Malware Analysis Report

2024-07-28 05:09

Sample ID 240605-hvhq6aha8s
Target http://google.com
Tags
adware discovery evasion execution persistence spyware stealer trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file http://google.com was found to be: Likely malicious.

Malicious Activity Summary

adware discovery evasion execution persistence spyware stealer trojan

Modifies Installed Components in the registry

Sets file execution options in registry

Downloads MZ/PE file

Reads user/profile data of web browsers

Registers COM server for autorun

Loads dropped DLL

Executes dropped EXE

Checks installed software on the system

Drops desktop.ini file(s)

Checks whether UAC is enabled

Installs/modifies Browser Helper Object

Adds Run key to start application

Enumerates connected drives

Checks system information in the registry

Drops file in System32 directory

Drops file in Program Files directory

Drops file in Windows directory

Command and Scripting Interpreter: PowerShell

Enumerates physical storage devices

Uses Volume Shadow Copy service COM API

System policy modification

Suspicious behavior: GetForegroundWindowSpam

Suspicious behavior: EnumeratesProcesses

Modifies Internet Explorer settings

Suspicious use of SendNotifyMessage

Checks processor information in registry

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies registry class

NTFS ADS

Suspicious behavior: AddClipboardFormatListener

Suspicious use of AdjustPrivilegeToken

Uses Task Scheduler COM API

Suspicious use of SetWindowsHookEx

Enumerates system info in registry

Suspicious use of FindShellTrayWindow

Modifies data under HKEY_USERS

Suspicious use of WriteProcessMemory

Checks SCSI registry key(s)

MITRE ATT&CK Matrix V13

Initial Access
TA0001
Execution
TA0002
Command and Scripting Interpreter
T1059
PowerShell
T1059.001
Persistence
TA0003
Boot or Logon Autostart Execution
T1547
Registry Run Keys / Startup Folder
T1547.001
Browser Extensions
T1176
Privilege Escalation
TA0004
Boot or Logon Autostart Execution
T1547
Registry Run Keys / Startup Folder
T1547.001
Defense Evasion
TA0005
Modify Registry
T1112
Credential Access
TA0006
Unsecured Credentials
T1552
Credentials In Files
T1552.001
Discovery
TA0007
Query Registry
T1012
System Information Discovery
T1082
Peripheral Device Discovery
T1120
Lateral Movement
TA0008
Collection
TA0009
Data from Local System
T1005
Exfiltration
TA0010
Command and Control
TA0011
Impact
TA0040
Resource Development
TA0042
Reconnaissance
TA0043

Analysis: static1

Detonation Overview

Reported

2024-06-05 07:03

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-05 07:03

Reported

2024-06-05 07:51

Platform

win11-20240508-en

Max time kernel

2699s

Max time network

2703s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://google.com

Signatures

Downloads MZ/PE file

Modifies Installed Components in the registry

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Version = "43,0,0,0" C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.79\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\StubPath = "\"C:\\Program Files\\Google\\Chrome\\Application\\125.0.6422.142\\Installer\\chrmstp.exe\" --configure-user-settings --verbose-logging --system-level --channel=stable" C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Localized Name = "Google Chrome" C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\IsInstalled = "1" C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\ = "Google Chrome" C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe N/A

Sets file execution options in registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU612A.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU612A.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU5CDC.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU5CDC.tmp\MicrosoftEdgeUpdate.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\ChromeSetup.exe N/A
N/A N/A C:\Windows\SystemTemp\Google3988_602791710\bin\updater.exe N/A
N/A N/A C:\Windows\SystemTemp\Google3988_602791710\bin\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\125.0.6422.142_chrome_installer.exe N/A
N/A N/A C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe N/A
N/A N/A C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe N/A
N/A N/A C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe N/A
N/A N/A C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\125.0.6422.142\elevation_service.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_native_messaging_host.exe N/A
N/A N/A C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe N/A
N/A N/A C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe N/A
N/A N/A C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe N/A
N/A N/A C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Reads user/profile data of web browsers

spyware stealer

Registers COM server for autorun

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.79\\notification_click_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.79\\EBWebView\\x64\\EmbeddedBrowserWebView.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.79\\notification_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\LocalServer32\ = "\"C:\\Program Files\\Google\\Chrome\\Application\\125.0.6422.142\\notification_helper.exe\"" C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\LocalServer32\ServerExecutable = "C:\\Program Files\\Google\\Chrome\\Application\\125.0.6422.142\\notification_helper.exe" C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.79\\notification_helper.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.79\\PdfPreview\\PdfPreviewHandler.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.79\\BHO\\ie_to_edge_bho_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\LocalServer32 C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\LocalServer32 C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\!BCILauncher = "\"C:\\Windows\\Temp\\MUBSTemp\\BCILauncher.EXE\" bgaupmi=50489C145474422AB215B66A1FB4B151" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E30BEEFA-476B-4157-849C-4C04165EEC7C}\BGAUpdate.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Windows\SystemTemp\Google3988_602791710\bin\updater.exe N/A

Drops desktop.ini file(s)

Description Indicator Process Target
File opened for modification C:\Users\Admin\Videos\Captures\desktop.ini C:\Windows\system32\svchost.exe N/A

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\V: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\X: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\E: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\L: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\R: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\S: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\R: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\L: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\H: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\J: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\O: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\T: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Y: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\A: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\P: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\T: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\Z: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\M: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\V: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Z: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\G: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\I: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\P: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\W: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\X: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\G: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\E: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\J: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\N: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\B: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\O: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\Q: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\W: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\B: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Q: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\S: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\U: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\M: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\I: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\K: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\N: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\U: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\Y: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\A: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\K: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\H: C:\Windows\System32\msiexec.exe N/A

Installs/modifies Browser Helper Object

stealer adware
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU612A.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU5CDC.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU612A.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU5CDC.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe N/A
File opened for modification C:\Windows\SysWOW64\debug.log C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\SocialTestHelpers\RoactRodux.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\Qml\QtQuick\Controls.2\designer\images\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\textures\ui\Controls\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\studio_svg_textures\Shared\Alerts\Dark\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\studio_svg_textures\Shared\InsertableObjects\Dark\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\scripts\CoreScripts\Modules\InGameMenu\Components\SideNavigation\HomeButton.spec.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\GameDetailRodux\AppCommonLib.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\studio_svg_textures\Shared\InsertableObjects\Dark\Large\Smoke.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\scripts\CoreScripts\Modules\InspectAndBuy\Thunks\GetPlayerName.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\textures\ui\Controls\DesignSystem\ButtonStart.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Packages\_Index\JestReporters-2.4.1\JestUtil.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\DiscoveryPackagesTestSuite\PlayabilityRodux.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\Qml\QtQml\StateMachine\qmldir C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\Qml\QtQuick\Extras\designer\images\statusindicator-icon16.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\studio_svg_textures\Shared\InsertableObjects\Light\Standard\Beam.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.79\mspdf.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.79\identity_proxy\win11\identity_helper.Sparse.Internal.msix C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\GetHumanoidDescription\Dev\JestGlobals.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\Otter\Otter\default.rbxp C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Packages\_Index\JestReporters-2.4.1\JestConsole.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Packages\_Index\RoactNavigation\RoactNavigation\getChildNavigation.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Packages\_Index\RoduxFriends\RoduxFriends\Reducers\Friends\requests\sentAt.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\Qml\QtQuick\Controls.2\Universal\VerticalHeaderView.qml C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\textures\ui\VoiceChat\Unmuted40.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\textures\ui\VoiceChat\MicLight\Muted.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\scripts\CoreScripts\Modules\BackpackScript.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\scripts\CoreScripts\Modules\DevConsole\Components\Log\ClientLog.spec.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Packages\_Index\TestEZ\TestEZ\TestSession.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.79\VisualElements\LogoDev.png C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\PermissionsProtocol\t.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\TenFootUiGlobalNav\TenFootUiCommon.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\textures\ui\PlayerList\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\studio_svg_textures\Lua\TerrainEditor\Dark\Large\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Packages\_Index\tutils-04e2814e-937da4f7\tutils\deepEqual.spec.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\App\Loading\Enum\LoadingStrategy.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\GameDetail\GameDetail\default.rbxp C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Packages\_Index\NetworkingFriends\NetworkingFriends\networkRequests\createGetFriendRecommendationsFromUserId.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Packages\_Index\t-1.2.5\t\ts.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.79\VisualElements\Logo.png C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\textures\AvatarImporter\img_light_custom.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\textures\RoactStudioWidgets\toggle_off_dark.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\studio_svg_textures\Shared\InsertableObjects\Light\Standard\AlignPosition.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\scripts\CoreScripts\Modules\DevConsole\Actions\ServerNetworkUpdateSearchFilter.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\scripts\CoreScripts\Modules\SelfieView\Components\Icon.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\Qml\QtQuick\Dialogs\WidgetMessageDialog.qml C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\textures\ui\Settings\Players\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Packages\_Index\UGCValidation\UGCValidation\flags\getFFlagUGCValidateBodyPartsCollisionFidelity.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Workspace\Packages\ToastNotification.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\LegacyFriendsRodux\LegacyFriendsRodux\default.rbxp C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\studio_svg_textures\Shared\InsertableObjects\Light\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\scripts\CoreScripts\Modules\TopBar\Components\Presentation\HurtOverlay.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Packages\_Index\GraphQL\GraphQL\validation\rules\KnownDirectivesRule.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\App\Dialog\TooltipV2\Controllers.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\AbuseReportMenu\AdIdentification.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\textures\9SliceEditor\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\studio_svg_textures\Shared\InsertableObjects\Light\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Packages\_Index\JestCore\JestCore\TestScheduler.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\VerifiedBadges\Dev\UnitTestHelpers.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\Qml\QtQuick\Controls\Private\CalendarUtils.js C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\Qml\QtQuick\Controls.2\Imagine\SpinBox.qml C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\BuiltInPlugins\DepFiles\TerrainToolsV2.d C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\BuiltInPlugins\Optimized_Embedded_Signature\GameSettings.rbxm C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\scripts\CoreScripts\Modules\InGameChat\BubbleChat\Components\__stories__\VoiceBubble.story.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\VoiceChat\SharedFlags.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\Installer\MSI7DE8.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4592_2131389585\crl-set C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\setuperr.log C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\SETUP.EX_ C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\125.0.6422.142_chrome_installer.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe N/A
File created C:\Windows\Installer\{EF2787B1-0F5C-449C-86FF-6F4D28DE3C46}\chromoting.ico C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\SystemTemp\Crashpad\settings.dat C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B479FF3-72AD-40F9-B290-8AA77CB2B24F}\EDGEMITMP_56A20.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B479FF3-72AD-40F9-B290-8AA77CB2B24F}\EDGEMITMP_56A20.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\125.0.6422.142_chrome_installer.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4592_2131389585\manifest.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4592_1742131851\Filtering Rules C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Windows\Installer\MSI889B.tmp C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B479FF3-72AD-40F9-B290-8AA77CB2B24F}\EDGEMITMP_56A20.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\_metadata\verified_contents.json C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\125.0.6422.142_chrome_installer.exe N/A
File opened for modification C:\Windows\SystemTemp\Crashpad\settings.dat C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.79\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.79\Installer\setup.exe N/A
File opened for modification C:\Windows\Installer\ C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\e5b7c91.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B479FF3-72AD-40F9-B290-8AA77CB2B24F}\EDGEMITMP_56A20.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.79\Installer\setup.exe N/A
File created C:\Windows\SystemTemp\Google3988_602791710\bin\updater.exe C:\Users\Admin\Downloads\ChromeSetup.exe N/A
File created C:\Windows\SystemTemp\chrome_url_fetcher_2980_913075689\-8a69d345-d564-463c-aff1-a69d9e530f96-_125.0.6422.142_all_acutrvkmuh4txcarzlf55gttysyq.crx3 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
File opened for modification C:\Windows\SystemTemp\Crashpad\metadata C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\Crashpad\metadata C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe N/A
File opened for modification C:\Windows\Installer\MSI7DD7.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B479FF3-72AD-40F9-B290-8AA77CB2B24F}\EDGEMITMP_56A20.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\125.0.6422.142_chrome_installer.exe C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
File opened for modification C:\Windows\SystemTemp\Crashpad\settings.dat C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe N/A
File created C:\Windows\Installer\e5b7c8f.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI80BA.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B479FF3-72AD-40F9-B290-8AA77CB2B24F}\EDGEMITMP_56A20.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\CHROME.PACKED.7Z C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\125.0.6422.142_chrome_installer.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4592_2131389585\manifest.fingerprint C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\~DF025DDADAE5B73307.TMP C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\diagerr.xml C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.79\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\Installer\inprogressinstallinfo.ipi C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4592_2131389585\_metadata\verified_contents.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\~DF417073EB2E34B236.TMP C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Users\Admin\Downloads\ChromeSetup.exe N/A
File created C:\Windows\SystemTemp\Google3988_602791710\bin\uninstall.cmd C:\Users\Admin\Downloads\ChromeSetup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\f4bea2a8-0378-44ad-aaaa-0325ca6f2a9c.tmp C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\manifest.json C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
File opened for modification C:\Windows\SystemTemp\Crashpad\settings.dat C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\setupact.log C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File opened for modification C:\Windows\Installer\{EF2787B1-0F5C-449C-86FF-6F4D28DE3C46}\chromoting.ico C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\diagwrn.xml C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.79\Installer\setup.exe N/A
File created C:\Windows\SystemTemp\Google3988_2136716241\UPDATER.PACKED.7Z C:\Users\Admin\Downloads\ChromeSetup.exe N/A
File created C:\Windows\Installer\SourceHash{EF2787B1-0F5C-449C-86FF-6F4D28DE3C46} C:\Windows\system32\msiexec.exe N/A

Command and Scripting Interpreter: PowerShell

execution
Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A

Enumerates physical storage devices

Checks SCSI registry key(s)

Description Indicator Process Target
Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters\Partmgr C:\Windows\system32\vssvc.exe N/A
Set value (data) \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters\Partmgr\PartitionTableCache = 0000000004000000ea03c27790712bf60000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000c01200000000ffffffff000000002701010000080000ea03c2770000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d01200000000000020ed3a000000ffffffff000000000700010000680900ea03c277000000000000d012000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0ff3a0000000000000005000000ffffffff000000000700010000f87f1dea03c277000000000000f0ff3a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000ea03c27700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 C:\Windows\system32\vssvc.exe N/A
Set value (data) \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters\Partmgr\SnapshotDataCache = 534e41505041525401000000700000008ec7416a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 C:\Windows\system32\vssvc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters C:\Windows\system32\vssvc.exe N/A
Key queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters C:\Windows\system32\vssvc.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\msedgewebview2.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\msedgewebview2.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.79\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio-auth\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.79\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio-auth C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Google\Chrome C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\NGC C:\Windows\system32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2b\52C64B7E\@%SystemRoot%\system32\dnsapi.dll,-103 = "Domain Name System (DNS) Server Trust" C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\S-1-5-19\SOFTWARE C:\Windows\system32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet = "1" C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Google C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "0" C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ = "IGoogleUpdate3" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\NumMethods\ = "11" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ = "IProgressWndEvents" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8A1D4361-2C08-4700-A351-3EAA9CBFF5E4}\VersionIndependentProgID C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{18D0F672-18B4-48E6-AD36-6E6BF01DBBC4}\1.0\0\win64 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods\ = "8" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{8A1D4361-2C08-4700-A351-3EAA9CBFF5E4}\ServiceParameters = "--com-service" C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{D576ED7F-31DA-4EE1-98CE-1F882FB3047A}\1.0 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\ = "PSFactoryBuffer" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32\ = "{2B1EC306-3EDE-4012-9BB0-FB836132FF52}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface\{F966A529-43C6-4710-8FF4-0B456324C8F4} C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8F09CD6C-5964-4573-82E3-EBFF7702865B}\ = "Microsoft Edge Update Core Class" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ProxyStubClsid32\ = "{2B1EC306-3EDE-4012-9BB0-FB836132FF52}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{18D0F672-18B4-48E6-AD36-6E6BF01DBBC4}\TypeLib\ = "{18D0F672-18B4-48E6-AD36-6E6BF01DBBC4}" C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\NumMethods\ = "41" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\Elevation\Enabled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\Elevation\Enabled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3001105534-2705918504-2956618779-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\9\ComDlg\{5FA96407-7E77-483C-AC93-691D05850DE8}\FFlags = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\LocalServer32 C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Interface C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassSvc C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusSvc.1.0\CLSID\ = "{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\VersionIndependentProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ = "IPolicyStatus" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreMachineClass.1\ = "Microsoft Edge Update Core Class" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{513BC7DA-6B8D-45F7-90A0-2E9F66CEF962}\TypeLib\Version = "1.0" C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.ProcessLauncher\CurVer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface\{B685B009-DBC4-4F24-9542-A162C3793E77}\TypeLib C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{3a22c946-f9f5-51e0-b7b1-ef8ea58a1f65}\LocalServer32 C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ = "IProgressWndEvents" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ = "IAppBundle" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C4622B28-A747-44C7-96AF-319BE5C3B261}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{B685B009-DBC4-4F24-9542-A162C3793E77}\1.0\0\win32 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreMachineClass.1 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{463ABECF-410D-407F-8AF5-0DF35A005CC8}\TypeLib\Version = "1.0" C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{08D832B9-D2FD-481F-98CF-904D00DF63CC}\ProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{494B20CF-282E-4BDD-9F5D-B70CB09D351E} C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{08D832B9-D2FD-481F-98CF-904D00DF63CC}\ProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{699F07AD-304C-5F71-A2DA-ABD765965B54} C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Interface\{513BC7DA-6B8D-45F7-90A0-2E9F66CEF962}\ProxyStubClsid32 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Interface\{6430040A-5EBD-4E63-A56F-C71D5990F827}\ProxyStubClsid32 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ProxyStubClsid32\ = "{2B1EC306-3EDE-4012-9BB0-FB836132FF52}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\VERSIONINDEPENDENTPROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\ChromeSetup.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Webstore Downloads\inomeogfingihgjfjlpeplalcfajhgai_47259.crx:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Users\Admin\AppData\Local\Temp\scoped_dir4592_1974963061\inomeogfingihgjfjlpeplalcfajhgai_47259.crx\:Zone.Identifier:$DATA C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Users\Admin\Downloads\chromeremotedesktophost.msi:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Users\Admin\Downloads\RobloxStudioInstaller.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_desktop.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\SystemTemp\Google3988_602791710\bin\updater.exe N/A
N/A N/A C:\Windows\SystemTemp\Google3988_602791710\bin\updater.exe N/A
N/A N/A C:\Windows\SystemTemp\Google3988_602791710\bin\updater.exe N/A
N/A N/A C:\Windows\SystemTemp\Google3988_602791710\bin\updater.exe N/A
N/A N/A C:\Windows\SystemTemp\Google3988_602791710\bin\updater.exe N/A
N/A N/A C:\Windows\SystemTemp\Google3988_602791710\bin\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU612A.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU612A.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU612A.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU612A.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU612A.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU612A.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_desktop.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\msedgewebview2.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4008 wrote to memory of 2944 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2944 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 2352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4008 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

System policy modification

evasion
Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\msedgewebview2.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe N/A

Uses Task Scheduler COM API

persistence

Uses Volume Shadow Copy service COM API

ransomware

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fffa85fab58,0x7fffa85fab68,0x7fffa85fab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1596 --field-trial-handle=1892,i,2659946315978376323,7992735596275312446,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1888 --field-trial-handle=1892,i,2659946315978376323,7992735596275312446,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2180 --field-trial-handle=1892,i,2659946315978376323,7992735596275312446,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2748 --field-trial-handle=1892,i,2659946315978376323,7992735596275312446,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2760 --field-trial-handle=1892,i,2659946315978376323,7992735596275312446,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4120 --field-trial-handle=1892,i,2659946315978376323,7992735596275312446,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4388 --field-trial-handle=1892,i,2659946315978376323,7992735596275312446,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4384 --field-trial-handle=1892,i,2659946315978376323,7992735596275312446,131072 /prefetch:8

C:\Windows\system32\osk.exe

"C:\Windows\system32\osk.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3196 --field-trial-handle=1892,i,2659946315978376323,7992735596275312446,131072 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004BC 0x00000000000004C0

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=2792 --field-trial-handle=1892,i,2659946315978376323,7992735596275312446,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4616 --field-trial-handle=1892,i,2659946315978376323,7992735596275312446,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3788 --field-trial-handle=1892,i,2659946315978376323,7992735596275312446,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4176 --field-trial-handle=1892,i,2659946315978376323,7992735596275312446,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5028 --field-trial-handle=1892,i,2659946315978376323,7992735596275312446,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5080 --field-trial-handle=1892,i,2659946315978376323,7992735596275312446,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3236 --field-trial-handle=1892,i,2659946315978376323,7992735596275312446,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5208 --field-trial-handle=1892,i,2659946315978376323,7992735596275312446,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5156 --field-trial-handle=1892,i,2659946315978376323,7992735596275312446,131072 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\Downloads\ChromeSetup.exe

"C:\Users\Admin\Downloads\ChromeSetup.exe"

C:\Windows\SystemTemp\Google3988_602791710\bin\updater.exe

"C:\Windows\SystemTemp\Google3988_602791710\bin\updater.exe" --install=appguid={8A69D345-D564-463C-AFF1-A69D9E530F96}&iid={F11BC218-1065-7D85-F4F9-4C5EBB76099D}&lang=en&browser=4&usagestats=1&appname=Google%20Chrome&needsadmin=prefers&ap=x64-statsdef_1&installdataindex=empty --enable-logging --vmodule=*/components/winhttp/*=1,*/components/update_client/*=2,*/chrome/updater/*=2

C:\Windows\SystemTemp\Google3988_602791710\bin\updater.exe

C:\Windows\SystemTemp\Google3988_602791710\bin\updater.exe --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=127.0.6490.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x294,0x2b8,0x2bc,0x274,0x2c0,0x7d758c,0x7d7598,0x7d75a4

C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe" --system --windows-service --service=update-internal

C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe" --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=127.0.6490.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x298,0x29c,0x2a0,0x274,0x2a4,0x84758c,0x847598,0x8475a4

C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe" --system --windows-service --service=update

C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe" --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=127.0.6490.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x298,0x29c,0x2a0,0x274,0x2a4,0x84758c,0x847598,0x8475a4

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe /Processid:{60A90A2F-858D-42AF-8929-82BE9D99E8A1}

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\125.0.6422.142_chrome_installer.exe

"C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\125.0.6422.142_chrome_installer.exe" --verbose-logging --do-not-launch-chrome --channel=stable --installerdata="C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\f4bea2a8-0378-44ad-aaaa-0325ca6f2a9c.tmp"

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe

"C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe" --install-archive="C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\CHROME.PACKED.7Z" --verbose-logging --do-not-launch-chrome --channel=stable --installerdata="C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\f4bea2a8-0378-44ad-aaaa-0325ca6f2a9c.tmp"

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=125.0.6422.142 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff603832698,0x7ff6038326a4,0x7ff6038326b0

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe

"C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe" --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=125.0.6422.142 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff603832698,0x7ff6038326a4,0x7ff6038326b0

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe /Processid:{60A90A2F-858D-42AF-8929-82BE9D99E8A1}

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fffa85fab58,0x7fffa85fab68,0x7fffa85fab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1524 --field-trial-handle=1880,i,11943163038700568737,4786814443076920528,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1852 --field-trial-handle=1880,i,11943163038700568737,4786814443076920528,131072 /prefetch:8

C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe" --system --windows-service --service=update

C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe" --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=127.0.6490.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x298,0x29c,0x2a0,0x274,0x2a4,0x84758c,0x847598,0x8475a4

C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe" --rename-chrome-exe --system-level --verbose-logging --channel=stable

C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=125.0.6422.142 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff7b7d32698,0x7ff7b7d326a4,0x7ff7b7d326b0

C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe" --channel=stable --delete-old-versions --system-level --verbose-logging

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --flag-switches-begin --flag-switches-end

C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=125.0.6422.142 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff7b7d32698,0x7ff7b7d326a4,0x7ff7b7d326b0

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=125.0.6422.142 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff95d71c70,0x7fff95d71c7c,0x7fff95d71c88

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2180,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=2176 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --field-trial-handle=1752,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=2608 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --field-trial-handle=1980,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=2720 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3104,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=3168 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3112,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=3368 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4400,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=4512 /prefetch:1

C:\Program Files\Google\Chrome\Application\125.0.6422.142\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\125.0.6422.142\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4536,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=4720 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=4572,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=4576 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=4920,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=4996 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --field-trial-handle=5000,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5108 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3148,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5232 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5084,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5468 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=3172,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=4420 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=3564,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5244 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5484,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=4736 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --field-trial-handle=5116,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5408 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --field-trial-handle=5576,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5564 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=5608,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5392 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5676,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5772 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=3476,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=3180 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=5672,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=4676 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5444,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5628 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=3504,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5500 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=5632,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=6084 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=5924,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5884 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=5912,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5596 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=6080,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5940 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=3788,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5932 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --field-trial-handle=5856,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5884 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=5932,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5808 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=5328,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=4772 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=5904,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5556 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=5308,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5852 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=4716,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5468 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=4468,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5336 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=5940,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=6160 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=6200,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=6280 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --field-trial-handle=3432,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=6292 /prefetch:8

C:\Windows\System32\msiexec.exe

"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\Downloads\chromeremotedesktophost.msi"

C:\Windows\system32\msiexec.exe

C:\Windows\system32\msiexec.exe /V

C:\Windows\syswow64\MsiExec.exe

C:\Windows\syswow64\MsiExec.exe -Embedding 515BC162414FF78F553B85E585BC32F8 C

C:\Windows\system32\vssvc.exe

C:\Windows\system32\vssvc.exe

C:\Windows\system32\srtasks.exe

C:\Windows\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:2

C:\Windows\syswow64\MsiExec.exe

C:\Windows\syswow64\MsiExec.exe -Embedding D992AB8A920B28E086FC69A0F81486E1

C:\Windows\syswow64\MsiExec.exe

C:\Windows\syswow64\MsiExec.exe -Embedding C7A7C6CBBF08CDC46B4038925179F15E E Global\MSI0000

C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe

"C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe" -NoLogo -NonInteractive -NoProfile -ExecutionPolicy Bypass New-Item -ItemType SymbolicLink -Path 'C:\Program Files (x86)\Google\Chrome Remote Desktop\CurrentVersion' -Target 'C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\' -Force

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c ""C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_native_messaging_host.exe" chrome-extension://inomeogfingihgjfjlpeplalcfajhgai/ --parent-window=0" < \\.\pipe\chrome.nativeMessaging.in.66457e11055a8335 > \\.\pipe\chrome.nativeMessaging.out.66457e11055a8335

C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_native_messaging_host.exe

"C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_native_messaging_host.exe" chrome-extension://inomeogfingihgjfjlpeplalcfajhgai/ --parent-window=0

C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe

"C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe" --type=daemon --host-config="C:\ProgramData\Google\Chrome Remote Desktop\host.json"

C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe

"C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe" --type=host --mojo-pipe-token=10325768845544958610 --mojo-platform-channel-handle=916

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe

"C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe" --type=evaluate_capability --evaluate-type=d3d-support

C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe

"C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe" --type=desktop --elevate="C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_desktop.exe" --mojo-pipe-token=15081370639647434502 --mojo-named-platform-channel-pipe=5640.3376.17343999759595541906

C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_desktop.exe

"C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_desktop.exe" --mojo-named-platform-channel-pipe=5640.3376.17343999759595541906 --mojo-pipe-token=15081370639647434502 --type=desktop

C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_desktop.exe

"C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_desktop.exe" --type=evaluate_capability --evaluate-type=d3d-support

C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe

"C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe" --type=url_forwarder_configurator

C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe" --wake --system

C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe" --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=127.0.6490.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x298,0x29c,0x2a0,0x204,0x2a4,0x84758c,0x847598,0x8475a4

C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe" --system --windows-service --service=update-internal

C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe" --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=127.0.6490.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x298,0x29c,0x2a0,0x274,0x2a4,0x84758c,0x847598,0x8475a4

C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe" --system --windows-service --service=update

C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe" --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=127.0.6490.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x298,0x29c,0x2a0,0x274,0x2a4,0x84758c,0x847598,0x8475a4

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=5212,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=6388 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=6752,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=6768 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=5908,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=6624 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=6596,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=6800 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=7048,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=7056 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=3408,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=7164 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=6960,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=6516 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=7096,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=4588 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=6388,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=6440 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=5496,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=6688 /prefetch:1

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe

"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc

C:\Windows\System32\oobe\UserOOBEBroker.exe

C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=6608,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=6460 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=3540,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=6680 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=7080,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=6704 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=6820,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=4380 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --field-trial-handle=6356,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=3144 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --field-trial-handle=6836,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=7208 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --field-trial-handle=7372,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=7444 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --field-trial-handle=7428,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=7412 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --field-trial-handle=7076,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5144 /prefetch:8

C:\Users\Admin\Downloads\RobloxStudioInstaller.exe

"C:\Users\Admin\Downloads\RobloxStudioInstaller.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=4992,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=7020 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=7248,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5592 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files (x86)\Microsoft\Temp\EU612A.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU612A.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MDJEMTJFNUQtODA3RS00RUNELUIyQzItRjg5MTcxNjU0QzhGfSIgdXNlcmlkPSJ7Q0YxNjU1NTMtRkZBOS00N0M0LTk2QTMtMzlBRTgyMEREMUZBfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntFNkJDMzJGQy05NUE3LTQ3MTctODJGQy1DODhFNUUwQTREMDJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE0My41NyIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExMDY0MDA0Mzg4IiBpbnN0YWxsX3RpbWVfbXM9IjEyNzMiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{02D12E5D-807E-4ECD-B2C2-F89171654C8F}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MDJEMTJFNUQtODA3RS00RUNELUIyQzItRjg5MTcxNjU0QzhGfSIgdXNlcmlkPSJ7Q0YxNjU1NTMtRkZBOS00N0M0LTk2QTMtMzlBRTgyMEREMUZBfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins0QUVFNUVBOS0zOThFLTRGODItQkMxRi1GMUU3NjcxQkNGODd9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9Ins4QTY5RDM0NS1ENTY0LTQ2M2MtQUZGMS1BNjlEOUU1MzBGOTZ9IiB2ZXJzaW9uPSIxMjUuMC42NDIyLjE0MiIgbmV4dHZlcnNpb249IjEyNS4wLjY0MjIuMTQyIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIj48ZXZlbnQgZXZlbnR0eXBlPSIzMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iNSIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTEwNjc5MTQzMTQiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B479FF3-72AD-40F9-B290-8AA77CB2B24F}\MicrosoftEdge_X64_125.0.2535.85.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B479FF3-72AD-40F9-B290-8AA77CB2B24F}\MicrosoftEdge_X64_125.0.2535.85.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B479FF3-72AD-40F9-B290-8AA77CB2B24F}\EDGEMITMP_56A20.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B479FF3-72AD-40F9-B290-8AA77CB2B24F}\EDGEMITMP_56A20.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B479FF3-72AD-40F9-B290-8AA77CB2B24F}\MicrosoftEdge_X64_125.0.2535.85.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B479FF3-72AD-40F9-B290-8AA77CB2B24F}\EDGEMITMP_56A20.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B479FF3-72AD-40F9-B290-8AA77CB2B24F}\EDGEMITMP_56A20.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.142 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5B479FF3-72AD-40F9-B290-8AA77CB2B24F}\EDGEMITMP_56A20.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.85 --initial-client-data=0x244,0x248,0x24c,0x1e4,0x250,0x7ff658ce4b18,0x7ff658ce4b24,0x7ff658ce4b30

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MDJEMTJFNUQtODA3RS00RUNELUIyQzItRjg5MTcxNjU0QzhGfSIgdXNlcmlkPSJ7Q0YxNjU1NTMtRkZBOS00N0M0LTk2QTMtMzlBRTgyMEREMUZBfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InsyODQzQ0Y5MS1EODAyLTQyREUtOTg3Ni1CMUQ2RjAxOTNDRTh9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIxMjUuMC4yNTM1Ljg1IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMTA3ODcyNDQyNiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExMDc4Nzk0NTg4IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTE0MjU4NzQ3ODciIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5mLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzNjNzc1ZTc1LWFmZjgtNGFmMS1hZWRlLTdhNWMwMzQ5YWEwYj9QMT0xNzE4MTc2NjYwJmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PW1CTTNWVWFrZU8lMmJQJTJiOTd3WHM1QSUyYjlvYW12OFUzUTVtdyUyZmNSRGZ6ZlJrdDlQbzFQYVElMmJxNERRN09pamZPNyUyYjVlTmklMmJVN0tkaW8ydFJGcXZrQlpKY3clM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNzM2NzU1NzYiIHRvdGFsPSIxNzM2NzU1NzYiIGRvd25sb2FkX3RpbWVfbXM9IjI4MjIyIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTE0MjYwNTQ3NjgiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMTQzOTg2NDY0MCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTE4NzgyNDkxNTciIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSI3ODMiIGRvd25sb2FkX3RpbWVfbXM9IjM0NzIwIiBkb3dubG9hZGVkPSIxNzM2NzU1NzYiIHRvdGFsPSIxNzM2NzU1NzYiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIwIiBpbnN0YWxsX3RpbWVfbXM9IjQzODM3Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe" -startEvent www.roblox.com/robloxQTStudioStartedEvent -firstLaunch

C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxCrashHandler.exe

"C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxCrashHandler.exe" --no-rate-limit --crashCounter Win-ROBLOXStudio-Crash --baseUrl https://www.roblox.com --attachment=attachment_0.627.0.6270453_20240605T071900Z_Studio_705BE_last.log=C:\Users\Admin\AppData\Local\Roblox\logs\0.627.0.6270453_20240605T071900Z_Studio_705BE_last.log --database=C:\Users\Admin\AppData\Local\Roblox\logs\crashes --metrics-dir=C:\Users\Admin\AppData\Local\Roblox\logs\crashes --url=https://upload.crashes.rbxinfra.com/post?format=minidump --annotation=AppVersion=0.627.0.44533 --annotation=Format=minidump --annotation=HardwareModel= --annotation=HasBootstrapper=true --annotation=InstallFolder=ProgramFilesX86 --annotation=OSPlatform=Windows --annotation=RobloxChannel=production --annotation=RobloxGitHash=eaa743d2ec5efd1c7cd63375418c0e423354daa2 --annotation=RobloxProduct=RobloxStudio --annotation=StudioVersion=0.627.0.6270453 --annotation=UniqueId=1541049973840846898 --annotation=UseCrashpad=True --annotation=app_arch=x86_64 --annotation=application.version=0.627.0.6270453 --annotation=host_arch=x86_64 --initial-client-data=0x5d0,0x5d4,0x5d8,0x538,0x600,0x7ff71a328b90,0x7ff71a328ba8,0x7ff71a328bc0

C:\Windows\System32\GameBarPresenceWriter.exe

"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 627, 0, 6270453" --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --enable-features=MojoIpcz --mojo-named-platform-channel-pipe=2108.6508.12644134061547605030

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.142 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=125.0.2535.85 --initial-client-data=0x180,0x184,0x188,0x15c,0x190,0x7fff8bf64ef8,0x7fff8bf64f04,0x7fff8bf64f10

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 627, 0, 6270453" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1716,i,7721066457019255879,14587994224550451074,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=1696 /prefetch:2

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 627, 0, 6270453" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=2004,i,7721066457019255879,14587994224550451074,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=2040 /prefetch:3

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 627, 0, 6270453" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=2252,i,7721066457019255879,14587994224550451074,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=2268 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 627, 0, 6270453" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --lang=en-US --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3552,i,7721066457019255879,14587994224550451074,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3572 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 627, 0, 6270453" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --lang=en-US --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=4140,i,7721066457019255879,14587994224550451074,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=4148 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.85\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 627, 0, 6270453" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --lang=en-US --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3632,i,7721066457019255879,14587994224550451074,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=4128 /prefetch:1

