Malware Analysis Report

2024-07-28 05:22

Sample ID 240604-2bg53aec52
Target http://google.com
Tags
adware microsoft discovery evasion persistence phishing stealer trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file http://google.com was found to be: Likely malicious.

Malicious Activity Summary

adware microsoft discovery evasion persistence phishing stealer trojan

Modifies Installed Components in the registry

Downloads MZ/PE file

Sets file execution options in registry

Checks computer location settings

Loads dropped DLL

Executes dropped EXE

Registers COM server for autorun

Adds Run key to start application

Checks installed software on the system

Installs/modifies Browser Helper Object

Checks whether UAC is enabled

Detected potential entity reuse from brand microsoft.

Suspicious use of NtSetInformationThreadHideFromDebugger

Checks system information in the registry

Suspicious use of NtCreateThreadExHideFromDebugger

Drops file in System32 directory

Drops file in Program Files directory

Program crash

Enumerates physical storage devices

Modifies data under HKEY_USERS

NTFS ADS

Uses Task Scheduler COM API

Suspicious use of WriteProcessMemory

Suspicious use of UnmapMainImage

Enumerates system info in registry

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of SendNotifyMessage

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

System policy modification

Suspicious use of SetWindowsHookEx

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Modifies Internet Explorer settings

Modifies registry class

MITRE ATT&CK Matrix V13

Initial Access
TA0001
Execution
TA0002
Persistence
TA0003
Boot or Logon Autostart Execution
T1547
Registry Run Keys / Startup Folder
T1547.001
Browser Extensions
T1176
Privilege Escalation
TA0004
Boot or Logon Autostart Execution
T1547
Registry Run Keys / Startup Folder
T1547.001
Defense Evasion
TA0005
Modify Registry
T1112
Credential Access
TA0006
Discovery
TA0007
Query Registry
T1012
System Information Discovery
T1082
Lateral Movement
TA0008
Collection
TA0009
Exfiltration
TA0010
Command and Control
TA0011
Impact
TA0040
Resource Development
TA0042
Reconnaissance
TA0043

Analysis: static1

Detonation Overview

Reported

2024-06-04 22:24

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-04 22:24

Reported

2024-06-04 22:44

Platform

win10v2004-20240508-en

Max time kernel

1199s

Max time network

1201s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.com

Signatures

Downloads MZ/PE file

Modifies Installed Components in the registry

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.85\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A

Sets file execution options in registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU3EE0.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU3EE0.tmp\MicrosoftEdgeUpdate.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\e59a9c3\winzip28-bing.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\e59d8b3\winzip28-bing.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\e59f255\winzip28-bing.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\7-Zip\7zFM.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\MicrosoftEdgeUpdate.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B24CDE75-5BC5-490C-9F86-7A62E54839A8}\MicrosoftEdge_X64_125.0.2535.85.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B24CDE75-5BC5-490C-9F86-7A62E54839A8}\EDGEMITMP_FA598.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B24CDE75-5BC5-490C-9F86-7A62E54839A8}\EDGEMITMP_FA598.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\Downloads\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\Downloads\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\e59a9c3\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\e59a9e2\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\Downloads\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\e59d8b3\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\Downloads\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\e59d911\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\Downloads\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\e59f255\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\Downloads\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\e59f2d3\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\Downloads\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\e59f3cc\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\Downloads\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\e59f488\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\Downloads\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\e59f514\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\Downloads\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\e59f5ef\winzip28-bing.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5A090CA4-CC5D-44EF-8895-E5788D5FA554}\MicrosoftEdgeUpdateSetup_X86_1.3.187.39.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU3EE0.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Users\Admin\Downloads\7z2406.exe N/A
N/A N/A C:\Users\Admin\Downloads\7z2406.exe N/A
N/A N/A C:\Program Files (x86)\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
N/A N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{45EF9E1C-998B-4C27-BD81-E57F0DE2789C}\BGAUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\MicrosoftEdge_X64_125.0.2535.85.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU3EE0.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
N/A N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
N/A N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
N/A N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
N/A N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A

Registers COM server for autorun

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.85\\EBWebView\\x64\\EmbeddedBrowserWebView.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.85\\BHO\\ie_to_edge_bho_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.85\\PdfPreview\\PdfPreviewHandler.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.85\\notification_click_helper.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\!BCILauncher = "\"C:\\Windows\\Temp\\MUBSTemp\\BCILauncher.EXE\" bgaupmi=5514A2A456EA424C90F7BEF390BAA544" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{45EF9E1C-998B-4C27-BD81-E57F0DE2789C}\BGAUpdate.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Installs/modifies Browser Helper Object

stealer adware
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU3EE0.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU3EE0.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\MicrosoftEdgeUpdate.exe N/A

Detected potential entity reuse from brand microsoft.

phishing microsoft

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A

Suspicious use of NtCreateThreadExHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\sky\clouds-bc4.dds C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\ExtraContent\textures\ui\Controls\DesignSystem\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\AvatarImporter\img_light_Rthro.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\StudioToolbox\AssetConfig\plugin_temp.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\VoiceChat\SpeakerDark\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.85\msvcp140.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\ExtraContent\textures\ui\LuaApp\graphic\gr-avatar mask-90x90.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\ExtraContent\textures\ui\LuaApp\graphic\Auth\wechatlogo.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\AnimationEditor\btn_delete.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\AnimationEditor\button_collapse.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\AnimationEditor\image_keyframe_elastic_selected.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\Controls\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\Input\IntroCameraPinch.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\DeveloperStorybook\ToolbarIcon.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\ExtraContent\textures\ui\LuaApp\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.85\Trust Protection Lists\Sigma\LICENSE C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\VoiceChat\SpeakerNew\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\ExtraContent\textures\ui\LuaApp\graphic\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU3EE0.tmp\msedgeupdateres_tr.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5A090CA4-CC5D-44EF-8895-E5788D5FA554}\MicrosoftEdgeUpdateSetup_X86_1.3.187.39.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\DeveloperFramework\button_arrow_right.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\DeveloperFramework\checkbox_unchecked_light.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\icon_following-16.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\AppImageAtlas\img_set_2x_9.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\ExtraContent\textures\ui\LuaChat\graphic\gr-indicator-instudio-8x8.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\AvatarImporter\img_light_R15.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\AppImageAtlas\img_set_3x_4.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\Scroll\scroll-top.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\ExtraContent\textures\ui\Controls\DesignSystem\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.85\Locales\af.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\Controls\DesignSystem\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\AppImageAtlas\img_set_3x_12.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\PlayerList\NewAvatarBackground.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\msedgeupdateres_es-419.dll C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\avatar\meshes\torso.mesh C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\Debugger\Breakpoints\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\PluginManagement\allowed.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\ExtraContent\textures\ui\LuaChatV2\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.85\dxcompiler.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B24CDE75-5BC5-490C-9F86-7A62E54839A8}\EDGEMITMP_FA598.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\MenuBar\icon_home.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\Settings\Slider\Right.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\ExtraContent\textures\ui\LuaChat\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.85\Locales\cy.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.85\identity_proxy\win11\identity_helper.Sparse.Dev.msix C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\fonts\BuilderSans-Medium.otf C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\Controls\DesignSystem\Thumbstick2.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\VoiceChat\SpeakerDark\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\Trust Protection Lists\Sigma\LICENSE C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B24CDE75-5BC5-490C-9F86-7A62E54839A8}\EDGEMITMP_FA598.tmp\setup.exe N/A
File created C:\Program Files (x86)\7-Zip\Lang\hr.txt C:\Users\Admin\Downloads\7z2406.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\TerrainTools\import_toggleOn_dark.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\TerrainTools\mtrl_asphalt.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\TopBar\emotesOff.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\ExtraContent\textures\ui\InGameMenu\TouchControls\touch_action_rotate_camera.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\ExtraContent\textures\ui\LuaChat\9-slice\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.85\Locales\gu.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\TerrainTools\radio_button_bullet.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\Controls\xboxB.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\ui\Settings\Radial\Bottom.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.85\Locales\mt.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B24CDE75-5BC5-490C-9F86-7A62E54839A8}\EDGEMITMP_FA598.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\Edge\Temp\msedge.hollow.7z C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerLauncher.exe C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\AnimationEditor\icon_keyIndicator.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\content\textures\TerrainTools\mt_smooth.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Enumerates physical storage devices

Program crash

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\WerFault.exe C:\Users\Admin\AppData\Local\Temp\e59a9c3\winzip28-bing.exe
N/A N/A C:\Windows\SysWOW64\WerFault.exe C:\Users\Admin\AppData\Local\Temp\e59d8b3\winzip28-bing.exe

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.85\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.85\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\ProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ProxyStubClsid32\ = "{2B1EC306-3EDE-4012-9BB0-FB836132FF52}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\NumMethods\ = "11" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\.xht C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\NumMethods\ = "16" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\.xml\OpenWithProgids C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\ = "IAppCommand" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\NumMethods\ = "10" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\ProgID\ = "MicrosoftEdgeUpdate.PolicyStatusMachine.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebMachineFallback.1.0\ = "Microsoft Edge Update Update3Web" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods\ = "5" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{A6B716CB-028B-404D-B72C-50E153DD68DA} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\ = "IAppWeb" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\ = "IAppCommand" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachineFallback\ = "Google Update Policy Status Class" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Drive\shellex\DragDropHandlers\7-Zip C:\Users\Admin\Downloads\7z2406.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\NumMethods\ = "41" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\ = "IAppCommand" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\NumMethods\ = "12" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\.pdf C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{A6B716CB-028B-404D-B72C-50E153DD68DA}\ServiceParameters = "/comsvc" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\Elevation\Enabled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\Elevation\Enabled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ = "IGoogleUpdate3WebSecurity" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Mode = "1" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\ = "Update3COMClass" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ = "ICurrentState" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CredentialDialogMachine\ = "Microsoft Edge Update CredentialDialog" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\7-Zip C:\Users\Admin\Downloads\7z2406.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\ProgID\ = "MicrosoftEdgeUpdate.Update3WebMachineFallback.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ProxyStubClsid32\ = "{2B1EC306-3EDE-4012-9BB0-FB836132FF52}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.ProcessLauncher.1.0\CLSID\ = "{08D832B9-D2FD-481F-98CF-904D00DF63CC}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\VersionIndependentProgID\ = "ie_to_edge_bho.IEToEdgeBHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\MSEdgePDF\Application C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\ = "IGoogleUpdateCore" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\VERSIONINDEPENDENTPROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ = "IPolicyStatus3" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods\ = "26" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{5F6A18BB-6231-424B-8242-19E5BB94F8ED} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

NTFS ADS

Description Indicator Process Target
File created C:\Users\Admin\AppData\Local\Temp\e59a9e2\winzip28-bing.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\winzip28-bing.exe N/A
File created C:\Users\Admin\AppData\Local\Temp\e59f488\winzip28-bing.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\winzip28-bing.exe N/A
File created C:\Users\Admin\AppData\Local\Temp\e59f514\winzip28-bing.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\winzip28-bing.exe N/A
File created C:\Users\Admin\AppData\Local\Temp\e59f2d3\winzip28-bing.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\winzip28-bing.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 757090.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Users\Admin\AppData\Local\Temp\e59d911\winzip28-bing.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\winzip28-bing.exe N/A
File created C:\Users\Admin\AppData\Local\Temp\e59f3cc\winzip28-bing.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\winzip28-bing.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 741391.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 479383.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Users\Admin\AppData\Local\Temp\e59a9c3\winzip28-bing.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\winzip28-bing.exe N/A
File created C:\Users\Admin\AppData\Local\Temp\e59d8b3\winzip28-bing.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\winzip28-bing.exe N/A
File created C:\Users\Admin\AppData\Local\Temp\e59f255\winzip28-bing.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\winzip28-bing.exe N/A
File created C:\Users\Admin\AppData\Local\Temp\e59f5ef\winzip28-bing.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\winzip28-bing.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU3EE0.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU3EE0.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files (x86)\7-Zip\7zFM.exe N/A
N/A N/A F:\Kiwi X\finj.exe N/A
N/A N/A F:\Kiwi X\finj.exe N/A
N/A N/A F:\Kiwi X\finj.exe N/A
N/A N/A F:\Kiwi X\finj.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
N/A N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\MicrosoftEdgeUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\MicrosoftEdgeUpdate.exe N/A
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Microsoft\Temp\EU3EE0.tmp\MicrosoftEdgeUpdate.exe N/A
Token: SeRestorePrivilege N/A C:\Program Files (x86)\7-Zip\7zFM.exe N/A
Token: 35 N/A C:\Program Files (x86)\7-Zip\7zFM.exe N/A
Token: SeRestorePrivilege N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
Token: 35 N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
Token: SeRestorePrivilege N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
Token: 35 N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Token: 33 N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Token: SeRestorePrivilege N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
Token: 35 N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files (x86)\7-Zip\7zFM.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files (x86)\7-Zip\7zFM.exe N/A
Token: SeRestorePrivilege N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
Token: 35 N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeRestorePrivilege N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
Token: 35 N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files (x86)\7-Zip\7zFM.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files (x86)\7-Zip\7zFM.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files (x86)\7-Zip\7zFM.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files (x86)\7-Zip\7zFM.exe N/A
Token: SeRestorePrivilege N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
Token: 35 N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
Token: SeRestorePrivilege N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
Token: 35 N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files (x86)\7-Zip\7zG.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\Downloads\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\e59a9c3\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\e59a9e2\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\Downloads\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\e59d8b3\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\Downloads\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\e59d911\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\Downloads\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\e59f255\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\Downloads\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\e59f2d3\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\Downloads\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\e59f3cc\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\Downloads\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\e59f488\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\Downloads\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\e59f514\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\Downloads\winzip28-bing.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\e59f5ef\winzip28-bing.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Downloads\7z2406.exe N/A
N/A N/A C:\Users\Admin\Downloads\7z2406.exe N/A

Suspicious use of UnmapMainImage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1892 wrote to memory of 3332 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 3332 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 5048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 3820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 3820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 4932 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 4932 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 4932 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 4932 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 4932 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 4932 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 4932 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 4932 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 4932 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 4932 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 4932 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 4932 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 4932 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 4932 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 4932 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 4932 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 4932 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 4932 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 4932 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1892 wrote to memory of 4932 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

System policy modification

evasion
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe N/A

Uses Task Scheduler COM API

persistence

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdc2ac46f8,0x7ffdc2ac4708,0x7ffdc2ac4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2204 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2700 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3872 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3552 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3552 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3520 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5296 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5616 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5532 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4848 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5328 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3880 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5740 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5392 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5844 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5836 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5960 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6728 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6608 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6540 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6976 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7084 /prefetch:8

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2264 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6804 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6384 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QzAwM0M3RTYtMEVBRS00NDhGLUI4RkYtRTVFMTcyMzc0RDU0fSIgdXNlcmlkPSJ7QkEzRTg0MEMtNUEyRC00REZCLUI0QjktMzkyNzZGNDM4RDIwfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntFMTRDQUQ3Qy1BNTA0LTQwMUUtQjAxMS1ENjRCRDExMTM2QjF9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7RHhPYmpIR2ErblJhMmF0QzN3bytJRXBDNzgrWlllQVVia1hwREMyY2o3VT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4Ny4zNyIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjUwOTUzMjE0NTgiIGluc3RhbGxfdGltZV9tcz0iMTEwMCIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{C003C7E6-0EAE-448F-B8FF-E5E172374D54}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QzAwM0M3RTYtMEVBRS00NDhGLUI4RkYtRTVFMTcyMzc0RDU0fSIgdXNlcmlkPSJ7QkEzRTg0MEMtNUEyRC00REZCLUI0QjktMzkyNzZGNDM4RDIwfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InsxMzNFQTI5RS03QzI1LTRGNUEtOTBCOC03Q0JGM0QxOTIzNzB9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTEwLjAuNTQ4MS4xMDQiIG5leHR2ZXJzaW9uPSIxMTAuMC41NDgxLjEwNCIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9IjUxMDA2NDEzMTAiLz48L2FwcD48L3JlcXVlc3Q-

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x304 0x410

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6652 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6488 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7192 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7344 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7184 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7200 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7620 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7676 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7476 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8100 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7872 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8560 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B24CDE75-5BC5-490C-9F86-7A62E54839A8}\MicrosoftEdge_X64_125.0.2535.85.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B24CDE75-5BC5-490C-9F86-7A62E54839A8}\MicrosoftEdge_X64_125.0.2535.85.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8456 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B24CDE75-5BC5-490C-9F86-7A62E54839A8}\EDGEMITMP_FA598.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B24CDE75-5BC5-490C-9F86-7A62E54839A8}\EDGEMITMP_FA598.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B24CDE75-5BC5-490C-9F86-7A62E54839A8}\MicrosoftEdge_X64_125.0.2535.85.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B24CDE75-5BC5-490C-9F86-7A62E54839A8}\EDGEMITMP_FA598.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B24CDE75-5BC5-490C-9F86-7A62E54839A8}\EDGEMITMP_FA598.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.142 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B24CDE75-5BC5-490C-9F86-7A62E54839A8}\EDGEMITMP_FA598.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.85 --initial-client-data=0x22c,0x230,0x234,0x208,0x238,0x7ff615c84b18,0x7ff615c84b24,0x7ff615c84b30

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7536 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8276 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7960 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7480 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8952 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8132 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8684 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8800 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7424 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8512 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8260 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8664 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7240 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9060 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7500 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=8640 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8936 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8128 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5772 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QzAwM0M3RTYtMEVBRS00NDhGLUI4RkYtRTVFMTcyMzc0RDU0fSIgdXNlcmlkPSJ7QkEzRTg0MEMtNUEyRC00REZCLUI0QjktMzkyNzZGNDM4RDIwfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins3NDZBNkJDMi04MUNBLTRDMzAtQUFFMy0wMUY1NjlGQjk1QjN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTI1LjAuMjUzNS44NSIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9Ii0xIiBpbnN0YWxsZGF0ZT0iLTEiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNTEwOTEzMTI3MyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjUxMDkxODEzNTEiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1MzUyNjYxMjMzIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy8zYzc3NWU3NS1hZmY4LTRhZjEtYWVkZS03YTVjMDM0OWFhMGI_UDE9MTcxODE0NDcxOCZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1ETlBSc2o4czJNNkRPQVZJJTJmMUdQSE1ITExZemcwaXNSUXRmVGpUMUZsayUyZkVyMnB6dHlWWWg2Yzhjb3ZyaVNXUG16aFhRaEVDVVc5MGJyUWgwVHpaOHclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNzM2NzU1NzYiIHRvdGFsPSIxNzM2NzU1NzYiIGRvd25sb2FkX3RpbWVfbXM9IjE0ODMzIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNTM1Mjc1MTIzMCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjUzNzU2MDE0MDQiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY3NTciIHN5c3RlbV91cHRpbWVfdGlja3M9IjU4NTA2MzE2MjUiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSIyMjAiIGRvd25sb2FkX3RpbWVfbXM9IjI0MzQ1IiBkb3dubG9hZGVkPSIxNzM2NzU1NzYiIHRvdGFsPSIxNzM2NzU1NzYiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIwIiBpbnN0YWxsX3RpbWVfbXM9IjQ3NTAxIi8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\RobloxPlayerBeta.exe" -app -isInstallerLaunch

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9180 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9160 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8980 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8588 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7212 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5168 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6464 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7592 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7640 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7668 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8988 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7892 /prefetch:8

C:\Users\Admin\Downloads\winzip28-bing.exe

"C:\Users\Admin\Downloads\winzip28-bing.exe"

C:\Users\Admin\Downloads\winzip28-bing.exe

"C:\Users\Admin\Downloads\winzip28-bing.exe"

C:\Users\Admin\AppData\Local\Temp\e59a9c3\winzip28-bing.exe

run=1 shortcut="C:\Users\Admin\Downloads\winzip28-bing.exe"

C:\Users\Admin\AppData\Local\Temp\e59a9e2\winzip28-bing.exe

run=1 shortcut="C:\Users\Admin\Downloads\winzip28-bing.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 6056 -ip 6056

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 6056 -s 2160

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5712 /prefetch:1

C:\Users\Admin\Downloads\winzip28-bing.exe

"C:\Users\Admin\Downloads\winzip28-bing.exe"

C:\Users\Admin\AppData\Local\Temp\e59d8b3\winzip28-bing.exe

run=1 shortcut="C:\Users\Admin\Downloads\winzip28-bing.exe"

C:\Users\Admin\Downloads\winzip28-bing.exe

"C:\Users\Admin\Downloads\winzip28-bing.exe"

C:\Users\Admin\AppData\Local\Temp\e59d911\winzip28-bing.exe

run=1 shortcut="C:\Users\Admin\Downloads\winzip28-bing.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 440 -p 4492 -ip 4492

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 4492 -s 2100

C:\Users\Admin\Downloads\winzip28-bing.exe

"C:\Users\Admin\Downloads\winzip28-bing.exe"

C:\Users\Admin\AppData\Local\Temp\e59f255\winzip28-bing.exe

run=1 shortcut="C:\Users\Admin\Downloads\winzip28-bing.exe"

C:\Users\Admin\Downloads\winzip28-bing.exe

"C:\Users\Admin\Downloads\winzip28-bing.exe"

C:\Users\Admin\AppData\Local\Temp\e59f2d3\winzip28-bing.exe

run=1 shortcut="C:\Users\Admin\Downloads\winzip28-bing.exe"

C:\Users\Admin\Downloads\winzip28-bing.exe

"C:\Users\Admin\Downloads\winzip28-bing.exe"

C:\Users\Admin\AppData\Local\Temp\e59f3cc\winzip28-bing.exe

run=1 shortcut="C:\Users\Admin\Downloads\winzip28-bing.exe"

C:\Users\Admin\Downloads\winzip28-bing.exe

"C:\Users\Admin\Downloads\winzip28-bing.exe"

C:\Users\Admin\AppData\Local\Temp\e59f488\winzip28-bing.exe

run=1 shortcut="C:\Users\Admin\Downloads\winzip28-bing.exe"

C:\Users\Admin\Downloads\winzip28-bing.exe

"C:\Users\Admin\Downloads\winzip28-bing.exe"

C:\Users\Admin\AppData\Local\Temp\e59f514\winzip28-bing.exe

run=1 shortcut="C:\Users\Admin\Downloads\winzip28-bing.exe"

C:\Users\Admin\Downloads\winzip28-bing.exe

"C:\Users\Admin\Downloads\winzip28-bing.exe"

C:\Users\Admin\AppData\Local\Temp\e59f5ef\winzip28-bing.exe

run=1 shortcut="C:\Users\Admin\Downloads\winzip28-bing.exe"

C:\Windows\SysWOW64\werfault.exe

werfault.exe /h /shared Global\c1e0cec306b9416490e05bd9e5c2d34f /t 3776 /p 4920

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5028 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6176 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7440 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8908 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3756 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7676 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1796 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7968 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7320 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7676 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8076 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8444 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7868 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=8300 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5A090CA4-CC5D-44EF-8895-E5788D5FA554}\MicrosoftEdgeUpdateSetup_X86_1.3.187.39.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5A090CA4-CC5D-44EF-8895-E5788D5FA554}\MicrosoftEdgeUpdateSetup_X86_1.3.187.39.exe" /update /sessionid "{E5B772E9-4B75-4BFD-8852-F1AD5F426508}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RTVCNzcyRTktNEI3NS00QkZELTg4NTItRjFBRDVGNDI2NTA4fSIgdXNlcmlkPSJ7QkEzRTg0MEMtNUEyRC00REZCLUI0QjktMzkyNzZGNDM4RDIwfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9InszQkQ4REFFNS0xRTgwLTRFNjItQjk0NS1CQTAxN0U3MzA2NEV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xODcuMzkiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iSXNPbkludGVydmFsQ29tbWFuZHNBbGxvd2VkPS10YXJnZXRfZGV2IiBpbnN0YWxsYWdlPSIyNyI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSIxMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODIzNTcyMDEzNSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4MjM1ODEzNTU2IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ3MDIzODM4IiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4NDYyNTE4Nzk3IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJkbyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvMjIxNjY3ZGMtYmIwYS00YWNiLTgzM2QtNWExMWRjODhhOGJmP1AxPTE3MTgxNDUwMzEmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9ano4dHRqbnFXeXVBNFdob0JFeiUyZmNmYkJDQ09VM2JVSndab1FtVm9pN1pBUlNHUFVDVTAxV0hlTXhsZmdIUnlSOGl2b1k5a1Y2Q2JWRjgwd2dHaWZvdyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSIwIiBkb3dubG9hZF90aW1lX21zPSIxOSIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4NDYyNTM4NzQ1IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy8yMjE2NjdkYy1iYjBhLTRhY2ItODMzZC01YTExZGM4OGE4YmY_UDE9MTcxODE0NTAzMSZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1qejh0dGpucVd5dUE0V2hvQkV6JTJmY2ZiQkNDT1UzYlVKd1pvUW1Wb2k3WkFSU0dQVUNVMDFXSGVNeGxmZ0hSeVI4aXZvWTlrVjZDYlZGODB3Z0dpZm93JTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTYyMTA0OCIgdG90YWw9IjE2MjEwNDgiIGRvd25sb2FkX3RpbWVfbXM9IjE4MjU4Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijg0NjI1Nzg3NjYiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODQ2Nzg0ODcxOCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxwaW5nIHI9IjI3IiByZD0iNjMzNyIgcGluZ19mcmVzaG5lc3M9InsyRjg5MzE0Qi0wNUVFLTRCNUEtOEY1RS0yMEY0RDAyMkMwMUR9Ii8-PC9hcHA-PGFwcCBhcHBpZD0iezU2RUIxOEY4LUIwMDgtNENCRC1CNkQyLThDOTdGRTdFOTA2Mn0iIHZlcnNpb249IjkyLjAuOTAyLjY3IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9IjI3IiBsYXN0X2xhdW5jaF90aW1lPSIxMzM2MjAxMzQ2NDgwMjExMTAiPjx1cGRhdGVjaGVjay8-PHBpbmcgYWN0aXZlPSIxIiBhPSIyNyIgcj0iMjciIGFkPSI2MzM3IiByZD0iNjMzNyIgcGluZ19mcmVzaG5lc3M9Ins2N0NFMEM2MS01MDkwLTQ2MDMtQTA4My0xRTlBRkJEQTFFMjJ9Ii8-PC9hcHA-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IjEyNS4wLjI1MzUuODUiIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIwIiBpbnN0YWxsZGF0ZT0iNjM2MyI-PHVwZGF0ZWNoZWNrLz48cGluZyByPSItMSIgcmQ9Ii0xIiBwaW5nX2ZyZXNobmVzcz0ie0RDMUUwNkExLThDMkUtNDgzNy04QjUxLUQ5RTcwOTZDQzc4Qn0iLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\Temp\EU3EE0.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU3EE0.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{E5B772E9-4B75-4BFD-8852-F1AD5F426508}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RTVCNzcyRTktNEI3NS00QkZELTg4NTItRjFBRDVGNDI2NTA4fSIgdXNlcmlkPSJ7QkEzRTg0MEMtNUEyRC00REZCLUI0QjktMzkyNzZGNDM4RDIwfSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7MDVFRjMzNjYtNjU5MS00QTY0LTk2MjEtMTc0RDcxODZCRUFDfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNzEuMzkiIG5leHR2ZXJzaW9uPSIxLjMuMTg3LjM5IiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMjciIGluc3RhbGxkYXRldGltZT0iMTcxNTE5NTM0NCI-PGV2ZW50IGV2ZW50dHlwZT0iMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODQ4NDMxODU5NyIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8836 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8220 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8544 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8548 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6888 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6964 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8296 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5908 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8144 /prefetch:8

C:\Users\Admin\Downloads\7z2406.exe

"C:\Users\Admin\Downloads\7z2406.exe"

C:\Users\Admin\Downloads\7z2406.exe

"C:\Users\Admin\Downloads\7z2406.exe"

C:\Program Files (x86)\7-Zip\7zFM.exe

"C:\Program Files (x86)\7-Zip\7zFM.exe"

C:\Windows\SysWOW64\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\$Recycle.Bin\S-1-5-21-4124900551-4068476067-3491212533-1000\desktop.ini

C:\Program Files (x86)\7-Zip\7zG.exe

"C:\Program Files (x86)\7-Zip\7zG.exe" a -i#7zMap19453:152:7zEvent2352 -ad -saa -- "C:\$Recycle.Bin\S-1-5-21-4124900551-4068476067-3491212533-1000\desktop"

C:\Program Files (x86)\7-Zip\7zG.exe

"C:\Program Files (x86)\7-Zip\7zG.exe" x -o"C:\$Recycle.Bin\S-1-5-21-4124900551-4068476067-3491212533-1000\desktop\" -ad -an -ai#7zMap16585:152:7zEvent12456

