Malware Analysis Report

2024-07-28 04:48

Sample ID 240604-126exadh73
Target http://google.com
Tags
adware discovery evasion persistence stealer trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file http://google.com was found to be: Likely malicious.

Malicious Activity Summary

adware discovery evasion persistence stealer trojan

Modifies Installed Components in the registry

Downloads MZ/PE file

Sets file execution options in registry

Registers COM server for autorun

Loads dropped DLL

Executes dropped EXE

Checks computer location settings

Enumerates connected drives

Installs/modifies Browser Helper Object

Checks installed software on the system

Checks whether UAC is enabled

Adds Run key to start application

Suspicious use of NtSetInformationThreadHideFromDebugger

Drops file in System32 directory

Checks system information in the registry

Suspicious use of NtCreateThreadExHideFromDebugger

Drops file in Program Files directory

Drops file in Windows directory

Program crash

Enumerates physical storage devices

Opens file in notepad (likely ransom note)

Suspicious use of UnmapMainImage

Suspicious use of SendNotifyMessage

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

NTFS ADS

Enumerates system info in registry

Modifies data under HKEY_USERS

Suspicious use of SetWindowsHookEx

System policy modification

Uses Volume Shadow Copy service COM API

Uses Task Scheduler COM API

Suspicious use of WriteProcessMemory

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of FindShellTrayWindow

Suspicious use of AdjustPrivilegeToken

Checks SCSI registry key(s)

Modifies registry class

Modifies Internet Explorer settings

Suspicious behavior: EnumeratesProcesses

MITRE ATT&CK Matrix V13

Initial Access
TA0001
Execution
TA0002
Persistence
TA0003
Boot or Logon Autostart Execution
T1547
Registry Run Keys / Startup Folder
T1547.001
Browser Extensions
T1176
Privilege Escalation
TA0004
Boot or Logon Autostart Execution
T1547
Registry Run Keys / Startup Folder
T1547.001
Defense Evasion
TA0005
Modify Registry
T1112
Credential Access
TA0006
Discovery
TA0007
Query Registry
T1012
System Information Discovery
T1082
Peripheral Device Discovery
T1120
Lateral Movement
TA0008
Collection
TA0009
Exfiltration
TA0010
Command and Control
TA0011
Impact
TA0040
Resource Development
TA0042
Reconnaissance
TA0043

Analysis: static1

Detonation Overview

Reported

2024-06-04 22:09

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-04 22:09

Reported

2024-06-04 22:24

Platform

win10v2004-20240426-en

Max time kernel

843s

Max time network

845s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.com

Signatures

Downloads MZ/PE file

Modifies Installed Components in the registry

persistence
Description Indicator Process Target
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.85\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A

Sets file execution options in registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU1971.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU1971.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU600D.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU600D.tmp\MicrosoftEdgeUpdate.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-4018855536-2201274732-320770143-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-4018855536-2201274732-320770143-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Microsoft\Temp\EU600D.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-4018855536-2201274732-320770143-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-4018855536-2201274732-320770143-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU600D.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6C069CCC-BD3A-464F-BEBD-27BD1142F7D3}\MicrosoftEdge_X64_125.0.2535.85.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6C069CCC-BD3A-464F-BEBD-27BD1142F7D3}\EDGEMITMP_0F131.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6C069CCC-BD3A-464F-BEBD-27BD1142F7D3}\EDGEMITMP_0F131.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Users\Admin\Downloads\winrar-x64-701.exe N/A
N/A N/A C:\Users\Admin\Downloads\winrar-x64-701.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3FE24275-7510-4203-9A16-93200F8AEFF9}\MicrosoftEdgeUpdateSetup_X86_1.3.187.39.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU1971.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{42047E7D-57D2-483E-8286-F91CEFE22BD3}\BGAUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Users\Admin\Downloads\winrar-x64-701 (1).exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\MicrosoftEdge_X64_125.0.2535.85.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU600D.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU1971.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Registers COM server for autorun

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.85\\EBWebView\\x64\\EmbeddedBrowserWebView.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.85\\notification_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.85\\PdfPreview\\PdfPreviewHandler.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.85\\BHO\\ie_to_edge_bho_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.85\\notification_click_helper.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-4018855536-2201274732-320770143-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Noxic™ Mod Menu = "C:\\Users\\Admin\\AppData\\Roaming\\Noxic™ Mod Menu\\Noxic™.exe" C:\Users\Admin\AppData\Local\Temp\Temp1_Noxic.Mod.Menu.zip\Noxic™.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\!BCILauncher = "\"C:\\Windows\\Temp\\MUBSTemp\\BCILauncher.EXE\" bgaupmi=5E806FE178B04153B9A79548380098FD" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{42047E7D-57D2-483E-8286-F91CEFE22BD3}\BGAUpdate.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\V: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\J: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\P: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\N: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\N: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\Q: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\U: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\U: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\M: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\K: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\W: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\Z: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\Q: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\I: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\Z: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\Z: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\H: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\L: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\A: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\I: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\L: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\B: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\I: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\Y: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\N: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\T: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\R: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\O: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\A: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\K: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\M: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\Z: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\Y: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\Q: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\R: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\Z: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\J: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\U: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\X: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\I: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\H: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\L: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\E: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\M: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\O: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\S: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\Y: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\M: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\Y: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\T: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\G: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\B: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\R: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\S: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\V: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\O: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\P: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\R: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\X: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\T: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\W: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\U: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\P: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\I: C:\Windows\System32\msiexec.exe N/A

Installs/modifies Browser Helper Object

stealer adware
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU1971.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU600D.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU600D.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU1971.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A

Suspicious use of NtCreateThreadExHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\VoiceChat\SpeakerLight\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\ExtraContent\textures\ui\InGameMenu\TouchControls\unequip_item.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\AnimationEditor\icon_keyIndicator.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.85\onramp.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6C069CCC-BD3A-464F-BEBD-27BD1142F7D3}\EDGEMITMP_0F131.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.85\Trust Protection Lists\Mu\LICENSE C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6C069CCC-BD3A-464F-BEBD-27BD1142F7D3}\EDGEMITMP_0F131.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU1971.tmp\msedgeupdateres_de.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3FE24275-7510-4203-9A16-93200F8AEFF9}\MicrosoftEdgeUpdateSetup_X86_1.3.187.39.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.85\Locales\tr.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\StudioToolbox\AssetConfig\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\ExtraContent\textures\ui\LuaChat\graphic\gr-indicator-ingame-8x8.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6C069CCC-BD3A-464F-BEBD-27BD1142F7D3}\EDGEMITMP_0F131.tmp\SETUP.EX_ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6C069CCC-BD3A-464F-BEBD-27BD1142F7D3}\MicrosoftEdge_X64_125.0.2535.85.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.85\Locales\eu.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6C069CCC-BD3A-464F-BEBD-27BD1142F7D3}\EDGEMITMP_0F131.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\Trust Protection Lists\Mu\Other C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6C069CCC-BD3A-464F-BEBD-27BD1142F7D3}\EDGEMITMP_0F131.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\7-Zip\Lang\sk.txt C:\Windows\System32\msiexec.exe N/A
File opened for modification C:\Program Files (x86)\7-Zip\Lang\et.txt C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU1971.tmp\msedgeupdateres_ur.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3FE24275-7510-4203-9A16-93200F8AEFF9}\MicrosoftEdgeUpdateSetup_X86_1.3.187.39.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\TopBar\close.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\fonts\families\AmaticSC.json C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\RoactStudioWidgets\slider_caret.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\configs\DateTimeLocaleConfigs\ja-jp.json C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\DeveloperFramework\UIOn_light.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\Settings\Players\Unmuted-White.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU600D.tmp\msedgeupdateres_uk.dll C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
File created C:\Program Files (x86)\7-Zip\7z.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.85\Locales\en-GB.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6C069CCC-BD3A-464F-BEBD-27BD1142F7D3}\EDGEMITMP_0F131.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\CompositorDebugger\History.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\DevConsole\Search.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\VoiceChat\MicDark\Connecting.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\VoiceChat\SpeakerNew\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\ExtraContent\textures\ui\LuaApp\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\ExtraContent\textures\ui\LuaChat\9-slice\chat-bubble-right.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\7-Zip\Lang\sw.txt C:\Windows\System32\msiexec.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU1971.tmp\msedgeupdateres_eu.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3FE24275-7510-4203-9A16-93200F8AEFF9}\MicrosoftEdgeUpdateSetup_X86_1.3.187.39.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\fonts\NotoSansDevanagariUI-Regular.ttf C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.85\Locales\ur.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.85\Locales\ta.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\TerrainEditor\lake.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\MaterialGenerator\Materials\Limestone.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\scrollbuttonDown.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU600D.tmp\msedgeupdateres_ro.dll C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\AnimationEditor\btn_edit.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\VoiceChat\SpeakerNew\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\ExtraContent\textures\ui\Gamepad\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.85\onnxruntime.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6C069CCC-BD3A-464F-BEBD-27BD1142F7D3}\EDGEMITMP_0F131.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\7-Zip\Lang\ne.txt C:\Windows\System32\msiexec.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\AnimationEditor\icon_whitetriangle_up.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\TerrainTools\mtrl_ice_2022.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\MenuBar\icon_home.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\PlayerList\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\Settings\Help\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\VoiceChat\SpeakerDark\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\7-Zip\Lang\cy.txt C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.85\PdfPreview\PdfPreviewHandler.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6C069CCC-BD3A-464F-BEBD-27BD1142F7D3}\EDGEMITMP_0F131.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\particles\forcefield_vortex_color.dds C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\09c23244-9005-4753-b2bb-35038d7dd18f.tmp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\Controls\XboxController\Thumbstick1.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\VoiceChat\MicDark\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\VoiceChat\SpeakerLight\Unmuted20.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\ExtraContent\textures\ui\LuaApp\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6C069CCC-BD3A-464F-BEBD-27BD1142F7D3}\EDGEMITMP_0F131.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.85\show_third_party_software_licenses.bat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6C069CCC-BD3A-464F-BEBD-27BD1142F7D3}\EDGEMITMP_0F131.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\AnimationEditor\image_keyframe_constant_unselected.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\Locales\lt.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6C069CCC-BD3A-464F-BEBD-27BD1142F7D3}\EDGEMITMP_0F131.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\ExtraContent\textures\ui\LuaChat\icons\ic-close-gray2.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\Installer\inprogressinstallinfo.ipi C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\e594a42.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI94C5.tmp C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\e594a3e.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\ C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\SourceHash{23170F69-40C1-2701-2401-000001000000} C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI4B19.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI74A7.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\e594a3e.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log C:\Windows\system32\msiexec.exe N/A

Enumerates physical storage devices

Program crash

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\WerFault.exe C:\Users\Admin\Downloads\Fluxus\Fluxus\Fluxus V7.exe
N/A N/A C:\Windows\SysWOW64\WerFault.exe C:\Users\Admin\Downloads\Fluxus\Fluxus\Fluxus V7.exe

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters C:\Windows\system32\vssvc.exe N/A
Key queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters C:\Windows\system32\vssvc.exe N/A
Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters\Partmgr C:\Windows\system32\vssvc.exe N/A
Set value (data) \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters\Partmgr\PartitionTableCache = 000000000400000081a0e6b9f9d406b40000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000c01200000000ffffffff00000000270101000008000081a0e6b90000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d01200000000000020ed3a000000ffffffff00000000070001000068090081a0e6b9000000000000d012000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0ff3a0000000000000005000000ffffffff000000000700010000f87f1d81a0e6b9000000000000f0ff3a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000000000000000000081a0e6b900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 C:\Windows\system32\vssvc.exe N/A
Set value (data) \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters\Partmgr\SnapshotDataCache = 534e41505041525401000000700000008ec7416a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 C:\Windows\system32\vssvc.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.85\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.85\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2d\52C64B7E\@%SystemRoot%\system32\dnsapi.dll,-103 = "Domain Name System (DNS) Server Trust" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\2B C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2c\52C64B7E C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2c\52C64B7E C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2c\52C64B7E\@%SystemRoot%\system32\dnsapi.dll,-103 = "Domain Name System (DNS) Server Trust" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ = "IGoogleUpdate3WebSecurity" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ProxyStubClsid32\ = "{2B1EC306-3EDE-4012-9BB0-FB836132FF52}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\NumMethods\ = "11" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4018855536-2201274732-320770143-1000_Classes\lua_auto_file C:\Windows\system32\OpenWith.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{A6B716CB-028B-404D-B72C-50E153DD68DA}\ = "ServiceModule" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgeHTM\shell\runas\command\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe\" --do-not-de-elevate --single-argument %1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ = "IJobObserver" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ = "IPolicyStatusValue" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\AppId = "{628ACE20-B77A-456F-A88D-547DB6CEEDD5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgeMHT\shell\runas\command\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe\" --do-not-de-elevate --single-argument %1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreMachineClass\ = "Microsoft Edge Update Core Class" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{5F6A18BB-6231-424B-8242-19E5BB94F8ED}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.CredentialDialogMachine" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\96F071321C0410724210000010000000\SourceList\LastUsedSource = "n;1;C:\\Users\\Admin\\Downloads\\" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{A6B716CB-028B-404D-B72C-50E153DD68DA}\ = "ServiceModule" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ = "IApp2" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\ProgID\ = "MicrosoftEdgeUpdate.CoreMachineClass.1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\Elevation C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\ProxyStubClsid32\ = "{2B1EC306-3EDE-4012-9BB0-FB836132FF52}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\VERSIONINDEPENDENTPROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ = "IPolicyStatus3" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\ = "IPolicyStatus5" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\ie_to_edge_bho.IEToEdgeBHO.1 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\NumMethods\ = "17" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\NumMethods\ = "7" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\ProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\NumMethods\ = "23" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\Elevation C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}\LOCALSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\Elevation\Enabled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32\ = "{2B1EC306-3EDE-4012-9BB0-FB836132FF52}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\ie_to_edge_bho.IEToEdgeBHO\CurVer\ = "ie_to_edge_bho.IEToEdgeBHO.1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ = "ICoCreateAsyncStatus" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}\VersionIndependentProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\ProgID\ = "MicrosoftEdgeUpdate.Update3WebMachine.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ = "IApp2" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\NumMethods\ = "13" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\NumMethods\ = "41" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\ProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\ProxyStubClsid32\ = "{2B1EC306-3EDE-4012-9BB0-FB836132FF52}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.85\\notification_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4018855536-2201274732-320770143-1000\{C0B33469-5187-45C5-9CFE-A7D276A8E0F1} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ = "IPolicyStatus3" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\shell\open\command\version = "version-c46f37833a234ebf" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 957524.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 394979.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 659875.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 308754.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Opens file in notepad (likely ransom note)

ransomware
Description Indicator Process Target
N/A N/A C:\Windows\system32\NOTEPAD.EXE N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU600D.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU600D.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU600D.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU600D.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU600D.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU600D.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Downloads\Fluxus\Fluxus\Fluxus V7.exe N/A
N/A N/A C:\Users\Admin\Downloads\Fluxus\Fluxus\Fluxus V7.exe N/A
N/A N/A C:\Users\Admin\Downloads\Fluxus\Fluxus\Fluxus V7.exe N/A
N/A N/A C:\Users\Admin\Downloads\Fluxus\Fluxus\Fluxus V7.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU1971.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU1971.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Microsoft\Temp\EU600D.tmp\MicrosoftEdgeUpdate.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreateTokenPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeAssignPrimaryTokenPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeLockMemoryPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeMachineAccountPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeTcbPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSystemtimePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreatePermanentPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeAuditPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeChangeNotifyPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeRemoteShutdownPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeUndockPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSyncAgentPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeEnableDelegationPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeManageVolumePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeImpersonatePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreateGlobalPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreateTokenPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeAssignPrimaryTokenPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeLockMemoryPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeMachineAccountPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeTcbPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSystemtimePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreatePermanentPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeAuditPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeChangeNotifyPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeRemoteShutdownPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeUndockPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSyncAgentPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeEnableDelegationPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeManageVolumePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeImpersonatePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreateGlobalPrivilege N/A C:\Windows\System32\msiexec.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Windows\System32\msiexec.exe N/A
N/A N/A C:\Windows\System32\msiexec.exe N/A
N/A N/A C:\Windows\System32\msiexec.exe N/A
N/A N/A C:\Windows\System32\msiexec.exe N/A
N/A N/A C:\Windows\System32\msiexec.exe N/A
N/A N/A C:\Windows\System32\msiexec.exe N/A
N/A N/A C:\Windows\System32\msiexec.exe N/A
N/A N/A C:\Windows\System32\msiexec.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\winrar-x64-701.exe N/A
N/A N/A C:\Users\Admin\Downloads\winrar-x64-701.exe N/A
N/A N/A C:\Users\Admin\Downloads\winrar-x64-701.exe N/A
N/A N/A C:\Users\Admin\Downloads\winrar-x64-701.exe N/A
N/A N/A C:\Users\Admin\Downloads\winrar-x64-701.exe N/A
N/A N/A C:\Users\Admin\Downloads\winrar-x64-701.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Users\Admin\Downloads\winrar-x64-701 (1).exe N/A
N/A N/A C:\Users\Admin\Downloads\winrar-x64-701 (1).exe N/A

Suspicious use of UnmapMainImage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 5056 wrote to memory of 5096 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 5096 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 2312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 3756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 3756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 4552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 4552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 4552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 4552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 4552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 4552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 4552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 4552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 4552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 4552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 4552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 4552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 4552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 4552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 4552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 4552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 4552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 4552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 4552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5056 wrote to memory of 4552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

System policy modification

evasion
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe N/A

Uses Task Scheduler COM API

persistence

Uses Volume Shadow Copy service COM API

ransomware

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffc8bf46f8,0x7fffc8bf4708,0x7fffc8bf4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2252 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2764 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4696 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5132 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5264 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5264 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6032 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6004 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6140 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5988 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4764 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4064 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6040 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5816 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5184 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5360 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5668 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2116 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6612 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6208 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6660 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6860 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6900 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7008 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7256 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7396 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7400 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8188 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8348 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7816 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8616 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8496 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8736 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8988 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7872 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8180 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9624 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9888 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7780 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9504 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7884 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7356 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10172 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5912 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7672 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8220 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9844 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6836 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6844 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9912 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7372 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7308 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7884 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6436 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6472 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8428 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9032 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6260 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9220 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10052 /prefetch:8

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"

C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files (x86)\Microsoft\Temp\EU600D.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU600D.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6388 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7Q0NDRDVGNDMtMDIzQy00NDRFLUI0QjgtREM1QTg1MzM5OEY3fSIgdXNlcmlkPSJ7NkMzNTU0Q0YtMzgzNy00RjVDLUIxRkQtRDZFRDYyMURCQUZFfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntFNUJDODJEMC01NDdDLTQ0NEUtODUwMS0zM0VBNkU2OUYwQTN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7RHhPYmpIR2ErblJhMmF0QzN3bytJRXBDNzgrWlllQVVia1hwREMyY2o3VT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4NS4yOSIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjUyOTI2MTExMzkiIGluc3RhbGxfdGltZV9tcz0iNzE5Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{CCCD5F43-023C-444E-B4B8-DC5A853398F7}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7Q0NDRDVGNDMtMDIzQy00NDRFLUI0QjgtREM1QTg1MzM5OEY3fSIgdXNlcmlkPSJ7NkMzNTU0Q0YtMzgzNy00RjVDLUIxRkQtRDZFRDYyMURCQUZFfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InsxNjYxQkFCMy0xNUMxLTQwRDMtODY4OS0wRUVEQkUxRkVBRUF9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7RHhPYmpIR2ErblJhMmF0QzN3bytJRXBDNzgrWlllQVVia1hwREMyY2o3VT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTEwLjAuNTQ4MS4xMDQiIG5leHR2ZXJzaW9uPSIxMTAuMC41NDgxLjEwNCIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9IjUyOTY3ODA5ODYiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6792 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10212 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10280 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6444 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7572 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10140 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7148 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6576 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8440 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10116 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7696 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8184 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5316 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9824 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8372 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9708 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6788 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6220 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6592 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6944 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7736 /prefetch:1

C:\Windows\System32\msiexec.exe

"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\Downloads\7z2401.msi"

C:\Windows\System32\msiexec.exe

"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\Downloads\7z2401.msi"

C:\Windows\system32\msiexec.exe

C:\Windows\system32\msiexec.exe /V

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7320 /prefetch:2

C:\Windows\system32\vssvc.exe

C:\Windows\system32\vssvc.exe

C:\Windows\system32\srtasks.exe

C:\Windows\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:2

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6C069CCC-BD3A-464F-BEBD-27BD1142F7D3}\MicrosoftEdge_X64_125.0.2535.85.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6C069CCC-BD3A-464F-BEBD-27BD1142F7D3}\MicrosoftEdge_X64_125.0.2535.85.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6C069CCC-BD3A-464F-BEBD-27BD1142F7D3}\EDGEMITMP_0F131.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6C069CCC-BD3A-464F-BEBD-27BD1142F7D3}\EDGEMITMP_0F131.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6C069CCC-BD3A-464F-BEBD-27BD1142F7D3}\MicrosoftEdge_X64_125.0.2535.85.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6C069CCC-BD3A-464F-BEBD-27BD1142F7D3}\EDGEMITMP_0F131.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6C069CCC-BD3A-464F-BEBD-27BD1142F7D3}\EDGEMITMP_0F131.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.142 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6C069CCC-BD3A-464F-BEBD-27BD1142F7D3}\EDGEMITMP_0F131.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.85 --initial-client-data=0x230,0x234,0x238,0x22c,0x23c,0x7ff7b0d24b18,0x7ff7b0d24b24,0x7ff7b0d24b30

C:\Windows\System32\msiexec.exe

"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\Downloads\7z2401.msi"

C:\Windows\System32\msiexec.exe

"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\Downloads\7z2401.msi"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7Q0NDRDVGNDMtMDIzQy00NDRFLUI0QjgtREM1QTg1MzM5OEY3fSIgdXNlcmlkPSJ7NkMzNTU0Q0YtMzgzNy00RjVDLUIxRkQtRDZFRDYyMURCQUZFfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins3NDk1NzM4Ni0xNjlFLTQ5MjQtOTY3Ny04MzAwMUNFRkUzRDd9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTI1LjAuMjUzNS44NSIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9Ii0xIiBpbnN0YWxsZGF0ZT0iLTEiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNTMwNjg4MTA1NyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjUzMDY5MjExOTEiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI2MTA0ODExMDExIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy8zYzc3NWU3NS1hZmY4LTRhZjEtYWVkZS03YTVjMDM0OWFhMGI_UDE9MTcxODE0Mzg3NyZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1uSlNuWWo2UDRSWDZTUFd4MkNrb0VKeGtMYWIyQWpuNHNIQ01zVk1KQjY4T1UxJTJidzFWakpKeURockdtUFIlMmZlTWxNJTJiSUlHZzZBZTg3bFB3WHA2VnZTQSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE3MzY3NTU3NiIgdG90YWw9IjE3MzY3NTU3NiIgZG93bmxvYWRfdGltZV9tcz0iNzI4ODUiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI2MTA1MDUxMjQxIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNjEyMDY3MTIwNiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iNjU3NDUxMDk1MSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjQzOCIgZG93bmxvYWRfdGltZV9tcz0iNzk3OTgiIGRvd25sb2FkZWQ9IjE3MzY3NTU3NiIgdG90YWw9IjE3MzY3NTU3NiIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iNDUzODEiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe" -app

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7776 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5380 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5612 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8780 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6800 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9532 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9188 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6508 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5792 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8612 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8652 /prefetch:1

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\Downloads\Fluxus\Fluxus\Fluxus V7.exe

"C:\Users\Admin\Downloads\Fluxus\Fluxus\Fluxus V7.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 6984 -ip 6984

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 6984 -s 3356

C:\Users\Admin\Downloads\Fluxus\Fluxus\Fluxus V7.exe

"C:\Users\Admin\Downloads\Fluxus\Fluxus\Fluxus V7.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 5124 -ip 5124

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 5124 -s 3092

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7560 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7964 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7932 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=180 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5380 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1076 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2600 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8388 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9356 /prefetch:8

C:\Users\Admin\AppData\Local\Temp\Temp1_Noxic.Mod.Menu.zip\Noxic™.exe

"C:\Users\Admin\AppData\Local\Temp\Temp1_Noxic.Mod.Menu.zip\Noxic™.exe"

C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe

"C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe"

C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe

"C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\noxic™-nativefier-41fdc3" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1592 --field-trial-handle=1696,i,5495696312465391578,12519705923834323055,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2

C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe

"C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\noxic™-nativefier-41fdc3" --mojo-platform-channel-handle=2040 --field-trial-handle=1696,i,5495696312465391578,12519705923834323055,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8

C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe

"C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\noxic™-nativefier-41fdc3" --app-user-model-id=noxic™-nativefier-41fdc3 --app-path="C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\resources\app" --no-sandbox --no-zygote --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2336 --field-trial-handle=1696,i,5495696312465391578,12519705923834323055,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1

C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe

"C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\noxic™-nativefier-41fdc3" --app-user-model-id=noxic™-nativefier-41fdc3 --app-path="C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\resources\app" --enable-sandbox --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2464 --field-trial-handle=1696,i,5495696312465391578,12519705923834323055,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x464 0x328

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4852 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8996 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8756 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4732 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7652 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8596 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7340 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9196 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2756 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5276 /prefetch:8

C:\Users\Admin\Downloads\winrar-x64-701.exe

"C:\Users\Admin\Downloads\winrar-x64-701.exe"

C:\Users\Admin\Downloads\winrar-x64-701.exe

"C:\Users\Admin\Downloads\winrar-x64-701.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3FE24275-7510-4203-9A16-93200F8AEFF9}\MicrosoftEdgeUpdateSetup_X86_1.3.187.39.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{3FE24275-7510-4203-9A16-93200F8AEFF9}\MicrosoftEdgeUpdateSetup_X86_1.3.187.39.exe" /update /sessionid "{C1303599-31DA-4485-B77E-481AB98C0E25}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QzEzMDM1OTktMzFEQS00NDg1LUI3N0UtNDgxQUI5OEMwRTI1fSIgdXNlcmlkPSJ7NkMzNTU0Q0YtMzgzNy00RjVDLUIxRkQtRDZFRDYyMURCQUZFfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins1MjUwOTFCNS0xNjE4LTQ5RDYtQTkyQy0wRTg3QkI1QzM0RDd9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xODcuMzkiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iSXNPbkludGVydmFsQ29tbWFuZHNBbGxvd2VkPS10YXJnZXRfZGV2IiBpbnN0YWxsYWdlPSIzOSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSIxMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODgwNDE5NDQ0NiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4ODA0MTk0NDQ2IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ3MDIzODM4IiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5MDIxMTE3MTgxIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJkbyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvMjIxNjY3ZGMtYmIwYS00YWNiLTgzM2QtNWExMWRjODhhOGJmP1AxPTE3MTgxNDQyMjcmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9TkhESnc5R21Cakc4dmVFRzdzdnlacGtPeWd5TnZSSlZRWTNMVUhPcTBNR0Q5YUFNWUt2QVozSnIlMmJvJTJicTlIQ3NhVmtBd1IlMmI1ZlJiMkgwRSUyZlF1VHVaZyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSIwIiBkb3dubG9hZF90aW1lX21zPSIzIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjkwMjEyNzM0MDciIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzIyMTY2N2RjLWJiMGEtNGFjYi04MzNkLTVhMTFkYzg4YThiZj9QMT0xNzE4MTQ0MjI3JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PU5IREp3OUdtQmpHOHZlRUc3c3Z5WnBrT3lneU52UkpWUVkzTFVIT3EwTUdEOWFBTVlLdkFaM0pyJTJibyUyYnE5SENzYVZrQXdSJTJiNWZSYjJIMEUlMmZRdVR1WmclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNjIxMDQ4IiB0b3RhbD0iMTYyMTA0OCIgZG93bmxvYWRfdGltZV9tcz0iMTczNDkiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTAyMTI3MzQwNyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5MDI2NTg2MTU5IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PHBpbmcgcj0iMzkiIHJkPSI2MzI1IiBwaW5nX2ZyZXNobmVzcz0iezdFN0Q4QTRGLUQwMzktNDM1RS05MjlCLUIyNTUzMEY5MjUwNX0iLz48L2FwcD48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iOTIuMC45MDIuNjciIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iMzkiIGxhc3RfbGF1bmNoX3RpbWU9IjEzMzYyMDEyNTk3ODcyOTAyMCI-PHVwZGF0ZWNoZWNrLz48cGluZyBhY3RpdmU9IjEiIGE9IjM5IiByPSIzOSIgYWQ9IjYzMjUiIHJkPSI2MzI1IiBwaW5nX2ZyZXNobmVzcz0iezMyRDU4RDM0LUYyMDMtNEI2NS05M0YwLTEyNDZENjBCMkM1Mn0iLz48L2FwcD48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iMTI1LjAuMjUzNS44NSIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiIGluc3RhbGxkYXRlPSI2MzYzIj48dXBkYXRlY2hlY2svPjxwaW5nIHI9Ii0xIiByZD0iLTEiIHBpbmdfZnJlc2huZXNzPSJ7NzE2QkE5NjUtMEIxOS00NzlCLTlBMEItN0Y5N0VFQzYyNjVGfSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\Temp\EU1971.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU1971.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{C1303599-31DA-4485-B77E-481AB98C0E25}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QzEzMDM1OTktMzFEQS00NDg1LUI3N0UtNDgxQUI5OEMwRTI1fSIgdXNlcmlkPSJ7NkMzNTU0Q0YtMzgzNy00RjVDLUIxRkQtRDZFRDYyMURCQUZFfSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7MTAxRDEzRTUtMzZENS00NjhELUJCNTUtNTI5MjZDQzM2NEIyfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNzEuMzkiIG5leHR2ZXJzaW9uPSIxLjMuMTg3LjM5IiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMzkiIGluc3RhbGxkYXRldGltZT0iMTcxNDEzNDkzMyI-PGV2ZW50IGV2ZW50dHlwZT0iMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTAzNzY3OTc2MiIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10220 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=134 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10308 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8264 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8468 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10572 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=138 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1996 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9544 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2128,9053498182684820973,3339613407962797831,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10800 /prefetch:8

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\ROBLOX MOD MENU (Anonymous Cheats).lua

C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe

"C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="C:\Users\Admin\AppData\Roaming\noxic™-nativefier-41fdc3" --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=764 --field-trial-handle=1696,i,5495696312465391578,12519705923834323055,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2