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7EAA5A53-DEB9-473D-BD06-19176F8505F5}\MicrosoftEdgeUpdateSetup_X86_1.3.187.39.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7EAA5A53-DEB9-473D-BD06-19176F8505F5}\MicrosoftEdgeUpdateSetup_X86_1.3.187.39.exe" /update /sessionid "{B8131565-C237-474F-92D0-96E568C4A383}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QjgxMzE1NjUtQzIzNy00NzRGLTkyRDAtOTZFNTY4QzRBMzgzfSIgdXNlcmlkPSJ7Q0YxNjU1NTMtRkZBOS00N0M0LTk2QTMtMzlBRTgyMEREMUZBfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9InswNzYyMUY5Qy1DRThGLTQxQ0QtQTBGMy1DNUREOTUwQTg2Mjl9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTcxLjM5IiBuZXh0dmVyc2lvbj0iMS4zLjE4Ny4zOSIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0MjIzMjk2NDAyIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0MjIzNTMyNDM5IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ3MDIzODM4IiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNDI5NTA2NjA1NyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iZG8iIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzIyMTY2N2RjLWJiMGEtNGFjYi04MzNkLTVhMTFkYzg4YThiZj9QMT0xNzE4MTc2OTc0JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PVMlMmZmM0NydWFDVW8yOHBnckJGUGslMmJ4N0klMmZRaTBaUUpGQktXdHZkeVRhTSUyYk8xaXRkalQ4QUpRVnpKTjdKTzg2SW9FaUclMmZjVEdScFBZMVV6cnI4NWJjUSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSIwIiBkb3dubG9hZF90aW1lX21zPSIxIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ1Mzg2Mzg1IiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNDI5NTA5NjAzMSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvMjIxNjY3ZGMtYmIwYS00YWNiLTgzM2QtNWExMWRjODhhOGJmP1AxPTE3MTgxNzY5NzQmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9UyUyZmYzQ3J1YUNVbzI4cGdyQkZQayUyYng3SSUyZlFpMFpRSkZCS1d0dmR5VGFNJTJiTzFpdGRqVDhBSlFWekpON0pPODZJb0VpRyUyZmNUR1JwUFkxVXpycjg1YmNRJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMCIgdG90YWw9Ii0xIiBkb3dubG9hZF90aW1lX21zPSIxODgiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTQyOTUxMDYwMTYiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9Indpbmh0dHAiIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzIyMTY2N2RjLWJiMGEtNGFjYi04MzNkLTVhMTFkYzg4YThiZj9QMT0xNzE4MTc2OTc0JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PVMlMmZmM0NydWFDVW8yOHBnckJGUGslMmJ4N0klMmZRaTBaUUpGQktXdHZkeVRhTSUyYk8xaXRkalQ4QUpRVnpKTjdKTzg2SW9FaUclMmZjVEdScFBZMVV6cnI4NWJjUSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IjE5OS4yMzIuMjEwLjE3MiIgY2RuX2NpZD0iMyIgY2RuX2NjYz0iR0IiIGNkbl9tc2VkZ2VfcmVmPSJSZWYgQTogRUUxRkE2Q0Q2QzM1NERERUI2M0Q3OUE2ODhFMjUwQzEgUmVmIEI6IExUU0VER0UwODEyIFJlZiBDOiAyMDI0LTA1LTIwVDIwOjQ3OjU2WiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSJSZWYgQTogMDY2QUM2NkMzMzY4NEUyOUI1NEYxMUM4NEMzRTE4MUYgUmVmIEI6IEFNUzIzMTAyMDYxNjAxMSBSZWYgQzogMjAyNC0wNS0yMFQyMDo0Nzo1NloiIGNkbl9jYWNoZT0iSElUIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE2MjEwNDgiIHRvdGFsPSIxNjIxMDQ4IiBkb3dubG9hZF90aW1lX21zPSI4ODYiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTQyOTUxMzYwMjIiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTQzMDA4NDQ0NjciIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48cGluZyByPSItMSIgcmQ9Ii0xIi8-PC9hcHA-PGFwcCBhcHBpZD0iezU2RUIxOEY4LUIwMDgtNENCRC1CNkQyLThDOTdGRTdFOTA2Mn0iIHZlcnNpb249IjkwLjAuODE4LjY2IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGxhc3RfbGF1bmNoX3RpbWU9IjEzMzU5NjQ4ODM2MzY2MzUzMCI-PHVwZGF0ZWNoZWNrLz48cGluZyBhY3RpdmU9IjEiIGE9Ii0xIiByPSItMSIgYWQ9Ii0xIiByZD0iLTEiLz48L2FwcD48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iMTI1LjAuMjUzNS44NSIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiB1cGRhdGVfY291bnQ9IjEiIGxhc3RfbGF1bmNoX3RpbWU9IjEzMzYyMDQ1NTQ2MTUxNzE3MCI-PHVwZGF0ZWNoZWNrLz48cGluZyBhY3RpdmU9IjEiIGE9Ii0xIiByPSItMSIgYWQ9Ii0xIiByZD0iLTEiIHBpbmdfZnJlc2huZXNzPSJ7MEExNzk0NkYtNzJBMi00MDBFLUI5MTItNkMyQUNCN0RCQUM0fSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\Temp\EU5CDC.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU5CDC.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{B8131565-C237-474F-92D0-96E568C4A383}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QjgxMzE1NjUtQzIzNy00NzRGLTkyRDAtOTZFNTY4QzRBMzgzfSIgdXNlcmlkPSJ7Q0YxNjU1NTMtRkZBOS00N0M0LTk2QTMtMzlBRTgyMEREMUZBfSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7RkUzOTI0QjItRkE4Ni00QzJELUE0NzktNzg2MkJFN0I5N0RDfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xODcuMzkiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIwIiBpbnN0YWxsZGF0ZXRpbWU9IjE3MTc1NzE4NTciPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0NDc4NDIwOTI2Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MDI0MUIzNkEtQjA2Ri00Qjc3LUI4REEtOEM3RTRDOUE0REE0fSIgdXNlcmlkPSJ7Q0YxNjU1NTMtRkZBOS00N0M0LTk2QTMtMzlBRTgyMEREMUZBfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7NzY0RkM3RkUtQzI4RC00RTQ2LTg1QTYtNUYxQjg2N0MwRDFFfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7RDZqeFBlVW1LZmg4eXR5NkYwN1l4TTFlWkRIL1RWNkZRVDJmZkRpWnl3dz0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTI1LjAuNjQyMi4xNDIiIG5leHR2ZXJzaW9uPSIiIGxhbmc9ImVuIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjI3IiBpbnN0YWxsZGF0ZXRpbWU9IjE3MTUxNzQyMzIiIG9vYmVfaW5zdGFsbF90aW1lPSIxMzM1OTY3MjA1NjY1OTQ3MDgiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIyMTE0MDY4IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNzUxMjgzODA2OCIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E30BEEFA-476B-4157-849C-4C04165EEC7C}\BGAUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E30BEEFA-476B-4157-849C-4C04165EEC7C}\BGAUpdate.exe" --edgeupdate-client --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MDI0MUIzNkEtQjA2Ri00Qjc3LUI4REEtOEM3RTRDOUE0REE0fSIgdXNlcmlkPSJ7Q0YxNjU1NTMtRkZBOS00N0M0LTk2QTMtMzlBRTgyMEREMUZBfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntFRTgyRjc3RS1DMjFFLTREOTctQTNDNS0yQUQzNjVFNzIwOTB9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9InsxRkFCOENGRS05ODYwLTQxNUMtQTZDQS1BQTdEMTIwMjE5NDB9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIyLjAuMC4zNCIgbGFuZz0iIiBicmFuZD0iRVVGSSIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSItMSIgaW5zdGFsbGRhdGU9Ii0xIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjkiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE3NTI4NTAzMjQ1IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTc1Mjg5NDkxMzIiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMCIgZXJyb3Jjb2RlPSItMjE0NzAyMzgzOCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTc2MjIwMzM5NDAiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImRvIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy81ZjE5NTYxMi0zODRhLTQ4ZWEtODQwOC1iNGVkZTlkYzU2YmI_UDE9MTcxODE3NzMwNSZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1WQ2dpdTJjYWtKa09sVlF5ZDBBNHhnQ0xMV3QlMmZkQ1dDTzhRTEQ4OEtZWjJLMTVzYjJKSmc2RW5iZ0tFMFp6MFduY1psbzJWQlpOMldhMzNyRkNiRnV3JTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMCIgdG90YWw9IjAiIGRvd25sb2FkX3RpbWVfbXM9IjEiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMCIgZXJyb3Jjb2RlPSItMjE0NTM4NjM4NSIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTc2MjIwNjQwMDgiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzVmMTk1NjEyLTM4NGEtNDhlYS04NDA4LWI0ZWRlOWRjNTZiYj9QMT0xNzE4MTc3MzA1JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PVZDZ2l1MmNha0prT2xWUXlkMEE0eGdDTExXdCUyZmRDV0NPOFFMRDg4S1laMksxNXNiMkpKZzZFbmJnS0UwWnowV25jWmxvMlZCWk4yV2EzM3JGQ2JGdXclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIwIiB0b3RhbD0iLTEiIGRvd25sb2FkX3RpbWVfbXM9IjUyIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTc2MjIwODQwNjAiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9Indpbmh0dHAiIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzVmMTk1NjEyLTM4NGEtNDhlYS04NDA4LWI0ZWRlOWRjNTZiYj9QMT0xNzE4MTc3MzA1JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PVZDZ2l1MmNha0prT2xWUXlkMEE0eGdDTExXdCUyZmRDV0NPOFFMRDg4S1laMksxNXNiMkpKZzZFbmJnS0UwWnowV25jWmxvMlZCWk4yV2EzM3JGQ2JGdXclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIxOTkuMjMyLjIxMC4xNzIiIGNkbl9jaWQ9IjMiIGNkbl9jY2M9IkdCIiBjZG5fbXNlZGdlX3JlZj0iUmVmIEE6IDJERDc4ODU2RjEwNjQxREM4RjAzQzJDN0FGNzA5MUMyIFJlZiBCOiBMVFNFREdFMTcxMCBSZWYgQzogMjAyNC0wNC0xNVQyMDo0MzoxM1oiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iUmVmIEE6IDNFNTdDMDE4NkRGNDQyNzlBNDMzQjJCOTc0RkYzOUY0IFJlZiBCOiBBTVMyMzEwMjIwMTEwMjUgUmVmIEM6IDIwMjQtMDQtMTVUMjA6NDM6MTNaIiBjZG5fY2FjaGU9IkhJVCwgSElUIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE4MDQ0NDQ4IiB0b3RhbD0iMTgwNDQ0NDgiIGRvd25sb2FkX3RpbWVfbXM9IjMxNzAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNzYyMjEwMzk2OCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE3NjI5MTIwNjQ1IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTc2OTk4MTkxODYiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSI0NzMiIGRvd25sb2FkX3RpbWVfbXM9IjkyNjYiIGRvd25sb2FkZWQ9IjE4MDQ0NDQ4IiB0b3RhbD0iMTgwNDQ0NDgiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIwIiBpbnN0YWxsX3RpbWVfbXM9IjcwNjQiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\MicrosoftEdge_X64_125.0.2535.79.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\MicrosoftEdge_X64_125.0.2535.79.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\MicrosoftEdge_X64_125.0.2535.79.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.112 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.79 --initial-client-data=0x250,0x254,0x258,0x24c,0x228,0x7ff786024b18,0x7ff786024b24,0x7ff786024b30

C:\Program Files\VideoLAN\VLC\vlc.exe

"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Videos\Roblox\robloxapp-20240605-0726103.wmv"

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.112 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E11A453B-2162-478E-84E7-6DF67CABAD27}\EDGEMITMP_4CDE8.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.79 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff786024b18,0x7ff786024b24,0x7ff786024b30

C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.79\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.79\Installer\setup.exe" --msedge --channel=stable --register-package-identity --verbose-logging --system-level

C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.79\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.79\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.112 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.79\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.79 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff76f3c4b18,0x7ff76f3c4b24,0x7ff76f3c4b30

C:\Program Files\VideoLAN\VLC\vlc.exe

"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Videos\Roblox\robloxapp-20240605-0726338.wmv"