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7Mjc0RjhGQ0YtRUI3Ny00NjhGLUEwMDUtQUEzODcwRkJDMzU0fSIgdXNlcmlkPSJ7QkEzRTg0MEMtNUEyRC00REZCLUI0QjktMzkyNzZGNDM4RDIwfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7MkZEOEZCMTMtQTY0NS00RkZFLTk2MzYtMzU3Njk0RTJBNzRBfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O0Q2anhQZVVtS2ZoOHl0eTZGMDdZeE0xZVpESC9UVjZGUVQyZmZEaVp5d3c9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjExMC4wLjU0ODEuMTA0IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIyNyIgaW5zdGFsbGRhdGV0aW1lPSIxNzE1MTcxMjM1IiBvb2JlX2luc3RhbGxfdGltZT0iMTMzNTk2Njg5Mzk0MDY3OTEwIiBmaXJzdF9mcmVfc2Vlbl90aW1lPSIxMzM2MjAxMzUzNzg1NzYyNzciPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIyMzEwNjc2IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMTQ3NjI3NzYxNyIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{45EF9E1C-998B-4C27-BD81-E57F0DE2789C}\BGAUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{45EF9E1C-998B-4C27-BD81-E57F0DE2789C}\BGAUpdate.exe" --edgeupdate-client --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7Mjc0RjhGQ0YtRUI3Ny00NjhGLUEwMDUtQUEzODcwRkJDMzU0fSIgdXNlcmlkPSJ7QkEzRTg0MEMtNUEyRC00REZCLUI0QjktMzkyNzZGNDM4RDIwfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins2NjEyOEZDMC02Njk1LTQyRjQtODZDMy1DNDFCQjc0MUJFMjB9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7MUZBQjhDRkUtOTg2MC00MTVDLUE2Q0EtQUE3RDEyMDIxOTQwfSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMi4wLjAuMzQiIGxhbmc9IiIgYnJhbmQ9IkVVRkkiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iLTEiIGluc3RhbGxkYXRlPSItMSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMTQ4NDQwMjc3MCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExNDg0NTU5MDgxIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDcwMjM4MzgiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExODA0MzgzODg3IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJkbyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNWYxOTU2MTItMzg0YS00OGVhLTg0MDgtYjRlZGU5ZGM1NmJiP1AxPTE3MTgxNDUzNTYmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9aThkQUUybFdFcSUyZlpHZlk1SnJiWVZ6dzhYWiUyZmIlMmJIUGVTa1I0QVRGZTJYemY1UkZBS1Z2VEFhdUc1QnlJc1FlMUFuTFNTV2pQUXN0dUQ0N0puZTFlUkElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIwIiB0b3RhbD0iMCIgZG93bmxvYWRfdGltZV9tcz0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExODA0NTM5NzQ4IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy81ZjE5NTYxMi0zODRhLTQ4ZWEtODQwOC1iNGVkZTlkYzU2YmI_UDE9MTcxODE0NTM1NiZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1pOGRBRTJsV0VxJTJmWkdmWTVKcmJZVnp3OFhaJTJmYiUyYkhQZVNrUjRBVEZlMlh6ZjVSRkFLVnZUQWF1RzVCeUlzUWUxQW5MU1NXalBRc3R1RDQ3Sm5lMWVSQSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE4MDQ0NDQ4IiB0b3RhbD0iMTgwNDQ0NDgiIGRvd25sb2FkX3RpbWVfbXM9IjI3NTMzIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTE4MDQ1Mzk3NDgiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMTgxMDc5MDA1MCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExODEyMzUyNjQ0IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iMzI4IiBkb3dubG9hZF90aW1lX21zPSIzMTkzNiIgZG93bmxvYWRlZD0iMTgwNDQ0NDgiIHRvdGFsPSIxODA0NDQ0OCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iMTU2Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\MicrosoftEdge_X64_125.0.2535.85.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\MicrosoftEdge_X64_125.0.2535.85.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\MicrosoftEdge_X64_125.0.2535.85.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.142 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.85 --initial-client-data=0x284,0x288,0x28c,0x260,0x290,0x7ff711124b18,0x7ff711124b24,0x7ff711124b30

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.142 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.85 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff711124b18,0x7ff711124b24,0x7ff711124b30

C:\Program Files (x86)\7-Zip\7zG.exe

"C:\Program Files (x86)\7-Zip\7zG.exe" a -i#7zMap4952:76:7zEvent13186 -ad -saa -- "F:\KRNLWRD"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NUQ3RkJCQUYtMzdBMy00MzY3LUFDREItNzZBMEQyNjJEQkE3fSIgdXNlcmlkPSJ7QkEzRTg0MEMtNUEyRC00REZCLUI0QjktMzkyNzZGNDM4RDIwfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9InszOTg0RDc1My1DRERDLTRGREItOTI1MS0zMERGQUMzRTEzOTJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7RDZqeFBlVW1LZmg4eXR5NkYwN1l4TTFlWkRIL1RWNkZRVDJmZkRpWnl3dz0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4Ny4zOSIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJJc09uSW50ZXJ2YWxDb21tYW5kc0FsbG93ZWQ9LXRhcmdldF9kZXY7UHJvZHVjdHNUb1JlZ2lzdGVyPSU3QjFGQUI4Q0ZFLTk4NjAtNDE1Qy1BNkNBLUFBN0QxMjAyMTk0MCU3RCIgaW5zdGFsbGFnZT0iMjciIGNvaG9ydD0icnJmQDAuNjMiPjx1cGRhdGVjaGVjay8-PHBpbmcgcmQ9IjYzNjQiIHBpbmdfZnJlc2huZXNzPSJ7QUE1QjVBRUQtMDQ1Mi00MEMzLUEyRDItNTE1N0FBNDI3N0UzfSIvPjwvYXBwPjxhcHAgYXBwaWQ9Ins1NkVCMThGOC1CMDA4LTRDQkQtQjZEMi04Qzk3RkU3RTkwNjJ9IiB2ZXJzaW9uPSI5Mi4wLjkwMi42NyIgbmV4dHZlcnNpb249IjEyNS4wLjI1MzUuODUiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iMjciIGlzX3Bpbm5lZF9zeXN0ZW09InRydWUiIGxhc3RfbGF1bmNoX2NvdW50PSIxIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM2MjAxMzQ2NDgwMjExMTAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExODE2MjU5MDg0IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExODE2NDE0ODcxIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExODQzOTE1MjcxIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExODU4Mjg5OTY4IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjIyNDU1MzE3OSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9Ijc4IiBkb3dubG9hZGVkPSIxNzM2NzU1NzYiIHRvdGFsPSIxNzM2NzU1NzYiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIyIiBpbnN0YWxsX3RpbWVfbXM9IjM2NjI2Ii8-PHBpbmcgYWN0aXZlPSIxIiBhZD0iNjM2NCIgcmQ9IjYzNjQiIHBpbmdfZnJlc2huZXNzPSJ7ODFGNjE0QUUtREY1QS00RjQ3LUI3NDUtMURFOEE1QTgwOTY3fSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjUuMC4yNTM1Ljg1IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMCIgaW5zdGFsbGRhdGU9IjYzNjMiIGNvaG9ydD0icnJmQDAuOTYiPjx1cGRhdGVjaGVjay8-PHBpbmcgcmQ9IjYzNjQiIHBpbmdfZnJlc2huZXNzPSJ7M0RGMjEwOTUtRTA0QS00NjA2LThENDUtQ0NCRjhCM0EzMTFGfSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Users\Admin\AppData\Local\Temp\7zO80260323\krnl.exe

"C:\Users\Admin\AppData\Local\Temp\7zO80260323\krnl.exe"

C:\Program Files (x86)\7-Zip\7zG.exe

"C:\Program Files (x86)\7-Zip\7zG.exe" x -o"F:\KRNLWRD\" -ad -an -ai#7zMap32384:30:7zEvent21983

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5276 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8616 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6584 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6788 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8460 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4784 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8356 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6040 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8564 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7160 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8560 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9084 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8868 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7628 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7692 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7636 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5920 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8628 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8036 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6180 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6052 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5112 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8000 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5044 /prefetch:1

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x304 0x410

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=134 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4664 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3520 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8648 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6264 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=138 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8124 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2268 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3456 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=141 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=142 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7932 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=143 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=144 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6264 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=145 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7636 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=146 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5148 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=147 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5532 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=148 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2068 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=149 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7028 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=150 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8372 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=151 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5380 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=152 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3992 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=153 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5112 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=154 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5776 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=155 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9204 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=156 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5824 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=157 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4856 /prefetch:1

C:\Program Files (x86)\7-Zip\7zG.exe

"C:\Program Files (x86)\7-Zip\7zG.exe" a -i#7zMap11505:74:7zEvent12699 -ad -saa -- "F:\Kiwi X"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=158 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8172 /prefetch:1

C:\Program Files (x86)\7-Zip\7zG.exe

"C:\Program Files (x86)\7-Zip\7zG.exe" t -an -ai#7zMap28823:1050:7zEvent9293

C:\Program Files (x86)\7-Zip\7zG.exe

"C:\Program Files (x86)\7-Zip\7zG.exe" t -an -ai#7zMap30201:1050:7zEvent23137

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2192,6281680995521808060,8169745492714776851,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=1948 /prefetch:8

F:\Kiwi X\finj.exe

"F:\Kiwi X\finj.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 13.86.106.20.in-addr.arpa udp
US 8.8.8.8:53 google.com udp
GB 142.250.178.14:80 google.com tcp
GB 142.250.178.14:80 google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:80 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 17.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 ogs.google.com udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.187.238:443 ogs.google.com tcp
GB 172.217.16.238:443 apis.google.com tcp
US 8.8.8.8:53 ssl.gstatic.com udp
GB 172.217.169.3:443 ssl.gstatic.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
GB 142.250.179.238:443 play.google.com udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 226.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
NL 23.62.61.113:443 www.bing.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 113.61.62.23.in-addr.arpa udp
NL 23.62.61.194:443 www.bing.com tcp
US 8.8.8.8:53 194.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 232.168.11.51.in-addr.arpa udp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
NL 23.62.61.194:443 th.bing.com tcp
NL 23.62.61.194:443 th.bing.com tcp
NL 23.62.61.97:443 th.bing.com tcp
NL 23.62.61.97:443 th.bing.com tcp
US 8.8.8.8:53 97.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 login.microsoftonline.com udp
IE 20.190.159.4:443 login.microsoftonline.com tcp
US 8.8.8.8:53 www.roblox.com udp
FR 128.116.122.3:443 www.roblox.com tcp
FR 128.116.122.3:443 www.roblox.com tcp
US 8.8.8.8:53 4.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 3.122.116.128.in-addr.arpa udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
DE 18.173.154.94:443 css.rbxcdn.com tcp
DE 18.173.154.94:443 css.rbxcdn.com tcp
DE 18.173.154.94:443 css.rbxcdn.com tcp
DE 18.173.154.94:443 css.rbxcdn.com tcp
DE 18.173.154.94:443 css.rbxcdn.com tcp
DE 18.173.154.94:443 css.rbxcdn.com tcp
DE 18.173.154.53:443 static.rbxcdn.com tcp
SE 2.21.97.49:443 js.rbxcdn.com tcp
SE 2.21.97.49:443 js.rbxcdn.com tcp
SE 2.21.97.49:443 js.rbxcdn.com tcp
SE 2.21.97.49:443 js.rbxcdn.com tcp
SE 2.21.97.49:443 js.rbxcdn.com tcp
SE 2.21.97.49:443 js.rbxcdn.com tcp
US 8.8.8.8:53 roblox.com udp
FR 128.116.122.4:443 roblox.com tcp
US 8.8.8.8:53 images.rbxcdn.com udp
US 54.230.228.91:443 images.rbxcdn.com tcp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 94.154.173.18.in-addr.arpa udp
US 8.8.8.8:53 53.154.173.18.in-addr.arpa udp
US 8.8.8.8:53 49.97.21.2.in-addr.arpa udp
US 8.8.8.8:53 117.192.66.18.in-addr.arpa udp
US 8.8.8.8:53 4.122.116.128.in-addr.arpa udp
US 8.8.8.8:53 91.228.230.54.in-addr.arpa udp
US 8.8.8.8:53 apis.roblox.com udp
FR 128.116.122.3:443 apis.roblox.com tcp
FR 128.116.122.3:443 apis.roblox.com udp
US 8.8.8.8:53 apis.rbxcdn.com udp
DE 18.173.154.94:443 css.rbxcdn.com tcp
BE 2.17.107.170:443 apis.rbxcdn.com tcp
US 8.8.8.8:53 170.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 services.bingapis.com udp
US 13.107.5.80:443 services.bingapis.com tcp
FR 128.116.122.3:443 apis.roblox.com udp
US 13.107.5.80:443 services.bingapis.com tcp
US 8.8.8.8:53 80.5.107.13.in-addr.arpa udp
US 8.8.8.8:53 22.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 167.154.64.172.in-addr.arpa udp
FR 128.116.122.3:443 apis.roblox.com udp
US 8.8.8.8:53 setup.rbxcdn.com udp
DE 18.66.192.27:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 27.192.66.18.in-addr.arpa udp
US 8.8.8.8:53 client-telemetry.roblox.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
FR 128.116.122.3:443 ecsv2.roblox.com tcp
FR 128.116.122.3:443 ecsv2.roblox.com tcp
FR 128.116.122.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 setup.rbxcdn.com udp
DE 18.66.192.27:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:50221 tcp
N/A 127.0.0.1:50223 tcp
N/A 127.0.0.1:50229 tcp
N/A 127.0.0.1:50232 tcp
N/A 127.0.0.1:50235 tcp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 233.69.68.104.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
DE 18.66.192.27:443 setup.rbxcdn.com tcp
DE 18.66.192.27:443 setup.rbxcdn.com tcp
GB 142.250.179.238:443 play.google.com udp
US 8.8.8.8:53 en.help.roblox.com udp
US 104.16.53.111:443 en.help.roblox.com tcp
US 8.8.8.8:53 static.zdassets.com udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 code.jquery.com udp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
US 104.18.72.113:443 static.zdassets.com tcp
US 151.101.194.137:443 code.jquery.com tcp
US 8.8.8.8:53 111.53.16.104.in-addr.arpa udp
US 8.8.8.8:53 apps.identrust.com udp
NL 23.63.101.152:80 apps.identrust.com tcp
US 151.101.1.229:443 cdn.jsdelivr.net udp
US 8.8.8.8:53 roblox.zendesk.com udp
US 8.8.8.8:53 theme.zdassets.com udp
US 8.8.8.8:53 www.kidsafeseal.com udp
US 104.16.51.111:443 roblox.zendesk.com tcp
US 104.26.14.143:443 www.kidsafeseal.com tcp
US 8.8.8.8:53 229.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 137.194.101.151.in-addr.arpa udp
US 8.8.8.8:53 113.72.18.104.in-addr.arpa udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 226.20.18.104.in-addr.arpa udp
US 8.8.8.8:53 152.101.63.23.in-addr.arpa udp
US 8.8.8.8:53 111.51.16.104.in-addr.arpa udp
US 8.8.8.8:53 104.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 14.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 143.14.26.104.in-addr.arpa udp
US 8.8.8.8:53 c.evidon.com udp
NL 23.62.61.176:443 c.evidon.com tcp
NL 23.62.61.176:443 c.evidon.com tcp
NL 23.62.61.176:443 c.evidon.com tcp
US 8.8.8.8:53 176.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 rewards.bing.com udp
US 204.79.197.237:443 rewards.bing.com tcp
US 8.8.8.8:53 l.evidon.com udp
US 34.225.182.206:443 l.evidon.com tcp
US 34.225.182.206:443 l.evidon.com tcp
US 34.225.182.206:443 l.evidon.com tcp
US 34.225.182.206:443 l.evidon.com tcp
US 8.8.8.8:53 206.182.225.34.in-addr.arpa udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
NL 13.95.26.4:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 4.26.95.13.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 msedge.f.tlu.dl.delivery.mp.microsoft.com udp
NL 2.18.121.24:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 24.121.18.2.in-addr.arpa udp
US 8.8.8.8:53 krnl.dev udp
US 172.67.214.76:443 krnl.dev tcp
US 172.67.214.76:443 krnl.dev tcp
US 8.8.8.8:53 76.214.67.172.in-addr.arpa udp
US 8.8.8.8:53 wearedevs.net udp
US 104.26.7.147:443 wearedevs.net tcp
US 104.26.7.147:443 wearedevs.net tcp
US 8.8.8.8:53 cdn.wearedevs.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 216.58.212.226:443 googleads.g.doubleclick.net tcp
GB 216.58.212.226:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 147.7.26.104.in-addr.arpa udp
US 8.8.8.8:53 2.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 226.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
GB 142.250.187.206:443 analytics.google.com tcp
BE 74.125.71.156:443 stats.g.doubleclick.net tcp
BE 74.125.71.156:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 172.217.16.225:443 tpc.googlesyndication.com tcp
GB 172.217.16.225:443 tpc.googlesyndication.com tcp
GB 172.217.16.225:443 tpc.googlesyndication.com tcp
GB 172.217.16.225:443 tpc.googlesyndication.com tcp
GB 172.217.16.225:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 googleads4.g.doubleclick.net udp
US 8.8.8.8:53 s0.2mdn.net udp
GB 216.58.204.70:443 s0.2mdn.net tcp
GB 216.58.212.194:443 googleads4.g.doubleclick.net tcp
US 8.8.8.8:53 206.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 156.71.125.74.in-addr.arpa udp
US 8.8.8.8:53 225.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 70.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 194.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
GB 142.250.187.238:443 fundingchoicesmessages.google.com tcp
GB 142.250.187.238:443 fundingchoicesmessages.google.com udp
GB 142.250.187.206:443 analytics.google.com udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 csi.gstatic.com udp
US 142.251.2.120:443 csi.gstatic.com tcp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 120.2.251.142.in-addr.arpa udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 cdnwrd2.com udp
US 172.67.166.253:443 cdnwrd2.com tcp
US 172.67.166.253:443 cdnwrd2.com tcp
US 8.8.8.8:53 253.166.67.172.in-addr.arpa udp
US 8.8.8.8:53 adsdk.microsoft.com udp
US 8.8.8.8:53 cdn.adnxs.com udp
US 151.101.1.108:443 cdn.adnxs.com tcp
US 13.107.246.64:443 adsdk.microsoft.com tcp
US 8.8.8.8:53 ams3-ib.adnxs.com udp
NL 185.89.210.90:443 ams3-ib.adnxs.com tcp
US 8.8.8.8:53 108.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 90.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 cdn.discordapp.com udp
US 162.159.135.233:443 cdn.discordapp.com tcp
US 162.159.135.233:443 cdn.discordapp.com tcp
US 8.8.8.8:53 233.135.159.162.in-addr.arpa udp
US 8.8.8.8:53 29.243.111.52.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
NL 23.62.61.89:443 th.bing.com tcp
US 8.8.8.8:53 89.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 fpt.microsoft.com udp
US 52.167.30.171:443 fpt.microsoft.com tcp
US 8.8.8.8:53 fpt2.microsoft.com udp
US 8.8.8.8:53 171.30.167.52.in-addr.arpa udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 13.107.5.80:443 services.bingapis.com tcp
US 8.8.8.8:53 www.winzip.com udp
GB 23.206.11.190:443 www.winzip.com tcp
GB 23.206.11.190:443 www.winzip.com tcp
US 8.8.8.8:53 cdn.optimizely.com udp
BE 92.123.50.203:443 cdn.optimizely.com tcp
US 8.8.8.8:53 installer.corel.com udp
US 3.224.156.44:443 installer.corel.com tcp
US 8.8.8.8:53 cdn.cookielaw.org udp
US 8.8.8.8:53 unpkg.com udp
US 8.8.8.8:53 www.clarity.ms udp
US 13.107.246.64:443 www.clarity.ms tcp
US 104.19.177.52:443 cdn.cookielaw.org tcp
US 104.17.247.203:443 unpkg.com tcp
US 8.8.8.8:53 www.corel.com udp
GB 23.206.11.190:443 www.corel.com tcp
US 8.8.8.8:53 190.11.206.23.in-addr.arpa udp
US 8.8.8.8:53 203.50.123.92.in-addr.arpa udp
US 8.8.8.8:53 44.156.224.3.in-addr.arpa udp
US 104.19.177.52:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 geolocation.onetrust.com udp
US 172.64.155.119:443 geolocation.onetrust.com tcp
US 8.8.8.8:53 x.clarity.ms udp
US 20.114.190.119:443 x.clarity.ms tcp
US 8.8.8.8:53 52.177.19.104.in-addr.arpa udp
US 8.8.8.8:53 119.155.64.172.in-addr.arpa udp
US 8.8.8.8:53 119.190.114.20.in-addr.arpa udp
US 8.8.8.8:53 66.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 203.247.17.104.in-addr.arpa udp
US 8.8.8.8:53 privacyportal.onetrust.com udp
US 8.8.8.8:53 download.winzip.com udp
NL 23.62.61.144:443 download.winzip.com tcp
US 172.64.155.119:443 privacyportal.onetrust.com tcp
NL 23.62.61.144:443 download.winzip.com tcp
US 8.8.8.8:53 www.ssl.com udp
US 3.211.115.174:80 www.ssl.com tcp
US 8.8.8.8:53 crls.ssl.com udp
US 54.230.228.68:80 crls.ssl.com tcp
FR 128.116.122.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 144.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 174.115.211.3.in-addr.arpa udp
US 8.8.8.8:53 148.97.6.52.in-addr.arpa udp
N/A 127.0.0.1:50825 tcp
US 8.8.8.8:53 68.228.230.54.in-addr.arpa udp
US 8.8.8.8:53 6.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 www.installportal.com udp
US 50.112.27.9:443 www.installportal.com tcp
US 8.8.8.8:53 9.27.112.50.in-addr.arpa udp
US 172.64.155.119:443 privacyportal.onetrust.com tcp
GB 142.250.187.196:443 www.google.com udp
GB 216.58.212.226:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 d.impactradius-event.com udp
US 8.8.8.8:53 script.crazyegg.com udp
US 8.8.8.8:53 snap.licdn.com udp
US 204.79.197.237:443 bat.bing.com tcp
US 35.186.249.72:443 d.impactradius-event.com tcp
US 104.19.147.8:443 script.crazyegg.com tcp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 ws.zoominfo.com udp
US 8.8.8.8:53 munchkin.marketo.net udp
US 8.8.8.8:53 scout-cdn.salesloft.com udp
US 8.8.8.8:53 hm.baidu.com udp
US 8.8.8.8:53 a.opmnstr.com udp
SE 23.201.43.51:443 snap.licdn.com tcp
GB 163.70.151.21:443 connect.facebook.net tcp
BE 104.68.89.134:443 munchkin.marketo.net tcp
US 104.16.118.43:443 ws.zoominfo.com tcp
US 104.16.72.105:443 scout-cdn.salesloft.com tcp
GB 143.244.38.136:443 a.opmnstr.com tcp
BE 74.125.71.156:443 stats.g.doubleclick.net udp
US 104.19.147.8:443 script.crazyegg.com tcp
US 8.8.8.8:53 a.omappapi.com udp
US 8.8.8.8:53 api.omappapi.com udp
GB 143.244.38.136:443 a.omappapi.com tcp
US 8.8.8.8:53 280-qdk-215.mktoresp.com udp
US 8.8.8.8:53 px.ads.linkedin.com udp
US 8.8.8.8:53 scout.salesloft.com udp
US 172.66.42.248:443 api.omappapi.com tcp
US 13.107.42.14:443 px.ads.linkedin.com tcp
US 54.164.216.159:443 scout.salesloft.com tcp
CN 14.215.182.140:443 hm.baidu.com tcp
US 192.28.147.68:443 280-qdk-215.mktoresp.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 assets-tracking.crazyegg.com udp
US 8.8.8.8:53 pagestates-tracking.crazyegg.com udp
GB 163.70.151.35:443 www.facebook.com tcp
US 54.230.228.6:443 assets-tracking.crazyegg.com tcp
US 54.230.228.9:443 pagestates-tracking.crazyegg.com tcp
US 192.28.147.68:443 280-qdk-215.mktoresp.com tcp
CN 14.215.182.140:443 hm.baidu.com tcp
US 8.8.8.8:53 tracking.crazyegg.com udp
IE 54.246.242.218:443 tracking.crazyegg.com tcp
US 8.8.8.8:53 72.249.186.35.in-addr.arpa udp
US 8.8.8.8:53 8.147.19.104.in-addr.arpa udp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 43.118.16.104.in-addr.arpa udp
US 8.8.8.8:53 105.72.16.104.in-addr.arpa udp
US 8.8.8.8:53 134.89.68.104.in-addr.arpa udp
US 8.8.8.8:53 136.38.244.143.in-addr.arpa udp
US 8.8.8.8:53 51.43.201.23.in-addr.arpa udp
US 8.8.8.8:53 248.42.66.172.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 35.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 6.228.230.54.in-addr.arpa udp
US 8.8.8.8:53 159.216.164.54.in-addr.arpa udp
US 8.8.8.8:53 9.228.230.54.in-addr.arpa udp
US 8.8.8.8:53 68.147.28.192.in-addr.arpa udp
US 8.8.8.8:53 218.242.246.54.in-addr.arpa udp
US 50.112.27.9:443 www.installportal.com tcp
US 50.112.27.9:443 www.installportal.com tcp
CN 14.215.183.79:443 hm.baidu.com tcp
CN 14.215.183.79:443 hm.baidu.com tcp
US 20.114.190.119:443 x.clarity.ms tcp
US 20.114.190.119:443 x.clarity.ms tcp
CN 111.45.3.198:443 hm.baidu.com tcp
CN 111.45.3.198:443 hm.baidu.com tcp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
CN 111.45.11.83:443 hm.baidu.com tcp
CN 111.45.11.83:443 hm.baidu.com tcp
US 8.8.8.8:53 tse3.mm.bing.net udp
US 8.8.8.8:53 tse2.mm.bing.net udp
US 8.8.8.8:53 tse4.mm.bing.net udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 172.217.169.46:443 www.youtube.com udp
GB 142.250.200.54:443 i.ytimg.com tcp
GB 216.58.212.226:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 46.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 54.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 static.doubleclick.net udp
GB 216.58.213.6:443 static.doubleclick.net tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 rr5---sn-aigl6ned.googlevideo.com udp
GB 142.250.179.234:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 yt3.ggpht.com udp
GB 142.250.187.196:443 www.google.com udp
GB 173.194.183.74:443 rr5---sn-aigl6ned.googlevideo.com tcp
GB 173.194.183.74:443 rr5---sn-aigl6ned.googlevideo.com tcp
GB 142.250.180.1:443 yt3.ggpht.com tcp
GB 142.250.179.234:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 6.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 74.183.194.173.in-addr.arpa udp
US 8.8.8.8:53 1.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 rr4---sn-5hne6nsz.googlevideo.com udp
NL 74.125.100.73:443 rr4---sn-5hne6nsz.googlevideo.com udp
GB 142.250.180.1:443 yt3.ggpht.com udp
GB 142.250.200.54:443 i.ytimg.com udp
GB 173.194.183.74:443 rr5---sn-aigl6ned.googlevideo.com udp
US 8.8.8.8:53 73.100.125.74.in-addr.arpa udp
CN 183.240.98.228:443 hm.baidu.com tcp
CN 183.240.98.228:443 hm.baidu.com tcp
GB 142.250.179.238:443 www.youtube.com udp
US 8.8.8.8:53 x.clarity.ms udp
US 20.114.190.119:443 x.clarity.ms tcp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 b1.org udp
US 83.222.126.244:80 b1.org tcp
US 83.222.126.244:80 b1.org tcp
US 8.8.8.8:53 online.b1.org udp
US 83.222.126.244:80 online.b1.org tcp
US 8.8.8.8:53 244.126.222.83.in-addr.arpa udp
US 83.222.126.244:80 online.b1.org tcp
US 83.222.126.244:80 online.b1.org tcp
US 83.222.126.244:80 online.b1.org tcp
US 83.222.126.244:80 online.b1.org tcp
US 83.222.126.244:80 online.b1.org tcp
US 83.222.126.244:80 online.b1.org tcp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 translate.google.com udp
GB 216.58.201.106:80 ajax.googleapis.com tcp
GB 142.250.187.238:80 translate.google.com tcp
US 83.222.126.244:80 online.b1.org tcp
US 83.222.126.244:80 online.b1.org tcp
US 83.222.126.244:80 online.b1.org tcp
US 83.222.126.244:80 online.b1.org tcp
US 8.8.8.8:53 www.multilinkhost.com udp
US 83.222.126.244:80 online.b1.org tcp
US 83.222.126.244:80 online.b1.org tcp
US 83.222.126.244:80 online.b1.org tcp
GB 142.250.178.10:443 jnn-pa.googleapis.com tcp
US 212.124.125.204:80 www.multilinkhost.com tcp
US 212.124.125.204:80 www.multilinkhost.com tcp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.21:443 connect.facebook.net tcp
US 83.222.126.244:80 online.b1.org tcp
US 83.222.126.244:80 online.b1.org tcp
US 8.8.8.8:53 www.jscount.com udp
US 204.155.149.132:443 www.jscount.com tcp
US 83.222.126.244:80 online.b1.org tcp
US 83.222.126.244:80 online.b1.org tcp
US 83.222.126.244:80 online.b1.org tcp
US 8.8.8.8:53 106.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 10.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 204.125.124.212.in-addr.arpa udp
US 8.8.8.8:53 132.149.155.204.in-addr.arpa udp
US 83.222.126.244:80 online.b1.org tcp
GB 142.250.187.196:443 www.google.com udp
US 83.222.126.244:80 online.b1.org tcp
US 83.222.126.244:80 online.b1.org tcp
US 8.8.8.8:53 translate-pa.googleapis.com udp
US 83.222.126.244:80 online.b1.org tcp
US 83.222.126.244:80 online.b1.org tcp
BE 74.125.71.156:443 stats.g.doubleclick.net udp
GB 142.250.178.10:443 translate-pa.googleapis.com udp
US 83.222.126.244:80 online.b1.org tcp
US 83.222.126.244:80 online.b1.org tcp
ES 157.240.5.35:443 www.facebook.com tcp
US 83.222.126.244:80 online.b1.org tcp
US 8.8.8.8:53 11.97.55.23.in-addr.arpa udp
US 8.8.8.8:53 35.5.240.157.in-addr.arpa udp
US 83.222.126.244:80 online.b1.org tcp
US 83.222.126.244:80 online.b1.org tcp
GB 142.250.178.10:443 translate-pa.googleapis.com udp
US 8.8.8.8:53 x.clarity.ms udp
US 20.114.190.119:443 x.clarity.ms tcp
US 83.222.126.244:80 online.b1.org tcp
GB 172.217.169.46:443 www.youtube.com udp
GB 216.58.212.226:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 20.114.58.89:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 89.58.114.20.in-addr.arpa udp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
NL 2.18.121.16:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 16.121.18.2.in-addr.arpa udp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 x.clarity.ms udp
US 20.114.190.119:443 x.clarity.ms tcp
GB 142.250.187.196:443 www.google.com udp
GB 172.217.169.46:443 www.youtube.com udp
US 8.8.8.8:53 www.7-zip.org udp
DE 49.12.202.237:443 www.7-zip.org tcp
DE 49.12.202.237:443 www.7-zip.org tcp
US 8.8.8.8:53 237.202.12.49.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 objects.githubusercontent.com udp
US 185.199.108.133:443 objects.githubusercontent.com tcp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
US 20.114.190.119:443 x.clarity.ms tcp
US 8.8.8.8:53 x.clarity.ms udp
US 20.114.190.119:443 x.clarity.ms tcp
US 8.8.8.8:53 x.clarity.ms udp
US 20.114.190.119:443 x.clarity.ms tcp
US 8.8.8.8:53 x.clarity.ms udp
US 20.114.190.119:443 x.clarity.ms tcp
US 8.8.8.8:53 x.clarity.ms udp
US 20.114.190.119:443 x.clarity.ms tcp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
IE 20.166.2.191:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 191.2.166.20.in-addr.arpa udp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
NL 2.18.121.16:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 20.114.190.119:443 x.clarity.ms tcp
BE 2.17.107.99:443 www.bing.com tcp
US 8.8.8.8:53 99.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
BE 2.17.107.112:443 r.bing.com tcp
BE 2.17.107.105:443 r.bing.com tcp
BE 2.17.107.105:443 r.bing.com tcp
BE 2.17.107.112:443 r.bing.com tcp
US 8.8.8.8:53 112.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 105.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 www.microsoft.com udp
BE 23.55.97.181:443 www.microsoft.com tcp
BE 23.55.97.181:443 www.microsoft.com tcp
US 8.8.8.8:53 181.97.55.23.in-addr.arpa udp
US 8.8.8.8:53 cdn-dynmedia-1.microsoft.com udp
US 8.8.8.8:53 web.vortex.data.microsoft.com udp
US 8.8.8.8:53 c.s-microsoft.com udp
BE 88.221.83.193:443 cdn-dynmedia-1.microsoft.com tcp
US 8.8.8.8:53 bat.bing.com udp
SE 104.73.93.171:443 c.s-microsoft.com tcp
SE 104.73.93.171:443 c.s-microsoft.com tcp
SE 104.73.93.171:443 c.s-microsoft.com tcp
SE 104.73.93.171:443 c.s-microsoft.com tcp
SE 104.73.93.171:443 c.s-microsoft.com tcp
US 8.8.8.8:53 cdnssl.clicktale.net udp
US 8.8.8.8:53 d.impactradius-event.com udp
US 8.8.8.8:53 fpt.microsoft.com udp
US 8.8.8.8:53 js.monitor.azure.com udp
US 8.8.8.8:53 lpcdn.lpsnmedia.net udp
US 8.8.8.8:53 lptag.liveperson.net udp
US 8.8.8.8:53 mem.gfx.ms udp
US 8.8.8.8:53 publisher.liveperson.net udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 www.clarity.ms udp
GB 178.249.97.23:443 lptag.liveperson.net tcp
US 34.120.154.120:443 lpcdn.lpsnmedia.net tcp
GB 178.249.97.99:443 accdn.lpsnmedia.net tcp
US 52.167.30.171:443 fpt.microsoft.com tcp
US 13.107.246.64:443 www.clarity.ms tcp
US 13.107.246.64:443 www.clarity.ms tcp
US 13.107.246.64:443 www.clarity.ms tcp
US 13.107.246.64:443 www.clarity.ms tcp
US 35.186.249.72:443 d.impactradius-event.com udp
DE 18.173.187.44:443 cdnssl.clicktale.net tcp
US 204.79.197.237:443 bat.bing.com tcp
BE 88.221.83.235:443 cdn-dynmedia-1.microsoft.com tcp
SE 104.73.93.171:443 c.s-microsoft.com tcp
US 151.101.1.192:443 publisher.liveperson.net tcp
US 8.8.8.8:53 store-images.microsoft.com udp
SE 104.73.93.144:443 store-images.microsoft.com tcp
US 8.8.8.8:53 193.83.221.88.in-addr.arpa udp
US 8.8.8.8:53 49.43.201.23.in-addr.arpa udp
US 8.8.8.8:53 171.93.73.104.in-addr.arpa udp
US 8.8.8.8:53 120.154.120.34.in-addr.arpa udp
US 8.8.8.8:53 23.97.249.178.in-addr.arpa udp
US 8.8.8.8:53 99.97.249.178.in-addr.arpa udp
US 8.8.8.8:53 192.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 235.83.221.88.in-addr.arpa udp
US 8.8.8.8:53 44.187.173.18.in-addr.arpa udp
US 8.8.8.8:53 153.97.55.23.in-addr.arpa udp
US 8.8.8.8:53 144.93.73.104.in-addr.arpa udp
US 13.107.246.64:443 www.clarity.ms tcp
US 13.107.246.64:443 www.clarity.ms tcp
US 151.101.1.192:443 publisher.liveperson.net tcp
US 8.8.8.8:53 fpt2.microsoft.com udp
US 8.8.8.8:53 target.microsoft.com udp
IE 66.235.152.156:443 target.microsoft.com tcp
US 8.8.8.8:53 browser.events.data.microsoft.com udp
US 52.168.112.67:443 browser.events.data.microsoft.com tcp
US 8.8.8.8:53 acctcdn.msauth.net udp
US 8.8.8.8:53 logincdn.msftauth.net udp
US 8.8.8.8:53 acctcdn.msftauth.net udp
US 152.199.21.175:443 acctcdn.msftauth.net tcp
US 13.107.246.64:443 acctcdn.msauth.net tcp
US 152.199.21.175:443 acctcdn.msftauth.net tcp
US 8.8.8.8:53 lgincdnmsftuswe2.azureedge.net udp
US 8.8.8.8:53 acctcdnmsftuswe2.azureedge.net udp
US 8.8.8.8:53 lgincdnvzeuno.azureedge.net udp
US 52.168.112.67:443 browser.events.data.microsoft.com tcp
US 8.8.8.8:53 136.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 156.152.235.66.in-addr.arpa udp
US 8.8.8.8:53 67.112.168.52.in-addr.arpa udp
US 8.8.8.8:53 175.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 89.33.18.104.in-addr.arpa udp
US 8.8.8.8:53 consentreceiverfd-prod.azurefd.net udp
US 13.107.246.64:443 consentreceiverfd-prod.azurefd.net tcp
US 8.8.8.8:53 dpm.demdex.net udp
IE 52.16.8.109:443 dpm.demdex.net tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 px.ads.linkedin.com udp
US 8.8.8.8:53 ats.everesttech.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 157.240.214.35:443 www.facebook.com tcp
US 13.107.42.14:443 px.ads.linkedin.com tcp
GB 142.250.200.2:443 googleads.g.doubleclick.net udp
US 18.210.30.200:443 ats.everesttech.net tcp
DE 18.173.187.44:443 cdnssl.clicktale.net tcp
US 8.8.8.8:53 mscom.demdex.net udp
IE 34.241.3.170:443 mscom.demdex.net tcp
US 8.8.8.8:53 msftenterprise.sc.omtrdc.net udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 cm.everesttech.net udp
GB 142.250.187.196:443 www.google.com udp
IE 66.235.152.221:443 msftenterprise.sc.omtrdc.net tcp
IE 52.30.166.91:443 cm.everesttech.net tcp
US 8.8.8.8:53 q-aus1.clicktale.net udp
US 35.175.77.194:443 q-aus1.clicktale.net tcp
US 8.8.8.8:53 c.clicktale.net udp
IE 52.30.98.187:443 c.clicktale.net tcp
IE 52.30.98.187:443 c.clicktale.net tcp
IE 52.30.98.187:443 c.clicktale.net tcp
US 8.8.8.8:53 k-aus1.clicktale.net udp
US 44.215.80.233:443 k-aus1.clicktale.net tcp
US 8.8.8.8:53 x.clarity.ms udp
US 20.114.190.119:443 x.clarity.ms tcp
US 8.8.8.8:53 109.8.16.52.in-addr.arpa udp
US 8.8.8.8:53 2.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 35.214.240.157.in-addr.arpa udp
US 8.8.8.8:53 6.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 200.30.210.18.in-addr.arpa udp
US 8.8.8.8:53 170.3.241.34.in-addr.arpa udp
US 8.8.8.8:53 91.166.30.52.in-addr.arpa udp
US 8.8.8.8:53 221.152.235.66.in-addr.arpa udp
US 8.8.8.8:53 187.98.30.52.in-addr.arpa udp
US 8.8.8.8:53 194.77.175.35.in-addr.arpa udp
US 8.8.8.8:53 2.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 srm.bf.contentsquare.net udp
US 18.215.226.206:443 srm.bf.contentsquare.net tcp
US 8.8.8.8:53 233.80.215.44.in-addr.arpa udp
US 8.8.8.8:53 206.226.215.18.in-addr.arpa udp
IE 52.30.98.187:443 c.clicktale.net tcp
SE 104.73.93.171:443 c.s-microsoft.com tcp
US 44.215.80.233:443 k-aus1.clicktale.net tcp
US 34.120.154.120:443 lpcdn.lpsnmedia.net udp
US 8.8.8.8:53 web.vortex.data.microsoft.com udp
US 8.8.8.8:53 c1.microsoft.com udp
IE 68.219.88.97:443 c1.microsoft.com tcp
US 8.8.8.8:53 97.88.219.68.in-addr.arpa udp
US 8.8.8.8:53 c.bing.com udp
US 8.8.8.8:53 mboxedge37.tt.omtrdc.net udp
IE 18.203.168.186:443 mboxedge37.tt.omtrdc.net tcp
US 8.8.8.8:53 186.168.203.18.in-addr.arpa udp
US 20.114.190.119:443 x.clarity.ms tcp
US 8.8.8.8:53 web.vortex.data.microsoft.com udp
SE 104.73.93.171:443 c.s-microsoft.com tcp
US 8.8.8.8:53 web.vortex.data.microsoft.com udp
US 8.8.8.8:53 musicimage.xboxlive.com udp
BE 23.55.96.10:443 musicimage.xboxlive.com tcp
BE 23.55.96.10:443 musicimage.xboxlive.com tcp
BE 23.55.96.10:443 musicimage.xboxlive.com tcp
BE 23.55.96.10:443 musicimage.xboxlive.com tcp
BE 23.55.96.10:443 musicimage.xboxlive.com tcp
BE 23.55.96.10:443 musicimage.xboxlive.com tcp
US 8.8.8.8:53 10.96.55.23.in-addr.arpa udp
US 8.8.8.8:53 web.vortex.data.microsoft.com udp
US 8.8.8.8:53 xbox.com udp
NL 20.76.201.171:443 xbox.com tcp
US 8.8.8.8:53 www.xbox.com udp
BE 23.55.96.62:80 www.xbox.com tcp
BE 23.55.96.62:443 www.xbox.com tcp
US 8.8.8.8:53 171.201.76.20.in-addr.arpa udp
US 8.8.8.8:53 assets-www.xbox.com udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
BE 23.55.96.62:443 assets-www.xbox.com tcp
BE 23.55.96.62:443 assets-www.xbox.com tcp
BE 23.55.96.62:443 assets-www.xbox.com tcp
BE 23.55.96.62:443 assets-www.xbox.com tcp
BE 23.55.96.62:443 assets-www.xbox.com tcp
BE 23.55.96.62:443 assets-www.xbox.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 62.96.55.23.in-addr.arpa udp
US 20.114.190.119:443 x.clarity.ms tcp
US 8.8.8.8:53 assets.adobedtm.com udp
SE 104.73.92.234:443 assets.adobedtm.com tcp
US 8.8.8.8:53 login.microsoftonline.com udp
NL 40.126.32.134:443 login.microsoftonline.com tcp
NL 40.126.32.134:443 login.microsoftonline.com tcp
US 8.8.8.8:53 14.24.17.104.in-addr.arpa udp
US 8.8.8.8:53 234.92.73.104.in-addr.arpa udp
US 8.8.8.8:53 134.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 emerald.xboxservices.com udp
US 13.107.246.64:443 emerald.xboxservices.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 152.199.21.175:443 lgincdnvzeuno.azureedge.net tcp
SE 104.73.93.171:443 c.s-microsoft.com tcp
US 8.8.8.8:53 web.vortex.data.microsoft.com udp
US 34.120.154.120:443 lpcdn.lpsnmedia.net udp
US 20.114.190.119:443 x.clarity.ms tcp
US 35.186.249.72:443 d.impactradius-event.com udp
US 8.8.8.8:53 web.vortex.data.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 acctcdn.msftauth.net udp
US 8.8.8.8:53 acctcdn.msauth.net udp
US 152.199.21.175:443 acctcdn.msftauth.net tcp
US 8.8.8.8:53 acctcdnmsftuswe2.azureedge.net udp
US 8.8.8.8:53 lgincdnmsftuswe2.azureedge.net udp
US 8.8.8.8:53 web.vortex.data.microsoft.com udp
US 8.8.8.8:53 cdn-dynmedia-1.microsoft.com udp
US 8.8.8.8:53 analytics.tiktok.com udp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 cdnssl.clicktale.net udp
US 8.8.8.8:53 d.impactradius-event.com udp
US 8.8.8.8:53 fpt.microsoft.com udp
US 8.8.8.8:53 js.monitor.azure.com udp
US 8.8.8.8:53 lpcdn.lpsnmedia.net udp
US 8.8.8.8:53 publisher.liveperson.net udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 www.clarity.ms udp
GB 178.249.97.23:443 lptag.liveperson.net tcp
GB 178.249.97.99:443 accdn.lpsnmedia.net tcp
US 151.101.1.192:443 publisher.liveperson.net tcp
SE 104.73.93.171:443 c.s-microsoft.com tcp
US 8.8.8.8:53 25.43.201.23.in-addr.arpa udp
US 8.8.8.8:53 mcraa.fs.liveperson.com udp
US 35.168.46.194:443 mcraa.fs.liveperson.com tcp
US 8.8.8.8:53 194.46.168.35.in-addr.arpa udp
US 8.8.8.8:53 dc.services.visualstudio.com udp
NL 20.50.88.244:443 dc.services.visualstudio.com tcp
US 8.8.8.8:53 244.88.50.20.in-addr.arpa udp
US 8.8.8.8:53 x.clarity.ms udp
US 20.114.190.119:443 x.clarity.ms tcp
US 8.8.8.8:53 x.clarity.ms udp
US 20.114.190.119:443 x.clarity.ms tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 439b5e04ca18c7fb02cf406e6eb24167
SHA1 e0c5bb6216903934726e3570b7d63295b9d28987
SHA256 247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654
SHA512 d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