C:\Windows\system32\werfault.exe

werfault.exe /h /shared Global\2c898200b3634d1f9d58568bd7d462e0 /t 428 /p 5940

C:\Windows\system32\werfault.exe

werfault.exe /h /shared Global\4bd537f574714263ae1e12a8301be8f3 /t 7160 /p 1068

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7fffc8a9ab58,0x7fffc8a9ab68,0x7fffc8a9ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1844 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2276 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3068 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3140 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4380 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4528 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4552 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4948 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4220 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4804 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3352 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4800 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3300 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4540 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5208 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4984 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5284 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2808 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5400 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5500 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5200 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5508 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5472 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4608 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5268 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=5316 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=4540 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=5512 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=5912 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=5856 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=6232 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=6360 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=6592 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=6840 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=6976 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=6980 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=7300 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=7444 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=7640 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=7784 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=7984 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=8128 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=7920 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8580 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=8940 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=8988 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=9220 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=9236 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=9356 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=8876 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=6916 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=6416 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=10036 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=9760 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=9804 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=10352 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=10548 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=10392 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=10552 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=11132 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=11308 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=11464 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=10800 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=11768 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=11328 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=11608 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=11444 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=12268 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=5484 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --mojo-platform-channel-handle=4708 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --mojo-platform-channel-handle=5108 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --mojo-platform-channel-handle=12572 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --mojo-platform-channel-handle=9792 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --mojo-platform-channel-handle=12684 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --mojo-platform-channel-handle=6408 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --mojo-platform-channel-handle=13088 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --mojo-platform-channel-handle=8628 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --mojo-platform-channel-handle=13492 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --mojo-platform-channel-handle=13656 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --mojo-platform-channel-handle=13792 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --mojo-platform-channel-handle=13652 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --mojo-platform-channel-handle=13920 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9908 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=13432 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:8

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\LexyLex\RasTo0R.rar

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QTQ1Q0JGQzItRjNDRC00RkYyLUJERTAtNDVFREQzOTlDREM2fSIgdXNlcmlkPSJ7NkMzNTU0Q0YtMzgzNy00RjVDLUIxRkQtRDZFRDYyMURCQUZFfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7NDc4NUY4REYtMzFFMC00Q0Q2LTlBQkItM0M5Q0ZCQUNBRTNEfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O0Q2anhQZVVtS2ZoOHl0eTZGMDdZeE0xZVpESC9UVjZGUVQyZmZEaVp5d3c9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjExMC4wLjU0ODEuMTA0IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIzOSIgaW5zdGFsbGRhdGV0aW1lPSIxNzE0MTM1OTQ1IiBvb2JlX2luc3RhbGxfdGltZT0iMTMzNTg2MDg1MzMwMDAwMDAwIiBmaXJzdF9mcmVfc2Vlbl90aW1lPSIxMzM2MjAxMjYzMDgwMDQxMTciPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIyMzExMTg4IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjAzMjY0OTYwNSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --mojo-platform-channel-handle=10492 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --mojo-platform-channel-handle=12128 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=12860 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=12304 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --mojo-platform-channel-handle=12636 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --mojo-platform-channel-handle=12672 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{42047E7D-57D2-483E-8286-F91CEFE22BD3}\BGAUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{42047E7D-57D2-483E-8286-F91CEFE22BD3}\BGAUpdate.exe" --edgeupdate-client --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QTQ1Q0JGQzItRjNDRC00RkYyLUJERTAtNDVFREQzOTlDREM2fSIgdXNlcmlkPSJ7NkMzNTU0Q0YtMzgzNy00RjVDLUIxRkQtRDZFRDYyMURCQUZFfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntCNDFFQ0FFMy1COTYxLTQxRjktOTZFMS0yOEQxRDYyMTc5Mzl9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7MUZBQjhDRkUtOTg2MC00MTVDLUE2Q0EtQUE3RDEyMDIxOTQwfSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMi4wLjAuMzQiIGxhbmc9IiIgYnJhbmQ9IkVVRkkiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iLTEiIGluc3RhbGxkYXRlPSItMSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjA0NTY4OTQzOSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyMDQ1NzE5Njc1IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDcwMjM4MzgiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyMzgxMDgxNDI1IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJkbyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNWYxOTU2MTItMzg0YS00OGVhLTg0MDgtYjRlZGU5ZGM1NmJiP1AxPTE3MTgxNDQ1NTEmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9TkY2dVpXdnJ2ekZaaFVJeVZ2SU9oS2VuVWxyT3RWMVptRU01ZEFEV1lob0R3bkZ2VldMRHlQV0RURjZqV1ROVnJEMnVNZWhWRFYlMmJNczAxYmpEUjgyZyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSIwIiBkb3dubG9hZF90aW1lX21zPSIxIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTIzODEwOTE0OTMiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzVmMTk1NjEyLTM4NGEtNDhlYS04NDA4LWI0ZWRlOWRjNTZiYj9QMT0xNzE4MTQ0NTUxJmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PU5GNnVaV3ZydnpGWmhVSXlWdklPaEtlblVsck90VjFabUVNNWRBRFdZaG9Ed25GdlZXTER5UFdEVEY2aldUTlZyRDJ1TWVoVkRWJTJiTXMwMWJqRFI4MmclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxODA0NDQ0OCIgdG90YWw9IjE4MDQ0NDQ4IiBkb3dubG9hZF90aW1lX21zPSIyODk5MyIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyMzgxMTIxNDE1IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTIzODcyNTEzNTAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjM4OTc2MTMyMiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjgxOSIgZG93bmxvYWRfdGltZV9tcz0iMzM1MzMiIGRvd25sb2FkZWQ9IjE4MDQ0NDQ4IiB0b3RhbD0iMTgwNDQ0NDgiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIwIiBpbnN0YWxsX3RpbWVfbXM9IjI1MCIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --mojo-platform-channel-handle=9808 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=12824 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=12508 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=14092 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=11004 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10408 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=12320 --field-trial-handle=1860,i,16042277742651229862,15584636064360213686,131072 /prefetch:8

C:\Users\Admin\Downloads\winrar-x64-701 (1).exe

"C:\Users\Admin\Downloads\winrar-x64-701 (1).exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\MicrosoftEdge_X64_125.0.2535.85.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\MicrosoftEdge_X64_125.0.2535.85.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\MicrosoftEdge_X64_125.0.2535.85.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.142 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.85 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff6a6344b18,0x7ff6a6344b24,0x7ff6a6344b30

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.142 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.85 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff6a6344b18,0x7ff6a6344b24,0x7ff6a6344b30

