SHA256 049c0ea5ba6415590aee692c3aae4db9d7d6f36e15e93875d660c3bc24100dce
SHA512 1c2105a4bb33418ead4d39bcd7f8267ed1c696bc6fa4b76ec19174c9a115cf378dfb91ada6e9372bd7f7cd6f290004c73cd5b4767f8092df8e9b1fc0e639d9cb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2536eb1826717e3c_0

MD5 af2979010cbbc5b5e065ed55fa1cef7c
SHA1 33e746d91f5fd25a52dc8a1216255bb0d13340ed
SHA256 4de6caf94318902bad4324a0267230354da120f0faac299b4834a6b3c8c0e39a
SHA512 eb441c5f8c5c10f8bd3af334621ccb4f11533ffb439f3af5b8ad3f34cba522f6ef781ba752c690e0e78c3bccfb5175e63757f9d9e7ac475d1893c698a73c80ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 942bab58132691a24943f86d126f3e89
SHA1 e7002d8be6ea8ebc68e1d56217444d998d0c9b99
SHA256 9c24fad8c26a0e33489e943a5a5357c209a1d311cda8cb990da8d19e35c21d3f
SHA512 68327d2cebe1b76d40968a526c05db6e396e0aa5145320a18752fb1132e35b3181905948d5f2cfa3fe3ca6a52685df09b1e59e133f7b39c3244fd206b729c7d5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f6be2ca9a6e96866bd924153059eb4c5
SHA1 8956b341080cfaf482b21a8922479a62d7f91a9a
SHA256 deb4242626e0d80d5884a89ca7ef0f656af88ce25fa13d73480115998bba7e21
SHA512 70d19a37f0832c4cc162a921fdb535cb76e382426417a8a295e38ef4b353f6b115185561dbec6a9f69064ff74ac46878d6f68c53d58e1bb1860bc459857a8d43

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a28a729acbadfce12f7274c82f58d1f4
SHA1 33e589301378ca1562919157dfe5d3427b3ad197
SHA256 bc28108c8ff1a3bf0ca492db4f3f29986788a20a69d3c3b670a2beaf9fd24fed
SHA512 b36ec5701e8346467aedd140ad7f906b897671dd00d5fdba52a45411f8252206ad677a9cf079a10aa5723e330b49574f8b69fbcef49a5a310206c66f773842fe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 980345ab5ac419aa741f4d8ed1d1fc1e
SHA1 d4c5ffa2d1fff19b17bb25cee8185ab69ccbb9b8
SHA256 31a6a9d25bf99075b463a303c8677ea122f4f50c6c72118b6afb52414bcb2a4a
SHA512 743a547ef4e64e33697f1b32a90d2eab33160184358b78b40a785b915801c5bf49e310eabb85e28786c4202895924fc86dc79d0f3edde1544c4ef2d2342b8715

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008d

MD5 ac208b7d4d098db99e24367471daafa6
SHA1 3c86a97e8a2ecf0c8774fb9b44557d4eec99cf0a
SHA256 2c08be451972a16ba7f8d5f363b3224ee4e3c09ae00fa2403a8800b2f345eaeb
SHA512 23141f5f93f9fb586318d0f38684040456211064b11448e9c99a6c8b6d64f0d335a814468322963456a8673429bd621576f457a3413d1334c869bc07c8e31258

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2c5cc4e2c466da77640403947a9f1840
SHA1 cec729905411c5fa88fdfb917571bd147a7bcc96
SHA256 2ff6bf247b18ddb01ecc254a6f6f87bbde48f43bcda2f0ed2ddfb80d42823270
SHA512 bd8c5fb113a2318b8aff949a5caaf72cec95d801a980ca570f935e3d44a559815010ba297cb11d402eb5ca56ce42ef3e386412ed289b4e0e961d60375bd55714

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3d8728bc27642a3c5e8a7fdf7138b464
SHA1 def1b9f84eaf91adc85b5c8d683a66ac8e974943
SHA256 df0685add84083dca1f80e20f7839a597740b5c1ba61a62ca81f4ce0ced66d77
SHA512 052c0e065da228b97b51c4b501931d831ed4ed673a9f50c4d64e7f692cfa5f20205d334d6fbe1ce7904bf4d6b09e1d7c85b01dbd981c0ab6983ac83fec9bb630