C:\Program Files\VideoLAN\VLC\vlc.exe

"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Videos\Roblox\robloxapp-20240605-0726338.wmv"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RjkzQ0IxRkMtQ0YyRC00QkQ0LUI3MzMtMzk4QUNGRDYwMTg1fSIgdXNlcmlkPSJ7Q0YxNjU1NTMtRkZBOS00N0M0LTk2QTMtMzlBRTgyMEREMUZBfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9InszQjJBOUVGQy03OUYxLTQxRTgtQUJGRi1FMURGRjBDRTA3RTZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtENmp4UGVVbUtmaDh5dHk2RjA3WXhNMWVaREgvVFY2RlFUMmZmRGlaeXd3PSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTg3LjM5IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9IklzT25JbnRlcnZhbENvbW1hbmRzQWxsb3dlZD0tdGFyZ2V0X2RldjtQcm9kdWN0c1RvUmVnaXN0ZXI9JTdCMUZBQjhDRkUtOTg2MC00MTVDLUE2Q0EtQUE3RDEyMDIxOTQwJTdEIiBpbnN0YWxsYWdlPSIwIiBjb2hvcnQ9InJyZkAwLjcwIj48dXBkYXRlY2hlY2svPjxwaW5nIHJkPSI2MzY1IiBwaW5nX2ZyZXNobmVzcz0iezg5OEYwODJDLUZCQTktNDExMS1CMTExLTlGODg5OUM2QTYzOH0iLz48L2FwcD48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iOTAuMC44MTguNjYiIG5leHR2ZXJzaW9uPSIxMjUuMC4yNTM1Ljc5IiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGlzX3Bpbm5lZF9zeXN0ZW09InRydWUiIGxhc3RfbGF1bmNoX2NvdW50PSIxIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1OTY0ODgzNjM2NjM1MzAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE4MDUwNDQ1OTEyIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE4MDUwNzAxODg5IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ3MDIzODM4IiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxODU2Nzk5OTUzNSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iZG8iIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzA4YzMwYzZkLTY5ZWItNDk3Yi1hZDgyLWY4NDc4NzllNDI0MD9QMT0xNzE4MTc3MzU3JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PWElMmJ5QzVPMURWQld1MzVZUjJiMGtsOGZpRGJodFo3RDhCUkU4OUlrS3lDWG1Za1VwSE5tSTBXRHRIV1ZzQ1JHTDhoVmdaOGV1aDRLaHZ6NjlYaE0yR2clM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIwIiB0b3RhbD0iMCIgZG93bmxvYWRfdGltZV9tcz0iMiIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMCIgZXJyb3Jjb2RlPSItMjE0NTM4NjM4NSIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTg1NjgwNDk1MDgiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzA4YzMwYzZkLTY5ZWItNDk3Yi1hZDgyLWY4NDc4NzllNDI0MD9QMT0xNzE4MTc3MzU3JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PWElMmJ5QzVPMURWQld1MzVZUjJiMGtsOGZpRGJodFo3RDhCUkU4OUlrS3lDWG1Za1VwSE5tSTBXRHRIV1ZzQ1JHTDhoVmdaOGV1aDRLaHZ6NjlYaE0yR2clM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIwIiB0b3RhbD0iLTEiIGRvd25sb2FkX3RpbWVfbXM9Ijk0Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE4NTY4MDc5NTk1IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJ3aW5odHRwIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy8wOGMzMGM2ZC02OWViLTQ5N2ItYWQ4Mi1mODQ3ODc5ZTQyNDA_UDE9MTcxODE3NzM1NyZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1hJTJieUM1TzFEVkJXdTM1WVIyYjBrbDhmaURiaHRaN0Q4QlJFODlJa0t5Q1htWWtVcEhObUkwV0R0SFdWc0NSR0w4aFZnWjhldWg0S2h2ejY5WGhNMkdnJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iMTk5LjIzMi4yMTAuMTcyIiBjZG5fY2lkPSIzIiBjZG5fY2NjPSJHQiIgY2RuX21zZWRnZV9yZWY9IlJlZiBBOiAwQ0Y4NzVDMkE4Q0U0NDM4QTg4OTg3MTQxMjdGNzA2RCBSZWYgQjogTFRTRURHRTE2MTUgUmVmIEM6IDIwMjQtMDUtMzBUMTA6NTg6MDhaIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IlJlZiBBOiA0NEREMjI0NUQzNjc0MzNGOTM4NTFGQzIwRjM4MUI5NiBSZWYgQjogQU1TMjMxMDIwNjE2MDQ1IFJlZiBDOiAyMDI0LTA1LTMwVDEwOjU4OjA4WiIgY2RuX2NhY2hlPSJISVQsIEhJVCIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNzM3MTYwMjQiIHRvdGFsPSIxNzM3MTYwMjQiIGRvd25sb2FkX3RpbWVfbXM9IjQxMjMwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE4NTY4MDk5NTAyIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE4NTg3Mjk5ODI3IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxOTQzMzAyNzUwNiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjkwNyIgZG93bmxvYWRfdGltZV9tcz0iNTE2NzAiIGRvd25sb2FkZWQ9IjE3MzcxNjAyNCIgdG90YWw9IjE3MzcxNjAyNCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iODQ1NjkiLz48cGluZyBhY3RpdmU9IjAiIHJkPSI2MzY1IiBwaW5nX2ZyZXNobmVzcz0ie0ZFMjI3Q0U1LTU5QUUtNEI0MC05RTY2LUE4MTZDNUNDRUQzOH0iLz48L2FwcD48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iMTI1LjAuMjUzNS44NSIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBjb2hvcnQ9InJyZkAwLjI0IiB1cGRhdGVfY291bnQ9IjEiIGxhc3RfbGF1bmNoX2NvdW50PSIxIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM2MjA0NTU0NjE1MTcxNzAiPjx1cGRhdGVjaGVjay8-PHBpbmcgYWN0aXZlPSIwIiByZD0iNjM2NSIgcGluZ19mcmVzaG5lc3M9Ins5Qzk2OTRCOC0xNzc1LTQ0NkQtOEQ1Ny1BMTA4RDFGQTlGQTZ9Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=4736,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5580 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=4664,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=4516 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=4688,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=3536 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=3552,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5520 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --field-trial-handle=3152,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=6868 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=5660,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5732 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --field-trial-handle=6584,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=6528 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --field-trial-handle=5968,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=6564 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --field-trial-handle=4580,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5580 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=2292,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5816 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=6664,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5340 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=6484,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=6480 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=3532,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=7336 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=3524,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5720 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --field-trial-handle=7140,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=5520 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --field-trial-handle=5228,i,16633102598412354967,5341952294685492325,262144 --variations-seed-version=20240507-180133.206000 --mojo-platform-channel-handle=6372 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 google.com udp
GB 142.250.178.14:80 google.com tcp
GB 142.250.178.14:80 google.com tcp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.238:443 ogs.google.com tcp
GB 142.250.200.14:443 apis.google.com udp
US 8.8.8.8:53 234.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
GB 172.217.169.3:443 ssl.gstatic.com tcp
N/A 224.0.0.251:5353 udp
GB 104.86.110.113:443 tcp
US 52.168.112.67:443 browser.pipe.aria.microsoft.com tcp
BE 2.17.196.106:443 r.bing.com tcp
BE 2.17.196.106:443 r.bing.com tcp
BE 2.17.196.106:443 r.bing.com tcp
BE 2.17.196.106:443 r.bing.com tcp
BE 2.17.196.106:443 r.bing.com tcp
BE 2.17.196.106:443 r.bing.com tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 216.239.32.27:443 chrome.com tcp
US 216.239.32.27:443 chrome.com tcp
GB 142.250.187.196:443 www.google.com udp
GB 216.58.201.98:443 googleads.g.doubleclick.net tcp
GB 216.58.204.70:443 2542116.fls.doubleclick.net tcp
GB 216.58.204.70:443 2542116.fls.doubleclick.net udp
GB 216.58.201.98:443 googleads.g.doubleclick.net udp
US 216.239.32.27:443 chrome.com udp
GB 216.58.212.241:443 csp.withgoogle.com tcp
GB 216.58.204.67:443 update.googleapis.com tcp
GB 216.58.204.67:443 update.googleapis.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
GB 216.58.204.67:443 update.googleapis.com tcp
GB 142.250.187.238:443 remotedesktop.google.com tcp
GB 172.217.169.3:443 ssl.gstatic.com tcp
US 104.21.19.57:443 remotedesktop.oogle.com tcp
US 104.21.19.57:443 remotedesktop.oogle.com tcp
US 104.21.19.57:443 remotedesktop.oogle.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
GB 142.250.187.238:443 remotedesktop.google.com tcp
GB 142.250.187.238:443 remotedesktop.google.com tcp
GB 142.250.187.238:443 remotedesktop.google.com udp
GB 172.217.169.3:443 ssl.gstatic.com tcp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.187.238:443 remotedesktop.google.com tcp
GB 142.250.187.196:443 www.google.com udp
GB 216.58.204.67:443 update.googleapis.com tcp
US 192.178.49.195:443 beacons.gcp.gvt2.com tcp
GB 142.250.187.238:443 remotedesktop.google.com tcp
GB 142.250.200.10:443 accountcapabilities-pa.googleapis.com tcp
GB 172.217.169.42:443 accountcapabilities-pa.googleapis.com tcp
US 8.8.8.8:53 lh3.googleusercontent.com udp
NL 142.250.102.94:443 accounts.google.com.vn tcp
GB 172.217.16.225:443 lh3.googleusercontent.com tcp
US 8.8.8.8:53 94.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 188.168.251.142.in-addr.arpa udp
GB 172.217.16.225:443 clients2.googleusercontent.com tcp
GB 172.217.169.3:443 ssl.gstatic.com udp
GB 216.58.204.67:443 update.googleapis.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.187.238:443 clients2.google.com udp
GB 142.250.187.238:443 clients2.google.com tcp
GB 172.217.169.3:443 ssl.gstatic.com udp
GB 172.217.16.225:443 clients2.googleusercontent.com udp
US 216.239.38.117:443 beacons2.gvt2.com tcp
US 216.239.38.117:443 beacons2.gvt2.com udp
GB 216.58.201.110:443 chromewebstore.google.com tcp
GB 216.58.201.110:443 chromewebstore.google.com udp
GB 142.250.187.202:443 scone-pa.clients6.google.com tcp
GB 142.250.187.202:443 scone-pa.clients6.google.com udp
GB 172.217.16.225:443 clients2.googleusercontent.com udp
GB 172.217.16.225:443 clients2.googleusercontent.com udp
GB 142.250.178.14:443 google.com tcp
US 192.178.49.195:443 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 192.178.49.195:443 beacons.gcp.gvt2.com tcp
GB 142.250.200.35:443 google.com.vn tcp
GB 142.250.187.238:443 clients2.google.com udp
US 192.178.49.195:443 beacons.gcp.gvt2.com udp
GB 142.250.178.14:443 google.com udp
IL 34.0.72.251:443 e2c77.gcp.gvt2.com tcp
US 8.8.8.8:53 251.72.0.34.in-addr.arpa udp
GB 216.58.201.110:443 chromewebstore.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.187.238:443 clients2.google.com udp
GB 142.250.200.35:443 google.com.vn udp
US 192.178.49.195:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons3.gvt2.com udp
US 216.239.38.117:443 beacons2.gvt2.com udp
GB 216.58.213.3:443 beacons3.gvt2.com tcp
US 192.178.49.163:443 beacons.gvt2.com tcp
GB 216.58.213.3:443 beacons3.gvt2.com udp
US 192.178.49.163:443 beacons.gvt2.com udp
US 8.8.8.8:53 3.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 163.49.178.192.in-addr.arpa udp
US 74.125.247.128:3478 udp
US 74.125.247.128:3478 tcp
DE 116.202.162.252:52622 udp
GB 142.250.187.238:443 clients2.google.com udp
GB 128.116.119.4:443 roblox.com tcp
GB 128.116.119.4:443 roblox.com tcp
NL 128.116.21.4:443 users.roblox.com tcp
NL 128.116.21.4:443 users.roblox.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
GB 216.137.44.28:443 css.rbxcdn.com tcp
GB 216.137.44.28:443 css.rbxcdn.com tcp
GB 216.137.44.28:443 css.rbxcdn.com tcp
GB 216.137.44.28:443 css.rbxcdn.com tcp
GB 216.137.44.28:443 css.rbxcdn.com tcp
GB 216.137.44.28:443 css.rbxcdn.com tcp
GB 108.138.217.62:443 static.rbxcdn.com tcp
GB 18.245.253.103:443 js.rbxcdn.com tcp
GB 18.245.253.103:443 js.rbxcdn.com tcp
GB 18.245.253.103:443 js.rbxcdn.com tcp
GB 18.245.253.103:443 js.rbxcdn.com tcp
GB 18.245.253.103:443 js.rbxcdn.com tcp
GB 18.245.253.103:443 js.rbxcdn.com tcp
GB 216.137.44.28:443 css.rbxcdn.com tcp
US 172.64.154.86:443 roblox-api.arkoselabs.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
US 172.64.154.86:443 roblox-api.arkoselabs.com udp
BE 104.117.77.89:443 apis.rbxcdn.com tcp
US 8.8.8.8:53 4.21.116.128.in-addr.arpa udp
US 8.8.8.8:53 28.44.137.216.in-addr.arpa udp
US 8.8.8.8:53 62.217.138.108.in-addr.arpa udp
US 8.8.8.8:53 103.253.245.18.in-addr.arpa udp
US 8.8.8.8:53 86.154.64.172.in-addr.arpa udp
NL 128.116.21.4:443 notifications.roblox.com udp
GB 216.137.44.8:443 images.rbxcdn.com tcp
GB 216.137.44.8:443 images.rbxcdn.com tcp
GB 216.137.44.8:443 images.rbxcdn.com tcp
GB 216.137.44.8:443 images.rbxcdn.com tcp
GB 216.137.44.8:443 images.rbxcdn.com tcp
GB 216.137.44.8:443 images.rbxcdn.com tcp
GB 142.250.187.234:443 chromewebstore.googleapis.com tcp
GB 142.250.187.196:443 www.google.com udp
GB 172.217.16.225:443 lh3.googleusercontent.com tcp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.187.238:443 clients2.google.com udp
NL 154.61.71.12:443 hatching.io tcp
NL 154.61.71.12:443 hatching.io tcp
NL 154.61.71.12:443 hatching.io tcp
NL 154.61.71.12:443 hatching.io tcp
NL 154.61.71.12:443 hatching.io tcp
NL 154.61.71.12:443 hatching.io tcp
NL 154.61.71.12:443 hatching.io tcp
GB 142.250.187.234:443 chromewebstore.googleapis.com tcp
US 192.178.49.195:443 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 142.250.187.234:443 chromewebstore.googleapis.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 154.61.71.12:443 hatching.io tcp
NL 154.61.71.12:443 hatching.io tcp
NL 154.61.71.12:443 hatching.io tcp
NL 154.61.71.12:443 hatching.io tcp
GB 142.250.187.234:443 chromewebstore.googleapis.com udp
US 216.239.32.116:443 beacons4.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
GB 172.217.169.10:443 chromewebstore.googleapis.com tcp
GB 216.58.204.67:443 update.googleapis.com tcp
GB 142.250.178.14:443 google.com tcp
NL 128.116.21.4:443 notifications.roblox.com udp
US 172.64.154.86:443 roblox-api.arkoselabs.com udp
SE 184.31.15.64:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 accountsettings.roblox.com udp
US 8.8.8.8:53 economy.roblox.com udp
US 8.8.8.8:53 friends.roblox.com udp
US 8.8.8.8:53 privatemessages.roblox.com udp
US 8.8.8.8:53 trades.roblox.com udp
US 8.8.8.8:53 contacts.roblox.com udp
US 8.8.8.8:53 aws-ap-east-1a-lms.rbx.com udp
US 8.8.8.8:53 waw1-128-116-124-3.roblox.com udp
US 8.8.8.8:53 atl1-128-116-99-3.roblox.com udp
US 8.8.8.8:53 aws-eu-central-1c-lms.rbx.com udp
JP 128.116.120.3:443 nrt1-128-116-120-3.roblox.com tcp
US 128.116.95.3:443 dfw2-128-116-95-3.roblox.com tcp
PL 128.116.124.3:443 waw1-128-116-124-3.roblox.com tcp
DE 18.158.64.153:443 aws-eu-central-1b-lms.rbx.com tcp
US 54.183.81.141:443 aws-us-west-1a-lms.rbx.com tcp
US 128.116.99.3:443 atl1-128-116-99-3.roblox.com tcp
GB 3.10.189.162:443 aws-eu-west-2b-lms.rbx.com tcp
NL 128.116.21.3:443 client-telemetry.roblox.com tcp
HK 18.163.94.200:443 aws-ap-east-1a-lms.rbx.com tcp
DE 52.28.142.149:443 aws-eu-central-1c-lms.rbx.com tcp
FR 3.162.38.51:443 static.rbxcdn.com tcp
JP 128.116.120.3:443 nrt1-128-116-120-3.roblox.com tcp
HK 18.163.94.200:443 aws-ap-east-1a-lms.rbx.com tcp
GB 142.250.187.234:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 200.94.163.18.in-addr.arpa udp
US 8.8.8.8:53 3.124.116.128.in-addr.arpa udp
FR 18.155.129.18:443 t3.rbxcdn.com tcp
FR 18.155.129.79:443 t6.rbxcdn.com tcp
GB 104.86.110.113:443 tcp
GB 104.86.110.113:443 tcp
GB 104.86.110.113:443 tcp
GB 104.86.110.113:443 tcp
GB 104.86.110.113:443 tcp
BE 104.68.66.114:443 cxcs.microsoft.net tcp
BE 2.17.196.106:443 www.bing.com tcp
US 18.245.199.57:443 create.roblox.com tcp
US 18.245.175.44:443 webblox.roblox.com tcp
US 34.120.195.249:443 o293668.ingest.sentry.io tcp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
GB 142.250.187.234:443 content-autofill.googleapis.com udp
US 3.165.112.70:443 doy2mn9upadnk.cloudfront.net tcp
GB 142.250.200.14:443 www.youtube-nocookie.com tcp
US 3.165.112.70:443 doy2mn9upadnk.cloudfront.net tcp
GB 142.250.200.14:443 www.youtube-nocookie.com tcp
FR 18.244.28.123:443 tcp
GB 142.250.200.14:443 www.youtube-nocookie.com udp
GB 216.58.212.246:443 tcp
GB 142.250.178.14:443 google.com udp
GB 142.250.200.14:443 udp
GB 216.58.212.234:443 content-autofill.googleapis.com tcp
GB 216.58.212.234:443 udp
GB 172.217.16.238:443 www.youtube-nocookie.com tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
GB 142.250.179.238:443 www.youtube-nocookie.com tcp
GB 142.250.179.238:443 www.youtube-nocookie.com udp
N/A 127.0.0.1:9229 tcp
FR 3.162.38.49:443 setup.rbxcdn.com tcp
FR 3.162.38.49:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
N/A 127.0.0.1:9229 tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
CA 35.215.54.231:443 e2c45.gcp.gvt2.com tcp
N/A 127.0.0.1:9229 tcp
US 192.178.49.163:443 beacons.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
GB 216.58.201.110:443 chromewebstore.google.com udp
NL 128.116.21.3:443 client-telemetry.roblox.com tcp
NL 128.116.21.4:443 thumbnails.roblox.com tcp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
FR 3.162.38.106:443 setup.rbxcdn.com tcp
FR 3.162.38.106:443 setup.rbxcdn.com tcp
FR 3.162.38.106:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:53311 tcp
N/A 127.0.0.1:53315 tcp
N/A 127.0.0.1:53318 tcp
N/A 127.0.0.1:53321 tcp
GB 172.217.169.74:443 content-autofill.googleapis.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
GB 216.58.213.3:443 beacons3.gvt2.com tcp
GB 216.58.213.3:443 beacons3.gvt2.com udp
GB 216.58.201.110:443 chromewebstore.google.com udp
US 23.102.129.60:443 msedge.api.cdp.microsoft.com tcp
US 199.232.210.172:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
GB 142.250.179.238:443 www.youtube-nocookie.com udp
GB 142.250.200.14:443 www.youtube-nocookie.com udp
GB 104.86.110.113:443 tcp
GB 104.86.110.113:443 tcp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
NL 128.116.21.4:443 thumbnails.roblox.com tcp
NL 128.116.21.4:443 thumbnails.roblox.com tcp
N/A 127.0.0.1:53705 tcp
N/A 127.0.0.1:53712 tcp
N/A 127.0.0.1:53721 tcp
N/A 127.0.0.1:53725 tcp
NL 128.116.21.3:443 client-telemetry.roblox.com tcp
N/A 127.0.0.1:53728 tcp
NL 128.116.21.4:443 thumbnails.roblox.com tcp
US 8.8.8.8:53 apis.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
NL 128.116.21.4:443 apis.roblox.com tcp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
US 18.245.199.116:443 css.rbxcdn.com tcp
US 18.245.199.116:443 css.rbxcdn.com tcp
US 18.245.199.116:443 css.rbxcdn.com tcp
US 18.245.199.116:443 css.rbxcdn.com tcp
US 18.245.199.116:443 css.rbxcdn.com tcp
US 18.245.199.116:443 css.rbxcdn.com tcp
FR 18.244.28.55:443 js.rbxcdn.com tcp
FR 18.244.28.55:443 js.rbxcdn.com tcp
FR 18.244.28.55:443 js.rbxcdn.com tcp
FR 18.244.28.55:443 js.rbxcdn.com tcp
FR 18.244.28.55:443 js.rbxcdn.com tcp
FR 18.244.28.55:443 js.rbxcdn.com tcp
FR 3.162.38.66:443 static.rbxcdn.com tcp
FR 3.162.38.66:443 static.rbxcdn.com tcp
US 18.245.175.61:443 images.rbxcdn.com tcp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
US 18.245.199.116:443 css.rbxcdn.com tcp
GB 128.116.119.4:443 roblox.com tcp
US 104.18.33.170:443 roblox-api.arkoselabs.com tcp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 metrics.roblox.com udp
NL 128.116.21.4:443 www.roblox.com udp
NL 128.116.21.4:443 www.roblox.com tcp
US 104.18.33.170:443 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 apis.rbxcdn.com udp
US 8.8.8.8:53 apis.rbxcdn.com udp
BE 2.17.107.249:443 apis.rbxcdn.com tcp
NL 128.116.21.4:443 www.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.4.4:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.4.4:443 dns.google udp
US 18.245.175.61:443 images.rbxcdn.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
N/A 127.0.0.1:54174 tcp
N/A 127.0.0.1:54365 tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
GB 216.58.201.110:443 chromewebstore.google.com udp
NL 128.116.21.4:443 metrics.roblox.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
GB 142.250.178.14:443 google.com udp
NL 128.116.21.4:443 metrics.roblox.com tcp
N/A 127.0.0.1:55601 tcp
N/A 127.0.0.1:55604 tcp
N/A 127.0.0.1:55606 tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
SE 184.31.15.65:443 tr.rbxcdn.com tcp
SE 184.31.15.65:443 tr.rbxcdn.com tcp
SE 184.31.15.65:443 tr.rbxcdn.com tcp
SE 184.31.15.65:443 tr.rbxcdn.com tcp
SE 184.31.15.65:443 tr.rbxcdn.com tcp
SE 184.31.15.65:443 tr.rbxcdn.com tcp
SE 184.31.15.65:443 tr.rbxcdn.com tcp
SE 184.31.15.65:443 tr.rbxcdn.com tcp
FR 18.155.129.79:443 t6.rbxcdn.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
N/A 127.0.0.1:55619 tcp
N/A 127.0.0.1:55622 tcp
N/A 127.0.0.1:55661 tcp
N/A 127.0.0.1:55740 tcp
N/A 127.0.0.1:56017 tcp
N/A 127.0.0.1:56019 tcp
N/A 127.0.0.1:56021 tcp
N/A 127.0.0.1:56023 tcp
N/A 127.0.0.1:56025 tcp
N/A 127.0.0.1:56027 tcp
N/A 127.0.0.1:56029 tcp
N/A 127.0.0.1:56031 tcp
N/A 127.0.0.1:56042 tcp
N/A 127.0.0.1:56045 tcp
BE 104.68.66.114:443 cxcs.microsoft.net tcp
BE 2.17.196.106:443 www.bing.com tcp
NL 128.116.21.3:443 client-telemetry.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
N/A 127.0.0.1:56057 tcp
N/A 127.0.0.1:56060 tcp
N/A 127.0.0.1:56062 tcp
N/A 127.0.0.1:56064 tcp
N/A 127.0.0.1:56066 tcp
NL 142.250.27.84:443 accounts.google.com udp
US 18.245.199.55:443 create.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com udp
GB 142.250.200.14:443 www.youtube-nocookie.com udp
US 18.245.175.104:443 webblox.roblox.com tcp
FR 13.32.145.101:443 fonts.roblox.com tcp
FR 13.32.145.101:443 fonts.roblox.com tcp
FR 13.32.145.101:443 fonts.roblox.com tcp
US 18.245.175.104:443 webblox.roblox.com tcp
US 34.120.195.249:443 o293668.ingest.sentry.io udp
GB 142.250.178.10:443 content-autofill.googleapis.com udp
NL 128.116.21.4:443 metrics.roblox.com tcp
N/A 127.0.0.1:56161 tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
GB 128.116.33.33:60204 udp
N/A 127.0.0.1:56175 tcp
N/A 127.0.0.1:56178 tcp
US 8.8.8.8:53 assetdelivery.roblox.com udp
NL 128.116.21.4:443 ncs.roblox.com tcp
NL 128.116.21.4:443 ncs.roblox.com tcp
US 18.245.199.111:443 c7.rbxcdn.com tcp
US 18.245.199.111:443 c7.rbxcdn.com tcp
N/A 127.0.0.1:56186 tcp
N/A 127.0.0.1:56188 tcp
NL 128.116.21.4:443 ncs.roblox.com tcp
US 8.8.8.8:53 clients2.google.com udp
NL 128.116.21.4:443 ncs.roblox.com udp
GB 142.250.187.206:443 clients2.google.com tcp
NL 128.116.21.4:443 ncs.roblox.com tcp
NL 128.116.21.4:443 ncs.roblox.com tcp
NL 128.116.21.4:443 ncs.roblox.com tcp
NL 128.116.21.4:443 ncs.roblox.com tcp
NL 128.116.21.4:443 ncs.roblox.com tcp
NL 128.116.21.4:443 ncs.roblox.com tcp
NL 128.116.21.4:443 ncs.roblox.com tcp
NL 128.116.21.4:443 ncs.roblox.com tcp
FR 3.162.38.72:443 c5.rbxcdn.com tcp
FR 3.162.38.72:443 c5.rbxcdn.com tcp
FR 18.244.28.119:443 c6.rbxcdn.com tcp
FR 3.162.38.6:443 c3.rbxcdn.com tcp
FR 3.162.38.6:443 c3.rbxcdn.com tcp
US 8.8.8.8:53 c0.rbxcdn.com udp
US 18.245.175.86:443 c2.rbxcdn.com tcp
FR 18.155.129.115:443 c0.rbxcdn.com tcp
FR 3.162.38.72:443 c5.rbxcdn.com tcp
FR 52.84.174.57:443 t7.rbxcdn.com tcp
FR 18.155.129.18:443 t3.rbxcdn.com tcp
FR 18.155.129.18:443 t3.rbxcdn.com tcp
FR 52.84.174.57:443 t7.rbxcdn.com tcp
US 8.8.8.8:53 72.38.162.3.in-addr.arpa udp
US 8.8.8.8:53 119.28.244.18.in-addr.arpa udp
US 8.8.8.8:53 6.38.162.3.in-addr.arpa udp
US 8.8.8.8:53 86.175.245.18.in-addr.arpa udp
US 8.8.8.8:53 115.129.155.18.in-addr.arpa udp
FR 18.244.28.93:443 t4.rbxcdn.com tcp
N/A 127.0.0.1:56223 tcp
N/A 127.0.0.1:56225 tcp
N/A 127.0.0.1:56242 tcp
N/A 127.0.0.1:56245 tcp
N/A 127.0.0.1:56247 tcp
N/A 127.0.0.1:56249 tcp
N/A 127.0.0.1:56297 tcp
N/A 127.0.0.1:56299 tcp
N/A 127.0.0.1:56301 tcp
N/A 127.0.0.1:56303 tcp
N/A 127.0.0.1:56305 tcp
NL 128.116.21.4:443 inventory.roblox.com tcp
NL 128.116.21.4:443 inventory.roblox.com tcp
NL 128.116.21.4:443 inventory.roblox.com tcp
NL 128.116.21.4:443 inventory.roblox.com tcp
N/A 127.0.0.1:56423 tcp
N/A 127.0.0.1:56447 tcp
N/A 127.0.0.1:56449 tcp
N/A 127.0.0.1:56451 tcp
NL 128.116.21.4:443 inventory.roblox.com udp
SG 74.125.24.94:443 beacons2.gvt2.com tcp
SG 74.125.24.94:443 beacons2.gvt2.com tcp
SG 74.125.24.94:443 beacons2.gvt2.com udp
NL 128.116.21.4:443 inventory.roblox.com udp
NL 128.116.21.4:443 inventory.roblox.com udp
NL 128.116.21.4:443 inventory.roblox.com udp
NL 128.116.21.4:443 inventory.roblox.com udp
NL 128.116.21.4:443 inventory.roblox.com tcp
US 18.245.175.104:443 webblox.roblox.com tcp
GB 172.217.169.74:443 remotedesktop-pa.googleapis.com udp
US 23.102.129.60:443 msedge.api.cdp.microsoft.com tcp
US 199.232.210.172:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
NL 128.116.21.4:443 inventory.roblox.com tcp
NL 128.116.21.4:443 inventory.roblox.com tcp
N/A 127.0.0.1:56624 tcp
N/A 127.0.0.1:56626 tcp
US 8.8.8.8:53 gameinternationalization.roblox.com udp
NL 128.116.21.4:443 gamepersistence.roblox.com tcp
NL 128.116.21.4:443 gamepersistence.roblox.com tcp
NL 128.116.21.4:443 gamepersistence.roblox.com tcp
NL 128.116.21.4:443 gamepersistence.roblox.com tcp
NL 128.116.21.4:443 gamepersistence.roblox.com tcp
US 8.8.8.8:53 games.roblox.com udp
NL 128.116.21.4:443 friends.roblox.com tcp
NL 128.116.21.4:443 friends.roblox.com tcp
NL 128.116.21.4:443 friends.roblox.com tcp
NL 128.116.21.4:443 friends.roblox.com tcp
NL 128.116.21.4:443 friends.roblox.com tcp
FR 3.162.38.72:443 c5.rbxcdn.com tcp
NL 128.116.21.4:443 friends.roblox.com tcp
NL 128.116.21.4:443 friends.roblox.com tcp
NL 128.116.21.4:443 friends.roblox.com tcp
NL 128.116.21.4:443 friends.roblox.com tcp
US 104.21.5.162:443 analytics-api-5968537435-a41e595143fd.superbiz.gg tcp
FR 18.244.28.45:443 c6.rbxcdn.com tcp
NL 128.116.21.4:443 friends.roblox.com tcp
N/A 127.0.0.1:56781 tcp
N/A 127.0.0.1:56783 tcp
N/A 127.0.0.1:56786 tcp
US 172.67.133.158:443 analytics-api-5968537435-a41e595143fd.superbiz.gg tcp
N/A 127.0.0.1:56792 tcp
NL 128.116.21.4:443 friends.roblox.com tcp
NL 128.116.21.4:443 friends.roblox.com tcp
US 18.245.199.49:443 c7.rbxcdn.com tcp
FR 18.155.129.94:443 c0.rbxcdn.com tcp
US 18.245.199.49:443 c7.rbxcdn.com tcp
US 8.8.8.8:53 158.133.67.172.in-addr.arpa udp
US 8.8.8.8:53 49.199.245.18.in-addr.arpa udp
NL 128.116.21.4:443 csm.roblox.com tcp
NL 128.116.21.4:443 csm.roblox.com tcp
NL 128.116.21.4:443 csm.roblox.com tcp
NL 128.116.21.4:443 csm.roblox.com tcp
NL 128.116.21.4:443 csm.roblox.com tcp
NL 128.116.21.4:443 csm.roblox.com tcp
FR 3.162.38.128:443 c3.rbxcdn.com tcp
FR 3.162.38.128:443 c3.rbxcdn.com tcp
FR 3.162.38.128:443 c3.rbxcdn.com tcp
FR 18.244.28.50:443 c1.rbxcdn.com tcp
US 18.245.175.34:443 c2.rbxcdn.com tcp
NL 128.116.21.4:443 csm.roblox.com tcp
NL 128.116.21.4:443 csm.roblox.com tcp
NL 128.116.21.4:443 csm.roblox.com tcp
NL 128.116.21.4:443 csm.roblox.com tcp
NL 128.116.21.4:443 csm.roblox.com tcp
US 8.8.8.8:53 34.175.245.18.in-addr.arpa udp
US 172.67.133.158:443 analytics-api-5968537435-235f8673412a.superbiz.gg tcp
N/A 127.0.0.1:60187 udp
N/A 127.0.0.1:56807 tcp
N/A 127.0.0.1:56809 tcp
N/A 127.0.0.1:56813 tcp
N/A 127.0.0.1:56815 tcp
N/A 127.0.0.1:56817 tcp
N/A 127.0.0.1:56819 tcp
N/A 127.0.0.1:56831 tcp
N/A 127.0.0.1:56835 tcp
N/A 127.0.0.1:56845 tcp
N/A 127.0.0.1:56857 tcp
N/A 127.0.0.1:56866 tcp
N/A 127.0.0.1:56868 tcp
N/A 127.0.0.1:56898 tcp
N/A 127.0.0.1:56906 tcp
N/A 127.0.0.1:56913 tcp
N/A 127.0.0.1:56915 tcp
N/A 127.0.0.1:56917 tcp
N/A 127.0.0.1:56959 tcp
NL 128.116.21.4:443 apis.roblox.com tcp
N/A 127.0.0.1:56994 tcp
N/A 127.0.0.1:56996 tcp
NL 128.116.21.4:443 apis.roblox.com tcp
N/A 127.0.0.1:56998 tcp
NL 128.116.21.4:443 apis.roblox.com tcp
N/A 127.0.0.1:57037 tcp
N/A 127.0.0.1:57039 tcp
N/A 127.0.0.1:57062 tcp
N/A 127.0.0.1:57114 tcp
N/A 127.0.0.1:57117 tcp
N/A 127.0.0.1:57155 tcp
US 172.67.133.158:443 analytics-api-5968537435-235f8673412a.superbiz.gg tcp
FR 3.162.38.72:443 c5.rbxcdn.com tcp
US 18.245.175.34:443 c2.rbxcdn.com tcp
FR 3.162.38.72:443 c5.rbxcdn.com tcp
FR 18.244.28.43:443 c4.rbxcdn.com tcp
US 18.245.175.34:443 c2.rbxcdn.com tcp
N/A 127.0.0.1:57162 tcp
N/A 127.0.0.1:57317 tcp
US 172.67.133.158:443 analytics-api-5968537435-235f8673412a.superbiz.gg tcp
NL 128.116.21.4:443 apis.roblox.com tcp
N/A 127.0.0.1:57320 tcp
N/A 127.0.0.1:57324 tcp
US 104.21.5.162:443 analytics-api-5968537435-235f8673412a.superbiz.gg tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
N/A 127.0.0.1:57327 tcp
N/A 127.0.0.1:57329 tcp
N/A 127.0.0.1:57331 tcp
N/A 127.0.0.1:57333 tcp
N/A 127.0.0.1:57335 tcp
N/A 127.0.0.1:57342 tcp
N/A 127.0.0.1:57344 tcp
N/A 127.0.0.1:57346 tcp
N/A 127.0.0.1:57351 tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
US 8.8.8.8:53 analytics-api-5968537435-ff19de831023.superbiz.gg udp
US 172.67.133.158:443 analytics-api-5968537435-ff19de831023.superbiz.gg tcp
FR 18.244.28.45:443 c6.rbxcdn.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
US 8.8.8.8:53 economy.roblox.com udp
US 8.8.8.8:53 analytics-api-5968537435-85fdb080b0cd.superbiz.gg udp
US 172.67.133.158:443 analytics-api-5968537435-85fdb080b0cd.superbiz.gg tcp
NL 128.116.21.4:443 assetgame.roblox.com tcp
US 18.245.199.118:443 c7.rbxcdn.com tcp
NL 128.116.21.4:443 assetgame.roblox.com tcp
NL 128.116.21.4:443 assetgame.roblox.com tcp
NL 128.116.21.4:443 assetgame.roblox.com tcp
N/A 127.0.0.1:57460 tcp
N/A 127.0.0.1:57462 tcp
N/A 127.0.0.1:57466 tcp
N/A 127.0.0.1:57472 tcp
N/A 127.0.0.1:50611 udp
N/A 127.0.0.1:57480 tcp
N/A 127.0.0.1:57486 tcp
N/A 127.0.0.1:57491 tcp
N/A 127.0.0.1:57493 tcp
N/A 127.0.0.1:57502 tcp
N/A 127.0.0.1:57516 tcp
N/A 127.0.0.1:57518 tcp
N/A 127.0.0.1:57520 tcp
N/A 127.0.0.1:57522 tcp
NL 128.116.21.4:443 assetgame.roblox.com tcp
NL 128.116.21.4:443 assetgame.roblox.com tcp
NL 128.116.21.4:443 assetgame.roblox.com tcp
NL 128.116.21.4:443 assetgame.roblox.com tcp
US 8.8.8.8:53 locale.roblox.com udp
NL 128.116.21.4:443 locale.roblox.com tcp
NL 128.116.21.4:443 locale.roblox.com tcp
NL 128.116.21.4:443 locale.roblox.com tcp
NL 128.116.21.4:443 locale.roblox.com tcp
US 8.8.8.8:53 analytics-api-5968537435-6196b561e6a5.superbiz.gg udp
US 172.67.133.158:443 analytics-api-5968537435-3d1f443d6493.superbiz.gg tcp
NL 128.116.21.4:443 inventory.roblox.com tcp
NL 128.116.21.4:443 inventory.roblox.com tcp
N/A 127.0.0.1:57579 tcp
N/A 127.0.0.1:57581 tcp
N/A 127.0.0.1:57633 tcp
N/A 127.0.0.1:57662 tcp
N/A 127.0.0.1:57665 tcp
N/A 127.0.0.1:57670 tcp
N/A 127.0.0.1:57693 tcp
N/A 127.0.0.1:57695 tcp
N/A 127.0.0.1:57724 tcp
N/A 127.0.0.1:57726 tcp
N/A 127.0.0.1:57747 tcp
N/A 127.0.0.1:57802 tcp
N/A 127.0.0.1:57805 tcp
US 205.234.175.102:443 c0cfly.rbxcdn.com tcp
DE 52.29.33.253:443 b.ns1p.net tcp
US 8.8.8.8:53 253.33.29.52.in-addr.arpa udp
N/A 127.0.0.1:57809 tcp
N/A 127.0.0.1:57812 tcp
US 104.21.5.162:443 analytics-api-5968537435-b33dfe9b43e5.superbiz.gg tcp
US 172.67.133.158:443 analytics-api-5968537435-b33dfe9b43e5.superbiz.gg tcp
N/A 127.0.0.1:57818 tcp
N/A 127.0.0.1:57993 tcp
US 172.67.133.158:443 analytics-api-5968537435-b33dfe9b43e5.superbiz.gg tcp
US 8.8.8.8:53 analytics-api-5968537435-3cd327185878.superbiz.gg udp
US 172.67.133.158:443 analytics-api-5968537435-7df1c48721a2.superbiz.gg tcp
NL 128.116.21.4:443 thumbnails.roblox.com tcp
NL 128.116.21.4:443 thumbnails.roblox.com tcp
US 172.67.133.158:443 analytics-api-5968537435-7df1c48721a2.superbiz.gg tcp
N/A 127.0.0.1:58020 tcp
GB 172.217.169.74:443 remotedesktop-pa.googleapis.com udp
N/A 127.0.0.1:58024 tcp
N/A 127.0.0.1:58029 tcp
NL 128.116.21.4:443 thumbnails.roblox.com tcp
US 8.8.8.8:53 tr.rbxcdn.com udp
SE 184.31.15.65:443 tr.rbxcdn.com tcp
NL 128.116.21.4:443 thumbnails.roblox.com tcp
NL 13.95.26.4:443 msedge.api.cdp.microsoft.com tcp
US 199.232.210.172:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
N/A 127.0.0.1:58059 tcp
N/A 127.0.0.1:58062 tcp
NL 128.116.21.4:443 ephemeralcounters.api.roblox.com tcp
N/A 127.0.0.1:58069 tcp
NL 128.116.21.4:443 ephemeralcounters.api.roblox.com tcp
NL 128.116.21.4:443 ephemeralcounters.api.roblox.com tcp
FR 18.155.129.122:443 c0.rbxcdn.com tcp
FR 18.155.129.122:443 c0.rbxcdn.com tcp
US 8.8.8.8:53 122.129.155.18.in-addr.arpa udp
US 20.7.47.135:443 msedge.api.cdp.microsoft.com tcp
US 199.232.210.172:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
SE 184.31.15.64:443 tr.rbxcdn.com tcp
SE 184.31.15.64:443 tr.rbxcdn.com tcp
SE 184.31.15.64:443 tr.rbxcdn.com tcp
SE 184.31.15.64:443 tr.rbxcdn.com tcp
SE 184.31.15.64:443 tr.rbxcdn.com tcp
SE 184.31.15.64:443 tr.rbxcdn.com tcp
SE 184.31.15.64:443 tr.rbxcdn.com tcp
NL 128.116.21.4:443 ephemeralcounters.api.roblox.com tcp
US 8.8.8.8:53 c3.rbxcdn.com udp
FR 3.162.38.6:443 c3.rbxcdn.com tcp
NL 128.116.21.4:443 ephemeralcounters.api.roblox.com tcp
US 8.8.8.8:53 c2.rbxcdn.com udp
US 8.8.8.8:53 c4.rbxcdn.com udp
US 18.245.175.12:443 c2.rbxcdn.com tcp
FR 18.244.28.108:443 c4.rbxcdn.com tcp
US 8.8.8.8:53 t5.rbxcdn.com udp
FR 52.222.149.33:443 t5.rbxcdn.com tcp
US 8.8.8.8:53 108.28.244.18.in-addr.arpa udp
US 8.8.8.8:53 33.149.222.52.in-addr.arpa udp
NL 128.116.21.4:443 assetgame.roblox.com tcp
NL 128.116.21.4:443 assetgame.roblox.com tcp
NL 128.116.21.4:443 assetgame.roblox.com tcp
N/A 127.0.0.1:58097 tcp
N/A 127.0.0.1:58101 tcp
N/A 127.0.0.1:58107 tcp
N/A 127.0.0.1:58131 tcp
N/A 127.0.0.1:58133 tcp
N/A 127.0.0.1:58135 tcp
N/A 127.0.0.1:58137 tcp
N/A 127.0.0.1:58139 tcp
N/A 127.0.0.1:58141 tcp
N/A 127.0.0.1:58143 tcp
N/A 127.0.0.1:58178 tcp
N/A 127.0.0.1:58183 tcp
N/A 127.0.0.1:58199 tcp
N/A 127.0.0.1:58201 tcp
N/A 127.0.0.1:58213 tcp
N/A 127.0.0.1:58226 tcp
N/A 127.0.0.1:58258 tcp
N/A 127.0.0.1:58271 tcp
NL 128.116.21.4:443 assetgame.roblox.com tcp
NL 128.116.21.4:443 assetgame.roblox.com tcp
N/A 127.0.0.1:58288 tcp
N/A 127.0.0.1:58290 tcp
NL 128.116.21.3:443 client-telemetry.roblox.com tcp
N/A 127.0.0.1:58337 tcp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 172.217.16.225:443 lh3.googleusercontent.com udp
NL 128.116.21.4:443 assetgame.roblox.com udp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.187.238:443 ogs.google.com udp
GB 142.250.187.238:443 ogs.google.com tcp
US 8.8.8.8:53 ssl.gstatic.com udp
GB 172.217.169.3:443 ssl.gstatic.com udp
GB 142.250.179.238:443 studio.youtube.com udp
GB 142.250.179.238:443 studio.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 142.250.200.14:443 studio.youtube.com tcp
GB 142.250.200.14:443 studio.youtube.com tcp
GB 142.250.200.14:443 studio.youtube.com udp
GB 216.58.212.246:443 i.ytimg.com tcp
GB 142.250.187.194:443 googleads.g.doubleclick.net tcp
GB 216.58.212.202:443 remotedesktop-pa.googleapis.com tcp
US 173.194.141.199:443 rr2---sn-q4fzenee.googlevideo.com tcp
US 173.194.141.199:443 rr2---sn-q4fzenee.googlevideo.com tcp
US 173.194.141.199:443 rr2---sn-q4fzenee.googlevideo.com tcp
US 173.194.141.199:443 rr2---sn-q4fzenee.googlevideo.com tcp
US 173.194.141.199:443 rr2---sn-q4fzenee.googlevideo.com tcp
US 173.194.141.199:443 rr2---sn-q4fzenee.googlevideo.com tcp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.238:443 studio.youtube.com udp
GB 216.58.213.6:443 static.doubleclick.net tcp
GB 142.250.179.238:443 studio.youtube.com tcp
GB 142.250.179.238:443 studio.youtube.com udp
GB 142.250.200.46:443 studio.youtube.com tcp
NL 128.116.21.4:443 ephemeralcounters.api.roblox.com udp
GB 142.250.187.234:443 remotedesktop-pa.googleapis.com udp
NL 128.116.21.4:443 ephemeralcounters.api.roblox.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
GB 142.250.200.14:443 studio.youtube.com udp
NL 128.116.21.4:443 ephemeralcounters.api.roblox.com tcp
N/A 127.0.0.1:58840 tcp
NL 128.116.21.4:443 ephemeralcounters.api.roblox.com udp
NL 128.116.21.4:443 ephemeralcounters.api.roblox.com tcp
NL 128.116.21.4:443 ephemeralcounters.api.roblox.com tcp
N/A 127.0.0.1:58844 tcp
GB 172.217.16.225:443 lh5.googleusercontent.com tcp
GB 172.217.16.225:443 lh5.googleusercontent.com udp
GB 172.217.16.225:443 lh5.googleusercontent.com udp
GB 216.58.212.246:443 i.ytimg.com udp
GB 142.250.180.1:443 yt3.ggpht.com tcp
GB 142.250.180.1:443 yt3.ggpht.com tcp
GB 142.250.180.1:443 yt3.ggpht.com tcp
GB 142.250.180.1:443 yt3.ggpht.com tcp
GB 142.250.180.1:443 yt3.ggpht.com tcp
NL 128.116.21.4:443 ephemeralcounters.api.roblox.com udp
NL 128.116.21.4:443 ephemeralcounters.api.roblox.com tcp
NL 128.116.21.4:443 ephemeralcounters.api.roblox.com tcp
GB 142.250.200.14:443 studio.youtube.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
GB 74.125.105.7:443 rr2---sn-aigl6ns6.googlevideo.com tcp
GB 142.250.179.238:443 studio.youtube.com udp
GB 142.250.179.238:443 studio.youtube.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
GB 142.250.200.14:443 studio.youtube.com tcp
GB 142.250.187.238:443 studio.youtube.com udp
GB 142.250.187.238:443 studio.youtube.com tcp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 172.217.169.3:443 ssl.gstatic.com tcp
GB 142.250.200.14:443 studio.youtube.com tcp
US 8.8.8.8:53 yt3.ggpht.com udp
GB 142.250.180.1:443 yt3.ggpht.com udp
GB 216.58.212.202:443 remotedesktop-pa.googleapis.com udp
GB 172.217.169.3:443 ssl.gstatic.com udp
GB 142.250.200.14:443 studio.youtube.com udp
GB 172.217.16.238:443 casespartner-pa.youtube.com tcp
GB 172.217.16.238:443 casespartner-pa.youtube.com udp
US 8.8.8.8:53 i9.ytimg.com udp
GB 172.217.16.238:443 i9.ytimg.com tcp
GB 172.217.16.238:443 i9.ytimg.com tcp
GB 172.217.16.238:443 i9.ytimg.com tcp
GB 172.217.16.238:443 i9.ytimg.com tcp
GB 172.217.16.238:443 i9.ytimg.com tcp
GB 172.217.16.238:443 i9.ytimg.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
NL 128.116.21.4:443 privatemessages.roblox.com tcp
N/A 127.0.0.1:59330 tcp
GB 142.250.200.15:443 upload.youtube.com tcp
GB 142.250.200.15:443 upload.youtube.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
GB 142.250.200.15:443 upload.youtube.com udp
GB 142.250.187.206:443 clients2.google.com tcp
GB 173.194.183.105:443 rr4---sn-aigl6nek.c.youtube.com tcp
NL 74.125.8.70:443 rr1---sn-5hneknee.c.youtube.com tcp
US 8.8.8.8:53 70.8.125.74.in-addr.arpa udp
NL 74.125.8.70:443 rr1---sn-5hneknee.c.youtube.com udp
GB 173.194.183.105:443 rr4---sn-aigl6nek.c.youtube.com udp
GB 172.217.16.238:443 i9.ytimg.com udp
GB 172.217.16.238:443 i9.ytimg.com tcp
US 192.178.49.163:443 beacons.gvt2.com tcp
US 192.178.49.163:443 beacons.gvt2.com udp
NL 128.116.21.4:443 privatemessages.roblox.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
NL 128.116.21.4:443 privatemessages.roblox.com tcp
N/A 127.0.0.1:59555 tcp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
GB 128.116.119.4:443 roblox.com udp
NL 128.116.21.4:443 privatemessages.roblox.com udp
FR 3.162.38.58:443 static.rbxcdn.com tcp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
US 172.64.154.86:443 roblox-api.arkoselabs.com udp
US 172.64.154.86:443 roblox-api.arkoselabs.com tcp
NL 128.116.21.4:443 apis.roblox.com udp
NL 128.116.21.4:443 apis.roblox.com tcp
US 2.17.251.45:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 economy.roblox.com udp
US 8.8.8.8:53 friends.roblox.com udp
US 8.8.8.8:53 trades.roblox.com udp
US 8.8.8.8:53 chat.roblox.com udp
US 8.8.8.8:53 notifications.roblox.com udp
US 8.8.8.8:53 contacts.roblox.com udp
US 8.8.8.8:53 locale.roblox.com udp
US 8.8.8.8:53 gold.roblox.com udp
US 8.8.8.8:53 c0aws.rbxcdn.com udp
IN 128.116.104.4:443 bom1-128-116-104-4.roblox.com tcp
US 128.116.63.3:443 lax4-128-116-63-3.roblox.com tcp
JP 13.231.51.188:443 aws-ap-northeast-1d-lms.rbx.com tcp
US 34.225.67.92:443 aws-us-east-1b-lms.rbx.com tcp
NL 128.116.21.3:443 gold.roblox.com tcp
FR 128.116.122.3:443 cdg1-128-116-122-3.roblox.com tcp
US 128.116.127.3:443 mia2-128-116-127-3.roblox.com tcp
NL 128.116.21.3:443 gold.roblox.com tcp
FR 18.155.129.115:443 c0aws.rbxcdn.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
JP 13.231.51.188:443 aws-ap-northeast-1d-lms.rbx.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
US 2.17.251.45:443 tr.rbxcdn.com tcp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
FR 3.162.38.58:443 static.rbxcdn.com tcp
FR 18.244.28.55:443 js.rbxcdn.com tcp
US 18.245.199.98:443 css.rbxcdn.com tcp
US 2.17.251.45:443 tr.rbxcdn.com tcp
FR 52.84.174.23:443 t7.rbxcdn.com tcp
BE 2.17.107.249:443 apis.rbxcdn.com tcp
US 8.8.8.8:53 images.rbxcdn.com udp
US 8.8.8.8:53 c0.rbxcdn.com udp
US 128.116.63.3:443 lax4-128-116-63-3.roblox.com tcp
FR 128.116.122.3:443 cdg1-128-116-122-3.roblox.com tcp
US 8.8.8.8:53 aws-eu-central-1a-lms.rbx.com udp
DE 18.194.26.180:443 aws-eu-central-1b-lms.rbx.com tcp
US 8.8.8.8:53 mia4-128-116-45-3.roblox.com udp
US 8.8.8.8:53 aws-us-west-1c-lms.rbx.com udp
US 128.116.45.3:443 mia4-128-116-45-3.roblox.com tcp
NL 128.116.21.4:443 groups.roblox.com tcp
NL 128.116.21.4:443 groups.roblox.com tcp
NL 128.116.21.4:443 groups.roblox.com tcp
NL 128.116.21.4:443 groups.roblox.com tcp
NL 128.116.21.4:443 groups.roblox.com tcp
NL 128.116.21.4:443 groups.roblox.com tcp
US 128.116.95.3:443 dfw2-128-116-95-3.roblox.com tcp
DE 18.158.128.220:443 aws-eu-central-1a-lms.rbx.com tcp
US 18.245.175.119:443 images.rbxcdn.com tcp
US 54.151.16.36:443 aws-us-west-1c-lms.rbx.com tcp
FR 18.155.129.56:443 c0.rbxcdn.com tcp
NL 128.116.21.4:443 groups.roblox.com tcp
GB 3.11.124.91:443 aws-eu-west-2c-lms.rbx.com tcp
DE 52.57.179.204:443 s.ns1p.net tcp
DE 52.57.179.204:443 s.ns1p.net tcp
US 128.116.45.3:443 mia4-128-116-45-3.roblox.com tcp
DE 128.116.44.3:443 fra4-128-116-44-3.roblox.com tcp
FR 3.162.38.58:443 static.rbxcdn.com tcp
FR 128.116.122.3:443 cdg1-128-116-122-3.roblox.com tcp
DE 18.158.128.220:443 aws-eu-central-1a-lms.rbx.com tcp
GB 3.11.124.91:443 aws-eu-west-2c-lms.rbx.com tcp
US 128.116.45.3:443 mia4-128-116-45-3.roblox.com tcp
US 128.116.63.3:443 lax4-128-116-63-3.roblox.com tcp
US 128.116.95.3:443 dfw2-128-116-95-3.roblox.com tcp
US 54.151.16.36:443 aws-us-west-1c-lms.rbx.com tcp
US 18.245.199.98:443 css.rbxcdn.com tcp
FR 18.155.129.56:443 c0.rbxcdn.com tcp
FR 18.244.28.55:443 js.rbxcdn.com tcp
FR 18.155.129.115:443 c0.rbxcdn.com tcp
FR 18.155.129.29:443 t2.rbxcdn.com tcp
US 2.17.251.45:443 tr.rbxcdn.com tcp
PL 128.116.124.3:443 waw1-128-116-124-3.roblox.com tcp
US 128.116.95.3:443 dfw2-128-116-95-3.roblox.com tcp
US 128.116.45.3:443 mia4-128-116-45-3.roblox.com tcp
FR 128.116.122.3:443 cdg1-128-116-122-3.roblox.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
JP 13.231.51.188:443 aws-ap-northeast-1d-lms.rbx.com tcp
NL 128.116.21.3:443 gold.roblox.com tcp
US 128.116.101.3:443 ord2-128-116-101-3.roblox.com tcp
US 52.52.70.104:443 aws-us-west-1a-lms.rbx.com tcp
US 52.34.85.125:443 aws-us-west-2c-lms.rbx.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
US 18.245.175.119:443 images.rbxcdn.com tcp
FR 3.162.38.58:443 static.rbxcdn.com tcp
NL 128.116.21.3:443 gold.roblox.com tcp
FR 128.116.122.3:443 cdg1-128-116-122-3.roblox.com tcp
US 128.116.101.3:443 ord2-128-116-101-3.roblox.com tcp
US 128.116.45.3:443 mia4-128-116-45-3.roblox.com tcp
US 52.52.70.104:443 aws-us-west-1a-lms.rbx.com tcp
US 128.116.95.3:443 dfw2-128-116-95-3.roblox.com tcp
US 52.34.85.125:443 aws-us-west-2c-lms.rbx.com tcp
JP 13.231.51.188:443 aws-ap-northeast-1d-lms.rbx.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
FR 18.244.28.55:443 js.rbxcdn.com tcp
US 18.245.199.98:443 css.rbxcdn.com tcp
US 2.17.251.45:443 tr.rbxcdn.com tcp
PL 128.116.124.3:443 waw1-128-116-124-3.roblox.com tcp
US 128.116.95.3:443 dfw2-128-116-95-3.roblox.com tcp
US 128.116.45.3:443 mia4-128-116-45-3.roblox.com tcp
US 128.116.101.3:443 ord2-128-116-101-3.roblox.com tcp
FR 128.116.122.3:443 cdg1-128-116-122-3.roblox.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
US 52.34.85.125:443 aws-us-west-2c-lms.rbx.com tcp
JP 13.231.51.188:443 aws-ap-northeast-1d-lms.rbx.com tcp
NL 128.116.21.3:443 gold.roblox.com tcp
US 52.52.70.104:443 aws-us-west-1a-lms.rbx.com tcp
DE 52.57.179.204:443 s.ns1p.net tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
JP 13.231.51.188:443 aws-ap-northeast-1d-lms.rbx.com tcp
US 128.116.117.3:443 sjc1-128-116-117-3.roblox.com tcp
US 128.116.117.3:443 sjc1-128-116-117-3.roblox.com tcp
US 192.178.49.163:443 beacons.gvt2.com udp
US 128.116.117.3:443 sjc1-128-116-117-3.roblox.com tcp
DE 52.29.33.253:443 s.ns1p.net tcp
FR 3.162.38.58:443 static.rbxcdn.com tcp
NL 128.116.21.3:443 gold.roblox.com tcp
FR 128.116.122.3:443 cdg1-128-116-122-3.roblox.com tcp
FR 18.244.28.55:443 js.rbxcdn.com tcp
US 18.245.199.98:443 css.rbxcdn.com tcp
US 18.245.175.119:443 images.rbxcdn.com tcp
US 2.17.251.45:443 tr.rbxcdn.com tcp
US 151.101.0.176:443 js.stripe.com tcp
US 54.151.16.36:443 aws-us-west-1c-lms.rbx.com tcp
US 128.116.95.3:443 dfw2-128-116-95-3.roblox.com tcp
NL 128.116.21.3:443 gold.roblox.com tcp
IN 128.116.104.4:443 bom1-128-116-104-4.roblox.com tcp
US 128.116.127.3:443 mia2-128-116-127-3.roblox.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
DE 128.116.44.3:443 fra4-128-116-44-3.roblox.com tcp
NL 128.116.21.4:443 groups.roblox.com tcp
US 128.116.116.3:443 lax2-128-116-116-3.roblox.com tcp
DE 128.116.123.3:443 fra2-128-116-123-3.roblox.com tcp
US 151.101.0.176:443 js.stripe.com tcp
US 2.17.251.45:443 tr.rbxcdn.com tcp
US 18.245.175.119:443 images.rbxcdn.com tcp
US 44.235.107.126:443 m.stripe.com tcp
GB 142.250.200.14:443 studio.youtube.com udp
GB 142.250.200.14:443 studio.youtube.com tcp
GB 173.194.183.105:443 rr4---sn-aigl6nek.c.youtube.com udp
NL 128.116.21.4:443 groups.roblox.com tcp
N/A 127.0.0.1:60707 tcp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.42:443 remotedesktop-pa.googleapis.com udp
GB 172.217.16.238:443 i9.ytimg.com udp
GB 172.217.16.238:443 i9.ytimg.com tcp
GB 142.250.200.14:443 studio.youtube.com tcp
GB 142.250.200.14:443 studio.youtube.com udp
NL 128.116.21.4:443 groups.roblox.com udp
NL 128.116.21.4:443 groups.roblox.com tcp
GB 142.250.200.15:443 upload.youtube.com udp
GB 142.250.200.15:443 upload.youtube.com tcp
GB 142.250.200.15:443 upload.youtube.com udp
GB 142.250.200.15:443 upload.youtube.com tcp
GB 142.250.200.14:443 studio.youtube.com udp
GB 74.125.105.9:443 rr4---sn-aigl6ns6.c.youtube.com udp
NL 74.125.100.230:443 rr1---sn-5hne6nzd.c.youtube.com udp
US 8.8.8.8:53 230.100.125.74.in-addr.arpa udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
GB 172.217.16.238:443 i9.ytimg.com udp
GB 172.217.169.42:443 remotedesktop-pa.googleapis.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 apis.roblox.com udp
NL 128.116.21.4:443 presence.roblox.com tcp
N/A 127.0.0.1:60920 tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
GB 216.58.213.3:443 beacons3.gvt2.com tcp
GB 216.58.213.3:443 beacons3.gvt2.com udp
GB 142.250.187.238:443 studio.youtube.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
GB 172.217.169.42:443 remotedesktop-pa.googleapis.com udp
NL 128.116.21.4:443 presence.roblox.com udp
NL 128.116.21.4:443 presence.roblox.com tcp
NL 128.116.21.4:443 presence.roblox.com udp

Files

\??\pipe\crashpad_4008_OQRHWUARMMTIEVLT

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 847a31d31d48b0c82b10e856f27f41cf
SHA1 a63b6e52822235b73803a6607be2a3e375767e2a
SHA256 f6040bc33128cbb94ec116d075b41f9c4c2663c800f6478a3c895e6b5b8db598
SHA512 062d86198a30a9bf5565762f9668193f2318894105478d99c5b00c5256c43573cd15aa733fccca4d85558090a863c88a7c0c8fe3c620ec88e79499ec976cdb3d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 aea6fd70d6debd4efa91c364a7b24da7
SHA1 e4f7e531179271dc50e3510e1ef786ec0023224c
SHA256 ede59d600093db8789b57bd6ded597974ac543ffb7417670d33db4bf24d77609
SHA512 785cdf015a7cee59bb0ab7b7c0db17005518ba5847417b7e96e84d76762f6d6b12a374c05768cc5ddd15ce1f25784a5753e0bac41213784c61a04db462f42cf2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3edcb573a1dab876c6954feae758148f
SHA1 fa96deb1cca8bbc893493e6bf52932c467d31db0
SHA256 2314d4c5ca439271e536e8545cea95da03d6bf5c65d983c52ce094d86f5ed5ba
SHA512 809a9ac284a333d24485581eaa19d816d2edd108468aecac01786a25fb540eb2d8f71bfb47f9c4fcf99252122cc9375020f18754dcc471e4a78c6153aa45179d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 bd6814291e3fb41a3c158db0be6dc6cc
SHA1 4c9ce682199c2cd7099fad41f9ab14aa2bb25b26
SHA256 72cfb931d3c58a5cf25fb3a5195a41c07f55d2806653e478f2de469b62187430
SHA512 aa05923d566f6a6e2a943454e933ab6e0f0ad7fcf1d16eb70e4d8485e25dd4eba78d9fe554ec37553d10306107236d3bf3041efd6102d36144f24fec250dba06