Network

Country Destination Domain Proto
US 8.8.8.8:53 google.com udp
GB 142.250.178.14:80 google.com tcp
GB 142.250.178.14:80 google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:80 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 69.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 ogs.google.com udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.187.238:443 ogs.google.com tcp
GB 172.217.16.238:443 apis.google.com tcp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 ssl.gstatic.com udp
GB 172.217.169.3:443 ssl.gstatic.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
GB 142.250.179.238:443 play.google.com udp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
NL 23.62.61.89:443 www.bing.com tcp
NL 23.62.61.89:443 www.bing.com tcp
US 8.8.8.8:53 89.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
NL 23.62.61.194:443 r.bing.com tcp
NL 23.62.61.97:443 r.bing.com tcp
NL 23.62.61.97:443 r.bing.com tcp
NL 23.62.61.194:443 r.bing.com tcp
US 8.8.8.8:53 194.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 97.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 aefd.nelreports.net udp
SE 23.201.43.89:443 aefd.nelreports.net tcp
US 8.8.8.8:53 login.microsoftonline.com udp
IE 20.190.159.4:443 login.microsoftonline.com tcp
SE 23.201.43.89:443 aefd.nelreports.net udp
US 8.8.8.8:53 4.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 89.43.201.23.in-addr.arpa udp
US 8.8.8.8:53 services.bingapis.com udp
US 13.107.5.80:443 services.bingapis.com tcp
US 8.8.8.8:53 80.5.107.13.in-addr.arpa udp
US 13.107.5.80:443 services.bingapis.com tcp
US 8.8.8.8:53 167.154.64.172.in-addr.arpa udp
US 8.8.8.8:53 www.techspot.com udp
US 104.22.79.92:443 www.techspot.com tcp
US 104.22.79.92:443 www.techspot.com tcp
US 8.8.8.8:53 cmp.quantcast.com udp
US 8.8.8.8:53 freyr.futurecdn.net udp
US 8.8.8.8:53 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app udp
DE 18.245.86.24:443 cmp.quantcast.com tcp
US 13.35.58.48:443 freyr.futurecdn.net tcp
US 104.18.41.170:443 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app tcp
US 8.8.8.8:53 cmp.inmobi.com udp
US 8.8.8.8:53 92.79.22.104.in-addr.arpa udp
US 3.160.150.117:443 cmp.inmobi.com tcp
US 8.8.8.8:53 bordeaux.futurecdn.net udp
US 8.8.8.8:53 unpkg.com udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 8.8.8.8:53 static.chartbeat.com udp
US 8.8.8.8:53 img.youtube.com udp
US 104.17.248.203:443 unpkg.com tcp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
DE 99.86.4.93:443 bordeaux.futurecdn.net tcp
DE 18.245.67.101:443 static.chartbeat.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 ping.chartbeat.net udp
US 3.229.176.160:443 ping.chartbeat.net tcp
US 8.8.8.8:53 eventsproxy.gargantuan.futureplc.com udp
IE 54.170.18.55:443 eventsproxy.gargantuan.futureplc.com tcp
US 8.8.8.8:53 ads.servebom.com udp
US 8.8.8.8:53 sommelier.futurehybrid.tech udp
DE 99.86.4.67:443 ads.servebom.com tcp
IE 52.208.30.111:443 sommelier.futurehybrid.tech tcp
US 8.8.8.8:53 170.41.18.104.in-addr.arpa udp
US 8.8.8.8:53 24.86.245.18.in-addr.arpa udp
US 8.8.8.8:53 48.58.35.13.in-addr.arpa udp
US 8.8.8.8:53 117.150.160.3.in-addr.arpa udp
US 8.8.8.8:53 2.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 203.248.17.104.in-addr.arpa udp
US 8.8.8.8:53 73.80.16.104.in-addr.arpa udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 104.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 93.4.86.99.in-addr.arpa udp
US 8.8.8.8:53 101.67.245.18.in-addr.arpa udp
US 8.8.8.8:53 37.82.161.3.in-addr.arpa udp
US 8.8.8.8:53 226.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 160.176.229.3.in-addr.arpa udp
US 8.8.8.8:53 55.18.170.54.in-addr.arpa udp
US 8.8.8.8:53 67.4.86.99.in-addr.arpa udp
US 8.8.8.8:53 111.30.208.52.in-addr.arpa udp
US 8.8.8.8:53 analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 216.239.36.181:443 analytics.google.com tcp
BE 74.125.71.157:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 api.cmp.inmobi.com udp
DE 3.69.64.73:443 api.cmp.inmobi.com tcp
DE 3.69.64.73:443 api.cmp.inmobi.com tcp
BE 74.125.71.157:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 14.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 181.36.239.216.in-addr.arpa udp
US 8.8.8.8:53 157.71.125.74.in-addr.arpa udp
US 8.8.8.8:53 73.64.69.3.in-addr.arpa udp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 cadmus.script.ac udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 prod.euid.eu udp
US 8.8.8.8:53 cdn.adsafeprotected.com udp
US 8.8.8.8:53 ats-wrapper.privacymanager.io udp
US 8.8.8.8:53 cdn.pbxai.com udp
US 8.8.8.8:53 6093eccf-6734-4877-ac8b-83d6d0e27b46.prmutv.co udp
US 8.8.8.8:53 ib.adnxs.com udp
US 104.18.22.145:443 cadmus.script.ac tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
DE 13.32.27.10:443 cdn.pbxai.com tcp
NL 185.89.210.20:443 ib.adnxs.com tcp
US 13.33.187.21:443 ats-wrapper.privacymanager.io tcp
US 35.241.9.51:443 6093eccf-6734-4877-ac8b-83d6d0e27b46.prmutv.co tcp
US 18.172.112.47:443 cdn.adsafeprotected.com tcp
DE 13.224.186.120:443 c.amazon-adsystem.com tcp
GB 13.41.43.130:443 prod.euid.eu tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
GB 172.217.16.225:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 apps.identrust.com udp
NL 23.63.101.152:80 apps.identrust.com tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
GB 172.217.16.225:443 tpc.googlesyndication.com udp
GB 142.250.179.238:443 img.youtube.com udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
DE 18.245.31.123:443 config.aps.amazon-adsystem.com tcp
US 8.8.8.8:53 api.permutive.com udp
US 8.8.8.8:53 cdn.permutive.com udp
US 34.107.254.252:443 api.permutive.com tcp
US 34.107.254.252:443 api.permutive.com tcp
US 34.107.254.252:443 api.permutive.com tcp
US 104.17.119.17:443 cdn.permutive.com tcp
US 8.8.8.8:53 i.clean.gg udp
US 34.95.69.49:443 i.clean.gg tcp
US 8.8.8.8:53 sync.go.sonobi.com udp
US 8.8.8.8:53 purch-sync.go.sonobi.com udp
US 8.8.8.8:53 us-u.openx.net udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 ssc-cms.33across.com udp
US 8.8.8.8:53 eb2.3lift.com udp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 67.202.105.24:443 ssc-cms.33across.com tcp
US 8.8.8.8:53 ads.pubmatic.com udp
US 34.98.64.218:443 us-u.openx.net tcp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
US 8.8.8.8:53 pixel.advertising.com udp
US 104.18.36.155:443 ssum-sec.casalemedia.com tcp
US 34.95.69.49:443 i.clean.gg udp
US 13.248.245.213:443 eb2.3lift.com tcp
US 69.166.1.66:443 purch-sync.go.sonobi.com tcp
US 8.8.8.8:53 ups.analytics.yahoo.com udp
IE 34.246.136.164:443 ap.lijit.com tcp
US 8.8.8.8:53 g2.gumgum.com udp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 match.sharethrough.com udp
US 8.8.8.8:53 visitor.omnitagjs.com udp
US 69.166.1.66:443 purch-sync.go.sonobi.com tcp
DE 3.75.62.37:443 ups.analytics.yahoo.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
DE 52.57.182.118:443 match.sharethrough.com tcp
FR 185.255.84.152:443 visitor.omnitagjs.com tcp
IE 54.246.231.153:443 g2.gumgum.com tcp
DE 3.75.62.37:443 ups.analytics.yahoo.com tcp
BE 104.68.78.171:443 secure-assets.rubiconproject.com tcp
SE 104.73.92.198:443 ads.pubmatic.com tcp
US 69.166.1.35:443 purch-sync.go.sonobi.com tcp
SE 104.73.92.198:443 ads.pubmatic.com tcp
US 8.8.8.8:53 gum.aidemsrv.com udp
US 8.8.8.8:53 pixel.servebom.com udp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 104.17.43.93:443 gum.aidemsrv.com tcp
BE 2.21.18.175:443 eus.rubiconproject.com tcp
DE 18.245.60.71:443 pixel.servebom.com tcp
US 8.8.8.8:53 145.22.18.104.in-addr.arpa udp
US 8.8.8.8:53 c1.adform.net udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 tg.socdm.com udp
US 8.8.8.8:53 creativecdn.com udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 player.aniview.com udp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
US 8.8.8.8:53 51.9.241.35.in-addr.arpa udp
US 8.8.8.8:53 130.43.41.13.in-addr.arpa udp
US 8.8.8.8:53 20.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 10.27.32.13.in-addr.arpa udp
US 8.8.8.8:53 21.187.33.13.in-addr.arpa udp
US 8.8.8.8:53 120.186.224.13.in-addr.arpa udp
US 8.8.8.8:53 47.112.172.18.in-addr.arpa udp
US 8.8.8.8:53 225.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 152.101.63.23.in-addr.arpa udp
US 8.8.8.8:53 123.31.245.18.in-addr.arpa udp
US 8.8.8.8:53 17.119.17.104.in-addr.arpa udp
US 8.8.8.8:53 49.69.95.34.in-addr.arpa udp
US 8.8.8.8:53 252.254.107.34.in-addr.arpa udp
US 8.8.8.8:53 218.64.98.34.in-addr.arpa udp
US 8.8.8.8:53 155.36.18.104.in-addr.arpa udp
US 8.8.8.8:53 213.245.248.13.in-addr.arpa udp
US 8.8.8.8:53 164.136.246.34.in-addr.arpa udp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
DK 37.157.4.29:443 c1.adform.net tcp
JP 124.146.153.161:443 tg.socdm.com tcp
NL 185.184.8.90:443 creativecdn.com tcp
US 52.223.40.198:443 match.adsrvr.org tcp
DE 51.89.9.254:443 onetag-sys.com tcp
NL 2.18.121.10:443 player.aniview.com tcp
US 8.8.8.8:53 secure.adnxs.com udp
US 8.8.8.8:53 dis.criteo.com udp
NL 185.184.8.90:443 creativecdn.com tcp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 api-2-0.spot.im udp
US 8.8.8.8:53 match.prod.bidr.io udp
US 52.223.40.198:443 match.adsrvr.org tcp
US 8.8.8.8:53 b1sync.zemanta.com udp
JP 124.146.153.161:443 tg.socdm.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 34.98.64.218:443 us-u.openx.net udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 8.8.8.8:53 sync.ipredictive.com udp
US 8.8.8.8:53 pr-bh.ybp.yahoo.com udp
US 8.8.8.8:53 match.deepintent.com udp
US 8.8.8.8:53 bh.contextweb.com udp
US 8.8.8.8:53 66.1.166.69.in-addr.arpa udp
US 8.8.8.8:53 91.149.214.35.in-addr.arpa udp
US 8.8.8.8:53 152.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 37.62.75.3.in-addr.arpa udp
US 8.8.8.8:53 118.182.57.52.in-addr.arpa udp
US 8.8.8.8:53 153.231.246.54.in-addr.arpa udp
US 8.8.8.8:53 171.78.68.104.in-addr.arpa udp
US 8.8.8.8:53 198.92.73.104.in-addr.arpa udp
US 8.8.8.8:53 35.1.166.69.in-addr.arpa udp
FR 217.182.178.228:443 ssbsync.smartadserver.com tcp
US 8.8.8.8:53 93.43.17.104.in-addr.arpa udp
FR 217.182.178.228:443 ssbsync.smartadserver.com tcp
US 8.8.8.8:53 175.18.21.2.in-addr.arpa udp
NL 178.250.1.9:443 dis.criteo.com tcp
US 8.8.8.8:53 71.60.245.18.in-addr.arpa udp
US 8.8.8.8:53 198.40.223.52.in-addr.arpa udp
US 64.202.112.63:443 b1sync.zemanta.com tcp
US 64.202.112.63:443 b1sync.zemanta.com tcp
DE 18.245.31.66:443 api-2-0.spot.im tcp
NL 46.228.174.117:443 sync.1rx.io tcp
IE 34.251.157.29:443 match.prod.bidr.io tcp
DE 37.252.171.53:443 secure.adnxs.com tcp
DE 37.252.171.53:443 secure.adnxs.com tcp
DE 37.252.171.53:443 secure.adnxs.com tcp
FR 217.182.178.228:443 ssbsync.smartadserver.com tcp
DE 37.252.171.53:443 secure.adnxs.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
DE 18.245.31.66:443 api-2-0.spot.im tcp
IE 34.251.157.29:443 match.prod.bidr.io tcp
US 64.202.112.63:443 b1sync.zemanta.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
US 8.18.47.7:443 match.deepintent.com tcp
IE 52.49.44.23:443 pr-bh.ybp.yahoo.com tcp
US 54.145.215.200:443 sync.ipredictive.com tcp
US 52.72.207.28:443 sync.srv.stackadapt.com tcp
US 64.202.112.63:443 b1sync.zemanta.com tcp
BE 2.21.18.175:443 eus.rubiconproject.com tcp
US 8.8.8.8:53 image8.pubmatic.com udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
NL 208.93.169.131:443 bh.contextweb.com tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
DE 108.138.8.164:443 aax.amazon-adsystem.com tcp
DE 108.138.8.164:443 aax.amazon-adsystem.com tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
BE 2.21.18.175:443 eus.rubiconproject.com tcp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 grid.bidswitch.net udp
US 8.8.8.8:53 tlx.3lift.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 34.107.254.252:443 api.permutive.com udp
US 8.8.8.8:53 pixel.adsafeprotected.com udp
US 8.8.8.8:53 ads.yieldmo.com udp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
US 8.8.8.8:53 90.8.184.185.in-addr.arpa udp
US 8.8.8.8:53 254.9.89.51.in-addr.arpa udp
US 8.8.8.8:53 29.4.157.37.in-addr.arpa udp
US 8.8.8.8:53 10.121.18.2.in-addr.arpa udp
US 8.8.8.8:53 161.153.146.124.in-addr.arpa udp
US 8.8.8.8:53 228.178.182.217.in-addr.arpa udp
US 8.8.8.8:53 9.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 117.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 66.31.245.18.in-addr.arpa udp
US 8.8.8.8:53 29.157.251.34.in-addr.arpa udp
US 8.8.8.8:53 53.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 63.112.202.64.in-addr.arpa udp
US 8.8.8.8:53 23.44.49.52.in-addr.arpa udp
US 8.8.8.8:53 7.47.18.8.in-addr.arpa udp
US 8.8.8.8:53 200.215.145.54.in-addr.arpa udp
US 8.8.8.8:53 28.207.72.52.in-addr.arpa udp
NL 178.250.1.8:443 grid.bidswitch.net tcp
NL 185.64.189.112:443 hbopenbid.pubmatic.com tcp
DE 18.157.230.4:443 tlx.3lift.com tcp
IE 18.203.107.29:443 ads.yieldmo.com tcp
US 52.72.207.28:443 sync.srv.stackadapt.com tcp
US 8.8.8.8:53 cs.admanmedia.com udp
IE 52.211.38.103:443 pixel.adsafeprotected.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
IE 52.211.38.103:443 pixel.adsafeprotected.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
US 80.77.87.161:443 cs.admanmedia.com tcp
US 8.8.8.8:53 usersync.gumgum.com udp
IE 34.247.205.196:443 usersync.gumgum.com tcp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
IE 67.220.228.201:443 aax-eu.amazon-adsystem.com tcp
US 8.8.8.8:53 jadserve.postrelease.com udp
US 8.8.8.8:53 18.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 164.8.138.108.in-addr.arpa udp
US 8.8.8.8:53 112.189.64.185.in-addr.arpa udp
US 8.8.8.8:53 8.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 4.230.157.18.in-addr.arpa udp
US 8.8.8.8:53 29.107.203.18.in-addr.arpa udp
US 8.8.8.8:53 103.38.211.52.in-addr.arpa udp
US 8.8.8.8:53 139.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 161.87.77.80.in-addr.arpa udp
US 8.8.8.8:53 131.169.93.208.in-addr.arpa udp
IE 54.171.168.223:443 jadserve.postrelease.com tcp
US 8.8.8.8:53 2404ea5304e489af6c6f752d114efa11.safeframe.googlesyndication.com udp
US 8.8.8.8:53 api.pbxai.com udp
US 3.86.1.29:443 api.pbxai.com tcp
GB 172.217.169.65:443 2404ea5304e489af6c6f752d114efa11.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
US 52.86.219.200:443 cs-server-s2s.yellowblue.io tcp
US 8.8.8.8:53 csi.gstatic.com udp
BR 142.251.135.131:443 csi.gstatic.com tcp
US 8.8.8.8:53 rtb.mfadsrvr.com udp
US 8.8.8.8:53 sync.mathtag.com udp
US 8.8.8.8:53 pixel-eu.rubiconproject.com udp
US 8.8.8.8:53 ads.stickyadstv.com udp
US 8.8.8.8:53 pixel.rubiconproject.com udp
US 8.8.8.8:53 t.adx.opera.com udp
DE 51.89.9.254:443 onetag-sys.com udp
US 8.8.8.8:53 spl.zeotap.com udp
US 8.8.8.8:53 ssbsync-global.smartadserver.com udp
US 216.200.232.253:443 sync.mathtag.com tcp
NL 82.145.213.8:443 t.adx.opera.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
DE 3.121.157.160:443 rtb.mfadsrvr.com tcp
NL 154.57.158.115:443 ads.stickyadstv.com tcp
US 172.67.40.173:443 spl.zeotap.com tcp
NL 81.17.55.170:443 ssbsync-global.smartadserver.com tcp
US 8.8.8.8:53 sync.aniview.com udp
BR 142.251.135.131:443 csi.gstatic.com tcp
US 96.46.186.182:443 sync.aniview.com tcp
DE 3.121.157.160:443 rtb.mfadsrvr.com tcp
US 8.8.8.8:53 image6.pubmatic.com udp
US 8.8.8.8:53 bttrack.com udp
NL 198.47.127.19:443 image6.pubmatic.com tcp
US 192.132.33.68:443 bttrack.com tcp
US 8.8.8.8:53 id.rlcdn.com udp
US 35.244.174.68:443 id.rlcdn.com tcp
IE 54.170.18.55:443 eventsproxy.gargantuan.futureplc.com tcp
US 8.8.8.8:53 196.205.247.34.in-addr.arpa udp
US 8.8.8.8:53 choices.truste.com udp
US 8.8.8.8:53 201.228.220.67.in-addr.arpa udp
US 8.8.8.8:53 s.update.adsrvr.org udp
US 8.8.8.8:53 enduser.adsrvr.org udp
US 8.8.8.8:53 de2-bid.adsrvr.org udp
US 8.8.8.8:53 fw.adsafeprotected.com udp
US 8.8.8.8:53 223.168.171.54.in-addr.arpa udp
US 8.8.8.8:53 65.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 29.1.86.3.in-addr.arpa udp
US 8.8.8.8:53 200.219.86.52.in-addr.arpa udp
US 8.8.8.8:53 8.213.145.82.in-addr.arpa udp
US 8.8.8.8:53 148.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 131.135.251.142.in-addr.arpa udp
US 8.8.8.8:53 173.40.67.172.in-addr.arpa udp
US 8.8.8.8:53 160.157.121.3.in-addr.arpa udp
US 8.8.8.8:53 115.158.57.154.in-addr.arpa udp
US 8.8.8.8:53 170.55.17.81.in-addr.arpa udp
US 8.8.8.8:53 253.232.200.216.in-addr.arpa udp
US 8.8.8.8:53 182.186.46.96.in-addr.arpa udp
US 8.8.8.8:53 19.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
US 8.8.8.8:53 68.33.132.192.in-addr.arpa udp
US 15.197.133.55:443 de2-bid.adsrvr.org tcp
US 13.248.254.31:443 enduser.adsrvr.org tcp
IE 3.253.101.63:443 s.update.adsrvr.org tcp
DE 143.204.215.67:443 choices.truste.com tcp
US 8.8.8.8:53 cdn.ampproject.org udp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
US 8.8.8.8:53 static.adsafeprotected.com udp
US 8.8.8.8:53 dt.adsafeprotected.com udp
DE 18.66.112.19:443 static.adsafeprotected.com tcp
GB 172.217.16.225:443 tpc.googlesyndication.com udp
US 34.202.155.40:443 dt.adsafeprotected.com tcp
IE 3.253.101.63:443 s.update.adsrvr.org tcp
US 8.8.8.8:53 31.254.248.13.in-addr.arpa udp
US 8.8.8.8:53 63.101.253.3.in-addr.arpa udp
US 8.8.8.8:53 67.215.204.143.in-addr.arpa udp
US 8.8.8.8:53 55.133.197.15.in-addr.arpa udp
US 8.8.8.8:53 193.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 19.112.66.18.in-addr.arpa udp
US 8.8.8.8:53 40.155.202.34.in-addr.arpa udp
GB 142.250.200.34:443 cm.g.doubleclick.net udp
US 8.8.8.8:53 check.analytics.rlcdn.com udp
DE 143.204.98.32:443 check.analytics.rlcdn.com tcp
IE 34.247.205.196:443 usersync.gumgum.com tcp
IE 34.247.205.196:443 usersync.gumgum.com tcp
IE 34.247.205.196:443 usersync.gumgum.com tcp
IE 34.247.205.196:443 usersync.gumgum.com tcp
IE 34.247.205.196:443 usersync.gumgum.com tcp
US 8.8.8.8:53 rtb.gumgum.com udp
US 8.8.8.8:53 sync-tm.everesttech.net udp
US 151.101.2.49:443 sync-tm.everesttech.net tcp
US 8.8.8.8:53 api.rlcdn.com udp
US 8.8.8.8:53 js-sec.indexww.com udp
US 8.8.8.8:53 acdn.adnxs.com udp
US 172.64.149.180:443 js-sec.indexww.com tcp
US 34.120.133.55:443 api.rlcdn.com tcp
US 151.101.1.108:443 acdn.adnxs.com tcp
US 8.8.8.8:53 32.98.204.143.in-addr.arpa udp
US 104.17.248.203:443 unpkg.com tcp
US 8.8.8.8:53 token.rubiconproject.com udp
US 216.239.36.181:443 analytics.google.com udp
US 8.8.8.8:53 choices.trustarc.com udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 18.244.18.32:443 choices.trustarc.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 49.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 180.149.64.172.in-addr.arpa udp
US 8.8.8.8:53 55.133.120.34.in-addr.arpa udp
US 8.8.8.8:53 108.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 35.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 32.18.244.18.in-addr.arpa udp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 3a3318e20936e83581e0439710991b36.safeframe.googlesyndication.com udp
DE 108.138.8.164:443 aax.amazon-adsystem.com tcp
DE 13.224.186.120:443 c.amazon-adsystem.com tcp
US 18.172.112.47:443 cdn.adsafeprotected.com tcp
DE 18.245.31.123:443 config.aps.amazon-adsystem.com tcp
US 8.8.8.8:53 files02.tchspt.com udp
US 104.26.15.232:443 files02.tchspt.com tcp
US 8.8.8.8:53 cdn.indexww.com udp
US 8.8.8.8:53 232.15.26.104.in-addr.arpa udp
US 8.8.8.8:53 client-telemetry.roblox.com udp
FR 128.116.122.3:443 client-telemetry.roblox.com tcp
FR 128.116.122.3:443 client-telemetry.roblox.com tcp
US 8.8.8.8:53 ecsv2.roblox.com udp
FR 128.116.122.3:443 ecsv2.roblox.com tcp
FR 128.116.122.3:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:62974 tcp
N/A 127.0.0.1:62973 tcp
N/A 127.0.0.1:62979 tcp
N/A 127.0.0.1:62980 tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 3.122.116.128.in-addr.arpa udp
US 8.8.8.8:53 setup.rbxcdn.com udp
US 205.234.175.102:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:62985 tcp
US 8.8.8.8:53 233.69.68.104.in-addr.arpa udp
US 8.8.8.8:53 102.175.234.205.in-addr.arpa udp
US 205.234.175.102:443 setup.rbxcdn.com tcp
US 205.234.175.102:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:62988 tcp
NL 178.250.1.8:443 grid.bidswitch.net tcp
NL 185.89.210.20:443 ib.adnxs.com tcp
US 8.8.8.8:53 240.197.17.2.in-addr.arpa udp
SE 23.201.43.89:443 aefd.nelreports.net udp
GB 142.250.200.34:443 cm.g.doubleclick.net udp
US 8.8.8.8:53 widgets.jobbio.com udp
US 34.107.254.252:443 api.permutive.com udp
DE 13.32.27.41:443 widgets.jobbio.com tcp
US 8.8.8.8:53 widget-api.jobbio.com udp
IE 52.212.52.84:443 widget-api.jobbio.com tcp
US 34.95.69.49:443 i.clean.gg udp
US 8.8.8.8:53 41.27.32.13.in-addr.arpa udp
US 8.8.8.8:53 84.52.212.52.in-addr.arpa udp
NL 185.89.210.20:443 ib.adnxs.com tcp
NL 178.250.1.8:443 grid.bidswitch.net tcp
US 8.8.8.8:53 d2q79iu7y748jz.cloudfront.net udp
US 8.8.8.8:53 d1avm1cbyhi830.cloudfront.net udp
US 18.244.20.220:443 d1avm1cbyhi830.cloudfront.net tcp
US 18.244.20.220:443 d1avm1cbyhi830.cloudfront.net tcp
US 3.161.82.36:443 d2q79iu7y748jz.cloudfront.net tcp
US 8.8.8.8:53 220.20.244.18.in-addr.arpa udp
US 8.8.8.8:53 36.82.161.3.in-addr.arpa udp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
US 8.8.8.8:53 a8be00ae801350a4f2b7790b2de8203b.safeframe.googlesyndication.com udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
NL 13.95.26.4:443 msedge.api.cdp.microsoft.com tcp
GB 172.217.16.225:443 tpc.googlesyndication.com udp
US 15.197.133.55:443 de2-bid.adsrvr.org tcp
US 15.197.133.55:443 de2-bid.adsrvr.org tcp
US 8.8.8.8:53 4.26.95.13.in-addr.arpa udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 8.8.8.8:53 msedge.f.tlu.dl.delivery.mp.microsoft.com udp
US 199.232.210.172:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 colossalcheats.com udp
US 172.67.220.53:443 colossalcheats.com tcp
US 172.67.220.53:443 colossalcheats.com tcp
US 8.8.8.8:53 53.220.67.172.in-addr.arpa udp
US 8.8.8.8:53 cf-colossal.local udp
US 8.8.8.8:53 fastfiles.cloud udp
US 104.21.61.62:443 fastfiles.cloud tcp
US 104.21.61.62:443 fastfiles.cloud tcp
US 8.8.8.8:53 redirectboss.space udp
US 172.67.173.150:443 redirectboss.space tcp
US 172.67.173.150:443 redirectboss.space tcp
US 8.8.8.8:53 62.61.21.104.in-addr.arpa udp
US 8.8.8.8:53 150.173.67.172.in-addr.arpa udp
US 8.8.8.8:53 29.243.111.52.in-addr.arpa udp
US 8.8.8.8:53 tomatoesmoney.xyz udp
US 172.67.168.146:443 tomatoesmoney.xyz tcp
US 8.8.8.8:53 funfilenow.com udp
US 8.8.8.8:53 146.168.67.172.in-addr.arpa udp
US 104.21.57.223:443 funfilenow.com tcp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 yourjsdelivery.com udp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.26.2.174:443 yourjsdelivery.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 223.57.21.104.in-addr.arpa udp
US 8.8.8.8:53 nostop.go2cloud.org udp
IE 52.210.2.133:443 nostop.go2cloud.org tcp
US 8.8.8.8:53 174.2.26.104.in-addr.arpa udp
US 8.8.8.8:53 14.25.17.104.in-addr.arpa udp
US 8.8.8.8:53 133.2.210.52.in-addr.arpa udp
US 8.8.8.8:53 www.7-zip.org udp
DE 49.12.202.237:443 www.7-zip.org tcp
DE 49.12.202.237:443 www.7-zip.org tcp
DE 49.12.202.237:443 www.7-zip.org tcp
US 8.8.8.8:53 trk.playstretch.host udp
IE 34.252.199.128:443 trk.playstretch.host tcp
US 8.8.8.8:53 stat.glasscellar.icu udp
US 8.8.8.8:53 237.202.12.49.in-addr.arpa udp
US 104.21.83.156:443 stat.glasscellar.icu tcp
US 104.21.83.156:443 stat.glasscellar.icu tcp
US 8.8.8.8:53 128.199.252.34.in-addr.arpa udp
US 8.8.8.8:53 156.83.21.104.in-addr.arpa udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 56.94.73.104.in-addr.arpa udp
US 8.8.8.8:53 136.71.105.51.in-addr.arpa udp
N/A 127.0.0.1:53590 tcp
FR 128.116.122.3:443 ecsv2.roblox.com tcp
BE 88.221.83.203:443 www.bing.com tcp
US 8.8.8.8:53 203.83.221.88.in-addr.arpa udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
BE 88.221.83.217:443 th.bing.com tcp
BE 2.17.107.98:443 r.bing.com tcp
BE 2.17.107.98:443 r.bing.com tcp
BE 88.221.83.217:443 th.bing.com tcp
US 8.8.8.8:53 217.83.221.88.in-addr.arpa udp
US 8.8.8.8:53 98.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 wearedevs.net udp
US 172.67.71.2:443 wearedevs.net tcp
US 172.67.71.2:443 wearedevs.net tcp
US 8.8.8.8:53 cdn.wearedevs.net udp
US 8.8.8.8:53 2.71.67.172.in-addr.arpa udp
US 216.239.36.181:443 analytics.google.com udp
BE 74.125.71.157:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
GB 142.250.187.196:443 www.google.com udp
GB 172.217.16.225:443 tpc.googlesyndication.com udp
GB 142.250.187.238:443 fundingchoicesmessages.google.com tcp
GB 142.250.187.238:443 fundingchoicesmessages.google.com udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 cdnwrd2.com udp
US 172.67.166.253:443 cdnwrd2.com tcp
US 172.67.166.253:443 cdnwrd2.com tcp
US 8.8.8.8:53 253.166.67.172.in-addr.arpa udp
US 8.8.8.8:53 epsilonbot.xyz udp
US 8.8.8.8:53 flux.li udp
DE 193.84.88.132:443 flux.li tcp
US 8.8.8.8:53 132.88.84.193.in-addr.arpa udp
US 8.8.8.8:53 epsilonbot.xyz udp
DE 193.84.88.132:443 flux.li tcp
US 216.239.36.181:443 analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
BE 74.125.71.155:443 stats.g.doubleclick.net udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.238:443 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 98.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 155.71.125.74.in-addr.arpa udp
GB 172.217.16.225:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
BE 88.221.83.235:443 th.bing.com tcp
US 8.8.8.8:53 235.83.221.88.in-addr.arpa udp
US 8.8.8.8:53 fpt.microsoft.com udp
US 52.167.30.171:443 fpt.microsoft.com tcp
US 8.8.8.8:53 171.30.167.52.in-addr.arpa udp
US 8.8.8.8:53 fpt2.microsoft.com udp
US 8.8.8.8:53 136.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 noxic.app udp
US 104.21.81.17:443 noxic.app tcp
US 104.21.81.17:443 noxic.app tcp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 17.81.21.104.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 objects.githubusercontent.com udp
US 185.199.108.133:443 objects.githubusercontent.com tcp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 modmenu.pages.dev udp
US 172.66.44.198:443 modmenu.pages.dev tcp
US 172.66.44.198:443 modmenu.pages.dev udp
US 8.8.8.8:53 d3h83s39ga3y3t.cloudfront.net udp
DE 18.173.161.159:443 d3h83s39ga3y3t.cloudfront.net tcp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 159.161.173.18.in-addr.arpa udp
US 8.8.8.8:53 d1xmy0yqwxzhn4.cloudfront.net udp
DE 18.66.188.39:443 d1xmy0yqwxzhn4.cloudfront.net tcp
DE 18.66.188.39:443 d1xmy0yqwxzhn4.cloudfront.net tcp
US 8.8.8.8:53 39.188.66.18.in-addr.arpa udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 d2lmlpk6xgu7kg.cloudfront.net udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
GB 216.58.212.234:443 ajax.googleapis.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
DE 108.138.34.215:443 d2lmlpk6xgu7kg.cloudfront.net tcp
DE 108.138.34.215:443 d2lmlpk6xgu7kg.cloudfront.net tcp
DE 108.138.34.215:443 d2lmlpk6xgu7kg.cloudfront.net tcp
DE 108.138.34.215:443 d2lmlpk6xgu7kg.cloudfront.net tcp
DE 108.138.34.215:443 d2lmlpk6xgu7kg.cloudfront.net tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 215.34.138.108.in-addr.arpa udp
US 8.8.8.8:53 234.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 dns.google udp
US 8.8.4.4:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.8.8:53 4.4.8.8.in-addr.arpa udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
NL 23.62.61.89:443 th.bing.com tcp
US 8.8.8.8:53 kiwix.dev udp
US 104.21.66.13:443 kiwix.dev tcp
US 104.21.66.13:443 kiwix.dev tcp
US 8.8.8.8:53 13.66.21.104.in-addr.arpa udp
US 8.8.8.8:53 bit.ly udp
US 67.199.248.10:443 bit.ly tcp
US 67.199.248.10:443 bit.ly tcp
US 8.8.8.8:53 10.248.199.67.in-addr.arpa udp
US 8.8.8.8:53 filesilo.cloud udp
US 172.67.149.138:443 filesilo.cloud tcp
US 8.8.8.8:53 code.jquery.com udp
US 8.8.8.8:53 stackpath.bootstrapcdn.com udp
US 151.101.2.137:443 code.jquery.com tcp
US 104.18.11.207:443 stackpath.bootstrapcdn.com tcp
US 8.8.8.8:53 138.149.67.172.in-addr.arpa udp
US 8.8.8.8:53 save.enabledstats.com udp
IE 99.81.215.223:443 save.enabledstats.com tcp
US 8.8.8.8:53 137.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
IE 20.166.2.191:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 glovedinosaurs.website udp
SE 194.54.164.123:80 glovedinosaurs.website tcp
SE 194.54.164.123:80 glovedinosaurs.website tcp
US 8.8.8.8:53 223.215.81.99.in-addr.arpa udp
US 8.8.8.8:53 191.2.166.20.in-addr.arpa udp
US 8.8.8.8:53 www.win-rar.com udp
DE 51.195.68.163:443 www.win-rar.com tcp
US 8.8.8.8:53 123.164.54.194.in-addr.arpa udp
US 8.8.8.8:53 163.68.195.51.in-addr.arpa udp
US 8.8.8.8:53 google.com udp
GB 142.250.178.14:443 google.com tcp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
DE 51.195.68.163:443 www.win-rar.com tcp
US 199.232.210.172:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 krnl.dev udp
US 104.21.45.127:443 krnl.dev tcp
US 104.21.45.127:443 krnl.dev tcp
US 8.8.8.8:53 127.45.21.104.in-addr.arpa udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
NL 23.62.61.106:443 r.bing.com tcp
NL 23.62.61.106:443 r.bing.com tcp
NL 23.62.61.75:443 r.bing.com tcp
US 8.8.8.8:53 106.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 75.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 gameguardian.net udp
US 172.67.75.12:443 gameguardian.net tcp
US 172.67.75.12:443 gameguardian.net tcp
US 8.8.8.8:53 twemoji.maxcdn.com udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
GB 143.244.38.136:443 twemoji.maxcdn.com tcp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.gameguardian.net udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
US 8.8.8.8:53 analytics.google.com udp
BE 74.125.71.155:443 stats.g.doubleclick.net udp
US 216.239.38.181:443 analytics.google.com udp
US 8.8.8.8:53 12.75.67.172.in-addr.arpa udp
US 8.8.8.8:53 194.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 136.38.244.143.in-addr.arpa udp
US 8.8.8.8:53 73.79.16.104.in-addr.arpa udp
US 8.8.8.8:53 229.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 181.38.239.216.in-addr.arpa udp
GB 142.250.187.238:443 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
GB 172.217.16.225:443 tpc.googlesyndication.com udp
GB 142.250.187.196:443 www.google.com udp
US 172.67.75.12:443 static.gameguardian.net tcp
GB 142.250.187.196:443 www.google.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 d.gameguardian.net udp
US 8.8.8.8:53 api.permutive.com udp
US 8.8.8.8:53 www.google.com udp
US 34.107.254.252:443 api.permutive.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.200.14:443 apis.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 roblox.com udp
GB 128.116.119.4:443 roblox.com tcp
GB 128.116.119.4:443 roblox.com tcp
US 8.8.8.8:53 www.roblox.com udp
FR 128.116.122.3:443 www.roblox.com tcp
US 8.8.8.8:53 4.119.116.128.in-addr.arpa udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
BE 2.17.107.145:443 css.rbxcdn.com tcp
BE 2.17.107.145:443 css.rbxcdn.com tcp
BE 2.17.107.145:443 css.rbxcdn.com tcp
BE 2.17.107.145:443 css.rbxcdn.com tcp
BE 2.17.107.145:443 css.rbxcdn.com tcp
BE 2.17.107.145:443 css.rbxcdn.com tcp
BE 2.17.107.162:443 static.rbxcdn.com tcp
US 205.234.175.102:443 setup.rbxcdn.com tcp
US 205.234.175.102:443 setup.rbxcdn.com tcp
US 205.234.175.102:443 setup.rbxcdn.com tcp
US 205.234.175.102:443 setup.rbxcdn.com tcp
US 205.234.175.102:443 setup.rbxcdn.com tcp
US 205.234.175.102:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
FR 128.116.122.3:443 www.roblox.com udp
US 172.64.154.86:443 roblox-api.arkoselabs.com tcp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
FR 128.116.122.3:443 apis.roblox.com tcp
US 8.8.8.8:53 162.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 86.154.64.172.in-addr.arpa udp
FR 128.116.122.3:443 apis.roblox.com tcp
US 8.8.8.8:53 apis.rbxcdn.com udp
US 172.64.154.86:443 roblox-api.arkoselabs.com udp
BE 2.17.107.170:443 apis.rbxcdn.com tcp
US 8.8.8.8:53 locale.roblox.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
BE 2.17.107.145:443 css.rbxcdn.com tcp
US 54.230.228.4:443 images.rbxcdn.com tcp
US 54.230.228.4:443 images.rbxcdn.com tcp
US 54.230.228.4:443 images.rbxcdn.com tcp
US 54.230.228.4:443 images.rbxcdn.com tcp
US 54.230.228.4:443 images.rbxcdn.com tcp
US 54.230.228.4:443 images.rbxcdn.com tcp
FR 128.116.122.3:443 locale.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.200.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 4.228.230.54.in-addr.arpa udp
US 8.8.8.8:53 170.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 10.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.187.238:443 clients2.google.com tcp
US 8.8.8.8:53 assetgame.roblox.com udp
US 8.8.8.8:53 ncs.roblox.com udp
FR 128.116.122.3:443 ncs.roblox.com udp
FR 128.116.122.3:443 ncs.roblox.com udp
FR 128.116.122.3:443 ncs.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
SE 2.21.97.49:443 js.rbxcdn.com tcp
US 8.8.8.8:53 49.97.21.2.in-addr.arpa udp
US 8.8.8.8:53 tr.rbxcdn.com udp
NL 2.18.121.34:443 tr.rbxcdn.com tcp
NL 2.18.121.34:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 realtime-signalr.roblox.com udp
US 8.8.8.8:53 lms.roblox.com udp
US 8.8.8.8:53 thumbnails.roblox.com udp
FR 128.116.122.4:443 lms.roblox.com tcp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 chat.roblox.com udp
US 8.8.8.8:53 contacts.roblox.com udp
US 8.8.8.8:53 accountsettings.roblox.com udp
US 8.8.8.8:53 economy.roblox.com udp
US 8.8.8.8:53 friends.roblox.com udp
US 8.8.8.8:53 privatemessages.roblox.com udp
US 8.8.8.8:53 trades.roblox.com udp
DE 18.173.154.19:443 static.rbxcdn.com tcp
DE 18.173.154.19:443 static.rbxcdn.com tcp
US 8.8.8.8:53 34.121.18.2.in-addr.arpa udp
US 8.8.8.8:53 4.122.116.128.in-addr.arpa udp
US 8.8.8.8:53 aws-us-west-2c-lms.rbx.com udp
US 8.8.8.8:53 mia2-128-116-127-3.roblox.com udp
US 8.8.8.8:53 lga2-128-116-32-3.roblox.com udp
US 8.8.8.8:53 aws-us-east-2b-lms.rbx.com udp
US 8.8.8.8:53 lax4-128-116-63-3.roblox.com udp
US 8.8.8.8:53 atl1-128-116-99-3.roblox.com udp
US 8.8.8.8:53 bom1-128-116-104-4.roblox.com udp
US 8.8.8.8:53 mia4-128-116-45-3.roblox.com udp
US 8.8.8.8:53 ord2-128-116-101-3.roblox.com udp
US 8.8.8.8:53 fra4-128-116-44-3.roblox.com udp
US 54.201.229.83:443 aws-us-west-2c-lms.rbx.com tcp
US 128.116.32.3:443 lga2-128-116-32-3.roblox.com tcp
US 3.135.181.230:443 aws-us-east-2b-lms.rbx.com tcp
US 128.116.127.3:443 mia2-128-116-127-3.roblox.com tcp
US 128.116.63.3:443 lax4-128-116-63-3.roblox.com tcp
DE 128.116.44.3:443 fra4-128-116-44-3.roblox.com tcp
US 128.116.99.3:443 atl1-128-116-99-3.roblox.com tcp
US 128.116.101.3:443 ord2-128-116-101-3.roblox.com tcp
IN 128.116.104.4:443 bom1-128-116-104-4.roblox.com tcp
US 128.116.45.3:443 mia4-128-116-45-3.roblox.com tcp
GB 142.250.200.10:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 presence.roblox.com udp
US 8.8.8.8:53 19.154.173.18.in-addr.arpa udp
US 8.8.8.8:53 3.44.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.32.116.128.in-addr.arpa udp
US 8.8.8.8:53 230.181.135.3.in-addr.arpa udp
US 8.8.8.8:53 3.99.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.101.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.127.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.45.116.128.in-addr.arpa udp
US 8.8.8.8:53 4.104.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.63.116.128.in-addr.arpa udp
US 8.8.8.8:53 83.229.201.54.in-addr.arpa udp
FR 128.116.122.4:443 lms.roblox.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.179.238:443 play.google.com udp
US 8.8.8.8:53 id.google.com udp
GB 142.250.180.3:443 id.google.com tcp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.200.54:443 i.ytimg.com tcp
GB 142.250.200.54:443 i.ytimg.com tcp
GB 142.250.200.54:443 i.ytimg.com tcp
GB 142.250.200.54:443 i.ytimg.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.200.54:443 i.ytimg.com udp
US 8.8.8.8:53 54.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 static.doubleclick.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 img.youtube.com udp
GB 216.58.213.6:443 static.doubleclick.net tcp
GB 142.250.179.238:443 img.youtube.com udp
US 8.8.8.8:53 6.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 226.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 rr4---sn-aigl6n6s.googlevideo.com udp
GB 173.194.3.73:443 rr4---sn-aigl6n6s.googlevideo.com tcp
GB 173.194.3.73:443 rr4---sn-aigl6n6s.googlevideo.com tcp
US 8.8.8.8:53 rr1---sn-aigl6nsk.googlevideo.com udp
GB 74.125.105.102:443 rr1---sn-aigl6nsk.googlevideo.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 73.3.194.173.in-addr.arpa udp
US 8.8.8.8:53 102.105.125.74.in-addr.arpa udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 rr4---sn-q4fzenee.googlevideo.com udp
GB 142.250.200.10:443 jnn-pa.googleapis.com udp
GB 142.250.179.238:443 img.youtube.com udp
US 173.194.141.201:443 rr4---sn-q4fzenee.googlevideo.com udp
GB 172.217.16.234:443 jnn-pa.googleapis.com udp
GB 216.58.213.6:443 static.doubleclick.net udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 201.141.194.173.in-addr.arpa udp
US 8.8.8.8:53 234.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 yt3.ggpht.com udp
GB 142.250.180.1:443 yt3.ggpht.com tcp
GB 142.250.180.1:443 yt3.ggpht.com tcp
GB 142.250.180.1:443 yt3.ggpht.com tcp
GB 142.250.179.238:443 img.youtube.com udp
GB 142.250.180.1:443 yt3.ggpht.com tcp
US 8.8.8.8:53 1.180.250.142.in-addr.arpa udp
GB 142.250.180.1:443 yt3.ggpht.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.200.46:443 youtube.com tcp
US 8.8.8.8:53 46.200.250.142.in-addr.arpa udp
FR 128.116.122.3:443 presence.roblox.com udp
US 8.8.8.8:53 www.mediafire.com udp
US 104.16.114.74:443 www.mediafire.com tcp
US 8.8.8.8:53 static.mediafire.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 104.16.114.74:443 static.mediafire.com udp
US 8.8.8.8:53 74.114.16.104.in-addr.arpa udp
US 8.8.8.8:53 cdn.amplitude.com udp
US 54.230.228.19:443 cdn.amplitude.com tcp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 translate.google.com udp
GB 163.70.151.21:443 connect.facebook.net tcp
US 8.8.8.8:53 api.amplitude.com udp
GB 163.70.151.21:443 connect.facebook.net udp
US 8.8.8.8:53 translate.googleapis.com udp
US 44.226.25.73:443 api.amplitude.com tcp
GB 142.250.187.202:443 translate.googleapis.com tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 216.239.38.181:443 analytics.google.com tcp
BE 74.125.71.156:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 19.228.230.54.in-addr.arpa udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 73.25.226.44.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.147.35:443 www.facebook.com tcp
US 8.8.8.8:53 translate-pa.googleapis.com udp
BE 74.125.71.156:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 156.71.125.74.in-addr.arpa udp
US 8.8.8.8:53 35.147.70.163.in-addr.arpa udp
US 216.239.38.181:443 analytics.google.com udp
GB 142.250.187.202:443 translate-pa.googleapis.com udp
US 8.8.8.8:53 the.gatekeeperconsent.com udp
US 8.8.8.8:53 btloader.com udp
US 172.67.199.186:443 the.gatekeeperconsent.com tcp
US 172.67.41.60:443 btloader.com tcp
US 8.8.8.8:53 www.ezojs.com udp
US 8.8.8.8:53 privacy.gatekeeperconsent.com udp
GB 142.250.187.238:443 translate.google.com udp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
US 104.21.42.32:443 privacy.gatekeeperconsent.com tcp
US 172.67.170.144:443 www.ezojs.com tcp
US 8.8.8.8:53 api.btloader.com udp
US 8.8.8.8:53 ad-delivery.net udp
US 8.8.8.8:53 cdn.otnolatrnup.com udp
US 8.8.8.8:53 186.199.67.172.in-addr.arpa udp
US 8.8.8.8:53 60.41.67.172.in-addr.arpa udp
US 130.211.23.194:443 api.btloader.com tcp
US 104.26.2.70:443 ad-delivery.net tcp
US 104.26.2.70:443 ad-delivery.net tcp
US 104.16.52.110:443 cdn.otnolatrnup.com tcp
US 104.21.42.32:443 privacy.gatekeeperconsent.com udp
US 172.67.199.186:443 privacy.gatekeeperconsent.com udp
US 8.8.8.8:53 www.mediafiredls.com udp
US 172.67.73.78:443 www.mediafiredls.com tcp
US 8.8.8.8:53 g.ezoic.net udp
FR 15.188.219.54:443 g.ezoic.net tcp
US 8.8.8.8:53 go.ezodn.com udp
US 130.211.23.194:443 api.btloader.com udp
US 104.21.87.79:443 go.ezodn.com tcp
US 104.21.87.79:443 go.ezodn.com tcp
US 104.21.87.79:443 go.ezodn.com tcp
US 8.8.8.8:53 otnolatrnup.com udp
US 172.67.199.186:443 privacy.gatekeeperconsent.com udp
US 8.8.8.8:53 g.ezodn.com udp
US 104.21.87.79:443 g.ezodn.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 bshr.ezodn.com udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
US 172.67.142.121:443 bshr.ezodn.com tcp
US 8.8.8.8:53 144.170.67.172.in-addr.arpa udp
US 8.8.8.8:53 32.42.21.104.in-addr.arpa udp
US 172.67.142.121:443 bshr.ezodn.com udp
US 8.8.8.8:53 194.23.211.130.in-addr.arpa udp
US 8.8.8.8:53 70.2.26.104.in-addr.arpa udp
US 8.8.8.8:53 6.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 110.52.16.104.in-addr.arpa udp
US 8.8.8.8:53 78.73.67.172.in-addr.arpa udp
US 8.8.8.8:53 79.87.21.104.in-addr.arpa udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 121.142.67.172.in-addr.arpa udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 ad.crwdcntrl.net udp
IE 52.48.212.10:443 ad.crwdcntrl.net tcp
IE 34.246.197.125:443 ad.crwdcntrl.net tcp
DE 108.138.36.27:443 tags.crwdcntrl.net tcp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 10.212.48.52.in-addr.arpa udp
US 8.8.8.8:53 125.197.246.34.in-addr.arpa udp
US 8.8.8.8:53 27.36.138.108.in-addr.arpa udp
GB 142.250.187.238:443 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 script.4dex.io udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
US 8.8.8.8:53 tlx.3lift.com udp
US 8.8.8.8:53 ghb.adtelligent.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 bidder.criteo.com udp
US 8.8.8.8:53 prebid.smilewanted.com udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 prebid.a-mo.net udp
US 8.8.8.8:53 ap.lijit.com udp
US 172.67.75.241:443 script.4dex.io tcp
FR 15.188.219.54:443 g.ezoic.net tcp
NL 145.40.97.66:443 prebid.a-mo.net tcp
IE 54.78.77.149:443 ap.lijit.com tcp
DE 51.89.9.251:443 onetag-sys.com tcp
US 104.22.30.209:443 prebid.smilewanted.com tcp
US 104.22.30.209:443 prebid.smilewanted.com tcp
US 104.22.30.209:443 prebid.smilewanted.com tcp
US 104.22.30.209:443 prebid.smilewanted.com tcp
US 104.22.30.209:443 prebid.smilewanted.com tcp
US 54.230.228.100:443 hb.yellowblue.io tcp
US 107.151.11.18:443 ghb.adtelligent.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
FR 185.255.84.150:443 hb-api.omnitagjs.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
DE 18.157.230.4:443 tlx.3lift.com tcp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 172.64.151.101:443 htlb.casalemedia.com tcp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 8.8.8.8:53 oa.openxcdn.net udp
US 8.8.8.8:53 static.criteo.net udp
US 8.8.8.8:53 cdn.prod.uidapi.com udp
US 8.8.8.8:53 cdn-ima.33across.com udp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
US 34.96.70.87:443 invstatic101.creativecdn.com tcp
US 34.102.146.192:443 oa.openxcdn.net tcp
US 104.22.53.86:443 cdn.id5-sync.com tcp
DE 18.66.181.182:443 cdn.prod.uidapi.com tcp
US 104.18.35.167:443 cdn-ima.33across.com tcp
NL 178.250.1.3:443 static.criteo.net tcp
US 8.8.8.8:53 cadmus.script.ac udp
US 172.67.75.241:443 script.4dex.io tcp
US 104.18.22.145:443 cadmus.script.ac tcp
GB 172.217.16.225:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 ghb1.adtelligent.com udp
US 172.64.151.101:443 htlb.casalemedia.com udp
DE 51.89.9.251:443 onetag-sys.com udp
US 8.8.8.8:53 oajs.openx.net udp
US 23.227.151.242:443 ghb1.adtelligent.com tcp
US 34.120.135.53:443 oajs.openx.net tcp
US 8.8.8.8:53 id5-sync.com udp
DE 141.95.98.65:443 id5-sync.com tcp
US 8.8.8.8:53 9def0057472ed1a435ea47d3eb220400.safeframe.googlesyndication.com udp
US 34.120.135.53:443 oajs.openx.net udp
GB 172.217.169.65:443 9def0057472ed1a435ea47d3eb220400.safeframe.googlesyndication.com tcp
GB 172.217.16.225:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 google-bidout-d.openx.net udp
US 35.244.159.8:443 google-bidout-d.openx.net tcp
US 8.8.8.8:53 209.30.22.104.in-addr.arpa udp
US 8.8.8.8:53 66.97.40.145.in-addr.arpa udp
US 8.8.8.8:53 150.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 241.75.67.172.in-addr.arpa udp
US 8.8.8.8:53 100.228.230.54.in-addr.arpa udp
US 8.8.8.8:53 87.70.96.34.in-addr.arpa udp
US 8.8.8.8:53 192.146.102.34.in-addr.arpa udp
US 8.8.8.8:53 167.35.18.104.in-addr.arpa udp
US 8.8.8.8:53 18.11.151.107.in-addr.arpa udp
US 8.8.8.8:53 86.53.22.104.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 182.181.66.18.in-addr.arpa udp
US 8.8.8.8:53 53.135.120.34.in-addr.arpa udp
US 8.8.8.8:53 242.151.227.23.in-addr.arpa udp
US 8.8.8.8:53 65.98.95.141.in-addr.arpa udp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 251.9.89.51.in-addr.arpa udp
US 8.8.8.8:53 149.77.78.54.in-addr.arpa udp
US 8.8.8.8:53 101.151.64.172.in-addr.arpa udp
US 8.8.8.8:53 gum.criteo.com udp
US 8.8.8.8:53 resources.infolinks.com udp
US 172.66.42.247:443 resources.infolinks.com tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 8.159.244.35.in-addr.arpa udp
US 8.8.8.8:53 247.42.66.172.in-addr.arpa udp
US 8.8.8.8:53 router.infolinks.com udp
US 104.16.53.110:443 otnolatrnup.com udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 110.53.16.104.in-addr.arpa udp
US 104.16.53.110:80 otnolatrnup.com tcp
US 104.16.53.110:80 otnolatrnup.com tcp
US 199.91.155.89:443 download2348.mediafire.com tcp
US 199.91.155.89:443 download2348.mediafire.com tcp
US 199.91.155.89:443 download2348.mediafire.com tcp
US 8.8.8.8:53 id.a-mx.com udp
US 8.8.8.8:53 ups.analytics.yahoo.com udp
US 8.8.8.8:53 id.hadron.ad.gt udp
US 52.223.40.198:443 match.adsrvr.org tcp
US 8.8.8.8:53 woreppercomming.com udp
NL 79.127.227.46:443 id.a-mx.com tcp
DE 3.71.149.231:443 ups.analytics.yahoo.com tcp
US 104.22.5.69:443 id.hadron.ad.gt tcp
US 8.8.8.8:53 visitor.omnitagjs.com udp
DE 108.138.36.16:443 woreppercomming.com tcp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
US 8.8.8.8:53 csync.smilewanted.com udp
US 8.8.8.8:53 s.console.adtarget.com.tr udp
US 8.8.8.8:53 js-sec.indexww.com udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 assets.a-mo.net udp
US 8.8.8.8:53 eb2.3lift.com udp
US 8.8.8.8:53 c3.a-mo.net udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 172.64.149.180:443 js-sec.indexww.com tcp
NL 178.250.1.11:443 gum.criteo.com tcp
NL 178.250.1.11:443 gum.criteo.com tcp
US 13.248.245.213:443 eb2.3lift.com tcp
DE 162.19.138.82:443 lb.eu-1-id5-sync.com tcp
SE 104.73.92.198:443 ads.pubmatic.com tcp
DE 79.127.216.47:443 c3.a-mo.net tcp
US 104.19.159.19:443 assets.a-mo.net tcp
US 13.248.245.213:443 eb2.3lift.com tcp
DE 168.119.66.90:443 s.console.adtarget.com.tr tcp
US 172.64.149.180:443 js-sec.indexww.com tcp
DE 79.127.216.47:443 c3.a-mo.net tcp
DE 168.119.66.90:443 s.console.adtarget.com.tr tcp
US 8.8.8.8:53 www.ovardu.com udp
US 8.8.8.8:53 89.155.91.199.in-addr.arpa udp
US 8.8.8.8:53 46.227.127.79.in-addr.arpa udp
US 8.8.8.8:53 69.5.22.104.in-addr.arpa udp
US 8.8.8.8:53 231.149.71.3.in-addr.arpa udp
US 8.8.8.8:53 16.36.138.108.in-addr.arpa udp
US 8.8.8.8:53 153.84.255.185.in-addr.arpa udp
IE 54.73.162.61:443 ce.lijit.com tcp
US 172.67.174.4:443 www.ovardu.com tcp
US 8.8.8.8:53 www.opera.com udp
DE 35.158.68.76:443 www.opera.com tcp
US 8.8.8.8:53 image8.pubmatic.com udp
US 8.8.8.8:53 x.bidswitch.net udp
GB 185.64.191.214:443 image8.pubmatic.com tcp
US 8.8.8.8:53 secure.adnxs.com udp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 8.8.8.8:53 rtb.mfadsrvr.com udp
US 8.8.8.8:53 sync.mathtag.com udp
US 8.8.8.8:53 gum.aidemsrv.com udp
NL 185.89.210.141:443 secure.adnxs.com tcp
NL 185.89.210.141:443 secure.adnxs.com tcp
US 216.200.232.253:443 sync.mathtag.com tcp
DE 18.197.7.178:443 rtb.mfadsrvr.com tcp
US 104.17.44.93:443 gum.aidemsrv.com tcp
US 8.8.8.8:53 ssc-cms.33across.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 67.202.105.22:443 ssc-cms.33across.com tcp
GB 142.250.180.2:443 cm.g.doubleclick.net tcp
US 8.8.8.8:53 player.aniview.com udp
NL 178.250.1.9:443 dis.criteo.com tcp
NL 2.18.121.10:443 player.aniview.com tcp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
BE 104.68.78.171:443 secure-assets.rubiconproject.com tcp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
US 8.8.8.8:53 pixel-eu.rubiconproject.com udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 19.159.19.104.in-addr.arpa udp
US 8.8.8.8:53 47.216.127.79.in-addr.arpa udp
US 8.8.8.8:53 82.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 90.66.119.168.in-addr.arpa udp
US 8.8.8.8:53 4.174.67.172.in-addr.arpa udp
US 8.8.8.8:53 61.162.73.54.in-addr.arpa udp
US 8.8.8.8:53 76.68.158.35.in-addr.arpa udp
US 8.8.8.8:53 214.191.64.185.in-addr.arpa udp
US 8.8.8.8:53 141.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 93.44.17.104.in-addr.arpa udp
US 8.8.8.8:53 178.7.197.18.in-addr.arpa udp
US 8.8.8.8:53 2.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 22.105.202.67.in-addr.arpa udp
FR 178.32.210.231:443 ssbsync.smartadserver.com tcp
NL 69.173.156.148:443 pixel-eu.rubiconproject.com tcp
US 8.8.8.8:53 eus.rubiconproject.com udp
BE 23.55.98.169:443 eus.rubiconproject.com tcp
US 8.8.8.8:53 api-2-0.spot.im udp
GB 142.250.180.2:443 cm.g.doubleclick.net udp
US 54.230.228.84:443 api-2-0.spot.im tcp
US 8.8.8.8:53 image2.pubmatic.com udp
NL 178.250.1.3:443 static.criteo.net tcp
NL 198.47.127.205:443 image2.pubmatic.com tcp
US 8.8.8.8:53 pb-am.a-mo.net udp
NL 147.75.84.158:443 pb-am.a-mo.net tcp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 sync.aniview.com udp
US 80.77.87.161:443 cs.admanmedia.com tcp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 96.46.186.182:443 sync.aniview.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
US 8.8.8.8:53 match.prod.bidr.io udp
US 8.8.8.8:53 px.ads.linkedin.com udp
US 8.8.8.8:53 pr-bh.ybp.yahoo.com udp
IE 34.251.183.115:443 match.prod.bidr.io tcp
IE 34.251.183.115:443 match.prod.bidr.io tcp
NL 69.173.156.148:443 pixel-eu.rubiconproject.com tcp
DE 91.228.74.244:443 cms.quantserve.com tcp
DE 91.228.74.244:443 cms.quantserve.com tcp
US 13.107.42.14:443 px.ads.linkedin.com tcp
IE 52.49.128.48:443 pr-bh.ybp.yahoo.com tcp
US 8.8.8.8:53 c1.adform.net udp
US 8.8.8.8:53 ads.stickyadstv.com udp
US 8.8.8.8:53 cdn-production-opera-website.operacdn.com udp
US 8.8.8.8:53 www.googleoptimize.com udp
DK 37.157.3.20:443 c1.adform.net tcp
US 8.8.8.8:53 pixel.rubiconproject.com udp
GB 2.22.132.239:443 cdn-production-opera-website.operacdn.com tcp
GB 2.22.132.239:443 cdn-production-opera-website.operacdn.com tcp
GB 2.22.132.239:443 cdn-production-opera-website.operacdn.com tcp
GB 2.22.132.239:443 cdn-production-opera-website.operacdn.com tcp
GB 2.22.132.239:443 cdn-production-opera-website.operacdn.com tcp
GB 2.22.132.239:443 cdn-production-opera-website.operacdn.com tcp
FR 154.54.250.81:443 ads.stickyadstv.com tcp
GB 172.217.16.238:443 www.googleoptimize.com tcp
US 8.8.8.8:53 image6.pubmatic.com udp
US 8.8.8.8:53 creativecdn.com udp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
US 34.98.64.218:443 google-bidout-d.openx.net udp
NL 198.47.127.19:443 image6.pubmatic.com tcp
US 8.8.8.8:53 image4.pubmatic.com udp
DE 141.95.98.65:443 lb.eu-1-id5-sync.com tcp
NL 185.184.8.90:443 creativecdn.com tcp
US 8.8.8.8:53 sync.targeting.unrulymedia.com udp
US 8.8.8.8:53 s.amazon-adsystem.com udp
US 8.8.8.8:53 bh.contextweb.com udp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
GB 185.64.190.81:443 image4.pubmatic.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
US 52.46.128.147:443 s.amazon-adsystem.com tcp
IE 54.239.33.158:443 aax-eu.amazon-adsystem.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
US 8.8.8.8:53 231.210.32.178.in-addr.arpa udp
US 8.8.8.8:53 169.98.55.23.in-addr.arpa udp
US 8.8.8.8:53 84.228.230.54.in-addr.arpa udp
US 8.8.8.8:53 205.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 158.84.75.147.in-addr.arpa udp
US 8.8.8.8:53 115.183.251.34.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 244.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 48.128.49.52.in-addr.arpa udp
US 8.8.8.8:53 20.3.157.37.in-addr.arpa udp
US 8.8.8.8:53 81.250.54.154.in-addr.arpa udp
US 8.8.8.8:53 239.132.22.2.in-addr.arpa udp
US 8.8.8.8:53 149.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 81.190.64.185.in-addr.arpa udp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
US 8.8.8.8:53 token.rubiconproject.com udp
US 8.8.8.8:53 static.smilewanted.com udp
US 80.77.87.161:443 cs.admanmedia.com tcp
NL 81.17.55.106:443 rtb-csync.smartadserver.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 8.8.8.8:53 www-static.operacdn.com udp
GB 2.22.132.239:443 cdn-production-opera-website.operacdn.com tcp
US 8.8.8.8:53 sync.search.spotxchange.com udp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
US 8.8.8.8:53 pxl.iqm.com udp
US 8.8.8.8:53 sync.crwdcntrl.net udp
US 8.8.8.8:53 t.adx.opera.com udp
US 8.8.8.8:53 sync.a-mo.net udp
US 54.88.142.103:443 pxl.iqm.com tcp
NL 82.145.213.8:443 t.adx.opera.com tcp
DE 35.158.68.76:443 www.opera.com tcp
NL 145.40.97.66:443 sync.a-mo.net tcp
IE 54.239.33.158:443 aax-eu.amazon-adsystem.com tcp
US 8.8.8.8:53 pixel.tapad.com udp
US 34.111.113.62:443 pixel.tapad.com tcp
US 8.8.8.8:53 158.33.239.54.in-addr.arpa udp
US 8.8.8.8:53 106.55.17.81.in-addr.arpa udp
US 8.8.8.8:53 150.216.36.34.in-addr.arpa udp
US 8.8.8.8:53 s.ad.smaato.net udp
US 34.111.113.62:443 pixel.tapad.com udp
US 8.8.8.8:53 dsp.adfarm1.adition.com udp
US 8.8.8.8:53 inv-nets.admixer.net udp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 dsum-sec.casalemedia.com udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
DE 108.138.36.83:443 s.ad.smaato.net tcp
DE 85.114.159.93:443 dsp.adfarm1.adition.com tcp
US 35.186.253.211:443 rtb.openx.net tcp
DE 116.202.167.133:443 inv-nets.admixer.net tcp
US 52.71.174.196:443 sync.srv.stackadapt.com tcp
US 52.71.174.196:443 sync.srv.stackadapt.com tcp
US 8.8.8.8:53 simage2.pubmatic.com udp
GB 185.64.191.210:443 simage2.pubmatic.com tcp
US 8.8.8.8:53 ssbsync-global.smartadserver.com udp
US 8.8.8.8:53 pool.admedo.com udp
US 172.67.40.173:443 spl.zeotap.com tcp
US 8.8.8.8:53 cm.adform.net udp
DK 37.157.6.237:443 cm.adform.net tcp
BE 35.210.53.219:443 pool.admedo.com tcp
US 8.8.8.8:53 cs.krushmedia.com udp
US 8.2.110.134:443 cs.krushmedia.com tcp
US 52.71.174.196:443 sync.srv.stackadapt.com tcp
US 8.8.8.8:53 dsp.nrich.ai udp
FR 51.68.39.188:443 dsp.nrich.ai tcp
US 8.8.8.8:53 ad.mrtnsvr.com udp
BE 35.210.53.219:443 pool.admedo.com udp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
US 8.8.8.8:53 ad.360yield.com udp
US 8.8.8.8:53 sync-tm.everesttech.net udp
US 8.8.8.8:53 p.rfihub.com udp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
IE 34.248.87.89:443 ad.360yield.com tcp
US 151.101.2.49:443 sync-tm.everesttech.net tcp
NL 193.0.160.130:443 p.rfihub.com tcp
US 8.8.8.8:53 103.142.88.54.in-addr.arpa udp
US 8.8.8.8:53 211.253.186.35.in-addr.arpa udp
US 8.8.8.8:53 62.113.111.34.in-addr.arpa udp
US 8.8.8.8:53 93.159.114.85.in-addr.arpa udp
US 8.8.8.8:53 83.36.138.108.in-addr.arpa udp
US 8.8.8.8:53 133.167.202.116.in-addr.arpa udp
US 8.8.8.8:53 210.191.64.185.in-addr.arpa udp
US 8.8.8.8:53 196.174.71.52.in-addr.arpa udp
US 8.8.8.8:53 237.6.157.37.in-addr.arpa udp
US 8.8.8.8:53 219.53.210.35.in-addr.arpa udp
US 8.8.8.8:53 134.110.2.8.in-addr.arpa udp
US 8.8.8.8:53 188.39.68.51.in-addr.arpa udp
US 8.8.8.8:53 6.163.102.34.in-addr.arpa udp
US 8.8.8.8:53 um.simpli.fi udp
US 8.8.8.8:53 pixel-us-east.rubiconproject.com udp
US 8.8.8.8:53 data.adsrvr.org udp
NL 35.204.158.49:443 um.simpli.fi tcp
US 8.8.8.8:53 aorta.clickagy.com udp
US 69.173.146.5:443 pixel-us-east.rubiconproject.com tcp
US 8.8.8.8:53 sync.serverbid.com udp
NL 35.204.158.49:443 um.simpli.fi tcp
US 8.8.8.8:53 cdn.indexww.com udp
US 8.8.8.8:53 ssum.casalemedia.com udp
US 54.204.122.94:443 aorta.clickagy.com tcp
US 8.8.8.8:53 d5p.de17a.com udp
DE 108.138.36.73:443 sync.serverbid.com tcp
SE 213.155.156.167:443 d5p.de17a.com tcp
US 8.8.8.8:53 csync.loopme.me udp
NL 35.214.140.70:443 csync.loopme.me tcp
US 8.8.8.8:53 cm-supply-web.gammaplatform.com udp
SG 35.186.154.107:443 cm-supply-web.gammaplatform.com tcp
US 8.8.8.8:53 ipac.ctnsnet.com udp
US 35.186.193.173:443 ipac.ctnsnet.com tcp
US 8.8.8.8:53 ad.turn.com udp
US 8.8.8.8:53 sync.smartadserver.com udp
NL 46.228.164.11:443 ad.turn.com tcp
SG 35.186.154.107:443 cm-supply-web.gammaplatform.com tcp
FR 5.135.209.105:443 sync.smartadserver.com tcp
US 8.8.8.8:53 s0.2mdn.net udp
US 8.8.8.8:53 core.iprom.net udp
GB 216.58.204.70:443 s0.2mdn.net tcp
SI 195.5.165.20:443 core.iprom.net tcp
US 8.8.8.8:53 green.erne.co udp
US 8.8.8.8:53 130.160.0.193.in-addr.arpa udp
US 8.8.8.8:53 49.158.204.35.in-addr.arpa udp
US 8.8.8.8:53 5.146.173.69.in-addr.arpa udp
US 8.8.8.8:53 73.36.138.108.in-addr.arpa udp
US 8.8.8.8:53 94.122.204.54.in-addr.arpa udp
US 8.8.8.8:53 167.156.155.213.in-addr.arpa udp
US 8.8.8.8:53 70.140.214.35.in-addr.arpa udp
US 8.8.8.8:53 173.193.186.35.in-addr.arpa udp
US 8.8.8.8:53 11.164.228.46.in-addr.arpa udp
US 8.8.8.8:53 105.209.135.5.in-addr.arpa udp
FR 141.95.171.141:443 green.erne.co tcp
US 8.8.8.8:53 cm.adgrx.com udp
IE 54.217.19.5:443 cm.adgrx.com tcp
US 8.8.8.8:53 pixel-eu.onaudience.com udp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
FR 146.59.148.16:443 pixel-eu.onaudience.com tcp
US 8.8.8.8:53 id.rtb.mx udp
US 8.8.8.8:53 ow.pubmatic.com udp
DE 79.127.216.47:443 id.rtb.mx tcp
NL 185.64.189.116:443 ow.pubmatic.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 8.8.8.8:53 sync.ipredictive.com udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
US 8.8.8.8:53 b1sync.zemanta.com udp
US 54.145.215.200:443 sync.ipredictive.com tcp
US 8.8.8.8:53 jadserve.postrelease.com udp
US 8.8.8.8:53 match.sharethrough.com udp
NL 69.173.156.149:443 token.rubiconproject.com tcp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
NL 69.173.156.149:443 token.rubiconproject.com tcp
US 8.8.8.8:53 crt.sectigo.com udp
US 8.8.8.8:53 id.rlcdn.com udp
US 50.31.142.159:443 b1sync.zemanta.com tcp
US 50.31.142.159:443 b1sync.zemanta.com tcp
US 192.132.33.67:443 bttrack.com tcp
IE 54.171.168.223:443 jadserve.postrelease.com tcp
US 34.197.100.197:443 cs-server-s2s.yellowblue.io tcp
DE 35.157.119.107:443 match.sharethrough.com tcp
US 104.18.38.233:80 crt.sectigo.com tcp
US 8.8.8.8:53 live.primis.tech udp
DE 108.138.36.127:443 live.primis.tech tcp
US 35.244.174.68:443 id.rlcdn.com tcp
US 50.31.142.159:443 b1sync.zemanta.com tcp
US 8.8.8.8:53 capi.connatix.com udp
US 8.8.8.8:53 cr.frontend.weborama.fr udp
US 172.64.146.152:443 capi.connatix.com tcp
US 8.8.8.8:53 mwzeom.zeotap.com udp
US 8.8.8.8:53 pubmatic-match.dotomi.com udp
US 8.8.8.8:53 match.adsby.bidtheatre.com udp
US 34.111.129.221:443 cr.frontend.weborama.fr tcp
NL 63.215.202.169:443 pubmatic-match.dotomi.com tcp
US 8.8.8.8:53 70.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 20.165.5.195.in-addr.arpa udp
US 8.8.8.8:53 141.171.95.141.in-addr.arpa udp
US 8.8.8.8:53 5.19.217.54.in-addr.arpa udp
US 8.8.8.8:53 16.148.59.146.in-addr.arpa udp
US 8.8.8.8:53 116.189.64.185.in-addr.arpa udp
US 8.8.8.8:53 233.38.18.104.in-addr.arpa udp
US 8.8.8.8:53 107.119.157.35.in-addr.arpa udp
US 8.8.8.8:53 197.100.197.34.in-addr.arpa udp
US 8.8.8.8:53 67.33.132.192.in-addr.arpa udp
US 8.8.8.8:53 127.36.138.108.in-addr.arpa udp
US 8.8.8.8:53 159.142.31.50.in-addr.arpa udp
NL 64.227.64.62:443 match.adsby.bidtheatre.com tcp
US 8.8.8.8:53 ice.360yield.com udp
IE 54.246.29.14:443 ice.360yield.com tcp
US 8.8.8.8:53 u.openx.net udp
US 8.8.8.8:53 us.shb-sync.com udp
US 8.2.110.33:443 us.shb-sync.com tcp
US 50.31.142.159:443 b1sync.zemanta.com tcp
US 50.31.142.159:443 b1sync.zemanta.com tcp
US 8.8.8.8:53 221.129.111.34.in-addr.arpa udp
US 8.8.8.8:53 169.202.215.63.in-addr.arpa udp
US 8.8.8.8:53 152.146.64.172.in-addr.arpa udp
US 8.8.8.8:53 62.64.227.64.in-addr.arpa udp
US 8.8.8.8:53 14.29.246.54.in-addr.arpa udp
US 34.111.129.221:443 cr.frontend.weborama.fr udp
US 8.8.8.8:53 simage4.pubmatic.com udp
NL 198.47.127.20:443 simage4.pubmatic.com tcp
US 8.8.8.8:53 matching.truffle.bid udp
DE 162.55.120.196:443 matching.truffle.bid tcp
US 8.8.8.8:53 a.tribalfusion.com udp
US 8.8.8.8:53 33.110.2.8.in-addr.arpa udp
US 8.8.8.8:53 20.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 196.120.55.162.in-addr.arpa udp
US 104.18.24.173:443 a.tribalfusion.com tcp
US 8.8.8.8:53 uipglob.semasio.net udp
US 8.8.8.8:53 pixel.onaudience.com udp
FR 141.94.170.64:443 pixel.onaudience.com tcp
DK 77.243.51.122:443 uipglob.semasio.net tcp
US 8.8.8.8:53 s.tribalfusion.com udp
US 8.8.8.8:53 ps.eyeota.net udp
DE 3.120.214.218:443 ps.eyeota.net tcp
US 8.8.8.8:53 173.24.18.104.in-addr.arpa udp
US 8.8.8.8:53 64.170.94.141.in-addr.arpa udp
US 8.8.8.8:53 122.51.243.77.in-addr.arpa udp
US 8.8.8.8:53 218.214.120.3.in-addr.arpa udp
US 8.8.8.8:53 d.turn.com udp
NL 46.228.164.13:443 d.turn.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
GB 163.70.147.35:443 www.facebook.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
NL 35.214.142.18:443 e2c43.gcp.gvt2.com tcp
US 8.8.8.8:53 beacons.gvt2.com udp
US 192.178.49.163:443 beacons.gvt2.com tcp
US 8.8.8.8:53 18.142.214.35.in-addr.arpa udp
FR 185.255.84.150:443 hb-api.omnitagjs.com tcp
US 8.8.8.8:53 ghb2.adtelligent.com udp
NL 178.250.1.8:443 bidder.criteo.com tcp
DE 142.132.249.188:443 ghb2.adtelligent.com tcp
US 8.8.8.8:53 163.49.178.192.in-addr.arpa udp
US 8.8.8.8:53 188.249.132.142.in-addr.arpa udp
GB 142.250.200.54:443 i.ytimg.com udp
GB 142.250.180.1:443 yt3.ggpht.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 172.217.169.46:443 www.youtube.com udp
US 8.8.8.8:53 46.169.217.172.in-addr.arpa udp
GB 142.250.200.54:443 i.ytimg.com udp
US 8.8.8.8:53 beacons2.gvt2.com udp
AU 142.250.70.131:443 beacons2.gvt2.com tcp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 13.67.191.143:443 msedge.api.cdp.microsoft.com tcp
AU 142.250.70.131:443 beacons2.gvt2.com tcp
AU 142.250.70.131:443 beacons2.gvt2.com udp
US 8.8.8.8:53 143.191.67.13.in-addr.arpa udp
US 8.8.8.8:53 131.70.250.142.in-addr.arpa udp
US 8.8.8.8:53 google.com udp
GB 142.250.178.14:443 google.com tcp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
NL 2.18.121.24:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 24.121.18.2.in-addr.arpa udp
GB 172.217.169.46:443 www.youtube.com udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 e2c34.gcp.gvt2.com udp
KR 35.216.18.75:443 e2c34.gcp.gvt2.com tcp
KR 35.216.18.75:443 e2c34.gcp.gvt2.com tcp
GB 142.250.179.238:443 img.youtube.com udp
US 192.178.49.163:443 beacons.gvt2.com udp
GB 142.250.180.3:443 id.google.com udp
US 8.8.8.8:53 75.18.216.35.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com udp
DE 51.195.68.163:443 www.win-rar.com tcp
DE 51.195.68.163:443 www.win-rar.com tcp
DE 51.195.68.163:443 www.win-rar.com tcp
DE 51.195.68.163:443 www.win-rar.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 e2c13.gcp.gvt2.com udp
FI 35.228.141.16:443 e2c13.gcp.gvt2.com tcp
US 8.8.8.8:53 16.141.228.35.in-addr.arpa udp
GB 142.250.200.54:443 i.ytimg.com udp
GB 172.217.16.234:443 translate-pa.googleapis.com udp
GB 142.250.179.238:443 img.youtube.com udp
DE 51.195.68.163:443 www.win-rar.com tcp
DE 51.195.68.163:443 www.win-rar.com tcp
US 13.67.191.143:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 beacons4.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 216.239.32.116:443 beacons4.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
US 8.8.8.8:53 116.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 google.com udp
GB 142.250.178.14:443 google.com udp
GB 172.217.169.46:443 www.youtube.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 ea98e583ad99df195d29aa066204ab56
SHA1 f89398664af0179641aa0138b337097b617cb2db
SHA256 a7abb51435909fa2d75c6f2ff5c69a93d4a0ab276ed579e7d8733b2a63ffbee6
SHA512 e109be3466e653e5d310b3e402e1626298b09205d223722a82344dd78504f3c33e1e24e8402a02f38cd2c9c50d96a303ce4846bea5a583423937ab018cd5782f