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1bd22f759be6a345d3769cd66bc3e3fe
SHA1 9953b417701ce2de8311cb1cbc4cee78a92f0488
SHA256 5e829a4bce58709cd5852f983782c7c756690f6e4168c2d19597c2a187fd3b9d
SHA512 b9fd3f755fe2a3533b871556a8878bab51b124832fc5d2e05bd20cbbf51adca08bc74c6ec5e137eef3774fdfc395eaf21263a35e809c5a648aeb12e947571d8f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 b0883b98a26989d1d793dafffada1393
SHA1 9da84d2abe434a2cb4e2177054542f21dadfd747
SHA256 dd9467eee8fa86c38d4e4f3f3a8ea7eb6e568f2aac8b9d32dfeeeddea0f6befa
SHA512 930d82101a4fa41b1a5dc0945cc2ddef7899b07dd8a4888b701703e46d58ed9fa443ff1cf6b0784803e26c69b78580b6d19785fc3710d901f60e1036b70cd43f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e9545717e6d151d2_0

MD5 1f6f4b2986d4247e5c9b3ff818708cc7
SHA1 27d4d9f4c60ecdb846ab74c8347cbf20e9523ccf
SHA256 382ba3a6a25725b9fff534dfe460ede3e3f71ebce2618cf1547d02f0697713c8
SHA512 94ee794c0d391c6171b3f4ff31cc2edd77a77e93e208f07d0f5bd94a0cf8c2070b395bd09566939876932d85e158cad5782300cdd04ade75672d416b80f94731

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 91d249449378ce04aec51988656c7829
SHA1 f890ef15cb30d5d6b14915d3d835b01943e64950
SHA256 20b8b0c7ecef41388a697a3db662c51ba562d1f5cd7d2ad76ba7d20f9c7f154f
SHA512 1d3ebeba87b47522e36cf123b6b0984fb499beb8ddb091580438cf282aa881e888773c82abb8615fa6c75f35be97de108e3869eb93b01248cffa46245f57d9e6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a6cc9b5289548ba0a071fc47e828b450
SHA1 1321f52162f0bc8ec81076cc14adae5b4f431be0
SHA256 09ab2b909e19787d17fb4af7c515a9297aca5cd747e3a69557e6093d6cb6721c
SHA512 50394a9b46dbd34d60510acabfb1fad41d719daeb02192e34ddc2b021aae39a7f52e0f4c8dfabe8b77b66531e22952ec60828bcb1d0fc16d7207f9a6fa124ec6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 7e66f0573f8d73e21ccd7152c2adacce
SHA1 f7ef8930f6534fff1af4ac32889ce22f62bb4bab
SHA256 43e15f222c39d4b9368bffbdd5a898fa2bf6675e1611f29ada6b97f1e01f5889
SHA512 bcb1c18e8781edc8d01ec9c5afd40445085d7822f8adac8a55ac0953d673b805084c4e41e5b5534034ab9a860988896a43fab3ad9c723e179e2a223b9f610703

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b8ebad7f6716eb37_0

MD5 55f1c47acfa82bff87658a0f04095505
SHA1 1044b5a5ae9206e3ca39ae80898063e55ea2c082
SHA256 db65f1279bd0cdd175d046116201de502383f8bf1d2322342aaad983691ea852
SHA512 6e01d26e878a23ffb5dcf36a501454ab19c13dfcc74a436fb622ac2e6804e41a36a653fae8b54cf3049f62b2d2231e1327ebee3e769262de1794b106d8fcf4cc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\335e69ddec2b9ac6_0