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 95a03daf7ee66eb53284914160f8102d
SHA1 6b6b630cb97358032c5c75194544c47e0263ab9e
SHA256 01658db23b9fa458690e78418d2782c464c3e1126cb3a0ab854d24e5ff92e895
SHA512 243a8af6babc3437c2bccfb6543cefac502c047f27892cf18891833f2f4a52a6c75f0adcd4db0c3e35ca666ddf5616b4a221b995e09859d5f4c94f99db20d61d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe581d76.TMP

MD5 0bfb9e474e1c72d1f36447dfa53798ed
SHA1 b2cb6eef1915a902619b24753bfb5d895ef947e1
SHA256 57cc990343fba53fa278729e66ead1d1b5ef266cb71761e1cbfb88a5ad89fb62
SHA512 c321983d428b63f74d2247724e0538800f1ace0ba76053793d1faf8e7aae88b689ba30da1b0dcee54f514af431658a98796efaa44397d0641dc94e8718e17d02

C:\Users\Admin\Downloads\ChromeSetup.exe

MD5 b507209f549bb120878117bc3ee40d8c
SHA1 7fd47064ef0629cbb38948bd35a9d836c7afd066
SHA256 3dd74bf83bedb220cc9f15377dc2ffdfef47954618f517d1a196d0e09e77bcae
SHA512 f3a0ec4386239d0a3bbde2454a7e92edc4ba5fc8e24619b8b4e919e05d6c4aa0729227f56a346cf2012bcf165199881335c4a0032863690f52a4ef49b11f682a

C:\Users\Admin\Downloads\ChromeSetup.exe:Zone.Identifier

MD5 fbccf14d504b7b2dbcb5a5bda75bd93b
SHA1 d59fc84cdd5217c6cf74785703655f78da6b582b
SHA256 eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
SHA512 aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d12100f15c2358ccc0961859f801862f
SHA1 622b435b2b0cb3e146143815b14f5b9166a72edc
SHA256 3729b0d040cfd7b324da1f65bc2f67ac5168bda231c01816a550baf94306603b
SHA512 60190983518886cca41ea003bb644560420fa2ce5942dd0d4db0ad62c6ab2e08a91a6c30150039b23549bef2c1b13cc1c805a8860a91ac996fb7738f15bcc284

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7c6a241e06962d6e73399b76d5aa16e4
SHA1 64978a3660c78d27634b07d2c9239f30f3ac771c
SHA256 8c859b8fc79d04b1b7397733d23a591116c7a686e9baa0bdc66d56721f0ac4b3
SHA512 ef5e6ec1fdb2227ce04f5eb74d55234f670049509b162e4dc7eff7341da5228e3b3f946f63c1508af9316275946623a19949e33df59ed060ba421ce58f178d0e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a5ced79309bd065909e6d14b5396262c
SHA1 563545d8e570935d72e5a6928f2e96cbdaed81d8
SHA256 27dc268ddcb85aa2d7995fcd3c3a6b29e625574ece884a11b41b85b655ab21de
SHA512 47a178488ab3519c87b692604a91088692e693a9234658133ad7fb6b1724c7aaec0fa0c3499fd02b454dbbe054d2cc2b80d8f66754bd1b65d329c7df23385408

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6b33f1210a1219ca8b067d982c478cae
SHA1 e9fdb89a1b6235f970b4dfb4154c028a9bee6a0d
SHA256 ede0ae8dc3909ede732f0a0d1f685daf5cca4035034390b18c9c93e7157bd3cf
SHA512 216ab087d1466e4425963960b299806852b532342770eb617d2ddb1ce78ccc46ef2effcd0092714fee4ef9617883e67f29f706e28abf4cff3ce88f59762378f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ba8a73c5b284ffa2d8d0ea5f0e3eda05
SHA1 e9dce55a06644520b546d1fa14e4932307bbcab8
SHA256 6f7ad89453c565349c363702debd7082270633815174353f4abba307b17f3b05
SHA512 6df19dd384375e8e9fb3980544e4ba3deb3ce203d627edb999881baf24d9c3590e3735c7eb8c4399b1b9bc8918861bb1b32ab14a1cbbbf524dfc961ffc5706e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 735af0eab09b46fc6b4ca4a95d2fe665
SHA1 267cddb3a41a2831460802bd1b4fd15a798e40b3
SHA256 15591bca214544e9458bec5219cd12d4a4b0c6469f18796d9de98cf8fa793cfe
SHA512 7b2691b2fdbfad1bdc7a917715acc53484074845de0c4cf5ce37562e9d4b52fc522d09e9adeebb91ae910edc75c8902d63592efee85574c2a65db7e0aedc3f00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f9d52d53148addf285eea381f202a6f9
SHA1 221a608073e70cb194ec1593628bc4eba35b5118
SHA256 18ca4c0512de1dc0b9bc5d94242345bae37bdf885b0ce2524e7ddfd5110fe0fe
SHA512 890b982670dc6eb81101ad9975ae47a26bfc58476877462ad89d7494981cc7aa6830f35f9f9faab4ad740371e85c1a7682b855648ef19c5c01accb8b3e7421a4

C:\Windows\SystemTemp\Google3988_602791710\bin\updater.exe

MD5 675c9a53a09d5385bbdb3a43a88f2493
SHA1 71d1c311eadd4d5949c0b48def8ad0f2186bc243
SHA256 ebb428a4c1e29192617e7699513ec78512735110bba68bbee54dee34807094ae
SHA512 e3b1d8351b6d208678673e4c69aea745de5b2576a43d2cf9e06c1ea0780dcbc2ca56d5d5fc712b80309ba7950b90130ca2780185b71c990ea6c6062bd29f5136

C:\Program Files (x86)\Google\GoogleUpdater\updater.log

MD5 a48116b3dc1d4f280db75b5f379cdd8a
SHA1 086d8e197347404e01ddf818bb19f49400f5f8fa
SHA256 28add3fc8a809245531a61a92313127cc454fa1663365f0eacf7385f85ef15ee
SHA512 08122406023a3459cda09c5aebd5e5e3d19d96c8215a1260b4e495b76f0bb5b60ed88dee414dd2fb4919095f70f4417ad89ea141630afc0192a821a745abab04

C:\Program Files (x86)\Google\GoogleUpdater\updater.log

MD5 e852f2d9993c28d71c7d3239374acf44
SHA1 cb58cc7eddec3c937daff4e0b95f3eabffad8e63
SHA256 dba9c984b1ffa6326f998c99a81510f579c7e60150f140b228e14fe002a39314
SHA512 9f95044ce01d5e53ef9f7cb83119188a07eb7c2862c652dd87a6d60a0dcb51a48ca7f65953c3d62b845f91dc24e601563c37b4c8ded00d7da9433ff393aab329

C:\Program Files (x86)\Google\GoogleUpdater\updater.log

MD5 86d9d5294457eadba378b280d606f522
SHA1 c7139c0288f2f584544f0c60d49a4b821a4a236a
SHA256 b584997af0f845b4c402e85d3114915c2a0c7ba84e6dfb863979ee7a9d864ae0
SHA512 ced56cfa5a5a821d2a1781bfc789bc0ec97b057cbbfd3f98e50446996f343d10ddf02c02896da579c76c8747bf576d248dd1a063280d9d98c3ccecee212fb828

C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\Crashpad\settings.dat

MD5 d4085ba8cb8cb92b8521554b77df8f13
SHA1 6d1df39ebe1e45a32eadec067bfbe33bcbbeaa08
SHA256 5ff30258947f3b498bde0d0c67bfc4264130959d0715b318c6b0615c4270eca9
SHA512 36711003e8771274e4629d024f61ff1f33bfc6fbb04f2e218b7e81887c1ede023abdbc8293ccd31a4f254f974b063a981cafb3f9a67e122674b7e5b44774f412

C:\Program Files (x86)\Google\GoogleUpdater\prefs.json

MD5 bdce395b453a0a3ffcf742feb2a210ae
SHA1 8bfc909ac17238d49d93a3668256b92766391452
SHA256 82f7226a5b6be7356507c368ca2468c5d9b7d4a4036fa18d85c6a99e2f0eae41
SHA512 cf4d12cecd6d749990265779d1f9ec5e505b54cf283580f611cd346aaca17816b4c58547bb61c451190c07b651d967f2d03c13b74e2210195514f8087b92288e

C:\Program Files (x86)\Google\GoogleUpdater\prefs.json

MD5 7136b45ffcac6b52d6873f2864471ea9
SHA1 7afb956fccbfa48ec7fcac07cde0f6059a51a534
SHA256 78f60448736dd9d298a2bc503571a91a8f0c342e95ff8cc589d546e84e7384c2
SHA512 66755a95e16371a527df8b702ba8d686a08678aa0d3257ec4775c5fef8c81d422d7a6ce8aa1fa1c150ebe02f14a0df23776dabc42b6da5ed83b79be956fc2ac7

C:\Program Files (x86)\Google\GoogleUpdater\updater.log

MD5 e8b7f32d66a5621542db3148028d3b32
SHA1 0a9ab92be9cf334d5776703c7f5a52460cce20f3
SHA256 619480902241f9face86aa18981dc6f35dff75c94a789292d4ee407a7a0098fc
SHA512 bf9a10552a6bce12513d83b43f63d0e624dcaf88203fb22b71f9fcb2e48a4858dafa3426000ba72b2f9ea6298dd9936380c7ee223e6fb40ce373b9ed2da1f57b

C:\Program Files (x86)\Google\GoogleUpdater\updater.log

MD5 845a49f54e8be876f22d9ed0dd95d2b1
SHA1 ab3172a3cd18883bd6144ce3e9d32d266f6e43c4
SHA256 3f345fbff379eeb3635aca1354218a64f97174de2240c9ebc70e91ede8fed8e1
SHA512 02abd23ab19dabc34c35a35265f6fb36e62539b6bba48c2d7554c66e1a60a57d44ca147bec829d3e99b7ca7b3df158bc2ae6722d08fb5531f22e931ebf67494d

C:\Program Files (x86)\Google\GoogleUpdater\prefs.json

MD5 e181a3e283319cc010462e1ad790b9e4
SHA1 a6712745fcf4ec8fa98a115d0675752f0b9a3c9f
SHA256 799dd5c6a38871f529f0b8016b41a4225a0ce0659f51c312f1d92fe5783f36bd
SHA512 8a517ff18396fe8903c5cd7ebccb325b46b052f352b595c3570df8490e6afb3fafd436adc18434963b317e29c2adc3727e49a4f3dbd34cbd656d5c31c58e823d

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\CR_52DB3.tmp\setup.exe

MD5 782b0870300882f2977bed8dd60130dc
SHA1 7d081e093c8b1ab6a35e0afdf7fa265dccd7bd3c
SHA256 997e3f4f45950f00532b7cb8b3d9f4a5305a4dfee3bbc426de7b5ebf82774be8
SHA512 149d4fab0e8d110e477f38995d792f401ea4c66894d33488d6249a7b83137b9f08341ed77a3e1f755be034448c0caa8018e6d19572085d0a648c0e538664440d

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2980_1828594142\f4bea2a8-0378-44ad-aaaa-0325ca6f2a9c.tmp

MD5 ca1c98cee359250f4687ca6960757bc9
SHA1 5dd771332e96272d167c757a27737814bbf607a7
SHA256 f37cb27a28cfe9119df2bce61b04480832f7d9f165f42ccb143029cb06159f95
SHA512 6d1f7cd23b7526341e33d5a903dd0e9908fcf7121a5b8dba917c71e911b1f7b6b37a6ac69ce5a02e7c2694285dc19afa196040b5ca2212702749c91fcd5c442d

C:\Windows\TEMP\chrome_installer.log

MD5 7f1c94db6257a9c111aa512917453a0e
SHA1 f45e7dc57dfc899e93c3adeba37d4e2a7446ae6c
SHA256 7d8a7fe1ff750a024fc24daaf55ddd53a968fdc83672d5aedc68100d60c18e0a
SHA512 26d3d7c5d40a1c9fcfe56ddde2b9860cf7c5a19e757f9b80d441399c156926c8bd77bec9b3a555696df6e20aa55a53edce60d74007fa4298f1e52efbd36138cb

C:\Windows\SystemTemp\Crashpad\settings.dat

MD5 83c1cb7061c76ef45e663b9b790940a3
SHA1 38614de6ec95da8a9460024bcf9674182692566e
SHA256 b4258f9a8f54630d1e92d0860eabcac4aacd43ddfe742be7de19eb15e7752f36
SHA512 00452576919961bed90757a5cbbc3b12bc334db2c9bfa3c6fcc2270b240a7580c9172d789cba5db56027f23c174eb20c7e7bc59c06f7f6149fdf044b3cd86d9f

C:\Program Files (x86)\Google\GoogleUpdater\prefs.json

MD5 908008e6d4776f6f20a7d0c1b1f18826
SHA1 302466fc7cd06e08b8e7d444691eee9693e66b9e
SHA256 5ab2cc18538d7bbe59a826ac70c2827148d55c65b32870939c7b8166854fee0d
SHA512 cd7c6fa9aab2719705efdb9e903bd76e6f6d22448e48f008a6c7dee6ac8f54e099253a2cab128936f526335480ae41ea0e5d25688205142b3d475795fbe9db31

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 bbdce7283f8c8e7d66ccf5cba06bcfdd
SHA1 c2e2d0145906f8992455ad7819275db251f1a482
SHA256 ac592c3e751c5521f73447f2f32b6d4fda91635f349431f89f975c1e3208537e
SHA512 b8fa50f8201bdbf43b9065e9a9f0ce5cc1a182ab5da6ce275afe823b3ea4cca84c7c43e7e09ec47523fda2013c8af5081656378326cc148c89eded6dd62e0a37

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 961e3604f228b0d10541ebf921500c86
SHA1 6e00570d9f78d9cfebe67d4da5efe546543949a7
SHA256 f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed
SHA512 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

MD5 3f83724c35b84f7768e1ed2b13a9bec9
SHA1 aa4ab9cc0bad62afe822290ff65a3af272a86859
SHA256 bad6076f4324f27239a00019b0f1e9a659493ceeb0e298738285d575c0bacff6
SHA512 d1edd7ea65d01a560d15215fae669ff070bfeb974597b469f072a85d14c255e1a9680ce9244c55f96c3c79718213edf772ba04e35755c54f76d24b70a68c3350

C:\Program Files (x86)\Google\GoogleUpdater\updater.log

MD5 d6a29022c9a9c576c07a81665cdbeec8
SHA1 e0213969a01f4b4c150850482fb44d06f87fd1ec
SHA256 532483068a4af48b554c3cd8818fce0f6782a25aee5f08d3d87be3956ba0c1fa
SHA512 4954677e7fe23a9dc93ad4fcc482d497ba24f9872a780066ae459ba0dd05c1d9bbbbfb5781f7077dead957ffbdae2d7271b4728dbffbec6b309bea9c490c8caa

C:\Program Files (x86)\Google\GoogleUpdater\updater.log

MD5 83290540436e40d9591931f0d9bfbb3e
SHA1 68e3150377978b07bb251a1c0d7ba9517d4c37ea
SHA256 d20bfddca7492de4ed5c85e133db571a7b4aa42b7b3200f3bd9bef7722165fd4
SHA512 a6d2cb142725434a8619b7f88dca60c08c0f411d515d52bde723b2c1175971a15a0545ae1a678267311a41e637a41407404c930298d02b33369a89638c4636d9

C:\Windows\TEMP\chrome_installer.log

MD5 c7937b0b0c7da3b4db0689848c719b2f
SHA1 9ffa6ba4b76b725c4426870ed73ce7779fc3a91a
SHA256 b559267d41b90ecf2be7cc1b1f866806da155c6306f6611ce94a9c831d4e71fc
SHA512 7b3d27dcd119b188e8ff8387fa4791fbdbb23755039b4511b99c1770e9790b1642e3b112ceb6c39f1aa4a63a640070d408a49f8d3096f4efd2e8ffd91bc9dd80

C:\Program Files (x86)\Google\GoogleUpdater\prefs.json

MD5 97b305ae554105eaddbe18e7eef8aefe
SHA1 8009d8704c6652952c0d02486d5a70c6ad729e38
SHA256 78af13323b707f8a8b62e2a494d7b604da2da22d255c1a4cec01a8b7cea46357
SHA512 12b643aadc87959a910a84e972e880f1f1025898ed40706c16d04c4edbac6f1eabe2a7d3216ac86739ccbcd71cc2b19fd3d1c3afa56777e55ffd8246bf41b9e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1ff2dbead01a55be750f89784a188228
SHA1 83a8d3fae942744f6a56a9c05316505d99a10c42
SHA256 9da498df4d3a772b690515a71fab58b5d9c43c0ac4c4c072cb0379b78e4862dc
SHA512 e879eb9d69df11468b78af8b2d9b697829be48e4046549f5077254c6d1cb8995d2b7f3b9cf486faf6ac520b7115b484d77327c1852961087d7e40882c0432b81

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 fd35515c4f6eb16df4169ed82b83f63d
SHA1 9872c7c69bb95d2d07cd2837111e025129a25389
SHA256 b10bfd21e62193875b7c37afc399916fd95e75ca9bbe2f976e0596d4bc05f370
SHA512 5881121419105df60d04165248a137d0a50559dab5b26bfc48e6788c6de0ae05119c040b5126e514c799ae65f955b6c51ab31b2065f2859d694f974909d72455

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a39969dd7b13539689679f7f73655097
SHA1 adb45ec2eaef53a10efd837a8418145d634eeba3
SHA256 05d7df77f75ca4694b63332d193c6df837afad37e61a2db13fd7e1aec841f463
SHA512 6d570ab3d3dc30b8689132c633a48068bb6205924999a57f272095386dc5967c1987e429ac754597b0094b86c166958a91d8cbe08352c5addb9ccfba832f7180

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico

MD5 505a174e740b3c0e7065c45a78b5cf42
SHA1 38911944f14a8b5717245c8e6bd1d48e58c7df12
SHA256 024ae694ba44ccd2e0914c5e8ee140e6cc7d25b3428d6380102ba09254b0857d
SHA512 7891e12c5ec14b16979f94da0c27ac4629bae45e31d9d1f58be300c4b2bbaee6c77585e534be531367f16826ecbaf8ec70fc13a02beaf36473c448248e4eb911

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\trusted_vault.pb

MD5 3433ccf3e03fc35b634cd0627833b0ad
SHA1 789a43382e88905d6eb739ada3a8ba8c479ede02
SHA256 f7d5893372edaa08377cb270a99842a9c758b447b7b57c52a7b1158c0c202e6d
SHA512 21a29f0ef89fec310701dcad191ea4ab670edc0fc161496f7542f707b5b9ce619eb8b709a52073052b0f705d657e03a45be7560c80909e92ae7d5939ce688e9c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 6700ce76436605afe2105c39d6bb4452
SHA1 88f73cf780a35c64785db7ace553103d06c79091
SHA256 7a287909a265fa2ed8d70c6919e2eaf8a1e06711ab399c888c8648329a3c3526
SHA512 ff8262a03a1fb1f06231d361d7962db88a40a20a91930e3fe4d7406604a89cef6aad271c846889058a68edf92ae1e33f8971b7adce3b34f2a9b8c1c135df503f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 57f8a8ef92474170489cb6c39378e5d4
SHA1 a908620d6887e3e7a9f9f5b317c2afa529dea773
SHA256 50321768fff983dfeaa9860638f021cfdeac0c5a6d68050fae2600de782dffb9
SHA512 0de162ef2e12d59707a820e4a78ce7716951e4062913af025b2ec5fcb3c30ea01638c453767c1bf0f2febac5b1c53ce5bcf4ba672b9827a2ddaa5dd742c49e00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 d54193823956abcbef1d0ec29d6aad81
SHA1 fffb415f3b0656fe0cb48a1e992a8f27e02c895a
SHA256 322bd292a35efd252458e4209f3d54c0ce675bc81199315da4275509694f5b80
SHA512 df4b1fbee726aeaf15ab086f93b113d51739e530b3ad0755abc3bee06ad7774037ab5a036a6bfbc92ba08ebafd2c8f383b1b5f24d7790745279e8c5b94c5c436

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState~RFe5975b3.TMP

MD5 520fa487fc3aa1418064593a48b4a0d1
SHA1 fc41ff5edf3e4e4f804c02d21dfff6bce818249e
SHA256 0c6eba69c797d3aa661ac61811c1efb60afdafa169dd74afa4d03b09cb651868
SHA512 f660ef0695bd21ae7431626b59609129d830bd49a121f04d753078d2778a6f0ecfbdc737124b2d42b8be0e50759f44fbcc6bc64e960966283543e6da4b42f5a2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 61191231ad7f94ba954a3a72c56817c4
SHA1 24f1cb6bc8f9f8036bd90c8167a29b26a7406de0
SHA256 17be40454f80b656f0cca370f7a42c29325fad80f9fe9b4d133f6fd954c81485
SHA512 f450b1c36260b3acb5a4cb9bd79f5d2d2494cb93f44bb37d8975574478faa4de282031c39e0b3315db3ca0ba9dc1aaca6e7df3aa4d3406e72e993438968162b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1bc41a49fb30f92b0354bfc1e3225d5d
SHA1 66785961477e2a646cf1cb07e9825b6f3a2bd4bc
SHA256 f46bea92208d320840789b142dafa1c1feabc7eb15ded2493d79441d7a18ad8c
SHA512 5a86f1664b19ab9cb8cfb3dc44581c3176d54cf19812300fa7c6788d43591e0fa2f4904174cadeac877e22fc17f0bd9c50de8bfc0c1243386d7a4c321b9ea862

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 558735423a168140e55874c18eaa1608
SHA1 ce406d18723f4489663af4885c532290cdb5d42e
SHA256 4472ca8d588b2ba2658d6652835edbbb2a09c998c45869b3d91f7d112345cdf8
SHA512 a8454cc44f49c3a33ee9c05240e9cb3ef1080b0b780d008243d3aae9ac48faa4c56db4eecb6e660add20b3a40b342ab307d069f9dfbb9e100f8aed600e22da43

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 1b6fe4f0fb74040e2e0fd1c20fbeae1f
SHA1 a9de5b45fa93c70439b2e3bd94628c548d86fb4d
SHA256 a6e9320df0b4231dfcd77e2f1726c274009098e74987b2abec2c9040c68b6e54
SHA512 8ed612a51428950939a71d1612e264392133bb97f15c5b105a7b2fa3bcbdcc9c01b40a8ba4e9503fcd171d3ab8ac6d8aec4b3884c3a34981c35aff71ced7520b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 67fc40a8562e955f20af420f2395a52d
SHA1 fed541aeea20044147fcd161df3edf766f4d2de2
SHA256 12d17b09a1d3791e6bb333c5523f1461a4cd0f63e723a84932524bce2b039bc1
SHA512 4502c3d1aee30d5203f17cee513d778a4009ea6a692cf022a1eeb649f7ea5c791d4d84bc761cae7edb9a07777384329c659e6c453d159743b971a502feec78df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 91d5f32430afd0abe40dc5c2cb9be1e0
SHA1 1cc60ede2ea0d0dd2be5753bbcc9fd0c05bb7f4f
SHA256 3a00a1f964316a6f8a3aa40b9b4bf4909bdc7d2bc79348966dd4d25ba777a8eb
SHA512 7623376eccc0aa39b0c63e983f3c9fad9438efbea4037faaa67821b3797aa8e192163bd4933756ea070f2897b37d3e8158c1f8b38688e3bc8e0efacde60589f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3b6d619dfd0d03181dc8d8afed38e757
SHA1 cf5c2a7b0461028bce7c54f65de0830b419cc0ac
SHA256 e5da492e4b95725dbe38d500ac885fc4bb72a805f349b116b503f502642647d4
SHA512 4be98a894b12d6a80211120a2b171aa351e58730bd2c7e1290cf4f2d8d69f60cb91dd5546d89969b516af2ff702a49f916fd998e90c6635f2881ddb396d679e7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003f

MD5 aa12ea792026e66caab5841d4d0b9bab
SHA1 47beeba1239050999e8c98ded40f02ce82a78d3f
SHA256 65fe153a832452e97f5d484440a7047e314d3a83cb61ad2508fed48a820e1de1
SHA512 0b2b1bb8851c60c9d4ab1d039b990a4de5799c97c50b45f64e36a21849c14e785f69196f674ac225b1419d7f501338054074cab6203d041361a4fa1ed8802b27

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_remotedesktop.google.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\90f20c17e2bc11158145209b110cb75c09654d8b\f148f7da-5010-449a-bbd7-d0ad71ccfc70\index-dir\the-real-index

MD5 cb1b4a9ce2128cd60fff83c3d37bd47d
SHA1 fce52f248228b782373ff11f6659842db06ac894
SHA256 342540ee63c3078eed9249db65979c4d8b0a5225c19aede08a27fa8765b92bef
SHA512 679b7333b8d75e838a152696ada12ba6fadf568d193507cc1224ebc854251faee57cc674e7cdf5efd72a9611ceae55440334765b0fe5d941a4de87f6a1223c82

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\90f20c17e2bc11158145209b110cb75c09654d8b\f148f7da-5010-449a-bbd7-d0ad71ccfc70\index-dir\the-real-index~RFe5a18d9.TMP

MD5 665fabf8e80e204005b987f1cb56c305
SHA1 37863415c34e36496bfaf8c0991c7b57eb13ebb6
SHA256 26731f7d0af96caa4fd5b92e1ad2def85925f074162dbfa865cbe21873a49350
SHA512 62f2f8fcb136f8bc26ab5acdb6a16f56533654a0291bfc94555b25956bdb505d0a2bd34dbad28204d7a5d600f6347a886802a6db514f546343aabfb4f8763f05

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d0ae61bd9a2a0604d55af74b51bc81b5
SHA1 cf360a9794486df39fec81ee6954085eceff7372
SHA256 22d87fee7166fe2987bc69de8762bea3f7a53d0bdc6ec28e94ea79b80ebd72e9
SHA512 3bfbd2fc67d83d4d43ac8ca6d1780d1acf7037a4023db485cdd7411adb7229f52e7d2b2774b7ff97ad6d3d6ead1a829f5b8936dde34bc661aa36af28d85083d8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bd70842390091611b7e5e4d1014424ea
SHA1 f55510fa4b911290be14d6efa84e1f0db7b7805c
SHA256 33879739b7658160200efe4f78be709adbe847d72118a8b8197e921a933fe86b
SHA512 cca7f594dddfc50bd881b3dad5c9766cfa82d1f9f288630518180c284f8a7aeb3a0fc74b06f4567d1047016331a8016dc8854c976709aaa7c89d0167084ff529

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 fcee9ee361bddcabffbd1a23e0bfc0e2
SHA1 ae9caf9655023d85587493d6aa39f6ea33a48182
SHA256 3cfc4866007a479cdceeea615cb77f5bd2dcc3cbff557c047fedc7a13c1fd326
SHA512 9d4e292ee9977fb60d17b4a9b526c36e737cfa97a89221e2f123226eee8bdb86850c0acfb00332a55d54a658ca11087107856a05a3bb02eefb694cc59f1f4a5b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5a66f9.TMP

MD5 bf853c5d8896de54fdb6837fd8c7c6b1
SHA1 b827f57ad02969b171b5e9bf39bb916ca9599a86
SHA256 30b636d2821cc0732e0da427d1732161012d8d9f2833ad1a7368aab4bfc4dab2
SHA512 36340116b06752df52a6a70dc6795973d9e648fca0e9e7e2f8b491e699a022561959634c408da63dfaad8c4ca9c03ed456c65afa33c29b6cb65616cb693fdf9d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 2d3fbdb6d649f8834ec3156d06e12fcd
SHA1 b464fda907d46f154f631ee2f75b6fc3cde70621
SHA256 25f961940301d096c62e740feb8329d3c65bc0890473b2c24a78bd9a7bd0322f
SHA512 5ee87c59d9834e8e1ea0a0cc5b2cae10a843856084b4128312b589b2e6f709893026edac8d0d295080f03ef1b52d96934d72681fd3a1f0a0d5c901440c06bc04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\90f20c17e2bc11158145209b110cb75c09654d8b\index.txt~RFe5a6727.TMP

MD5 928bdae79c6c56ac8f5c2295a9b55790
SHA1 c9ce7c788c4835706b06b90297384b799f9355b6
SHA256 149161e66d0ceadb027fa5a3073d69a0e5e80aeed94215f13497ce6ade7c50db
SHA512 3ff38567cbaa698830ed39f4bdd74b9ceae5b3683da71e712600e59b533e7449fa23c68d829ef02be4b59eb882e49077c3e20eb03230e991ff7b6d982c52b39d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\90f20c17e2bc11158145209b110cb75c09654d8b\index.txt

MD5 fc46c222e58de751688546ccdf532e9a
SHA1 36ab57e28cfa57f6df8d6df69d52dcb0e441b349
SHA256 6cabdfe46429eff7d98ec509f7d1832084e3c7dbf5b9f912beabe8707047ca9f
SHA512 f33c2045f98a40e09bcbe528db38a2a925ed2d07fb4a903add86f0ec5e3072f220441f935c3f17cc4ac838f298e6c541dc6a747418dc517a169c3f6e49c0218f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\trusted_vault.pb

MD5 e2bbcd3c7353046b51d791f12f0d3b3e
SHA1 87b02a4c46793d2192a3a8d4c671908cd2e3f7dd
SHA256 91aafa6c01e42da48cdc0efc8e3c938b3bb20682d9d90d8fc39bce07d067e9f3
SHA512 9d439ebcc77f76265c46d867d754f78a525e1f4445dcea3c32dbae6a01f4df2b9549649312f8332be62cf569ca5e11d073add9e326ad6d5de3797e3aa15ed514

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 725b54ce8b9b80fcc5f9b6fbb773c864
SHA1 6c9574c1c384dcf2b4c378b9e64aca08719d96fe
SHA256 eac3b0cd38fe895993bec1e40cef91dbbf89fb809930ea824ac1457c845fa654
SHA512 2d2ed5031b49fc1e6e94ad8bd2d10b81c9831820fb620acbd84dd6baa1675ed4b395fd27da4fba821759a8d9d71d7b4c56d10e110da32f52ff8515d1586a7a6d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3de9cae7be96f9fd7bd0643dc12e1df8
SHA1 d66cdd8bc515c3442b110d6448b77f056d7b463b
SHA256 703713b83239982e1f5dea85062db18750ba22c89e48171d077efd45463f23d4
SHA512 f80ed92266ad861493991709cc752ae3410e950b09a2473b89397ce2cd3c727df994daf77587cc0481cd1b88011d49146c527a33f4144112c021d3fbbee3dc53

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\trusted_vault.pb

MD5 3912405dd832d642d6fb5b5487e377b4
SHA1 fce286c11350876993f65112e6079da11897c4a2
SHA256 bf7d90028b5d4468ce734f6f97470abbd0a42c8375007e96c0ffa8207cc35615
SHA512 02275a775665a6395599e4fa280dc1c3446fadaed9e6f3207b350d47fb059cfaf368b6fe7423b279590481533604b8b6c9ad4da9813671ef8fe1e7a82c035251

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\90f20c17e2bc11158145209b110cb75c09654d8b\index.txt

MD5 925a31b18b1597c3bf9fc85fbdf035c1
SHA1 105434a39a974567e71673728a4c020aa7f2c7e8
SHA256 0b1538011c5d59ad24ac35dba0193a3069e055962bdff2ed51684719e1283f4b
SHA512 864c11846af0c818c008fc17bb4acabd2b3cd0304f19345af8ad4d13bd6f4d17b0535e192e4a39c7a6219d0b77108da606b605076fd107fca78d41d087c0333d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_remotedesktop.google.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\90f20c17e2bc11158145209b110cb75c09654d8b\20850a9b-4a14-444a-88eb-52f97b22ef8b\index-dir\the-real-index

MD5 722fd1b88478395f6aa1ae279c93eafa
SHA1 9fb2619eb07eaea23a6e3646f3e3b55a6df9f610
SHA256 4c1fa73a7f6cadae9b2f6dfd1afee333c32b11dc51c63a45c10a6f511180da48
SHA512 af849422a9b12e7fe6540298d3377304fdf46ba182d937b6c1a5a31dc2348926a1572b393f28684a7e26543d1edce16a8455a2d41e37ac887e337911e51f789a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\90f20c17e2bc11158145209b110cb75c09654d8b\20850a9b-4a14-444a-88eb-52f97b22ef8b\index-dir\the-real-index~RFe5a7fb1.TMP

MD5 4737bfd8230826e6b9ef315d39074f30
SHA1 5165902a7db9be252ff26afe63c2ce8d8d1e45a6
SHA256 7f1eaad1888375a5ceb9696ad4ee5ab31ac21bdf037a99a0afe11f3808bc6c6a
SHA512 593feac9ff44f229ec0ebaf232a21da068a59262358c3efe0dbe18447f98259e66e0b1061796822dd2dfecf923de54d87085a3e8549de72c4dbefd9eeab809d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 61383c4f8b401ce41aa1fc9fb3100d6b
SHA1 645f1af26bf0a940938ea3824c50077e5a813e10
SHA256 7ca80815328ec1771a9c90c5fa1f5b708d9c39d65103ad2878dbb53b882d54c2
SHA512 cc359cb92af2ec43dd707d8e85db4f723d94e066d137470fa37eb32ac7cb35c370bef0190563cbb2940aff6aa0cc55d473734fd479bfb444f0369b3f88ea12fb

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4592_2131389585\manifest.json

MD5 ea841ac113501798a777bdadf6d7ca7c
SHA1 079f04bfdee75d995b418dc02104ad663b7ec7b9
SHA256 636dcd22fb65de5f0ce76537623afebb5b9bc638333cf68c2e3ec759828c50b0
SHA512 df2370c527811360d3be8bd43632f3001aa4bad2b6d63c56c4d2360eb0a17971a02d8434f3799a826a767211f9bc9959a4db06381080d4f4798dd6ddf12aa595

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4592_2131389585\crl-set

MD5 1eed47241189ded2a355cfa37cef4f8e
SHA1 5532aa074718706fab128118a63aad6a018c7ad0
SHA256 d3137942703f13b6d1c34b468db45e5cae6e37949fc67b426ae64dfb27d2a0d5
SHA512 0b2d571c555f988031d65d04737b8ac57fd56ee7433c44f35d3f44c57850047b8656e693e0de152f60d757adf43c77ad838193e3cca6db67e40d544e797affb7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_remotedesktop.google.com_0.indexeddb.leveldb\000003.log

MD5 9085ccbb0128c42adf4d79f2c604a3a6
SHA1 4c0536f8d59f82fa4d12308f4c0b4fc1ca600d0f
SHA256 1aaaf29d8246bc25eed2f388a10ac928b66a6ff8cac749ab7ea86116e024fe8b
SHA512 0f720c7a7ffb88a0204dd80d5e4bd32a24ca6bdfb8978ca756c0b2b7166933f0d3044bbb7987c9a611958afb93182837f09365d2b710eadf56d17893f52c801b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004d

MD5 d2df18f45ffe5acc8b33bc57a9b367ef
SHA1 235afec7a50d5eb9b81dcc65e5fa420ae4183807
SHA256 a95f1c92e3b251c3dac8c8893a16ae6e1bd0a179b3a289e100172b1f642e6709
SHA512 87e9c3554538d0a79476f944fea1b0ef304ce626ed32c2276d3191cfd7c5aef8b8de3f864bca85feeca1c363bdb1c0431b80d0e4b5c2936dc6643cefcccb4308

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a785b3d1834154e3e958af833146a77a
SHA1 b87d53e6ba4b2ea119a593b6daa84941a109be6c
SHA256 1384c9c319d4d925dbc46b31bfc7e1d02a7fcb6d31f065e90f149b56702e6ec7
SHA512 5000b2d3f7f4255b1d17f99d354f24438dd042cd46e7bab00696a49ffe0e7bf16ee2e4a9dd8ae85b4a6b32493ea9bbee31dedd196c1974b435b5b946238c0581

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 fa14ef91d1e2b569906d5f000ddc1377
SHA1 e7b3ca37615a5b1fa0225f64fd827c0313f671a3
SHA256 a721bc6c449c9a594e5d7760e5cb852da38f8c9aeb0d11f08306d61fed14a20c
SHA512 89f75391e05d00216dcebfc60c934da6c3bbf88d361d8f5e2335aab724685fe52a86e522961937eb7805b48aea47f65870b5dd2381f7208be9ee8d4e74e79ae6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e47d192e1a689a8da8275b07c7c5fdc0
SHA1 a447f16831700ec323b5f257639bbc280b720fe2
SHA256 9e89765a00a52d59a776c8e0f171db50802b6f0b5ead5b33c7b349f597314df5
SHA512 8177e56d291ab704f0a1dc40df51f8e65b539a02162d118e6d2b946f3037b6f4d2601e67bd921887e23b84736f3fe1dae53b3c1370970ef3ebe0541d995c4fc4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 0e68616fd6974cd81fbd7340d763c8cf
SHA1 cb0d5c55838e32f1003d73c052c8ecd420bc603c
SHA256 803cb27e816c5ed07bf5454e6461364e0e4c0dc5fdfcc41e416bb7d1a54853b0
SHA512 fc7561e116a1ce1de9b7f722ccdaf8c502a81b0215c012c6e358d7dd1207eac75382030284b6d33cac46aa8d84816f3434ccbe7b30540c15d5d16134ab315edf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\90f20c17e2bc11158145209b110cb75c09654d8b\index.txt