\??\pipe\LOCAL\crashpad_5056_SZOBQWZHGJNVNVWD

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 4f7152bc5a1a715ef481e37d1c791959
SHA1 c8a1ed674c62ae4f45519f90a8cc5a81eff3a6d7
SHA256 704dd4f98d8ca34ec421f23ba1891b178c23c14b3301e4655efc5c02d356c2bc
SHA512 2e6b02ca35d76a655a17a5f3e9dbd8d7517c7dae24f0095c7350eb9e7bdf9e1256a7009aa8878f96c89d1ea4fe5323a41f72b8c551806dda62880d7ff231ff5c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 df163e75c809867c72b417ccdabf50be
SHA1 8990b2e2a2cdaad1b689c27c82f8f98fb0e544fc
SHA256 7c6d2ecdabf25f952f06d621d181d78fc3ff09f7b97cdf741d2e215ac84ff60a
SHA512 d203681b76dc4e2e773102bd3bbd0c4940e25725f8b6a6aa5c6bc27eb4709b26987d040ef7c0e27131925cf326a5e14aae69876b0daee147c07bd27b157a43eb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 ca3aa3be2e3c80782707a9f935ec469a
SHA1 715d70fc1d620dfd2aa9d7842b6b35800af6712e
SHA256 5d22f82ac12a5fc7c473014314148e979498b0a0ea1ee3a694b5b22138d78220
SHA512 ecaf5082164ef861afefd77e1e35178004984c95e986b4b4495c191136cc1beb0dca5025f159eb4332026f7efbc56c6af6c6cb8f0423032b6824392b451f7453

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 902d0945dd89850c596d77d5c6e77aef
SHA1 eb3184c1bdba4c05d24b7401c27bbc89b2028258
SHA256 fc83bacd44a089d2b2c4c7610bbfe830989a555864ccedc618cfb0df31069f64
SHA512 993c5c752adc61fc0252b5c56d1512e07f98858eb05899077a30d8bae817dbff8a9fbe9fc618da690fcac6ff19d1f9e60220d12d62778d91255c313f1e9c0c1c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe578d1d.TMP

MD5 38ec7fb73b7548f8fecf1929ab1c3f90
SHA1 2ae875465c04a97fd552d60063bcca8f16a5a29b
SHA256 f3b885db5043fed0ef1117ef632a82245519960ac1f2415f573a3ae7da12c25a
SHA512 b891f4e73696efd1d74c3af19fae14c05ecafc349d8f05fcc42e3c963459fe2d38c32b66f800620c872e6808a910c803feba928157548a0d07871e41e04ab952

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\bb96eb39-f8f4-462a-80e2-7dda38126aad.tmp

MD5 d96cbdbb3a4d2492c7f2b65ee3541b49
SHA1 27067983ede5d52f65ab100d9d8010a885093c78
SHA256 b31ebc65a8907a65679532a25dc5169b0eb5af12b0c4495fe18fa1c21443a8c0
SHA512 a34d545ea4c199e72d5082140c8a64b65bda4c1361cf7b5e6556f7ddcbd746cdebcc6ad6d581d4eb09fd2751ab9650a699d526f1efda1a69dd2f0394217e74b5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c468145b81640a67d083c8726e5f28d0
SHA1 56331501ecba8d8a9017bded9ba13d9ea14f0cc6
SHA256 6ced7e3a225dc4a6ada9823b0d97405b75558f1c935ef453f798bcfbe31a2795
SHA512 ab1355862b23d6838427550eadc814c42864effc1300ee6f04e023d9999472b2789158cfb15adb7e595193e57f564a0550fe0cd496ad9be6c7bd2fc1ec4a2443

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

MD5 2e86a72f4e82614cd4842950d2e0a716
SHA1 d7b4ee0c9af735d098bff474632fc2c0113e0b9c
SHA256 c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f
SHA512 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

MD5 c3c0eb5e044497577bec91b5970f6d30
SHA1 d833f81cf21f68d43ba64a6c28892945adc317a6
SHA256 eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb
SHA512 83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

MD5 56d57bc655526551f217536f19195495
SHA1 28b430886d1220855a805d78dc5d6414aeee6995
SHA256 f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4
SHA512 7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

MD5 74e33b4b54f4d1f3da06ab47c5936a13
SHA1 6e5976d593b6ee3dca3c4dbbb90071b76e1cd85c
SHA256 535fc48679c38decd459ad656bdd6914e539754265244d0cc7b1da6bddf3e287
SHA512 79218e8ee50484af968480ff9b211815c97c3f3035414e685aa5d15d9b4152682d87b66202339f212bf3b463a074bf7a4431107b50303f28e2eb4b17843991c2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

MD5 aac57f6f587f163486628b8860aa3637
SHA1 b1b51e14672caae2361f0e2c54b72d1107cfce54
SHA256 0cda72f2d9b6f196897f58d5de1fe1b43424ce55701eac625e591a0fd4ce7486
SHA512 0622796aab85764434e30cbe78b4e80e129443744dd13bc376f7a124ed04863c86bb1dcd5222bb1814f6599accbd45c9ee2b983da6c461b68670ae59141a6c1a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

MD5 b48e876e91ec89fbaaef68677fac8058
SHA1 90d1ec84f062ed577f423c44dc8bf04bde44d514
SHA256 41b601617afa569c0a42d592341bdbc062b2480bc61f6ab89d85c43c1b2987ac
SHA512 2d07f78ffdb9ed12e560c9ebf64fdccc4ddf89b7866d28f5c8ccb862ddd56977d2aed1e82158f6f7f444664b4417e96a7923994c51052acc8ca1d6739f7ab5d4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