\??\pipe\LOCAL\crashpad_1892_LODSRYDPKSANLWXH

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 a8e767fd33edd97d306efb6905f93252
SHA1 a6f80ace2b57599f64b0ae3c7381f34e9456f9d3
SHA256 c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb
SHA512 07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\84f701c4-c1bc-45dc-97d6-a6cacd180a14.tmp

MD5 0acf1a5d692d6c8249bbb28574b9572d
SHA1 78fb92758572a22844dafa2e95a044429cdac847
SHA256 63a1f0c1dbd566e67dbf2f0b9be0d7d404773ad28821b7a4c0dd7e8977b321a4
SHA512 b22dc5d0312f81a260b62646438491ef1113eb383cda61d4a425638bb33e4ec772b3e4c68b98f13797e6a3225881c74d2080a986835beb135e1bd09109c3bca9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 b1244b011c2f4c0209d46a3333de5c7f
SHA1 5117a7fed0c5389df87985af360a527f94f1e04f
SHA256 ea2363ff582a15a64a1216f6c7a02c3bfeacdaf642ee12672b9febf0d73a9b08
SHA512 425c92d2fc2c1447eb86831603c56f062f6cbbc59e1b08ec130f496b84d33f8ba5531f34460817aefeb2f066250c05880784adc6ec6249cee84f773d3ccce73e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ff894589ce0e14b1e1d0c5cd377d9d16
SHA1 17608e4ede9cf86426131fc7c1253328657a6ffc
SHA256 c2b3e85c17067e9491113275bebac4dbf35ebf9082ba0cd7b6d914cc5cddf66b
SHA512 af17850b78eef324b2766b117ae5dcb59de98421dc626157ddc5569a9269e7d2f2aec3973623f0a851a3bd0c5849d2a8db6c01342a74ba8a2e75a648ba4c0b1e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 bc588f834c2b343929e7384220968165
SHA1 892d6979fb87aa0745649c06151a94a827afc7e0
SHA256 16b8a45e064a163d6e91f1b574f74389ae91524e100644390918aa539f4f066e
SHA512 d3b8a4023660c74b1854ccc9c51c3d02099384ef22c854c40f26f1a8e7ce52bc9b3388715e34cc98f48eb0554b7d05869eccfaf7742827525f9a72a604861dc0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57a8e2.TMP

MD5 1d087d373978d42a0bcc4dd2cca5c4d1
SHA1 11e08197aa0bbf56a6acfc56a42d84148a1605c3
SHA256 594f613f9eecb08ed55f9eb71a8d24b2f1ea1d47ffbc7d1eebf60a961789c877
SHA512 f7b823049a61f630e48a64a9886194ab173a12bea109e8a05f230dac463a2cd32225c1e221d6886e873afbfceb1d179e6db7387c9e7a8f2f2a0c3c9c406d4968

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a98b68783d81b2792706a9bbf64db0c5
SHA1 8f82548b5700e554d8b7c6332b6c44c733abf27c
SHA256 07d544c136a455bae71cdcc3dc6dadf628ccc6cd921f7b0a8d22b45223bf610c
SHA512 37e00fd5fbe2588ab86d34292567376518ae5429f0e95ad078eee341fd1fb00640a6e159d061eb5e4759520f2c6a2257a40ddb769d55947106b7f80b508d0a6c

C:\Users\Admin\Downloads\Unconfirmed 757090.crdownload

MD5 cfefb36838560b726b44c5eb64bc55f6
SHA1 28b9646a5d6e9aecf4b6cdf6bb97fe30f18900f3
SHA256 eb02f21fab1f3bd916d086a5129c7d9aa39027cab9b61e93866e0bfb0724d85a
SHA512 732173841815647fe8d3fa758669afebcf9e754c93ed1722b4d4119d04f6a5297ca6177ee1c777b3302ff6f72a810a037b2d344c66ba6086af791ed8a50c9519

C:\Users\Admin\AppData\Local\Roblox\logs\cacert.pem

MD5 0194eb945475f93844c0fae769c0fa0b
SHA1 d72876a801c702348ea5b4b4a333c484f2a721fd
SHA256 a6bc06b8255e4afe2eeff34684605d04df9ec246fc201bf5e44137987189a0d3
SHA512 72a00fe6b9111cab22f1f424f815a617be2041a3857a6265b004ca1bfd10f345ca33369cd43009b483f9436ccbcd69c70f7033a85d94527b1f39846b75b43c17

C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe

MD5 529ac613c7ac1ddbaebe9e7d9f82eca4
SHA1 fc8cb991735a98a9663776a61cb9c185a3335f94
SHA256 cd6a5d746b5c36525d781e6d40368f87a3edc3ea157bf63fb55baacc51337f0d
SHA512 e2378819587ed7eb417d0375d49a55ef9292b9e8d22718a52688e3fad59d68a711281f25d1045a9da5442f2d805b9d98aedbf4278c9188208bb2edd917751e04

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f48dabc23bdac23c53164b9b6680b870
SHA1 5854976725208aca25a59b4b25f7c28af83cefa1
SHA256 c88017f0dcaeef51118e7313dbee72e27eff116deaa1f3ac78076ea2af28544c
SHA512 ba23f43817eccbbfabc5c356d1cadb7c9b39f7a5df53414bdef098c494b7c5a36f0cc6a49947461ce3898912ed51b40fb8d84d937e10fda57624bf8d91fd2224

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3ec199a7938fd7c80d72e17445da737c
SHA1 4bb440ba89af3dc4ddc9b3cab867c1b0d1eac343
SHA256 4e02bcdae1f3e3a9ed03d0a23bac11a4ad01a89182360a5529010aca5727d909
SHA512 bb7d3e6585dfb86a12102fcb23e34cd67eaa590928f46c3064a2452dcf4eaa3faf97f9986c9db8cb018c1c09ae15428b4cb0c1fc4b1235c813625e2555361cd0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 579a516e5fb6b9d2e69d8d927c8a03c5
SHA1 03b527308670dd7cd845bddaf311f7a3f264402b
SHA256 83d33aadc47d983c5cbf7f1849a0291a1b878f02b635e2b7b8aed4b71402bea4
SHA512 874c4d435b726cf16acc51bf9c9f2dd12045467eb4544097bddeb5cc9d41e4544e061ca960ddf807591e9496f3cc783c2e1bbae3efb5e7208ebf312f6a826763

C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\442b78765b051e21bcf04e926b87079e

MD5 442b78765b051e21bcf04e926b87079e
SHA1 1a22cf8c593231a6963bf2a624bf105420d4dae9
SHA256 4387634feeb838cbf3156a553ff0914b3cbbc3369a1179a3c6fa57c58b755017
SHA512 da2fb23108d05193776703addfad8887fa8455e5a1de441fa2a53d1da6142559f19d1a64910d88643b73a23e12fa09b6cb04f3df2aa007edfe0a4adb8175feaa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

MD5 76a3f1e9a452564e0f8dce6c0ee111e8
SHA1 11c3d925cbc1a52d53584fd8606f8f713aa59114
SHA256 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c
SHA512 a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

MD5 74e33b4b54f4d1f3da06ab47c5936a13
SHA1 6e5976d593b6ee3dca3c4dbbb90071b76e1cd85c
SHA256 535fc48679c38decd459ad656bdd6914e539754265244d0cc7b1da6bddf3e287
SHA512 79218e8ee50484af968480ff9b211815c97c3f3035414e685aa5d15d9b4152682d87b66202339f212bf3b463a074bf7a4431107b50303f28e2eb4b17843991c2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

MD5 56d57bc655526551f217536f19195495
SHA1 28b430886d1220855a805d78dc5d6414aeee6995
SHA256 f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4
SHA512 7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

MD5 c3c0eb5e044497577bec91b5970f6d30
SHA1 d833f81cf21f68d43ba64a6c28892945adc317a6
SHA256 eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb
SHA512 83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

MD5 aac57f6f587f163486628b8860aa3637
SHA1 b1b51e14672caae2361f0e2c54b72d1107cfce54
SHA256 0cda72f2d9b6f196897f58d5de1fe1b43424ce55701eac625e591a0fd4ce7486
SHA512 0622796aab85764434e30cbe78b4e80e129443744dd13bc376f7a124ed04863c86bb1dcd5222bb1814f6599accbd45c9ee2b983da6c461b68670ae59141a6c1a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

MD5 6c8413dbb2b54b0d8d2c44902da2488b
SHA1 d798aaff61a4dcf553c40705a2029497dda61d1a
SHA256 fe8ffa9f7682f10f96899685ecb9bac43717904b88b54fd49dc0107f77f0096f
SHA512 f5ed56a26aaae0093ed55deba827d02df775c1673cf3270a1ec6d5feef3a3c556523d1ef5535da4488f284b8a9ddf67682309748a769f0b39c96f06409030fdc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

MD5 3c6402ca667d5be25d0cf118502f6f41
SHA1 c57737bb7409d91579569d7cb1f21c8c5925c430
SHA256 065c1d1d5d643ada11492f0b69c18d437cdef4bd9cc604af593cddbbc7dfbae4
SHA512 ac2fcbc9165343b6046b880623ccfc3ef50e43609f5432e41f477d8ab4142ae76eb82bbb27144f89053ec6196f87249085d7a31df25564c75be9a14ac58db464

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c19f872a07d5041f56e3d40ee7762455
SHA1 6c34d55cab6f14945bdaa3e4798bf772de1913fc
SHA256 d7fa14add2ae6b7772150915db7c5fd22d0cfd55700bc50eabce2248b9e62a6e
SHA512 27ed8babce758c8a26d8fec440b3b038139a2781d0920f5bdc3a6e0bb4da79d3bff45c9359030963b60778780af9bbefc1a9102df67f616658684eb4d918cfe3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 cd09d96deec9fea9951b915dce676498
SHA1 fe875aa6ceffed787d99800734bc2ace09255ea4
SHA256 e9e5fd8e1ea97e92f73d72bfb2c6c1b4c6196ea5fc0f7405a39f82258515f5dd
SHA512 daee9c9072080bebc733bd92aeaa2f07ae55a13ebe960428bd88981fd847d267dcabb8fe22238faeb68fb7f9d031c3b82fada60db2a9c4e9e2d2043d9c1285b0

C:\Program Files (x86)\Roblox\Versions\version-d6abc3b106a04c5c\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MD5 610b1b60dc8729bad759c92f82ee2804
SHA1 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552
SHA256 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08
SHA512 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\MicrosoftEdgeUpdate.exe

MD5 4dc57ab56e37cd05e81f0d8aaafc5179
SHA1 494a90728d7680f979b0ad87f09b5b58f16d1cd5
SHA256 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718
SHA512 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\msedgeupdate.dll

MD5 965b3af7886e7bf6584488658c050ca2
SHA1 72daabdde7cd500c483d0eeecb1bd19708f8e4a5
SHA256 d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19
SHA512 1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\msedgeupdateres_en.dll

MD5 4a1e3cf488e998ef4d22ac25ccc520a5
SHA1 dc568a6e3c9465474ef0d761581c733b3371b1cd
SHA256 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011
SHA512 ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\MicrosoftEdgeUpdateCore.exe

MD5 c044dcfa4d518df8fc9d4a161d49cece
SHA1 91bd4e933b22c010454fd6d3e3b042ab6e8b2149
SHA256 9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2
SHA512 f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\msedgeupdateres_am.dll

MD5 f6c1324070b6c4e2a8f8921652bfbdfa
SHA1 988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf
SHA256 986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717
SHA512 63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\msedgeupdateres_el.dll

MD5 ac275b6e825c3bd87d96b52eac36c0f6
SHA1 29e537d81f5d997285b62cd2efea088c3284d18f
SHA256 223d2db0bc2cc82bda04a0a2cd2b7f6cb589e2fa5c0471a2d5eb04d2ffcfcfa0
SHA512 bba581412c4297c4daf245550a2656cdc2923f77158b171e0eacf6e933c174eac84580864813cf6d75d73d1a58e0caf46170aee3cee9d84dc468379252b16679

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\msedgeupdateres_eu.dll

MD5 a7e1f4f482522a647311735699bec186
SHA1 3b4b4b6e6a5e0c1981c62b6b33a0ca78f82b7bbd
SHA256 e5615c838a71b533b26d308509954907bcc0eb4032cdbaa3db621eede5e6bfa4
SHA512 22131600bbac8d9c2dab358e244ec85315a1aaebfc0fb62aaa1493c418c8832c3a6fbf24a6f8cf4704fdc4bc10a66c88839a719116b4a3d85264b7ad93c54d57

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\msedgeupdateres_et.dll

MD5 b78cba3088ecdc571412955742ea560b
SHA1 bc04cf9014cec5b9f240235b5ff0f29dbdb22926
SHA256 f0a4cfd96c85f2d98a3c9ecfadd41c0c139fdb20470c8004f4c112dd3d69e085
SHA512 04c8ab8e62017df63e411a49fb6218c341672f348cb9950b1f0d2b2a48016036f395b4568da70989f038e8e28efea65ddd284dfd490e93b6731d9e3e0e0813cf

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\msedgeupdateres_es-419.dll

MD5 28fefc59008ef0325682a0611f8dba70
SHA1 f528803c731c11d8d92c5660cb4125c26bb75265
SHA256 55a69ce2d6fc4109d16172ba6d9edb59dbadbc8af6746cc71dc4045aa549022d
SHA512 2ec71244303beac7d5ce0905001fe5b0fb996ad1d1c35e63eecd4d9b87751f0633a281554b3f0aa02ee44b8ceaad85a671ef6c34589055797912324e48cc23ed

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\msedgeupdateres_es.dll

MD5 9db7f66f9dc417ebba021bc45af5d34b
SHA1 6815318b05019f521d65f6046cf340ad88e40971
SHA256 e652159a75cbab76217ecbb4340020f277175838b316b32cf71e18d83da4a819
SHA512 943d8fc0d308c5ccd5ab068fc10e799b92465a22841ce700c636e7ae1c12995d99c0a93ab85c1ae27fefce869eabadbeafee0f2f5f010ad3b35fa4f748b54952

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\msedgeupdateres_en-GB.dll

MD5 d749e093f263244d276b6ffcf4ef4b42
SHA1 69f024c769632cdbb019943552bac5281d4cbe05
SHA256 fd90699e7f29b6028a2e8e6f3ae82d26cdc6942bd39c4f07b221d87c5dbbfe1e
SHA512 48d51b006ce0cd903154fa03d17e76591db739c4bfb64243725d21d4aa17db57a852077be00b9a51815d09664d18f9e6ad61d9bc41b3d013ed24aaec8f477ad9

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\msedgeupdateres_da.dll

MD5 d34380d302b16eab40d5b63cfb4ed0fe
SHA1 1d3047119e353a55dc215666f2b7b69f0ede775b
SHA256 fd98159338d1f3b03814af31440d37d15ab183c1a230e6261fbb90e402f85d5f
SHA512 45ce58f4343755e392037a9c6fc301ad9392e280a72b9d4b6d328866fe26877b2988c39e05c4e7f1d5b046c0864714b897d35285e222fd668f0d71b7b10e6538

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\msedgeupdateres_de.dll

MD5 aab01f0d7bdc51b190f27ce58701c1da
SHA1 1a21aabab0875651efd974100a81cda52c462997
SHA256 061a7cdaff9867ddb0bd3de2c0760d6919d8d2ca7c7f889ec2d32265d7e7a75c
SHA512 5edbda45205b61ac48ea6e874411bb1031989001539650de6e424528f72ec8071bd709c037c956450bb0558ee37d026c26fdb966efceb990ed1219f135b09e6e

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\msedgeupdateres_cs.dll

MD5 16c84ad1222284f40968a851f541d6bb
SHA1 bc26d50e15ccaed6a5fbe801943117269b3b8e6b
SHA256 e0f0026ddcbeafc6c991da6ba7c52927d050f928dba4a7153552efcea893a35b
SHA512 d3018619469ed25d84713bd6b6515c9a27528810765ed41741ac92caf0a3f72345c465a5bda825041df69e1264aada322b62e10c7ed20b3d1bcde82c7e146b7e

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\msedgeupdateres_cy.dll

MD5 34d991980016595b803d212dc356d765
SHA1 e3a35df6488c3463c2a7adf89029e1dd8308f816
SHA256 252b6f9bf5a9cb59ad1c072e289cc9695c0040b363d4bfbcc9618a12df77d18e
SHA512 8a6cbcf812af37e3ead789fbec6cba9c4e1829dbeea6200f0abbdae15efd1eda38c3a2576e819d95ed2df0aafd2370480daa24a3fe6aeb8081a936d5e1f8d8ed

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\msedgeupdateres_ca-Es-VALENCIA.dll

MD5 2929e8d496d95739f207b9f59b13f925
SHA1 7c1c574194d9e31ca91e2a21a5c671e5e95c734c
SHA256 2726c48a468f8f6debc2d9a6a0706b640b2852c885e603e6b2dec638756160df
SHA512 ea459305d3c3fa7a546194f649722b76072f31e75d59da149c57ff05f4af8f38a809066054df809303937bbca917e67441da2f0e1ea37b50007c25ae99429957

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\msedgeupdateres_bs.dll

MD5 e338dccaa43962697db9f67e0265a3fc
SHA1 4c6c327efc12d21c4299df7b97bf2c45840e0d83
SHA256 99b1b7e25fbc2c64489c0607cef0ae5ff720ab529e11093ed9860d953adeba04
SHA512 e0c15b166892433ef31ddf6b086680c55e1a515bed89d51edbdf526fcac71fb4e8cb2fadc739ac75ae5c2d9819fc985ca873b0e9e2a2925f82e0a456210898f9