MD5 bfaea6ab354a3c5076e1c255783c35e5
SHA1 47238199526755b6285b9c881aca649a2d645f64
SHA256 936e97d8e130290b1ad996925e930ac84de8eb4ca9d839b4e84a55cd9366aabc
SHA512 6a04133669d13c7c4b808a9463873464aeb81043772f8bff265669b27674845f2f1b2977e720dcdd3c0b5f42e4d6ba34c463b044dc50751c43244cf910f996e2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 9eb3cc9bce9ee16cebc1d2e75bcbccfd
SHA1 de44d1ae304985b0affd64664dbc03c98cddff8b
SHA256 f3851e375aa7753cd97cb31a4885b27e480a840e27f985e3622fc2e092b9e448
SHA512 9b3b8f36eaf53c9eaf84f5c16590672c689d6d428e4395d0c125e3740add098b93ed8c6aad181b9efcd7fb718055f044a59f34228560a744c577c2415e9ad6f6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 26f7000fd9a2640cfc9c68c869024f2d
SHA1 634ad33cff3ff854293b35eb621d8a039e7c9ae9
SHA256 06ada0970cde8a06f5766e146fb4c878bf5e7bc9f19bbf7e75afb5143da471bf
SHA512 3933dd061a2e9c0ac8f28d41db0006c8d0d0bbbe520ba903361fdee8b0f841a3f13380862de7109d2c65f97d74daf339c78285af637dc7e4be3dc3ae160958c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 efbebeb9327df8f15b64348b3ebc19d1
SHA1 05278e39f74505570753816d2c4bd3f8dfbfac79
SHA256 7ef300554cb5e1024521fa10fd28b35c35b9712a43479ab513c4332073572885
SHA512 4827c2ba4decfc827d58bf03acc1b38c5499d37b5a2611972eb83c39c5c92d42127689a70666aa0ce7eddb4db3ba30979333c1e6a20bbe7c48d1a279765ebb67

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 dba6ab195b531323de00505de4ccfb20
SHA1 943688babdb391e7d824276f4c5d7dda09b87bba
SHA256 bfa3137f53eb697991e4473b948f570c7a198190699cbf4c08263c6c557196f2
SHA512 1b6c44d02cc5ef69e8d45e8fff42f65b509c82eb93d9497977045d9536f2ef61d27a6cfca67b0617cce9ef7c3f0c5df0509ca08a42bdcf9f9d331d0c17b6371b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 e7ac9c546771bd3ca034c1b73fdb595f
SHA1 22381ea883196311ce90fab6f4795198bd628e8c
SHA256 a540c09be60172138799eacc11b431c0eeec79835bd148c94bdd491d6dfcb16f
SHA512 3dcb233a8cc5928668b64159ceb3a0aa86286ae8903f2bf1378aee3f72927ab773855b06525f0b4d7cf44ff444c20624ebba852af72f06608b826e074acddefc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1feefc77598888742caa74e08bcfb2ee
SHA1 3dc46f6a2b7935d49740b9e313782a4e8e920384
SHA256 5b87a93ac8e151ff40da85fd93a7e5c03c5d296a1bb9ba7b42e3cf0f361fd6e8
SHA512 c816664765406d1b0fa70c74ed5862f4a1b8f571751fd6c97f5e0fbc0af98e452b9db8d0c8faf78cea0790f66a40f113ca230a60c78b3c71bd26233f6fbc0297

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1bc691aa47fe42e8593a2db399eaf41b
SHA1 e4499b0db55d1c5da200b533c29e305cb1b2ba9c
SHA256 09f3c884c9077edf0f51e7cdf4ce711d2b7f575879c86f3e861ee3150de2ef3e
SHA512 397e97ed558ba73170481fd6acfbebe1a2ca240d3d1afe54660159a7711f0b382224f4362843ed2862a605688b0456fc0b6384a3564d16c320dc9b5a1e390c2a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 31ba0c4a3f899d33e8f99f9ebe26c2ea
SHA1 480e9d22ce2faef22deedd4833798fe4145c6b8c
SHA256 3b6f8bfcefb38abc9e5f16d15188e3cbe1ac7d9747289b09755e2f95ef47d2bd
SHA512 794c0d40b65833debea9a79201d3920cb1b6722d23ba98873271887b7ab7160663ad7e90c6a7f5a6f33d82c494fbc27893b50ca0785aa8181d2db97d35f54409