MD5 d8f1a8f64a434ec73da73e42015e077d
SHA1 5eca46870823a19716902984abce08b62faff9eb
SHA256 ff908c689d595e4a7869aee50b7f6b4a6a07bdb04f7db24d80e2c0df2284a9a6
SHA512 c8990894b760ae4cafd66a9c52782b310e3c788a790753803c0400cddfcc4681abb201d4c20d71556ef2110216c1f57e8958b8cb85519f79e27c280e3020efe5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

MD5 55540a230bdab55187a841cfe1aa1545
SHA1 363e4734f757bdeb89868efe94907774a327695e
SHA256 d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb
SHA512 c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f5db94350d318d3925b1eb5df96d1705
SHA1 a01a6f04793d7cadaaa2f0236e47db4931116a70
SHA256 fa84f86246159590efc5bc602f8166e65d2df5ccf1d054abf333db209658bbd2
SHA512 1888c985b8ac69f74b6e6c7ec6e53b46619177323ac732ec5e53f3df00b134a3acdc602b28b01dab7b923d14eb22f39f7220091aab2c5c041a22bbda5bfdec30

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 386ce45f8245c4897815485f9bb399bb
SHA1 cd92bfb3181e34b5a0f6d03bec200f83332f391c
SHA256 5c128053d81f77687dd487a9747a2f9bd504187c6458e3d09d45be2181849d7e
SHA512 8dffe399989f62d30461dc131512ac71425a81b7348c7bbb553c6b063d9628ee481e0bd52bbed4cb6eb3137b2ed9503d680d30eaf16e25446bae93d0c36fe63e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003b

MD5 9a8ceef2725801e17be5c55b0a7b6887
SHA1 567f8cc2c9704f0f9186e50bb7ed9582bc3ac924
SHA256 c34f0544214631ecebb3d75ea3e9876f8096703b293266fdcb6426952fc98027
SHA512 57c534210f5905ae7d74e3adb6c39ad3d387797786b9a9b8def51508f83b83e97dbca9a48dd0bf38dadb6ea81dc5769d704c8ad58471baf727866eb06c2c4dcd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003e

MD5 1aca735014a6bb648f468ee476680d5b
SHA1 6d28e3ae6e42784769199948211e3aa0806fa62c
SHA256 e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a
SHA512 808aa9af5a3164f31466af4bac25c8a8c3f19910579cf176033359500c8e26f0a96cdc68ccf8808b65937dc87c121238c1c1b0be296d4306d5d197a1e4c38e86

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003f

MD5 856a3daa268de8801e7cfd5b727b6de2
SHA1 8e099b433518980e657c7541c49b498e6b83430d
SHA256 b870ae3c5216311e1dd7b8662e01d1fa3326edc85a98a58247cd37b8cfca0be5
SHA512 2f191ea906a3551576ab14e607fdde9930fcb15f15ffb40a8c5999ba07224bbb8ea69918db11d1cd719a3d57510edd466ad2b9199c6a45a48463b0020a2e6eba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 830604d517e84a300553ceb3ce58ad32
SHA1 8f70d5ab970a41a0e8cc980c13d30c1b126e9c60
SHA256 93cf09cfcde56cbeaaf4083a1566fc6710b7a686356e48c7433084205ddcda8f
SHA512 a7c52c08c64620e0e039cf862cf9ebec0c6a75c8e9257814537301bc1af2312f47ac9d152320bf76e6a697daf32492d52527f807bf958a61216501d33507516d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c523307eea6d69be336bed23374fa67c
SHA1 e25f1086917e0fb7f61fe0dacedd1303d7c59251
SHA256 ad07649545317f8f062455621630837b08750ebea5041431a7f8f43953fbcf0e
SHA512 f6ec359f058c87add347ffdccf44029e7f8eac30646ffff417d4df0a156477365fa82f78adacb78aa280d24cfd48e263b0884e68be3020972283c75560080011

C:\Users\Admin\Downloads\Unconfirmed 957524.crdownload

MD5 f16ac9b02b4726b444b383d76db1ae18
SHA1 7388c264874447d1ded6b6acaa35d26144d023a9
SHA256 f59c4acec3cd952c3ab981d56e1e68f543ad8684a3b44c6b59b70fbabc2b5ff0
SHA512 9bf0e99eae1406341358c787de4bfd412933af8ca064e0aa09f0bf6893b5d5d9899a82d360f423cc7fae6d647e7196778fddee031508caae99f4a9316e6edf39

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 43d6d05e8bd2fe46779e39ea645fe4d7
SHA1 b4a01b14b1415bc7c59bd60d102d35c28aedaa51
SHA256 cc481be181585fe418f52e8584c9e42ceae1504d14187fa9dd0972749fbcbb7e
SHA512 ae6b74134d4a39ed4daeefff7fe765464bc08652d740f445ccaddb7e52d599cdfab6060ad16fbe325400ee12d11f959aa654ba1c0a42936eef72581904f381a9

C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe

MD5 529ac613c7ac1ddbaebe9e7d9f82eca4
SHA1 fc8cb991735a98a9663776a61cb9c185a3335f94
SHA256 cd6a5d746b5c36525d781e6d40368f87a3edc3ea157bf63fb55baacc51337f0d
SHA512 e2378819587ed7eb417d0375d49a55ef9292b9e8d22718a52688e3fad59d68a711281f25d1045a9da5442f2d805b9d98aedbf4278c9188208bb2edd917751e04

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 bb1b8d298154507d951cefd57dff0af0
SHA1 6d55be8d198488537f782aed39808dd16926ad22
SHA256 df5967526dac83a5393e7bf71d2c6ca9a1898c03d743ff55676ad0d9c61f8d78
SHA512 bc88350f54ea70af26606de5cb23c4fbf3dda9d1996b8814714dc5f68371beae52b0effe1aec01fee5974ee77086a0eb310e29f19d4d08ab8a31a220e9c9830a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9fdbdb3a09a7f7aa1f6acfef0fbe41bb
SHA1 9dacf5da44778b117225e720e1f7e7772ffab412
SHA256 f665375a9277cda145a2f399c5080be57b8dab4aacee92da54b0adb499963ab6
SHA512 1e8a36fe08dfb44236e4eaf19c861ed5fe68accefda190b510de2eea1bd8ca9a9e0bea2fc2d06adff6677183445548eb8ffcb595435b77439ac43e16731d51e7

C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\442b78765b051e21bcf04e926b87079e

MD5 442b78765b051e21bcf04e926b87079e
SHA1 1a22cf8c593231a6963bf2a624bf105420d4dae9
SHA256 4387634feeb838cbf3156a553ff0914b3cbbc3369a1179a3c6fa57c58b755017
SHA512 da2fb23108d05193776703addfad8887fa8455e5a1de441fa2a53d1da6142559f19d1a64910d88643b73a23e12fa09b6cb04f3df2aa007edfe0a4adb8175feaa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 7e44cb9b7da3329d353f39d21933c066
SHA1 4c40250ff1afc8bfc72ea25bfce387e4a9e782c4
SHA256 23fde9d2e2ee26e59fe7eb74a598ae77261e67aa3a229b3027c2f32e87e49d73
SHA512 bc802375deb262a2cf0ee94f989819e14776ef918bf35be87ea8f5b37076f6a16752ab10ae7dcb01958f8ef9706c4f26efdd1d7c841164c0ab845450b3959a73

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c1a9b639fe65dd2e7aff54c79b39b08b
SHA1 39ad9399d9f9d7502157fa696f009ff3e4c78676
SHA256 da32534b66d91d343226e0f82e0b05c6a248c3262bcdcf077c9867b7305e4100
SHA512 ced4778721eed4851d25b34617866a9be95e93c5fdd4b166b547612601af5393e99f75a70611b69b139f1218b2ea237939f5c1f1aad3967284379213bf0f7854

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a

MD5 69337a988e26263e0ea621a13ba8473c
SHA1 cc86fa4c0dc14e22a7be3c21e473274fd96f5468
SHA256 00567789db0b2733ded71ceaa78d2ebbfae7f23404bc9df4a51314aae4778d3a
SHA512 f6d4389e70eca10ec6da7f9db8138c126d994765ba2626ca04434e73c3422f48e9b15dcf5735c17f5f6003f3b31543c6e5346adac24744e4bc2eaab730cf2213

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026

MD5 b27f84a42563e3a026e2707ab018c358
SHA1 df81db2e654d05f0104b94f038d5da7a3154ce5f
SHA256 aec8b1e8c2395c8cbc4f7a32ad6ed72427ee77ccaced32a65dfc87774dc42ffc
SHA512 401888d45e37db5aac5aedf5e39baae3ebe657006a1687ce3fca94f28d0fce9c19228718a50387f514f3f34e74b6f1a282c0c158703305af38302b3b8da5b37c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

MD5 13dc21b619875bf3c305ad4392da213e
SHA1 e9bd166d2701068f58d4a06f4fb80d93d19a51b6
SHA256 e48fb3f7ee4187931cf53df83b0270dd910aa39623ac793b325fad452c1433f4
SHA512 e457e3f07cee33aafe215ba4f0f10d59951ecfe51b2f19594f2cb6888060c9c659103f5ab9134fd15358b4ffa2562fca3c793bdfe7706e371472d5036e63dbf7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

MD5 5f23e9854476ed9ab0807b3dc06b178b
SHA1 de4c652384da4ffe30e6fb7e2d44d2a70af4beeb
SHA256 e23d84a90c7c70e061018ee0486aff05581ad58031522ad16ec4293880a9a4ec
SHA512 7bdfbda65508891221206d6e8167381dd26ddaa26bd48c86b15e91b466a83a988595cd4799b5f9b1f7f645b2152b64398b9eed59d506a957664f1ded8a576530

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025

MD5 1ba76006c042a00b35dac26173f32539
SHA1 f5cfeeff1fca8a9a1e483138c3db248d7958b47e
SHA256 d777bf991ad6e955b3e7e57d86a21f761fd4092b779848439281e36c1b43ce8c
SHA512 7377f4536adef2cbaf8b9f103767cf412d3eb3e61eed7f8e297d028b4adf62bb802ec763eb9276cbe186fe22df91d0a2fe725ce5b6641ebfcb9aec7ac45c1d73

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

MD5 4dc57ab56e37cd05e81f0d8aaafc5179
SHA1 494a90728d7680f979b0ad87f09b5b58f16d1cd5
SHA256 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718
SHA512 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 d61c9389d6b73b6a8bbb199bdf05d9fe
SHA1 24b6532346279a4ceef3c431081f7410f2fd69b8
SHA256 2a9742945a25f0b2aa693f9b233de48a248e1fbe02ea465eae1220c017c658ae
SHA512 8ff896c591a3f5389f416379b519430636f3ed0d910dd0c89b3c3a1fa531e04883c685007fff52997dabae3ae107c9346aa7f43af35a459a9d390436d06bd68c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000048

MD5 cb305d32beaf3b4efc542b29d4da4449
SHA1 1c0c1232c8b371c6de1d587a24551e28b571abab
SHA256 cc9bd19cf704eaf02ef7d4716282725fcee3a86c0337eb7d36cdd88b6b8e19cd
SHA512 4e7a310c179315661f9c1d2f1f30e122e6956fc28bd0c89eb103f48e0ba865fa57d9eec474e09a68ade67387129432bba24ab3d8b159902d930b558c8e485135

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\08dcc4d3aa29480e_0

MD5 951e12e00a8fa9b3b3f4d8188db77be7
SHA1 1dd9587637c67adfbb4695f24a17e5b0d1ae69c2
SHA256 9e5fd4880eb2f675a29d7cbd452b8dea58cbc714bf92b06b221f34b2f28b51ae
SHA512 1a6f8b2be76842041db49e2a3652573a8b8d520329c294e32ac49b55c87b3995603363b53efec180a465314d5e9448ffca2c8e424e7aa73f3edf02f2172bb170

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004b

MD5 9c6b5ce6b3452e98573e6409c34dd73c
SHA1 de607fadef62e36945a409a838eb8fc36d819b42
SHA256 cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
SHA512 4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7191a46e676dcc5a520ddbd316d32701
SHA1 c346a4be27cc66cb78da451e14613c8594d9bb87
SHA256 1ca9a50a5ee42f3a5edab010d12b9daa9795f5a4dc104502714bd16f8fc71d73
SHA512 58e6443765f8c11d2d1a6bc262be4251fa72e39368d445942ebb136d0bc08635412701984dad8c7be533ab18abf9dc8545e51ab1e9b2c235445c922d10e8109b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 409c299e2e695f1510ba8370b57dda2c
SHA1 e1b1892673a2f539772c660dfe68a46b096c047a
SHA256 15e60362b4ebfa3e445af93a09ff4153c022bc1b77ecf19bb5bca4289d755417
SHA512 7f6faf69464671422005128222521c2802dc45a5da83e03f4d3d10a334172b7d38d55c953aec14a0e779a8fba447ebe765e7ae34dec43d65c690e5bc2cf51ee0

memory/6452-1436-0x00000000002D0000-0x0000000000305000-memory.dmp

memory/6452-1437-0x0000000073830000-0x0000000073A40000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 789ccfcbd8dec9de7f5514f3e3ef2a28
SHA1 6b5955390f39a79cac5914b4c2c5fe596d8137cd
SHA256 7ba537b9d88bab92381068373c6bb5e69f8d5720814a1def2eb6a57f81798412
SHA512 e637b565fd0da39dcb6b58b6ee21e4fe9e9484e35de4593992cdf85c16f5912a5275bfb1bea7daab9e050d58f5e8fd975a67eb31941bf6fb163c4606e00d241f

C:\Users\Admin\Downloads\Unconfirmed 659875.crdownload

MD5 a141303fe3fd74208c1c8a1121a7f67d
SHA1 b55c286e80a9e128fbf615da63169162c08aef94
SHA256 1c3c3560906974161f25f5f81de4620787b55ca76002ac3c4fc846d57a06df99
SHA512 2323c292bfa7ea712d39a4d33cdd19563dd073fee6c684d02e7e931abe72af92f85e5bf8bff7c647e4fcdc522b148e9b8d1dd43a9d37c73c0ae86d5efb1885c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d8268139e580fd27f81220eb24366b16
SHA1 12006b58b11cbc467e5c6f2ae686f5ab6549e2e9
SHA256 a267748afdd540bb78e22043ba65d2efaff8f9586db89a35f2ff4bbb231230dd
SHA512 f35880af2448191c64e5d5863c44830b2ae1d525d7cac4ed4d01b885838180e6ba92f8d2d4df1188f9a9ac09216f1b1dec79714653b76276b9c63eeddd4cd57d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 2050b1f01cd61e8b203a6905ad263599
SHA1 d13064352438d6b0748a575bfd802b88c9fcf9f0
SHA256 a9a10a4a32e0dd5e9f192dfb95dfa98501d379ca918989076aafd0374f39be1a
SHA512 853c7015aeac12a6f26a366a68adaa81406e5b69af275a53e92035812d67b8ad6d4bfbf2a63c4b05316a69268ea823dde9f3d6fe1e19186a55611f7145ce9ba6

memory/6452-1552-0x0000000073830000-0x0000000073A40000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\924451f7-11c7-4cde-a2f0-2e3566739dce.tmp

MD5 10703b03e7f20d2069cacc9756ec3dec
SHA1 8d7e296b4a17abe27f1c087b72a7bbd8f9915250
SHA256 2d468e164b3e302c63dd2580661c2b95f50a643598c6795a027d627a48ed0459
SHA512 122e5065f7010a4fda0b70c1ca3267766ef5d68f5ee8f2bd2c7a4e1fd9823e1061c0fa38d9ee4d7ccd1257616eb32f4d7eee932f066d59794b4a132126ed8611

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 e306665d98a9f11261acef6493cea65f
SHA1 5949f0a36cd263f090a25ea2f5f9cadd953917b2
SHA256 f404032f43b75396c9c2ef50c230c6f1094f58f86b168bd78cda397c105dee90
SHA512 db82f4dd7eda0a3b4ff6a53a4e75499e7a732129d1b1298b2a902eab04d9df4a16a88f4579f416794ef58f3332fd0f4b33e0d4fe85137551401421ee52de2d58

C:\Config.Msi\e594a3f.rbs

MD5 e082cb1800c1edd619aaf09f0e6d2b21
SHA1 fc2695b9caf357bc0c099d8d77594ab1bec4904d
SHA256 fff12fdb5658ae2f91d971761a2faaaead13d29a6762e1faefe1cd588d90080c
SHA512 372059220d6ae2a282a76fa7805200f04f8ae20166cc896e9495dc71ffccc1e77a2afb93af728fb4e08f6c856189013de0bb21b9386cf172f19e30cc9987d14a

C:\Config.Msi\e594a43.rbs

MD5 1fd4c2fdf943daecec04748fc4a6a783
SHA1 02a3a683da5516f46365702f09ac0ee9011c2f45
SHA256 359bb2336acd574b2da1f21207854455df3d437be1552e7dddb5a4f7fe981dff
SHA512 9827e93a801110ad709e321afe89b64d1da672fd1adc64c5cad3c6e9da214e60d157aaeae806638353f180645560b2d92add63799059cebf07c7499277eaf92c

C:\Program Files\MsEdgeCrashpad\settings.dat

MD5 7826cf418af3d8788a7c2d166004174d
SHA1 ceb886eec9e2638e3ceccbd523106d28f9bc77c8
SHA256 7e9e7ecaaeb4e405d934b6a79d5441a9b706fc98a035912e4cdb03ab20b87e08
SHA512 03219da08f6c06b84665251adfeb46eec85611a235da0853152680c1c3c7ba97ea13f3d88c6f95df85817d8946f8ff3f34b372d3273addfd9541ea6bf3a68310

C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.85\Installer\setup.exe

MD5 776d096934ab49e06d98f228f2f09578
SHA1 85843747c6b28fbfa094ffd37306260a0b80665c
SHA256 4454ee06716329235c9395b1bc3c5498565074bd43fffd70123935ed68096796
SHA512 cada5800ea29613e4cebc370a77b0fa589656ed27cf52eb3f6ae0321d951a98afaa192ae1e06c3a4662726b64a9f84903cc3ec633f7170d1bf25cc66c8ad4354

memory/6452-1803-0x00000000002D0000-0x0000000000305000-memory.dmp

memory/6000-1808-0x00007FFFD8050000-0x00007FFFD8060000-memory.dmp

memory/6000-1814-0x00007FFFD81B0000-0x00007FFFD81E0000-memory.dmp

memory/6000-1816-0x00007FFFD81B0000-0x00007FFFD81E0000-memory.dmp

memory/6000-1815-0x00007FFFD81B0000-0x00007FFFD81E0000-memory.dmp

memory/6000-1813-0x00007FFFD81B0000-0x00007FFFD81E0000-memory.dmp

memory/6000-1812-0x00007FFFD81B0000-0x00007FFFD81E0000-memory.dmp

memory/6000-1811-0x00007FFFD8160000-0x00007FFFD8170000-memory.dmp

memory/6000-1810-0x00007FFFD8160000-0x00007FFFD8170000-memory.dmp

memory/6000-1809-0x00007FFFD8050000-0x00007FFFD8060000-memory.dmp

memory/6000-1817-0x00007FFFD8240000-0x00007FFFD8245000-memory.dmp

memory/6000-1822-0x00007FFFD7CC0000-0x00007FFFD7CD0000-memory.dmp

memory/6000-1826-0x00007FFFD7CC0000-0x00007FFFD7CD0000-memory.dmp

memory/6000-1825-0x00007FFFD7CC0000-0x00007FFFD7CD0000-memory.dmp

memory/6000-1823-0x00007FFFD7CC0000-0x00007FFFD7CD0000-memory.dmp

memory/6000-1820-0x00007FFFD7CA0000-0x00007FFFD7CB0000-memory.dmp

memory/6000-1821-0x00007FFFD7CA0000-0x00007FFFD7CB0000-memory.dmp

memory/6000-1824-0x00007FFFD7CC0000-0x00007FFFD7CD0000-memory.dmp

memory/6000-1819-0x00007FFFD7C10000-0x00007FFFD7C20000-memory.dmp

memory/6000-1818-0x00007FFFD7C10000-0x00007FFFD7C20000-memory.dmp

memory/6000-1827-0x00007FFFD5D30000-0x00007FFFD5D40000-memory.dmp

memory/6000-1832-0x00007FFFD5FB0000-0x00007FFFD5FE0000-memory.dmp

memory/6000-1835-0x00007FFFD5FB0000-0x00007FFFD5FE0000-memory.dmp

memory/6000-1833-0x00007FFFD5FB0000-0x00007FFFD5FE0000-memory.dmp

memory/6000-1831-0x00007FFFD5FB0000-0x00007FFFD5FE0000-memory.dmp

memory/6000-1830-0x00007FFFD5E40000-0x00007FFFD5E50000-memory.dmp

memory/6000-1829-0x00007FFFD5E40000-0x00007FFFD5E50000-memory.dmp

memory/6000-1840-0x00007FFFD6790000-0x00007FFFD679E000-memory.dmp

memory/6000-1842-0x00007FFFD6790000-0x00007FFFD679E000-memory.dmp

memory/6000-1846-0x00007FFFD6820000-0x00007FFFD682B000-memory.dmp

memory/6000-1845-0x00007FFFD6820000-0x00007FFFD682B000-memory.dmp

memory/6000-1844-0x00007FFFD6800000-0x00007FFFD6810000-memory.dmp

memory/6000-1843-0x00007FFFD6800000-0x00007FFFD6810000-memory.dmp

memory/6000-1841-0x00007FFFD6790000-0x00007FFFD679E000-memory.dmp

memory/6000-1839-0x00007FFFD6790000-0x00007FFFD679E000-memory.dmp

memory/6000-1838-0x00007FFFD6790000-0x00007FFFD679E000-memory.dmp

memory/6000-1837-0x00007FFFD66E0000-0x00007FFFD66F0000-memory.dmp

memory/6000-1836-0x00007FFFD66E0000-0x00007FFFD66F0000-memory.dmp

memory/6000-1828-0x00007FFFD5D30000-0x00007FFFD5D40000-memory.dmp

memory/6000-1834-0x00007FFFD5FB0000-0x00007FFFD5FE0000-memory.dmp

C:\Program Files (x86)\7-Zip\7zFM.exe

MD5 52ae15f525a8732bcb89ba874461b05e
SHA1 265ec2444e7724374a9cbba01c4f4d89e58108fa
SHA256 1e6162ad80dc358bd58013500c18ce568ec97734eebb94acd70cb74bba5c0c91
SHA512 617d29d831943bb06a2f3846679cd47025a9979bd3331b221f2239f8ac6f7a255d642dd638be761f71b3f4994b6d84cc0b04a2baf072e1b596d18191a24154ac

C:\Config.Msi\e594a44.rbs

MD5 45db65d1f527cc98cc88d84fd8887f90
SHA1 2f40d93cea5db774f567b0eaf37301b505703aa8
SHA256 776ad45cf3c17c8b448715756daad68de205f87c439be51e8c2738fa8babeee3
SHA512 42fda90455bfcde643c79885539ac67e2bb7ccf8d5f5d0a5541c5d7adfb069b3e8a5b8a7e1a644198152af6209bbf0de47ad0b3a506633e1f4b46c1f92f0307a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0b30978246429c3e5e3f36ecf764a216
SHA1 2f098de1c666f17e11c1067d192d6b6dbc380d4b
SHA256 1a17168119834525ab355697a9a2a01cadd6c017f253d6791a1ab8ceb0015055
SHA512 7a3e3390595416d6ae63761ca44271183e572abf0742cc77c66ee94ff9b616930e26140858202775d7894c3d90f55983ad52f5c5ecb7422506e82b69b51d8c74

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

MD5 6c8413dbb2b54b0d8d2c44902da2488b
SHA1 d798aaff61a4dcf553c40705a2029497dda61d1a
SHA256 fe8ffa9f7682f10f96899685ecb9bac43717904b88b54fd49dc0107f77f0096f
SHA512 f5ed56a26aaae0093ed55deba827d02df775c1673cf3270a1ec6d5feef3a3c556523d1ef5535da4488f284b8a9ddf67682309748a769f0b39c96f06409030fdc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

MD5 3c6402ca667d5be25d0cf118502f6f41
SHA1 c57737bb7409d91579569d7cb1f21c8c5925c430
SHA256 065c1d1d5d643ada11492f0b69c18d437cdef4bd9cc604af593cddbbc7dfbae4
SHA512 ac2fcbc9165343b6046b880623ccfc3ef50e43609f5432e41f477d8ab4142ae76eb82bbb27144f89053ec6196f87249085d7a31df25564c75be9a14ac58db464

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

MD5 36fc06c98d7e9cb7a5e9b6138c71f3e6
SHA1 636b7840bbbeafafafd57df3ebbb75edc1e1fb30
SHA256 2463c144d64e7a02d65de59eed1acd4a4677d5083413de10c34d21d6f3c225ed
SHA512 ba3d1671b60fcd2d46786cdf7014c47f5c7e21bd4bc8db640633b41f17b731b8f70c6c7b12df01e5b47438059ca597dd2ac7e17c5c22725b5286fe732b3c937d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

MD5 3cd0f2f60ab620c7be0c2c3dbf2cda97
SHA1 47fad82bfa9a32d578c0c84aed2840c55bd27bfb
SHA256 29a3b99e23b07099e1d2a3c0b4cff458a2eba2519f4654c26cf22d03f149e36b
SHA512 ef6e3bbd7e03be8e514936bcb0b5a59b4cf4e677ad24d6d2dfca8c1ec95f134ae37f2042d8bf9a0e343b68bff98a0fd748503f35d5e9d42cdaa1dc283dec89fb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

MD5 cf989be758e8dab43e0a5bc0798c71e0
SHA1 97537516ffd3621ffdd0219ede2a0771a9d1e01d
SHA256 beeca69af7bea038faf8f688bf2f10fda22dee6d9d9429306d379a7a4be0c615
SHA512 f8a88edb6bcd029ad02cba25cae57fdf9bbc7fa17c26e7d03f09040eb0559bc27bd4db11025706190ae548363a1d3b3f95519b9740e562bb9531c4d51e3ca2b7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000079

MD5 c8094a8bbcaf5996ff1604004b3ebe32
SHA1 766f82d363f6ef12eac98c1a6f205b293fa2a885
SHA256 e9faa40f370f76c8a9a942a71f7e1fcfea87141fc8706088f633f66bb66f3cd2
SHA512 6513b94c2f9fbeb62260963007d24b57d40d0ac23ec282ab9d1757d123b419b97c4931942390b0e1ca628a0fc00b9b54b60897ca59e4fe6c59dc264a18a1148a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007d

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000082

MD5 69ef77257c7fa3a494a232f90b05d55c
SHA1 19dc83dc05f718e9693de231d48bf0307d8d29a2
SHA256 d1ec04bcd468208a30012d660d1e857bd9d4d937957d45bb10cc7483de435421
SHA512 1b95ee10d622e1468e04691dc47fcb59da6349ba8cdc0814ac8d27a0ebcb9c09692ef1b86533ebd59f2bca87f3340cbe032a011223afe4e7db018af47bab38ea

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8600d2f8d61852d6960c7758bea9f6a7
SHA1 765b4b5aa6beaa39b72d46e46ab9f987b34c29d3
SHA256 0262061f2b3eb8ee8a6fe92339511ccf1471613384b4d5bc846e55d897f11fdb
SHA512 a40df1465b3b37d5a89f73bf54ad65186e1b570a2cd4f3eb69f8952eb31f29bbbea568a36b2858278461f54b6cb096a5adfeb9c8b22ca8b797feb372b3018e23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5da3127931830f99090471b9f62a66a6
SHA1 7570cf6a492e83cd6fa5f143f808983146b19a7c
SHA256 1a764eb706151111b5bb1422c808a883a79adeb849db4bf44c86ba011543cdb7
SHA512 e1a95234dcee72a70d45777079e03b0ecfc58564bfe1b82a401013a9f4cb3d88eca6b95a47fd0fd57e25fbde552f1d81da7397bdeb2588cda3e7e84895918cc9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_00001a

MD5 aab2532f8363e63359dbf0c31981f57f
SHA1 a21523eb85636a0455977ffe525260a1a8568043
SHA256 a6abef5f074c67b1f9fbee679151a4c705b71f054c98f720dfabdc65786d5d13
SHA512 7b3c4ce6574b36bf0d4e05bba1063798b525744fdb37b28ad6fc78456ef7d704677795ae4dd0d0eda0954d15b3776395fa931abf82dd4b64583c360dd9916f64

C:\Users\Admin\Downloads\Fluxus.zip

MD5 120bce5f51303d34ea3635074d5d3ebf
SHA1 1bd5dc87c2788ffe578aec388cd048930613a2da
SHA256 28e904fd216f1fa26962fa9ca0be1bf2bdb1043b72fad7fd56824aa383d4a465
SHA512 f9c300ed468bb9c202658a819902a90cf4c89e9e9d56b56ea7280f0d293b83bd8ce11e28a71d0878ba4b069c3578b2595089dab8d84387299ac977acbe27237b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 0f329854e34a45d896d10a48722c75aa
SHA1 0d8755858da28a654890c881e97563655d513a21
SHA256 f50db6129a6a1ba85779c34803ae81b44395a496a201df4710786d9df68916e2
SHA512 aead7e1fc1ed7ce6ac4b65df66ff2e1a3af46ae4cadc7392b71715bfca87d7747733a1fcc81e70aa0756b2eab56ec2975f3792a0e88e6dfcdfabd968d9c227df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 741000a45b3cd963779d6ee515dbcf96
SHA1 3cde7c13e08eb18f5e99fe199a3781691e91fe10
SHA256 4dec993b50a86df6c9d79676c7522c946f7fe717cc2f10980d543208dd216477
SHA512 a4e7aabbe7d8605666ed727913a4143f61a2a8a89387839349431b21f0f42d7ef8519084014d997b20278d4e2cc00418a4da98c55876b5d8cc947b359a08e28a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 de05040051ec7bb1524e645748620b80
SHA1 643903895385328be8f94c92aeade2e598f6ef97
SHA256 5401c137582619c190ae37bbaf3cbc421f510854d19c810d5538becae6b853a2
SHA512 eebe11747d8f2ea44d0507f4de344176905e0ba9e172901de0379a71f56abe5357a26b2664e32ff5689b3ab17e9a9d0ac3263261ca663aa07f457d4b76b6f27a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5b2c8b.TMP