MD5 8764d78b6e456dcd19bed957a8853f8d
SHA1 508214b3ce3e45e3b768f94cdf372a01fea79d8b
SHA256 71aa2c6861fc5bebd5f944b8acdf85a92319ffa8bfb6bab68fad781c1bfd5d4c
SHA512 dce0d28f0d67acfcd83087ce6cbb60dc3a91e1253a87f498e82fd5897d79c1ba7cc880eff9429195d7cc560f13c847b916ec1a55cf06f325eab87329e89328c6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 50c3f957498c773aec7154ea8eff5a6a
SHA1 b98f3fa518842dc62a42975f435ba6afd1c32c2d
SHA256 1959d61e03961e1dcef2e171e6f232ef501f21f59655739d815b3f0c4c693891
SHA512 5279870d7567da99ac18551a290135ac30fbc6300c3d6960fa767271842a2f92273f710bb14ee466a061ee6d8ddb281a3ad660c4b79b82bea91025c7342729ac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000051

MD5 eb11bfb369775ff0739dabb3a5f379cc
SHA1 2eebaea2f7080c0b256fbfc70ab91473243af0f8
SHA256 2e0bdc192134bb3950a1ba4c1148901e39ebd8d2d01f64ef23106e90a9f771b0
SHA512 59e89752e932aade54d5b2b940e09f3c8b12a836f1c5eb515e82036a97492f42e12a4fb3dc156cb8d969d6cb4e8fd8f18b358715f972e12d4596ad390430cb21

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004f

MD5 16537d4f87adf593cf2845c3e77941ff
SHA1 377c92c37ae40bff8607590a9c4e2beab99fb601
SHA256 6363e07de8bab00273d415a8d24b3b9c84a6022f1b2ca55a5218174570e6f4c4
SHA512 ecaf3ddf4b5faa9fb93a376102462a3ff710b93d2c9f6370e24078b0636960703d56a11b2ef2c211dca79775543488841979704f59ca40c40ce2ba617cd714f3

C:\Users\Admin\AppData\Local\Temp\cb3a5ad6-7868-47ce-9797-71db54d9d54e.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Temp\scoped_dir4592_1974963061\inomeogfingihgjfjlpeplalcfajhgai_47259.crx

MD5 3c057c581bd63666398158551a1146f4
SHA1 43f414ab0ce7313028d70712191e91a830f4148c
SHA256 389981305efeff65a5e2dbe3b2c91cd89a68f29260e70b1c8a5a315864fe8da2
SHA512 edb8316624beecf1f547ac2e74323ed4ca9a3345fa4614d53f9aa2e7d31f67be5daff27a869fc5e78f4589d8d3e6df756ac9b92f9a196ba9257ecddcc12ef396

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 faaa5e85956f50a12957d2bab5ab0a97
SHA1 f521c9d698b33bd66ebbe0f698f66b46b71c0765
SHA256 3eb59165cee246595169e0de52f0188730d1827a7888877e783d08b16ff426b2
SHA512 9adae17819aa311c6cc4c686c721ab29448d915728d58f89b1d7e378084a0a80103d48f602c4a85b16a7ae7f15072652284d3f4ae9c4d70dc3837b5fc7f88e99

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 5081cbe473d759297044691454aa143b
SHA1 86b26b1afacac39b044ebdad23620dc522268cd9
SHA256 4752ba18f51df60e2bd487bcda9f49981e173574d1ad12e4f9025f3070db4d96
SHA512 98da37d537a235e3da631e379973993d3a0acf72353e8c088c381e158d9daf63ddce0e4b758e142bea931b944e19399aac9c2d41d6a0148394ef90da89f36ba1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004a

MD5 6c620b3d36c35f5a899428724506888d
SHA1 c013de5aa8096956a831b6d86841333f556e9620
SHA256 aad3899144159cdd9abc831f50a3a8bb3a0485febe4ee971536ee031994358b4
SHA512 38a0b097e604ad6904c528cf705196c28d6cc4398c7aeed2331e51cc05998a9c161c621e387ec7a7522c53edcf270aab34bf82b220e57e4f9627fa5d3debbba6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004b

MD5 b8e62f3fe1294f672cc6337d2303a395
SHA1 ec57e27e9cb17a5030d43ea1ea0087e973c34139
SHA256 3c12616dd137088ca5c1397c6df1b97c15e4703a9ffb0492480b8879451097ae
SHA512 490e8f764a98ae4e08e6a582c9bd74f62b80e1334efd43809dc98eafc3a4faca76eeba84481fed5d3d6aabc94d95179f6dbb768a3ab0b525f167a20a597c3733

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_remotedesktop.google.com_0.indexeddb.leveldb\LOG

MD5 a0bdfd76fa7ed1d9000dbcc6d9569063
SHA1 080d3934a5eadfa593e661636251d7e352e1b7d1
SHA256 adca1f37aa8bcc280724655b168352e9c659fc0a928cacccb6a606c0d2aec9b8
SHA512 478ca7dd5695c9bfe809c4444d308743c0c3174f24c54e42f47bef8af1d7e7d2bba7acf9590d8e4da95fd1fe1835994026305ab7ff042f39532285133c4e6d7f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\90f20c17e2bc11158145209b110cb75c09654d8b\index.txt

MD5 4161d9cf781a8d7602b2472431f507e1
SHA1 9319185e9e7d2ffc9840c83709122b1607c0b8f1
SHA256 55c8addc819a06b7a1e10192a4f8de6c5d7d4a8a0957b866cbd8c67bb0cbb333
SHA512 856863601ea2284547695fe0994d2863f1333595874946bfbc57f06536e3cef0c0e245b3f7b6fb5d214208bc3a364d3ab5e3cab79f707e6cb2c20ac64fc0eb07

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_remotedesktop.google.com_0.indexeddb.leveldb\LOG.old

MD5 7e048e08bd0d0bb30f9fa2b456a74e2c
SHA1 76a60e33a48d525753700e5de465ff7d6de063e1
SHA256 fa6f72b9606fae1c0246ea4ed923a2e78e4228d79d2eb74411af9c8a8d75e345
SHA512 f6113704fcab55732fb527415a15942e0b1dfef0bace38613f3dba7e7c4cdce8fd1012d2069d2ebacc8d9711b8f84833997890486bc7f9b486e88cb9849c5478

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\90f20c17e2bc11158145209b110cb75c09654d8b\20850a9b-4a14-444a-88eb-52f97b22ef8b\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e7f45e247d97a9afafaa89fc0674a97e
SHA1 43a718a633c3ba2c20e782d0310d4cddee319659
SHA256 616f11b2940ce3c60eb05ed4c359bfca71a0655455005ab0aa7c2b60cab1a22f
SHA512 63b4a63d88938ba5610fb077c2f9f6db6d2b3b16fa4d3793f09d836ee273d55557be70cafac22a4078229b4004f5d76a3f42bb863acf7cc6637808f4a7283e42

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cffbe15d5b57e561ec05e1730577c997
SHA1 61a323cd5798c849ddd7193c464f4d75b20d2027
SHA256 c7539ef291e7c859f32f094a6afa72f0c5df758d5a5c5168e532a68dc67aebde
SHA512 29f311f18d842d29bce241e0aa6b0fda6f0314095f8f60a4b605494b8f64d175ac30abf6f31c2f5666d0dff48cb358f3b01c4544274573ed2e4ead1820dd38f2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d4b6d45717f0e5bd4cda32b36b55835c
SHA1 66b44f246f11ad97ed6e8df829547176536f5128
SHA256 526bf5c6c4434e8f618830bfe5df318ac3255e72db3b0a3fef0f2a1ae4f1fa47
SHA512 b81a19fd557ca2dd85a6685b29824faf2de2ec2ec79fa0efa60a30b96ab90aeed72345843bde7e05d33da2fcbf06b0d72f801df722ae6231b495acb3f5864a08

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 a474818a19df0ab1af87e63f96d03a25
SHA1 a574997eff123324ae0f083b331aa41fbd5a09dd
SHA256 441750e7da3a9655fd98b67a2480850e0d8525f9fff9e52617de587496d7f34c
SHA512 1073f3ef4e7fa4520874789fdaefd466abe510c99552e68b3f0491c3cc235ae40784388e1751d3f943c611fb8b331679831f7083329eafd45220c3cb37569405

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 6fc65ab82cd1846f57d4e4b7977ab8fc
SHA1 5a84515a367f926d8d32088bdeca68c3ca01aee0
SHA256 2fe4f40fc45be303394369ce261e3733cdad316cf8247a97b83469966b192fe2
SHA512 0ee56c95b63ba74a1a8ed411efe7ff0283d40e599f5695bcd0f72a45b21df41d5437d9f698b8e5548f2336a02a56b4745214f39c0b1d0c2535576a964d93fee7

C:\Windows\Installer\MSI80BA.tmp

MD5 a0962dd193b82c1946dc67e140ddf895
SHA1 7f36c38d80b7c32e750e22907ac7e1f0df76e966
SHA256 b9e73e5ab78d033e0328fc74a9e4ebbd1af614bc4a7c894beb8c59d24ee3ede9
SHA512 118b0bd2941d48479446ed16ab23861073d23f9cc815f5f1d380f9977f18c34a71f61496c78b77b9a70f8b0a6cd08fe1edc1adb376dad5762ad0dd2068c64751

memory/5340-1610-0x0000000002A00000-0x0000000002A36000-memory.dmp

memory/5340-1611-0x00000000054E0000-0x0000000005B0A000-memory.dmp

memory/5340-1612-0x0000000005380000-0x00000000053A2000-memory.dmp

memory/5340-1613-0x0000000005C80000-0x0000000005CE6000-memory.dmp

memory/5340-1614-0x0000000005CF0000-0x0000000005D56000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_mqqo1xb3.ppb.ps1

MD5 d17fe0a3f47be24a6453e9ef58c94641
SHA1 6ab83620379fc69f80c0242105ddffd7d98d5d9d
SHA256 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7
SHA512 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

memory/5340-1623-0x0000000005D60000-0x00000000060B7000-memory.dmp

memory/5340-1624-0x0000000006210000-0x000000000622E000-memory.dmp

memory/5340-1625-0x0000000006260000-0x00000000062AC000-memory.dmp

memory/5340-1626-0x0000000006780000-0x0000000006816000-memory.dmp

memory/5340-1627-0x0000000006710000-0x000000000672A000-memory.dmp

memory/5340-1628-0x0000000006860000-0x0000000006882000-memory.dmp

memory/5340-1629-0x0000000007820000-0x0000000007DC6000-memory.dmp

C:\Windows\Installer\MSI87DF.tmp

MD5 85fcf7b457b7194bbeb46db22fae05c3
SHA1 5eca64d0d4ab4599852a475a7dd25beb88ae1c27
SHA256 e24376a9346c2d486ce7426ca3ddc73cd020bb7216f8e5a0b9b2cb23caddcf31
SHA512 12d46c2d63d221adb288a89b2fe0b423d4ae7579c24c36d651a6ce9488bfdc669a1e8378309c28f7019c7cfc43fa87e99b4829cace97715c0b94ac9e2a758339

C:\Windows\Installer\e5b7c91.msi

MD5 5f259c755b3dcbbbbc27f9513cddac61
SHA1 0e672bad7b67cc1f234b265f3af21976935c4903
SHA256 9cdd681fc86c1e816e652b0b5590d2e986b08bc26204e8048918a59c291051ce
SHA512 4c7f66962cecba4e753f3c996cc45bd102c6b7c6ab97bf85197091cfdb05ca82dd400f0888ead82927c61e3f45ea33e919a3a51da63cb5af1141a980f779fcb3

C:\Config.Msi\e5b7c90.rbs

MD5 831783e2b85819c9b76b6b34dfb0d1c6
SHA1 34aa8d80b21b03248abefe4e4e5bda5f628f6f29
SHA256 a2ee5dba10c177253d1f612da143177b1f82582aec4fea22904cab02a9d7d26d
SHA512 b009064c34d8ad33c64fe72e2057641186a333c6e528e2353aea41e54da4d0c6c4ae7deb5baf2e8b4291b133ab8d589e334e06eaaddc16429014b7b1156ea8d1

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d5c7a804cd4b5d2458f28728828a5ad3
SHA1 216464ac0d9bad33416145b6937c170a743a68ba
SHA256 6a8ed8344244311ee9949bb5774fadb90f0599ad860b914ff9c92d95982addec
SHA512 cd22ae79661cf5d62642ea93543ef68c639eeea1c17f5e659e41254c884c739e8e4e54fc9863817ca6c4efeda4c42b44009fbf4da5a7be24c5f0a2b9f2da4866

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 41c392693923d1e507f057c0ae75181e
SHA1 6fd5114079833e471ed01b8057a4896cdf6089a7
SHA256 6a182cda8129b8ae708e08c87a4c91fc9a9391019460b9612f0f16ec2481dd4d
SHA512 1218d63f3c370a0a2a156e7009bd2c4bc6461f9d955f45e206db4a5661621b267a23c481a275404cec93eacf389a47c7e9d09c07cd9782c8fc3f0126e6b013aa

C:\ProgramData\Google\Chrome Remote Desktop\host_unprivileged.json

MD5 2acc72123848c4aad8aabbb90a4c6daf
SHA1 ffb156687d3a7aaa7c3f767e690e648166ed93fc
SHA256 a436452474537da03f7d26c84407a018ef024a1a732b7ab31fb9f7821208321b
SHA512 f6f5534eb2ac6cd2c9c9bbabe206fc6ac5293979e7c76164b56e016b9545d464ba623e42aa84e8519b0e1a818e953030df040e84a844c012baaee4b463a9dc25

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 49c24605d22268c7db8b863eca60a409
SHA1 44c7c12a40b358640b19ada9a590b74f8d7f1cb9
SHA256 8080e2be8bf3b6cd3bfe5fb491423d1cee10d58a791c286cf3747d23d4f0e562
SHA512 bec85a4251cfd610770d1abb8e6bd81fed18e16a0cb835cc19ed6b9818e087b258eb5fe660bb08948b4d8f6cd8a4a0221a19c37514cbf0d7742aa82e9f0c8642

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9ce4dff2f987008a9fe3213a1aea3d08
SHA1 1b694a4f6a4aae4c6d89d746ccec0bf9f8fc8b4c
SHA256 bec08c2ceb1ddd77a75b594b7141aee72adc926cc71ad7d491f3c7fd699bba30
SHA512 567c8f6bf038e46d56537df0839164bbe94df91a7a85e6f9598b30642c99bcb3cde81b820daa3086df80b8b1d500aeff081b2c807b64e11c742cf8ae14abaed2

C:\Program Files (x86)\Google\GoogleUpdater\prefs.json

MD5 f7dcad91b48eb5b4451e42416aad0ef3
SHA1 65faef71fad78cb6e68639ba4de77362e942d106
SHA256 623e50a2fdd367a51b74794bb6f079c2eb1550ffec0aa0a9ec97cf2f892a9226
SHA512 2a3074189ea28fef9e1fa7dd48ec262eec2948e166f69a1c958b001440b1676ab579b87d1092c15955cc4f1827380debf480952f7aa7f4928b04fb2a41a087e8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000089

MD5 8fcc16726278a182a9b10f990a2fbf0d
SHA1 2c4dee8d842c4189d54440b3e2093b0aece5b1e1
SHA256 d2ed989ef583f6453dbe1350543c6c54cb639337c867a97aa99b61e2717ee571
SHA512 c0b6289e8e553c1014d8d4278ba9b16d6ea49640093417b6e6adcad6afed1ae6402b082fb27864a77b51b57a0c344f6b3c9bb0789eff3c42a171c6bb0d8835b9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2a14cbb8ff4a108791c311be62bf631f
SHA1 e62349e4b39764a6b24fa3a3c90a4f54a853ddc0
SHA256 ef2a3ba08328c08b6a85593ebf880f76e52b385e732e9cd157b14f18528387f7
SHA512 5fa6ec360b9ce44f0daaf91f59f824f835bb513b679a367436d3398fecaae97c3032a79a3e24fc6939828af691029b78d1a557d2656af6ec5d5a59a03ea4657d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ccbc45157229974b4f22b37854920bf3
SHA1 ec01e5bb10552ee4ae359d8dde64b754dfc2cbdd
SHA256 a4b5c5f4d3296e7ed33dab425317907b6370d1a5036e41d0cf5f9d15ebeb22a1
SHA512 f8ba72553d912aecb3956dd9a74c85488adf618664be635fb7e30dc9a1caa590c238632f0e370390af2e679327fd30df05508fa5198d51a3983ab0157148f9da

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 8842b1558caffc23407107d9b575acea
SHA1 7a863eb1709e50af3d49246b5cedb062ffd20431
SHA256 d1918b0bd2ae95027bfaef7e7b25b171ed6f61916545ef522289670e3026f142
SHA512 1aac3b39ccde4c577b411e0178b84d7119a38b7806e0a7a3424ca7272f8c7274da7c6a79e9337505a9f6b0ad84d26e2e55d3d9682f10128e69648e3c796462a6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3266e9368f5d7e07f7a908d3cbe403f4
SHA1 d62efa8c42913ad0a4a7de69fdf1afeb378cd9a2
SHA256 15f5d2e6e9034967b1cb8d271717a6c220731017d48a2c9c1056959ab3ee1a75
SHA512 086aa5a6920aac83015311d629d835c85612ca94210f8c72b4b07a603ff324f1415abf5a11ea9b07c69fba1b19ed67d40d5b0f2e88a7d99a30035c2fd5287f87

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3d7e691bf37f94c6ce2a7aa160dc8384
SHA1 b086c524debacc5573dc45db8d4c6b91053c198b
SHA256 ad8ef5edea9663a98b975ee6c0a1738b642bb60a5723b1e7ab99e4398f004445
SHA512 be1a13e42fe81d5869745fab54aa2a847934362ec6563faef4b108aeb3ff5112550c0eadb62fe0cc50fdc53035711c2a12f0814b0ad294caa1b9c67eb3bc36a7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 70d2894161dd5ed0cbc9556af003922b
SHA1 3bedaf009466608838014466e90ee63122b33ca9
SHA256 30c050f6a56a1304fdc61bab776f6c7faa9ea73ce12a23845ec3aa036dc80ba9
SHA512 8b26edbef5b9d9459e5a4f126a9aaa5e8d79ebaa6b8d247d9ad7851d3f6de9d10fd6b1e7ea41d50688f0c4ded4e6117fe0c867b951f0f58d4bb76d953f5ea98c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cf9bbfda0807f56fdea6ecb5cf226441
SHA1 f0b6a7dbb6a78811ecd5dfd35cbb58910540dec6
SHA256 da85092e2a649c200d794302dced364c33c601cda734f387f7cdbd59b1654eb0
SHA512 b0c01fba34dadd28b254f76b05f2adbee52deb2fa560de27b7ac8edfcc1947e18b281cade0d4f0bc1e45af51d1a3e443841cf9d29a07d4dfa0fdf1bc117e55b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9683d865565abd7cc11bc4ad7581b52c
SHA1 07985efd7f9fda750cb89ed442e66abe9d2f66df
SHA256 6caee373baa209d0060bddc670f7b1173dc5a3295edcebde6de3bcce3cff7ad2
SHA512 8cc15b751d3c784c2de6dcb5e354324a68320c21d46fddf6ca71310c32d3251a36766982c0624bfe239b84d21adcbe226ff6fdbd8fbd0bdaa332b04e1a3a3497

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c8efb150f6f0880bc6d68ecad33fc495
SHA1 c23841b77e72f5b24da57a2261d01e387f9e8bb6
SHA256 2ed8b382e4533dbcda345b9509eda02c4eab586abd45801499d785e55a94435e
SHA512 514af0e3389aa4c0b209f0de793b922214df5af1e7660fcf3fdf3d9eb27669cf387e3daa11cc218d59b02e9b6fcfac22ba48565c923ab3bfbf57ee7c2dae9c47

C:\Program Files (x86)\Google\GoogleUpdater\prefs.json

MD5 fefcfd94b290fba946a2b29dc7dbb606
SHA1 0c8d4bff174aeae6384f91531b19b68e608530b5
SHA256 f675858ab5998514daeccce9f43c9c7ec4845223df6904d48fa1d438e5d1b3c2
SHA512 db856d8702c8e42b465a753a9db41ab15d36013337931547c47c0f74ed3e55ad283fb131b1215125b9d9ccd9204489a6aa8b1aae719782463f6b76d9148a7cf5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 7506ba212a5c3a717f10042e9b9fa39d
SHA1 fc4a9f809ff7d53380d5763e74335988e4d02a4d
SHA256 fb92888e98011bafb9f5ec87b38bb9351c5494cd23b82f6a74d0d85eee0d1833
SHA512 a08f590f247fde66d0fe25fc561a78477b2ba7da014f34360ba9a6e9e49af46772bb26ff9ced2007b245b6665247d88e0291db5430eda21c2ce8a6c8d09f9d4d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 42b1bcd93f5efa1b709de7ff310292b9
SHA1 7d13409535caf3d19f9513118528b22c851a9c80
SHA256 078ad30f11ba911b638dfabf5a538d24f60a24301e2b0e7ee82f6dc984378baa
SHA512 ab76b42805ea8c3f2ff6253887dff62239a675ad1cfae931c9f7d9f252b6f942f0a34d87d4268af43af18cf1dc32b3e31bfb9131a293728ccfe054602f1d4796

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 124ae694b17c3d61d9996374c2412ff0
SHA1 fec6836d832a427340a556990106850089e23af2
SHA256 bb442328ea70f8d5b31438aa7032283a3fa75908394dd20f83c78b9e84ca20a5
SHA512 b4333251c93f75ac6e281f280fed574c3b5e9665f4a0d68c02c3ea2e96633e27cf53afa7117c4adfaadcddac4a93aa16adbf7c6cfe8d9a663f935fea4e6a7b94

C:\Program Files (x86)\Google\GoogleUpdater\prefs.json

MD5 bd3fcb114bc084daa92416048e982c96
SHA1 039245258465990d683433e0341c80bd2912a002
SHA256 461995eb909a999b59458bc69f79cf64f57dd7a04c77259bccb3d6da6862a4ee
SHA512 c455a2584c1bd0a45676da0aa8c7822ac80bea0087d65a53267ed154e8391c01e3916f15cdc8d995c0d2663dabbfad6c9a35b1f29682e35ea482694abe826521

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5468b1b96e2f832a53046ae0d84e5e77
SHA1 45da703bb7302c42cd144b7bc359f601ea0c9490
SHA256 6525a3ef92e4930c458619bd89fbfd989eedb36a21d99d2752c5d72f561c28b3
SHA512 03c70c9f7d0718aaa71e5d5b2b096d4b9cd0a2029194dc3aff6c2879a5540c64701794c2a05b876c050dc43a76fadd8fd54fae3be6e6d44bbe4151c048eae849

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 72dab3bc2bef979659b80db24d68d9f4
SHA1 cecb87f25ba2d5ba72519a275584ffecf74f647d
SHA256 62b5f3008340549fe1f3cb6d5e11b71470973311add868ca9aae5be8f950f987
SHA512 56685b7bd3d30828426353f2fb946e1aa8055482356e732db9e89b3a6200b2ea7a61e119887710282eccf16c79f213f7fa3c63d6cad850f8ff3ea9969393dc64

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006a

MD5 3840bd744c95cd7d283920a1e4c8aa79
SHA1 fc44294dd7e0972e0479b8a72edcdc549c14885b
SHA256 2161d8b226cea626b5eb3e960679232ec840b14598efa20860e8153f16c1f4d5
SHA512 321f36d6e3047b7e3a6d8b600f00f852f0830f40c4b0df8beb3a5513937b0361531a608ff290ade9cbebb2ab166cf0b83e65e61794efa84d500dd842a6b2ad09

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007f

MD5 793b639f0483074bf878fcf19c131678
SHA1 b1a2ef0fd4d7944a9519e54e3201a05c62c90415
SHA256 b214fce2614aec5046a24ad48e5023ae8d29fda0d8c510f6dfa116f684566869
SHA512 1aa25f77f1075f79f9d188ee9bb4a5569db406f2cbde550c7eb6c3377d3bbea5cfe86f1328248f8772020a90093c133de90c09cd2e50048fe2d400e807526238

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 52c245a2368f77f633bc78f7139dff3a
SHA1 c310697aa3df86719b8c327834b2a196d89faffa
SHA256 0b6527724b53aba8ad7f1812a3053c14d38f432618637cf58998ff1109704962
SHA512 f81132238882e600df3aa9c38e1f64cdceceabab6aa2aee20a12e5212d12231905a85c3a64eb23e286ef3bdb8eec997e7ce484ab59478f0528f5d41d88f2e160

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 17854be5db67c82ff3092a814bf31966
SHA1 93d3f4cffb1f117115e79b53cbd2fd4ca1a73e3e
SHA256 e55aa945a64d0484f45c046cfbe058ae9761ccdf0c0618cf3233dbe68e1333a5
SHA512 ebadd314e7cbfaa4f061c272d06cecabf639c41ea95618986452fe9b964e42cce3132685e569cb8b4188a006b7c89900d7eb1824b7e7686c5fbc47f6d8ba8ee5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c34fb058b471283e01b81d552b27d82e
SHA1 3fa87ea676ae88431577153105a881c173a08f02
SHA256 7d135e80ca144540da370d20e9f6a90b84b716e27aea6e575a2b4b5ba2d058f5
SHA512 659d1b39d691f71181bdbdf4f8a1ed95dd38c6c263e66b77c55483207d3f7db8405fec8977c3740785ba70af5d6ed356d8bab1a30620a4339712fe701256d4f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 70e0d1165fe57b063a0b8ec4f30162ba
SHA1 f82ea0aaacd90ec4f8227718aa74bec2adcbaedf
SHA256 8f97789dc90f0c18cb41c4d05c39884f6665933cce1e87acb76a3535f92ffd79
SHA512 2c71ed69bed59879e9285c28d98b6e24671f4c0e75ed381f10752b9e9543781d8b3bc148cdbedc290231ffb392d427a1774b1e89c01ccac53c5183435eb5bc09

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cd562127275ccadb084b13527369e138
SHA1 47f065931ee0a7da0151936dda09bcb63e2af7f7
SHA256 68f464b0584f7e57748bbe2e7f9aae126012ff8ef281a06f40ce464f2dab60ab
SHA512 c8da648a389675d90ed5d1cf6112db1b59c038d12954d82cf6386a6e0d38dc2dcf0b1f8ff2ce35f3429278cfb5ddae6cb87f1af012edea7fa64cedd138035533

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000170

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00016b

MD5 0c4880fb1de7d2ef097042adee0d2d31
SHA1 ea7b12eae99f8f044352f1dd1bc4f7ea3786eecb
SHA256 506fd688cabceb56eed3a3ffaed6afe80f124c61b223b3c8cc231c74ceb5c73d
SHA512 74d5d2148505142bcfee0f99d3879a4c5baca87575026df3eac7d504b56c849f827645b83fa7fe2d64bc6bc3b53ee35ad458ba56b846b2d4a5e03996e2ddd80c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 52c9abb80bea29d701ad3123201571ee
SHA1 0c9e4bc6e5f2d1a16877335837cc3257ba5b9330
SHA256 185eb222fd7ab830edebef4e99598a3e2abed3b8a5a80898ed24aa865a3c3550
SHA512 d059c59a7586887e283fd7e8c406be04397e63442836e4dd026d5cdf30319dd86eaa00b952aae78b3074820a2ba4ed9471d48e4a4f7c66e73f136afa2db0def7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\4\CacheStorage\index.txt

MD5 927f7abb17ca831411d25b71065df57c
SHA1 0ec9fa2470d8270188a519464eee20143d061f19
SHA256 d6560bbef84205249a2892d4050ca65645b30ff79a0bbdb6e13e6eebe10fca5d
SHA512 e3119735ad6ce2e1aa9d744e39becef0758db1408587ef62274d3b872cda4de062d9c7b9d432f438691b3b74006d0b14b8596d96b75519ae85e99c985c9bcc4a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\4\CacheStorage\index.txt~RFe5f140e.TMP

MD5 f53db5c4894a72ea6904bfd154433cd9
SHA1 aa31573fdf03aaad49dc2580f83106eb6a5963e6
SHA256 e506b2b6ebc2892c2c9f700ec5cbc0120a347054a9b0d17f1c332097bbd4cbc5
SHA512 34e668908ce1aad84dd1c31ea9e567b6b527abb803cf53820f5592879776465ba78ceb301035b7ffa7713e6e255571055dce4b772a210644ca734eb2c3095f2d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8283fdf116ca4e667c3aba25e94ecf37
SHA1 9af96edb16a9a017c6985b665ee755674c86e362
SHA256 6aeb81f40ac5a2fb3ab7b6a843047d036c6950dd2f3c5929d8329b7869432382
SHA512 14341444094418b199c069c04e43f4074fc1207fceefe4044b062f328b44e8694a92f092f1373c5b50c71287424a1cebba072b10f5fc3d865c5bb7f51a9d56a6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 1dcc1266880dabf9c17f78d4436cabc3
SHA1 7382c3fd45b8d83a95f65426a77e8027c6a765d2
SHA256 c005b1e8df2638cb7b1ee4b4ec88f9ccdd440bb54cf37ab0f941bda5c9505454
SHA512 b414390821562f5e4dfb779851b36ee8c3f414c8069a7e8407c35ccc4af628b9d6d9cb29d5065866382d47d1d730aae04517edc65045dc8ae3d6fe04a971a001

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bcb1b2f5f1bf4d779af453f625f9390f
SHA1 4f9ee71b398b93ed0071637566b674af3c105af7
SHA256 048ea52e8a534f87e4ab4da2291ed655f1fce56bb5f898a2df524a8cb7d2ce5c
SHA512 95b750be97794ec1ff48c7fd024921d817e3ae03f3181558ecea841b8b03f674f03da4e6a5722d90f4ede9ee71b7baa29069ddd721728bfc1aa1837d74537928

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4ecf40b0a215cfdc1a50afd623900746
SHA1 c43e640145e2b994db7fd3da5d9497ad56c9fc87
SHA256 684c64a12b0028e855031c2c5b4d42e50504fb041c1c2bef7047ba9ea203a92d
SHA512 9b30d03d977cd63d7d97765067c702ca648f29afc884b1839c935c5f343f5dfbd71f632546b5c848155ea2bfe6337c508c818fb9039493b04a88579185d4349d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ff74092d002f573b9d846efc38ac1840
SHA1 ae0e7b8b5c27e712314810d2904cb6166c926aa3
SHA256 3a0c1d5746d637fba82ea4c59a549560ec34a9447bfc5b62a7fde11b8bd6562d
SHA512 e4bff815231bd5ce73c0e32516c933b1f60df0483901ab03304ab6ef602065e81c3496e02864b4c76630bef62978860b4430b14e08dd69b6ad8b2c8359ce5494

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 59159240b9ecc1881daa63eb621d6def
SHA1 152b13e82b347d8beeaeefb13265c2649500e4cd
SHA256 985ac7c5dd3237c0933787e333124d7502ef966c0d4838207a464b528ca9d2d5
SHA512 b4c4447a4a2cfbdbc37fd81ed9beec677728834bf5455eafe89eba795a5b47db1aec2373871af966fa1a8b0db1a83e6afc995f9af216fecb3fa8a9d0428d11f3

C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-studio\529ac613c7ac1ddbaebe9e7d9f82eca4

MD5 529ac613c7ac1ddbaebe9e7d9f82eca4
SHA1 fc8cb991735a98a9663776a61cb9c185a3335f94
SHA256 cd6a5d746b5c36525d781e6d40368f87a3edc3ea157bf63fb55baacc51337f0d
SHA512 e2378819587ed7eb417d0375d49a55ef9292b9e8d22718a52688e3fad59d68a711281f25d1045a9da5442f2d805b9d98aedbf4278c9188208bb2edd917751e04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8e1f497cd4bad57c31a1cad25ace6c43
SHA1 1ef080e1b844d0db60af6d4f2dcc902d0ce2c70c
SHA256 83bc8b3eab85623e5d50d6c6fe54493f888eb6a229b3caf858b0358ad4cf306c
SHA512 737db9bdeaee4e98f867f3104aee1a71583b6c8a772991eaecb758bbf8f57066556b78cb21e0f1c9a6031f3ff9d314654748dd2b71a1731dbe45f480dbca01b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 afc79e1ae22cf55b5cb586ca873d6edd
SHA1 1a7be694ee31ea96d38e7ed976a521e6bc7e8175
SHA256 d08032d72a4a8af2838f2787d78d7177f3f1f7813fe6305cb2bdd9a598f88dc2
SHA512 ad8bfa8bb337320049d6adeffa2ec1e93931a1e0af2b2e7ac8de3f6710b0d83e27882850168e6eb828e7b1f9160df90fd1561f86ed870f48682829fe0bee3038

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

MD5 4dc57ab56e37cd05e81f0d8aaafc5179
SHA1 494a90728d7680f979b0ad87f09b5b58f16d1cd5
SHA256 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718
SHA512 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 f5489472026b408308b150704ffb3a40
SHA1 05683b4a53d62888d3e69815c55b6dc67616ae9e
SHA256 6fa856cb5793e2d0f52104a1c559681b036fb6e362564b4861d40228114f9e67
SHA512 a7de1487b1f2b601572585665ffb882c3a510cafb4d5cf10c83f59de77b1dcbdcd60b960725dbebefa331eafb45e88816e024d35fde43bae5f618a772af018e6

C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat

MD5 9dab4f0d6390165f93ba810480e95028
SHA1 5abe6cd99cf0ddfc690f5b436d41291db87cf71f
SHA256 abdae83d3c6b494551a8d2f311acc53e9d850427ae16e7ad2b811ca5691dc95d
SHA512 4f7d0aeef99ff65c22008da7b1814ab2f0b92912479e9a4064c956c6f084cb20c8a07092ed62fa4a2f3250244924781cdb45e16ab1b4956dc9abf5734826eed5

C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.85\Installer\setup.exe

MD5 776d096934ab49e06d98f228f2f09578
SHA1 85843747c6b28fbfa094ffd37306260a0b80665c
SHA256 4454ee06716329235c9395b1bc3c5498565074bd43fffd70123935ed68096796
SHA512 cada5800ea29613e4cebc370a77b0fa589656ed27cf52eb3f6ae0321d951a98afaa192ae1e06c3a4662726b64a9f84903cc3ec633f7170d1bf25cc66c8ad4354

memory/5812-3680-0x00000000004D0000-0x0000000000505000-memory.dmp

C:\Program Files\Google\Chrome\Application\SetupMetrics\314385f6-38c6-4a17-b7c1-bccac17066d0.tmp

MD5 d7bdecbddac6262e516e22a4d6f24f0b
SHA1 1a633ee43641fa78fbe959d13fa18654fd4a90be
SHA256 db3be7c6d81b2387c39b32d15c096173022cccee1015571dd3e09f2a69b508a9
SHA512 1e72db18de776fe264db3052ce9a842c9766a720a9119fc6605f795c36d4c7bf8f77680c5564f36e591368ccd354104a7412f267c4157f04c4926bce51aeeaa1

memory/2108-3692-0x00007FFF94120000-0x00007FFF94522000-memory.dmp

memory/2108-3690-0x00007FFF94120000-0x00007FFF94522000-memory.dmp

memory/2108-3691-0x00007FF712050000-0x00007FF713050000-memory.dmp

memory/2108-3689-0x00007FFF8E460000-0x00007FFF8E9AC000-memory.dmp

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 b0c5287308882620819fa71e4d7db9e1
SHA1 f4d32593c24c064be6991b667e82f2fdfacede24
SHA256 8ed6c924888f91032b52ca90d9b8bdd250433b3908b17ab934f031ef83329821
SHA512 baa3a8045b70377f35890662d9fbbacf3aca971cb72206fe84af5bc45aecc3de63b2040155c0292b6c4cbc0e18ec5e27af9668bff39a7b21841ffc8ed4a0bbef

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 4e0e2906c875aef21d75fce93ec93695
SHA1 fbf4f36433ae243a2d2f1b3aeba6d80fbb91edb1
SHA256 6d2f64b19ed97f905caf670d09b4dd5a0eac4321e8ad71d9d6aa1b785c18f694
SHA512 0c733def69e89a12a971123c6a92124e9365dc1d71c08285d748f32058f367a6874b9a7d68174c91473b0024738c4fc67672b3b1e1cbe78ca3ab37992cefa5b8

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad\settings.dat

MD5 ddb9cc3d15c55d5f18363fd649e13a5a
SHA1 e441174ca628902834076c40ca43ac7663d80d18
SHA256 bc2001f111253f982c4cea436320ed881d29022e4be352484b334d401bb14356
SHA512 923352db59cd9d342f522ef15e13c01ae4f1a39f0d3fe8bfce9f6d2e81bb9d76d3a2b532ce362a129d62f51c13ad2ece808df85f7992889f1bbd3e4488fd6b79