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\msedgeupdateres_ca.dll

MD5 39551d8d284c108a17dc5f74a7084bb5
SHA1 6e43fc5cec4b4b0d44f3b45253c5e0b032e8e884
SHA256 8dbd55ed532073874f4fe006ef456e31642317145bd18ddc30f681ce9e0c8e07
SHA512 6fa5013a9ce62deca9fa90a98849401b6e164bbad8bef00a8a8b228427520dd584e28cba19c71e2c658692390fe29be28f0398cb6c0f9324c56290bb245d06d2

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\msedgeupdateres_bn-IN.dll

MD5 a94cf5e8b1708a43393263a33e739edd
SHA1 1068868bdc271a52aaae6f749028ed3170b09cce
SHA256 5b01fe11016610d5606f815281c970c86025732fc597b99c031a018626cd9f3c
SHA512 920f7fed1b720afdb569aec2961bd827a6fc54b4598c0704f65da781d142b1707e5106a459f0c289e0f476b054d93c0b733806af036b68f46377dde0541af2e7

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\msedgeupdateres_bn.dll

MD5 7dc58c4e27eaf84ae9984cff2cc16235
SHA1 3f53499ddc487658932a8c2bcf562ba32afd3bda
SHA256 e32f77ed3067d7735d10f80e5a0aa0c50c993b59b82dc834f2583c314e28fa98
SHA512 bdec1300cf83ea06dfd351fe1252b850fecea08f9ef9cb1207fce40ce30742348db953107ade6cdb0612af2e774345faf03a8a6476f2f26735eb89153b4256dc

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\msedgeupdateres_bg.dll

MD5 8375b1b756b2a74a12def575351e6bbd
SHA1 802ec096425dc1cab723d4cf2fd1a868315d3727
SHA256 a12df15afac4eb2695626d7a8a2888bdf54c8db671043b0677180f746d8ad105
SHA512 aec4bb94fde884db79a629abcff27fd8afb7f229d055514f51fa570fb47a85f8dfc9a54a8f69607d2bcaf82fae1ec7ffab0b246795a77a589be11fad51b24d19

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\msedgeupdateres_az.dll

MD5 7937c407ebe21170daf0975779f1aa49
SHA1 4c2a40e76209abd2492dfaaf65ef24de72291346
SHA256 5ab96e4e6e065dbce3b643c6be2c668f5570984ead1a8b3578bbd2056fbad4e9
SHA512 8670746941660e6573732077f5ed1b630f94a825cf4ac9dbe5018772eaac1c48216334757a2aeaa561034b4d907162a370b8f0bae83b34a09457fafe165fb5d7

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\msedgeupdateres_ar.dll

MD5 570efe7aa117a1f98c7a682f8112cb6d
SHA1 536e7c49e24e9aa068a021a8f258e3e4e69fa64f
SHA256 e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01
SHA512 5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\msedgeupdateres_as.dll

MD5 a8d3210e34bf6f63a35590245c16bc1b
SHA1 f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693
SHA256 3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766
SHA512 6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\msedgeupdateres_af.dll

MD5 567aec2d42d02675eb515bbd852be7db
SHA1 66079ae8ac619ff34e3ddb5fb0823b1790ba7b37
SHA256 a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c
SHA512 3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\EdgeUpdate.dat

MD5 369bbc37cff290adb8963dc5e518b9b8
SHA1 de0ef569f7ef55032e4b18d3a03542cc2bbac191
SHA256 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3
SHA512 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\NOTICE.TXT

MD5 6dd5bf0743f2366a0bdd37e302783bcd
SHA1 e5ff6e044c40c02b1fc78304804fe1f993fed2e6
SHA256 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5
SHA512 f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\MicrosoftEdgeComRegisterShellARM64.exe

MD5 7a160c6016922713345454265807f08d
SHA1 e36ee184edd449252eb2dfd3016d5b0d2edad3c6
SHA256 35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9
SHA512 c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e

C:\Program Files (x86)\Microsoft\Temp\EU10C4.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe

MD5 60dba9b06b56e58f5aea1a4149c743d2
SHA1 a7e456acf64dd99ca30259cf45b88cf2515a69b3
SHA256 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112
SHA512 e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 0e507179848ef050d993f4901d81025b
SHA1 5a557a3b231d1f7aacde49d27f1334d77841fc43
SHA256 80f2608fe7de429d050eb90c4d6cb8eb7378ab89fd286eb78a9ba341d1923834
SHA512 cd895c9d439e2eaa9a74bd30013e25d5e9aeb2fdd934e4281abc54035f231a858bb53969530cf796f09c4bce3e2510c942b81d58465b102c7365d5f2dd504fe3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

MD5 3fa89d4aa948613d781180d3ca3c2995
SHA1 afe6bd25b6ab429d82dee7c530f84a8da3652e43
SHA256 3bb85fc18f1fff3390188e5d263c4fc5a380c454a74063585534e5406dc14d4c
SHA512 db71aee61aed68d69fa453fd926943515733f10c797037ac5a94ae37e1bbfb3a768bd16e7125533110d2e8361073059c094eee961c2872ae2e8cb92ae40b06f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

MD5 36fc06c98d7e9cb7a5e9b6138c71f3e6
SHA1 636b7840bbbeafafafd57df3ebbb75edc1e1fb30
SHA256 2463c144d64e7a02d65de59eed1acd4a4677d5083413de10c34d21d6f3c225ed
SHA512 ba3d1671b60fcd2d46786cdf7014c47f5c7e21bd4bc8db640633b41f17b731b8f70c6c7b12df01e5b47438059ca597dd2ac7e17c5c22725b5286fe732b3c937d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8c2887177b7f62b31b7ce31ae3a72daa
SHA1 517506e50718d196e00241167d0ac08bfb8ab78f
SHA256 a4878a4bdb4b5cc51efbf9fd191c6399de754c9ad97af7a9bb23612acaddc268
SHA512 345e0e5ca0f2f431341d40859a6b4fc1bbf133844b8bacebd115420d0ec69984b57994d0a8ed83dacd3937cf3fcc09851547675886cfeb4ae22fcfd8ed2ece98

memory/5264-1164-0x0000000000300000-0x0000000000335000-memory.dmp

memory/5264-1165-0x0000000073A90000-0x0000000073CA0000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3bc296e64cf92a4b50245c059516571f
SHA1 00d4bf0b71680efcbed7c1d8f3081feffde0d15e
SHA256 8eb22c1f05191df8a2cefdfc9ff3b15a9794d206e0ca16d149bc83e8c8febde9
SHA512 4b5b89832d51d94205a3140f3bcdd959618451aa0b3bc674d90dd56a948eada9334a6b978612a73ad7fb3384fb5805acfdc7e018ee74f04b26bb37df8a2db105

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030

MD5 3cd0f2f60ab620c7be0c2c3dbf2cda97
SHA1 47fad82bfa9a32d578c0c84aed2840c55bd27bfb
SHA256 29a3b99e23b07099e1d2a3c0b4cff458a2eba2519f4654c26cf22d03f149e36b
SHA512 ef6e3bbd7e03be8e514936bcb0b5a59b4cf4e677ad24d6d2dfca8c1ec95f134ae37f2042d8bf9a0e343b68bff98a0fd748503f35d5e9d42cdaa1dc283dec89fb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

MD5 bc9faa8bb6aae687766b2db2e055a494
SHA1 34b2395d1b6908afcd60f92cdd8e7153939191e4
SHA256 4a725d21a3c98f0b9c5763b0a0796818d341579817af762448e1be522bc574ed
SHA512 621386935230595c3a00b9c53ea25daa78c2823d32085e22363dc438150f1cb6b3d50be5c58665886fac2286ae63bf1f62c8803cb38a0cac201c82ee2db975c4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 258c7a9556f8b0a20fa203657fb4f79e
SHA1 b2e7364474d7c581cbb2b677f95f3a917114e6bc
SHA256 681d175338112ef788267eb71bfb104aed645ebeb6b4246d7e1d1d3cdd7553c8
SHA512 50993ab0a15946e7fe70b4de149a209809a50179172614b349a22dd68a490173293e25045625f12920085cebe724303c64f11692ddecdd467c38a5d9e3a97226

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000061

MD5 856a3daa268de8801e7cfd5b727b6de2
SHA1 8e099b433518980e657c7541c49b498e6b83430d
SHA256 b870ae3c5216311e1dd7b8662e01d1fa3326edc85a98a58247cd37b8cfca0be5
SHA512 2f191ea906a3551576ab14e607fdde9930fcb15f15ffb40a8c5999ba07224bbb8ea69918db11d1cd719a3d57510edd466ad2b9199c6a45a48463b0020a2e6eba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7c755eb0017b4a6f669ecf8560a2bce1
SHA1 ba36302d40d181126db05ed67663368739ed3796
SHA256 b811ca61b26ad43df4f256e179d4f9217b3ba6fd615dd6afef6ab0ebe7039dd1
SHA512 6a220a6a40d519cdd1e7cb4e0ebb0e92214ac784c213fa31b5c1b09d5a2dbbc05e1ae737ec9030cb17f7fe8bb1fc980d1265ebbf6120265ce3dfa8bd4bef2250

C:\Program Files\MsEdgeCrashpad\settings.dat

MD5 87dc5b8493d399924bf0e29b963cb231
SHA1 dccaf8d68e104cac80851dcf100a4255d942ed6f
SHA256 1f3b4fcfe673bbf378839db69fcf3df986baad29059fd35db745e05ab0546f58
SHA512 0cddd47d1ba874cf351b2b03cbdc93c0694747d8ccd11891afe52384fed86d351defb1ec5faa2c39fb5c59e0f25074b645c83d1ae05ee3c2a050600f32b95e61

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3ef1b02e6e5222069d7568d2a1644b0e
SHA1 58ce566a7e4b0febc30586be2730c350adabf615
SHA256 1fe69ec0463f6898ef90ee690035467f0ea3f85dd568d930b23e3a03f4812fe8
SHA512 a92615a415898165449d1c8609fa8624b371bf475c8b55b40cc154855c31f2e7444b9f9bb35a778d8c4de1afb8e9fa7db75e59d9825e58437c3a67cbabdac49f

C:\Users\Admin\Downloads\KRNLWRD.rar

MD5 0543fb19e06332230138146e743561d1
SHA1 eda5c083624948c1388ba73c33447c97ddea7f41
SHA256 a5236b3142e898d26bf6f106029a3dafc72960eb4949b1ebb59cac601364fd61
SHA512 e7d934d87b730b484c578f3db648224cc192f292a1f9434a655719015da440b4d15458348a85c2f88d0b6808ae032a3f082f12d1b53fb0a7405425d95f7a358e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f56b22ad5ffd12ec5347a9512ea5d9fa
SHA1 a5e80ed0ca0ddc3b80568b5df5ab3f83a6af9cd4
SHA256 3f29ddbd2594608a66ff22567dee95cb91718d8cb1f5aa71e34a398f45e6c41e
SHA512 9b4ab80cc6f53b1c1071ac45f30c8d6ceb7c9e0cc7f4f8c8fb851b027a2a8a3524da624bf116e40ec035421d600005f7db9402b271653f17fe46e3d6ccc4eece

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000050

MD5 ddbb733644c5600280e780703e36b328
SHA1 9db1b6f1330ffd8cfb62f28803ea2c848b7ef3ce
SHA256 d08b69ed0cd194797ae28e48ef36cf9bb1c61d868968d567490e98a657242567
SHA512 3868969c932e3fdefed609362ce85bb65a29aa1d7459c00937cd3fe5cb62517a9f364137731016c6028ed0b7a51af489ef43cf72fbc2a88fd831fa0d7b50725e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000057

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000059

MD5 9a8ceef2725801e17be5c55b0a7b6887
SHA1 567f8cc2c9704f0f9186e50bb7ed9582bc3ac924
SHA256 c34f0544214631ecebb3d75ea3e9876f8096703b293266fdcb6426952fc98027
SHA512 57c534210f5905ae7d74e3adb6c39ad3d387797786b9a9b8def51508f83b83e97dbca9a48dd0bf38dadb6ea81dc5769d704c8ad58471baf727866eb06c2c4dcd

C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.85\Installer\setup.exe

MD5 776d096934ab49e06d98f228f2f09578
SHA1 85843747c6b28fbfa094ffd37306260a0b80665c
SHA256 4454ee06716329235c9395b1bc3c5498565074bd43fffd70123935ed68096796
SHA512 cada5800ea29613e4cebc370a77b0fa589656ed27cf52eb3f6ae0321d951a98afaa192ae1e06c3a4662726b64a9f84903cc3ec633f7170d1bf25cc66c8ad4354

memory/5264-1682-0x0000000073A90000-0x0000000073CA0000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 0a9b69ad31c3a3cbdd0aef61e48c2fff
SHA1 2ddb712a7c57a29fdd2ab130023d8f958e499109
SHA256 aff8f670d90ed53457a0a95d238cd914005afae6be3f4dbf54725ef4394696f7
SHA512 b9e04d304d4ebb90c9206072c64b949ddb5861742767a254a9801f1a72182055b9a88c333d778f622457c6758fb4807b1c74496e01d615374844af19b7de6072

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58bb4c.TMP

MD5 551b4ba2bfee1319ff5a46f718f5c0f6
SHA1 278d8f157ebddacdc9902f4d4afc0fca3ef37b90
SHA256 714a2e4a01e23d633c51c4d8d3b01e384ec1324c295a18bcac51df0e45c2c834
SHA512 ddaa7c024a015cc25acd73c1380de435d564d916131b19b4d04ca9c6aeed76ccc8392e087ba5de37b6ac18aa28c8f8d883c4dfdfafe5f2ab18408df2795ded19

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000053

MD5 2425ba9fbbfb0c5923924f4f66946612
SHA1 6090a22b84bc69bad4ab8a76f4612821ad62f892
SHA256 61da8737bb86e2641e510de763cdde3d458b067973c082997506491996e50a9f
SHA512 5ba02514f4809bd85aade38bf708e09fba3d0913dcc62dd9db5923d1d1a9b4fa6db33a106321dc32efe96b051008af9321f843b8ddde8a1caa2baf7093463266

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000054

MD5 ff831155c6ffb95d32c2b3205b299ea6
SHA1 2a279114129fc1db120705498dcf586b72ff6292
SHA256 a03f4a897eed00683b2c1e9544786dba04c178c2b408e457f76d41a28edcdf9b
SHA512 191abeda4c546d37a3693fe710eb7931e8ed3767ec45af9766c048511965261da5b98e42ca540627c05f04c0e37cb7357c14bfcab63d90419009e0e230448619

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000055

MD5 9d8eacb057346ecf7b66e671dd627a25
SHA1 3a2d7e8632d9a4a6942d23e750b2e14e40f81a91
SHA256 3ce68766b16b940515fd2e7d94a9a234b62bec69732c342e590b4ba599f1d0c0
SHA512 1d2531347b083868f357e5a8f1accc2308a6cef33f79983abae971b876f9c2a3f21930ad433c36d45c4aab68a1f4d66ba670ce50042d2e17f344a3ffa755d850

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 84a25ad67067c4fda04053941df337f0
SHA1 004f939bc21539b85bbeb1b3f9c6473f0f01f6f0
SHA256 a07fa24faf13b93cfee76f28d0351920c1ca403ef793f64a43224159005a1f0a
SHA512 c9f701ed898fbe0111d825b1041f2441dffb576d3a20415b05a6cbfcb7112a2563dedce371660f796f7c08dbb9750ed0e0eb6121dd773525357e4b364e116150

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000056

MD5 5b1288c80ffccf46e0d7eb9be242af61
SHA1 ec7687b94fa4beb9ee66e64fe903b3a4d914e98e
SHA256 0515085e63229a1d15615aadd751035a8de21768aaf91c6ffe414391dce8ba79
SHA512 ec8638ac4a60e5e6d50ee81791e97e05cb256f742b0464c722c1836bfc61b677c2dcf03d289806f11ae147711dbdd7ee50afd2200420a062cae0660b3a379cc0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e3142260feaeb8294e58f3e465515263
SHA1 05d4814660ef692a54552a951f27ba2a4f3ed9e5
SHA256 09bd28096c8637b0d8574d9e6dd84af31041aaca1648386499c26e1e203a5aae
SHA512 445e7de8d54cb338bc065131d1448dce127b6a336af8e2e3b124e3d3b2dc544b9ece6dae0a3e967b96d893d93659bdb7dee6533fb5df20c04701692e1969d991

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\95eff27a4b0ee1ed_0

MD5 be4aed6db48b63468a94bfd16bdad05e
SHA1 6a0f3e5c3c2e59a889fc9d53b566f4a675a4c611
SHA256 8d0366d7673d66a369c9e49e2fef6319b252f5591f47371bbcac354b3cbd871b
SHA512 2b36cecde885f335ab8ebee606e8437138525e23b5b82bf82b365c6a7b1f745fabdb9783e6e1264a8ec60a82234dfbd8dd23dd3b0df7189635165df1a5dd4871

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\71848a3da7ea1aa8_0

MD5 0fdcb1c634f18cb4809c9140283f3f1a
SHA1 83981097a66357ba6fbba6d24e9ca7f767a8edd0
SHA256 44daa7eff7dfe008207acfe7a3f9273fe5d5a4e2e3cfa432aaa5a93c18bbf026
SHA512 62e6138d5a324e9eeca6631dcb6b19c9a70d730f92be7e364c90673b44d603e7e5fadb080326fbd4158dbb10d8cd3c43de8ecc29237e68b5232f927244924574

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005a

MD5 69ef77257c7fa3a494a232f90b05d55c
SHA1 19dc83dc05f718e9693de231d48bf0307d8d29a2
SHA256 d1ec04bcd468208a30012d660d1e857bd9d4d937957d45bb10cc7483de435421
SHA512 1b95ee10d622e1468e04691dc47fcb59da6349ba8cdc0814ac8d27a0ebcb9c09692ef1b86533ebd59f2bca87f3340cbe032a011223afe4e7db018af47bab38ea

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\91deed9c78f7916b_0

MD5 ec57e96608a81aad0f3625ef2ec5cc1f
SHA1 a755d080a586a45d542696ffd431cfceeadec429
SHA256 d16e88522e32f40383e33325d879f164556a902301bbfac1ffae3f0ebc418951
SHA512 cde5fbd79e4db5f843eab921d02df39bbdfb78c41f0fb87be83c35b25bc5992843f3dae722a1d33c796937ecd534933d11d35a5a37584049871030a9b7fcf828

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\df53bad28ea1e322_0

MD5 7bc7883b06a73ec86c3bae1ca3449769
SHA1 0fde92b7002b2dfb6afeb62857cad5b697100a92
SHA256 12a87a0738607f08d251e55778034d1b5ba66cbfd659aa416db449e96c66befc
SHA512 3f4e56a052319091fe576ae8db508a8b7bc5e7ad2590f07088aabe84ed1f9d65d0110f0aa1e32662e4fd9971218e5ef684cd891a7aae52aa2dea649294ff13e0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\10638d1ef1fbbe7e_0

MD5 6d464d44cf186aa1de705355b48edde8
SHA1 7e9ec54c09a276f26baba68ec33b56583802ea70
SHA256 a6122fb3c50f696f9b310af983f87020f3c0b308b948adf5e67044374fe59c92
SHA512 9c27aa16dbae43b15d4f8753ce0f682f272a237a12d4921a6ac7c1035804b042c0d964fa299a68fd2dd3ef02e045e0a5c91ec4e198093490a4da51c7bb3f9952

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e526088955d6998e_0

MD5 93990619919b7aafba4648f3cea7a99b
SHA1 c2a912d396d5e46ae9e4da6e71f939965c91e375
SHA256 ae40d25f3989ae7738e7e98d8119fc845efe1e87b80304abbdf3cb0518c7c079
SHA512 8279b3c7b5015ace71087568d8ec31096d028f1e4ca704f17f24791bd213f3aaa6b3a8ee544bdd8bbba274138feac3b12595ae45147deaea936ff0a537d10d93

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\946d6602fdf77fe5_0

MD5 4b29fdf30bc0c578ad24c8228c67928f
SHA1 0f738f14690980c8539b9beea1a1b8c87dfb9ab0
SHA256 975aa7c7e74fa6585f59fa68627f39f90234702af6c3e42742fa06049ec9cb5d
SHA512 6d842494cf27942e36c498e29dacef9cfba0bae80ec59971926100771850f1f269de1498638fcd946a8f1e468b7a5b3411d09bf8bb2c56fcb1d377184f466d31

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4f869987056d433eddef074ac44da333
SHA1 69f5a3ab8f8e62fd40cf2fe70f17edeee6711fe6
SHA256 118cdcc96fbaea8eedc4e7d7e3f6fae324f041a3f65ca2594c1c636b60458dee
SHA512 d48691371f7f30d780d68ebfc9e633042f0fcab432fa9c4558b39f24254f6df8f2cb8b53424c9201d3dd7756643b68a06398f2eba0a96a5d616172fd41440122

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d7467279ba5c514d7a219a25a3465325
SHA1 b1e094114fa962d9d8a8796d693316680a1d2971
SHA256 c300ffc121348d4de6823e8dc74e919d1e6c5470398c84fe513e73dec99dd7ac
SHA512 3ebb023fff22d3c017bd4ea48a8321fb25ff8db8fb16f867fd814a91ddad70ca548b40819cdaeac3a2471177b2e702fb1482c209b6a8683658d68a81c36116e9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9b428f9c5babffe4f33c7a81d3ceee5f
SHA1 d8655ac85e632e962416e9787fbc961333850f4d
SHA256 265af984d7c7e6e6cfc5dd770b2bd70560cf80429490db91c311fbd1ecb0a680
SHA512 1e518fe354e38f872910adf65f96192eda2d23b61d0a9e5fdabd880f4a3bde7a54173c341bbfaa529fb36e2bbe056ddcac5f243d38c5c7e81d758cbb055c0865

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0580a8e1646d7bcd_0

MD5 9b157df1bb1ecc46b3e5c54ea199e805
SHA1 6dcad1a684d3cfc48a431735eece2a414dc1f69b
SHA256 4970e530ce8550f14191affd24c357bde4a4053d8c1aaa45ce0d6f1f38461aae
SHA512 bfe2578ce87b431b3b1a708167815a7003ae53cbc033864a90429156f9df81f5a6491f235f96716a97ed2e71222b168cdf25c50e18365ff315ebd05597697e70

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\695c42f61090a800_0

MD5 01d0844092fcfbde7075de52cf51731f
SHA1 bd27315123e0dc88befaa374a6424d7a50abd5d6
SHA256 667464b5d9dc446ea96303efc01a36758822d0cb3d3792a9d12ec0aeddc4eb58
SHA512 1f9253b920aafe1097c1f3fea2ce0ce737ccdf2971d0946bc9d14ae6a73fbe14e10b2f5210bd4c4c809a1ef4a785603419d0b31e6200c6c23dbdc91bd529fdf2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bfd9b5c29c5c8524_0

MD5 3e4d62c6ee442569282797933fa313d9
SHA1 5921b93127e51f2b3f0a37a4374709a7167a37cf
SHA256 b6b5aee9ea7e2907a6bb71ca87491b1553f4414998b2c2a6d6a94078fc451bc2
SHA512 456fb847fffdbc5079b2caa4163fc02b6341cb718e3bc3bb4ffa836fc81ed4180baeafefefaaa9f9f9041f2a43d28a7da64d3dcf4e1f4a8cf2b76ae20c780322

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\74b88724f60b0383_0

MD5 f4a55213a4b62a94338bab2b06f2243b
SHA1 8a1507b6e83e7ffcccb7a13284bfcc6298047eda
SHA256 df8acca070477e874391ad8f01e874561544f393e8d2e68d192626f3d3980866
SHA512 754cb3933827b5eda89b6e47ca0657810e9e22aa2a3dfa0270f9151e447580fe8bc0f7dbfb4dbf2dcc5c50de2190ca97523c47a5363f8b190a1d13e5c20a0a01

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\25c90b4fb1c6ef85_0

MD5 833f28fa87d961e75f8f334a19101b16
SHA1 1872a45e4203db9b55a6c0fdabaf15dafd3f01ba
SHA256 b908f2b42efefb8a3c8024187cf977e2f28d7736f66cc1adcc61353845199ab8
SHA512 b2f622077bd9a893f7f89b4f8933751e75c9c63b78f9c9e8b90330e08577dec6bbab0e208e61874bd1ea72f66c0f4e9d01519b62c185b4b39aa440ab20288c6a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e55f0a6d1b533c66_0

MD5 ed533a4821fa212ba413761f51c4f5e5
SHA1 10f77fdbbeafb27203803d5386137c7d13f1e40a
SHA256 dc7ac8f5d25338a5e107b833ef0aa6d3d1825f8cbd214abdab836d649fa6e744
SHA512 3ff51d79b1ffbd062587638f56a9a72619e34b6a7dd2a86f29821e1b803e3514bb425f93f10c61de0dfa27546eb64d1e13bd5eb834aa573f01ae90a736a41e2b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2e4bbad99a372cc_0

MD5 dacd291391900a1e8d2a759230d7e425
SHA1 8752e21972d5cff673ea70873369d04df9c0f300
SHA256 3a6b40fec6f94ed2417b9d89aa655f20fd6c594899933d987e93048d5d04cc42
SHA512 ecf69f1e58b1aa88661f52beb8a10467a9ba69e2f5cdca1919dee4181e58a4ed83906400949f98de799b4df7dc29085c9a593701d22d39c32f9404ec3936221f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a267b7c21d8b8c9c_0

MD5 7ce4b6206536d641fbdcf7319ccfc507
SHA1 23b241a283810f5829031dd62a63016e03455ec2
SHA256 bef2342f73b60b8235253d9d5cde6fa3e7850a5a3ca153a7283dcda620667dd7
SHA512 59f90200e818fa15dcb38ac0375e445ddf7b1e896ca2ae49534945c247ae4151803075ac21e6e47e832a25179744b9956bfed729dda7d0398789ca67b72dc9fa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9aee5cd509922cea_0

MD5 1e7e729ca7601228a58fe033a5b7a8cd
SHA1 5a44f770390999b3f12afa4af8787273713554d0
SHA256 d83c9d8d991698293fbfcb3b809b6352e7b9f2ed388842cec8632f1cc06a991f
SHA512 d2305ccc650748ed56c1d53021d262e6f02c703f6d5b188012e58b17bb8df858e4b22680a02326f395041b332b904233dee6260bd8fb2c5604ed06637d962f58

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\80baba1206113f67_0

MD5 4c23074f5bc1238902af9accbe8c59b6
SHA1 17be601422b0b518e857fe6677f4fc1c470eb202
SHA256 f0aeceec114286f79d522d11aac15530fb6d0bf2b64e1287c18fda121778d964
SHA512 ae55cf75b1ae3612182b1d68e1be180b687f67f139a04a923243f8f92e53d969f0e4f1ab9f3ce7552b7749c35bb3b14832df3e8bad07863161d6577246353855

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b1d7d09e2437e8ee_0

MD5 1287a231c4832a5da13e8f95f597476e
SHA1 11321cb551e44236bb122058ecd448bc073fe30b
SHA256 39f83bfda9379edb1db0ddbe8bdb88e8d8c4e3e6767ec6f58fa09043d2e1847b
SHA512 a77af6d3c527aecf7cb52c4181efb355f11ddeac6be1e550a9c733a50bb8c1558854f489afec8bad3d55769e66c51fc942c8d6f384d2a1d515d2c4f6e331fcf3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5b2f11f3f15a5775_0

MD5 0b039a1ff455a566aca0348d4834e3e0
SHA1 6dd321c856fc0aa99c77584b0b1fbd143b24c85f
SHA256 96c8e710f3ad30a800ede06796e7d5cfbd9c5daa8fb4223eec9ee748e133fba5
SHA512 dc5851a64ecb6ac536d7a544a33ef9e00c88825e58b1ff9e9471182587a8a99cd9f9f1c495a1fab768289acdf2572088adeaea6cba275dc9d79109bb7ee53ee1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\48b1105b4c2874b5_0

MD5 4f9830c2b3afbd72b4f0af170c0917a2
SHA1 c50a8707f290e5c163bc8e8e2876ba4edc1d9d57
SHA256 6fbf43bc195b73d3fbb552b3b22fe859ec9c724d7140d1906d386e4d392ced11
SHA512 f198075a5453e3c4c9d0400ec0c5bb15afaca22b5305ae752dacd142d779da338b5f26b0f8ed98c472397e73176ca4d2c1f1fe336de50ca47ad2be5f99cc00e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8e5987d08f7b6e11_0

MD5 f76ab910f67e0a8f064f8854d65fd55e
SHA1 84455b8628f76e03974555f8a0adcbe6a72ab9c3
SHA256 d10cc7da0a683d4803eae895ec41f68bb98586545155014782d2add5c250ad7f
SHA512 27ecb5656e2276621114e01b4a73eca36e8b6962001bbfa9d4493674eb14301f45f5a65aa42e0d836a09cc7ae8fb53476e3fb6fe0c74c149871ea5e734b2543c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c807b8e9088e4030_0

MD5 5f47e5962a7424de47af45641e476268
SHA1 f28e9ea1b62dfde486a4c08865be1726eb21af3a
SHA256 cdf3705842638856d60b81dcab449858a6b465bf7b33f6ec9817ec5920cca0ca
SHA512 948beb4eb0c9b9fc54e46a863a23a12981a22449712851abc76ebb24ee0e95339f013d3d1211b96795c3b0264d8bf9133117971c85fa2c6b08b7dac24c63f51d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\058cebd5a298c9b3_0

MD5 f5204569d7b9b51dd0f88d26d1478338
SHA1 58553d2df070ee0672fe0246f19ac389ea0a90bd
SHA256 51c753a0f265c1b6ea8a60facd941f5657c434267468577e25ca0fb500502aef
SHA512 f13b031f14a72dd69f4be80fce793ecc30799fe99f8eca1491faf6962e329d2507add2b15ad8c533741507de6b5403918f3468e5846b4feb6007ba7ce57c361c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\edb3b6840a8ddc0a_0

MD5 6d821bcbeb32942301e9fba08957e559
SHA1 a1e6d70fdd403ba32452bf3515df75243c99e4f8
SHA256 56881a3295134097b765c8e521e55dec425129a48f488396bcf10910e8c2347c
SHA512 4699e96a019b9088b6b12112803b6fa4a6dc45691686a725cec99d5354e6b19376de0cf66e8ca45236a7466954f9e3b9f55c42c833101fc70e754045e51cf867