MD5 85732c28bd61efd6b362f992135465ae
SHA1 2c9e7fa2d80bcebd643afd98f5393288c036ef21
SHA256 16be39edd91dd8f326a1e5e5fb4b3cfb2296f30a8c23cf50e72cb8b6ac8a2597
SHA512 be8b1e9556eeeac56f6eed845004b1b7cbab6000cc061c835e18a91e3a968015803003359b55984231d80ab3a16aa8d4284f8084009ce256f03f7df6f61bc9da

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 99faed7f6fd6a184dcf39808c4710b3c
SHA1 d115205a4f66d45634cded0141a61cbd38c0af7c
SHA256 d8be5ac53e9fda6676829291f0ef1647038f2f2d81af597e24d97ae6649b61fc
SHA512 a4359eb3f740d2fcbe5cf575c900d6d5b2e9d58d7d4a892838af2ba530c9bcc3ec4201b3d4a69a83045d587c3ad064a306e5cce7c55aba3781c2d97374031d79

memory/6984-2637-0x00000000004F0000-0x00000000008E4000-memory.dmp

memory/6984-2638-0x0000000005C10000-0x00000000061B4000-memory.dmp

memory/6984-2639-0x0000000005740000-0x00000000057D2000-memory.dmp

memory/6984-2640-0x0000000009D80000-0x0000000009D88000-memory.dmp

memory/6984-2641-0x000000000A130000-0x000000000A168000-memory.dmp

memory/6984-2642-0x0000000009D90000-0x0000000009D9E000-memory.dmp

memory/6984-2643-0x000000000B700000-0x000000000BD28000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_rfd0gs0t.cb4.ps1

MD5 d17fe0a3f47be24a6453e9ef58c94641
SHA1 6ab83620379fc69f80c0242105ddffd7d98d5d9d
SHA256 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7
SHA512 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

memory/6984-2653-0x000000000B6B0000-0x000000000B6CA000-memory.dmp

memory/6984-2654-0x000000000BD70000-0x000000000BDA6000-memory.dmp

memory/6984-2655-0x000000000C430000-0x000000000CAAA000-memory.dmp

memory/6984-2656-0x000000000BE50000-0x000000000BEE6000-memory.dmp

memory/6984-2657-0x000000000BDB0000-0x000000000BDD2000-memory.dmp

memory/6984-2658-0x000000000BEF0000-0x000000000BF56000-memory.dmp

memory/6984-2659-0x000000000BE00000-0x000000000BE1E000-memory.dmp

memory/6984-2660-0x000000000BFB0000-0x000000000BFFA000-memory.dmp

memory/6984-2661-0x000000000CAB0000-0x000000000CE04000-memory.dmp

memory/6984-2662-0x000000000CE10000-0x000000000CE76000-memory.dmp

memory/6984-2664-0x000000000CE80000-0x000000000CEA2000-memory.dmp

memory/6984-2665-0x000000000D040000-0x000000000D08C000-memory.dmp

memory/6984-2675-0x000000000E710000-0x000000000E72E000-memory.dmp

memory/6984-2676-0x000000000E730000-0x000000000E7D3000-memory.dmp

memory/6984-2677-0x000000000E9B0000-0x000000000E9BA000-memory.dmp

memory/6984-2678-0x000000000E9D0000-0x000000000E9E1000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b43866fd533d92b0d78588186257757f
SHA1 665647f3428c7c4e760cd8fdc70353e26752f900
SHA256 5f96977ee820977be5418d9262c697cd10c1f34b43059aa5dc79b36d0034bb68
SHA512 9ac7a1901228c94ecb45be0ab8046b25def4fae1a0cd33be2432c7f9b64e71c22efd49df577fd7f4559d52e7206fa87d01b5cab1029b7067755739011b8a8e80

memory/6984-2690-0x000000000EA00000-0x000000000EA0E000-memory.dmp

memory/6984-2691-0x000000000EA20000-0x000000000EA34000-memory.dmp

memory/6984-2692-0x000000000EA60000-0x000000000EA7A000-memory.dmp

memory/6984-2693-0x000000000EA80000-0x000000000EA88000-memory.dmp

memory/6984-2694-0x000000000D0C0000-0x000000000D0C8000-memory.dmp

memory/6984-2704-0x0000000009F30000-0x0000000009F3A000-memory.dmp

memory/6984-2705-0x0000000009F60000-0x0000000009F72000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 673d2cbc443a046dca360f7dea56d83c
SHA1 fb082106bba6f0c0fcbbc984208ba53a7c2751a4
SHA256 63a643d715c992c39632ad48425a2ff9d783f8b8c76f71d261a35e0a131c5bae
SHA512 e11894c187e3587aaa110ccc8010372d7a866305401836c5ed2a39d76f7e8809cef35b23354d2405ee61d62c60d909ab707054b36252d216b708a69092454bff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000076

MD5 52e4e1c3fed2994d964338f03762f259
SHA1 b980ff89526f3182fd3907f4b0d76978f32736f2
SHA256 2ea95dde729c3aaea112ef55b87dbda20c10bfa5666553542278cddfbe844dec
SHA512 afad8ff55281a632db1bf661f81143a89f8881fb539686d54e68e119a13ccfc37c761a832169e55502382b36272d44c9d8aa27b686a12ea6e8fe4861cb43dce4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000078

MD5 e89d490c9c227e4f71ca6a986a1a3b7d
SHA1 3d3c92989ed77705e16afbb6069ba52ebf4b4791
SHA256 545a7b59a9fd4ba30e44c1a5002940826da17a460ef775f1804cb9e0bcf60cdb
SHA512 f2babff8ad27f782330ed2a31c13039b56e185ea9f9b76bbf545e67618077923888a75057c5e28af1d18a9a81cf0b0e138f330d864560ac8b2e7f16de0778c9e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 37466c1248a8acd46e9199491185c1a7
SHA1 94e84bc011b9940dd0dc01366aa10bdbf6c7bc74
SHA256 1b4d9c3161b21b558b988187b76fa374f030b32bdd5a30922662813a6e115de9
SHA512 72e6acef112974a908d4adb82e66a6bce2e3e4d6f95859afb206d3433738ea87a720fd76e64957999a0e4e51db91f6ea942df43f9385c8f7284ee47b48f7db94

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

MD5 b1ed426677b7065810ba63e3615079e3
SHA1 207f557b999ce871711416525c709134d25f9906
SHA256 51f7b6cc694f8d26bcbd5dbd8283d24e9fb04913646d7973987ce4f7d6ca82dd
SHA512 604c2112315f934585be790fdbe1a38df2ec1e0d0398fc2817c742e27f0960302934f7026936bb21b93e24722c229622252f8b3c365a7926ffead679f7303bde

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\af2cfcaf6d9b18bc_0

MD5 5c4ef36cb2f600e0df12b5bb3dd741dc
SHA1 9f91054459fe393237f36aa933b97bdc20e5a565
SHA256 68f09d39b47a005b093a433f40222417e9b154e50416c3a08067be2740c72e96
SHA512 29f62a714b348b678ee20c80d2021d3b62af06ccaa5ad123a9953c2b4d855903474e9f5084d04f009303d34f228346b49a08a8b91b7bf728309338d73ee0fa6a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1c0ac1d175a8e3f4869a42afc3fb4b42
SHA1 2be54f61eae95d186829c9f662eeaf3894799669
SHA256 045f9121a204e72ac26de9e1636114ba16556979052eb893691c651595fc7f66
SHA512 d502c20813b9871708ec6de167fbcca58682d7ef100a656d47ba7c28fc08dee614310cc555bc8556470970dd82bbb78af7e6621e80cf459d7806165e1cf8bccc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

MD5 68f0a51fa86985999964ee43de12cdd5
SHA1 bbfc7666be00c560b7394fa0b82b864237a99d8c
SHA256 f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f
SHA512 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

MD5 3051c1e179d84292d3f84a1a0a112c80
SHA1 c11a63236373abfe574f2935a0e7024688b71ccb
SHA256 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3
SHA512 df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4d9f713a8622d1bd2b8ae0c1c6b25b90
SHA1 68097963c818b5207062199fc4688bd69812dcc5
SHA256 53a2b7c93e60947cab60a7f30f96ce5813488b3a73eb3944b112e79e2cb36329
SHA512 071010473c4411f6777d2b77202ef7f3f1c65b87dcbe0a8f550a772199e4c3301a5ab8fe137a8a6266e878462bfa4214062d5270a3d0955f30574ca850665559

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3473d2d671ae2a276dbf1bd8569cbf95
SHA1 eb4f4e52be496b07866af101454bfdfc90504a3a
SHA256 88075c86643e63d14b65d5edb11928fc8263ab86bb9d5eef23e822ee47d7a72b
SHA512 da24d2e7dcba85cc589a7edac1f9563ef0f5e580654e85642b00e4e0eb8e8c9b30b430ac345571f5a0d9f017a6f22d43ce570243b484603b904a64659b1edfcd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3d190acd5f9bfddf86a0f1a32859250a
SHA1 1f493f8b7d2fbb1bf69f5344b36c047aa62b6226
SHA256 df2d4a6f10b85e75f0e30f474d9a792876cd7518027aedae9fb3bdddda9d2c68
SHA512 36ed4c9bb09854b76ceec8f1398e0b2d2e6ec703d926033cc91a3470aae4a0d34ccab5f48a5e2388fd6d66fd5c31c0e10c016a6882fea16f1e7f97784da4c9f9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 05ced779b6a65e135f4a7a9a6d98bbed
SHA1 9ac964aa0bad23cd498b8be58a5fa5ffe4d6c56f
SHA256 77fc63eaea7049928907d02d01912ef8587e23e7f4161395cc1a1cadd5060d15
SHA512 cae96071074198514cf6fbf7389913cd5033c86bab3c012c8e85e85947ca2eee3d623cac9428d02720ccf421a39076f8929bdc8edd4f0198e2fe4c360e09b716

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 80bd47c1506cc580257767aef3ffc359
SHA1 7243e40c00b3e8e368c7e5697684a8ebb39aa445
SHA256 8374027736cbce326fe6280cae4cdf8ccd7eb4e476d4aee3e5e9192258dee750
SHA512 2ee33aafb74ff7c6498e9b64dbe1c2e367f344dccb54057d8a8d21ab6b247d8d1137d2db0134140f81489ec7227d63e2642801fa5cc7f54f49f1cd9777f78dc8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 2d7bfcdf6def336d1da55474e7e05124
SHA1 51b2c84ff1dbaf21bdb6a90217714b7bfb3837ea
SHA256 223f0387a63ed4d4fc9544a68a7399ab5c691e674d2c492d2f865cba5ae96f0c
SHA512 730935817399e2d2c0435111a725182a3d0f414b9cfa9b1f3eea912fc118309584a1b10db2a25f6e5ed0bbba147169ba6d8dd28afee1d482ae7cece728f31905

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Roaming\noxic™-nativefier-41fdc3\Session Storage\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 8525b3c7f53873148e2279cbe4ef93a9
SHA1 a39ab2950f330162860770f89913fa2a1dc42ad7
SHA256 832f12aa25b132afccaf566dd1a486a3e3a4b1dd79f5cda535eee76e62fe8230
SHA512 1352a0cc1490d9a1394a4d5ae9fa644f9b3a00088ae722a26eaf256c33a62f63efcbdc629b4f486a013b74931b90fd8b827067a9742b7dd3bbeaf0120647c5e6

C:\Users\Admin\AppData\Roaming\noxic™-nativefier-41fdc3\Code Cache\js\index-dir\the-real-index

MD5 7020e8a00e43880a02f2c269ada6c3f6
SHA1 344ab68220de99723154f3935b23c353eedb6dec
SHA256 181a9f62448e7e4a962e8f132e665a132f2218efb70af0464eb7906f0aaf801e
SHA512 2a2a029200f5f2c5294669191ddfabb502668c1825ae8386144b8f62cc97150c4c58a0b6dee96bcc70904c50a3dcd553411d81bbac6ab34ae7c9a6f9a584dcaf

C:\Users\Admin\AppData\Roaming\noxic™-nativefier-41fdc3\Code Cache\js\index-dir\the-real-index

MD5 7dc67116bd0429651cf37a030270fd3a
SHA1 1f79370bf2504a65ed13eacf830a1de56e38c190
SHA256 636cfc427f683af4a9d6d35ba8424db75949d31fa376edf33fdc8f2d2d1a271c
SHA512 3b6ccdbb487dcab7f7bc22fe54d428e8e0d773c666814dd236fc4528d24c5e2aebcfa647a2df61392780b12902ccd57b7225361a4dd5bafee73c9f4b03260b03

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0eb6d1b5fe67cb49ff104c27679a8d3f
SHA1 9f6f1902ec70348b1fe1f9b5b180a435bbdab121
SHA256 1966b9e362cb6a085ae94f9f3be24ae09ee2a1ba88d9305ef410895429520ef8
SHA512 3413c5914eb0f5aff69e81d6ae8f2d62ef5fd576b343924f92de04f803a61683791356682d3c0b8ae124fe302b80a249a9427de44a67df7a104250127bb14ad9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 cb947faf7b9a4c6287d6d179ee0f978f
SHA1 971e26f3e556bf3106bdd84bab6615ef55033366
SHA256 2387222b28639e7c04c3387b4ac975c0deeb09fa03a8bd820dcfcfe6ac966778
SHA512 927fed889b0320873b83fffbe099935c1ee7a436cd72f49d2a619fb929a5ffd442efe451e4ca6a0a84cf34d6c15f58f6f7d2c68eba2c3345389b36f1e46f89ec

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a8

MD5 46c17c999744470b689331f41eab7df1
SHA1 b8a63127df6a87d333061c622220d6d70ed80f7c
SHA256 c5b5def1c8882b702b6b25cbd94461c737bc151366d2d9eba5006c04886bfc9a
SHA512 4b02a3e85b699f62df1b4fe752c4dee08cfabc9b8bb316bc39b854bd5187fc602943a95788ec680c7d3dc2c26ad882e69c0740294bd6cb3b32cdcd165a9441b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b75c0c0bfd5b8423d3774d3e661c5285
SHA1 981fb9206172b1b298238bab260c07807181edb3
SHA256 ab1db44308b9134d8d2650762877ee98f85496fff26e2d1a256bb8ba7de50371
SHA512 eec64b518d23540079c2daa63fc783f6f7e038dbe57a7fe6aecfe269b4ea828b851e8341b53725c84626921984c00f59db005d24497ae74afd8b39a2a280131a

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.187.39\MicrosoftEdgeUpdateSetup_X86_1.3.187.39.exe

MD5 1f744e1c802560affe8b308640b6ab67
SHA1 bbfecefdf891c11d573760d4dabdf86091463421
SHA256 fa7d8a8cae60ab620d2aa887de62039d2647e4f5c1c649d75f0f52e14ec11a99
SHA512 780440aa518397e52bb429b5a8e7697bf0096db0fe343cd40a541b60f34ad4976ef7fc2204737d296a8c1fbed2951496503dc50158d6455617c67483f87f3015

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 797916e588789be6d6d522d8e7f8d8c7
SHA1 e5daba864e6d3ea09fd51738696ed50ceda1d527
SHA256 197c510a7271029b743f6a0e079a475ef7aa02ec027bb062b13539af672248d3
SHA512 0f354a69cb24c5e92bcad141e8152c672d021a0f8a047d79a6b5a7d392cb638690751215f9c1044ad69c333f4d7b8ae8dd4603a8925f2eccb421757f98ad6ec8

C:\Users\Admin\AppData\Roaming\noxic™-nativefier-41fdc3\Network\Network Persistent State

MD5 b42c1d1f140170bf542bd4ac33d04b5e
SHA1 37da1e28bb49dcc6036d9d40a4451f63007f0366
SHA256 4755840455a7cd910c3556321256d42720f82493543660335ce7df6c59c2b6f2
SHA512 8b654ecd047649eed457eb195777ea33aa204d3fb70492680995c6b6f77c124927362e33fcd84192f0f65c6186d2ba15f20c05003b892f38223a858ce8f4d6b7

C:\Users\Admin\AppData\Roaming\noxic™-nativefier-41fdc3\Network\Network Persistent State~RFe5e6918.TMP

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000072

MD5 4b5626ef1a6b0f75c8d937eea9cbe472
SHA1 ba61583664a55e451b1575043a0534f6d0448ca1
SHA256 901a4dab05c7222e8db25d976c4812110483ae21dddde9882b191ae536e66f37
SHA512 ee6dfb2222a2b798b7d98f66f135c1c55d2a6e2657611118e349ce164bc11a82dd614cecb05a1697cc61a7a55543b85140398d61ea969faa032a537ee93426c2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\295f5e2112efe00a_0

MD5 8abc4f957c2633708c68f78362b4f6dd
SHA1 8ae68a786d5669351fa29fa3d28e6856bcf37484
SHA256 1375b0d0108d9a23e47c818f985085e8b05faaf0a6b42e0b62a9839d1cda4058
SHA512 a65a2934bd73dd20d40bc8993203e0bdb8f874989c5b9c48bf5392d3cbecab2b0a1857dfd6ca4a9e7b10cef230dc8bd48f2ece098b7684ded3526e6db5ee6df9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\695c42f61090a800_0

MD5 32f85186c7e52b48a71c52425374323b
SHA1 04ce52798a69dfe485800d0acdfef85bc3ce5d45
SHA256 535640a369f24bae64bb88e22b9c40ef83752bb25ce5c411d8f968055959b74e
SHA512 228b4878a70543fefef24bec5b578900e3080523cbec904d89384e8ab1b5f82b260ff10a4d4e778f341d0973cc1acd9bcd1f01aefe00d3751d220816b63165cc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\af48edbd3578ee3b_0

MD5 eb5ac6e973316511e80f9d0563774446
SHA1 b9378d244086b2aa41388a7fb7fe785f6920467a
SHA256 59398099a0cb628896c95fd3a8bc58a54ef4b592007f7d5972164932dff3da79
SHA512 28ce8ef65e2ffbcc4fd072be6b9cab848ec53049bb27693b8ff9154df7bea309b5527ebdc698daa54e7f0c2fe895c175d2f72c3c374e359f3769f06496b73d29

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\94ebe1630900d094_0

MD5 dc3492e529563c32facd0db89164efec
SHA1 e62edcda788f4c4c1e0287310525f8fbac6393c3
SHA256 38195e099acfc3f0f377481789a9cb45ff8efb6edbbe0139a38614c31ed3b4d5
SHA512 9800714983fca430ff9cfe21ee8895c57abf375c42da4fe5a25f4aeaedcd0b0ef97bfbdc54f4f361a1d5abdd713f8d15712d2c1392613b59e55cc9e6fff2e32a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e77ea4edf13339cb_0

MD5 e7a1e072fe9a5eb0ff0b0e86b43f17ad
SHA1 972c404cd5d6676c46f1659561099c18d0bd17aa
SHA256 3602bb709f096efa0d8e6adb34e84cb495af77afb4781cd95ac386557448c92a
SHA512 f0657670165e26b51dce9f5ccc88f1655e977c65df5c63dda405052c886a46ff5afea4301f2d98cd3e5146c7cc8a8f728910428660f57ee205796dadbd2361f1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d7a29efad91a1117_0

MD5 bac6f6bec3ec4f0414189f631f0dcfb7
SHA1 9f6e0ad0f5c12b76b958f27ab19a44750c8bc8ba
SHA256 ecddd2d400382f6d80bdb1b19f9409bc6efa8ff4c436c4edf2c657ce041b6f5f
SHA512 68e3e239987ca2593418faee075d9043460da72cb6c707d4842d9d93ea01195bb3f6f297b64fda68d08de1d6c7777ffc4a17e73a4eb29b7137380211fbc9615d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7f05d59e6df9a390_0

MD5 54af704d8f69a1e913274bb8b74102af
SHA1 347fa6ff96d1bf6bc093007a73dcc2b501974fe2
SHA256 e35a6ee80eb1f923a3959b13e17cd66ecea68d22ac37c2f4259d62aafd264c0f
SHA512 1097a3d9a31f44bf9d840911ea8088f110ded9a9d32bc70a465a80594007971c79f71d3d5dc6f316bf5a50cfc240d0609678191d68f65d3cb36a3eccdc41fe6d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bfd9b5c29c5c8524_0

MD5 243fd940815c11879cfaf73159c2662f
SHA1 bb46d6986501b0ed36e34b72e3161e026f1fa0ff
SHA256 fdb1137f8175136956f398f7e323ee26973884d184899fc56a3426638803caf9
SHA512 51583b069b57f7dccda3d2138555b38441846b1abcebc2d40bbe0cedbea788a041a8dbaba91473bac9a82e1988c766192dbf6618f488a49784a1d731c47fc9d6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\02b1a637dfc4493e_0

MD5 e68590be7c4727d9a04d3713ceeea803
SHA1 8c5be9a7297ffff9f9d27854bd9f89488603b9a9
SHA256 618ec4225cd950b67e640de9ac73b5eab2ab96ca87ba83f5ca14dae522ebf6e9
SHA512 243bd6ccb7450dca795a488ab03f9dbde384558315c550ee334bc1cc6758ae1b0ca638998da8d021d5577ba6051c755513dac1dc880b6f3020002a86e7c21d7c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45a16ff6d0d9ab5f_0

MD5 8a3df8e199893c28ef54b77d22be6ce2
SHA1 fec4a6a57270195fd99974cb3827dfc5e0000e9d
SHA256 95d7d3f7387f311fe1ffa785db655b09d3b6957d39dab666d4e7a8465388a8c9
SHA512 fb73f2f31fb2549696d606331547d320dce019c22f004233a836b545da5a44ca9869e0f60b7a7eb154274372c07c8b0f916915a43a445b9267ea9f95a8de817d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9412c8b664751f90_0

MD5 f3a28c2298289107efc09516ffadc52d
SHA1 8ab4e674bb04b54315b6e3b5d188281e90f24973
SHA256 ced407ad5fad3ee8d202ddb35ebb564b39322ad250c753d0052142f45820f45f
SHA512 ea9dfc1dc8eefcbd0c02aef9c6cbf5ab3f138f93cccb3a92864a253376dc9a8331363e01432c2593118ac978217f0910c381850382be968dae950004921dd96d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53ac5abc87e80789_0

MD5 6020394e64f1f1fb912a8cb16997963b
SHA1 6478a50e4e12d394290f3f6d2c4c51a6efc629b8
SHA256 ec28ab534a77a4207f514a330c673c4478687f59190c483a792b5452abbfbfc9
SHA512 e753ad436189f1a32c657ebaf59f24ce2afa83e845ebe86104dc40a74dda426a419edcf1498f2a994e27739f747911dc76ba49cb1cd1de71bcd24e651f544c3a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f89251fac2b69325_0

MD5 3a0c09498adc5a2109c31c2b74b1be2a
SHA1 0647c776cffb6aecd38ccc461a9597a5174ee40a
SHA256 0d09fd5938f8cedc7a139726ec405bab29b00b91f78a9abd78095ea7a34a2170
SHA512 54f24eae78fbf175e9b32f1b81f531117d21cd8dda4867536f8443211252d28444db71e1a210011bc4639173c24001ec1e7e15a179723f9908c63cbba72e772b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\25c90b4fb1c6ef85_0

MD5 b6da4534e9994fac8ee2ff0537d5e01e
SHA1 599bdb0a180eebaa62c2a15cf08b8aa75454f3d3
SHA256 fba4323a156b6750589602eb86844641fb03d3028623a853cf43f296983aa325
SHA512 dd94c83cf191bd4137ff102ec593ba2e9bf0f2e42b8982034d3a246cb3eb4af51b851e7f2bad2fa7f12213253fcac85d515584f16615cc2cb6279291bc7381c6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c035c55e661cf4e0_0

MD5 e631386aed39a35d5cc712e847fe41cf
SHA1 5752043c779d98c3b27d19335b1bfa68e1046b46
SHA256 c4b9d7c020293c3c9a560639ae51821f317f2845efbc3c294f52c4535e9c5716
SHA512 dc085c21976d62730c2d1bc62a231459c987002a996f4902ba913fcfe27072e855afffa38820865b6c6a443f3fe7cb199c93e3b66d560e79b47db72a40bd0968

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\eafdef011b18f148_0

MD5 4e45a74893d395c08e5e639c990461e5
SHA1 8f1c1357b582bf1f0104ceae424e3f5da42ef283
SHA256 ab85ebd0b8375f4f6a78f5c2e5795d8bdc5641adda63f96c9dbbc6e00e29f672
SHA512 6231c923364f15cd9ee78a0b01647a5e5099d063764718cc078a03f989fa30e32344924c922292e72bcaf7e1e91890e8f79f6925e12b8124e27beab3292b56c6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e55f0a6d1b533c66_0

MD5 e1a3a3ccefa2da21d94057c98a8d23e5
SHA1 21610acfb8bbe8fcfe5169d03b8cb060d30cd8ba
SHA256 26353ab4efc8e5487a838eb241b162c6a14542b3e4efff871b0942eae842176a
SHA512 6307a8f440a068ecd5e392030236f6ef741f7dc048a3a4ce7b83132e12dc03b0c0e78ed2271f669859535e4f37c0dfe31ba20522a3e7a0a07440b3e38d5694d3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\06450eb6a7b09545_0

MD5 af376b1d4b0e14373485680a0e2f59a8
SHA1 16fdc962323ba87a2fb9f2806acce9e25fca0d3b
SHA256 58e1e851c9ee56a01515d8db12e28f0996850004461c84f53dbefcda93c6f05d
SHA512 7945fa90fe022f694bb634c92e66837f0275dbd30c76c2c2ba67be3121ced0a1b4156f0fee4d93fd1ad2b9d3b670186096a41314b89a777bcad18361db92fac8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2e4bbad99a372cc_0

MD5 25e9487e7ce30d6e91c6b8360b61151e
SHA1 6d2384ccd7c34c9d5642d2dfc4e98e6c4c887d91
SHA256 2936fa35e0269109b49b68b77fe519171d21851b4e085b74638b11ee533505e8
SHA512 cb0fd94dceae59fa5c723ca0bcda2ef9337af0aa740e0ae9c558d0512fbed4d3f5c31f04af9e476fbb14ad1dc9a671384fc89836f58f8ec9e41414ef3576feec

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a267b7c21d8b8c9c_0

MD5 8a9d75ee2ef7f7be1fede5918466f93e
SHA1 99d4307c0f42ad8b5b2290fcc6b91ad069eff252
SHA256 09ddd372fc81ee41894aaee8c1100d899b7b3ac7f43da48b08847df17a739db9
SHA512 7b3f2c681e2ecad8ae1285ac478d3ee43d35ca71597c2cc47a2c7dafefcc3bcce62efb2131bae79ef0169ca95ff4f3f2dfc7ff6b3e2ac93f39a1863e26da6623

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7c9c6ca73f79269b_0

MD5 1ebb48f6017a94c79bc1d960a6b53b7f
SHA1 5f2c2c9f656f932b3046e03b434f3bddd7f3feba
SHA256 0d2eab39a193ee08b054d32d85bfe7bd69dab3b0310653a5bc1227a4af70bfa6
SHA512 5ecaac99e96021fe2ade254b0491e688a4c165ecee59f81e4063f67e98a4428188697562a4cb328e0cdd2dc223f9b243a15b2361790afe462c12a908126bfe81

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d3dbb3008455b523_0

MD5 0a969d7313b7b151998473a38aecda1a
SHA1 0a79abeb1be6de3d3bb6871535ef04fceb88a78d
SHA256 baa0effd28c9bb3a4a04ecfba8afb3502a5a5589c7c058475faa733ad0f3e09f
SHA512 a1365c45bf0f69132b58cc139f9e8e35e0a2f1293ed7eb59919203fc30b1d5510ae02c109314d7a89b49be9eb733b328807882eabbbfbe52b8a615f4a8a81aa3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a09f6271ad0c4092_0

MD5 0b2c17fab6b042885871923da58412ea
SHA1 78bf9edbb79bd529a644063c484e552cb621c236
SHA256 ce01e02d5a9837f0fe8d68dee5040a0d9542ca94a31486aaa3b76395a7907317
SHA512 f12c4383fd3cce11d0a7b2d94d4a9a5723e20b822f798b127598a0df53f8397eeec75d875755c86503e94b03e8f8c0981040e879f75ba84c2731fea69e29eacf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9aee5cd509922cea_0

MD5 dbc5b3122d0db0dcd65a6c03c52f1d7f
SHA1 f36d604d1583aa51e62ba56eec0eb216d72bd525
SHA256 559dbc8bd052cb03a030f2f3998493dd070540e57bc68df3afeae828f3681d92
SHA512 63115b61ffc21b41fbd31349a9f206ae6dd38355bcc060612c367da83f4fc34c6d3717a3f5eb8207fafac579b5e32840ae37724b61e5bccf62b0e25d941b7265

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\80baba1206113f67_0

MD5 e5d8e78a11d861342fb6d80b66585a74
SHA1 20e77f6c33fad45de401a66557c9f10614b8e5df
SHA256 3b80ac134d13cfeebd273b6390e6f4e1e7fec591a77a6b2723605288e12386de
SHA512 67ab677be984e27315443e4931af0f3e828ebfc703de8d4f43fdf734811ebeda21a92f2f88ffffdd298a6a757c8e6a73e1a633dbe6f232d842edb0f65062fb91

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ac9b40a0411376f7_0

MD5 197662cb3489e7a0eae9ff560e0bcb72
SHA1 b07fd07e8500e1851b7d87301d0714c461f09ef7
SHA256 efea87f6dbd705e905c6a11b6879fee0c21128176c8c30f7a3848dfc24aac04f
SHA512 e937b05b012320fe60d7de2a6343a3587bfff0c63b08828c31fdd55d0f022dec403a4a5c686817ef95c825d07b40d7d0508f322b6c23e837edc8d208c32e3376

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7ad8760711f2bb72_0

MD5 6f912fb86309914b7b6eaf801702aeb8
SHA1 3b3f3f8bb1edb66defc93d32c11e072b7336e8df
SHA256 2310e4d9c08afaed9081b837ab2fcb81d7135a168fd67f6dc29cb9850840add5
SHA512 0ab16748e463aa6a546566e828dc29e9ae2822707f9433281bc2e5113dca28ac5822782f6178762dd9740632c8474831c4e941cb2040ff76265e1becf1e72b56

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1cd089e33e49d154_0

MD5 47c86dae9d312b82ef4a69c1e20de459
SHA1 ac3a77b87f93a837513dedfbcfd40b7470ae7119
SHA256 ebde131fdd67a4b6a46b663381f8a2b588cf3b430733587714aa250d8bb1fda2
SHA512 97f900c5cdb291d8501c0cb3817e6c8fef23581c7fa431c8c33f7c3eb725c90cb4824651466cee56da711f3fa56cf853c35b7e61495cdd1ed8261b79ff4909c4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\47d4e623e47f5bdd_0