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State~RFe62c147.TMP

MD5 946b21aa444d7b373b2c90aa278c1d00
SHA1 2f337c9ae11ba8445e62c766e26812c62690f75b
SHA256 1548d94e163418dccbcdb552cb0d1ca914900bc7f155cf9be810e08b58496650
SHA512 b9cbaed9924bb64c1ad152978f50a0ef20a437848cffc560734dfaa8c3fc7bb072f35867b1f995c7a2c82d3e8830cee35832b5306d352d3a963d4e6eed77335b

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Sync Data\LevelDB\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 0f46c17712651eaa577423695a9a2a7e
SHA1 43577ad4b4195dd612a5d356aad3408660a1bf9d
SHA256 a9160a4111d4b445e205a6817632640a9aa8ea983753aa5429e6e659ac2f110d
SHA512 c83e9898bb2d99481fb74b5af07326650a5fd44951b1e5187390b1649ec0dac2d121308ac52b9667a7a74c2976933704734c34e42b540b4b9d2ea81b661ccd45

memory/4536-3817-0x00007FFFB6750000-0x00007FFFB6751000-memory.dmp

memory/6724-3822-0x00007FFFB6750000-0x00007FFFB6751000-memory.dmp

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\GPUCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\GPUCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\GPUCache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 5b81471ec36163c9f6ee9793f23e2d40
SHA1 d50e733a91ec3707dd08d5a731cc328f175d1dee
SHA256 fa90d499d6cd38cd4ddd499fcf60215904fe7282466e4e52656c7444a4ac233f
SHA512 2bf1c9b15bb89c2fa3de15ae1c0edb085eae03010900b1dc9284716217dd245231d71e3ef6f079a39320781dd6ae1accea9ec78874f98976922ddf6cb591fe91

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences~RFe631524.TMP

MD5 bc2eb7c8f73de31b9538f0462c8b4711
SHA1 2f202f961b57105379900e2b36063a9bd44dd12e
SHA256 2076b835a3fc47f1ddf07bfdbcf9eda8af22bb1bd76e37e03428f8ea664141f1
SHA512 ecf0fadd81d8e184e7a3f618f5606b8a00d5b49b1da3e31f2f7d99fd5c8ec0b70634f97f5b2d4b843f3dfee39cb4af8868bab61cec29026745c8453357fd920e

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences

MD5 1dd07c627788e07e2976750b25e57bdc
SHA1 39307bc70423fe1053f58368e122a6fa049a14d6
SHA256 e64dbc87e073a433b85a77c65d1f7ff48ae24cc423a3ca3bf3afe29718fa4763
SHA512 02d932e5cd8d3e4def4a421efcb37edb1966cd26ce877ce8e009883115b12de56a2098a6ee52a04df283f918ddbdfbab81732ab1832013aeeac7e6c97a9b5de9

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity

MD5 35a011f528f26776ab07042b3418f73e
SHA1 1b367e77ddd86d7742002e50f9db584ce69c88a3
SHA256 04c1f628548c17249608849dda406448fbba756fb8dc9a325c50efbab52a5d5d
SHA512 67208b3dae2d73a6268f7cb104185f73f428e41a1192367f6382bb272bfe3bc1a1faf4bc3682dcf1eb88031a3f3ac6d15bdd8c98d031404edc1867efbfc95780

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity~RFe631572.TMP

MD5 655b9026dc096f29741da3e292719b5b
SHA1 4c0d84409e0269eea83ae6371326f805620484cd
SHA256 accb87c3875e5d3efe483d4d0bf8241c6572aad4651fb68f62deaacdeb1dacf9
SHA512 8813ede8583a85a9726cfae4e58de5d2548e8a07346927b1120637fb448c810c36b619887c384f00a46e2cb0adda149ad633880dcfcb490eec4aaa3a0cb27887

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index~RFe6316ba.TMP

MD5 4f0abee3b820bb16cad0c5e7eea6ef79
SHA1 6df1eb281db3c35527992f37f8aed86a6b486eca
SHA256 130a160b837a9f487c2fc14a4dbb85a99644fbc795d955b6672f811edc2096ec
SHA512 a0f7b4bf1e2e90738e25d59304fe7ba3faf8c51799bdca0fc9c1b90ca2dddd8a76040b1412beaa834450eb0c2bd38cdd439559fa4332404a40dfb647a15fa480

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index

MD5 5a1921ec64956e27676cb30f024936ae
SHA1 ee756eae403f28765f8da9a115bf6ddd15c0a1fe
SHA256 3b10173b83d8f8d98cf00bb1173cdfe11efd450c65dd7a5aebd36ee496751f15
SHA512 dff1448476944bcb154cb97d841d74e85cbdd1b2c7d70429ef550c70d6fe85e462d59ae871ed6628102c0aed0e3e5c8f19cff2b2bb3807449dedaf726768ffd8

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 c8b12eb0449b1680a9d26ef734262070
SHA1 e9cdcb308a0f91bb7a3736e7abce8cd28010ea9e
SHA256 8ab32d7fa2ec6873d9c7bc0674231f776018fecaf5c4dc09938d98fe2410c20c
SHA512 b4776f951457ac7ffa3fb4fe9608ba05d49d002a940c4d645eb26d7263e6595525850f7e9a78129ff391f913e0bb5600493280e61dd363da71aedd53fcedaab3

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences

MD5 d4fca710c4e851f53350654fe1e9efdc
SHA1 6223efcefaa408901f60d93e852a2622e43c450c
SHA256 874b417ce887e8e03868febf2bcd60af3f6c21ba9b759d8779b01706eed77a80
SHA512 38f5050966c6e4c33adb5aefd1b25beadf3f783951f3888346604c90c67d33b468157f35ba123efe046486f97d41fe82e67bea10a933165dfa6f666d8163ba28

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity

MD5 5fb7d86e6a4577753e7e21421190af92
SHA1 682c325690a63bef5408c874bd55615053dd5762
SHA256 5b53e2c466225b5341cd95f772b7f16972efce111ab8376d29aa7b0eb1c1e4ed
SHA512 5c1d4d243a9b6b4d23a544f4b0920e7bafb28a9870900442d49ab9873accc8d20fc3844575528db5d79f5fa081263ef97826c0029fbb1112a0c633aef1f98b5b

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\e0571e5e-ffd0-4180-9376-0008d23d5e9e.tmp

MD5 5b84f19f352436f2c8e459b015716aa1
SHA1 b80d47075659a3aad13d4b624f7b918ea0c6cd1c
SHA256 2dadf70b8473647ea354c43da786f2990a4007c5035c3d1085e5a0df6e17704a
SHA512 3631b968b5be74558b1a8a1fc0e87eeb29d517704ac0cd913835de005f82d86a6bfb529d18786fda473829cf4d95a9a41c38451e27a33856f28b220226387a7d

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\Network Persistent State~RFe6327e0.TMP

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

memory/2108-4308-0x000001C80B690000-0x000001C80BAD0000-memory.dmp

memory/2108-4310-0x000001C80BAD0000-0x000001C80BCD0000-memory.dmp

memory/2108-4312-0x000001C80BD60000-0x000001C80BD61000-memory.dmp

memory/2108-4313-0x000001C80BD60000-0x000001C80BD61000-memory.dmp

memory/2108-4315-0x000001C80BD70000-0x000001C80BD71000-memory.dmp

memory/2108-4316-0x000001C80BD60000-0x000001C80BD61000-memory.dmp

memory/2108-4317-0x000001C80BD70000-0x000001C80BD71000-memory.dmp

memory/2108-4319-0x000001C80BD70000-0x000001C80BD71000-memory.dmp

memory/2108-4318-0x000001C80BD70000-0x000001C80BD71000-memory.dmp

memory/2108-4321-0x000001C80BF40000-0x000001C80BF41000-memory.dmp

memory/2108-4322-0x000001C80BD70000-0x000001C80BD71000-memory.dmp

memory/2108-4323-0x000001C80BF40000-0x000001C80BF41000-memory.dmp

memory/2108-4348-0x000001C80CF20000-0x000001C80CF21000-memory.dmp

memory/2108-4347-0x000001C80CF30000-0x000001C80CF31000-memory.dmp

memory/2108-4346-0x000001C80CF30000-0x000001C80CF31000-memory.dmp

memory/2108-4345-0x000001C80CF30000-0x000001C80CF31000-memory.dmp

memory/2108-4344-0x000001C80CF30000-0x000001C80CF31000-memory.dmp

memory/2108-4342-0x000001C80CF20000-0x000001C80CF21000-memory.dmp

memory/2108-4341-0x000001C80CF20000-0x000001C80CF21000-memory.dmp

memory/2108-4358-0x000001C80CF30000-0x000001C80CF31000-memory.dmp

memory/2108-4360-0x000001C80CF30000-0x000001C80CF31000-memory.dmp

memory/2108-4359-0x000001C80CF30000-0x000001C80CF31000-memory.dmp

memory/2108-4357-0x000001C80CF30000-0x000001C80CF31000-memory.dmp

memory/2108-4356-0x000001C80CF30000-0x000001C80CF31000-memory.dmp

memory/2108-4355-0x000001C80CF30000-0x000001C80CF31000-memory.dmp

memory/2108-4354-0x000001C80CF30000-0x000001C80CF31000-memory.dmp

memory/2108-4353-0x000001C80CF30000-0x000001C80CF31000-memory.dmp

memory/2108-4352-0x000001C80CF30000-0x000001C80CF31000-memory.dmp

memory/2108-4351-0x000001C80CF30000-0x000001C80CF31000-memory.dmp

memory/2108-4350-0x000001C80CF30000-0x000001C80CF31000-memory.dmp

memory/2108-4349-0x000001C80CF30000-0x000001C80CF31000-memory.dmp

memory/2108-4340-0x000001C80CF20000-0x000001C80CF21000-memory.dmp

memory/2108-4339-0x000001C80CF20000-0x000001C80CF21000-memory.dmp

memory/2108-4338-0x000001C80CF20000-0x000001C80CF21000-memory.dmp

memory/2108-4337-0x000001C80CF20000-0x000001C80CF21000-memory.dmp

memory/2108-4336-0x000001C80CF20000-0x000001C80CF21000-memory.dmp

memory/2108-4335-0x000001C80CF20000-0x000001C80CF21000-memory.dmp

memory/2108-4334-0x000001C80CF20000-0x000001C80CF21000-memory.dmp

memory/2108-4333-0x000001C80CF20000-0x000001C80CF21000-memory.dmp

memory/2108-4332-0x000001C80CF20000-0x000001C80CF21000-memory.dmp

memory/2108-4331-0x000001C80CF20000-0x000001C80CF21000-memory.dmp

memory/2108-4329-0x000001C80BF40000-0x000001C80BF41000-memory.dmp

memory/2108-4328-0x000001C80BF40000-0x000001C80BF41000-memory.dmp

memory/2108-4327-0x000001C80BF40000-0x000001C80BF41000-memory.dmp

memory/2108-4326-0x000001C80BF40000-0x000001C80BF41000-memory.dmp

memory/2108-4325-0x000001C80BF40000-0x000001C80BF41000-memory.dmp

memory/2108-4324-0x000001C80BF40000-0x000001C80BF41000-memory.dmp

C:\Users\Admin\Videos\Captures\desktop.ini

MD5 b0d27eaec71f1cd73b015f5ceeb15f9d
SHA1 62264f8b5c2f5034a1e4143df6e8c787165fbc2f
SHA256 86d9f822aeb989755fac82929e8db369b3f5f04117ef96fd76e3d5f920a501d2
SHA512 7b5c9783a0a14b600b156825639d24cbbc000f5066c48ce9fecc195255603fc55129aaaca336d7ce6ad4e941d5492b756562f2c7a1d151fcfc2dabac76f3946c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f296a67ee0c8c6caf6e5138f5b1be036
SHA1 9f1227b05d6151c84a04e9652f4fa99205f8dc94
SHA256 dc2fad118753d313eb7d7cf3d651315ca43026b0b0dae3d0bd1fa9137eab6e23
SHA512 4ac94425595de8ca41be9843cad40ff7cc2f7d4f86413eeed472fa69162c2946171c591c3487e82c8025e7908183af36f74e222e6ec35d3c5d7f74b3a05b7d10

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00019a

MD5 e0a5b5b5b60870c900d4e965d0582b5b
SHA1 324bb751461fb997107f4c2f869042b093ac3ca4
SHA256 a4658e257cd9b7c17301efa73ef9d9d66c9561ceffdbc92fb5e5b64454b87f96
SHA512 e7c17425d5a6954710393ec309e473db216db095072f64caa968b9a3e1943efa75160873c8d965ee1a36a7493816c11a59bc24c245014fb9f8e6b5d043c7455a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1478f174ce403c4978f25797888474c1
SHA1 bf4957441834da503321b018d628b083ea228aaa
SHA256 eb3f411ad5274e57de998ce015a768937d70f9e8da368f81095ad3071dbb0cc3
SHA512 000e9fd2c4e90cf0e32e02c80b578fe3d5f0058facbb7759bc34965f8d6330a0548a976bd5bfe41b53bf8047324910410558e5c1effc61865ca63ac7fd8834b1

C:\Users\Admin\AppData\Local\Temp\Roblox\http\77df496edf70a1389e5e37b9ac2e66fc

MD5 549d5baa6aca378dc9b13d75f597273b
SHA1 332b27fedba2c357bb26a672da53161a8bba9940
SHA256 93fb04e550ae786f03823954656a62743557b1f00de2848df90e44ed3b4ea188
SHA512 c9b69816ba575fd79706f4de6b2b4fb4afd66e7f7e6aaeec0a32684d5592ea6158ee9c05040a08733f63c7ce575b941c96bc3c452c8eafcfb9ea869739a00399

C:\Users\Admin\AppData\Local\Temp\Roblox\http\c26a1fb954d71303d656a1986c7186de

MD5 73f5ca774758f57c29df95e7646787dd
SHA1 9d4510e3cd917ab64e17b47792b6e9d3b4526952
SHA256 8fdc27df2ae86333c0275be4e25f3ca7ea7e78b020df1dbf6ffd7a2b085d7d77
SHA512 b2160159c6ed7acb681be30d390be46c3bb7669f5347b536b8341b758506ae14e852be7b8bf3df2df41999cf11bcb482f4001cff3a14896464e6762e760384c4

C:\Users\Admin\AppData\Local\Temp\Roblox\http\8f3f01e20d650f3f69a04402c167cf37

MD5 57d5b944f819a150ec24a0e56bd9dcaa
SHA1 786cd6f3c764376823039606c7adf3341afd222b
SHA256 9ddf74a1f875b2a4fb4e98a8137dcaf127e77abc30d86f2b9397b35735e6ea25
SHA512 aeb60dd88335e36b8ac28677bcbd8d3087067d882c1a406b11fbf554bf5c52addf5916bc4e15ff31c5454a2a49a22f973a37831d9c0c9e817573efd83c9b7f8a

C:\Users\Admin\AppData\Local\Temp\Roblox\http\66dddf2a734a4efbc883a85eafc1b90b

MD5 36d8d4700055f9b24cc3b47fd305ae0f
SHA1 04712338538712300bfd8983403bb555c628628e
SHA256 8421c33d999c6214a4f21df84518b83fa563d4a9b0a889bde888afba72046231
SHA512 948359b49eb78f06ba4f086d433e2f71d940d4d593b013fdaf43223946034eefce8999bb3faa72527de0a74665e30f61fdf25d85650b728102d4a45e5b7e7ad1

C:\Users\Admin\AppData\Local\Temp\Roblox\http\720f83cb75ec958d0454d2681d140b01

MD5 283a3dffdcae5ca362b39513609877a0
SHA1 0f7caac8906ce10530dfd2602b299855fd1aeb16
SHA256 e97545156ff15e14934b366d39dfb9cf1daa8d7953d814ad5b26fa4fefdc909e
SHA512 9a64309b3d7d1111729eec356f567eaad119715bdf35b4b0009ab6c539717cbb56835109238386b950d234660d1c6fc744fb0ff2c2ac1d834f18ccf8c3bd3a77

C:\Users\Admin\AppData\Local\Temp\Roblox\http\0f10b6865c21c904e29f52a54a31f37a

MD5 38b25c1089062288a7a9a8876138e465
SHA1 d7dc1955cdabe9a50ef4f6b345c9012e3efeb56c
SHA256 e39aceee4952e730f1a101894520b046ff21156ebc79c0f8e070e87af20fdd29
SHA512 198469bc9aa03de2c29b322cee7714a67b1b421a8fb0b6ade7148f54fb5ea0a37f6afe5e80f052f41815174363ca2b2dc8395534c624f0f87d2f7a0e9d773dd5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\5d34a1f5416fdc978c6e0c7edc7d67a2

MD5 c76ac26f80988d0fcf03874d625b86af
SHA1 b04a5e95018f8eca571daa4077e66626b9ba0de6
SHA256 3dca66141315cdee30f7604013deab2fcc1dd74af93f9630fb700b7606f531ab
SHA512 23ba1357212eb135ad87fcbb81bf73fcf2e189da34f08ca1cccd40d763a856e9ca8ce5514af395caeefca2b0dd3a6fe3b8d43e060c5baf5139fb357fedb90a59

C:\Users\Admin\AppData\Local\Temp\Roblox\http\ceea000e430b7c9714bd62a61ef5eb0d

MD5 e6bf3b994b7bd85aa47c17406d367d2b
SHA1 b18be2803acd9576aaa72bb19116b09680f0cbd0
SHA256 92638ea5cef2b20242923fd21757df86c8c434ff12243d480250364b8480f2fa
SHA512 3e207bfe1b30c981fb533971769a4051c0c87ffbfcabc012606ec939c5b66f2bf59cefeb85c2b903856d6396584b2c96472965c11d90d6a1ac9f59b29cf3d664

C:\Users\Admin\AppData\Local\Temp\Roblox\http\102bf581734d85dde3587fd50f490091

MD5 fa3f0b17c6256ce6f5e63be483b0ac9f
SHA1 173a417e1da31d1416e1811e81b1910974ec917a
SHA256 3e7eb7f5ea678e81557df95a5f8a6cac67886bf08e87598cb2cb1d637656a6dd
SHA512 b683db9353b29e43e0294f47783a87f9129cbf40b539e03e146ea34cd5596a8c3ad6c7f3160a62b72d3bc03cc2bd0a9e58b24519b832b55a75399a2e424dd61d

C:\Users\Admin\AppData\Local\Temp\Roblox\http\a1aac6bdbb2642f3f23fbed64d042c3f

MD5 2c65a49f36fbe81aed88d7626a0112e3
SHA1 832fc429cd021f288f5ef9531e7dad6c9c6507fc
SHA256 eb8f138e67962a5c7db64722b78454da2e3c3d656ec8d72c9bec566f10a942de
SHA512 4fe7c7a7e439f6b43bc13af9291994ff913fa65ab1d77f162c97b18ae505b1c46ffb2c9236b7c9010580b095526a58204bf182aa5d476e3d0a006b2ca450d181

C:\Users\Admin\AppData\Local\Temp\Roblox\http\0cbacc9a3c6aa07deb13db83f658936d

MD5 e3690a37568ee9fe7f191a17a47e2146
SHA1 476c939e0ca065001820946509e36ac2842fb1fa
SHA256 b8da756d34febd98745815e7ee643c49dfdf1adeece7fbdeda22487c06472f28
SHA512 c7b777cb3616fbe210b58c1e2395ffb378ffb36c2fed3af8c634e7d39667b9b433386d1a284f936a1d4e10e76c7a678e97216fe801cf95a0fc3fb313fc4514a3

C:\Users\Admin\AppData\Local\Temp\Roblox\http\c53416998a218bbaf03f4875fed8f962

MD5 161f70779b52fe8cc990043fc1d38682
SHA1 2caa927bbdf5f67fb2d4c9ebba6a0308d8f46c53
SHA256 a0ddd1e9d9fb123e15629f1059de0c121cb8858f2534918d5463636b45aa7e1c
SHA512 ce78bb57332491bf52bced15af8e2794bc34cca0d665959ff63d8aa266d85be6458652a9d3929116b1ba53a9ea20372a39a947e74ccee002e6088371f5a4814f

C:\Users\Admin\AppData\Local\Temp\Roblox\http\3acc8af1251b7ed321f9b36da661d9ed

MD5 808cb55c51b6fc55fa6cdb17892dc876
SHA1 4487b86a3a42ff05e109800b1827c100390245c0
SHA256 eed0725bdeac66a2e53e7daaa033f06c360314d751df70176a0af3f23eb08c7d
SHA512 0d2e6534792e7d417a6fa8403f22397f406352a38bfe1019d87e0308d041b3e69d7defae77e2bf6b87adb3b7d59718efea7d5fad340847c681eeb293beb0f24e

C:\Users\Admin\AppData\Local\Temp\Roblox\http\95d98e1cfee595f720d12856399cbd72

MD5 39be6457e3ff988375205765c4660895
SHA1 8e946b84ba320df9c28aaa6e759e24719ec38aba
SHA256 1194e8aa1e2ff45887bca03f3ddee55de61436c660e162ae343ee64e7d146da1
SHA512 80f75601d5887291d0f2884945dd2ca197090431fb30dab6e6ee9ef601076950922a75f23a577dc58824a8ea7f57c48c1a742cdbc13a28215bead6b2b0b47033

C:\Users\Admin\AppData\Local\Temp\Roblox\http\a9cc46002a4af86d3ea38943fb0ceaa6

MD5 954fee2cdb85a19010953a2e94be0669
SHA1 9cfc174656d1344512118b5f437ef767eccf49ca
SHA256 ec8f7150c89fcbd628a533ee54542f431c3835cf93d43691895cf8cd3831e183
SHA512 ae4a50efbeea009f66323f29135ac5593bf58dd046ea7301d7cc8e43234763d6f75dd9e1d93b01b8e09b824280a849aa82e40194723db38024a455158e7e86ce

C:\Users\Admin\AppData\Local\Temp\Roblox\http\228f383d708e8556dd5a633706f5172c

MD5 fe7d917b2e5d524e0419fe17a77c3d41
SHA1 3617c58767a99567d29b2fd0326111dff44bd0b7
SHA256 b908f62d8c94f9ef1ea454c7fbe6a1f2ae71480864fdd28dde13b6a95d0fb7d6
SHA512 647c23ac035ea50a3329ee8271d330b3bc34d2ee9df485b3509d601b203cf6a7cb344c882f8e61b21ddbd1812e1bcd40c71cbff07725410a9912f72a54952661

C:\Users\Admin\AppData\Local\Temp\Roblox\http\d97695587f3d51b2a716d9775b82477b

MD5 1ce5826e55fb1b8fde85ae58ebac4b99
SHA1 84f1bed8443a656264f83a6b3ee2452ed328e81e
SHA256 b2991befd92dd77836900cd1ae85b2c426d9796009965bf16e243aa665a06f25
SHA512 86a7f84143fc3b03e0308e04e748f5181570df6b7609f56357c9e32d57e2c47e5f5a25a897b3dd717dd614d8cc97f1f74af1a4c0254ab5295492559abfa65d45

C:\Users\Admin\AppData\Local\Temp\Roblox\http\f47a9d5415245dd05d023078d1d460f1

MD5 a33b1a5b82d26125efab352c2d167a7e
SHA1 0460ab7b59691e0f18d93a5c5750bc057a177bf0
SHA256 c9b5a3b2ad180ab625c044b8da07678221c9300654139c3d3040dfd1fb43fd21
SHA512 3b1fa3b952438592718d46df3f1a84f4183384092ac05cab882df00df393e0a7e1041475c90f127a21f9a981460f125802351c006d524073b976e84306b05394

C:\Users\Admin\AppData\Local\Roblox\5868157057\InstalledPlugins\0\settings.json

MD5 a124ac9f9f82ce9bfa4465e75bfad473
SHA1 465ee8d621bdb73b9987dbe479b976e1cef6917b
SHA256 97c10ff6f86f63a5fe2097b8592321a600ee8415cd1822e441c0ff138139261e
SHA512 2e5205b90c7de76a8ff73163520fc36db7ced0f891209e6f2223ec5419b0a08b0aaf866d9f57ccc7f99a1209d9b94567f840374387282090f54b33f35fe367fa

C:\Users\Admin\AppData\Local\Temp\Roblox\http\ebf23c45762d6add5c9d1c8377240f00

MD5 7a7b02029fb88d1fce1162fc174bc94c
SHA1 34d009c9b10ee73e94a37c026031c5465ce84e20
SHA256 9b1792cfa537316e12514d5271013d94b24b0ae8ee1f4529b2bb8986ed4ad16a
SHA512 3b9f619a6581036d681fcbfdbd1396e901735b73fb2c8d7514bdd52ba3f566fedd7e7d88c11d97e8204972ad812fbd1a82a469ca6ec8d99565d5289e82514442

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8397aacd7d671d809826b22d41cb944d
SHA1 5dc1ee6eba157eb9e40ce12166c7d78d0fb6b45b
SHA256 670efe21dc9cec00a642848378e8fda311485c48eb1d1d177c9e60177d83f500
SHA512 c2598acfe112cdb965f8ced78a9d2e9d54b091a01bbe5fc246fe4680588ff9c269bd24ae9081a3f7ff22db5450c7f49f31e5e11162a1c0acca1d7029fa00a0a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cb07179b070bd4ff4e29fee7e417fd8f
SHA1 eefa3e38db3d2b2813ea8ce098c32360e327667a
SHA256 bb1ff38f3bf18ad257a641785d18e9906d6e10de881152eb3d583e6a0faba948
SHA512 f2a65c27271453382ab874cdd1058247720cee9da81a6e3da7be013bfaf7f0926492d6d79f4cb3aa154168591810def2f8f6c77382c381043e550bb80298e4a1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 293697213bff786654d3d49cb666eb95
SHA1 60243dcd1a9173184891d0374794aebc92de4bc3
SHA256 bc36e63fcdd3564413f4d16ad2ab950768e1a7022fa722e75a878c46ece6702e
SHA512 9c6c7ef864b30ac6271198622a03f0497bf2fffcbfb2e969afc76b5f19b68623fe2deb52cad4440c01aa6ce2906e0ddeb847f7f820b59fe3e8509cfb4098be27

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 61cf6c18407e00070ce9342ef199b0b9
SHA1 ea82e50fa0805d5e51585277f687a0802e8c38c2
SHA256 26c029e8d518947103d79fd0fb5cd30382f48764d939988a83a2499d50d5d523
SHA512 1511f40bbb42b136e8e304c09625e5bf56590a6fa68dfc6e27a707d1b690123b404fa27d692329e3bb0c2bd5deba7b985d958d4b8942ea493f3347dde286aa0b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 34f3aebdddc9cabbb30c34012c2710c2
SHA1 19226fb349cecd7b1836f733db71ed5c4b73b4e9
SHA256 4109f94298b54a3bdb3f2d006d3786678c10004ab22c579c2218c74a8ffa99ee
SHA512 990e2e0a2e87336fd3cca1b73c3e53b201828c2ed065deef94f90aa39e1d2503c097fd99216238886950ed6fbb759bebd9ada8ea1b832b43bc45203e8761b2e7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c35e5ab617dac836564c094a6328b8db
SHA1 b349a5f254e7e0fc1943e6a82a7fb29beba87693
SHA256 e841f69a5d4c51b623bd414c5c4decbec69a507bb976fc6a78a617730dc3c84d
SHA512 6ff04bf49a5d08ff90e93c43255a82b3f75b90216636abc6deb223909f45a433bac82e751e317e65f26a1e614fc8a5a1f394ab309d794ece3f02d247b2a0d2d0

C:\Users\Admin\AppData\Local\Temp\{FADA07ED-A2F8-4C5D-A32F-7B337AB5CC9E}-MicrosoftEdgeUpdateSetup_X86_1.3.187.39.exe

MD5 1f744e1c802560affe8b308640b6ab67
SHA1 bbfecefdf891c11d573760d4dabdf86091463421
SHA256 fa7d8a8cae60ab620d2aa887de62039d2647e4f5c1c649d75f0f52e14ec11a99
SHA512 780440aa518397e52bb429b5a8e7697bf0096db0fe343cd40a541b60f34ad4976ef7fc2204737d296a8c1fbed2951496503dc50158d6455617c67483f87f3015

C:\Users\Admin\AppData\Local\Roblox\5868157057\InstalledPlugins\6963317097\17509267544\Plugin.rbxm

MD5 fe4b853d8b5c8abee688705094c1ce4c
SHA1 5946974cbda00d0897572b3964fc7aae6012834e
SHA256 3115d650704363a6f3257ac287a6488a620e0102e0e68322ddd9eedf50110f05
SHA512 8a6b22073b1917d5fc60a3a262f196a6c864afb0b1c15bdfef95c0504a6b307fb9311a8a816bdaf073d2aa01ee83317a3314ffb8ae609c66c5184c33813768b4

C:\Users\Admin\AppData\Local\Temp\Roblox\http\3d98b47fa16f2c1ce288045a3ce99466

MD5 01b11def5de7f423f1e3e0e6c0b25672
SHA1 083e8a810e13d0751faa840e40cf5cf0db17bf66
SHA256 1d8672d507d66158df466c213cf4d6b4de127622059d2b78a3a537e949403a0f
SHA512 a3d4b79b26cd081d983ad2312913ec5f14360425e61741345ef1078db26e926324545a2509712a8e80690e2998556c4680a1c67e13df10323129421a8ada7a2d

C:\Users\Admin\AppData\Local\Temp\Roblox\http\eb979393184ee611a626f558e7a1c257

MD5 37799a5917de150a3ecbe4907d22859d
SHA1 717f925497ccf94ca29a5976dbc63295e98108ca
SHA256 fed0a3bdcffe8b1693ff4b4026c7c5a897797147c97c3ece73fa02cb5d59378e
SHA512 818b4da2486a26e37d9ee08966361280831db202c8bf65dd1625ff7a8ae1b82629934b87614ace43870e0250c87f4e4af2aa95e20168c3fe7645933dd96eca3c

C:\Users\Admin\AppData\Local\Temp\Roblox\http\c264a57aadab3dfcdaebbe146021e18b

MD5 fabdeab26eb27b8be390ee0d71559b25
SHA1 0bad11090445b7235f9b79fa31546f4e330141b9
SHA256 142345bff7986ec02f6ab9860418c25155382d615261e7bb1994eb17f5f6fd57
SHA512 c911cdc33e96eff419d7f47eca3fa8a08501d05da513db57a42137931917a5854a91d15df89994a5a90cc83b637e0c145bca12ff98fb1dda221978db8550b49f

C:\Users\Admin\AppData\Local\Temp\Roblox\http\14f71a9a6b0683020c7dd6809dc74532

MD5 6e290823c054cfea6911a028759716ec
SHA1 dd2d128bad8de4bcb8df6b7dc6150da3c98b4d16
SHA256 378ce3d78d3e53ae9a29ee877d8b3800176fbb1a56540f95be71604c7266728f
SHA512 0193d729d03c1d57d0335bd0ec26a51f52573a7919bf51a2914995b1a2c86c249c3b91c85cd44b034b4aa2c0836035eca7567b99400da3d5efb6adb7892cc268

C:\Users\Admin\AppData\Local\Temp\Roblox\http\26fc3c9b281eea6517d75c014ecb39cf

MD5 9e82347863246931e6b424ca0fabf432
SHA1 ff566c4f997fe7cb25b768f2074bf8c4deedfb86
SHA256 2551d682f111489e5a67cdd6f5f45d75955a0180d5182a33d8ab9a5f5a4a944e
SHA512 f2cd455c2f7664b8568892d45234993072a3c46c15ada0075d4a923425416c34d7acf551b1cce5a7330bff2c43a0813b0dd6a73595f58e8b1274fdf5fa4c34a4

C:\Users\Admin\AppData\Local\Temp\Roblox\http\19667f23eb63ee866d1f21c766f8d771

MD5 ac28f3a5de243fe643caa5acde34839a
SHA1 1a8442740f0b24949340dbd2126a4609ab4950c9
SHA256 1d7fdb0101be387304cb7b405c54183cfbdccfcbb0b388398a24a3423d0709df
SHA512 f4c4e7ebe546b8a8aee3b1cbd90e568106cc779acf6e5775b4c286a2c2fb2668aaf6741db0b46b78862dfacd9a17f0b0a5257d80c129d7453d56c7d32de2fdb7

C:\Users\Admin\AppData\Local\Temp\Roblox\http\3bdad4d24da443a16cf9181d5a15df51

MD5 7d749cb3ebefa0502301528f8f57f769
SHA1 e364cb59693b12d6eb53c58749fe06c102856bd6
SHA256 47e9fb01aa55f01ec49920cb18868e48886807e40a3b3200d69ca72fce4762d1
SHA512 722fb2c1d4e9a9c4a3ca6f4b0c3d915859b437b1cf44ca5c1a1f6b36e57b25c0dd14d06705cc280340a12727662671259bd28b533700c0861b3883f5a9c14525

C:\Users\Admin\AppData\Local\Temp\Roblox\http\f70b912552093e7b290b3bf9258612b4

MD5 933c14a3fd3ddf5363bd8c17c3287701
SHA1 c610f1c34ff1509897c83ef86035cc45491ece3a
SHA256 48645d3b40d86f5d8d5fae5a3246a48a7a7032c3e85cdc0a8e0ec3b96091d3e9
SHA512 bd8b87e56196fd63b6628f0d4825caa6136c7d316b89a7ca85bd3c51d42e7ea8e0b18f563704f024f12567b12ae6294fa5b313175aa1dbef11e758fc7a40415a

C:\Users\Admin\AppData\Local\Temp\Roblox\http\4f81d51cc739e48584c254d16d348af4

MD5 b65856b94950f8556b40c13449ab3093
SHA1 71902a51e74a25527dfbda40c8510ec760d08b8a
SHA256 c319dc5bf6532ad9342cddf055daec35de8c2bc49fe354187744a25450a7eb3c
SHA512 49429e835a32b720a57ddb35bbe5c64d9d23b396912516dd3d6d38c34fe450a06ed679981ed299a7e7aa26d825e3a927d2f15c8b6ea51b4a3c2450335df410d0

C:\Users\Admin\AppData\Local\Temp\Roblox\http\32f549e0d0881fad13ba2dac6703e862

MD5 f8a3007c3673a84ba2287c9da1d7ed70
SHA1 33e6d63fcb47b33ae3084ee29862fa9a07fbacc5
SHA256 b0ce5d9f6695f5f6e607f29d058f857bc20b80fe8f6b7454198a804c73306393
SHA512 78d92eaaaa7b5e490f53581e100fcf51ea982c9b2216caf7d4374f70314a1210797c6a6fe910151c4494c2603c0201d615e40d6a666e642e308b6eeff42c65dc

C:\Users\Admin\AppData\Local\Temp\Roblox\http\f235271f27c6d32f0ced0e92dc895d7a

MD5 14d84efcde33eee11fa83cff389852ad
SHA1 323b015e02ad1ed8e40285e92c14a471faab113f
SHA256 bf46a4e4d6ea2a0092e826b3a5a29e288d2e4f98ee912816523b0ef4c27b0134
SHA512 dc2f03024fa93ad174c290e4091071c4190e8b7dc593a70d870bcd8efe672a1b7c5367902c32d0d7a335ffe07fc804f9f11d9ebb53d38d065f6d9ebdcd6e2877

C:\Users\Admin\AppData\Local\Temp\Roblox\http\7f0b05faa1f62c09f138894a69484bd6

MD5 3aed78d1f11463c573eef82177ea4eb5
SHA1 8413546ce4173586cc3c527010072ecddf0f3759
SHA256 0defae2206bd172618ed8f5abe4bf960df619d7e3983da4d429edfbda058b492
SHA512 ae19a01e8347bcb1492db7c82d2e301a7a9cf2d049a17fd4628970c881ac4e9f4407b0aa1e259a33e985068e004690989382a7fcead992d45118741209255f06

C:\Users\Admin\AppData\Local\Temp\Roblox\http\a807ee778648df766d3571a7c8904de4

MD5 7fb8c13426babb3a991a83511a228079
SHA1 4e38fbb2a2788edfae61d10688c3175c540b7031
SHA256 66f5f06a72c4e250275915e349af59a3ec5ea50b7e09090ca7893220258300bc
SHA512 fba46c89d041281cd9e629dc725dd5e4f3d000f9de39b3c3c521a08d38646abb0051d8c5b9b13d145ae509ddc94ef0e1fd5a2e1b80d411f63691238ae5bda632

C:\Users\Admin\AppData\Local\Temp\Roblox\http\7e983174527d066f342cbd5253370641

MD5 abf7dfa816289c944e9d019195c857da
SHA1 845b96141f770af5eff4b1b53e8e8ef71e18cbd6
SHA256 22c64d598bf68fd003caf89d2be1417dee940c3a607da66393b43d52be083730
SHA512 cde23ee869f8ba74b8888b551f97d611d4b8dd97ccd0a485f4489e0d3f24359c883a8fb26be9d305fa129d1f783bfe881c71a8635e9994da670f7565861b2936

C:\Users\Admin\AppData\Local\Temp\Roblox\http\1f98867489bc6360951b208738ad6447

MD5 c9d7a5449c2416cea3dc4b8697273ad2
SHA1 452f66798b4f15ae1c77aa6c20247d202fc09fa1
SHA256 2b94005f0e346190d6ba38deb3763858acbdae197a6a200f0c7c1220f5f5644a
SHA512 dd637977954052362cf59ab76b8d707243d519398fc51e188ebbd882d4b82abd3cb18f80d0faced0fcd37d06373748ebe493faa0b45b12d41f0af1700c6ece89