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e8f6640eef188435_0

MD5 86131af221a9b4b335fd1e465665edbe
SHA1 1ebc01c8fced8ea16c6067bb9439dd42a6e571dd
SHA256 d46bf57e4476b4d2e0402d585ace11e6a1c0f8d461d5f2cbdb18eb61c3c5c6a0
SHA512 d42b6576a2b3d8685eede6a2d39a7bde45a55c41f3f5b7ec5c7411c8bb31c239937fbe4d93f6af03939358c89630e6f13bb1cd858bba1cf771e4c5a957b648f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a6537dab24e365f9_0

MD5 08fe7bed0be02b8e490c5327eab0bb31
SHA1 a80053c440ff79a9deec3cd7d7c270e20bc7df1b
SHA256 453fdb70b0fb9ec4e1872421a7eabd8a72d168b0149ffd76578d3fc5a8c9b292
SHA512 8cede92066304f9ea893c8ba12a4da463c6f0f7dca8e6efae92b5250decf97eb143ee096b662df67e32bc30727110df4fee56165ff94baffc1cb5f1f513db03a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0503effc8bf0d7f8_0

MD5 5a4961f2910a0e6e6418901134513c22
SHA1 bcd5be334b73463f3e053f2851ed74fe16880c44
SHA256 211be1bc38d6d6b13b4812b8eb9e1af1fcd13fafb8d951550dc96307c1b33b90
SHA512 0f954508fd2fa98d3f1141adbf39ba2f56c28bad8fe49ec9b3c4947aa0bfdfe44ba9b187fbbbef00f3fdefd03ff6dd3cc548502bef420061047598b575687588

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\af2cfcaf6d9b18bc_0

MD5 6c507c398e0d4261653e615b2a5a3046
SHA1 065319df4cc564f60f5f2b7c168299dc309153f2
SHA256 02a22a9794c7a1812597c86e808e40debc38c24a273cdd7c020749047b6ce22a
SHA512 75dbd6e06d39418cf1110b3e2e062b77ea53fd11138e143e9789006c534cbaa05f550f4a55f65a73f85f71e03ba025814b53372e022a959ecd4433130ec30ecf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6d3b0ad57bdf7db9_0

MD5 8438240302784b2280663722b10c7926
SHA1 116b3dbec680002eb5bacd642194fbe109ddd661
SHA256 d059eafccafac0a739e2491c455df2b6a442b7a8eb9b6077f1fa2dd86a81853c
SHA512 9bbad39c265e05c31958b6dc6d44a601a4d42f0df086217fd962869505bcad32190d421d346a378f7b8196a807d962d60d79dc27b4216f05339c7fba11f43c61

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\daea348421cbc209_0

MD5 dac351065acbc23176f6f3929862a915
SHA1 6cdc93da41797287170d2094a3560857b605d94e
SHA256 f487ac73abca4ff10ddd5f1582cbe8a623fef52f0ac0831324cbee0a13f83ff7
SHA512 ab45ca276fd9e48459c329eaca11513536a8a63d3ad64bd39b69db2f78b8ae961c12446e63b0743405efbec992ecbe2a08ee4be0dfb9178ab3b5e1cc1dc025b4

memory/5264-2140-0x0000000000300000-0x0000000000335000-memory.dmp

memory/5476-2150-0x00007FFDD13D0000-0x00007FFDD1400000-memory.dmp

memory/5476-2154-0x00007FFDD1460000-0x00007FFDD1465000-memory.dmp

memory/5476-2153-0x00007FFDD13D0000-0x00007FFDD1400000-memory.dmp

memory/5476-2152-0x00007FFDD13D0000-0x00007FFDD1400000-memory.dmp

memory/5476-2165-0x00007FFDCFA90000-0x00007FFDCFAA0000-memory.dmp

memory/5476-2164-0x00007FFDCFA90000-0x00007FFDCFAA0000-memory.dmp

memory/5476-2174-0x00007FFDCF270000-0x00007FFDCF2A0000-memory.dmp

memory/5476-2173-0x00007FFDCF270000-0x00007FFDCF2A0000-memory.dmp

memory/5476-2181-0x00007FFDD0800000-0x00007FFDD080E000-memory.dmp

memory/5476-2188-0x00007FFDD05B0000-0x00007FFDD05BB000-memory.dmp

memory/5476-2187-0x00007FFDD05B0000-0x00007FFDD05BB000-memory.dmp

memory/5476-2186-0x00007FFDD05B0000-0x00007FFDD05BB000-memory.dmp

memory/5476-2195-0x00007FFDCED20000-0x00007FFDCED46000-memory.dmp

memory/5476-2194-0x00007FFDCED20000-0x00007FFDCED46000-memory.dmp

memory/5476-2193-0x00007FFDCED20000-0x00007FFDCED46000-memory.dmp

memory/5476-2192-0x00007FFDCECF0000-0x00007FFDCED00000-memory.dmp

memory/5476-2191-0x00007FFDCECF0000-0x00007FFDCED00000-memory.dmp

memory/5476-2190-0x00007FFDCEBF0000-0x00007FFDCEC00000-memory.dmp

memory/5476-2189-0x00007FFDCEBF0000-0x00007FFDCEC00000-memory.dmp

memory/5476-2185-0x00007FFDD05B0000-0x00007FFDD05BB000-memory.dmp

memory/5476-2182-0x00007FFDD0590000-0x00007FFDD05A0000-memory.dmp

memory/5476-2180-0x00007FFDD0800000-0x00007FFDD080E000-memory.dmp

memory/5476-2179-0x00007FFDD0800000-0x00007FFDD080E000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c4d2cdfff5f83430_0

MD5 45ba8edb2d66073b1178b31f66b4f205
SHA1 773cff067de91c26624c7df62831024650b2e0f3
SHA256 56d7bcd74f2804ffaec324ffaa08d8601d038a8d515e99515bb2008622d1ce0b
SHA512 25b7cb4e18da5005ce41fd6cbe5280498ebdf6621f302d9658c17b56d1b201229d6c2e9361ecc9242cdc768529b6a83b9fc539814d688957b0b85d878622ccdd

memory/5476-2178-0x00007FFDD0800000-0x00007FFDD080E000-memory.dmp

memory/5476-2177-0x00007FFDD0800000-0x00007FFDD080E000-memory.dmp

memory/5476-2176-0x00007FFDD0750000-0x00007FFDD0760000-memory.dmp

memory/5476-2175-0x00007FFDD0750000-0x00007FFDD0760000-memory.dmp

memory/5476-2183-0x00007FFDD0590000-0x00007FFDD05A0000-memory.dmp

memory/5476-2184-0x00007FFDD05B0000-0x00007FFDD05BB000-memory.dmp

memory/5476-2172-0x00007FFDCF270000-0x00007FFDCF2A0000-memory.dmp

memory/5476-2171-0x00007FFDCF270000-0x00007FFDCF2A0000-memory.dmp

memory/5476-2170-0x00007FFDCF270000-0x00007FFDCF2A0000-memory.dmp

memory/5476-2169-0x00007FFDCF100000-0x00007FFDCF110000-memory.dmp

memory/5476-2168-0x00007FFDCF100000-0x00007FFDCF110000-memory.dmp

memory/5476-2167-0x00007FFDCEFF0000-0x00007FFDCF000000-memory.dmp

memory/5476-2166-0x00007FFDCEFF0000-0x00007FFDCF000000-memory.dmp

memory/5476-2163-0x00007FFDCFA90000-0x00007FFDCFAA0000-memory.dmp

memory/5476-2162-0x00007FFDCFA90000-0x00007FFDCFAA0000-memory.dmp

memory/5476-2161-0x00007FFDCFA90000-0x00007FFDCFAA0000-memory.dmp

memory/5476-2160-0x00007FFDCFA70000-0x00007FFDCFA80000-memory.dmp

memory/5476-2159-0x00007FFDCFA70000-0x00007FFDCFA80000-memory.dmp

memory/5476-2158-0x00007FFDCF9E0000-0x00007FFDCF9F0000-memory.dmp

memory/5476-2157-0x00007FFDCF9E0000-0x00007FFDCF9F0000-memory.dmp

memory/5476-2151-0x00007FFDD13D0000-0x00007FFDD1400000-memory.dmp

memory/5476-2149-0x00007FFDD13D0000-0x00007FFDD1400000-memory.dmp

memory/5476-2148-0x00007FFDD1380000-0x00007FFDD1390000-memory.dmp

memory/5476-2147-0x00007FFDD1380000-0x00007FFDD1390000-memory.dmp

memory/5476-2146-0x00007FFDD1270000-0x00007FFDD1280000-memory.dmp

memory/5476-2145-0x00007FFDD1270000-0x00007FFDD1280000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a6d77f6258a197ad_0

MD5 2d55e6df405cbd9ff3e03c357897bbf9
SHA1 8fcc32831ab5cceb29c02a5abe0d136b7f8ff2ee
SHA256 91356e81f6252baccd30098ca0bd8dd59767bbb10b94ef7e258ce6683b91012f
SHA512 46cc7817a400b98f6c5f4517c5193f7d10d08727f82e4162b64bb9649bb55153798768f3659db347e1ace80061b23c1ca38951c87ac649117d20b3fb909573b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b55d03180926b54a_0

MD5 25f2244c18c16223b77ed6ea1768aa3a
SHA1 6d5cf0ba3a48221c4b849d91452c389390e9fa38
SHA256 0641be3a2623ee030da7e227d085b1833f10a536c8ac936eb9953785abc98743
SHA512 38d9aa8ce672576aa592952ea66caffc0bcde55d7ee81b23b1f11fe65a4f28b1c19992bf1050a6ee6d034dc9fa3e38b609eaae8a559f1bdf5bde75f8d27598b5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\295f5e2112efe00a_0

MD5 af3560f2f967ce73cb969b905a78c60d
SHA1 40b069f8b4e48abd934e2ea731a73bc6e7af6add
SHA256 abf755256c2057dad469474c3dfe1740d000ad8100b8dee535b5b10b1f824b31
SHA512 b08086a07de3b19c7d0473b520b9ed7be7f538aa4aa8352dad6c2cad38b33d38023f6278b7c8a8c0e55cc21e1f0fd685f42d0ba2a0b3fda8a42dafa338cd919c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\af48edbd3578ee3b_0

MD5 a6813f15c7a5f6b1147da675849db756
SHA1 681708a0c6ab532c620a8133f70b57d579000429
SHA256 a222c37639cbeb2d60e692291d34cb21264ccbf4d53b9470d82c9328a1ff3551
SHA512 1e9379252efea01bc9bb5913708894616971bc932d5978fcdccc993e502c6ff1e13db7f0b74c62686f049fcd0c93f0f69c4d01a5f439d60de35534acdb0e0e08

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\94ebe1630900d094_0

MD5 28d1dd0efb594d23f49966af6830a8ab
SHA1 365d20c3428702f735a7af8aa89c600919600c64
SHA256 fec7009912db4c6f9c95cfb2ce48d81d0e92cdc478df2619a6d4b2fbfb42fc57
SHA512 77ab09495fb163ca072e9c907a3710f908f2f59550322e20ed0955c126f00c3567fd468d1b91c1bf7f6bc0694836261303ce1d196df1460ff20995584422c239

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\70d3c2389e753fc0_0

MD5 72676cb341ce3aa1d9d65daff611568e
SHA1 1b7bba77f7fe4e40ae162c0cb4bc77d019bfba53
SHA256 51870e1f5f1fef81f96cd8ea280893a76c579a39cb7629b243d42090e246d8c8
SHA512 00bedf5c64fb135224628b643dc7d940ffb35113dcf327c4c56d0d99eb08f50565ec782a0c920e4208f0ef6f110c1bd2a96c13a0fd7b682a4b775ba8b40cad4f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d7a29efad91a1117_0

MD5 407c386db82af328424084c6bb451839
SHA1 f905e61cb1f7598186965c9bf2c8f3219e4bf6d6
SHA256 78b2dfbffd138562a4f984e45e2d18cb003b738a6bae240306c6121b03088a47
SHA512 56d727fa166716f44ef6f7b01700d1dcd9fe583fe798f5875f436f92d47e4b15ccf973b8c247946d90f3319b71370d6a0932de9358d95f79b17ce16d82feda95

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7f05d59e6df9a390_0

MD5 17d690f74d364215f2a441cd8d554b47
SHA1 d79ea32dbed0d9af411c4320b79d96be66e45143
SHA256 3022a794bdd44796515d167e4696d5e7b178d6ceaaafa0b470c523fc15784ac3
SHA512 ea668bcc488faae5a5010bc622dad204e53fdae6df23e18a4ba540ee272b5ffff3f25f601f73b71f3cc469b4b7d16abb7b42d7ec53f8339a64f45676f31f37ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\806d29e6f2a6890d_0

MD5 928c1d36ec4bda65c6210912209dd866
SHA1 5331928faf6df3e360f35ab9972b96998e426ba8
SHA256 95d1627a8f7537c12d5d412f293a6d0d9bc4c9911a86ead0d2fc14daca3bf86a
SHA512 49270d48adc8c4f4ca7484e2e7d8e2116bc17c8c9639fed1f0c66f814576154036b967d98d5fab45576d7b29d2a15a1955983c78f81f033373cc61fd86b03c1b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\02b1a637dfc4493e_0

MD5 c8b93f7c25f6b4eb0ebc48791ddae6b8
SHA1 8c49f09b1ff20b5780bbd20728a58ee216f5e9b3
SHA256 aaffab0ea1a6ad5d238952d5768a6b18ad7fac7c5babeea51b13517c834ae470
SHA512 01e2bbf5bb451a84d1f86e3469ef5c57395f896d06e3acf8c3640a11614eb704e0a7e2fabca106fc4db98e0f8858c59140838cca9398fe35fa305208a1929225

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45a16ff6d0d9ab5f_0

MD5 111981f4b69cf778dfa17ef2699cddbd
SHA1 3ea443ede68359f527fcd40dedcdf46911bb2632
SHA256 b9df232b83b8915523fb4fc41a715127e9b6bd8b9b3425ebe35f0a2ae5996c0e
SHA512 9d5bdb00ed408b3c56b20438a5a09bdfc647347232635955acffd6bdee021b34a55b5602f2fd05be72ea34fcd43875e69035703096d079a4b64491c896874a49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9412c8b664751f90_0

MD5 c5136c82e67254aeaad432baf86714dd
SHA1 0e8917ca94a61586dc2b6778f4d168a24e20c288
SHA256 2f7930d0700697a30eb96b023ec290dcb6551fc59009189089b5e009b2380a3e
SHA512 4d9055fa713c95aacef6f8182b42eecbbf5a968e191476141f18480bd341dcd5443193bf29cee22dcad5a314798a8f60d3f1d2f64ac61ae3b59fab70a4be205c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53ac5abc87e80789_0

MD5 234e2b877d0d00cde8d7f606add03f54
SHA1 8a4f22a95bffe4e8110c7fc4f4ee7a9ec69d1d03
SHA256 a9141bf8c38613586c5e9f28f7a6412aa6269316b44798902f8cd15e5f1f4506
SHA512 1a8b2e8b2103abeb0688d5e474ef51b13012fd237cd138373ba47b9668c07e752643585a46a2d2f88733bcba0c4522d849806f2b3525894e16923bd45ead937d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c035c55e661cf4e0_0

MD5 744bd9c8ddfe4d7d3aa7ce3a2ffc344d
SHA1 5180b7b985c07ba42ddc9d9824ccac267459dd4a
SHA256 d6e2ef81b7d9e86263c77f7285daeb6ab121db4fdadbe53904ce4dfcefcf8327
SHA512 b11aafdd0c5ed7d3c293c41bed0a87bb14cdf8a44f6e688229301970870e664cdcfeea2e25d1dd822ccb4045c8496ab4787140e162b50b2316ea5890432557bf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\06450eb6a7b09545_0

MD5 b884caa3a45a2162107af3ea46990c39
SHA1 850991a6466c1eedcbfd291a05a0849cffa9550a
SHA256 8eabe3aa341fe682386fcb5211001e50bb4e415d8380316847d07b58aac49278
SHA512 4bc7cba83e67d40d372cc29611c9db78022f141e1592b905248d77528c6fb9c14cc6cdd4bce7e2e9aed082d71ced11be8e2aaa24886b054baab6f1d1e6ab1a4c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\eafdef011b18f148_0

MD5 b936b3be5129488dc050dd50ba14e116
SHA1 1020940679915d8dd1d7a24ae05127c7ff7b0f65
SHA256 1d2dfe4e792ce83daa0de9c04965cc35b72654788a2538f1fc52070514c0e83e
SHA512 71ca0c4c7e1259850acfe787a3f989877d4a1f9d228721fa81bd159dc105f4f0c8aadee3a48df38d10a04af8eb3e25f0c2e01750f91e92eeed6b2c3cea23a3e2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\032a982be73b7ccc_0

MD5 a8bed129b313d7c97065bec0af7f0674
SHA1 65c5d994f4aec083db23e6f55f68fb230ab9e974
SHA256 039b2db942ac1b6aed2d244779f7e2e534d901b4416822b92bcdd32fd61f96f3
SHA512 16a88f6eb0a22774801b9ce7cff53a046219e86e7528c82b4b38536bd445641936f0dbfc468e28d7616ec66e494bab1a13ce2fcfee0c5153e4b4f940925677f9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e597a8e2738ed58a_0

MD5 c8a4d0dfa390cc0a6391223ab2531233
SHA1 266c0086df820a64a1b136c0ea0c98213b82c57e
SHA256 206b0f5baffc0ded21df0167f56cb40775d199bcad6123d9e4e87766b97d8d81
SHA512 14ee232020e460b395de0c4a764005a50c129b5b813861c728f2a5a0c7ec857a0d119276a510b9ab200e5ecada225f6625cb57f10c0d180d6553069d1ea84f09

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d3dbb3008455b523_0

MD5 ae8c181321070acfb947a73d34de5cd6
SHA1 fe0249f617c8b15dfefe3a7a001fc1fe575582c1
SHA256 2bc0275fdeebd36f8da7734315b8ef83487d88cfa7fa4781d1b0c9d4674153fe
SHA512 6e8fc28ccd839d654e5a4fe35fda9e5f12a76b65b841174864b1511760072e211f6163f8984a90a240d9db01c920019500c4edde5c74424b704e7bccc97098a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a09f6271ad0c4092_0

MD5 b151d33b462677708c8be499d8c5219c
SHA1 7cb298e033bcb7e87e7560747a7db81d3db32142
SHA256 f422b82ecb3b9bebf3e30845293582bfb85055c666c3a88c08db4782330ad34a
SHA512 7bc1621a495c1dc30766786dfc9a68a4285a90b2666307a66816e38fe50fc748776696e988e3b6512e5120111086c75c9afb8ffe64f57551a655a174e44830ee

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ac9b40a0411376f7_0

MD5 ee6910567df510598f7c3c8b2d2529d0
SHA1 cd4a7f4121c69d65aa387d7e3c59a511b2382cb7
SHA256 e5ff842238d65860eafa129b40e3c16042f2b710d6c1de88b19f6467f9bcc616
SHA512 8b1155e5748a91d6f71d3b9fa26a02b549f45ce70f3bcbdc08531b2e1575c3c53711d92fb03e4228688b81d5db1fceee17835402f0308b0cee5dde4f20661cc0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7ad8760711f2bb72_0

MD5 e7ad63b56f917de06eece53f797c9116
SHA1 c788c8687aa1c69153bfc73ee49268eb210930f0
SHA256 ea4fa5cb6038363b7c27c2d62fb7a683ef73528cfef838ac1d64e61666571b45
SHA512 523b87c5ba87712d45f7d406ff5fa99f3d93e0205b42d19851ea17f61810534359fe00c926ce3f1c86bae4249ab5f2dca8c2dc1d08609e15f57936baf1b11171

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\acc2d5e805b3f719_0

MD5 54e1ba518ff85f256744db0525048ed1
SHA1 aa4281d3debfce8eb84491938ec1259f98041db3
SHA256 0a857403181924c102e1a26584d166fe1818bbc7e0635276556cbd30eee148f1
SHA512 36d8e295705cfc02e927680887dda490a20e1f2ba80f73208e413df19028faae2fd1842224df3d361bd774138d06ff28a1b7b5a0e023e00e579a929e569a2979

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\47d4e623e47f5bdd_0

MD5 c5c0150bc176cd0c83ac2f75d7a8a85b
SHA1 ffb54f1bf722042ce9bb35de04a41a21717884ec
SHA256 15c03ba5900e07e8f65070ddc3e6b0e9d44009333090f7de5a5e8e03b174c6c4
SHA512 34a508316dde3f058af070bdefebc093f9d4f831e1e9053cfba6edd8dee40ce0b97e2817b1404f0286631d6b639e7b0f301c2297699c83b39a909a87e0ae4fbd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1ba208775fb5fe09_0

MD5 0000ad539376fa94996d1a0054039892
SHA1 a7035089fcb42ad3b34e0addd4391d9399a49cba
SHA256 70b6b1db51d8de8aeff3bd03b9a2c332b5daf89c6c305c527d240b4769b90368
SHA512 64bbc20e1140657348d2b62fb155d8116d3367887e3818e311e991c96d1b71cc263fbb9ec499173e118cb7661cc45a22bee603b1ede5c624097ea8b2989be5af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa20c296787a3f88_0

MD5 934ac690f2108150c51a52b5e53a2497
SHA1 927510bbf6ade28ae2dc737c3de8d7e25310de19
SHA256 540010bcc60fb506e2b446e6fde245a1da88db1728874be4bfd2d6a320c816e6
SHA512 9876003fd340e5a2853d8331ca9a03ab952b1f8675f688ae29b13b506c86098a6a5e27eb1e05b6c50f93fcbb2c633e77b9a0a3f46cae94cb5a5670add61c8e65

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2c55eb8382350e55_0

MD5 1d77b56c5ef81c614c977fb55084dd15
SHA1 0225b7af6c908ab7242eb13f2b3710a498b3257d
SHA256 99198aa6c9f39114b5354f45c4797bab839014932384726f42fe86176da1f757
SHA512 c78b19eec7a66dbd372420ae90d8a502e878a2eae15323c037263fe618b901f78e8bbde0200fd4fb05f1d24acf86da7f8351beba434aa5ab0ec9e58835288d7b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f078f5fb70fd150f_0

MD5 67247e79494b6a4af5c64b8e0c6c0f56
SHA1 5fa5bc7cf8b043bf495d4c3184defcc895724868
SHA256 084d49b95a96d5b7f4c22617f6f892a474f55ac8765a0fd6c649a741b23bd2fd
SHA512 cae359933855216fc7c28a4a6191d7953b3ca2fa0b8c648b3e98b3e9ae21a1eba6520585a0393ca146c5560c2671a681ecb83e46b76a7dfa5df7d1e409659297

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7a66a1246c4f29f4_0

MD5 b006ca87b36787af96e499a6a8a02c63
SHA1 72bd39714417c8171ee56d001a696755f49cccae
SHA256 6f73c307a0a43ffb5fda777dbd8cf491cc468c4ded80cfb1e86b0b739808e3f4
SHA512 2c54f877fa5cf0a3639af09bdabcedc4a66244e4ed3a4dcd5c989771c70a725cdc0958d54d1801f9be5d6767c907cf538f667561d696e4d6889ecb0c91e194f1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\02735674612cbc52_0

MD5 a5b0fb2ad49558032a163ece69ba32a0
SHA1 dd59648bbc3065e8df993457af5dfb865e3eed98
SHA256 ca5c189bc6d430d62748fc4c642a9371a73ecbec67195690f7bf8c5e69d5f0b9
SHA512 c4939cada9859e8522e5c53635423680636c38f8ebd1de7d379347e9e990756ebfb77398f2c9156b7a70fa4550f4ddd941e860e108037dae1a12001c143a38e2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\81764cdb356c9506_0

MD5 5b503e8b774f757bb2896fb90e8a887b
SHA1 b2498be636f07f2e442a1dbf6004aeaedf07c2b1
SHA256 7bfe5d68b61b3f113ea7469a0b65ef967479b781e0694489b9021902f3d8b5c2
SHA512 3d8c96a07bbfcc8d291e748f857058e8adb476166902de2ff96081c92634c104786b83856d00d1a0074a7bef56cbe13a396434519ac7cffc15baba3693abf178

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d00019f29c31fea5_0

MD5 4dbb739b7242e296660ff255e537867d
SHA1 22b4d4f27cbaedd9ab2ac3766497b94103451275
SHA256 d5731f665f9441665565554079cfa1ee891e5b3eaa172d9161ca6ddc14bc1605
SHA512 ffd4a4bdf664b12b59cfa957c36bedae9984d4a681390714fca0976d5854eb52ada9a09200199052686cc55dd69e75155e8d9761a8e7c46eaa8c71a024aab171

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\65a17db215bfc27c_0

MD5 a367bb35feefbc9725bdc1c0fcfbec4e
SHA1 f73bf77c687e846be4ff15a6b89cdb5489b64956
SHA256 4f3679556b8015404a950a2e1b04e88849932f46d1abdeb55c7e9cb805e933a3
SHA512 6bb9c4bc9879cfb13e563fe2f99b3f5a6706ab5c69043a22216b62727fb0a4dfc57fd442b68e1e5c4ec13ce7d2aa9122d1268d44168a8b9e1d7af2cc94234d95

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3fd2be14abb3904c_0

MD5 4da12407ec914078a7c37d44dbdcaa1d
SHA1 b0f1112e25c1dda9b07da26d8bc1fc33393a5f49
SHA256 d84e0b5a91553d46644abce861c5c68a83b54b1cb7d1fd2aca32df073af53128
SHA512 e8d70f1b77da10e9b407fd8744c13534932a7084954c1e3f0273f9e02c354314a436985aa45bbe4501a06465b4bc7352faa5aec51740a0dbb4fbcbc9da2aece9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\654175acf178eee2_0

MD5 8821195f28d72be7b98bd52038cfd228
SHA1 54dc25661344cf83dd401835d2b406f46cdc6c46
SHA256 f2777285e4125df922208b91e43a4dbdcd5b8dbbbe391eecade46592ffcd6f59
SHA512 13db8886bedc3ef374bfd0295cadb231707ca9f7aa61bd70415f64f048171fdbd1a7c676eb3d4cf9f849f8668254e644cfaf06e0892e916add359e802ffd5131

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9105c7a80b46257238cfeb137241564c
SHA1 de257d8540945160816b512572331f4d5a53000a
SHA256 73e3dda871a32df7e3acfdd59c33306245aabf426cda170e0b8d2407616ac65f
SHA512 2f0f33a72b790861728823dab3195a5cb206501ab6a1055ddd6696dd1b1d8ee94c7f81a324cf573a8bc4aeec83f64053dd52cc11890353dcafd6fb611e94d147

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9fd24086cee805b4ea0eae5ee81f0473
SHA1 3bd687e540766c0b62d8073ffffb7c3e7b3e4c1b
SHA256 8f7c95d56fa4af166ced126c735f3af428922e2441799f9e173675ff23d9181c
SHA512 2e2714d9b625cd7f6729db8098fbd88321ca5d3f1c155c4c610d8c67e9513c9a50525f768d05001cfe7a2a4beaed75ec888d31812ed331ffe1c8bae6248f0875

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 550efb552fd9ae0102d68711c687b23a
SHA1 2d05c531132d018fa44d75329698420befbb7460
SHA256 198dc7ee5f53a1a75e2dedec3568a7c81000fabc7f524beb27ef847669e1415d
SHA512 7f527cc64834dad70d5e111ba7168ae66593d128f6c738d8030aae83d0ca40fce50d237d1391cf77416a0cfb990456916401c09863807a8413ecd10867f5361e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4ad0c10158585070_0

MD5 36d48ecafae5c0f954669f6447c6680f
SHA1 b778f9799f07280c9c9caf1975c79efae506c215
SHA256 671c9aa1d65ecfc0b4477fda6e41d9bc4da3ed9501f450a2666c592058309569
SHA512 f3f326d0b0a3dc4815a060a7bfe2797b819bc2f9ba42ae45b8b9a92c9c20abcbe8ef6a9cc990a095c55649d6b61b6b9e4b9bc01c157c6cc54a2a664c00cfa0d6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1850783da7c53458_0

MD5 3d340a4b26a1eaa41d3fbde4748fd444
SHA1 efefb62f3d5cf0943be83083e639e5655329f870
SHA256 a4e47f9af44dcf18221c7583e510022b3783a94dcdbd5633fa9a83282a00f4c9
SHA512 b1df625ae3cfb49c29452af3fab871272040a2c276d3ee0e342522d4d43a03f2640af68086cd3dfec5f7d4d3ae2e1f49912e61f86ccd84a78a0a49bf2605ac40

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9eb49b832d016644_0

MD5 749989964f2edcd815f6c9235a145be1
SHA1 b0f0c0832658bdc29478a73a79566e6d6f18f6e4
SHA256 ef30ce43c5d3eed90e1f2452cd4849ff4144f830525446475e93630ebec3d7d6
SHA512 d46958b863d49b1474d5933d472f58f5a9b31c015f7c73b0e665a6d5bab3bf033e58efa93d4620ebff039f3e2a08032bf4d1896b33e3885376494e8c82275a31

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\693c0bdd34fd6eab_0

MD5 09b623d22ac9d0949894d3cc35faab51
SHA1 65181162c4b16a17445f15d22e98ccec3a24475d
SHA256 289449063aa1896e3ff0dde7c1d4e4b9359d44d56e0e785a3658e38029698814
SHA512 2a698d7170430cfe49dc3172d469d510f6c86adbd5ac4a43af47d941f36f55e9c8e577799db98be5931289ca33b3a059899cb0d3e868e380da034602a4735fe1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e52ae3fb759a78f0_0

MD5 2435d49b6e4c0e27deacc33b9ea7b052
SHA1 2b288060ee5ec58b5a7d1106f188fab316c69534
SHA256 3c3088cba940a384fc5037dbb6e5541efb58b347eb25c5dd32e97ffcb547f38e
SHA512 281f975043dc4c8975de29c83ef028b0fde58774c153d8199e24c69b1f737e1c760f2a2600cd33860af5280aec888ae43903b62e7542faf6590875e37a40cedf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f707ddccffe1fdb6_0

MD5 2bd78c6d5965f25a2e949b8544fb2ea1
SHA1 e31e40ba1c3f67ef2f272af9055b32bb340e606e
SHA256 86ccf26e6ef834993e4bf0c296bbc6ece4793a0317b06ad18c54c72b5613484e
SHA512 560c6d28242bee4f1b8e7522e77f0e20aeb97fef69c74853bda740c914e74fea8def0c20692551a266752ee019b593e5974d4990dc31876ba87980233533c236