MD5 a2ee9ae82081d6d07ad471f9e20dc416
SHA1 7eb3a1cbb6201c296735161ded786d67f671eef1
SHA256 c3aedc94eb4b40e1f58554df4f72688b97ae876e17c347e74e32f03f9f245ae8
SHA512 4682b8ace01f8875f92026056d8f55fb88b06bb87336b2ceed8fb954906b30443bc88c172fef0f7c85139929ab3161badb896b2e6d0a76f0da3f154c37675bc6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\032a982be73b7ccc_0

MD5 caa9e00355161b7ce268bc97d9f079af
SHA1 9aeef990df5ae093ca35044eba06f61d2c346289
SHA256 311cb91fa0bfc73d753aadc9ab047a4a33da25b9f48d96665805fb1193122159
SHA512 cf8f5cceba92105118ed7c2f2ca962409c8c6664249a6b087ed5dc2d142b8ea821b14cb6802b156bb10e910cffafaa34ee2f999071f91979fa01c32f32c1a62a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1ba208775fb5fe09_0

MD5 da39029a7460d525c25f5c44ed33943b
SHA1 56369fc96b3c1831c707f372808c9a1396026728
SHA256 49a0395c0d3e27ad5ef017bbdca26ef1b19ab78b5683a96c182eb6afd7d19e93
SHA512 51d90bf67673d0a9dadc0d0a38a357583dd7fc2fdcc4b70c016724131e1c2d2ea04f58014de9e5e95468a2a5cf24c14775efff67bedc190457919e2cc3c56dca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa20c296787a3f88_0

MD5 219edb701cf6a4648d3c66778fc7fd22
SHA1 340d48c01fca0b32bd843474c6207dbd8debe981
SHA256 53fc2561a62053108d3eb378b7299d6214982671ec71b42d8f59c0de0a9ca658
SHA512 dd4a2e3c5541a85cc4b22fac81e02d0b5735733708a2b1ad387d8f65c5a8bfae5478762b060859aaefb5666c97bb54a0e66b2414bdd1a7dd9aeed95df0b74cf3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5b2f11f3f15a5775_0

MD5 178b597d53df3024c66d33893a704678
SHA1 e405ebf52b273295fe42a119ed7287e8acc116d3
SHA256 ba44b2093db8c677f30db31a4d734637bec2407d80a0075ec0a0e49102e9c101
SHA512 dca553cf4536038bb9f273dc71d28e5073185ed13c7a043863d1a9ca6a8f44514a3b9dc4047c6128e9c423fc8cc6c4a5d96a802b801368b8cbf0e0b4b31c6fdb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b1d7d09e2437e8ee_0

MD5 837c0340bd211dffc7c1e6e07b8eea10
SHA1 66780a09b2972a4fb58be995f23b956fea562aa7
SHA256 f3da5556688c63db6cf8ea8c9a2feac855209060c6009303e8efe42805212e47
SHA512 5cb99d8f645d7f5d864c6636e3b10ef4cf045c691b1289ce8976f39467dedd3dca07431ceffba4817c30ba33bb1f2bc1581341dd3f8b57d077732170a5369aaf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2c55eb8382350e55_0

MD5 45aa24427daa870460022410499bb0c1
SHA1 67d4d4be9210d6ef29cbb9097f305dfbbd05bb7d
SHA256 fa0616b0f34324068712c21f856857eb63e6dfc11536c76ab7d57e60f7d4ed95
SHA512 1f8c0c1762c140a5fb9e119cc93bd9eb6c9711fd7d11981f7307f4ed53b2710cf635d335ce945c47f55608c2743553a725ef2fcaca49eaaebf09e610636ccc50

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f078f5fb70fd150f_0

MD5 8d97533787d39aa7655310fb0ecc93ce
SHA1 fc866626b5f8ba5c4518473950ea0bacf06b6ab7
SHA256 ef534b59b4073ca4c7be4875dde86231c01fe11355e01abf00b1b3e3c82d0fe0
SHA512 57d3ecbc022a3377765179738776efe3281c4dd2adb7c08f51e40ea4a01bdb9f169f119330ab9edb14ed64c347e014b69d8e5e519c2fcf711fbad8b7a6c92af7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7a66a1246c4f29f4_0

MD5 e293a74ec997471ecbf4c795113831d9
SHA1 e10c71368dec9079249faab9132b1513b688492f
SHA256 5265672d77593192009345bea0aaf132ff1c4ac0dd04f73dd401e90780753fdb
SHA512 c30141611d970a581684114a613ee89a63eebb7890371739cf8410069754f9901a8c13abf8af87d9fdd76dc872dc0fdab3802ea7a4590080196f461d67601a3a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000074

MD5 48043a5a20e8935429601aad01028d1a
SHA1 ff0c8251ff66257b0bfd79e256010cd3caa56e4d
SHA256 1ba4e86699e311d6df4fcf867fc7f07ce839e359d229702378dd31e4ad257ae4
SHA512 e2c339ac5e20ffa67e5569cb2ce9055855d2ee209fd66848fa132482d815475fccf0e3f1d47b139fc65d2d8f384bee487d02a2bb75099f4cb4e48d394117c62c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d00019f29c31fea5_0

MD5 3fbfb3bd91a02e40528f9ab18200d84e
SHA1 6542973034a08ad046ccfdf34074fd095290db4a
SHA256 47dd2023cd98dc9862e2d3ef3acc8c093406aba73a854701e71cc56db94d341c
SHA512 c433e7dfb1b25dc740875aa320c02e780d51be6a537f25d2bcbe1bb92ef7e2401739c697deec0bb14d7105c375f2b31192a9d545c84287b99877e79a9f4a0b69

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\14ff8116b518ca2d_0

MD5 b81dfa2c40549e14d7fee3ced2e9d2b2
SHA1 ad76ee2abb51337933940644b930bed803c62c80
SHA256 54b121d39c86a8f216d4b6b93290d09fbfa4a196d5daaae63e521116a530d792
SHA512 baa4c00c7abeb49666304697c3bf35628c8b1d54380c0213bbab11edc7e1050ab4f3a4b8e04ff6a7e20a71b6b7fc1da5da941c38f9b79fe5fa963d57a37690ea

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\edb3b6840a8ddc0a_0

MD5 f21b00868f112aa54f48d1f2e937ea8f
SHA1 4660ca616845f67710f19d714783d4d69f6cbfdc
SHA256 d221be496e3923eae7821f171f9aa1df3744ec8b90a6fe30a9f3efe96f197e03
SHA512 e13cb1b2d85db2f5d3b779066d05c2f34ecec01d7ed7d58c45d9c76ebef870363b2f6c02ea2d326605d289ae16eeb43bd5409589d1f3aa4d449b7862793d72f1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\64fa70d4ab69732e_0

MD5 8aac5dd8f93b5baf7d22346dfa5f0028
SHA1 060d7eaf095af727df3a17a193e6e2bb57c327e2
SHA256 1baf7cb2bf593d69f3582e36c3c06e742e2ffbcccb444a8a2a128ca4946c51e9
SHA512 f2c80afb80f86fa335a76995785fefdd48df58dca822ad168665147f5e1e00e59a13987abe2b6773699219f1c2f19dc665ce1d92d87c4811c9b8fbf98d872690

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e8f6640eef188435_0

MD5 e0942054eb5fa39c6ee316fbda67bb3c
SHA1 13cd7a4a66ebf32ca26ad9b31ad54de60016dddd
SHA256 ba52356d4b184835ae88a93144ee4b48cd0a97b8ff4b874e6ab5d57f6af2b5df
SHA512 37b432189d263a7ad13eac4f80dddeea7e8bd64884100203119702760240b04b459ed74c02f72f6f81e88328883a57940cb32525946f12c935f1a24201c19eba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3fd2be14abb3904c_0

MD5 4ba3b82f43ce545bb782896e137a6fec
SHA1 b5485e3b170197a927b0f4378ad84e3e1baefccb
SHA256 c4023e421283bce27d17310d7eaa44a306ec31b4a88bce15537fc901a23c04ee
SHA512 14b3842edd9f1bab0ae9abb9d65eb4afea0a61ed40d1319ca93feaea687e5d6210a4dc7c05a4566fb0e154714175980b8373cd37afd2b7ec2ca21ea31d1e2d11

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\65a17db215bfc27c_0

MD5 4846dbd2b4addfba6c0f28a16608c1cd
SHA1 2958153ee3ea14f28ccbeccb21e823a0d2cc20eb
SHA256 02134565eb639e64b65c765fcf69a4118fc8e20d5e841c530f18da1dcbeb65ad
SHA512 07c94454ea03fe957f9d040b28f58eb9a377d3e5356664997341360bd11c71adf90b97235749397ee6b4fc0bd9601108a0789c732875f9da14b95bbc01bbc14f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a6537dab24e365f9_0

MD5 4107c56d901a225e18d1f51977e293c5
SHA1 f5f72d78ad96faabd8fcc44bd4f75f985534a4a4
SHA256 9a7314cf560c710482facd65428032b36a9b8b7e5dd97c4b5bb83df2e4323955
SHA512 8a7f589afbb08e8264257638fdc3f7856583f33137a7702bf11363d621f00f3871b9a55716006052490975a2e441a9f11ef25f22633744e08368ec6dcf0f9231

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0503effc8bf0d7f8_0

MD5 6a16016b12a4b4401e0ac706ed1be1f7
SHA1 97ad2a3ccc49c7f12cc2eaadd2c0ffc0996a39ab
SHA256 59b04c6473e9d3e9de8ced81dc6d1d387f79cb9425fa78d5e1e47667a21d0dfa
SHA512 52e25946f802b426d620aa25e0440f900f5dcfe77dd8fce230a689d17b19181b8888480c89271bd68d26f5bfd40625c05dbb437e6a67a051b8717623609f0bc6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6d3b0ad57bdf7db9_0

MD5 8fe95d64ad071559b6f1aa47961a4d9e
SHA1 0586d6592cc1a7ef200410ae67f124d10ed47c2d
SHA256 9cc83bced747200bf7e2242ae2c048c550fc1ce64cc501280d59ab220750f71b
SHA512 8e52ee4ab13e6fe077d3653b156ec3a9b98120fea7b849234511d7b7629ef8845ef9f6cda705fc45009f456b38958f685ff6c30f4b277bb5c7c7c73865d61e8a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\daea348421cbc209_0

MD5 201d7f09a7f6dbbace81a63a6e3f6424
SHA1 011b44cfff81bfda1abc2b56acf6d27814566576
SHA256 49e01c26e463f402797036830d0410e8138877527b7cf2fe00e13bf919bba90f
SHA512 f6723c29040e8a8d5b9ce571d13ee8c717c2cce8995a483507b879c06dff0c0efab26570b87d0cd548ca1a46aaaec1abb8c98f748cfe05bb988a0724e94d1478

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0f522982db40e4a8_0

MD5 ab56567a83f45b947a9d53423d9f362f
SHA1 9ac8e9aea3d0bb92d3665dd823fe8bad36993baf
SHA256 ac39bb116e020dfede52daeba12024974350203bf9e95d1dadcc0d115447aa91
SHA512 e1a8d265025406c609ff27d2719449b444a2c4ded84e3f8bc44524860bcde16681d8cc6e6f2ce3e9f37191584c38606e8da32c758d8ca4e685e974ed0ffb69f5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 882eae429381f860342fd87ae650b72f
SHA1 05797010062e096c8ef564191a7ec751dd842408
SHA256 203165c2f42eadfde9f87e537a438c7e1c8d56c9401f7934c4d34c19b7f22c12
SHA512 377f577e483c2cbb5d7fde290623f6ccfdd6bd8dc752d9b471a6469164ed7827a7de2b7930f434fafefce75b8f313824e4bd3ab1ab3b75eb7aa2786e340a1c41

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 985e1997add34bcfb9a0924e917402c7
SHA1 12bea28e335dc0b6e39d28d9b4d73bf1ceac9cc3
SHA256 bd46755e8ce96f5167ef5091a2049c41858df5ada764327027bda4b95536f270
SHA512 8dab7233515cd504eeec1b6260999c777fbb8dc6fd705065c55b069f9d15ebb3e0b6365e3ca8fe2566c3b79c1777fc79577d2bd15cdc9be070ddbb4bc8acb300

C:\Users\Admin\Downloads\ROBLOX MOD MENU (Anonymous Cheats).lua

MD5 5744a8356a725a808bc4ff1bfd2daf6a
SHA1 74f4ff1a0f8514e2125d8629089f61df84005218
SHA256 f88c73061c27b0f23418fdf2f2403d1eac7b9a7d2027f9eb28d4bb3f81c3e824
SHA512 9e7691a5ae779f18fab9d4fb89e02e2efcc9630cd9532a87094c8fa4b5dc2f24ddc9612f67089ba588728bf397e6c5f5412fde919e65c4732cb69716df3d3e32

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 609088a42552215097f896b6a0b20fd3
SHA1 c8e41b16400d762abb3460c8fe8c48280051b712
SHA256 c040d3e120530affe96187839f81d009736ec6f4af21113287649bc77a5c5c8d
SHA512 2cb4dbb97229c86f404d699a203eb0972cbd9e8bb2f99ee749069be8ba9bec4c65dfd8251ee66c010f26b82f10ae912495eb7d267e03871739cb7a867040e256

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 871fce8a48780ff87697fc52902d6352
SHA1 07bf0ec3c9998fa58d708bcf0015897b36b3bc26
SHA256 37962f43c8106c48f671bc15235125bf95afed13bac4fffd1ae0463002b34555
SHA512 3a6d0c41d584219012b0cac6d96d4477c21e036fbd101fece6cd249ba16354a52b7660f3c00407f8641804dacc7f0f890225d57d5e2a464ae6fa807f413f367c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\fd51d9ade7f11ee90b0f6796bebc2e1792acdd95\8c8eac37-2721-4281-a22c-303e081977e4\index-dir\the-real-index

MD5 0773934541a3c9fce0350101a3fa6957
SHA1 32c80e99789dce7b03ba1bf2850075a200a9e6b0
SHA256 d93278f392cc4643b1baa50b8ea92a0c168646ab408b81c4a68089fec6ade7eb
SHA512 4413b4f0e1c86914d2200ec32fb3426c5f0fe50306247b4e7d713caf798c35643cb219b5c28f0b2b2aae6af2288f6d558a8b612ee0dfda7a42b7fc701e2cd8d0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\fd51d9ade7f11ee90b0f6796bebc2e1792acdd95\8c8eac37-2721-4281-a22c-303e081977e4\index-dir\the-real-index~RFe5efa7b.TMP

MD5 e466db5220b9eabb24f2e559873aa176
SHA1 cfdbc4c0e33bbcce73b0116e9e5f0df8ee480cf1
SHA256 4f2839728d5964081d140eee679154b2438e4b70cd25bf918cc3f6e0edc671ba
SHA512 e183081a79b0c7d2e64893a5bf8212a4e5064b9d4dd2b9c3e1f14abf33a26c79e7e797d01b8c8d524de7a5222c40d995f36b6d50e5bfb2970df797019f653332

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\fd51d9ade7f11ee90b0f6796bebc2e1792acdd95\index.txt

MD5 eceb43d7f1d33c979ab4d8445193b1d3
SHA1 f762a7fbc199480fd93245602f93fdae18ce23fc
SHA256 e6c89a2a5c3bd734eb1424f195b760b274dd28904bee611016507e9301dfda41
SHA512 848b06ce2af8e90f836b6d56bfa06028c6b9286795e6fc5d019e63eaa17f34b6bfacf7612cf0fc46840779ba0af78efe01626b28362381eb70c818ba591a1247

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\fd51d9ade7f11ee90b0f6796bebc2e1792acdd95\index.txt

MD5 17037c422f043d2acd927315803c27ff
SHA1 225cb01e79fe927e14a3a3e56bc41fd0e18becfd
SHA256 b3df72894e4ea6fa902a39edcd9a2c4351cc65d3192b823fa9096151569e714f
SHA512 fbb90607ddf7ff9b16e76634c958f92c8deadb10b7cd5524b2623d4b73b6f57294cc85cd0ee98ff5ba67e3b2e98f2e295406fbc191a6db220e4a188b3d4ded9f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 142a117ae62aa029939a5a208b1ed8ce
SHA1 48217055d3f123a52bb3a311a06a400b81ca5139
SHA256 c05d98ea2ffb276a7447644eba182d5a08df394e3a10b54d694bb0c900b8743d
SHA512 e4550b0f1bb9a84e07925729d56641534b1339b2611194be2b213f8d3fb136ce66467f7197e935ade3428200c536e665701006edb824cbab0256fbb4dace074e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 433b8eb1d88d657a2056c03158a58179
SHA1 2cdf3806102dce95af47a0464b8d1f45ba772193
SHA256 0683150a6be4ac812e5694512eeac7c651a4cd18b5de79b85a1a2cf0e4a9d1c5
SHA512 0fed0b9f41d8e265499bae5b83c5799b0eaacda428f963b99a21b30fa569c19d41264de4a1c0bd32aa78014ddaf861e6779fa4966440f24876b997513036cdb8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 098a5a402f78dc9d149975012a639bae
SHA1 a8a2171c15cd6ab49a2acfed56a2631120097364
SHA256 aa9dbf353e4a6c7a9279c524297ac29666df0b0bcbe2d12aacb194e4321801bc
SHA512 fabb0e989c61bb37ddbd5e8526bb6985ccb256438c9651d0ee98e526732fa7abfc5df45241ba23d59bbb98f0bdac7eb85a2b2036b9cd1cb14bcfe719013b67ce

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ec9f5b84617459843bf890dee81a71b2
SHA1 395adae4986451ad11d556ad9368ed1698009185
SHA256 3c6737ef96301f19c14df7945c3fdc7245d1d4e7e08b2be75c4d83df3aec1b03
SHA512 3794a001790201910645eca9c185622d5f76bb50ee13e219990f2da6abef8d9099e2194dfce13654b104f595b97ce4875151f4f1876bca9a6c0b5ff1adccefe8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1

MD5 ad5d072c735ac0423df4dabb2b22f722
SHA1 51f94223d211fc1787317e13b95797404fbe55eb
SHA256 457f3c5a0e351389fb4a65671bddd7adb5b3d24342ed2d206c94da5457cc7ef5
SHA512 3bb2d79c201f9e629ff00e66c82848d848f4c36b8c206a10fc9365d6e6e692f89dc94577883ea58b5a156dbb2ed8ddfd85e1b3c880671e9ad558cf7a25b0dd56

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 227440977ee9284d2c2351d19d04e47d
SHA1 23ad23a580b997e9e3025c699d6b6922f58f0bfa
SHA256 94e1e20152b33d9203f629f0c8393ee51d9b79c254fe725d6e0aec51e834c2d7
SHA512 f39e0a429bbb6305328d292b5c550de1742e8c78c169ed4acda593156a8761ce40adecdd42fc90d4bc02efb41e47966f2c0b36dd78602b32acfd7535172755f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0a18652e383f2186caac8c25353eacd0
SHA1 a80ff9605beae30831145d376d21fdfa2ffb86b3
SHA256 c57a0bc5bd128d9f489360fcb51d7ab9d18f3401fdded19688b6e4652cec1983
SHA512 e9472b08bdbeb2663e62831e6f9d26022d4f36df4a8ab1b69c357022bd8dba92c9039c74d80431b812555f0c5f0a8045df0d56c8e697b559109c70d9f0724322

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0736c1a747d33225edd2c1e19096dbaf
SHA1 977b567e13b257af50eaee7465023549d0844181
SHA256 722ad4d24ea59b41f88f2dec79baa65a0b320e539d4b86a97cdbef76c395fd43
SHA512 109598ece86f55dd4853080785e9f9e100d9eb09d8d726c11bb956764916e7836535d8e259352cafa981e1663af0c8c819424ae000e5151b97dc5a36255735b7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1403fbe18faddf77749f168e25b23189
SHA1 2861c115e57bde2c6e6475d2705874be241a7a1b
SHA256 ce954aaf0f9e2e88f43bfdceb9ece8ec89caeb249dd5cc3c1b93939db158297a
SHA512 65b9786eba80bab3ef6a65a78b613b4e67e5b5c4d4f8eae7297a252634d423483bd9154f498192456db0811f1ccfa5e1612c7c8936de081126a9f0b76079a29e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 70be604f03aefd0507ac7689707b7c64
SHA1 d5c9c78bad3da59e7f7b2fda164f4e82952517a3
SHA256 11ca300e7efab500eeb43f625f8dcd40db8378e997c740649d94ff854b7483c4
SHA512 87350b0b69ac2b6ceb9ca8dfdd3697a9a15cb1dacf57eb8ef586ce6949c7529b53b97f8d73b90b35d7a7c39e743133c11cafbd91de6809ba750b1d6f1b450326

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ec8a310f173e7f4a09f2396844a9188e
SHA1 3a9f981ae5ea597a41f578fdcfbdc6bf788a34b7
SHA256 19049b7affd3958629d631256c2362ee16293ff1a4fadfbf9a26aefaf6e14aaf
SHA512 9bd399193bedd8e5047a68ffb6219a2174094621887da589a3bb1d058677890959fed279e5713270f9fe767041dd6e9bfc70e72258c613cbd3496bbfeb75497e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 5644744303a0003f9c56db0aa9f50514
SHA1 cf50b2ab09d9e4586c8653a79f2fee74c470fb2b
SHA256 66d4e7285d6f3c923a392e1cb02e1726c59744bf72787227bd16552a8fec02ba
SHA512 9c363cdc6f708c74242b0196386f553a4d33309f42765f8af57d38513443ae088b557d14ee6f1743fec7f9c1c35285933c4a8544b76fbf9238508d3d4651e920

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4e024cab974fad872f0a89acd1aff686
SHA1 659c4b9152cfd7632d8a7409c8e26308e80b0aac
SHA256 025be271e92aebe6cf3217f04b85c75bd06c0558e3906fbe9188290f2d3dd933
SHA512 68980f3b3239b428da50a6131e14c3a8d8f602f368ab4d5bb9e6e5ddd7c66510bced245cb8ee20a607bff3a6406c8270a6a838a0d09d52a400374e6f37240cbb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 32ac61a594cffccdffbe76da04c373c7
SHA1 740c6e394f518e16c76c588b44639ec909b357ce
SHA256 3a83b25c5bbe553b5330f0596abf6f009fb4eae637f35c72ca4560900300616d
SHA512 b4a881c8029128145ec9802ff9ad348109c736e930220f6c5579fc1fe4ed0bf0a3341cc53c1e47eeb853b9110b5cc8ddfd8d0264bd9672d54d99c9677f7530d8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe600870.TMP

MD5 a8c9cc74cb0f009115817cc8573c98c2
SHA1 0c47fe5a0d65a6ac85c617d560dfb72a14ff8743
SHA256 c593e043b147398b23b2ec19f44db082471eee77f8018c8efc0687390cbb0dba
SHA512 b0a9e50e79dc45f95b4d384729aed281e8b5d6ef4014446701aba2488cab733bc3f48b327b16e34be12ea7afb13ed7d461baa6bb98efebc2198eba1749b55531

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b9c3196e115fa232c7a4f9f793f01bd6
SHA1 33fd4f20b230863c8f9d7cc4c33809ddfc4797d6
SHA256 1eeb9575390361a55d5a895205be3e13a63342e4ab73791f745fe5cf74018e80
SHA512 cff91149c78233f8b002eb693237a1659a86b4d5cc27afc002a0c867a634caf6188f76a6d2794619dce38a5ba9caebec43b4b05c41da81c1d98d73fac5cc3b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ada536be28601e5df7b34bb4db2f5669
SHA1 095212d8c0d80526065b3384afa937eef88ee7a0
SHA256 9ed2ffd418c6ad20f1a5aa8867e00542e207743f99e6f3bee535ce49b10f8494
SHA512 882b818e08278802276370fcb86ad35a88f988bf515df277f19e553031f43f66b8a052b6d359720ac98711c2b959a8eec7bba26a16ce68994ce75f2c8b98207c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 59e69fbc162601c00b1b26a7118d9f7a
SHA1 f0b1bb9d04888a397ab7e95d9cc5d78605461774
SHA256 b21b6554aff3b36af0952059cbc0dcf55f3cb27777ab802e91b33e65fd1e5597
SHA512 2ff3678ce22ece88f2ee26ce1789d33da45a6bf49e5181e27ea684f1fc6496d6d8ec136a04ea49732fcb22da96d6b32b076c34e1e4fa09210067b7ef0a77bf81

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b9ff36c51499b82bde3473f494aa816a
SHA1 a8b9133726517628d6df70444b527d15b7c8c253
SHA256 54774c1500bb184f912e5bedc05fc340906881798a1ded1540d82c344b0b14a5
SHA512 67ece95c33084eaded9f2bd2408b8abe4ba596faefb8030d788b208ac0ee118c44f98c6e508f302c5577c944d56cb21f5e5bdf016dc915d49dc846d52af8c2fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a171760cb01d0ca132730b57bad61bbc
SHA1 2bc6c2be3c752dc623b8aa8e596c90e7a2286ecf
SHA256 fe9c86779cb75b6c45d32ed45d72afaabfd1bde6f8759ffb6b599f3db2cb9c9e
SHA512 47e2e024530f233a3d698bfe3b8dcbd2aaad7a78cc8b9856ac9026bd8eb03f888e9c8960ad2a8000ef5482e120782b3c1864b2d4f73cf257419c3a70627375d8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5f7741216adec2059f2e0c77f0250bd0
SHA1 5304bf3cb710678a29f1c2e9657ec852011968d9
SHA256 95cbbf3c69eb74aa804b0a5a344731e9cdd859a85ede8cbdc45c3968d55ef2f4
SHA512 069157ccfcc67280fe9dc700bdf97880b774c801a507ec9a4354d4d2dbd3a6eda221ea3fccb13b0fb4dae11eccd8a56095f1c159fa159127db95c3b8ac5968d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 f7f43ec8cd89ddd4e3932bc103babb84
SHA1 285c0386c42228e1387ac06889fbbef70ca0f69c
SHA256 f54dd4cd11d4e1b59712f46a89add50ef641eab15a0649797fe1075374a0ec5e
SHA512 c7b5c1220fb32e9937273260ab8aa44448db255bd9df0b4d9fd9c480ffe41e967f92fa8493bb21b7fca5319d1d96a7a8642e87b05dd61e446358d3a0d7655bcd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fd27b25ea363c3692424bccc476a8c2f
SHA1 be6760aa1c46e4bfbe3a64914bda32484cfebc3a
SHA256 017e0ea226f85c50a7b5fc617850fd3b0fc259d50fdc3a6944ad303aa918bb41
SHA512 8855dd2c486dcad274cec1d7a0362eca13e11ab4d1c76e06231c4af3bada37939908e21953dee093a39fa5b3f094fd710aebd7b41f6a758d3e37c6ef65e716ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 3ffa9b0f2f1595399676acabfb54dba1
SHA1 f742c09671a9ac48b7ba17cd0131a1d2748db494
SHA256 514550445486f9bdedf93b81c02aaf8171f26b29c7ded09b6a4355ce67badd1a
SHA512 ad1ce4670b66512af160b59edf500d1f9eb282345435d0574931604806ef5f02bb7f540f4a1e8a4a19601653da5763877e24e78cc617f34db04d313bb8f5261c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2d5be39dfa7c4bd4fac5e1f9170595c3
SHA1 0f835ad8d0df59a5e2c2b9abf08fa1cf1fd1442d
SHA256 a0b9a7563bdabf9c44926ef0dfff620fff37809fd85e9ba69fe7c70809a4a2a6
SHA512 ceb46fe840e24ef566b93c9c1878fc3a52c12e738653c705dd1dcb263c837b11cc63f8d87e0577fbf9cbb0d3d9cc3bfafadadd898cc23a0b1a23e4e343cc7e15

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a08d44d8bf39d13a1c9c80ac55b64dc7
SHA1 567719ab489beedc01d44a6c1bc6b34e566c346a
SHA256 0c5c491d744e825c372a5c5677b29f376ab88b58e5f7414d5575527885435cd0
SHA512 c75cd8ee43e59e4ab40b29a39f8e723174ecb9b3a2aa55d31890ba07f6accea82770e671fb4123850ecbde8483cde5b5d76a77a57e5516faaa27279f1b983527

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

MD5 aa12ea792026e66caab5841d4d0b9bab
SHA1 47beeba1239050999e8c98ded40f02ce82a78d3f
SHA256 65fe153a832452e97f5d484440a7047e314d3a83cb61ad2508fed48a820e1de1
SHA512 0b2b1bb8851c60c9d4ab1d039b990a4de5799c97c50b45f64e36a21849c14e785f69196f674ac225b1419d7f501338054074cab6203d041361a4fa1ed8802b27

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 77a3ea9de665b99c74dffd7d79d50485
SHA1 c122abb0d320ed2f52f78059c25286ad41ba1243
SHA256 892e34254b902810d46d6b390594b7109a0a8405160cfc549e99ecc1607b0700
SHA512 e1fc3344197ae44d402d6a1a7711d745465b9be069f959c631edaffc1cdc1f11fc291bd1c69b2dcca4007633e4cb74074090e17794d234c22ebc637c1dba80d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d146b6600551f0689277fb6789292d73
SHA1 0a8758bc60179ea62ab10bb8ce685282b9bbed64
SHA256 0bc3dccf25a8a0a5c2765b68c1162acacb63c54b18da017cd75d16f2bb848636
SHA512 9dfcd4595fbcfa2b329bd5acff40c9416734e1aca899dcc25c414c6f21ae4ecc91388606b4c4a8544bc805ba2b72191fd1f83ffffc988a2688aa2fcbf26e52eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\358fcb01-3d60-46db-8f3b-e10ac83c0aa8\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 b6f48def1ad0dc727f479ce8ffec8a6b
SHA1 488a3d7c23f20d7c90d9cd3010d31836d67b4028
SHA256 88b9c140ca5cdbc682401e0cd009ef606ef17510c596d69c12b629f720543aec
SHA512 ff657c31fa12c36894ac6002bbc33c3263739b9727aa255687ff9299087d47b2a6b390cd0bb6ce588b992c245e497f5e9178de97bec3c72a2d696160dd9f3a9a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe612039.TMP