C:\Users\Admin\AppData\Local\Temp\Roblox\http\62df5184ae1f060c81401754ada047ae

MD5 80696c7595540638b24e76d1557af8ba
SHA1 8d58e475d0a3c629e5e4781eac657faf6d9ca22b
SHA256 7bbb75c1d5624f35dbfc6f31ef170d3aeb92d1058ddc0784ad3f3b560412378e
SHA512 951013b48cdf1d5d071f161e100359022c300c41d9d32c5f96bea7613d94cc45fa609f7a9187214333611fefd0376bcb401d77ed9cde07ba4a5cb0211ef16d95

C:\Users\Admin\AppData\Local\Temp\Roblox\http\6513a3dc2c6dd7f5eec3028c11586d24

MD5 faeb085f5637b32b39458c89ff68538b
SHA1 f057e675c657f1980508cd245204b75775627957
SHA256 2ba539509be43398449dd5073d34c4e5eee06bbd03adabaa5310acd8730539e2
SHA512 36ca1e996d186a41a5623401b14559d9baa7ad32069e18d045aa03b475029428f1d49870191b4a676d1042bd9b0a0be9146d08dfdf2eee5e5cf2c78e3ba038fc

C:\Users\Admin\AppData\Local\Temp\Roblox\http\fcf6edc6daa9beb8408435b9fb5750a8

MD5 927431ddef2ef4974d38fa57a3892683
SHA1 f20fe6a7c36f07d1add4523f1b27f4d349889f53
SHA256 9919af53241273077511c550a1290042f11583113c0b6b2914797eb335aa7dc4
SHA512 4f3add7576b689c7dc88b3cc36d6512ab1cb7bc46d2476f7959153be1d349257299a13f446a262867f4d50f28c7b9d2dab6675325a4ed17abc344f87336e055e

C:\Users\Admin\AppData\Local\Temp\Roblox\http\342207013c48fa95cb9a1b6ceebce77d

MD5 c2f681444dd524a0313899c73063386a
SHA1 7a4fc8221e5cd1e313ed40f8eba550179b8e70dc
SHA256 fb498fa3b0da022da1223d127ce4ffaf247340a3462a1573f07b545e35657078
SHA512 d28003b7dfc4964bf2379b70e61a0aabc33cd8302081da44c76a8931e0bc2aaa0d0dacdbd78ef24c22a3bead0e2275006e7a4c88fd429d8d29782bdc47abfe5b

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e2e86c8c6c7dce76fa269cba60c8040f

MD5 d1e44be596290997cd26fe1feec50cbf
SHA1 745c45f80e039e97a60e639efe9b60e63039b91c
SHA256 4dae9e7ea6319a043e95f13f9572dc2945e60e3ab6a3c6652b0ecb198448dcd6
SHA512 3b0d7dfd952142f197abb17ef1d1b0949ee336d380ff3ce7c6d5c717edae6c2d00b338865e1711a95cc55a7410e49dad7d3acfd05191561644d5342d7683136b

C:\Users\Admin\AppData\Local\Temp\Roblox\http\440bcb762a22e49ca4c7c6fec2b1eecd

MD5 06ccd73a943d3548bb6a7ad4c15f662a
SHA1 d6106707b71461a099ab7bce4bbd66191b938366
SHA256 7aad0a8789b6cff666eaf202435ae5a1802b67836d8cd116ac255c03f91e17be
SHA512 a60ebe45bc07db4d1a5801ce55b501f1c8d605e480ffc201c9fbc97598a607eac0d8cd944c3dd801e4fff88d082313dfaa96f5c1737acf165ce7dafec452426b

C:\Users\Admin\AppData\Local\Temp\Roblox\http\f4b59b712342970d8029e3abfddf1523

MD5 0b3543da5ed78b2fb45f4aa229038d3e
SHA1 004c841a85e7a467d1e481775c6f278acedd9cbe
SHA256 a533c17340d0b4006cba8d579114435556019c0a8325c1fe01ca00d5f248102e
SHA512 41f647a654e41fd2d113f50e251f2d030595203987609e3b8f259066aab85d8f487c4c5700a27fa31309097a140543cd050092a897bf5ddd4e55ed37feac3b2e

C:\Users\Admin\AppData\Local\Temp\Roblox\http\3ad02fdca06d8652544ed34b83390732

MD5 a9b5a4b015cf9eb95071e79e966f9fa0
SHA1 a1d05b52cf8576d22d81087eed2bee887b97399e
SHA256 38b8774e1ff78cc5b90feab620acce79ff2e5703bd8a8a41e84ef4c50a9b80b1
SHA512 3059f5d55440a74c96f919e8db7e6adc1ce8c1dd1ac425bcb8d86dcc6d8af2c075eaa134e548519fa034cb8c0ac1fb399f9d66e75daad8891976deb2ab6eea49

C:\Users\Admin\AppData\Local\Temp\Roblox\http\1b3a9ad8a8b17c8a3504f2a1f794fe34

MD5 044dc955ec5f40bb0302efe97ba485c2
SHA1 b60956c032d0f5c2f3c11760e0b1d3d938039e66
SHA256 14833c4961c4b08f0cca5bc40e93dd2a1469df5b6e2fae53ce551ea787c67657
SHA512 4c3f46750f376820f90a93a6778cfe607968d43abe9821c35414225808618a0ea7524cf5ef355ecd086d53b7fad7a735fcae656ecf9cc4f2ff8b9642239fc4f5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\c2f029617fcada6f55fc51db2408130b

MD5 93854b9b0edcbd12b6b0da3e75ba8eed
SHA1 3d0a999f1093ba9aa763ed4bd40bd92abb8fdeef
SHA256 dc7382a3bd5a4f56cbdaeb877988a80a7681317291c40f752c1c1532a617b5e6
SHA512 70e52d5b518eabb582310d046970079a504b85658e2e1e0f9cb4f13e44893b1c2aa643b02600acf0040b6ee9e60413673cacd69d9fe3237c9cf497d7414f80e7

C:\Users\Admin\AppData\Local\Temp\Roblox\http\9d832c96a654de99475609b25d593c69

MD5 ec5ded319150e95fb788a914f4765d47
SHA1 889086465857ed81af2c8d00c350ea967537e06f
SHA256 54f475d73cc6524dfd2f020491b20b2e7b14cfe2550b6480b03d5ad697ca1f96
SHA512 a1f0639bed3b6578a1cccf00faaf28117179939d50d166de984161d7c5cdda3041eeac953d0ee51e2a8bd7c89ac1875c37350485d89720df8c1d9f1858041cae

C:\Users\Admin\AppData\Local\Temp\Roblox\http\717d70c8a0bb6a97c373cbdaceabf9da

MD5 3455364b72d42d2a33fa88491ac1bb1a
SHA1 91f60fe2f5ce9ff73120374782fd2e5ed47bb335
SHA256 2c40b304aa11aa8596fd92652fb020f7d1ff00d5f58566bfeab6a994fd7874ab
SHA512 3e782c9c5e51e99cf4196ea1a6913147b9e1988d45426fcdf9b2333869c03146996b42b660f22a39998e27ad870ba8ee20afaf16a3b1c5172da4a41d83c320b9

C:\Users\Admin\AppData\Local\Temp\Roblox\http\561082bbf91c7be9f9bc41c4bdbbd673

MD5 920c27ba2e394fe983c8addd7ad1d0b6
SHA1 f75300d361f5efe9a8cff8ef9b1e93aa28f2329d
SHA256 92e6e15c419ae36911812ea6924557c81facee61b266378c3e368adac7be772e
SHA512 c1ca7d708a473697fd495d05cb3b2fd6088aa7b6414154efb531e1a001d90ed6e9beb59adf44e9460189f247a35c52837dbb4204473a8da699f583c359f8e071

C:\Users\Admin\AppData\Local\Temp\Roblox\http\68f4d9224b2a3aae5d16d878af6029ce

MD5 782abbe2630c8271f0f4cdec9f1f6737
SHA1 6d7a6350eb6fadec61da09c43ebe11cbc8753a30
SHA256 ac70a287096de86a3f271a5c47e8e2425958184decb300f64d42e25ac2b27e89
SHA512 e1ff24e27cd243fc9a864909ff06de23dfebe0ec7d33a0d1952b5ad506dff97dc8837783c21a56dcfa0544b936c2f7474fa2c7d1d21dca18f53348b4d32336ef

C:\Users\Admin\AppData\Local\Temp\Roblox\http\89312e5dcf4179aee2640b253db4887c

MD5 b7d3d8f587ce47b28d14d8f7c3b264e3
SHA1 6e82f44e263aeeb59686c681ebc8418ae23d77c6
SHA256 6b7a150c8c8bb76c35911a3d1e1489ddbaa8978de26cf8b475849b9891da7e01
SHA512 10758d02d69b9860f24414cb27bbba5b84bb5fb6b5074006892602c9806929b59f94af29fca9f1344fee753b865c1c9cf6b708c07a46b165928b5cabd29bc3ca

C:\Users\Admin\AppData\Local\Temp\Roblox\http\2fd5b95ccb896323a6c877d623ba6a4b

MD5 8fdfc24c207db17312385b6a553c93cf
SHA1 ac3952a2f0e293e67edad48965a796612f391ad4
SHA256 9632107910f4abffe021366b74c4980ba5d7cc5a855560f8ec675f2e62fdcd8f
SHA512 567908b0ca9614650e1bf0d959264d3dd7c5a2888c374c0804d87a3ebcd1b1a274db49dcbc37cafc653b27cc0bc405f55f5c66408244942545e843624cf18dd2

C:\Users\Admin\AppData\Local\Temp\Roblox\http\87051b50ff747e8c55aa54f3894e85c4

MD5 947fbf9d20fd9b4eb167a2ce28a1cd47
SHA1 a593d80ad91dca300f93986ce9709432645b9687
SHA256 5019ce111dec5458d4a84560d3f31e494737426de9b1f77cc70611f71c3bf467
SHA512 e8802cbf905497be08727024e60e3540184f8ff431537d1e02e87840fd6e95125ee4f916ff2c020d59179452cbd312a400a9387bf7db0cc1dce1c2c89261948c

C:\Users\Admin\AppData\Local\Temp\Roblox\http\a25d8e41a6fb03b5e98bbec38dcff01f

MD5 f7247c5d7d54f314f8c207fb2fc44b1f
SHA1 637a11985dd6f18c96837e54674348512acb162d
SHA256 0baa6a0762650e1d71cbb6726776f39b581917a1aa49cde407cb1e8cabb16cef
SHA512 253d26a07bd5b64048d9a89a3ec723ae46a9169361e1ec3efe8a302366ddf513bf43edab63eafb0707354f1427b2bda89ce245839cfa857fd5a51a6f45ef20a2

C:\Users\Admin\AppData\Local\Temp\Roblox\http\b67ab46b586b3012af07d37f51d11582

MD5 d7672b636233fa56a33a3639763c00d4
SHA1 448182f9a9af2e9bc05ffa0c24e9c7e6b182d039
SHA256 a14ebc9dc017a8c5af34004e76f6c76bbc8ad547b642062b6d1c79540e3e9d06
SHA512 2f727045a22ae14c759608b8a8e5a774b58898b947d5f6485121bd7f26a14795ee2a48442e4e32c5bc8577cf331a7e13f8fe2e8a14e37c3636a6b9faabc19e60

C:\Users\Admin\AppData\Local\Temp\Roblox\http\4897d7279d69d566e358fa616825eace

MD5 6525400e97004e778409bd457741a5a3
SHA1 dcb9f40c5ec195f12411f297cba86a377edf061f
SHA256 383190134b5c375326909e6a12dcf0ef469402f754686a9d0249afcc9e575fef
SHA512 21e46ad6d8a448e3c22c24d0e78182479bf3e369d873fe29ce9897a2d754a0e29d43b9bc3cb3b6cc2fe300e3bcd387deb6744926fe0c9fc4c13019cecdcbe7c5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\20219f10437672c6ce774c88e971f965

MD5 7551ed24ee58d02e10120cfeaadbc239
SHA1 650a48ee1c55c6c615df3841744f061ff48d263b
SHA256 e42417d0d435488ee36eefea5e5e182a1468b5b370ca9ff6627b9367b9374efa
SHA512 73b254a3bca52129633d6c96e1213fc4365b6b712b3a1e2b99dc158a516442f346a2a1153cf4734e69fa5de78943cc9b2538ee2ea0d7810bbe3c93bef9b5510c

C:\Users\Admin\AppData\Local\Temp\Roblox\http\7ad308ae630099ec35a07aca755e550a

MD5 34b230e9645b5b5cfc57dff36b382521
SHA1 3e89693a5446e59942e362ec3a6045e3d73c270e
SHA256 e96270e4beccbb8d0f5b53e550ea41d677e7ca2affcce0f80473bf9ff372628d
SHA512 9c48f7ed57bf4e98f64972161f0c2effb3cf780c5f3a95e7e7ca698df4160a41da49c10a406a999f1884aca44eef5ae5a36d8da5bdcbe5c1e2e7ca4f68d9a38c

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e754c5a7690200d756ee57d436f547f9

MD5 94fafdf0722aaae9e49c0b0b10ce1f0a
SHA1 8c120e9281f312b4b044e8d05ccaf5d6cce46dd4
SHA256 675269c990d3a4a8788c14976e51e4d2a4ae7cf8ed62ce0b8cdb3b65a7678094
SHA512 af9c47cdc59e93619c392bb6a17c6afb41a16daae45e62158a0a5140d61ade9517ae23c5cb130fefd696e57a487a10d4fff78e2e3eb9dbcfbe2f97eebddad0ad

C:\Users\Admin\AppData\Local\Temp\Roblox\http\85cf7c0f1044b3c2e96e348430bb4831

MD5 f11700f0ae144449148d51d04d8872c2
SHA1 91a4c1fe6398916bd4775840f71d63582be8619a
SHA256 e5f7c9f67dc2b5747dd4310a414c08fe7914b7da8ae68fdbe0e0c010fe7b50c4
SHA512 349f939a7666a911234c836a088fdac22c78222feb55cd219a36fa4694ce23e0105573a443e8737689d159b7be6aa12f1de6cd1d0306f917ee4b6ea251212854

C:\Users\Admin\AppData\Local\Roblox\Sandbox\17440835905\5868157057\drafts\{F057E8AB-1E73-45B9-9CED-A17D2C608354}.lua.tmp

MD5 880001285237822670ae747a965c31ef
SHA1 b958db2fc969b828606322779e25105c3f6c92f9
SHA256 5994240a051135dd7b19f22568217c900f24f2faa2c49467bf291b015a43f054
SHA512 1582d6f422ceb93ea69c96712a976712ce29c574da665ed13624e4868b71268c4c0ea733fbcdc5d0b21566327bedfa5324262e2a471f9f8fa4838b95c6ec35a0

C:\Users\Admin\Documents\ROBLOX\AutoSaves\Place_AutoRecovery_0_AutoRecovery_AJLlhT.rbxl

MD5 fab564810cfbc76244c09ebf2ecae5f7
SHA1 eff38482ec58747cda307f5b741daa3eb036e0c7
SHA256 5f1c3744fb5dbdb9256342c828fb4a98476a795a9b107885f728578d78f52e00
SHA512 20640b1dffd6ecd553962dd7bd1baee768b839fdf1e0f09b505a0864dc84e5c65e381a66daa3676a2cfaf77ef424eabeea8290dd61b77b4ed901882d5fc78b25

C:\Users\Admin\AppData\Local\Temp\Roblox\http\RBX29E6F6FB59954BC588BDA63B8F4EF913

MD5 b22d848a03f617284581938c74c1dd71
SHA1 d3f40d3a7d894e18bccf7a47ab9f41e6fcd1864e
SHA256 39b63ea4a59ce2ee74318960b5676208d1956447a6f72a9ca721711d750b25f8
SHA512 ebd1ad02736ab5eb5a934b7c200e7ea577ca13557e78441a17f888a06d67594aa354c776436c86d559cc1f8b2b57cd239258c86bdb126db70af0077969c37e17

C:\Users\Admin\AppData\Local\Temp\Roblox\http\086b414f7f02414d8d7df46858d24c94

MD5 57f55a223bff0dd98716aaee201b5c37
SHA1 375463eb6bdb2f2395863838e88c65f5ca701972
SHA256 478ea5537fadff8d2a374d7fef139274ae9b11b31cfef75527c58c54ed5f6ea0
SHA512 45c0710b95acf96ac83690aaf0599d38f90e5ec672bd1ee7743f8cfd00f90c16c09f8027894e5d6c4883ecb2f43a07409805a4f2a49b65bb6e0e5f69db5ae867

C:\Users\Admin\AppData\Local\Temp\Roblox\http\525c2c2ab32fa495480ab65027bba4e4

MD5 52781e8ec51e8d27afcf24dca089d142
SHA1 95425aebb51d37338dd940abd1ca74415c0b9afc
SHA256 aced62f47dfdd7959db9d99200e04e54abc8a8fa0d84923f4b35bfb68f84260c
SHA512 418e098495081c438b47cfcd1747b3ff4895dc38b943bda08f3ecd157eef8f6b376437205b9c200d9f31e8823c57fd1f530b88c898044b16a330d272c8a9b0af

C:\Users\Admin\AppData\Local\Temp\Roblox\http\640ab0e340dbb9f163ef2b2b77fc1799

MD5 ac2e6c86b2eb171bc78ac4a1237c67ec
SHA1 947def437c8e084be5ae4724627e9666ed75e0fc
SHA256 f9cc0d456084d32e8470b807aed32c1baef022d99a0589098c98e37b413bb40a
SHA512 102c53a3150c4772bc7fd317b16e31343a2f9cfd49b3f8bc501b063797743f74387c0bfc2c3302ddba58683befb7eab9e36b6ec9abba3829d8c8f0edb1e5ccc0

C:\Users\Admin\AppData\Local\Temp\Roblox\http\30a53e7d91730b31358134cd9e362012

MD5 6bdc90627a812b2ce4df93bef04b0d6c
SHA1 266baa5a8490fb8449847cec7c359026d080eb34
SHA256 77576b528716748002d46261c55ac6e21154e8e29e4447127cfacf6ea061ec9c
SHA512 ac59bb47296abce3863bade587108fa95e3f0885c5ea16eb2fd8f3203271e045efec8088e0373407d0d7c28fdb6baad99469a3a61989258576a133c0018e292e

C:\Users\Admin\AppData\Local\Temp\Roblox\http\3ad8869dcb7882edadbcea1ef5aaa2bb

MD5 99f8f7f7bfa5cb2f206fc3e6bdbe34f8
SHA1 4ba34b759565a4396c52cf4f5de457ce009b647a
SHA256 03b1608ab90d93976b3b3baaf76101b77074e75e11925a863c4f6b575a009887
SHA512 9b02541fdf8040df5352162648d906a64c10097d1340b2f35d994be2d82888ad9852b9e2db676ad0a535a7a46bae5d34a7cd84ae729ecd4e13841890cb585b9c

C:\Users\Admin\AppData\Local\Temp\Roblox\http\7de699762fce90d036e2586e7388ba0e

MD5 491dae58b32b63cc59113f7adadb063b
SHA1 9abe7a3e3592becf0e9c3ba3ef0979546ec5e0c1
SHA256 c41a2e09eb8d7ab82bf64729ddcbc98a4967a52ae69166e738988ee05f2e31d6
SHA512 8701bab150b2daf9597494ad21a0d4c3816138334178dc8f24cda9cdcf6b0158aaee6d4764cecd6d4103b6aa512b9063ac403499ca1baf81d65c648147d399a5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\22a87dc2fcc1d7f2d4eebec174141c11

MD5 2fe99dc646b8480a9de38d1b2378b84c
SHA1 ef65111f86e76ce91f3fcb6e6173f74fc0dfee75
SHA256 fc6ab4c49b18ca637dc302800068f86b5a959c4ac55d2e1cdf0d07be46178b70
SHA512 83fff5c97a3b4510585372bc27a7e15a154e868b1905c3e5b851ce2aec43cea723975c05331b5a6ebbff79284081ff50c2570f1fcde44109fbe76779f76eb339

C:\Users\Admin\AppData\Local\Temp\Roblox\http\a2f3fad0cecf63e774e8ef6cc9c97b4e

MD5 dbc4158e1e46362fed80d3fbbc8e9679
SHA1 7c4486aff76ec45c886e929da213c502a0924d68
SHA256 f8ecb74cbc82b3753622c8950cc704c906cd6951ceff2f059d171574bb223454
SHA512 05b4d437ab47817f4784b7d12ef8d1629fcfeefb7801a1bbb4a85e30c841a5fbe84c9cced5d6fa7c9e54c992aa096e672bcb57f6351a538d98e6b2a96ab31caa

C:\Users\Admin\AppData\Local\Temp\{0889E7E0-6677-4437-BCF3-C114CE88BACB}-BGAUpdate.exe

MD5 3f208f4e0dacb8661d7659d2a030f36e
SHA1 07fe69fd12637b63f6ae44e60fdf80e5e3e933ff
SHA256 d3c12e642d4b032e2592c2ba6e0ed703a7e43fb424b7c3ab5b2e51b53d1d433b
SHA512 6c8fce43d04dd7e7f5c8bf275ba01e24a76531e89cc02f4b2f23ab2086f7cf70f485c4240c5ea41bf61cb7ceee471df7e7bdc1b17dfdd54c22e4b02ff4e14740

C:\Users\Admin\AppData\Local\Temp\Roblox\http\a78c90757c59118911753b06f9ee3c02

MD5 6e3c066dd60145d0b036a0630ffb0c0e
SHA1 94ba87158d3847e2bd1a39ebe52d1b7eb23af007
SHA256 72fafa9d3f886bc199935da3ed2c6a7653c51741117396bab9a16368e023698c
SHA512 2d9fc9845a01075dfe1b07d5212ca7c34b2dab1735600ac991e0ec7fd0e97b54f4aa4c503cb08ac452dc647240343103d3fef4a94768f35223dd2cf8f224efb5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\1c35ce256eae624028c58d2b4f5f96eb

MD5 bac54b310f44b8bb662e576b2df799db
SHA1 7fb610124738f9394da9626f3016b627fe1964c7
SHA256 d776569fab3f732479213cd2ca390b46b6f8b193add604d6ccd1b8d3b30fb8f1
SHA512 571c95f756054c04cca34401de49ea553716f477111d6fcb1d77808b23a9b94f96da96bf44512900becaac4f0c3e17ab020725a978117d246965706b0de98338

C:\Users\Admin\AppData\Local\Temp\Roblox\http\97042d32acd53834e79fcc333e1c338a

MD5 f5642283c8f949dfe6a547bfe3a20e09
SHA1 633631e603e17fc35a1c5ceb115fdb83c14e9f11
SHA256 a5155e9cf2755b7c6014bc0a036a441afe618d58d85b5f315f44e685746f24c6
SHA512 c2520043b21a7c71ad8f5142c3419c713c140d43540b343155979e324024cfa835ce0e47b4ce3d2b4588cffcfdc563ad7d383139658de13ee22b446b44c08935

C:\Users\Admin\AppData\Local\Temp\Roblox\http\3ffe76dae518af4b3da2d3932edfb409

MD5 a50260d91fd87e2b6aae9c19ad1263e7
SHA1 7eda73a893746a67ef54659de7652b4c26f5630a
SHA256 267f4d666e07cd66ed06cb21feecd9eadd1940c26523a2b9d94efeed3bd74810
SHA512 29d2e13fd16a48be823fd872f762e027882ffb935697fe856ebad6cb7462bbf8aff5bda398a21483ddde6b29c7b2461821bc4dbd07a8f951ba0489f61e8f89df

C:\Users\Admin\AppData\Local\Temp\Roblox\http\58f9c9b118052f3b947df201d5008da4

MD5 ca9105bc04e2747164aa5bdbe21b682d
SHA1 b149d1d335c843bacedf3e03e74de6ae2cdce323
SHA256 afd5142ef4739a81e6c5a9271c59f1785f180ee7f61f3321a7b6f24f17c1a5a4
SHA512 18d6ab5353f5c43b34e8a79ad7fd4b3fc6394885c6bbf8595bd4cf7f7f766e33afa552822a5a55ad74a815e9078a38f0526dfc4ff605ae73527c7b653aff7109

C:\Users\Admin\Documents\ROBLOX\AutoSaves\Place_AutoRecovery_0.rbxl.lock

MD5 d6a4acd99c5e64b4095822757a59a4f0
SHA1 3fff61b20f8521eae031acff6a33b16d0859431a
SHA256 dc7bea28eabb1e6ac0afeeb8fa34c35f5bbc69b30d34b3267283c74b4e91b432
SHA512 64f6c74bbf341929e3f12f86f6d6107de7d11653093c8267d54d142b04796bc6435d6e2251294e97668eab0425261a787907c200628eefdf7ce63b4e983815eb

C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.79\Installer\setup.exe

MD5 365eb1aab5e477760126569b7f72f85a
SHA1 06aa9c213c163b7716644314ea6d3997f882ab06
SHA256 19dc1f8c7901ec057bfaf763d8354a07880ce6fa3093185c64b95d082f8055af
SHA512 0d34bc14ed5328f2ded1c48acc29872a2154db0c4c9072a098266a08c0d0b235705223f988e64e3fd418e9c62338560e33d7f3d9ae933f43da77763e88938888

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

MD5 f0b6dff5abddac0d1347ec7a08a2d4ca
SHA1 1ad1fcb19b3f7242fd023c9c63ae538beb892725
SHA256 6c56ac43714bb3a5439bc99310087822205c4586ed0f6b168adee36b7a9d4329
SHA512 7f94b2a2b4c5bb4bfea1d2bdacf86c2bc1c83a3702df1315fc8c6ec4d59d94e926f3f4d7a19f68e9877e7e1cfc973f889a199afbe0efef7533e7cebb4dbc1fd2

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 1b83625a718a99981983261e90368b46
SHA1 bee32be0c5332027fe1cc5495f2232f5c730f232
SHA256 877d5ff57c47479fd0aa9e6e28da3553d0ca1c27723b3d3d3b669b122d70f821
SHA512 c5f129f0e3e9f51a7daf2c2a38c94b7dcf62ce63c0cd43299048a55f1bdaca0c97affda5d296985c4eb91929f0ccd248bc79953caffcd0fbfa1b24f7631ad934

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 fb08e56add136da0d319dd4fa59c5cad
SHA1 283f0355980cffa2694202e8f02f576a411ab684
SHA256 03f8ba967eff1b1094e33d132a2c1a7bd166a1c2d293f2475f7f986cd86046b5
SHA512 3ae3edc69a779ba6b4068811334311fe102c951d77811a69875338ac01ae77c2c7a1c43ef23519e176b88bd6e3964805d0cf7891e8cd88f156113aba46880e88

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003a

MD5 387ed93f42803b1ec6697e3b57fbcef0
SHA1 2ea8a5bfbf99144bd0ebaebe60ac35406a8b613e
SHA256 982aac952e2c938bd55550d0409ece5f4430d38f370161d8318678fa25316587
SHA512 7c90f69a53e49bad03c4cefd9868b4c4ba145e5738218e8c445ff6ae5347153e3a2f2b918cbe184b0366afd53b984634d2894fea6f31a4603e58ccb6bfa5c625

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4592_1571825556\Shortcuts Menu Icons\Monochrome\0\512.png

MD5 206fd9669027c437a36fbf7d73657db7
SHA1 8dee68de4deac72e86bbb28b8e5a915df3b5f3a5
SHA256 0d17a989f42bc129aca8e755871a7025acb6292ce06ca2437e95bedbc328fa18
SHA512 2c89878ec8466edf1f214d918aefc6a9b3de46d06ffacff4fdb85566560e94068601b1e4377d9d2eabefdc1c7f09eb46b00cf4545e377cc84a69edf8e57e48b2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4592_1571825556\Shortcuts Menu Icons\Monochrome\1\512.png

MD5 529a0ad2f85dff6370e98e206ecb6ef9
SHA1 7a4ff97f02962afeca94f1815168f41ba54b0691
SHA256 31db550eb9c0d9afd316dc85cdfd832510e2c48e7d37d4a610c175667a4599c6
SHA512 d00e2d741a0a6321c92a4aab632f8f3bafd33c0e2875f37868e195ed5e7200a647b4c83358edcef5fc7acbc5c57f70410903f39eac76e23e88a342ac5c9c21cd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 90062d51c6f6f535a01458853e95f538
SHA1 b656de0b558bc40bde3dba488dc21dcb891a2135
SHA256 210349964809a11d61586a06ba2bff0eb177f103d285d0796dc238fc1b5204e8
SHA512 8c501d4d96b831e92cafc2a59eb57d60cf620f0318518c3c3ace3d4d54db7b1435097196374e187b46f3aa0ae417e45bf5e2cfc43d33c95037282c092cd00b67

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6d90e8462432415eb0193b027bc462b8
SHA1 eb756a88e6643c16a93c958d2317ea326117bf2d
SHA256 0c0dfb103e6b61c9a084106651fe31e2af8bdb25dde7cff35d656422130cde7b
SHA512 ed1f6b52268e9c480513c497d921bba2ecb5b2960b93d9b52540b68a7e184bd297117e544d7e97e3d5a06bca1073b4a4f841311a9cca88a38043c3420cdc8028

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4749e66fdd36908a0906a9673b698e38
SHA1 e7ff74472c7af7c4cfdfd795c5886fb03ef8f526
SHA256 d7a1638741a1fc5d428fe5914415a12d5202964e92d01f70c3f48d60a7f2ea7b
SHA512 58c2a175ffb7c2f3a08b794722933beea1cb9cc7df536a1b842336f4c75c64569c9e19eb06f9e834c1a4ab34e4a37d57343cf4b416864c32e7254f41cb2a2f9b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 e5ac05ed4256ecd415f6b21ffe11637b
SHA1 ad6a0c42037d9c19fb6f839a5a43d9b26bd37ef9
SHA256 471007f0e9f5b824db1c0c542b69f4f52fa96a483e861d7f5a5a85e2c775cc43
SHA512 824f0df4b8bc3de2f727761cc3cf04a7cebf23c6f7612c29df0a7d3ceba1aa58433a9d623b2c24aa038dc310cd02c70f3ed1e615a1996bc4c315ef39c9f887a7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe6f28ff.TMP

MD5 2597ee270ecc3ec6468c7744b0eea6b5
SHA1 cdbe214e803b9d6a05334518dc9fca1412b47d3f
SHA256 54ff34965ed2998e9b58eb15264958ce074714dcdd339452052bf2976ea8dfc9
SHA512 04cff71106e8dd4b66bc460a54725ef33fd351406b384f79734a8d83ed633aeab38b0a89df38a52fecc2bb59892cd2d824b2901d00a7bd191a1992863a8ba9ea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 db3e61547557cdc9298253291d7b7865
SHA1 f2442a544f3d2e7ac036804013813836efa5b8f2
SHA256 feacd5e784eb413752af6b115b78222ab818ed092f3edf2e5ee48fb7dfa4f44f
SHA512 1f257f5464b210382aa59ae362ecf2ee4dbce42e69178feff2350ddb8fd9fb32a4fe589689031280e974732caa7e6a74e98867879c74ac38b011365de482f2fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 2df309f89cacb1f24f4554f7747b91ad
SHA1 23acb331ebdd65d72d281e94425aba2f6600dec6
SHA256 54857a093ab5f3d105f3cd1e44d5d9a43091eaeb3a6619dafcb23854953da6d1
SHA512 5ac78eea7533e4595351b3fa7037d04eb6fee37e6552649cefd0163790eb848dcfcc8a90df01aae52652f94228e479e8437073c3349af7082e6d2e6afa2c8390

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001ab

MD5 4d1cfbade9765314d6a5ba13ba24e491
SHA1 92aae720f91964839eb4baed8c8b72666e9a8027
SHA256 8ba23d481d4b5a94379950640ba928c297c731c84dfb32f20c73e750670c6e01
SHA512 2113a63b67e07ba8aa6856cf9eec35ce53bd9cc4994a364f85ccfbeeb44e0043278cc4db2b5446960fd209a7c10250dca8d04d265e3a8c65807e13834a37f391

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001ad

MD5 8bba2516f31ec7f2e08927289e212d9b
SHA1 78f03abef41b96a1d2fcb43bda9a39f527697ca8
SHA256 76710d555c8b489f86d7931f78791513b8ed2e67a236040e121a717ff987916a
SHA512 0eee53a780c73884d83d672e51c848dd14848848e6eac6f956e27987c7af3b36ecf34e61403e15692b5c535bd3fcb7a13b818093dac0d601f00f478ee69391e0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 516434b8d49fcf62e14712a5717d36da
SHA1 d8ff2e21135ad3c8e9685dceb7ced297554dfe76
SHA256 86e24fb414d50e0245978c3e48440ad0075097dedc5c5a920f733566ecc891c1
SHA512 ee018b7160e36ba42df3ec63b00971cc812208988999e9cb84a0b960931509fc72f77831922820925f835926949cfa8924fd8c92eeb2848dfaafe0d417c1f83a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index

MD5 3f2e7fb9a073842223208d912486ce26
SHA1 8f4bbe6e5cadd671cea23a00e3846c896d80f577
SHA256 79d186c1abd604058cf2576eeeebffed51ff976439f3bfbe173334a6db6c2365
SHA512 9f64d3fb88ff22c9f01dc7dce9aa9950b14e15e2b0a653975ff8eb6a78bad871f939e7a06f8f41ffc55a57b6fc9ae5c0428ffd08174cbd4aae054cf926e46cbb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\45da0905-ec1e-4525-a37b-f69676f37b9a\index-dir\the-real-index

MD5 50a6cfc9acd734802dbdad2f6d47bd9e
SHA1 81c5262d9eed4d140f6c39f45af9f2ed37831605
SHA256 4998c80b4f91edd36c227c66cec898e77946c5e8a93e2dfa23d64a89079a1c1a
SHA512 b46dcbad4ee04b93de416e078f9137d73c08e9fb2be2136242197d798b76878e6bb38ade990eb2268960017700a1e5192edd62035c6b647c19bb12c00544844d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\45da0905-ec1e-4525-a37b-f69676f37b9a\index-dir\the-real-index~RFe6f8373.TMP

MD5 e50f4e9ce14170041325f8d578e1adc4
SHA1 9be6b8a2320faa1b01e754347abda1009e6163c4
SHA256 0e5ec6ab633a8626ce54e44214b738e4dfb81a651c1e8e14dcaa06065b0354ef
SHA512 a3d039c82497bdb969a86042fc1374e987b585acd6659ab42f35f3a6afb903db90d2b7e32c87741f9e62cf791cfbf0477163874db59f9f273f77df6bcf4b6a4b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 0c97dbcb5c559e54ad6ec7f68737646b
SHA1 792661b01e20270c651b13c636a656f2ce28a9b6
SHA256 af268ca6d43957618acf9e8400d3a0d4ebfe7fb423815da7049e9a0d8dfb75aa
SHA512 8b949cd4606421cdb002726728b5c0e530f7d3544bb4a2d0618f228f573c41c6d60b48b6622b44d9e4bc4ab47f65076776d100331a61d0ed3cb325ee52a7b164

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 4edcb4d7a030b44a7b25fa8ed0528fc0
SHA1 c0d2548248fd4b808a3f34996ff878f15c2d2740
SHA256 de66e0b50da556eedb9e066a551c9adf7744111791ab4cad70c22f7fd28fc826
SHA512 d1826da8fc2d8268ef8211787cf103de99227711a530bc9f75e9627c6328f5055e0f27125345d8bb4763734a362d6c6ea282eae760039c7b1d11f0c5ac4aa64d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f1e76dbd0fb8057708c878812897bc18
SHA1 fc8235254edefebb7ff1f44d911e1458bdc851c4
SHA256 e865894efa906f8b1b1ded26d0b171be33e9dcd3f14912a519b69bc5e6144a35
SHA512 ce8c50f93922108042afc2498df336be2dc895c05f7c2370a33f2769ecac9ba8a2d70447d2a76a018d2b432c7199b2e983c148133874557bd26d568ffc3def28

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2c3862ff08f5328596f0f95f92bb730f
SHA1 766369d1d5c85747d75baf6fc92abc78413d1c25
SHA256 45ca9e34329ecaa6963c475d6c26e1390c27ce69c336f070e4e3137b958a08a1
SHA512 bdbd43341defe49a11c44a59bedf2c0cb75e6c8f1c22137c735a756d3f1e51bdb8e3f0659ce6bd5e05d444b736145af409e3a36d194c2679d11431bdcc23d453

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG

MD5 ce42c530757c001f15a8a6038c7fe873
SHA1 236dd3547344978f1e1f151014f96b4796fcab18
SHA256 84cd4b39671d278bb6cdb566f9cc2baa7cb7fac1755ef66c26d7715cce16cd08
SHA512 09516ff494f5df1b480a6386db065eb6c75166b74d9242b8cbc2f457480ef8936945aca2b7de5749a922bf181d5bf328e929fe7f45806a2371e90faf081b1cfe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\000003.log