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\14ff8116b518ca2d_0

MD5 c8aa18cdb82860c689938e5ac1ef4269
SHA1 d3af3c615ed1777098211437b754d02f4c255775
SHA256 d037ef582f6f3ad146ad9291fa3c0ec3614bddb6fd62a144837167c88a2793af
SHA512 436787d61aab92274cb0e62180fb7c8fdf0edbb996254d1f489f5b6e3341d5ee8a0c9e6c1d8cf811bd1d29dc0a571d17549a792598898bd7a2928dd94cb86f53

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1ac673f66e12ce14_0

MD5 ed73ae0a7024c631fefed9b2d3b548f7
SHA1 985f2fe92ff5da4fd0e548cec4ae8b50709bfdc2
SHA256 a938e83aae35e98830695f197ce9a4addfd124d74051d6ab9c5fb8e8cc893816
SHA512 62c2a3b9e40c0e68bdd8bacb4f29431ca56d416d7fbed7580c2043a0792a9a971cec93ac60dd170a193004b546014e2903971d5aa76abfc6a098707bdd2543a1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\632e260441be7404_0

MD5 552cb9163087fd32396f4b9c40504a39
SHA1 54b543650e16bd4602b1c9c8dc401547dbd87c4c
SHA256 5f67051ccd1bd570c3c1bef39dd8311f92b2ccbe1d10a86073445cecee56292d
SHA512 888a9ddaedca4019ab61b56e0a7defc4d89506a5afc794049e035b6547594770409801e3a673173d049d995028e244a8718904e98523e15bc1069b0af54c75ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037

MD5 68f0a51fa86985999964ee43de12cdd5
SHA1 bbfc7666be00c560b7394fa0b82b864237a99d8c
SHA256 f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f
SHA512 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036

MD5 3051c1e179d84292d3f84a1a0a112c80
SHA1 c11a63236373abfe574f2935a0e7024688b71ccb
SHA256 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3
SHA512 df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2d7841eb516d756772b538351281b77c
SHA1 6c762a5819ef058484c02e77a994965eba7b1b41
SHA256 fa3e355b9a94012b565ece6fc752095e550ee3ce685e4894b6693292148e561f
SHA512 e78f4420e0acec55a0d78dc76be69f909f7a825f2d4d471881f5e303a6aba7832449db9ffcbf65f2f4feaff27f98e09640609d82a2c4f3603f114ba0d8ec3873

C:\Users\Admin\Downloads\Unconfirmed 479383.crdownload

MD5 bc34279f29ef0e6a2ff71072127d76d7
SHA1 fd84ef523831b618b18b489b4c72fde59ec2eefc
SHA256 a121bcdd9e39e2772d8d0ffb3ac7bdb7b9df060378c75ccc4d50557362d03d21
SHA512 e3b80b3b1046533fef77d5e3b78b184b27b2156e2e824192e81750abc30443b597103d69d19236f79b6524274826e45fb3c3079dbe9bb5e39a72892b00aed580

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 50cd638cd53a35d72700b83a263cc508
SHA1 0bcdcff8008cceb6d23a2d3556853f0a03b43da1
SHA256 2da959e5e3a18b5803ee93be587f1b04b4454e31cbda61dd9a4d33644d1579df
SHA512 487840655f6073d44266f8b483242ba6b9f6a9808ec25cf92e254dcb6fe96fd742897c78245a1adb19686d0db7c9a3e163b87bbc6b232065a515270f4827295a

C:\Users\Admin\AppData\Local\Temp\e59aaec\Load.html

MD5 1757c2d0841f85052f85d8d3cd03a827
SHA1 801b085330505bad85e7a5af69e6d15d962a7c3a
SHA256 3cf5674efaaf74beccd16d1b9bcf3ffb35c174d6d93375bc532b46d9b4b4ed35
SHA512 4a12a55aac846f137c18849302e74d34df70ea5aaff78d57fce05b4776bedcde9e1b1032734e29650bcbac3e6932dfef75d97931443446a23e21cf5b3072dd9a

C:\Users\Admin\AppData\Local\Temp\e59aaec\common\js\jquery-1.11.2.min.js

MD5 5790ead7ad3ba27397aedfa3d263b867
SHA1 8130544c215fe5d1ec081d83461bf4a711e74882
SHA256 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
SHA512 781acedc99de4ce8d53d9b43a158c645eab1b23dfdfd6b57b3c442b11acc4a344e0d5b0067d4b78bb173abbded75fb91c410f2b5a58f71d438aa6266d048d98a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 9bc34713107e275c1b1a551a02ac1d07
SHA1 e951536db5d022f73ba66a04cc1d3ccdcc9cfae8
SHA256 bb79bd5acba17da98ab98288f86b3b04c8a572a9b6904bdbb2ed52a270d7df03
SHA512 1f1e377d2022368db76e01389f83d6b8c480ab41f5bb2618f53ba35dddc25b08e6b0047824bca93f50eae3b3d680b1ac222b22466a1286d9822f1f65cd9263ab

C:\Users\Admin\AppData\Local\Temp\e59aaec\common\js\common.js

MD5 87daf84c22986fa441a388490e2ed220
SHA1 4eede8fb28a52e124261d8f3b10e6a40e89e5543
SHA256 787f5c13eac01bd8bbce329cc32d2f03073512e606b158e3fff07de814ea7f23
SHA512 af72a1d3757bd7731fa7dc3f820c0619e42634169643d786da5cce0c9b0d4babd4f7f57b12371180204a42fec6140a2cff0c13b37d183c9d6bbaeb8f5ce25e5f

C:\Users\Admin\AppData\Local\Temp\e59aaec\config\config.js

MD5 34f8eb4ea7d667d961dccfa7cfd8d194
SHA1 80ca002efed52a92daeed1477f40c437a6541a07
SHA256 30c3d0e8bb3620fe243a75a10f23d83436ff4b15acb65f4f016258314581b73d
SHA512 b773b49c0bbd904f9f87b0b488ed38c23fc64b0bdd51ab78375a444ea656d929b3976808e715a62962503b0d579d791f9a21c45a53038ed7ae8263bd63bc0d50

C:\Users\Admin\AppData\Local\Temp\e59aaec\common\js\external.js

MD5 140918feded87fe0a5563a4080071258
SHA1 9a45488c130eba3a9279393d27d4a81080d9b96a
SHA256 25df7ab9509d4e8760f1fdc99684e0e72aac6e885cbdd3396febc405ea77e7f6
SHA512 56f5771db6f0f750ae60a1bb04e187a75fbee1210e1381831dcc2d9d0d4669ef4e58858945c1d5935e1f2d2f2e02fe4d2f08dd2ab27a14be10280b2dd4d8a7c6

C:\Users\Admin\AppData\Local\Temp\e59aaec\config\installparams.js

MD5 21f6c8978cc749dff4e05ef4e8fe5127
SHA1 c9daf3ce1b3de9aeb3b0b273cc7d70b1cd410ab4
SHA256 07811bf7163c8b8955e60b4378186a32ed0cf96adcacf1a70c5a2215036a80b8
SHA512 ddb8ab43869ea278748323f2af40818c887741c7c7442978804d27ca50a15e0acb2abb25cf621fe7d1aa200dc40201213e99691fb908ead1c6bb1165673a88b1

C:\Users\Admin\AppData\Local\Temp\e59aaec\config\stubparams.js

MD5 91f6304d426d676ec9365c3e1ff249d5
SHA1 05a3456160862fbaf5b4a96aeb43c722e0a148da
SHA256 823f4f8dfe55d3ce894308122d6101fed1b8ef1eb8e93101945836655b2aed1b
SHA512 530f4fad6af5a0e600b037fcd094596652d2e3bf2f6d2ce465aae697ea90a361a0ffcc770c118102a0dd9bf12ab830ac6b459e57a268f435c88c049c127491f4

C:\Users\Admin\AppData\Local\Temp\e59aaec\pages\Initialization\page.html

MD5 b23411777957312ec2a28cf8da6bcb4a
SHA1 6dd3bdf8be0abb5cb8bf63a35de95c8304f5e7c7
SHA256 4d0bdf44125e8be91eecaba44c9b965be9b0d2cb8897f3f35e94f2a74912f074
SHA512 e520b4096949a6d7648c197a57f8ce5462adb2cc260ccac712e5b939e7d259f1eee0dfc782959f3ea689befce99cddf38b56a2cc140566870b045114e9b240dc

C:\Users\Admin\AppData\Local\Temp\e59aaec\pages\Initialization\page.js

MD5 50c3c85a9b0a5a57c534c48763f9d17e
SHA1 0455f60e056146082fd36d4aafe24fdbb61e2611
SHA256 0135163476d0eb025e0b26e9d6b673730b76b61d3fd7c8ffcd064fc2c0c0682a
SHA512 01fb800963516fd5b9f59a73e397f80daba1065c3d7186891523162b08559e93abf936f154fc84191bbadec0fa947d54b5b74c6981cebc987c8e90f83ddf22c4

C:\Users\Admin\AppData\Local\Temp\e59aaec\pages\Initialization\features.js

MD5 7e20d80564b5d02568a8c9f00868b863
SHA1 15391f96e1b003f3c790a460965ebce9fce40b8a
SHA256 cba5152c525188a27394b48761362a9e119ef3d79761358a1e42c879c2fe08cc
SHA512 74d333f518cabb97a84aab98fbc72da9ce07dd74d8aab877e749815c17c1b836db63061b7ac5928dc0bb3ffd54f9a1d14b8be7ed3a1ba7b86ee1776f82ba78e7

C:\Users\Admin\AppData\Local\Temp\e59aaec\config\installerlist.js

MD5 f90f74ad5b513b0c863f2a5d1c381c0b
SHA1 7ef91f2c0a7383bd4e76fd38c8dd2467abb41db7
SHA256 df2f68a1db705dc49b25faf1c04d69e84e214142389898110f6abb821a980dcc
SHA512 4e95032c4d3dbd5c5531d96a0e4c4688c4205255566a775679c5187422762a17cbca3e4b0068918dbf5e9bf148fc8594f8b747930e0634d10cc710bea9e6ff5d

C:\Users\Admin\AppData\Local\Temp\e59d8b3\winzip28-bing.exe:SmartScreen

MD5 4047530ecbc0170039e76fe1657bdb01
SHA1 32db7d5e662ebccdd1d71de285f907e3a1c68ac5
SHA256 82254025d1b98d60044d3aeb7c56eed7c61c07c3e30534d6e05dab9d6c326750
SHA512 8f002af3f4ed2b3dfb4ed8273318d160152da50ee4842c9f5d9915f50a3e643952494699c4258e6af993dc6e1695d0dc3db6d23f4d93c26b0bc6a20f4b4f336e

C:\Users\Admin\AppData\Local\Temp\e59d910\common\css\common.css

MD5 33b1c68fff898cbf19c44e486c856282
SHA1 4bcae82469404701498583903ccad307c64e2aa5
SHA256 265d280bad44060c22a6caef0140bb8085b994cdd8d76789f3a43a6e7f2a16ea
SHA512 e8ee2691c3b5c6542873e804f6ba7b13b9230de0bd28944a18bc25c529afe1a11d452988387aa3edddfd2bf65b02e293e549415b0a6a961285d50b3cd2d46a7f

C:\Users\Admin\AppData\Local\Temp\e59d910\pages\Initialization\page.css

MD5 ec8deaebe3216ee6e101d73981db11f7
SHA1 217c2e5e81447b70388883d8c1c77e3dfc00e6fa
SHA256 cd804f5b34e9f8d0a7b085a0d9337b864e83d286b1408210343997f029fcc628
SHA512 370d6ab807b175973165f1de8b682c7c111d38c25cba5abf11aad73eea4312f0b1f33304b276edde5e290553900e0b701e41097bc96a07d8dfd3e6164dec4042

C:\Users\Admin\AppData\Local\Temp\e59d910\common\img\headerImg.png

MD5 79f3461a48f669ef914eefbd83925820
SHA1 ef791b21f2de9a9b80f4bd9523b037b6432f41dc
SHA256 a9b420a106adb6b09e5dd39a864dd00519aade91ce6f500c179e9e6652b0fc51
SHA512 20cdb62ae15343f82081629df3e92f0fbb9dd61d793a1d1f73d9a37fd1c0c6265d574372d25de2857c279b5097858598cc6494ca272106fa67664479152b17f1

C:\Users\Admin\AppData\Local\Temp\e59d910\common\img\close-normal.png

MD5 c9f970b77486b6c60f583de55b82ebb2
SHA1 ac80263df2a6706ceef401b55b0e3f35d14985a7
SHA256 dd727b90f3c6b053fa5b4c8401440e5d120dac6b93305573caaefecedc5f0c5e
SHA512 b33b7cabbce1469c41a2f5ddaea7c3ced9d4d0239edabbd37931d53ddfe7c50d5a9bba101b702d8367ecdfa4df6bdd6bb614d8cf6c639e3239cef69a8d434942

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a1b7d2dfa5a5da32b497d47093f1e95f
SHA1 681625fd515b5248caa51f95280e5049542c40a8
SHA256 2b476e0bce9440869e61202a201dbbf4d8215acb1e7cb029735ca4e83d805f8b
SHA512 3a3b0d692a4b92d3f8bc7c4658d08448ad58bab809ed965b97f70ab3de7d2497c55ea548341114ae3c437c74a04f18ed45fef3684e570dc907d204c388ffdb2d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 846d7a45472c5fc58b283675332aaf71
SHA1 49dc061cf200da4c33b224a6bc78aeacebebb9b1
SHA256 5f360729585a918677a52bb4d05d22bc2892bd129f24a1be0f41215f590ad0b8
SHA512 6372413c490b874d22d44e8ac4fbd072d3b5b587971144ab001a230f3e7f2960e0437194ed9908c847ac76157204a1254c3920a9d67fb478b2f6e9a4465dddb4

C:\Users\Admin\AppData\Local\Temp\e59f2d2\common\css\jquery-ui.css

MD5 1ce4eb3e5153f4c9b93a3cfdf3ef2e77
SHA1 03b04e1e31c9c355e7caf71ba0ecb12e741d9aea
SHA256 95f4c300d84eedd0c43a30a1b6f0dfbbf7b8c47725511981e4cfe12dfaeb0e93
SHA512 75b272ef0d474be75aa19226a60a9c6d0370cfbd40276a274460391dbbe0350c17849aa21f375e46bacb7cf7cb3052be5862569f5a196e15b8ca49baa82436a8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 df1f329374a43d86c1d5f203ae3772fd
SHA1 f4f5ab99a2c991024a3b0f366aaf5f9868cffd87
SHA256 d0caefbb7eb52b697de886d67ec3932cd31f2a8a972714313c4c8c62151bdca2
SHA512 80e361eaf207a844feca8e9435c7787ffa925050eaa30d606e73b12b9a51102ae575ac33ee6cc76f14734c11053eaa91a7c941b2d71c2f263c000d92d9ac981c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 1d3ca14d5c809683a07fe5d3bd256ec7
SHA1 6b8071e940721467cd255fcbacb3ab4ac75c4d97
SHA256 4740316c0752ef16d0480dc3f7643b3b768f9e4214601f8e7e519bb685811f53
SHA512 a6d782a1ff1acca0f5cb5331b9c4e2d2fa152e811c4deef31816ce48992d86f429940b8008c1362080be227f523e31aecda96465e5801a2a5a2485a6879b14b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3dec69621fe413ec685615aab27322fe
SHA1 a6eebc159f3c10934b266a8ce765a0b2b6ac478e
SHA256 b72a707af3b0229f97d9d94e2937e5264a4ee7f19f72ce5731e7ea179b88f3f5
SHA512 f354d478fb8bd10b7586e441b3813d96ae688b8d74b6733c6fde9e250b2e434cea0c9849b42d902fa7a55dcf9974c6ae8c7ae016860e12d131ecefbcc2a16ce9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 36fa5118c94906792faf5cb18863e7f4
SHA1 e17a9a3e413dcfb78d82faf6b63b3786c86c5d89
SHA256 8ff8540ea6b9f492364b3e26c6c82ae5681f48a0d3159c576dbd4958d4467e00
SHA512 1d9c1bde68fa8b21c0ff51ea0be21aa5f2f090cfab3d390c3fabd85bc1fce786602297916b8076acea3d84c3c2568faa0dca238735de306f160fc4f47c077b75

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b1070b6bf83e22b97f35023a7bde962b
SHA1 8498402809790e4bc4717c2ce21589515830428c
SHA256 5448ca4c7a793dc40564174fbb92114e3504332b12981ee7067667b98695d84c
SHA512 87057c09cb15cf2cb22004f31c5c5c6e0022ba7dc3445b6e83f52ff132761e045e620ae990f18eeea051a6628f337efda0d81cf6edfa0c4fd4fa71dd518a64f0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 01280f230999fe15dc54f4162e1d3cc8
SHA1 e03fb0992489aad8a30219f1318144fdc3e4f9b5
SHA256 c06a9ac6b88ba51e0c7dc4a686533c47561c7ef4efb75e320d651ef92065d510
SHA512 3df1f2267d1acc8bf2f2af0ae48c4d18afa8a27da4aac6457d4492970647e87c82e2d71f4fab40e1256baade14b5c8c550e7fdda70d59fba76d87f07cece8681

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fbbc3b076556d40d_0

MD5 e76a8bbe8aba702cb64674298af50fc2
SHA1 2bac35488369bf19a0f267ce29349eee4907cb59
SHA256 088ca6e4e2da7806b9a773d2f0baa02caa7547443fb11e5dc4c789de2fed5281
SHA512 5335267ab6b6f96dba536f3b6708f010560bdeca240864dae59d849ae887ac6267171a90e1cdb0b63f1c8af670d1d44c559c9702d2b870eaad965cc2a5a1eec7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7cf9843337c39c04_0

MD5 16fea16f379feeef469cbb2b80fbeeeb
SHA1 9551dd2975a6402cd2bd8e19001b51632c9b1754
SHA256 bf173c2aa047540a6afcbb0d9567b908cc87d7af5455266981d937b2ef9224c1
SHA512 604fedb1970337618a19bfe2b3a513d251bfe12795dfb0205bcd38cabe75a0114503cea30491171c1f97f6db148c91db35cc5ab46093d1fdaa4a0722639fd320

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a37ad9a49149528a_0

MD5 8e0735d0c671b486fbb50ea9d2e18b20
SHA1 2ad6cf7378849ba809b246077344f99793041cdb
SHA256 954db4e83534fbb33584263dc3234ac28f36308217f358ac78385be940fe2e6c
SHA512 c6f3afbe6aa927570d0ab6e40dd3e3e651a39ed700f385b60022b002e3ca634b1e6a967f87c6a49f67860fad139676f3d76a672468fa481bd489de83a6da0226

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\635e64b37935c888_0

MD5 645514b0112a0424589053c805a503b3
SHA1 eb3e40eebd81ebbb7f01ab1e4c99a161efbd6071
SHA256 9719c3a0815a2c11c84f684be5d2d794b812b037035c851bf25c144006d22165
SHA512 78bc94dd18de9026517576d4607e5af57b592358f8bd33b5db5f4b2bd06e0ba91c87b47fe7e7121808ff86ace05e5c8b896df320e45d2db1292b5cbc2f949cba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ca5bb3c84b908d6e_0

MD5 7773f25fda3144ff3f551f7983f0179d
SHA1 1c4d9d709eaf6d219fe08b0371ff74a2decdcdb7
SHA256 427fb26eefc7ff7edbd247b44df24e84f391f484d8c13212124b9789037ef197
SHA512 32afed5ec4bd10e12be79ebd787f559fe9195527d3955ec4ec31c1b4c1fdd8ae2753ea856b5a766e28fc5fbbb72375fe606d070821b76489ff378fbd71314302

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\59fc8adf66a76ab9_0

MD5 11329a13e76486aee4cc2727f076fdab
SHA1 696584e14657f7f6be2108a3565f674711956fff
SHA256 d2407f1926cf5330c756171941f668bb6f269b91d9b0f7e56bfcf611a2e5c535
SHA512 eca4e13c0ebe281857dd8df9fed834f23463f75297698c258f05c67f75724338f530a99a965afb856c73dc878f75d34f47a506f8d98a7f88e35f0aa6b9eb1f79

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\718aba49c9504085_0

MD5 70a6962da971f58d65da174183497585
SHA1 12eb04e8a55c39e08c833231391c85b06ab7f2de
SHA256 be32adbe9dfc29a1c3319bc4a23525d09ad44be95f1340ac832cdcb6ac22ce9a
SHA512 03dcec6d0e791523e3b8487bd6748329b03df1427f076563dc12a294b7e4ed0a4b84918ca18ae9834e13479924234f0fb938c9682f1e16f22093190ef73601b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\99110e9a19c3c06d_0

MD5 eb9dfef041131428bfcd697a30bd159c
SHA1 3e7ae0fa6aac68d9b886305707e50c700a42d6fa
SHA256 b7aec2d3affe548e448ccf9753c023a673c8127bedebd06959ea39a85c2878fa
SHA512 0e731005278504846baaac8c09770606f6940d70c34addd820625cbabc120cb91cdf23e9f3933fcc278cb958e0c739de4927a1afb760e0cc93f1e288bab7e602

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5801d3329fb36c59_0

MD5 ebab7c874e64eecb609d3433d18cfa14
SHA1 106f1dd1d4e1fe9feba84d6eb6a5d9111a3d9517
SHA256 9ad56e1b6e33c67b267fabc723546962390bd152637d81bfb0b66da63f3f4fff
SHA512 2a32e9a8e493fdfc95c5557d35bcadbba68236eb7461bd8842d54bd09fa7a5c1bf977b92b13f2993ff104fbc610f4ccdf672228596dbb3f0628711f28dbcca07

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e372ed831f9bddcd_0

MD5 31d064daabebcc313029974934d659bb
SHA1 4982aea5afcba1e3c5a04ebcfe69b1c3d1153c69
SHA256 0478b811863c97b710bdf21d0fbe9cb09c44e03f1efdaccaa1068d4447f56963
SHA512 bee49ed767ee0fd019f4d96a7d4949bc03c36af69593e48998ffca42e2b5250a8c2ea6fd44b97804e9e72b8370692fb9c954eaded3efa75b6df43ba86ee7c2d0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\87bfea9426cb2ef3_0

MD5 5affbfc6a2ab6a268181415985773e56
SHA1 22682ab0d7a4fd281d294c06d041fa76bf089881
SHA256 14c702f83b612adc86adc870461c57a0b500659931ada2ecc333bbbc238241ee
SHA512 169a305dc231f3214b96b21739c868094b317178817b18dc800bb4a92186d96e0bb90abbc99bef58392487b8d87d46f427cbc4951658ef7fde73109ec5fa97b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\960f838b42b585c9_0

MD5 4b9f131770ad3e14ce95cdeac1ae4982
SHA1 945bed3c1ffe73dbddb81c998a513af927c2708a
SHA256 c1dc65bcef50453b3df03bcf95f4cdc2391344944a35982c0cefb1ffc6554d0e
SHA512 53a5cf8981671bb1b49705f2adfbc2c4ccaf89a5efd595f57ceae1659ea5726dc0d37c7d616813421be459680211ed465ea979b2abc00acc5eaad240f7262565

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e3d18be5d494e38e_0

MD5 51a7664f6708edde834c420496a9f8d5
SHA1 daf66d46e656bb36851fcda5849c2747d8be98da
SHA256 8ecea306b8879d8c366a678a829f5f1874c8b84bcea3e0e50daf0292696580b2
SHA512 02b8181858e0ad49c6d405b6924cba96bc4a095ae90f1cfa2203dc3c95d1ff6e43f0bd2327d587301d81dd21b7ce94e27b49f9764639b199e5673465b31210d8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cf8377183f2dfccb_0

MD5 3c83a088a453846af2a3579f455a4810
SHA1 9ca7714cb053d4128f935617e8f7e0a9762e2f02
SHA256 483058f5d5001e1730885949e3730130f22851caebd9c205539694c829dd07e2
SHA512 d3ba84642d3929b8ef30e9edff3b42a1559292d53565d42ba82e9223d22f230f6a7541aa24ff2dc3e9bcc67ad9679c220343028537fd627bdec60112716ec4e1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7203531d2183e26e1057fa95fbf8ac52
SHA1 49e9a1dfa19dba6f90ca90777c3a188eb9d8e44e
SHA256 2d60e14b67de5edc115cb8837415830818eb65881ed8b74c179398128b40a120
SHA512 5b6ebf7f48dfe485493e403496de9ad38470d7de945fa0b90734d3cbcd62f3710c87c759566231443ae5e957270a4dfe13ca5ba9a6ee302affd8c45afe1fadb9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 dab50043af7089760b55ccf9bfd34c04
SHA1 5211a7da9bfeff27338b4e867b06c5fd49da0e3f
SHA256 f8387213efce9ea66a9be576c40415e9d31b3ba97938d4a695e13a0f908542f5
SHA512 5bbf29bfea736bead6def4ecbabc83d7fa3bac65741c781cb6265cd21c4e3d537bbd4a985fa3af19f4cb770bfdf308b2d1f852d85d3ddff1695603a77171fed6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 b2e6dfd9d4e15c6e18e4e2d3d43406de
SHA1 5429e3ca36ce44b410900dad2b5f164e83c4bb31
SHA256 57e60c378bf7cc4e339f12129e717f7f4505c35048bd0c09ebe23021ecc2aae5
SHA512 c056932eff2b3e87405f80b6cf0a4020e4dd048bce3a685be9c680c4010f65497c43b0ccf5e6561a348c3b660a6f549c7a4615c68eab6017ebd06d053838717e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 5429d357a9b994e9496c3eb1c72325cc
SHA1 e406b144c7b84bc72a2e7f3530f34f2edd9bb438
SHA256 edf08f779136f4f10ee02b4d4dbeaab790a567a2b7620aecffc3436bb2b374a5
SHA512 bf0ffb29c21d6bf3682618c50d2cd3c4baa38adae6fb8be6c9266eed317e56ce4e27491c688f3444d1868cf72060e3a846a9752971d9252919166aeafa4501aa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000071

MD5 cde2c29ad189d5680bd7a4f3adcdc9fd
SHA1 2afe966fc2144b3f1975b896fd87abc56db73ea7
SHA256 7d8c34db0012ee9b462af03f103559cf5bb070980faf73eb956ac961e968a3c3
SHA512 01c3dbf660122f2804e7c6f05149c24e8923f1b5af1977b445d98465245f100584fce78da689f7608750624479af96a6557430030e026d3c31343fbe307b701d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000073

MD5 e840d01059e7d31e710f0dba6984a983
SHA1 81d91fede12d902bb9c255f2d66dfd6b9fe4c923
SHA256 c6e9e681bb8c0009f29aef9aedc8ebb13433844f9df839fb101e9126cef9f092
SHA512 f72a05dada2c43b9d3d02efb1fba4490e30251c453c63d11171d81b0f9709932d042177ce1c8dc247040f1084be35fd29ba47afcf931e5ee44c9c1c9fa62696b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\62f20db8aae8f96d_0

MD5 55df5fcd2b5b47580a1aa414026d81a5
SHA1 f7fa7895e55fdbe241980f0d1310c6d2c709dc17
SHA256 dbb5a56ae239e29a5add81313c4f01d2a5cb5537d9d7ce421747988ae6f2f22d
SHA512 d9069efdc4d4f1960d75c953b95c667f082ed84224f24f12abdbfc2ee277422e139c29a5de5bf2aaac01dba6aaba90d7d980d48ac5de73f6ebf2a4c767e2f323

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.187.39\MicrosoftEdgeUpdateSetup_X86_1.3.187.39.exe

MD5 1f744e1c802560affe8b308640b6ab67
SHA1 bbfecefdf891c11d573760d4dabdf86091463421
SHA256 fa7d8a8cae60ab620d2aa887de62039d2647e4f5c1c649d75f0f52e14ec11a99
SHA512 780440aa518397e52bb429b5a8e7697bf0096db0fe343cd40a541b60f34ad4976ef7fc2204737d296a8c1fbed2951496503dc50158d6455617c67483f87f3015

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4fa576a68edffafbc919b61cbf1b9d3d
SHA1 dd9ad7163ed82f6c6b1fc86c48dfac8178136528
SHA256 d8c1d8de761b9bd580cb0860831344e521f6399ffd94013c8dbe6ca463788349
SHA512 6a53ef6950b02af1a5d73cb2b5fa409bac20284347e3340000188249903c91e39284ae21a3c35035109dec81e45b0dea21da2363a7e73273019ecb1571fe4ee8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 817fe780fd6a9b0689f269da5dd300d5
SHA1 d25fb267ababd0aa267e4224a501dfab00cb8873
SHA256 88bbf30bc2b89cecee2b07694a2f48565c67f2c360826786b8f4a8791b5c7ebd
SHA512 2cb6f8fb68bb89f8a070b9b2f3ae1bb891c7570d8e26d82e83a34cc3eaa55241c6234a62c28a6ec7e93cf58e924b3b0643eff64aabea9979cdcbab7051447754

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e0fd862b69383f7aa646598a2e698b51
SHA1 4f162dbea1a9f7824ddf425b18d6ff73ecfbbcdb
SHA256 0ebf58bd686c9a40da611cbe701c33a1e1274aa0fb8b56609deed12e19917a8e
SHA512 6b22f6fac451a6da0b95d56bc3af39f38f04db83ac1c573a8e8fde42e43c4780c9fb39761b033598df43445cbb7398d22e78401e2fe155da5523ff03ca169628

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 44dbb696d10e28e4d488ad70b94ee748
SHA1 53dfe0fb1508c5357be6a7dd754014dbe1a563cf
SHA256 75ab19d44292281a8b53bdaf1283a5369d87c616e8e19a802b22e2dec34f0586
SHA512 88c37e3e470b1f0bdf0b50068cb032555c0c1c16b17458c6bff1e13605204ac759b33165dcce5e359b7b833977aefcb40566aab421b82da19a5ea21ad5de70dd

C:\Users\Admin\Downloads\Unconfirmed 741391.crdownload

MD5 8515170956d36ef9da3082a7c22e8213
SHA1 66c835bdf217d1ceb2d73f7b8b27d7ccca212b38
SHA256 1ea62e6b152e4b7dbadf45289e04bf4ea7431c7928a9b3c6ba5e4c06fe368085
SHA512 d462bed332c2e60d3815d6542013d56c58ffbf063aafe4f255dbe83b6e48e2b2f29b0063febd6c04a7e6721e149c727a3c2e8e0704807e2ce4c5bf98e5dbd423

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c87a9d752e24a9a0dbe21d51fde56c99
SHA1 9a69c8a480ea564c38d512a8de28c91020d8e722
SHA256 d2f1ca46ab68e7c2908f106d00035f541f74bedd4e88fc3c7a9934fe2b8b9e1a
SHA512 db07010fd0b2426b551cb6e5768a663febe60f9b34e88df7e99da34800ea798b8b478c7ab88481d04a0df3d960d309ca6dfacca28128693ca320a297abdc8984