MD5 b53cbd70e5b08384338fc22465bf970f
SHA1 c018cd70f045def8b89398f8f7c11502b253e091
SHA256 7787d1a689f1b70e4432062dbdc54298a49326d886cab3a1b211ce1413af753d
SHA512 9f84ab04ed3a98302480088e337cb78e10c5ad9e2a21f5b3290c4179679083d076a689d262becca58b98a9fc5b0dbb1ef9c271d83ca34a3522fae0702380a33d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 08e2239e9fb27e45e099cb7d60eac959
SHA1 8c3509e06cfb18a9ad7be96b91cf27d45ba2107a
SHA256 875e84e1f30abecb6902855c7397939c267a7bcd96f15caf237e23762165e34f
SHA512 924de4b0c1eed3d6238e20832843db5ab3e5ed23c813743d352eec15be9b6e85046c48d9a013052e79e2e9168651a98a4fe1f21d1a9b99f0eff8e4f3b990972b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 0f2ddf26561c7f4290732f7fcf25498a
SHA1 86546fc4354da0f5400b51f2c1e9cfe2f97f2668
SHA256 efc0c3ba30a193fda3681b206db74f0bf2afb8fef7cf677e6ace5caad953b10c
SHA512 de3c8572718e57c814bef7ddd12f0f0520e30d2623553538ce51e21019398f5093686f6d7e31bbd6ab89d4a965888e559dd0afbe8a2eefa3cd4bb991231816d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 e1c34d0e830fdda44b620658d8817b6f
SHA1 698686e032eedaab8e468a8c1f79d12dbf61dd51
SHA256 d361a6b8410e6db504dd2e4b9c171c06641dfc90cbdf4cba70bfc003d770c35f
SHA512 0819959d7f3a75edbb4b3de86ada9090abac0f958b376f631a9fb3df5cb1cd94eda97ce7549af959aa02464089a05f6f1e6917fa8e3400dfd35efce5b77ad5c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 3722f360f0acf86229454174616f8528
SHA1 7b7d64612ecd9c5408e7de2f48eb166355af1a5f
SHA256 c96f0fc392073ee73456906744c342ed20d82e08b896ec129ed3512179a719e1
SHA512 1e0e39e8312340bff1c285c5d07533d5cca695629df162864ad0c81e0415ba4713497d6ea965d49cb1d1f78345ece8baf5b634b4a6cf6838143d5af54e675da7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e3

MD5 8bba2516f31ec7f2e08927289e212d9b
SHA1 78f03abef41b96a1d2fcb43bda9a39f527697ca8
SHA256 76710d555c8b489f86d7931f78791513b8ed2e67a236040e121a717ff987916a
SHA512 0eee53a780c73884d83d672e51c848dd14848848e6eac6f956e27987c7af3b36ecf34e61403e15692b5c535bd3fcb7a13b818093dac0d601f00f478ee69391e0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 af38511284087aa000dae1ec349a8aea
SHA1 607dab88175efc9a7b9d01dcdab6559142d8d846
SHA256 fea7bc6e901067fe9bd7c6c86706fbb58d20a2f67462c12c405096bfd44553dd
SHA512 9049a8fc40b0680af090612eb54daf40aa9dced1bebb77c1b3a03ae9b913cfedb5bda9cc75b9aa9fabaec871a1d20bf092359d8865f5199ff38179f06ddb77fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0ad259414ed2b04be928421d1acaeb16
SHA1 40f9dbb45315c1b0db70948826bd2451546c8234
SHA256 7283dd93570c6f72476da68cf05b091754e0bf2661560fa660ad5da98f595294
SHA512 039e67be95de0d0cd516846c0fc4503d5d89028260bcae735a3c8bce16f7d138d28cc0abe692f3d538fd95905e343c6a3c659e4412c98155819b5ffa542a57f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 3bec3d3fcf286f1fdc9a6f893d45d617
SHA1 3d55cc1b7a95cfbec3522bd172cfb01904385130
SHA256 1ea3ebfb4b582483c9f2fee4b1827fd1cc183aee7ee4fdbe73c98ef4381d1980
SHA512 0f24b65715820d53aa4383245cf738abdf4d0da7190942d74cf0b5b618ce2113035feb847a8b1071e1d62ea5e84b06d6993dd267a6140e8510e2d215568edc76

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e5

MD5 4d1cfbade9765314d6a5ba13ba24e491
SHA1 92aae720f91964839eb4baed8c8b72666e9a8027
SHA256 8ba23d481d4b5a94379950640ba928c297c731c84dfb32f20c73e750670c6e01
SHA512 2113a63b67e07ba8aa6856cf9eec35ce53bd9cc4994a364f85ccfbeeb44e0043278cc4db2b5446960fd209a7c10250dca8d04d265e3a8c65807e13834a37f391

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir3848_1888450152\Icons Monochrome\16.png

MD5 a4fd4f5953721f7f3a5b4bfd58922efe
SHA1 f3abed41d764efbd26bacf84c42bd8098a14c5cb
SHA256 c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3
SHA512 7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir3848_347150647\Shortcuts Menu Icons\Monochrome\0\512.png

MD5 12a429f9782bcff446dc1089b68d44ee
SHA1 e41e5a1a4f2950a7f2da8be77ca26a66da7093b9
SHA256 e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37
SHA512 1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir3848_347150647\Shortcuts Menu Icons\Monochrome\1\512.png

MD5 7f57c509f12aaae2c269646db7fde6e8
SHA1 969d8c0e3d9140f843f36ccf2974b112ad7afc07
SHA256 1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f
SHA512 3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e9

MD5 68d17b261d94d13c812fcaf75f673ac2
SHA1 adf25f6cbd405f592adbce0a97b827101c2af0ce
SHA256 328a870944b1fdcd68375a2ec5f01dec0c9a1620ff0d2d375cb90dd8777fc9ed
SHA512 2ea653a9db82bc0a8ad11797a07009da8b22167e36fec83fbae8eb895a1cf3118a899d9ae3f61e87324d398b79cd2432ef66016f5de9636de5e69ab5d459367a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 b32af7d4bd697d3754286be43ca77cbb
SHA1 85481044dea8663e849a0d25e61d394a010532cc
SHA256 cc78c9e2754dc17fd80b81025c87bb6aeb2c17a5b0e414f7aee316283f8c4601
SHA512 459e600ad3b9a0a48b17cd43d81d5a0ec650d46d45ddab997ef4f3a0b26e396e60a16841f18f254c20c9e474ed553c60236fb9eb8caf7e4e4a64f29bb1f8e6cf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7e37e9fe17e5be2ecd831bf39c1928db
SHA1 4cf4324373b14eec36462fae1175e912fa5f225d
SHA256 df7bd13266b8d756b88d273e04f679a6e64d1d4c2ec2a197b3eb604f0edb9cfc
SHA512 8b8c8b46cdf4082372fcb663c86b9f7150a829b1c8bb192f46155758cf75fbde27d064ec2d18b04bb1679e26ebc1487d6b07b0551be7bb1684cbbf2a1090f3d3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a7d7257b254570efa9cc7f197eb610c6
SHA1 a2df1adcdd5f318334ed8e9d37eff79912dce536
SHA256 c3b01b6be8a29dc0ac8765cd5f2752df3f0c2d5b3db717c65a16297acbee8cd5
SHA512 e29d741dc51d9ab83fbbeb568a068878478b58d8e69aa29e161c44c2659a69dc468e67ad1b48bb6a799d8a9feb016062b3da4972c40e2117351c313bc555893e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000112

MD5 e279b5e0a16e5828f623ef1079b67b75
SHA1 3b78b6a493a6e453973f828b615cf13a8e7a97ff
SHA256 46f18aa0c06fef19a1afaf16f54e2ab6b8c8fbcd76fd8af2da4199a03a7e5caf
SHA512 04d6f716e89183d97b918b2985ac9eea749364d21795bae6e53bbed05588e5ea0e08ec62c686beef55e64999321f8ef74d1a00f85b5778470b744ad6f95bb47b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 8ca81ebdfdc72db4b45212dadbe14e15
SHA1 66641c1c3fec1cdede4890f3101fe1825dc0b6b1
SHA256 b3f01919eba7b0d9aff87f27237da82d42ddcd20642b8f4b1fb26abff2acc9d1
SHA512 6111f0a8e51a4a0866fdefed1cfb18c536c78cd6a05987a96c19664fa4f85018fae35d9c9f0757c00de33700acfe1c3f0bcd2775f452640f432cc073aab0d09f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 361f7ecf913d3fe2c347ae880e46444c
SHA1 4a9f4ded75759f6fc4432c5c4169ed3ff23c5f0c
SHA256 4b781064a087a588ad1548262f59c7d4883eb1c3aa92ff2dd21066502485c08f
SHA512 6fa76f9d7a386923ebac675b0781d9556e464d2c7b08776806aa5e8666bbfa1b21af9231d6c1647975712165be9544003aab41b510d101f2e636a8eb9e029898

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 c5bd0948500b65748109cee652ae6389
SHA1 43c7e806b51b4bd7a7dcc75daae0d496bc57734b
SHA256 14f0ca0160ea0b4dc415208ef1f72669ff0a31e5d34f30d092d9d4fd5349eb27
SHA512 d02d3635c69f0de9bb916b95f49c8df103a9839b38b202337663a04dd443febeac0002855d832c35b86c08461ecb8370dd39d42834c54870287b5d42850fc646

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b941553234e08f3d520f233707dbcc91
SHA1 5c917e8603ebe977dd62730aa2e9572e0bc8459e
SHA256 4d47810383e4ba4c573a4f132209297457be0da6401a8a995d8169a6bb6770bd
SHA512 d3d1636ec4bbc08a3e68ef9e9f8e28359eaf105b2ab39da1ea43159f666a08f7c33cff8fd8792588acb2d7ee34892dee628e2c45e4e5691e2828c1d7d9f01bff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 db807c65a4eb40bb33dcd3ccd0fe5132
SHA1 056044a9ccb4beb28d1ee8d27f766fb1053fb042
SHA256 77f6ca1979894114f47081d672c4222f7621c37d787954578c6a253a3de6a35d
SHA512 678869f87de68fcba2902b9b2b42adeb6521310af140646cacc449a9d1fe933a7f86468e035e4b14147181a163489ae36bd6eb248c86389df2a10bbaec5fce72

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\be33839a-995d-47e6-af43-b612d66e798e\index-dir\the-real-index

MD5 4dd2dab7790bae53f711b3f01322a0cd
SHA1 62753177e6bec95074ce76898d5e73e68c8010f8
SHA256 a31be0f9e5b477ec9a26cf506ca925f9a31453e0a437e3248b635a1402208f9f
SHA512 9589d41ff572e88bf2e185bacf10e728d0813873e64f8003b14662f011893776f0bfe034191e5d0075e8a800aae31332da9bcd38e2e882ffcdf12fd66d532c5c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\be33839a-995d-47e6-af43-b612d66e798e\index-dir\the-real-index~RFe619e81.TMP

MD5 7127547314b00702c1226b97c130434f
SHA1 46de4cdda7aa6330a58803c84689fa4ca7c256f0
SHA256 2ac297a62d394b437f8610fd192194a7090dbbd8479e4c4aafb4772ac0c53e35
SHA512 b773f32bf783a4e1c2e3f9d4f99945bf49ed9ad041a24cf1ed71b34fb1d6a37b3b16b14a9bf0fcd0954b0be7f55eb496cee57e3478d312c64ffb9a33ff92b3f3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\68e26509-38ac-455b-8d98-c4b323c14cf2\index-dir\the-real-index

MD5 80ac98269c6ae9a1b5cb5a96d5eff4aa
SHA1 9f23c8688a06f755a66590ead8a058a2c2d6768d
SHA256 1b6997e1a532f660444c80debd1b92323c0adb15d83d06ebfb8d6c5de169f1bf
SHA512 302bfb241a7889145d75efe2a58c958bcce244b803a2433ee8805ba82539fe5064f2d643e16b58816029de4fe728740feccacfcef0a1b216f506ed9ae2dc0f05

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\68e26509-38ac-455b-8d98-c4b323c14cf2\index-dir\the-real-index~RFe619fe9.TMP

MD5 4df1690d294ff175a02eab310047ec54
SHA1 642b8810bca892895840f3ad82ef46fda98f6fe4
SHA256 5f591b3d89a84e554c529c59448c624725a68e59fc35736cd35a26200353faa2
SHA512 9b562bf52c23eb02fc6c572021185051dd1d00713d3d29ceb1c64f6335875d2a1c562e7f2d9b0495aba070ff79666f467fe499121a92c7a413d51fcc2256f014

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 d0bc69aa9a83996ef1f3090b7c1cbeed
SHA1 00d713c11e8fda731217e6a6eed69273290a7e5f
SHA256 5875b6fdbff85f1de93ddfe3860324b2f0d72af8af09f84422a65e0b9ec3c8ee
SHA512 6cdbc446125f54eda5a85351a80b0d8cf29634cc445d765a06b70f878c4b89fc89511d85f98487b3cd20f7c428ff60a7c8ed4564c97e12fbcf8097e3c6042c27

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 ead5c5b65992ef68cf2eb90edd0f8846
SHA1 e23f95767614ce9830147ec6ba7b0b5ca18a8101
SHA256 be7c1faec23a46d25250554bdeb10d8f49b4fc3176004c914f34cd0c8caa990f
SHA512 043645f254ad57e33e6968a60ad645630ca980de7555b410631fbc597bdee7402e1f4b15e7d522537f01304ca08400fd58a69609a125e7440dfa3f1bb33d1077

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 50974ccb308d63023e74b77641a50563
SHA1 ef2a01ee41e37e1c0f2edf3acfdbde303a3f0ec7
SHA256 fd87715a1527c26ae6fd21ebc30e7d1d810ab118461173785d5ee5779fe13df1
SHA512 8eb56640da3497155ab58daf30f5124e07224763ab028eb2f4d09f790d2a793ccba212e829fb8a84d86a6ad9ac69d726adf02edebf558bed4ae3b9d2f042cfad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 f59f8264067229caeeeca5feb9f416a3
SHA1 d8ee55f26f243dfd3d82baa6e2276145e6b3edc3
SHA256 17643c393ab212a0a51e0076889b958f36bd45ec398f01e7062aa1a12b81d80f
SHA512 da71a07b1e0669e299865e5ede9a0efdbe47478b903944517145163ca77e1e639789bd24c6cfc8015cc136fb3d7d34de3c6e3c543344bfcbd33c9830a9836927

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ac0773307e990329df4feab8ac2b2671
SHA1 a3c6d19a52611375629b9a2fec198d8b4a871115
SHA256 eccabd9e598f84b6891843d9646208cb117c6832b015e133ee8bc6048c297f1d
SHA512 1239a4381ec146fdff2e133ded707ed41aea8ac37c04a242a6b2798b3b6ddfc0515b3eaadcc077ef32a33f298d68e3b76704858fb5650b55402b8e77ce147e66

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1c5283448fd2c270ffb18a7080e723a9
SHA1 16950e6b162ab961c8fb516564e59a9b07f8dba3
SHA256 92b433b53e51cd67aea47a568872d1eada4331790b99c1ce20685bb83e9945d1
SHA512 a30ee16d35dafa3cac2379648bb156ec3f7b829835fdf58cb10ba5db1dc56bbc233d7191c9de83aee0c5ba9c78e339a323494997cde9c8d27d72a1310a87df72

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000100

MD5 8f774d8ec3d94ac96463641613a7aee5
SHA1 c8ac3b508b2b76c9b12832cf00bc5baf8fa80431
SHA256 6ffc1fc7f7253c83847be702ff05c8d107b0f13dd5b27330e379c6a3e6abdc1a
SHA512 e584cd19863a523b7cacdf9504626c05a1f34dd2c044ceaec490df841bddd57dd7e3248689b8ae536396922147a82a3dd8bb9b7f2a27cc0974982381011492a6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000101

MD5 3b7f5b1ed186119c9d2134f39ff01aff
SHA1 188ab9809364a4e99aa09abb3a1d4b332c0f335b
SHA256 ed8180b8a5ec6974878c6436f52a298f1104338435fe23e0623eab56ecacabcd
SHA512 ce555ae7ef325e2f71079935f286d1cbd4f0fb607702451bbb5f239e61aebf96400e4c3460430faf15fe123c20176f8a2764ba25be3feadec7f1a109019098cd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ff

MD5 660c3b546f2a131de50b69b91f26c636
SHA1 70f80e7f10e1dd9180efe191ce92d28296ec9035
SHA256 fd91362b7111a0dcc85ef6bd9bc776881c7428f8631d5a32725711dce678bff9
SHA512 6be1e881fbb4a112440883aecb232c1afc28d0f247276ef3285b17b925ea0a5d3bac8eac6db906fc6ac64a4192dd740f5743ba62ba36d8204ff3e8669b123db2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000102

MD5 6e1b1f9f1f9e64e4939b0b8fd52fceb3
SHA1 0cf19341d439a2ca839d29289a7362e9bb84fa30
SHA256 853e306b3c8c59c46eb455a4084045b2dbfb7ec1bcf6aedb544e0219cf9d74ec
SHA512 bdb66a877afbe3e4eee1384d01d770a4978a87ae6e4a297a2dc95ff1a35e530b74eec03da55ecb48eb3610a3a66a6e88c8d47f7dbc68d6356ab6b855a80144ec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000105

MD5 c827d2e4e0e2f452cf970e7e87d6621a
SHA1 9ac2fc5735d4ad75ce73d4f383d97b21bfb80afd
SHA256 6df77f3dcac8e65177c68173cff66a84d23eeb337fa70d3a322b553357873a2f
SHA512 35c36b04c3d6c0d29d6ecafe36369b537bc25125ed51a73bb8ec616022338e9a812761856ea44943e49a4bcf7d9e886a5cd83adb7d9a86aada5dae77ea081660

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a096e788e6db56e46cf434c293045a86
SHA1 42be743844e6a9ab1cc3a306fa32e31c02835828
SHA256 1be53a8dd7fe076741d0fa5628d16f416d4c51dbbf35867be39d264d05787099
SHA512 e375357025327547c2620bbbbb8644a406f06a01c1782f93864383fd5ee05fe3aa71cf08411ead2539c7094ce6166b4414ff01a79c81461eecc276d0d16c7e34

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a96802ecc7b3c5c1f1c964cb6a01cf1a
SHA1 3ccabd4cf9567d5fd4afe5b6a4aaf16deeef9360
SHA256 95b20f95a61197fb35cf43e0eed22a43512ab0722cbc5754b4e2a6f2692848cf
SHA512 c84a7348242b596108692135a6f236c6f85910f02f3262e4f68c258619dd45154e275dfc8a98de312bc18e2da1523a3f8ba0ea4baee658f375ed1604e45df98f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 35f3e243e8c44355e8960ddc904eaae3
SHA1 3d73d25f70604ac0fe7b269f62871cd4347a9e6e
SHA256 50b90b0c090392895ce0ee69359b03de371b0d43fbfc04eac3fde6529fed324a
SHA512 740909768ff2b6bee52365b4a48def9c8926cf5e7290c925b2eb9bdab2599be39a13949754aabbc7209396c11cf21aef1f77b8468fd129b5ae29a770491ccd3f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 7942d5264f4b12a8b94be0d3c7bd6699
SHA1 7996b294abb70fd7233060736b19623fb8fe0f25
SHA256 c1b1baa62bdd7c5139c777f88711ebcf732a1c18e6ae9dfb1eaa599d54a356cc
SHA512 18fa65bdc41d671a897938977ab8b8f1777a48a1af1bda4e2f955564767acb76a06690db77d14fd8eda38dc1ad711034f3cde0eadb3e86894c0cd1c1e9d7a94d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f9cac15c1cd1232a726c99e753ef830e
SHA1 2e0fb7fd04906ff41f3bc818177f26b618ffbfc0
SHA256 0af679eed2ae0b335142881cd176dedddcb868507a4625940f4dcd16a2ec529a
SHA512 bc83dd9a22d69ef61831d51c3d3843b46cd0b81f8e05551329ccc7e72282cb01f628cdbeb3bdee8deb614d7bc21c07d851cdc6e6d51d0ab6c14ab4ca5a2a6ad6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 52b6b86cf187b641a4622d53a2e5fd3b
SHA1 5a152fd740576970346d72f3453623de74cb9371
SHA256 a7d829aea00371e81ec89318f276373d59d7f93b06a663e0faa130f5af7b37af
SHA512 29ea442df85445521c7ab740a196de101ed1005735f4c3beac439b6055d2ee3e3a587efb1e8eb2037356be0a5e0de8b74949d2ed887d6001de9ed739f4df0cf8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 66478a6ca2910134bcf64a1aed5cb71f
SHA1 bc2ddaa12a0a747f3999ee354a37dbbd19195ff4
SHA256 099b1f2a852d970fae13057aa01bd0c4cdc8c903abe3ddff3fff6b38796775e0
SHA512 b18f73729dfb9756163daedb0924bafdf4ed6564e494eb14b5781c8ac1f7a678b002791ec602f657ce54833c938112d7e76061316329cda0bf6b50d2efaf9898

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 7e3aff4ff2ee6777dfc8eccbf53318ee
SHA1 8b08281206c68c9e41f1208702f59eaa15251c79
SHA256 d5d51e4714a4ff3f0debf90b30b11ba4b3f2b60873719c8abc82ab2a6c47465f
SHA512 2721bc89d4d6de4566b27b427bacd3d98b7781dc4d99e335d34498ec1e185590b9cbde4916d213936cd85ba27384b09f37b1015a38c3b4ea1d4f1405c57b8c84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6f46467019980b8712e3b0f5184cbdd7
SHA1 a7f33bdb18ed388f532da0929e1e81df055841df
SHA256 1fadf70e3398b5423aceb91763bb33438f87ce64916eada3c32ea67046b3b1e9
SHA512 32a2d9682eb6f25b0be435d7723a9bcb54fb01867ff40f10b3d09d199aa1dceb34b986e1efe68bb5d03841a5c2155fdfe4f49ee1e79b120b60efed3731d53cf3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0e78e99144a7af2e620c325f4888d461
SHA1 11b36c156bcbf88968d5dc51fc0fc34cc77af25e
SHA256 edd7a864895e5e31f7317abce5ab11570458de478d2cf1daf04bf181f7dfd492
SHA512 de649ee4ba196f3f4bce48dec3c3591e1172c6f43ba15568b4bf76c139e732a56f256655d2518d353a9fb0cf90dd75563114857fe1f04948dba93ed781b44db4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

MD5 fac49e161e404a2a94033d91245077d8
SHA1 fcdd095a60d94e7fedb86bf29c784007b4d7e9c7
SHA256 782fae8642551618ba67e354c7335e274ffeb931ca0c02698e5cd8ca5931a349
SHA512 0a3e34ab9bc45b40f7c2b2c26896ced8869a78992e1a8fae4d0dffd7815216a0168c19661de536b6174f168f88563185ed87929c04a7d8238250960bcf562bb2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 84f07b7bed7cdb8b175706ef6c699df7
SHA1 b122d1d773a7ad7f83fc26581794eb6e05074ccd
SHA256 1b307f5afb81e46643736864da97c2436a58d1aeffaed0352bd4281279ea7f7c
SHA512 b9b4f1c05fad31bd754349aeffedba43b9bcfb57d4fd3d22cdacd20783ea90c922490c3d6d4d3dc844f379dab028e429a544d012228c82445765185c99db7ac6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a8b905e9f7b6db0b26d5a9c29c48f11c
SHA1 ff4d63b10f6533deb4f4bcf675fbba133ff8afbf
SHA256 c64960d00c7bc9cb6bdff647091ad884ab4ae5b785268d285a93777de9188f9c
SHA512 79d2f85b3cced8c97e1469d13590c2528d49939e81e872a5ddc4238bd20588f32b5475e45fb1b90c98aa876c36e0523fae542a65f31a41be0a8d60bb6bd3be9d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 67f4e1108eb07e6cd7411cb132a90f50
SHA1 d3e7b82b3d350763339eb405f0d8fdd5913f890e
SHA256 5fb0efbccf4271ab2ecd0d787f19f442c855533685be6c761c16a3c5338ccc8d
SHA512 8227f6bce9af7d82a059fc36d67c6dc603f0d7905065ffb062d66fa9c87054a2be7ddb7541a024762eb3c45a7877459611efb8748cd090bc80fd2acae3c99c8f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d5

MD5 4f9d58547367f284c0fa5c840c00b329
SHA1 afdf5a998830ad8bea4d57ad8cb3882ac911b43f
SHA256 3104d7911ad5190e95f4bcc647740dcc286325ca7a57f46510cd7970aeced0cd
SHA512 7d21bdf059b4cbb5a1203c8c7333ea91118bab3b6d935f59e7e89637eb31d2a28d69033ce8501431dfbcccdb6df1f05d86cc4d99af01c68270a5577b795eb350

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 6ca0df403c02cbaba8d3a29518109845
SHA1 e3a9a0f7a9eef217af6e7f37c7ed30245b17a2d3
SHA256 a590efed173751369bfacef4095302bcb56ec08eb752ae70f5b011626f411719
SHA512 557d13dca6321bb8f29e29c1fa0bf65ceb7dbbecade6fe8a67160baf83a1d96b49cf7003905d9549e71dd554a87defa9fc01125a37fdf13612c943cb72676954

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{1FAB8CFE-9860-415C-A6CA-AA7D12021940}\2.0.0.34\BGAUpdate.exe

MD5 3f208f4e0dacb8661d7659d2a030f36e
SHA1 07fe69fd12637b63f6ae44e60fdf80e5e3e933ff
SHA256 d3c12e642d4b032e2592c2ba6e0ed703a7e43fb424b7c3ab5b2e51b53d1d433b
SHA512 6c8fce43d04dd7e7f5c8bf275ba01e24a76531e89cc02f4b2f23ab2086f7cf70f485c4240c5ea41bf61cb7ceee471df7e7bdc1b17dfdd54c22e4b02ff4e14740

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5e0ac6e276de0b0ec976320875e321de
SHA1 58c23e05bf9786fe3c21950ae3f5adb8fe55ce88
SHA256 87a192664d7cef2f3a9c18bc7b3e45a33e3ee94920d68bcbb3cfb210436516ce
SHA512 ee7b2f99921953c5dc29b9fb168cec4a7c7edd9447173bacf81109fd6edfaccbed9003a0226f24c932df45a16c0fe077233b8f8a3f2ddd5285505dc226544673

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d7

MD5 569ed6da5daa311a8f0885e1c8e87afe
SHA1 095962983c03e2c1123a202c4905986b923f878c
SHA256 39c729c01dcd130d7d216927ed70364a6bc95a215dc03de8a1340c4b667b7345
SHA512 76a99b54ab87a0702037a0513a38e515a0090fcaab1204cede01e6d6cbf418d74a79469cdbc52f5fc422f0d2336df9b1a9b44a63302a2546bcc6cd64d090f7b9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000143

MD5 888c5fa4504182a0224b264a1fda0e73
SHA1 65f058a7dead59a8063362241865526eb0148f16
SHA256 7d757e510b1f0c4d44fd98cc0121da8ca4f44793f8583debdef300fb1dbd3715
SHA512 1c165b9cf4687ff94a73f53624f00da24c5452a32c72f8f75257a7501bd450bff1becdc959c9c7536059e93eb87f2c022e313f145a41175e0b8663274ae6cc36

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5af2a5e169f308ab6aed72d003a3b0c3
SHA1 0b1f6d94fc65cade7645364edb5c77a59083ca1a
SHA256 22cfde86213d09fdee6eff88c01bf17395936b2f4fa19af0a714f0ad0fc3476d
SHA512 32d914a3be51a3f1a91eeec015c0826f78321ccb108107c8730df42d983ecc8152ddf74d6092652fa2a3c1d50bc38b56df1d898013528a9af908cc6333a91773

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 08fef5b56b45f24e199f7d39c1bb5375
SHA1 cb42647df064ef499b74e360fbd66d4c04758a39
SHA256 93316c6b2d341bb4ee8d92045d68344c8d3cd5f041ee4b00dba210e9064131f8
SHA512 4f2a5cf68d6d4dbcd7d3bf772e1564af11d2be2e6f8f91d7983de5e829326423c877539e28a6b5eaa15a0e1d965d4132cb07e08cdbdbf0bc64a88318dfa48e9d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 5be9ce1739bf7d57f6468d0f42e79e8d
SHA1 67b62db682db60dcb8a24e2d63230cf580f9dec3
SHA256 6026e5f4b43893df211e811a0403287e9f5aafe45264d72dd596957dedc9e3c2
SHA512 042878926cf28d01c506626dd55e809c186ca9f4b0eadc5d92780fb7f9f2d954b9710eeb3377f9a3bf49bd33991ad8c1e10769f05e4990b8598ed523097fa299

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 e922b9b69f19a88e317698d387a5caf6
SHA1 5cf013bcadf99689a208a785c0a8a7edb1bbbc31
SHA256 2ef26525a62d1d30b8106af83c82359458be0c50544c28f92995ca9814b910b4
SHA512 3f1adf4a811ba8f6749e6d59b3741243c439751e3179976ceaa5e612802e9cf3f3ae79e8c8edc9351da614595a7b46136fef5e076289564813b6f0737d02e72e

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{91332839-B2F3-4996-B5F5-F731FECC7316}\EDGEMITMP_4D4F2.tmp\SETUP.EX_

MD5 c5d1aab9d094b8e7663ee0dc484d5d77
SHA1 4b93a6e831a1a46fe2fa23bea018ae6ebc50a426
SHA256 2fabb54b397903447b593797f790b7712ff88b29caf6bba56935d923759ca800
SHA512 c97c168f546adf0871ed1bfe6e236fdb36ec51db89f41a14c81547a0552f6627d0891dd35d8906d708ef1a18504dbd2455c20a034cb2b5e7a341322ab7d39a84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d4766a9691f7b02e410a9d860089b5f0
SHA1 7555eae559af31097f359b0b7e89dffc54bed6d6
SHA256 a383ffceb7f4ec65530652dd18b48c4ea81f15c96b547c7d9fb93c7ef93bf387
SHA512 59872f40c7f4a108497f76422ca8c1778a500c24e9094e179dfb877088cc8a63f6dc8136ca40f4d19890a1f41d8330125cfdaebd5534ba97461ccc32e2805a02

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 395c67d708dd1500b7530cf79d2ac0d8
SHA1 a908956da8714a763128af224911d29d0a953d55
SHA256 a883f5f705648cb1c3e728e0b6de181255d40885982476ee5c371e3f20caf602
SHA512 11d2ca5c0983abb2d799c94e8126cdba6b6ec33e94c6505f6f028dd18012967e411a9a34dc634284465fca67afe6671c24555b32872a0a396dd65add320feb15