MD5 4c6fbceeeb861918c7bb91c1590be0ca
SHA1 308462919c1c2504805a66ff71cd6e62587f5c19
SHA256 79080e373925e3fdf5ca9ae90620ac2ec8d4226d530080ee79d0d8872baac2b6
SHA512 150b3c4f0562b335595a0cd1e8e608f44f3fca59f95dd6dfd268cb58c322ed74eb6d7c078996ec8a8df318fe3844aedfc1a43a960bab2d832bedc65f6e5c21db

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8a06b5d69d4161e044c3a4b8627c47c7
SHA1 fbb55cf5d27b2d3d47dcfddcf00f15ad0f30f8ab
SHA256 578db0c0c063744dcbd2b5ff9c6157bc406ff8d101837219aa1922c413f09d0f
SHA512 a52c237a8d88e19b0facc8218241987b7892dcac672d3c3e656ab22811fbfcc8671003327ba5aee9f276d620220a2dbba24c13a1176ecb456a6cc980304ad1d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0697044d13d3a648e577582d128b06ab
SHA1 821a284f2183f4b4596bdd4050dd6bb51039d99d
SHA256 4e840ff1d62879efc8007a4924a334ecea9156dc4b38bf2ac052a1e97ae7709d
SHA512 ee6da68335be56dc4d7c4ae2e00c9ea2ab5518e6d2a3d21f5f614072f234ace9a8c85ce38a810696a080f8f390683e751c067390a3d46220fe5aa62c46ba56ec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c52fde51-2a3c-4248-855e-141c5dc7eda9\index-dir\the-real-index~RFe70e536.TMP

MD5 10aa32d6f40e91f8561d705382da17d4
SHA1 f1c3451431479b9a72eceed89a2f2a329b6eb8e7
SHA256 61c9987d5d3d40385ff0a4dab30e5b0576c504fa1619a8e470b446ad951a52f1
SHA512 0e7e64bc2a7eccc6a4760e4e0e1923de5afa95d62751dfb7e23fbeb9190bc90c7f1ba2378b0896537a97752f777ee7076f335d90b0846eba15d5a6962edcc7d6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c52fde51-2a3c-4248-855e-141c5dc7eda9\index-dir\the-real-index

MD5 3035e111930d56ddf9e72c1a6cd82b2a
SHA1 2c7f94ff4ee46a79af0cd45921fb655385d11db4
SHA256 09c1d39443b5e6c6da4315d9e84483eaebc4fe04361bc44138a6033a0fce4019
SHA512 8c07acafdcf0c4b7d414b52661f8bbb99150859edfbb385e86b31576e3904e8fd31bff8520301a220a96a57a1d978cfb26395ef04bbf09c0c4d83279a08c92fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 69d2114f37a23563e546cb3aa3fd971a
SHA1 376541f43590c5cf2a2657186afcea71a88f26c0
SHA256 d924c4b7eb16161ac699332f8de5d8fb30938131daedd65a1f4c5e8ffd1093ac
SHA512 706527fc81e53c4ecbb798995765436d09cb7a60eec1f74cc5c7e82dec45ccfc52c74a2843522791461fc9381638ec0519d098ef90a31bd353d8e08407f70d02

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c52fde51-2a3c-4248-855e-141c5dc7eda9\index-dir\the-real-index

MD5 5ef3f4990e3ff2ac6eda3f36f620947b
SHA1 7a4c0a0bdd110337efa5cc1d4991e0e1e4109af1
SHA256 a6b91ea052d048c11138e689f5d068e1b2f0a2f506a362e9f9efd6f8d382c998
SHA512 05c10b049b4795cef58bf5b852371572b9193c4edfcb810cd578c87fe37fff9c974940302fd42a537fe7f4ebf181c08bdc91b1f0e858a27f304fb0530891511b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 e3db264672f1d820d56074c60da91a7d
SHA1 c10d6728ad9d7a63ed06fe24e8a60a6f49e7c564
SHA256 0744235baa84d1f1f6cb7cca459f933e2b95d346871af7220a02fccf7f851b84
SHA512 54af1a5dfc9fcc5127caad30d4cec427de207a35a3eb6ea16d1efa85a2765aba24f3d4840f1af6cad06c9372bbf6a0051dcd1adcfd065ed523a23d8d2ab7c6c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001b8

MD5 5c96e518b002abdf5d3a05906e75316c
SHA1 f02f53063db0eee45917618b90b53e3d7bb0a104
SHA256 7db2fa2ae0c96b6259360ade2e3e14c1da1e71678221e103b1b2333ffc06c68c
SHA512 472b20ab17ea85c1cdd184e18ede06cc21345eb7e072ed23f8708839f8bdd9e180b6d69bb6f31c99bd094d60d777bdcace9d51f086a08384f497ff3dfdb6a044

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001c1

MD5 02dbb8b5695eaa16c15040a1e0d1d9d5
SHA1 0c589d4cf36dc04ecc6899ab27050dc1cda80647
SHA256 20e906ebf4ebed2ae1788e6c5044c18a20363846f15b1c98909985deed9ed749
SHA512 6fde53dac2aa5bd8ff1f4328608b352b3c8c13962efae95e57ebef9a7052456afc50d741de5cc401663c936446594b180acf4460318de05c1192e79861513874

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 13dfb52106c2b5e90f081fc64028a5cc
SHA1 0a8a02b86f6a63390bc8740ba160a8d8344ff0c6
SHA256 8bef9c939a73018aff25aec21b000022478bc1a468c15aa39dde5bd1b81cedd7
SHA512 5a1fde5fbb17079ad24cc13cc5221438ff8d5ca03709e85e5f1a6f62047fb4810369a0b3c69d0323620801784c496046a78865bc2958692525a5dffa1bfdb43e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_studio.youtube.com_0.indexeddb.leveldb\000003.log

MD5 a350f09356a64fd6bdfe4636331760a1
SHA1 b73951ff08c314340a9d4e6fa1b07099dacfcc32
SHA256 0c6a4c0e7f6bc8ae0d1081b33748975159e3cf3cfbc348bd2268f4d78d8cf910
SHA512 dc98450473812d734bfe0e8964af691d2cf6e6a6eb4422a79e0e651bab9c9a310c2c3ca31a21b092f0209d9c5b8b6532ea60d0eb589e7e81251d2ec39d828c34

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_studio.youtube.com_0.indexeddb.leveldb\LOG.old

MD5 e34c6a1f0d27b970bd4e4cfdc323f537
SHA1 07819d859f6e9ff68ea0e82394a171643a964a10
SHA256 61c757a23d8ca0583be0a2cad24124b38f07c7bc6ddf4a34d61aa780b67870c7
SHA512 74d189b02bc6b9bd34cb48312df6d3ef731f03cb712a73f7af5c06280837430839afd841e156ef02755ce007e1094605a3fca6170e3cf077dba9cd04d0498b77

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6f20161d6ad8a80d7bf6bc49bed725b3
SHA1 8dac2ac4baabd5e0cda418edf8f1ffc0ff8b1fd4
SHA256 b3e6579fdb724fb62311c7fbd940c754078c3292be865404d86a18fbbece5556
SHA512 d4b6f4d50f77e438649138417a10216a00275055e21ee3315d39c0f872cd7ee3a556bb607f34cb2b2cb6e4132535e8c5d70ccb7bf318fa3796530b5fe3e8d121

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\45da0905-ec1e-4525-a37b-f69676f37b9a\index-dir\the-real-index

MD5 72d4d494486a344368e941cadb00fd80
SHA1 672c803b9fe35fb8f03cabc79aad605cd930db67
SHA256 e0caafd97bf971e80eb08182bb3bbf6a4c3802a500c999f75e86e26ced9209f6
SHA512 90bcc050f76f5a50aceb34ad909296473c1ff2631fbbd94c69f56e06d589edda37381b5cb2dab5815d4b34e620121eecfe9caa65475e1ff7719c370988007f6c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 99a40e055b1b827ceebc5ab5f54100e0
SHA1 40739c2e62c113c19cecd6ab82ce98d0d736f4ff
SHA256 136f7c5274846acf4fd4c3e58a737400e0b64df4330f229650bcc87709a1b44d
SHA512 c737c570297cf6e20eaa628f10ae7a0f2eccca45699b1100c2276f6437c65e39574242cde379d686cc4eafd13e7f90a1c3c00cc8b118df30c17f09679cc9a171

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 bc14c8c34cecf068f86c35dc83bb9f89
SHA1 03784e75b9a43c6749fa10f67af741240b967d59
SHA256 86f7073db24a142e699463794615adeff343d7d3a995b4110f7ccc8aeef550c5
SHA512 9f01ccaf6fff2a688f5a60828185a666aec127b2596175b5c381caaaecb45537932d4542f4d945220752e6accb1f03db8797fd4070c09ec99fbfb39445c7982d

C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_48.db

MD5 e8939aa6871a9d40dc03cb288112d1a4
SHA1 2335abfa995f280209f8a2e17ddd1caf6f2c3e8a
SHA256 f39e515b8da954771590de0a533f7114bd83cd19771ec02c6138ac7fc1570df4
SHA512 19e5f2419be269d4133fcfe424b1a68f3da03ab441c7188ce3fb0ad0a61c10804151923bab96628673d9cbc00a939ca232d3f097e6a74366d6010f9e462fb41e

C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_16.db

MD5 529b3b9d991ae8d64059bd25400734f5
SHA1 0a4f7c8dbbe682aef55db9628decead6587465a6
SHA256 babd9922dab386db727b2de2603380d455fdbd4863458bb6ca8248df6620a3b6
SHA512 93b2049f4ba031cb83915656f072d2857c610ec308bc7a3beea30769836bbd4b33515103af96710e487c6290082fb2a4cc11bfc5da43036cb36114c79a15adb4

C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db

MD5 4cebbf37fb66bf53ee8714dedcfb3274
SHA1 741063b35af93f3c32f2239c4906be510e9bc55a
SHA256 08a05ca0c01f70636fe4cb16d677d104c09d195940c8f27f5471ebe8c5e36474
SHA512 9872d08579444d9b791160cb0612cbd65cea170a466fd7fe3767b006bb00fc7ac82b3250db88b64505ae21cde5d0503bcc92c9b7bf97b57ce243c8c8272ce6fd

C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_32.db

MD5 adb5a5cd5bfacb10559f97c044003065
SHA1 64c26ae365d01b3a4c9c959e0bce465007bf6d0e
SHA256 1bd22dd1e8f3930f4d471233d0a3fe0f4940d9ed8fd951dd56bda031fe1af904
SHA512 b154bd528df60fb082dbdf8d85b693ae8829096e1838476dc17f3d7191882af25bc5b7e91647c3761f4fb4aacdc0084efd7374f3cae9a083974d1e6ee396aaa2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f76ce2593538c8968ddb9692f636aea7
SHA1 c3fa1b9b426b606ce6ee6ca8522a35f6d72e5f35
SHA256 df5c18b7b9ce55a4cc48900e375dad763e183c3ece85bdf175e101b0050d71b9
SHA512 02f5103aebda38d26ba1ec3cb6d394b6a47e388a1bcf81a36d850572e2132965f341e0cec340cb0977077e4aa6f03e60144dd2a6df0dfe7077aaacc00f4df0c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_studio.youtube.com_0.indexeddb.leveldb\LOG

MD5 9ae1b71c203b4ed64fe9f3f3c6bf463f
SHA1 d5c7f143cc7c10f8c5f4fff554ccc2467f069cb4
SHA256 fc04487d4987b8d11303b42ed2fece94f6481a273a1182627af9f2645d99e852
SHA512 8a08fa49e8f638993a99cfd6d637488112fe3126f62a52a78ceea9f3c87165f3d01722e3b87f97ca8a719bd1a82bf1b98e0e4e0ceb0e41eb0706c62d31f55fa5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000076

MD5 8144e6637f4c38fe7104aee0830e8639
SHA1 baf44459604befb30853dccba736a3929e9c5689
SHA256 d6d2c4389707b0a2e0c54a631af49952a1ea4aa268683ac235558ef784a53c56
SHA512 3fb1affb4b87e03284b19e866206da00ad0c9b6015a649342967e8aba535db9796b2787dd2dbd00c75ae362ae6b1174cb0ffb994cd86c14c8326d50d381f3c10

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00009c

MD5 b3049959f1aff5715dd9d592dfc058f8
SHA1 9479b806a5f11b4ec4ffc53a49d8886ec3925a66
SHA256 6642c23d87f713b71ac141578c2d45546529148fc6924cf4165678261cf16693
SHA512 5f4d00ecf89a6a6c2d2c8dd13f8d38e3b85edc477347dc3411d16f665264eb1bbe54867e39ae2e09fbb6a6e723a0efa78b6ce65f7bde24adaa4698a679cf4ec8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000080

MD5 9c84bcc5829a19a39b66a469600e69ac
SHA1 cbab67ecd0a4191690079aafede10c70796f6326
SHA256 aed0f1a44515d9aeb954a1b8c80b27c6411535f84e38c774b52aa7eacccf75c6
SHA512 0ae225b5a6d038a8ffb5099f487e632f0cb1e796852c4fece019517a5f482e9c6e6e01f7d409bb563b4e8c80eb114aee2021b8dc45ff38ff385e298557a8b448

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000082

MD5 dbb4a59f3dd19c1db7bf476301154821
SHA1 828e1e49fb33bd8a44497c04e70a978e6f556679
SHA256 57823a06bb8c73ff77bf3a2f6760d2ee1745be9a9a7cc5eaec3eb21b402e1915
SHA512 322bd05489a9bc800ad157c3f4151466d3c5d7c6644ef40a5504412d75eddd2921800b291ee6312cad9d5b4f8697db78dbf7503e32c52e1d1c0aa1b1b9bbb48f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 66799e9fe94cdb3347c53ffdaf2cbccf
SHA1 db09c66d5e561713ff79984e7ce3cbd386b52072
SHA256 c37fee0fa8b05c74c343bbfc520216296487a2c942999450566c09df88fbe535
SHA512 dc60415f6edf89031bbce101ac6c0a22334e50fbaedea7f4080dd41b785448ebeef42a0d3200e928a3065650b492e2d3c5a619d86b5d02a1d9ae4b7b9879fa70

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 818874d605f9a611bf1363d33c50d6a9
SHA1 48c81d4903936d6288d499e9d744024ca4720510
SHA256 a78f8d5e55fa8ee7e48fd2104f7366492128b73bdc52471b2ac9f7127b615cea
SHA512 57ae527621093927ce07fbfaf4a985f8b43015bf2c6cbe5608b21cd92ff3faa47ac1caf681da7b42777b075df6e9de3b5e9dc5debf9182c9d5cf9ce322194516

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c7fcce216848a8df9ad605375ddf3c70
SHA1 b94baa52eeaf6030941e35dda1db749847ec397a
SHA256 7e7327048be19ea5508462e04b82251d92a7d211de96cb331aac01cab42903f7
SHA512 2d79659070c557a80bc9ddb9c8c24e42f4c4610faef7dda3c28f36def07eef9a3ce722c0cbc73d6260c8783ad1a59525dd35548575214331b6d871fb91fe5f63

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\36\9.49.1\Ruleset Data

MD5 c5e30274fe7b93847f6d7c02410d1209
SHA1 488a49f38459f29e110c706c51b61ca1ae3b0e26
SHA256 e634e3cfdd0d27d0be1f5f9a19748d19d564928765db343503f42a6e1f5dd4ea
SHA512 bc235bb3af269e9a828e6788dbae2b42cabc879b858102f4cc76c0fa02af0e296d20ffc8f134c0a3f9b408643e4810e8c46afeb0c285b892908b06ea1aa1b811

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 5a124576ab58f14b4f360baafaccf8ec
SHA1 716f89cc9ae74723c93001619b70f2a44251c7c1
SHA256 33e32a0645ff9c8dd3ef26f607cf1a1c0a46754d39b9d412f7bc9d222fc81b7b
SHA512 ef6ab2f57f56016882e90f0ef61ec593c978024601c440961a6aa76e07fd7e65be1be9b06c30575b71050b67d0f63b69094367d1cd570662f67f253b7f744b10

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 4ca268d8407073fbcba6888b5a60d6af
SHA1 4acd63cd642b8e2f27de8fc4133bb598106f856f
SHA256 0846442da8db2efd43232956a0ca55e32fc6e8cce4d73b4845aaf87f8db24441
SHA512 620115e2728937956bb9eaefd0aa6cd15a569f6259ebbb2eddb046630bc29a18be796fa6474493209eb9d646e3e49bd9db426991f9dd5f51e8ccde5bc01c33df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001d2

MD5 588ee33c26fe83cb97ca65e3c66b2e87
SHA1 842429b803132c3e7827af42fe4dc7a66e736b37
SHA256 bbc4044fe46acd7ab69d8a4e3db46e7e3ca713b05fa8ecb096ebe9e133bba760
SHA512 6f7500b12fc7a9f57c00711af2bc8a7c62973f9a8e37012b88a0726d06063add02077420bc280e7163302d5f3a005ac8796aee97042c40954144d84c26adbd04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2bf5a1421c36759b_0

MD5 9f55fb7385e8ed03947ae5e441ea1d3d
SHA1 06d9825f12102712281a25d62b0a319e6c8e1c1c
SHA256 7389a60ae3c1820573da9fc87cb7a8e7df0db5d5fdf5af1520ca32c41102334a
SHA512 268f536547f3f3eeca299d6ba6c25cf0b5df4989cba39de7d7611840033e46ae30ace864ea9fc0ba8f199e4320c39c243b5e928d51c87cde2ca42acf7f1a5525

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\08a228d108d0dbd3_0

MD5 0234dc4a24b3391bfb1837c7d9e7c2cd
SHA1 4dfb0ea27839989ec5c2f83e57ca8b8f79acd693
SHA256 f1372a8fe47bd6d552da356590744b5d589797fe5a7b32146fccc9aedf8035cc
SHA512 002633ae74c2125b42bd96096bd58a5daa89dd571685f57621f731266051a70dcf6e820492bb5a03f443ae6fabbbd36c071a32ee10615d0ce8c01743beb9b6f7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 30d7127d8233222f917fee7553ed2d82
SHA1 a7d01c87e3c4d7087abbb6ba079016659e24171c
SHA256 ef4f3ba116df699bc7578ca54e78437e3625e4085a45814a1a33258a04cf4d67
SHA512 c9879e1672b5b90b941a2f5083841b8e88eddfde655bd86e56385d2c5fbdcf6d7c6f92928872cae21d86b94733651c36e2284b070bdf4baaa343a9a327bb2974

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 eb6da63ef9ea86fd7208b2bb73611b47
SHA1 3048b78c9fa9f1a0959bf630455dff5d1959c448
SHA256 4f2ff4393bc767a3b0897195bb42c8cea856c37b6bb04a3ed8e22054080ca828
SHA512 0c10d9f3b156d2234f7f3167b63e8695a0d5e8920844c050e52bc8993b8beb3854b0676066da75d4477f75c98096d954526310d115527bbd514e8e47024be4e4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fbbbf8ede6ffc28ab615a0cff7c7eea4
SHA1 1dd9c709871a6accfab207b1960e684658405226
SHA256 1f3188afbaabb2ffe217b42d752e10c011f73bf93213bb58e736febac22efeb7
SHA512 162f5b2ebfc7ec3993a2dc1802005af616ce7c52c5374aab3097b12bf400f3518483dbf2240b0508beea9135f5b457e037b5480cfa66b9a6403f045be0cf6ae5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 65f7772ed2c0e15ed03409499e689388
SHA1 28272a2ec873c010c5250c48dde8f1a4b88ac970
SHA256 a4a9fa292e3bfb440987db1e315aadb053c27fb07992614b81e8c76ce185ffa5
SHA512 b42ec09cf9d44ec6b8e107bd89c327893b0594dae1a6ac476f3518b8930c115375ffdf764aa99b35604b28c19fa817114ea34b2824ebf660601b49fc783c6f3f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 06a7c7bf928f0aadd3220e9ac2dabcf8
SHA1 13471522b0f6a74514a2e2294805b87ac90a7b0a
SHA256 41327ac6c94182886a0330980d16deb80bc02787deb8f40ddf9e84c3ef18ff3e
SHA512 255ce98a44accd8974d2ff83ce94a7e28e45eb1b14995add2d116707751b588ef9197f55b7fa836a93b558471ab01850531fc060b0dc44a6cf7da17d359e8676

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c9db801d15864fd65fe48dfc2ed3b28c
SHA1 44679e8c004214314dade0918e0998a37ddb4373
SHA256 0bbfd1ccda51d6bbc5711b8874bf989b65972e6484a899c722cceb4497827525
SHA512 cdf8a8928347bf863fb27c01a59b386c588ee637100af6138501bed7723b0ea7dc986a4d1582a93de0c6a37e50c44a4d9c3e8ce17b6989c00bab9c87301294b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 cc1b71d2f4d76ab66e147ac47d983c3c
SHA1 5d3a44e7b5fde4d5150c5d2e8ad1f8d29578473b
SHA256 ce7571c377324f3bee1e1fd7da8f4a876e8d992f6e5a58b0cbb6d1c2c85d27ab
SHA512 a9d3e69e1485f8e55c1983e3dccb76f0fc125d9cb4fc167e0a022c4aba0dcb41cd104e8820856d31e8997cd520223072263402de4fbdfd2ee637433627b43eb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 68d1fa28a43a69063da4bbfa72081bf6
SHA1 06a7c25ff597e3367cb474a86520fc36e54813ba
SHA256 51109c0dec5ea36769f5e52eada58d40ec697d6dc3b6a807ffd2a3102f1ab49e
SHA512 42910c6241e23aaf3aa45b012069bf93493d655246be91122294415b1d13802cce3225405ad460b8f96e43a7e32bca7f3c623b1e3dcb37369b79b5444d1633ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 a96521d2e39406eeadfb6cc97c727be1
SHA1 bd89cac75e0626be16dfd0907d3fa50b6f1ecf85
SHA256 82b3e6cabcdf7d0fb99a7457c812921be20c157a0d23e3251f90a339421573fb
SHA512 ebba089f31cf83fa29db77827f86b224c1ccb0c66b3a9f4e2858e55dd5ac2cf8f3139718172767a67bfdfd9012560bc0aa9090b1374242df9b598c19a74fd54d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001dc

MD5 e634cd1aa5bf4c2c6341368484efee47
SHA1 8ddda56ec48a62c096f5d6081bfd46faba89c18f
SHA256 8d2bbd97147fea4b2b1a893358e93ae3abe5b816c1f17ab506779301457c253f
SHA512 53ea84010dcd6a4a341974e02170a327c95a894f6461e585a18ee1dd3c58399c188de537c780e627cf3198dad3b9d2cd64df0713acf50c20bfa2e02118fc4f00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d696b2540c27b5489ef312ac395c75ae
SHA1 6995285e2a6613e7515421e80100d6c5d1a98db1
SHA256 004217b3f4d198a20aa3f80cd0fe58eb0969628e2069a9d11d4f79a8018e3ad4
SHA512 36a916e2e950058e6119f5e5880e3b30165d7d1753b7c48421a7d53869eaa7707e83fbdb1a0c9436872aac28fdb66c28089c8dac38c4be4455132ab98e03fd30

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 67c2c9b916a1cf0ddd745800770c634d
SHA1 551e5ecdf01f8aa16392f0b102fa234ebd2a93bd
SHA256 8f15b64ea59b6e2514cad5aab5cd4811b8d76bdf5f8883a7d747dac5bb6bf293
SHA512 994fa4726ce12e6dd52bb68d4aa57a01cfd20ba441aef9407f245f152eac5bc2dc00938530f2217dc71da8b559425b754766ac962405fd55b17a1db90214cb7b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b13dfb9b52c04b1c9a560db890401149
SHA1 ca04eb1cf519aa83ec80c8f5eea075838d048d22
SHA256 c806808be0f1c22ff98872cb3068f5685f788be685ce9abe50d6d04349edb2ad
SHA512 612743f0e6659d9f5b9853ef3d02704e8abd312d562d7802d47339dc1611bd3f538cd899124b8476ab6ea981330f9201ac7d030bcbeae03f2b43ccf5cf79a1e7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 32365ca23fbbaacc87840a8cf899a34e
SHA1 02814543f88651acef4307678c399522cf66782f
SHA256 26ead52e4a8bd667b3a77291995c313b8702ae463f4a68ecc8dd4a530b02fc20
SHA512 fe9b9bf92b587e09427ff9c4523128d22ca8ca024b51b90926fb92125bf1ed9970f7febdaf17fb65745f1b56eff8f3d591256583db74648280ead2d92e93a787

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 eb1784452e25fedaaaa938612f9817c0
SHA1 a301bd3e30748e8aae6570a702e2514a2c9bd1b0
SHA256 979421862937dcb0145c1bddbd0c064176f5d17c9b271952483e132dacd5d6e9
SHA512 7f60eefbb0d5d6a031f987869bc9c36d0c9fac5059024cf4d3244adbdf0fae86bd018ad5bc7eff9c09c7106bf3f328a691e55dc8dcf342c2edf4a23d876312b7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 20ba7218aa1a065759dfc94ade799a91
SHA1 8bc7a1c44a98edfb3bbf7f73823bd87043fa63d2
SHA256 af8ae226f01f697f2297336d625b2e4e44f579e982c00655f462b00c33157862
SHA512 eb3502aaa45bbde464cd75ef9aaf135e33654c3422cecab3ce5c9d8bcdb103565c25b25df8108500abf724d512cd634a2c5968510f8ba195fc2f860a08109e13

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d832ab78dcbab8bbb24c1bbeaa83f7c9
SHA1 5a233f2bcdd7c6e89f2cd0397db8ae68da2c0ae5
SHA256 385148573892936757579ce7e7f3217d66db666096cabe02165ba02322801300
SHA512 41277399f8676e385f23b1aed5b9c773af42e3eb0ca1c81984bc1c98178ee1b92f6f22cd5a7103e4f4afbe3ffe367ee415d245a0aa77b905b508d54c48a7b934

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 87bb756cd3bf5dfb6f6921d4e8160ac9
SHA1 7d5a30148e8e8febf82ed7ac0e65ddf7ecc72e26
SHA256 b58d270e250de357701c78d93253b8e2a03a4b26dfd14d10476c44cd234309b6
SHA512 1ef2e706028fb56aaa82759b4849855bd480e06af7b0bf58c3368d9c96c568b5dfeacd2093c76c17eb3b80b739ba67ef4aaa59b41fc5262eb2a8c625fa324aaf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bb9504230e4c5b4d70796629d9f800a1
SHA1 5b4ad57aa8d1e5c03a7390cdf45be013f2a8cd08
SHA256 38f3d060964361651364e42cd4ef0bd4ea1cf8457261baac928467c4ad83c0f0
SHA512 67eff341ec5a31f96fcad7a181f5ef429bd67cfd0d5cc3e8076efbb9511b095bd9da62b5faedfe2c4498d9aa07df748128efcc95493449bbd370e93219613f5c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 12066765e9036ecef2f443bfb7450021
SHA1 95c826d71541ba45d642fe1bca933f75843e351c
SHA256 409b51163c672c009fbffb28287dec331a568303ec32a6c943402ef27bcfde31
SHA512 c4cd638e918283857c33e38b0e305427044fefc66944c27990e91c47d6694ea2251075eab5d79828dadd6a0df4e32b2fb6d7476371329226eec6d1d3c3737c2b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 64015d9708355ff50431622e4d6b5b56
SHA1 d800cb2a33b9de51f9ad60211cc7dfef82788ede
SHA256 3cf5dc8d66f9bc5493391d615fcc01462d6692e4f1b853fa6d0a2bed277d4f7c
SHA512 7c86f9d2a4c05d3a6d15e7773d2c39f1b7ed79782482fe15a23645269dee762de79fa17baee8967b2f79372df473b9205606fab1efe64f18fbbd9c2224ec596d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 feb61d79a29dc74dcf5863db038d7649
SHA1 b5189cc54634cf8231c0d0d692cf24c0b9a6807e
SHA256 82095a6796f43a85eacb981fbab69d8fa8995024d71ea3375ea96c8d91d278e1
SHA512 efaeeb92681d44480ec6b1eac970f4599237c33cba18fc34aaa6e5fe3bb5c5064c7044c070046977a4e2f59b0d9c93865a8018c1f11c32218086ba16c7fecd5d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 77902d9259f922c73e768d0d7f8bb0fa
SHA1 1a7c6ac6451c1492b33a50b64921c5d1013c2108
SHA256 e7a8ffee7fc3cebac435ef3fe03ebc016cb9da944443f0522ef1ce38745de163
SHA512 f9b7e36cd2e64739a29d92c30a45b406bc23dc69620b7d9ba21541405bbd1950829bd4cf7ba64629ecf995ca3a9074e3c73f7488cd7d09995c3d934b52077a9b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 51706cf5831356ac8f55b79ddbb59ff9
SHA1 30df7197cf313cd058f1cbaed8018becdf5f3a62
SHA256 82f85f21801d7a656912b7216876c22575319426e734e903ed6fb73d3fa11171
SHA512 cad56da1da8c6c665e26907792e1ef4f51cd522534ed622d59b3c46eb660d408d9790c38e0d6f02ca93f775801ad512b6085d6cff3e4e48e0e035585d5a96d4a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b0ca8ec5d52b17cfdb915a5b076cd1e8
SHA1 1780ca860c368f4be9574edce7294dbfe14108e2
SHA256 5fb7d64000904e0ed20cf02383e321141e4d93bec684e90a41929e3cf52cee15
SHA512 fb93ff909a29e1144e0fdcbce7a5c89414075710093e9ea7133846733a334ed94a963a69b4905a62641a53b262d64111c48a319de5447b4afd4380ebc05de406

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7447a8cc8465b3ee30fd9324e831e4c3
SHA1 853fa3eed5c6fe849191d09352636318624a0fd4
SHA256 8a090d20b70d8fbec874ec84d2b9198b182f7c1017a75058e66dcaff0b1c7239
SHA512 a0236db385acce44274c24e2c638b8a2951ae6f904b2809abe307d0ba9c20bdfeadb4449731ec26a6e2f1bd437040792cb4f54258fe20571936a2033fc7b4c84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fb9895dd1b5ae60336cb69f05beee05a
SHA1 e9dbea5f0377d2d46d6b92b3b2a8a946fe15ecef
SHA256 def592239f16a0efe62260ec6f2a01ca147fe70c9735103ac57c0a1913570268
SHA512 9830ea5a7d16e7a55b3a53475d2c2374e3e90b675753759dba47774f61cccc3bad5226d3b1cc71b6ce364bfc148ee343e219746a56d0366433ac80ee4c168995

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2d00e6a35ed00f04b09f1141ff3a0cba
SHA1 a84462c1861b5d2605bdeb849788b65433dd72a8
SHA256 9af7ed5f0ba28a2c74a907ae804b9f4fd79de6e7d6ab9d8dbe327d656402ded6
SHA512 326eee10b5aeb9b871249260d172ca27e3599e5cd5e090f9710953fd968faa4e437ba0b6b0f9a588e4ea6c5498208a4cf14a72a6d31bec3e832e7ae583193a9b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 752aa54600a58526dedb221ae9582a21
SHA1 2ffb5664b01a453260b95136d40b66f8a9a00ac3
SHA256 d8ea12e562cfca2b103eb9cce324a66efd7dfafc123abf4e6fb5f3c345b4e61a
SHA512 d66fdd0e86f82149246c7ee93d532cb19dca3459f1f117a97a103e3d82d011119d8dc809f3532e7dea22c5d17cbe54f61889c7bc776b399e17da8fd4ab47f3d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 35e6bb6450021c655ccb6a3fa58dce92
SHA1 35c857a59ad8ce794f3df0303dad77268814fa34
SHA256 ace4683c9c5e61ed52ef763c2763abade7ee674e17ad1816e19744a4f06893f5
SHA512 310a5da4b1bae900d0a18c801544ef6ca6a006d05b5a02ba02c47ee5cdc7b034f782206dbd76fc0a3105441f30ce349f3264815954907a4a491cec632e47d733

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 56eb1cf2621bda8a6401607895059725
SHA1 d9c1546e51a5a42758aa10fa5a4d5886400bbecf
SHA256 edffc746b6bc996bc2d6ad853cd28bffa51ddaf0336b3de75561226f379bcda7
SHA512 bd7efe3da001895717ba8aea211baaccbdcbb7d11a53c190f82a725035d6b7a55d1c399a5ea932c1951f871b8e37fd935795e95ac3f4ad645fb1e0dcc18f5a35

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 312348462a7525f4d54a059ca5f623e5
SHA1 66945e27a27a2108d8b4cbb09857556baa32a9de
SHA256 e2a3ca1cdf60a042165942fbb65947f9b57666c137a5b68a1cb9d0adfb9e79e4
SHA512 f37b38f798d07e6eae5e66ed6437ff987f0c2e7696fcbfaa698b588e49b48b0df44cca5ec7e5be3d874701975fb264d69f02d43f9b9e55fcd7541d0e355f1a5e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 736529795e0ab26e57c1130087c67936
SHA1 5b7e15e69bac13130d962e32a070a359ffe861f9
SHA256 37edf9b948a4d9a870782b8c64c1aecf63ac2e53c22b270b9125888e9e4849b6
SHA512 55aa4409836173c8dccfa70bbd8e09458722612d929a58b3eb13f1dc8bfe83b777c409be5fad8e47b344f59ea02466a96c7236abef9a3bbd02884cd8ba5e7b25

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ce91ceb4540fe32324c1e7559f20cac2
SHA1 570bc679a99526e89073614ac0a10b6c48c4fd24
SHA256 c22929df29203ef306452dcd9d848aa9494af54b4c6b957c7ba2004745038bab
SHA512 f810798484d731e635509a0dfb7d5c38d427a132887952853d0b95d9333ac58266a52919ad65f79b36594dcd4ec26787ef04898e46db2e1377dc96fe4015e797

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 19a707fe558c7b77df73d4a1f57768a2
SHA1 2a58593f2e36a4eeadc854e04efda0589b5b434b
SHA256 dfaaa2f023c894a0c6c3e29672ec6e219a84fa96b680a375ff8ffefe2a5bf1ff
SHA512 d08f609fc5e3332cb1a113e550ee463cf50f1a1443d17a987a16c4cdea7169785e3c2f559283be3079357e491e8204d5caac05166c4ffe373733c7d5b63b050a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9febd9d52723110825d3749107d56447
SHA1 2e334ccada9ab1816b193263e3beba1e88cbe375
SHA256 99e4ac6732a7a854c5b2d70f640c06d8abb2b6c7fce69ab7d785530c1e70e6dc
SHA512 fea62403a6a2cb871b6eb438c642448d63fc14d2ebdc6a65558901181f8678e6424484f0fa969399979dc2b28d197cc4e2c7adf1e157c08f668124d669b9f5c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 82e7882bff7700ea90d04f318144abb6
SHA1 b8600679ba721042bb9243a7912ff51867949310
SHA256 7d3b149da5ad72a2bf4fe12f299a3f70a0602395e46c2c237b4112bca04f539f
SHA512 3f7e395acba976f4b0306921b26eff0a99c69013a60388748b39acca62e900ceb1e16ea5d65a6c045d98769d5190827fca025f130d624ea5854c80a0a63eb1ae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c9eaa298d1f03f434087bf3c4374e32a
SHA1 9c15075de9e3b569b1763b6f1e9276ea77f615c3
SHA256 54d138423525b9fb50e850ebd84d3403595ab505ff4217ad78c5f2bf3d739032
SHA512 6bb50828124062e0ad8815dcd62fb22b71ca9d7164a033e9522f7c7acc213841727b8fcdb7538fa81e663dae950d2177805e67631d909d2b707a7ced3ac2d7e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 59b5ad9629f2f1a4768b33a2a560837b
SHA1 95467198732f7803bb9b5965d2ca98d5e1bc57e4
SHA256 af341d11dba9176e61a573ad1994e4f6f9918de4d9fdde0a46ac0f80587b8dc0
SHA512 e6f72ab46e7c7dd36e3f7b1ad627150b79a419b491f4c569c7fd5ac2fb3cd4c50a7ec7952b181e942cfb52080d42bd5c279c7b95635c1406be9421d0dc6c1087

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7f218012f7a20a7d8f0216e493cb4dfe
SHA1 ffa907d5b6ff3ade8c6e6954b53243249f8f8650
SHA256 395fd732c224a997bf68189f4aa6d1ece3432c5b7499f689ba47d5be4ea0fd46
SHA512 8c0dd0b3d0cd463a1e87ba83933bcd5bc7cbd9ba1a5a35b6ba0f2da9dddd5bd508bde0ed4c8f888ddf30049989cb55269c98c59ad4f396594206a6bde64e1e2b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cfebd7cce49eb8ebd62a0308c52ff110
SHA1 3a330b2650e0f7a8bbc2f326d683c90ad98a8daf
SHA256 db3d84caf57a30a4d86db98111c69320a8dd124aa1c1d59f8408bd8760ba5c3e
SHA512 ff225e644f17fd6be504a77d1aeb2d01bf9a8ea098b3bcd5ba378716fa3a02ac466c8d942d68ae78ee5dd133cc84ba415b540e6c675262d730d146fb8e74a658