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 e2a0d84843e90874da906448fb99fd72
SHA1 8c16a7266493cec9495fcf279b4db00201491539
SHA256 10277d4865075bd4a28e903036132df0d81c7222bf7ac1053a27e00015238939
SHA512 a6ca893e48ed733ed6d8b753f08d6e1626714befd8ceb8d22050a2eff67775115599b498db15a1b00aa045bc4fed496ce7c928ee370038107b35ebced940c4e5

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{1FAB8CFE-9860-415C-A6CA-AA7D12021940}\2.0.0.34\BGAUpdate.exe

MD5 b295734487a4c3c8b279da7565a87194
SHA1 9941f86afbf3dfaf0e8f643d6cd9c0dd2ac8ed72
SHA256 7f302dea245ab8248b0f435cfdfd281ad2341d90e90540a8357ef13e69792ef9
SHA512 ea81d0d294ca8a41e3dbb503793c6724bb813c17a604453f66f4345d45ad5af6eef75a68ede3602f9837dd1f9e9640021ab8740950c52c36a523684e9edee208

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1B61CBDD-459C-418D-A5B1-AB9253DE0FE2}\EDGEMITMP_39D3D.tmp\SETUP.EX_

MD5 c5d1aab9d094b8e7663ee0dc484d5d77
SHA1 4b93a6e831a1a46fe2fa23bea018ae6ebc50a426
SHA256 2fabb54b397903447b593797f790b7712ff88b29caf6bba56935d923759ca800
SHA512 c97c168f546adf0871ed1bfe6e236fdb36ec51db89f41a14c81547a0552f6627d0891dd35d8906d708ef1a18504dbd2455c20a034cb2b5e7a341322ab7d39a84

C:\Users\Admin\AppData\Local\Temp\7zO80260323\krnl.exe

MD5 fb3a52d1045b1a0298668f2d77680306
SHA1 e16d5085977f1b895b7b2a046570b2da474add86
SHA256 8869c44219364f911548cb18da0cc6413b3277d3a8a8df18d0a521b558830d6e
SHA512 e19ce4c86ef8bf2ab25b4da67bf83acef5a8e688abfd3f96e8dec8169ce410c833df7685b6fb0b7489cf90ca51c56cd7264e8b2a94865aea5e5dacd4c5b7f44f

memory/5864-4728-0x0000000000FF0000-0x0000000001126000-memory.dmp

memory/5864-4729-0x00000000060F0000-0x0000000006694000-memory.dmp

memory/5864-4730-0x0000000005B40000-0x0000000005BD2000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\10c6494adcdcc0b3_0

MD5 192bf7c56fe4b1c95d94407f38041225
SHA1 cafe0b3eccb13452c59b752a892a226e09ea9c7e
SHA256 3f1216ca96b747e75a16fd1a2c718d83b78b546b907d87a02eb3529e580cd9ac
SHA512 889421be0dafabe16ff59d5fb0cedc9ab9360263a8a5cbabe7467a9def413fa1b0cc099a05ff70d3ab25a0b2724099e96a2ed404acc1d17a77e7b507a7c17605

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cc2f0fedd3e9608a_0

MD5 70f113dec4b1a9d2d54c261615176c7e
SHA1 8f7f9b2572bea5a71d034ce0c3171aa11ad8b345
SHA256 530eb419b24d1d7657f0767620ad760eee8fae3bb863fca511776b4a8334ae8f
SHA512 9d6d12f082028588b5468ac11060f83102b8bce62199e7713caba8ba9a3e7af6c2a008be8bc86e3aa6971c604dbb0bb8454517bac3e868804a4586e1603b0e0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 169a3d03b38c91a581d39114e2384426
SHA1 fb893e05e54825840e0a76ed90e4dbb7c61a4c0d
SHA256 465a4e6d67051cda37e9d11ef17650de58ad26ac638dd0cc5debba658e8cd3b1
SHA512 d8833a89bcd72ca00536e12871dfc7ed8ef5cf90426967b8dfb751830df78a54b7c725ecf6721b036a7ef4f1fece43964525e3ddd7beb138db7bb1a844961ec7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\f56bfb986dc43b7d725c421f76f49d3c8fb9acfd\index.txt

MD5 6f07ee1acee8c1f298d2eb08c59992d3
SHA1 4bd3e69eda46888e3dd2e7c6e7025597c05aa42a
SHA256 d45ff70eca8528dbb53a57144221f74301f792d5625ad95edbf87cda8af77a70
SHA512 22b4c6255d5e2b040b3587219f023b58d39d2bf7dac438f4c9e5f2d237cb920f1f47d8f0f060acf05797b49152060befd81cd32fbffa3e44bc9fddeb22e679a5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\f56bfb986dc43b7d725c421f76f49d3c8fb9acfd\index.txt~RFe652c7a.TMP

MD5 721c1c1819d723815d0c6b8a9178e797
SHA1 2d9c77e1eec95eebe49eca0be43c74100cbe1b17
SHA256 fac16dc34d6d56a009b6c30afab04e573ae33109a45126fa121e4f2722a2685a
SHA512 446127308e14f48388bf1d530b39cd711fab7dafd7f17dde78c24db74ce6706af95795c23a2f8e62a7d3f0d037e1ffd06a983b6e2e74012cfb10f68441d29689

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2845b4afdd3002ab49861b055a0c3b32
SHA1 5a46b547a12c7a3b52ab873244e100f06b446a2d
SHA256 7eafd7aee86c7732c5439664be75a76a45d3dc9bcfdd70e993093f9b250503a7
SHA512 ca94da30e70a45f0a4895f26c440ad2b2619127434063a2043b7d65d80da14de940fa79445af6059a34d6574f6b61100028b5e6f9e8ec869934e7dc62cec9f2e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9a3d2ea71be243c31c60d21d0062d19c
SHA1 297469dc0aa9c3ee790b5c9955e8e6a043573125
SHA256 dbae2b08846b7dd09ca48e7ac9243b6fb6b67cfadc19b144d013fe5733293393
SHA512 8c9911f1db2f673cc190cc2761343b66e49adbc70b7302f25378e738abc023d8f4e415822779e0dbc1f3f2051a9e6a3f974459f2bb15fca089ec4cc44eae5b59

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\f56bfb986dc43b7d725c421f76f49d3c8fb9acfd\9084da2c-7c4f-4e8d-8221-9d1243932457\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 92a0b0f5fe8d80209f71ef08a2781ded
SHA1 f8a19969e8c5fc95bbfa9ce6ce4acd388732be6b
SHA256 7731b1ef38bf843c8cc758fbfddcd5519ec92b937201d4d5f064c18b613c6799
SHA512 ac4ef989385db30ae7f9fc994e0b6d10c75ca0834c99816fccbaad33e3cf4543b46291d0668f404b8a48ddf76bbedee5fab3dc8ffae445a09b1ca3cd123f30da

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\f56bfb986dc43b7d725c421f76f49d3c8fb9acfd\index.txt

MD5 b637cceb2f98f74052a31904930835e9
SHA1 fa9cb8a1fe452b67b6e91efff891e119930eb37b
SHA256 cd6829e2ae607c750e263e059286c9cc95789e862abf54caf54ad86fef35d8d5
SHA512 547656c373ad5038e3982a89589d5597d332267dcc5349def9a688e881b65c51cb819a948a5e705d05faac1ddf2b98d18343a74e39c38d57a4ade592d900299a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c4

MD5 7c89a6664a8738a90f30f9610f76ec3c
SHA1 2a435f7fdfe7f677dbbab3c4a03658f0dbe99398
SHA256 3103896f5c941473afa33af237ec4ddfa4840e9cc69f3ce82c2abee769e91d1c
SHA512 7546f93afd47c92d061b15ee0ab18706911bceaa041257ce67bd24fd97f2b44c6151b0fb32f5ab28a3bd7cdee42c1d7470aaa6bdaa651596fd5e0093b5a5bbc9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c6

MD5 00cb15dd0b5a99d219dea7a7e1f58499
SHA1 1e4895afacff1939289e3a70ced6636fbf902542
SHA256 a919b203fc48d2bd0b12c4bc594e801d522ae335470f3c172086fca1c0f05c3f
SHA512 63451e3dd9784319af9ffefda5ffc1c671cdc174f5ef07ece2c85ba2416af1d6226418b142dfaa87b38aa7b298957c0fa9b3d2cb30cc2ad3b7d82b9fb264de9c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000e9

MD5 9196e81f8ed7f223d765423c1f9bc8a7
SHA1 88f9d5c2a6908cf36b8daae803578ca9e1fd2929
SHA256 a4e2bcf7ef3c6c614c2142d3c1fd44caac4eafa86a1779ac31cba164e2d89cbe
SHA512 e7d23866fcac017762d2e2f18597124e9147f458d30038f78ba9f3a2bcbe479fe4792573894370ce2d6f93a00401231d9f01955fde351ff982a82ba87a8241f8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000d8

MD5 41caba792bd0815c50d2586663a2f6e9
SHA1 8ba297073f4502b840d2c5f0a24ba9d515e2dd84
SHA256 8dcaaaa16bd33e6cfe7af170332ce93febfc6e8e7d1600d1465732e4405e08a3
SHA512 0a8753df627984de1cbde85ab8b8fbaf49f9b76a5728675eb7973a0f072d31f00a4b6df1b9a459d3bc6405ff92a70acf9d1b5393daa0c1a0d34742800cc9c9af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000d9

MD5 acf1dc9faa4b4e9a0905beec0cb45faa
SHA1 3ee483bc33ec281bd6c14ebcc675453ec449b3bd
SHA256 63f8da31eda1af17ff273e0622ad2ce0fed91f2a14dae6a023deaed4e2863a87
SHA512 e5662878b84a06387dcee750f9b2045b42114a3c16bc981ed99a93f261260ee8f75727cac06cfd1a4406e02976985e30910deda8d9e6151391d7586d1c3ec88d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000db

MD5 02826c1939a448a3adf4618059f1c9b0
SHA1 5b826e6c56338e152d2361de65059528ab01a7f7
SHA256 aa6e360de2cfcffa71eca5cef40b8c2259370d0926e6ef9baabd3c22224bab53
SHA512 dfa8f6c54ff9b62a26d577470c9228c82d5c1b73b962008111a62b81c7823ca444f784a997777ecd9acfe1f3d7b023a733cfc181ba7d6b8b2068de6959c21977

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000da

MD5 bdb44d498ebff196c9b89546565791d4
SHA1 b8db08f303efd46d0bb94289d2ae4e0f97dee07c
SHA256 a545f8661b6d68eba2f819a1a7a9a1d97751e44ad77f3701abba11ba08be43de
SHA512 3b67d824b74aed0785cf0ace91b20807258c38c309cb915a67707117df166dc136ea40a69535cfdb38bcc91312f66d714a2ce7cc4615aaccc6ed210db2b2ee02

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000dc

MD5 136449cd8d019215ad3902c3d0afd955
SHA1 01a3fb11c20ec1b5bf3cbe3020aa3319bf5f2300
SHA256 a1498544b1c84ca6025c0f6f8ae95add55df8b9d2cb45e39ea6169a540ea6bbc
SHA512 c8f78aab144c0863b53de2278e719297105843edb58f31db973c65c51aba994d676882c5d24598004747689b69752289480a055321cc8059b6d432f784f5f858

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000df

MD5 56bb0afe1d9542c3318632b0df86dad3
SHA1 d31d5c6f4a34a47478fa84baaadca9cf02d80ab5
SHA256 7daca58f972767731903603af4ffbe98b391d4697c3dcbf39a6e7baa750b138a
SHA512 59d80fed5b17b2cc1890d9c1d2aadce398427eaa1926d0053520167f0df519f34cd2f2ab9c6c15f4efee7613da03016f5855e6a5347253b8debd221ec4b4df10

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000de

MD5 d721420db7c11543a73d35a8a3b64886
SHA1 a12a833b3214a87a50da8a7f51159c92bafba9d5
SHA256 313c7d95d8c0cdf1f6a58953b449c6cdcac9ed8a3f28991bf812c00eedc64bab
SHA512 6d06a7439daa59a3cc50890dd0b2f231a1c0a1d2eab50197a4e44071bc964b099ac906d45441a35ea8b49cea1c50efd67a11de83cf5b0a7339bc72203fc223f0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000dd

MD5 018fd38ea157116fc5f619f12db9fdb2
SHA1 5e4899d22360454ea36098bc9f044eea0d3f7860
SHA256 711fc01f72ba75810e52e842061fad1892bc57f254a2d1a2564072328b55cf41
SHA512 4ebe949866029298efde7634bddc66e641c1084933fa9cf8b23f687e6dbb85cabf2e180c873cceac2c04a345d7712823229c1441f93683cf736c21cd40c9eb8a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000e0

MD5 945f3dee3fd2dd895f94c42dc9d756cd
SHA1 7a32374ac081deb8464e0956d7b5c5b7432559cd
SHA256 53bd9aebc675f451c938761a920db16821ec8f1babad9f3ef5d9c23265b310d1
SHA512 f9a453071a5bd6d14ce9a475c95ae391e677490994db723e23bcdd970be5eacd712ec097b8eceaac00d229f9f614125813e3ba1c0689045dc94335620d0d0398

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000e1

MD5 29506a810bde2b882fc5f24be19c0951
SHA1 ba1798c0d2d9d7836575937aa80427c98aaa4686
SHA256 101e40286238188ef176475764420a10c9f3f03565ca894fa568c8a8f255e93e
SHA512 d2fcb39cb9731689894ffd2017f1cb5848684d14b44634b56a2b77d520acc7fa8e19763429c5119d0a8f0fabde4f87e8718a26956f9d9c89bc735f79d8450d04

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000e2

MD5 2b2d85e5cdebd57bbf1872834a4e62ac
SHA1 0f0200db968e8b184a04544688e620eb9d1db8e4
SHA256 0d47649afcebba59d6297b8803355f6576b82306803f072a54415efb9ac1cfb4
SHA512 7ba7f344a3fe51c4e642b3e3da0e33284923237161dc82bf7ee1a7e9bab4eb36d9912e8508a6217d182d4322bb4b7e0764455269b504619b92af0ae2bab55af8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000e4

MD5 1b7ac631e480d5308443e58ad1392c3d
SHA1 95f148383063ad9a5dff765373a78ce219d94cd7
SHA256 7fb66071ac6c7cfff583072c47bc255706222c2a4672c75400893f4993c31738
SHA512 15134314dfd36247db86f9b3d4dcb637e162f8fd87c0ce73492ffdb73a87492fc80330655617f165dd969812ed2ebcc42503f632d757bb89ba9116137882119d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000e3

MD5 cb25f12e129868062fa9037f875d57fe
SHA1 4af18abee73ee66405db75d2b5486143a19f0988
SHA256 09f9da6dcabef6ef5733b681d82ba60099e9238a029cc180153a361d5fdb4faa
SHA512 898e34f15040f4430f444f451161130b3b4a3b0d6ae445702092dfe4b6b0818148a2e3e6d4ce8ab73d02b55fb062ef99ebeddec0b33464ebe0d7807b2a244280

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 13f5692b813a09ada644a333689b72b8
SHA1 4960e3af8f3a05beef0b22d58eb497dac54b8a06
SHA256 b9e3fb86e3f8565803af8f93ff57ee1c98f930809ec9463e9cd3681f1452cda9
SHA512 619891073b3662056a9d12fa69c802fbe38811eee433e7dedbafd0c799bf566d29c4d35dcc2db718dbb9b45e924ee9818159de3655987964bf634fb63f4ed448

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 bdce13618fca4cc5308ab33a14d97a46
SHA1 5eb146894fde7d67e771592a6fb3f4051388a694
SHA256 729b77371c378471a6f087c5b1f3c263913abff3faf6de706235d90cc492f981
SHA512 b39491e1e45011aa837abd2f1d67b3133bbdc13ad68b486bac339fa176bba6ec907e897210fb3afca02c708f6ceb3b4e8dd8b5cc64579e4c3b1d1bb3ebf42ec8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\f56bfb986dc43b7d725c421f76f49d3c8fb9acfd\fb83c33c-9f6b-4b22-9cac-324b945c12df\index-dir\the-real-index

MD5 46baea48c62e4740281dc94531ba593d
SHA1 8ddc8ee566a67134da1d0254bbf2e42cb37f0e51
SHA256 74e6a41b9b345aab0d6e2d5963bcc9a16df28e337705ffe5a92a8064bbff01d0
SHA512 b1478dbae3c8cf6eaa551b633d30c54ae7fd9fee84d7dec3624c19ed8c2b81c619121bea07c8f8e99984c6225230ef62f04c2489e35acc1ed4351dd315dac4b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\f56bfb986dc43b7d725c421f76f49d3c8fb9acfd\9084da2c-7c4f-4e8d-8221-9d1243932457\index-dir\the-real-index

MD5 5ad1fe9bfbbeba4faab5ae2233008568
SHA1 4122ea61ec2584c81a643a14d8470359f229dd82
SHA256 eabeff2ffc25305340819ccc319082b93edce3f75152967af4d11f0f04ff8ed9
SHA512 f0bd4cf4c82a9b0fe1787866f2970bf987db9435f8190b5b1a6e9bface4e982a579388b355eaba7e0a84238f135be7f690752270b95a2bc7c1d7fc023d710f16

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\895b27c949e476cf_0

MD5 127022c71e0ba42093e3ab3c7ed9668a
SHA1 7e280c24199da2627094004435b0166835bda0f8
SHA256 dc6ac007c9e4ffb407e2733cf29420134008ae9de78f541d5fa61c18f8bb15f3
SHA512 03f8f22ba3d144e6efe7e7c9f90cbaae2bfc81605a3196dbfdf554b6fc1d026ab56ffae5ba0e2591515410463aafcefc5bc7ca789bb732600b1f2db3643ee99f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 44affeb966f3dbe289b9ac168354c5fe
SHA1 72d26ed1521502c5f06432cef979dcd26af9826d
SHA256 e644e7e9fa35cdba308c6c30b8f5534f889a6c94bd9e9c29fbce3bdc96e1385f
SHA512 94db1683ceb010f2619edd938c85bc4094f8e72461f4a17fd7d1a8ee4f022762cd2c7e0de87e90f77c3009b305a91cb6c659fa8acf55ebc2defd041c05ab48e9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 69d64bf0618ba6619cab4cb165716dbe
SHA1 35d9673a5b061d78de42526cb16c41a9d08c704a
SHA256 807997f971ab53015fe79d06e7fd9dac3df6450a0231e3216e7a5c1934c0cf98
SHA512 d7eb6abd1f15dfe71b234020e3d0b321a870c709c9d6e2b4863379676307384bbe4a74a1d09d17cab2ad6f16632f3c8852d15d9a3e255094f59f1f0576058686

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.xbox.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000112

MD5 7a723eb0789bc612dea69ecc399575a4
SHA1 38555113d5b5d700ccbd46fe48a98e69a712ddf8
SHA256 86363d63c22528e37b0d7cd9a9c60becdc0375ec99e06eb803c1e63a88c1a6a9
SHA512 6249492be70dfdd43ee7b40bebca8b250394bcf3af99c0bc46a9e786be5500fcc1366cb98d622ea5aabe5b9dff12259949f6add6bf876dce8e4a2cb3e22d0226

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000117

MD5 258521212f17ad5f7d760422a7026c45
SHA1 8e99deccfe470d4df129f92a5ce83dc509fb0c47
SHA256 8e8e28425eb3c50222a3ba530ca879eddff84d66ad48b37b6310067841c4a006
SHA512 9f7ae85d76d70c1d112f7cbd2b802a4649edeb7f09d9303e9819de4fca9c3da3cbfcf157a3fe23654e694544f9092f029dfbe87188c283aff802442abe27e2fb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000114

MD5 fb14a4bcd5a5c837f48facd9ce48f363
SHA1 bdb7d816ed74d98f5fe0495a998b61726d9ccc98
SHA256 1368b7c4ccfb06cc842ef1adfa7ddc71de4be5ade8949d345ce8cb08f21ccd60
SHA512 4d89f8dd57494669ddf10540b6400f8b4b3fb4c5bc272b1437641832f370b50a8d2a8f216eaa219a139ca0f3519a37547841aadf657bba441c96a0f4968ab760

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000113

MD5 8e26be3b8109bcb804518b8d7a59c3de
SHA1 41960ddafcfb1e18172cb970ab520709b0401b22
SHA256 71c8ee69f30af98b9ba0f1a229fc661598ce17da6d872f72981e63d6f70ec6ac
SHA512 2216eb5949a6602f7c4d9221255ceda0efa5b58b564bf823eafe94ec382a60521c4f261eaffc6615670c26633e2a7d4b6e1e1fc0ae83bef0c2764696631192a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000111

MD5 e5858e7e8fe11689c56d4c4adddc4b56
SHA1 ac8f51862bc8936f5183745b942cb0d6d0474833
SHA256 171f30e14a56c19b773db8b506448c6afd94292aa5500f8ad90b3d1476ca6e29
SHA512 93ff761ef61ca8bc24f66c7f2a79db36a80a47e852d3f4a12f8a778c0ba4c8b218bbe1ca05f2bef168be12a768bf1b8897ee6effbcad89dc35e6ab66789d1cf3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000116

MD5 5009982b60a0f93eac4c1728e5ca17e2
SHA1 c0f932d333b91a4b971a52ce88bc96320745064f
SHA256 2ffc0ec332938cbce14008ab246c3d918800189aece932e92bedd8adb8332fe8
SHA512 401dd0a45c177130628787b92a17642783d27b1a977833af4110d81cbf2572a159a371beb473baa07ad38ac8297551aadadd2ebb80401a73acd580fdc03964aa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00011d

MD5 e51f388b62281af5b4a9193cce419941
SHA1 364f3d737462b7fd063107fe2c580fdb9781a45a
SHA256 348404a68791474349e35bd7d1980abcbf06db85132286e45ad4f204d10b5f2c
SHA512 1755816c26d013d7b610bab515200b0f1f2bd2be0c4a8a099c3f8aff2d898882fd3bcf1163d0378916f4c5c24222df5dd7b18df0c8e5bf2a0ebef891215f148e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000118

MD5 364355c4403dd8743640bfe8722807ba
SHA1 e309e1b0ee5c1351120ba067158fbd9f0080bc00
SHA256 67e3745592aa4d48931d0dc052c9d73addea8a27112b76180a9c1d2863612ddb
SHA512 be58bfdb178179a19204e0e658663f0b6629ff32048ccd2ea0d4fd139d81a3d5485d27271b83d1fcee8e26deb1b92cc2d536c71f00c28a38dc0e31864c79662b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000125

MD5 614501989c803aa1b3bca18c49ae4b60
SHA1 e52fda72fc858673975071d3bb7e7082f4279d34
SHA256 8b8a2d6f84d9f3629541452b8d65cc0892c8d7fafc14aa59ec96bb6582a95a4f
SHA512 0dfc6f83674b81272e6b11e827686742b2decbf1c161e90b75a9bd406b3ba840034346f629b18be3f544af4c7c705ad6a259bb327fc805d188fe66568cd062a9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000128

MD5 f1fe547a0cc1412b2d39c40af1ce2166
SHA1 8ef42e31b900214ffab60ca67c481a7747e7365f
SHA256 9bc7c1ffc548f8c692938d5e1db3fdd04901ebac477c1cc5fe5c74fe17e0424b
SHA512 de9d1485374b6caf3eb3a2c5d26b87cbe20f20efd72107b28dff2518b5c4ebde0a7d32692633e2f839fdddc09cd6d74e977379b4168a6118a1c969b786639229

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00012a

MD5 4985ba523fa0de3e916f75b8e0ee7609
SHA1 a7ecd8ef9f80bc16d08d164477baf7cd54319e71
SHA256 2a9aba6f8eef7fbb87f856b671c5e0d1acd9fe3abbb2ef5b591335020f215e05
SHA512 97d1b1753483c4c06a421316cfb54246b6e296034ff7a54fdc579db781568e26961989aa55f9060fe99c015aba1141a3b5b2dd6ed7a2c25d6c7735ab82353c35

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00012d

MD5 190327d5681cfece13c8871b3eaf5cc0
SHA1 880fba27d8ce1454ab6cfd24df1e0596e06fffec
SHA256 889521ae7eff9c64674d6604224f857ec9149bf7e410e55f37432dce65a61620
SHA512 06a994b93b93adf3b5516f9aa3abe7a6c7b9cbad3fb13a02830f32ca562ea7f9b735a7bc3bc092d29d5d19431600c13443742380b7b006e9709fddf431fb47c2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00012c

MD5 c67190f9f45b480fb0508fdf6d9b3ef4
SHA1 4d814ae88fb28da01fbd7c93925bc8c56d888741
SHA256 1d967aae8b32956f852facac63015593469559bdd76177fbca130c0d0637bd21
SHA512 0099c85e8b4bdb56770208bd7151d03de77c59b2d4d6e18277b42e7c167878f125b4acf1043a83881c89efe5cf42623d9c13b6685f47db36f2985f7336f15bbb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00012b

MD5 3b97a5b8d862a0b9f077704739defeef
SHA1 5b8603d83134bb1bf073baea30541804d3ea10ff
SHA256 14496be0ed83e8b74a8534ca80325f3082fa64c4985edf7c5a12bc1d59427b0e
SHA512 1b56af76a9afeb924bc2dd21efeec970542303e3192c12640fdd964356b7b6ab5157d8bf407f88236091d4e721d9fce0321c7d58e5f3b12260c9ad998714f7e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000129

MD5 dbf465d7f73d2c3fca3842114d5fff11
SHA1 019d2d77f66dba32055167589b3f35bf512c877d
SHA256 66201f89668fc51364981756fa5b27e75ff3aba96ae6880464ce1de247d11bed
SHA512 ef4825efe8bb1f8c7c33fe4f3006de14e5550aafe2fd75406ce3ac71d379754cf26ca84c7c5e8d95b7ec19e376bec90f67fe8edced15adc63236f79a1efb5feb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000127

MD5 75670a0b354239f44b97c1282773b113
SHA1 f6cdbdf65178722e89060cd62599902a6fa8ff8b
SHA256 ccebc129cdf276ccf09fdb47ab5b52fd9060f30da6489e4e66c8baa36f613724
SHA512 a5f5c21cdad9ed4e3f1eb11b20c56d46e802dd111ab027510b91d0edb6392900235f0887f864537051ee853a16150272048b57253b7b5017f980fc45bc7b375a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00012f

MD5 a77958ac73305f4d37b106fdaf786485
SHA1 b4f9c3bf2306b43bdbfb7cb2be432c16009a4bb7
SHA256 7596e8f4697fed1ac6bba59c3187f0342a496a44dbca11d6cec99ed5632d78e1
SHA512 2305da3e42e09098b924f15af75721454d8a319f6c7adb69f79db1db6d7eea87cf2a3af50a5f173484e5e79b3da3ae51d469e6b0764c1c179f800e49bacf11cf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000131

MD5 ee35b4424088242bc4d69f920725c5f7
SHA1 0501812c06920831e9a3ef61f65ed2e5f2a18982
SHA256 3acf17e4ce850c87e8299aa85866c0bf19f94b2e3efdc36e3b29873c9c5a9021
SHA512 47354f383ee8fcb689fba08e9b4274557e35c29c8e1f287829ba487c90583f0aedc9647f81a8cd176e8f96ff2ecfbe246aaab02feff844d64bf2fdc79370b054

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00012e

MD5 abb7c45654dca113d9f23515303ec23b
SHA1 c80127286490154f447a01774cc745756dc1028c
SHA256 cafce1ffe3a78aac52410028e63a7fb83c34669a6bafcc630e070b49a7f8b9be
SHA512 8196e889820cb43dc2f95554f9feb1b36eb811509a687d2cde1ca5ca49c950580aa31298bc8bb09c3d0260bf71f426af5d42b5714ff8488b0443c0c38ee2848d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000130

MD5 5aa47c83d58cc9289c112604fc728b05
SHA1 7cca9f0e1fefcf5b02ddbc01db233a8bf3f2cf13
SHA256 00573ccbbea385b38d055f82e73fce5c2e47970e51dcbc0c3f73e4881c187b44
SHA512 36eaaf68865629ce2cc47c758c078f28fcc58bef344c925714095c0c0dd6a82c6e22bed83c1e4758e5530656d214e8feeaad1c480a55ebfcd2b59b21fd12b49d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000132

MD5 eacc20a8b2fa837c89ce7d845656444b
SHA1 118d03fce8bb8321e92cc31cb718ff15f3a2435b
SHA256 0560545e13560fefa7a7abd62f7f168834ff1630f44ea19d40d61a582a7f9a64
SHA512 37dbc1f504005c52be4d136629772e322e48cb7ea5b42d82459477716a6312f2221951f94a456625b31641f7e920ca8a4cf46807281504c91b43fb9a479f544e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000126

MD5 0b5caad5ee22e1ddb5a5c9c3afeefd43
SHA1 3129d4fa57d60e7d2ca0a653e68c939d0dc243ae
SHA256 63ef3bf88c2dd669fe90db91a3b869d751f6264f87ba92bd39da45dc98ce84f5
SHA512 ea2aa323ac4f730609183860f5ff6d7cb5aff6700c63b7579ffc2650dea475287a714304cfe38f0174778bc47db1022e71d2c4b1a5986f28bd75c972d64cdc5e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000eb

MD5 c215407e07633beac197f545af81b25f
SHA1 6f41fee46b7b1e243029bece850d2cf5d0b23e48
SHA256 073a79bd81b3c14de6bdd00be014f07ab744dfc988388ebb0bcd853efd363aa1
SHA512 c5a65b6b488be6aca39735febe426a77c3efae370b26886cea6a92a288440baba5e8be8d743261d1d186149f2e8313ef400b14d8a6fac51a1009195138b94d79

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d9d1346c9d3916ad_0

MD5 d631fcb0447af96782a3f29cf866afca
SHA1 19670ccffa85d7004992710039014c5fa20b0d22
SHA256 878f5cd6da93e5d142c9e8c178bdc9c789de6b81e2f505af04cfc3db171bc843
SHA512 795745be98d4ecf7a25973572e96b0d77428b3fc61f4e2785e3fb1f70175c606c0c0f0a53278d4df2473d0b526d8895fbc344d4c9652dbbbc95eba164579492a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\794be9c79cbc46c7_0

MD5 b8b5d7dba02827e70247778196f16f7a
SHA1 0abb12153113140a039e0686f05fa5b70ff118e0
SHA256 de0d34a561c3fed656e1141e913217f429db9e913cb2c82a8eeb66ab1a1ffc82
SHA512 78eba596f4ada3f5055aaafe5ab483d17a573d013b33119fff6eba3fa93e4d7337628c8faa67fcf99b9ad1a2955d80bcd34d3428a2f413c48b2943d88b470da0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0b22b13cebbb430f_0

MD5 6d51fe126abc5f8d6d8d4dfd57c045af
SHA1 8451a434bdb24a7a82bd4430184ec1fedda60076
SHA256 5646124b826ec0edaaedd97ab37cd02f42a57860f4d0c0a7e0158eb24a50ce53
SHA512 855c09ae8925072bd8c197d6e58215b764c9f53b80e4285f8ffc1f7b87578bd42c4bf828187d3c560c6bb58bd2ccf0295a480d2e2fb8acc3c33427eeccddbcdd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\44bba88c51a6b033_0

MD5 4e12f4137fa8313a92e3e9f56b169c80
SHA1 5528793d66b0fdf44741b82c8d6b055d003070d4
SHA256 7937a4ebb9da4837010677263bdbb46cfbeeba7235a25c3f23622271dbb97689
SHA512 a83f188d4d4ee129a392b6153c164da96f3b9b9a4c6c2502c6f9ff21a7c4a383c99bc81a6eabc6ba3d1b342233a9acd0299afb4912b6327f485fd96f2c0b3f3b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a2ece3508f14b90c_0

MD5 01c1a9d580a60f0e9652e31ae2d0d9cc
SHA1 143c8211be6e3f1f66ad96a1e4871e9b350c5e7b
SHA256 9f06d639f340b5a21e06f09f4a5c884d69a00903d0aae40fad465e17ac32e534
SHA512 521b914d2e3cbbf031cda11664fff04488d35999ce04e69b366af26eaec4c2ac5e1c67ae65b5f34100e48712e26c7e5457b33fc484f25db5695e470082e8b58f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\24c0bff84850838b_0

MD5 1fdb69d61f87f1e19e8b899f6b3fb6eb
SHA1 4ab267fac4ead08a1d294b8be3c184fb36b4c4d6
SHA256 588ceedba5808ced174edf0747fc35c706a0511af02486f05ac84b4eaad634f6
SHA512 29ff14f36094d3908da264432242f6de510f932f3794e197ef66de782d6b7dde1280fb995f0453dffbb5e4fb901b865fa47678d32a1c8726ff6ffbe56d374456

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4365261b30f6977e_0

MD5 4014ed5d90544494bf8a64cb6190506a
SHA1 7824d96ee0185b81a4b6a2f8a771abbfdad68a4c
SHA256 5290c4ad699ae9e07ce0b94abc5cc403c6aa64612818a177b197a42887c8cca3
SHA512 edf3d521a83dc929d11ca5e8f79310ee50cd6ea03ec41555d18a5bc446afab2d915b9a9f93f2a37072739b3ffbb1bd3ddadbb1edddea79c500b4ca991d070865

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\761038014fc571a0_0

MD5 6cee4802e2ad5cb7a7bcc6fc8edae93b
SHA1 3999f37ef87fb463ecbe699b8bd2f7643e200121
SHA256 1edefb3addcc50d82df84885ae88d0081a1aefa6e4b0956d9706cd3685eec614
SHA512 d6ff56f78b35a30b59cfa0d8c028cee85aac157d114ba5a38fac1ba9b35ca5432cf285624eb89a07672b28804d5f4985bd8240b83c4ef9a11de35861b039c964

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ef3ea9980aa9e624_0

MD5 05efbd9f853c2797266c9274c03a5924
SHA1 fbc481a42bd7bb559fe05695391f20a66ebc811f
SHA256 c9a1b7cefa61ceba1658638dee940158b44308a3f290915feef012cd596ea9a1
SHA512 f434a29c2d28a3e9677cadc0dd94394c008052424d168b022a075b4c8a4c49c5534e6575ad23e9c1d6047a311b0ad2ef8461de39663ff9d98b16df5ffcdd275c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7adedcfad059c153_0

MD5 6f92bffda3658984ed4143fe10bc5e66
SHA1 43ce93395c7f1ed9b606ddbc77e02a8d9400e4bd
SHA256 7e42311ea7cf3269b797c8446e774cedeb502c207e72abdb7deb9f9e6e716234
SHA512 82f89637e5bba2f151be08a371474f9b52194978d128d6a7086c1b84db23d37d6b9423417602c766d52e4ca4fa490bd86caf4771715e50d727d01fb0e1b241a1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3624c89ccb7668ef_0

MD5 d83eb98ad5d9ec510b0ae6008c07358e
SHA1 7e61a4d3942eba392434112b9ff745ce7dade748
SHA256 f03b75fb969fd7c1bfce7400cc9abdcc77e50f9fe5abd1589a02d6a2770037a0
SHA512 fe693cc2de3c451131c426146d7ac4a5ddfb23fe8e74e6177a5daabd12cb04afac17b3051233f70f859dcd288c15461d58fcabab1c6928d7d095076ca39f77c3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c7edafff96bf46ac_0

MD5 dc266c109b07ab9d5c0ed3d50b09f1cc
SHA1 2b7ea29461ff5a5290f54c56ad000c6e9b1123c7
SHA256 1146870840b3c4d4655065ebda342282ce23994454059f51a8035c78a898a728
SHA512 407b6ce57a6b3d72b66a5e05c9206b712cd0f872a1c8b1e2e2514d69c336fcc37289ed8098acdd7a6da50ad503d99e57662900fe441da0724895d9632a45f4c7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\067b62b144c4b035_0

MD5 8d7e4a0e72cb0ddddd00a1aae2a6f69f
SHA1 2947c22a2590f3b9271f75e600b6ec58fa10a01a
SHA256 7ab65016da9f7c2066cd9c95422887515668297913f564a801faf3fcf37682e0
SHA512 a0b06f28340b1c8ce765a2c0382198854e7a01453cf8b8de63a213287849a9741f82470e6e07fae05cacc3c07b32c8d2cbd240fdf516f266eb07be56bd6e3d2a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bf8a0f6537d02cf0_0

MD5 1fc9c3b11da7d39b8c50aef77fed0430
SHA1 255bfd1f14bdc82d44e5c82ba60e2bbdaed50e17
SHA256 39b42d078cf6d31d47992b105ab15640718c2dea1fddacdaf0687314a2828fc8
SHA512 35f8161be33e96219308d3a178cca8423a40848538a6aa028a27fa25e7d71b4ad0a002f08705e6d23f916a45824c9a8d871f8e5dee68545e82b5c88b9c38bc84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f8f58366a4de63ef_0

MD5 d102affc3d90b93a624eb44ca794192c
SHA1 f955f78cbeb8d3136be1bc6e760cd0595c5cdefe
SHA256 3e466c5a5d0b309f563b12f42ca8aef0c724af88340dd5c30773ed0d3909d49d
SHA512 52d9df94541431d6f939f9c71e6abf32a59b87cbdaa981b23a984357c9105a8dbbcdc56573a86acf5899a0e6d56ba0f73520de0578f243d0cbc6cf7ae89e360a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1b2cd4be4213be70430589b71c8178d6
SHA1 370d36d23cdd81467feffe352644b61ff8ca4ce6
SHA256 b9cc14c798149636acccaa127bafde2be687bb4200bd098512f79e7b8c1d2914
SHA512 814ae47fc96cdedf46a520451d3d500a605f6cb05cb3188e0a45328733f4c2f3aa7e5b5aad95c0ca5204b017cc820a357f125ca841d1fb351596d1af4bb49a92

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c5

MD5 612109e2b2700655a0020847697261fe
SHA1 0328b9c72982b69ea9f1c5aeb79220aeb6bf3142
SHA256 6d3f599fee7c90b78295c1d632f36983034a77620d46a42f58d6a79eeae61f2a
SHA512 a1768e796041db155c5b54eaf48609097f36ec579fe8c4ff740f0ca5a6448d6dba7f563d2fe7d00fb1f1a25bed3ad337148a377332f7ff9ba32fb6959948f1d7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000cb

MD5 b7640425501065524cec27d4a55a85ed
SHA1 f254c388a65efb4b271c56deb5685a77ebe09d9d
SHA256 fe8a1047376498c80a157d13555e42a92ad480fcb0bcc9de51ad1930fbeb7f91
SHA512 9795975f44bcae6b73979b221b1c544ac943bce0ed485b266749559ae95d39641e09c458f2ed20f4667efc80ca2c47dc6300ad4a3e5ce1d38aa94e014d61322a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000cc

MD5 72095568168d6a31e051e4d531759151
SHA1 8ebe72ef4631721d800aac28d854c1d1b952fe24
SHA256 6ba0d1a726f1887bd61727b308ed0be0e73edba17d4ad11b91ab19b632e078f6
SHA512 17f1417d99d76e46601d483f8516731e18ca028221a57c53d557e00f9627234576d62eb3ab5eb5faa13ebc1d8bff047ac86b1499756bee22ffb76b998b7b19a4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000cd

MD5 4c38c2a78502af8dfbfe0f71cc49a1ae
SHA1 4b8c845263b3696e28cf3f313e0214e22688a750
SHA256 1232bbdbc5d205f3c5a40efa5ed92839c79e7879d5168445cc47645bb93f7d1b
SHA512 e60ffea855bba4241daf68af6bd3c1967211a215ef281c7dac8311756a0781d00f529ff0ac5ce789238a4215eb1540c6c61c69d650cb2027c3c72cd475dd7b9b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ca

MD5 36397a3bc139c6e9f81d383f060f080a
SHA1 3f4f86c10920d4ed345f4858b6cde9f93e1aeb81
SHA256 4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
SHA512 7fff4870e9142e6e1921f8dd78e3b049547ec1d540efe573c2938f8b855db61ba908fa9d3c8da1bb2aae6d95217a586d256b9ea2bd8a8f706b1db75bc21f2cb9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c9

MD5 6e75a94d5f7170a1ab532d32c2a35755
SHA1 9c1b6fff544089941bbeddbcf529c3f0b46d853a
SHA256 d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f
SHA512 27cdbf98a3f42510eaeb28437e3c4661734b685d63eff5e47364ac46b73de617894edcb19ddd9afd955de192cfd8bb755998ed609ec2c279e9afab3db2583175

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000d0

MD5 d0263dc03be4c393a90bda733c57d6db
SHA1 8a032b6deab53a33234c735133b48518f8643b92
SHA256 22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12
SHA512 9511bef269ae0797addf4cd6f2fec4ad0c4a4e06b3e5bf6138c7678a203022ac4818c7d446d154594504c947da3061030e82472d2708149c0709b1a070fdd0e3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000d5

MD5 4da57ad345677d3d20cc6a06b5b873de
SHA1 1b3a7653fa69ca57d830138182675eb591371a12
SHA256 4ed625c6bfb1193d20d5b79873ed1d52715b45b14cb3344518a2e336c21df801
SHA512 9252082c58e98268247583f0a9bb259f72acfb0f0aa6b8c60be5755790e65dfb54b8fca9ee2f610ebd493405b179a5a97650de17bf7be95a0a6b4021a4b8a9af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00013d

MD5 688fcedaf3295bf89108d3657404628e
SHA1 acdb82f289f7b404c059c98cff1a9cd424c8c1cc
SHA256 03b691e390931e41c8454a371adcd6906171aefc5daa6eff9be036b57faec62b
SHA512 b7e8876d08e9b440f4e96e0bdc6e9040a5ee201092bbf77924cdc7ad7e499d75ba0aa905718c5bfc76341764183141e5f1af03fc5b63f669d726d2e08b05c961

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000d2

MD5 1285eb08fdde188516f569fa39da31aa
SHA1 f9512b53b6e384539ec7f72477bd3cb3962cc463
SHA256 488ce6388b6062a72518928f3f175e40d10c6e8f5d44e27d5a031986bb2a8d2e
SHA512 d1a4f0d7dbf777da3b0cb83c79cfb1fe715239fa168d97afb04d76e19619788d4323360ec2d3e55b6236a0c4ba2176280b7d56bbd368491929e94b1b9bfae459

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000d3

MD5 75cef597e154640e431615e6e98f8194
SHA1 e0a1fd20b91a149f4d911e483817eaf28ec2375a
SHA256 8ebdac87927bd057f4cb22cb44364eba9df15b4fa8e84f796f14b91a7e69910d
SHA512 10ab259b6c9ff2cfff399c8564fe80650711fd764c54eb75dbd2f39b36ab893bd3e28405dc998fd984c11ba0f322c55f910c4dba29c44a6943415e361bc59a70

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000d4

MD5 071cf1855d62ea4f33ab47a9fc49c1da
SHA1 07beaea1864338d6fa76a0042f946558214d9717
SHA256 c266533bd1ad56fd5bd06b41e875bf90ca906d0cc4c8ef3252601d28284dc0f0
SHA512 ad0e319537cfeeb8e625c1c31818dff4b5afe51ed085553f3d0d60952560c1b33b817b1abecfcbb8cbfe4fd7b1791582d2fb361ddf6f1a7996c6bbfa5323e1cc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cd6d0d2295012c4a_0

MD5 31aa40a142026f49692476ae63104403
SHA1 bc5965ef79127cb9fa945b22bede28d4a9f66129
SHA256 e787f2e42d6a2767fe2581d409ac022b303633649d6baa1edc0d13f1d2681e85
SHA512 661dea979731c4c899b9c7ad46538675afefa430dc8a34fe40e7d5f43aba845da62fbef2ef97af137b519872790e6dc2e13a526ed53951a4af8ef7756477c1eb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\63d9d022afa2a04a_0

MD5 08e4b62b43eb00eda1cbc65f788d5aac
SHA1 6dfd7dff309dcfe31678cadddf7f21cc43bcac07
SHA256 545059df190d47a17238a3fccbe84913a856e057b654271187d24d5c7bee123e
SHA512 3de9642dd390f6ce04c1209eb91b2fb8b68352439b0f5254c5aa5a61c1db57fd22b95ecfae1750bc371ea54fe8f55d0a92ced5b3d86e0ce9a6c826565c1d02a8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2111d1501c5945c939291fe2c8ad52a3
SHA1 777a46c5ecac297b51d23eea0e8601aa5be40e25
SHA256 78adeaaa1335732442e13539fc84273ade359b5ef896789cdcd7fc7bb3e34fcd
SHA512 6df21038b600dc539ccb076d82b682a4def5c475cb705f95d44eb576edc073d6ba952ec755656ba474f75d2b6ca83fa834e17be6646833ca0ec1a01f49ad65ce

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\074b44cfd90a98e0_0

MD5 0ba7bc3b6c52dbe21d4f53d99c766c56
SHA1 dfe798606cff85b84c6dd73c5e3433a67105a369
SHA256 3436ac1eb5e9b839c6a441e1e94755e94ef474e283d9d30ceea4be3eeda1bc47
SHA512 72fef91850bee2231b2c2a92b4fcf851b73e2ee388162f8c7e277ecb5b2180d456358b2f646d2183b3210e6912d3f9438ab5092e4bbc8f5ae38be3e3d50421f9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1dcfae6816b83551_0

MD5 847932ffbdd5d0146b9671886220119c
SHA1 9c289de0b2c06b8eb5a5db7472993d64f40b1356
SHA256 a2385fda60f429ba20491db75de89a19f1f82bd6c812b940dc1e3ea43db8dfab
SHA512 535416e4b1f66b8663f53f1906d4c4e4d136095c47fc9ced486fc719b23d19acc68f1592035bee80c982f65c4a752c8303b44daaefed607e208aedb1db69d70b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f321119519e7c7ca_0

MD5 96ea9d07f1bf99733d590c03e121025b
SHA1 743054ef18e361935d6bfa3d1a782bd65eb494bc
SHA256 ef6e5ff5e3883bd9f41bc47d55bb2cca5724a69b1c9dd996e77db520e02e3ca5
SHA512 07cb40a11cf67fc68e66ab34f537dccbc224d5b80d28575d6f268cac82b215ad861a553143ec39206f2bbbe66d221c0a96fcf61d1e897508f8da198301d4841c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1f44207d9c7aa62c_0

MD5 713bc5a14053483b09ab697e60240ab9
SHA1 c9bb24733851216f4f8e4783f7a6c7d233737f69
SHA256 e14e0a9a3d541698d994f9354c11af67335527e2046bbbf88c617fb425f098a3
SHA512 18c5b7afa4451595fdcf270cf4c28b885327785f91c63213803665fb4068389a0fc8c44bec7601b8e5ae58386c33d0670c4585a2b6ad0a2ad96843768bb11d42

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ef25066ad6b16ed5_0

MD5 49f14ee1f41b3190c720b1e43dc1e5cd
SHA1 0353b8f1f60f809fb1f99107aa7f7410bbe6e4d8
SHA256 a0170b7a7b90b13f401904d6ff0914c2c5b98f05601029bd91a79887a6a96874
SHA512 8a9fcb3034a1b352778fe0e2df1ddcdc6fbcec85f28747fcb66c90a980463c60ee4d04d9f04bca208dfb58db5eea461e3ef0fc4b770ea84ead7122de3722d3e6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b0122cd84d3fd7d6_0

MD5 2c17827869d40988bb379539eb250dd9
SHA1 18d360e97370d86c24412dd13d664fe163f64ba2
SHA256 742483a7a98e428202505dadffe15c95c5834ea6a5dd205e4d4a9434ac81d859
SHA512 b5c75a4911b33e10bae08eec36830968c4e091199f7e8535326ac2a2da2390f00adda8a80984f6763af6754baaa635c5dc381124ce87079424e3d084548ad6fa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 0e836d14c7ffdc76c939b5921399ded2
SHA1 c60757f814f761326b429b5987e4229a5e05dc3c
SHA256 b264a6a13482dc0ec813ed53e8ee221b0d7beb5ee3c92b9a9a37d3bc61c21ca4
SHA512 fafcaa7454fe03466afec4afe0d61860df4d9a789617a2b4cbc0e5fa1d76bbc374a50ec8a459c5ed441e5415e822f9b58712f04642679fb7e8a786f4036e3f92

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000115

MD5 af7bbfeaf2474747b2c1fc5603e54ad6
SHA1 c3b527c2e5cb10db330a398f29e185f6f47f3a43
SHA256 eb9b55e060cca80351fc155676413e202532f099636619202a6ee4c2d13a5764
SHA512 6d8a500fd9e958ec41dfe5d21954ac70c5802ce98840b77eef7dc9cd02e6b3a963405312c7f4a0ad6029591c541288e94618a966eda302a7c4166cd3e2da5e02

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000110

MD5 69b550731f9a789a39d18eb917e43a4c
SHA1 20721285bcc8dfc47777e43b2d94a224469a0b50
SHA256 230bd4129d0d79dd196efcf6d9e8db962c5e750fa539dfb5b72ba43666485066
SHA512 0de48338b7108eb2b9206c57d382c69703f1424788f7c665f44e4ebf8fbc92da8f11d10416c03f37d62c0d72cf760b902ef52f8e41caeb89ec221f0fac76702b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00011c

MD5 56f9e310fc86fc949bf115e34850e083
SHA1 a87b79bdd2e22aab5ba4bc6bfe023824ef1a1502
SHA256 da300a45b3a3b1a2eeccb255e4c6e5967a3aa02ca7a64a4d31a56ea3e8973e23
SHA512 f7e8bbf40d947c03dd3129ce61f7ce79f5d6038d20da2f3e546b41bfe4a76283bbf61a14bbb9955d9574a5efb9efd9dd46f59658b8ddcde3552dd336d88348df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00011b

MD5 b576652319aa7441da5c94548c6db70b
SHA1 4f1c2dbab8ead44236e449084c519f30788d4ee6
SHA256 ef737f5f2c87ed6f1180d3ec8870e46e20ac4c614c9f76260873c5f879a19f20
SHA512 9a03fdd748e2d5bc522041369e07ac331daaa539a7c1eacfbbba144b882970aa4ac4d2e2e5535f5b0ac483ba738dd9d42b3ddff6430814851389879c4081c569

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000120

MD5 e0c0f7035b1f8bce3e05edf391799fe2
SHA1 f2fe854b9bc6cd6bc7fc325de736db5082f0706b
SHA256 a9f4b53dcde51161bcfdea690051a1f7190aa386ab2d6c518ba2d0861c0ab245
SHA512 3108b20b7565b14e349acd813eeaf9227ddc42be3a8606e27b3331deb28ce3623b4e0bbe87f5189a5200ab360cd99abc0ff3224e90632ad1ed07507c92df2d87

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.xbox.com_0.indexeddb.leveldb\LOG.old

MD5 31d7bc816a0ef9d887c2bd50214e7376
SHA1 79e8b5b9dc25d4feb23a5ebfa02cb3c43574db60
SHA256 42f819f91fce5b3eef8b28ee857d2aa1b4e9ba9fa9023bf0cd777b812b8fffbd
SHA512 be32a6bfe1f154cfe85e948972731cc80b9f42fd295ebc3f57ee9eddbca323363b77160305c610c145752e354661468b9715713f0569ebab1eab7a48a92653a3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.xbox.com_0.indexeddb.leveldb\LOG.old~RFe6616fa.TMP

MD5 9a2b87ccbbbbe197e76de3e470bc4cda
SHA1 752fcf57f6b120d6958a286dc2ee066d1d830cef
SHA256 9ffd5f8be8bd18389969a7fd3f425d3d576626da555a4b96af11c066acd66a5c
SHA512 d4001682e45b3cdce0006a2fd3fac65045a329e9110cf725dd53f17787371783cc6f300f95a628a204addf8a3d77dd50c6fff020795b18d01de0701b77e264da

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 be8ce3879bd67c6dbb6f411dda932ae2
SHA1 1f3b78061258d7997d6b4b274b83fd1f7d0850fd
SHA256 7430d6050089172506c81357995951e71d5e8eab5d0600909447be31bc10b103
SHA512 3e38d1be67b227cd2f2d18f93bbbcaaf2b326d9030a0bab30bcd5e1bb85cb443f168b9f6ed66c03591b4347cdf7c8613c5f72f8a33dc3cea8424cb02f7a16bbf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a107157242d496a82a8e23c3b30f49ad
SHA1 cc568a39887ce2f68c270e09afbf13ee12b2a243
SHA256 3381a72b5b9188b901b1de45666150d81af5c7bb3e430615a424e245b61e41c2
SHA512 bf76d304c516f75ea9be0d4c62c2a812d06c8428f43d804013684106b2a92dc61b5040f0c89a0755478f4c4eac2acfb976a19b17ecd02a2aabbc6ed63244b3cb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ce

MD5 8885058b5c1b6c9ea8ec1c478cd71d4d
SHA1 ded9b82dfbd8c89a5512c0528b7cfa6042d61ebe
SHA256 e80f88474ce4052f0301de99ff4a02e2bfac9278f44b6bfc11780e1e65bcce00
SHA512 ad45d19119c812f1cafac33c22c3b00a6d21739c43baf2dc9117bf97cbdb6a4a4b94459f39b1ac9e04be3f15f54e93076439ae160e8af3b38cfcbd58219358ba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00015b

MD5 239cd69be3a3bb2eb69d70570fb765ea
SHA1 3965d582a5259c32a5d8f235d7f9c1249c380514
SHA256 9ecf2c311579fe2603920c735c71397d87aa948098d91204888d20b8712b14b4
SHA512 632a8943fd04fd43f8575c085499455861fe4a110ba6dd537ebff003fe910a3470f06347fe23f52ad97275123a1be8870eafefc56e6b17bfb79e3669b99d14dc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00013a

MD5 1b2b6893bc176f0becc69c6a64b8ea2d
SHA1 43308e4b402d2c327936bc885172a12fef0d5fe2
SHA256 fd523bfdfab019b4bfc474adf0bcb1afc87f3b0da45896f5d8115200f37786c9
SHA512 8e0573c50d49df7d3490590c0a6efbc1b6159265b6404db605f4859d6761b9cdee8432d605770ce049924c9e203e45d6205e969c0d08086a5f0a8631b385ecfe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.xbox.com_0.indexeddb.leveldb\000003.log

MD5 1373d51307369851e636e90dabebe56e
SHA1 374446e361ce14c80c23afe05addf3a181e25f71
SHA256 25a3a67236fc0128dafb575f325dbd95d2e8e3beb104e8621e6f73048e116c35
SHA512 53d664e3305c93f53e2ea06ceb1e3ba21ea2fb2026ec1d00a1728ceaa289149f214a720cab1b0ca477ea056039174c733fb7809f6c6b4b7fc0db2e75e1655da4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.xbox.com_0.indexeddb.leveldb\LOG.old

MD5 7f4022e48aa8fbfbdaf47ad3a0e9cf7b
SHA1 c3f015b74bfb9a17c877c088750a6c824419d64a
SHA256 100c5189aee5da3bb3b9a030ff4696154efab41499e6b183d993310a8ceb18e5
SHA512 ba6a4737b299da6d99c7cccc3a9c7bfba87068808805bdfc71c5f72545578cb62e4b1b4b4f76186322603bf294862f828ee6f8597b863abd4700bf6efc47b73f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9d2f36bfcc8f02a0_0

MD5 212d7857c76ef0189c00240810d6222f
SHA1 391ec49b48bf63c599fb9972e6105bc2e4501852
SHA256 29772552ac99626c6389f7a112785970e4e2d8f33ba0c75f6274a8381ce5595a
SHA512 cefd9c2466adfb9492562e02b59fa9c928075d36851d5c28b7f2a46c17ead5b217949ec208d73d8f642cdc28ded65c8a0433952b8e4577f0d95fddde5b13979d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\806bfc8a6d2dfb79_0

MD5 3595505891e6b3c1be30ccfb27291626
SHA1 32df1f89d6e1bf73224a3cb16be818b278e0ecdd
SHA256 d1f197df82c62e956554005ed14b801d458513a9cf599aa28a73f7944250568e
SHA512 f0a3fbbae192db8dc0ced76ff1c953b64384fdee14756001b9ebb8ad353bcc433ce44cdff224b2dd5845b7451d353033bd019b774e287bf8c41e42cc8f2f1066

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2d7c3a418b2f4d8e4ca8fcf04122bbab
SHA1 a02335eac2c37bf80d1ef1a7ebd0bd7fded67b48
SHA256 545dd5dfd340bb2632045099fd496a47f8584d17c06d66309f3cf4c2476224cd
SHA512 872d900e89f0684fdc790e291906db1d0f95373c83745e21e0c2438399e93debe3b73188b288d99c9eaab1cbe3f4fdbf8a4a9ed2660d55923fd4a7596aafd693

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7f6d9940c388c736aaf6f5914d6db79e
SHA1 f137b54ab215c8f7dc9d382edf2c49c883570ece
SHA256 351c6c8117b8154da58151753f6f0511d2a64e8c7e7ee28b833248e6a5fb5f77
SHA512 08127bd75390ac48f306af4b9a2ea4379cd72f5ec703e10d20a10479acbd629a67c493b98075c7d2ea9e074703eb708fd493f74b0de04175ed676cfc26116cc2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 877b46b8e66a932a15d64de82db6d65b
SHA1 00ed4fa75a9e41e7b445ed557fda54e4bd2b12eb
SHA256 c16b51a7064b1d26e90c21a0e97c1a213e51714572258700b0a87562aac23a2d
SHA512 9ae688a30ca4049d5401c75bc173b76e18e4d33d981e7e122a252e2ef79b6d3fa1d27ec7c37cac45e4902d5b44bf2cb9da69d9ec26479dcb7bb79a155fea6d3c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 262eda5420d8f815a0ac18a55b0f6fb1
SHA1 18d4509330c0f734ae4b5f0ff87752a5757bc30e
SHA256 810534efe6aa128ba14ae63491a410aa33b2a61cc583acbb2b4ea5dbd46d4f8f
SHA512 4500cc40e63aceaee8183b6d31070e80379996e3b5a4b27fedaedf329bf29eb8abce19077747350da85274eb3b9a2a271c95ce597062f443e823a74f33eb3b3b

F:\Kiwi X.rar

MD5 0aa7defe6f32e1e2e024f62f72178af6
SHA1 d8d318688cbc73faac2adfd8609e110997ee2c68
SHA256 a693fff41c4e738cfa6b7f0e9bcf51ae341b276b81189fa698f0c0ede4a8a54e
SHA512 c8e0760d60495a2a9e8e7762132cdeba8ba535effbb58fdfc26fa3fb9b13404f92b7af85b54a185157b43bd5411d2d626048983f02b50cbf9610ce8aad570802

F:\Kiwi X\bin\workspace\Self Bot RMA\saved_admins\Here.txt

MD5 118e5315caf3e357c30c45affa9e8e3e
SHA1 114e3cf096058a901a98443adb14aa035edeb7ff
SHA256 b52f4b1df7c635df62bbce27293474403020fe68b0f66d9547e170f3e6efe482
SHA512 c8f74cdef19ab610bf2f1d39b6f8b06c28669f39c281ef230cfec6ef596f4902a5b6f19abc07ae6bc6ce2c02c29107c3840037d9f24fbc8661d27e0bf359529f

F:\Kiwi X\bin\workspace\Self Bot RMA\saved_points\MegaJacob3072.txt

MD5 c0c7c76d30bd3dcaefc96f40275bdc0a
SHA1 e1822db470e60d090affd0956d743cb0e7cdf113
SHA256 1a6562590ef19d1045d06c4055742d38288e9e6dcd71ccde5cee80f1d5a774eb
SHA512 e62b01e8497ab6b7d89432599e21804eca278bb4a9c4b6ef5f7bae00bd5e45ae6c8cf3a18b74296f9a8e69cd2f416a8f41eeb2128f4e280ecf438ffef6244e14

F:\Kiwi X\bin\workspace\Self Bot RMA\saved_blacklists\Usernames.txt

MD5 7dcb7074a3da5cc9caacc305db15f3dd
SHA1 f72eee6a207fdd5d9d1881dec34fc2d57fe41a4b
SHA256 39a03b432aeccd71796d0494dad5e9e2c11344ea2b03577e5c8140f1941fc211
SHA512 d78565fb1d81d17da53d61544ee6bb1ca2ae5022749e2f3b155b4b5bf070cdb00a18996faaaf8150b5715f05d37f41692f0ca9e9ef0136e3d5a8efd4f2318ebf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 22253ed2d7d406c3ca9f439d84f44350
SHA1 120def166e9e508c1d85f1f8e160e1887d586934
SHA256 cb41ea58415d061d187c1f5e040a1444119992a924997f05fd8358ee7ec98fe9
SHA512 323d14bbd8a93357f21ff4a943acd90a6777e84f71b39f4eeb3d2fb3833a3daa2afff12a17ed09e318104104f8eecb31a4513ad6d9b3953b3f218dc66418f60c