Malware Analysis Report

2024-09-09 18:07

Sample ID 240618-rhx5raxblg
Target RobloxPlayerInstaller (2).exe
SHA256 b5d35eaf2ca4befb5ac6de8680609c9a86fdc257b49d21ce4c8d17eddaa1b51a
Tags
discovery evasion persistence privilege_escalation trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

b5d35eaf2ca4befb5ac6de8680609c9a86fdc257b49d21ce4c8d17eddaa1b51a

Threat Level: Likely malicious

The file RobloxPlayerInstaller (2).exe was found to be: Likely malicious.

Malicious Activity Summary

discovery evasion persistence privilege_escalation trojan

Downloads MZ/PE file

Event Triggered Execution: Image File Execution Options Injection

Event Triggered Execution: Component Object Model Hijacking

Executes dropped EXE

Checks computer location settings

Loads dropped DLL

Legitimate hosting services abused for malware hosting/C2

Checks whether UAC is enabled

Adds Run key to start application

Enumerates connected drives

Checks installed software on the system

Checks system information in the registry

Suspicious use of NtSetInformationThreadHideFromDebugger

Suspicious use of NtCreateThreadExHideFromDebugger

Drops file in System32 directory

Drops file in Windows directory

Drops file in Program Files directory

Enumerates physical storage devices

Uses Volume Shadow Copy WMI provider

Checks SCSI registry key(s)

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Uses Volume Shadow Copy service COM API

Suspicious use of FindShellTrayWindow

Modifies data under HKEY_USERS

Checks processor information in registry

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

Modifies registry class

Suspicious behavior: MapViewOfSection

NTFS ADS

Uses Task Scheduler COM API

Enumerates system info in registry

Modifies Internet Explorer settings

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Suspicious use of SetWindowsHookEx

Suspicious use of UnmapMainImage

MITRE ATT&CK Matrix V13

Analysis: static1

Detonation Overview

Reported

2024-06-18 14:12

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-18 14:12

Reported

2024-06-18 14:30

Platform

win10-20240611-en

Max time kernel

1089s

Max time network

1095s

Command Line

"C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe"

Signatures

Downloads MZ/PE file

Event Triggered Execution: Image File Execution Options Injection

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EUFBBE.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EUFBBE.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EUE29B.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EUE29B.tmp\MicrosoftEdgeUpdate.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A

Event Triggered Execution: Component Object Model Hijacking

persistence privilege_escalation

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\windowsdesktop-runtime-6.0.31-win-x64.exe N/A
N/A N/A C:\Windows\Temp\{9941FF98-7803-4E21-9500-BD99267CC38E}\.cr\windowsdesktop-runtime-6.0.31-win-x64.exe N/A
N/A N/A C:\Windows\Temp\{FCBBDA55-26D7-413B-A0EC-C63CFA6E1407}\.be\windowsdesktop-runtime-6.0.31-win-x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUFBBE.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C8CC6AA8-043F-45FF-BE2F-A244907A5FE7}\MicrosoftEdge_X64_126.0.2592.61.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C8CC6AA8-043F-45FF-BE2F-A244907A5FE7}\EDGEMITMP_45537.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C8CC6AA8-043F-45FF-BE2F-A244907A5FE7}\EDGEMITMP_45537.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{276DC2B7-3819-47BD-9251-CD655A31DF2A}\MicrosoftEdgeUpdateSetup_X86_1.3.187.41.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUE29B.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Windows\Temp\{9941FF98-7803-4E21-9500-BD99267CC38E}\.cr\windowsdesktop-runtime-6.0.31-win-x64.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\{1a7abdc5-639b-4af0-87c6-dbc511750c6e} = "\"C:\\ProgramData\\Package Cache\\{1a7abdc5-639b-4af0-87c6-dbc511750c6e}\\windowsdesktop-runtime-6.0.31-win-x64.exe\" /burn.runonce" C:\Windows\Temp\{FCBBDA55-26D7-413B-A0EC-C63CFA6E1407}\.be\windowsdesktop-runtime-6.0.31-win-x64.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\B: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\G: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\I: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\M: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\U: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\W: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\X: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Z: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\H: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\J: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\N: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\P: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Q: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\T: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\V: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\E: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\K: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Y: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\A: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\L: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\O: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\R: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\S: C:\Windows\system32\msiexec.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A camo.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EUE29B.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EUE29B.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EUFBBE.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EUFBBE.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_363582827213C09529A76F35FB615187 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_363582827213C09529A76F35FB615187 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCookies C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_6372E0472AFF76BB926C97818BC773B9 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\counters2.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_0FB9553B978E7F00C6B2309507DEB64A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\counters2.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\counters2.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\counters2.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\counters2.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_6372E0472AFF76BB926C97818BC773B9 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_0FB9553B978E7F00C6B2309507DEB64A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\counters2.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\MenuBar\icon_maximize.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\StudioToolbox\AssetConfig\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\VoiceChat\SpeakerLight\Unmuted80.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_ta.dll C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.61\vk_swiftshader_icd.json C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C8CC6AA8-043F-45FF-BE2F-A244907A5FE7}\EDGEMITMP_45537.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\models\LayeredClothingEditor\mannequin.rbxm C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\MaterialGenerator\Materials\Limestone.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EUFBBE.tmp\msedgeupdateres_cs.dll C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.61\Trust Protection Lists\Sigma\Entities C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C8CC6AA8-043F-45FF-BE2F-A244907A5FE7}\EDGEMITMP_45537.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\MaterialGenerator\Materials\Sand.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\Controls\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\Emotes\Editor\Small\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\MenuBar\icon_safety_on.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerInstaller.exe C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\ExtraContent\textures\ui\Controls\DesignSystem\ButtonR3.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EUE29B.tmp\msedgeupdateres_ne.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{276DC2B7-3819-47BD-9251-CD655A31DF2A}\MicrosoftEdgeUpdateSetup_X86_1.3.187.41.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\whiteCircle.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\Controls\DesignSystem\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\icon_intern-16.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.31\it\System.Windows.Forms.resources.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\VoiceChat\MicLight\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\ExtraContent\textures\ui\LuaApp\ExternalSite\facebook.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.31\System.ComponentModel.Primitives.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.61\Locales\nb.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C8CC6AA8-043F-45FF-BE2F-A244907A5FE7}\EDGEMITMP_45537.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.61\Locales\ru.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C8CC6AA8-043F-45FF-BE2F-A244907A5FE7}\EDGEMITMP_45537.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\TerrainEditor\volcano.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\InspectMenu\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\VoiceChat\SpeakerNew\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\ExtraContent\textures\ui\LuaApp\ExternalSite\wechat.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\ExtraContent\textures\ui\LuaChat\9-slice\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EUE29B.tmp\msedgeupdateres_ar.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{276DC2B7-3819-47BD-9251-CD655A31DF2A}\MicrosoftEdgeUpdateSetup_X86_1.3.187.41.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\TerrainTools\mtrl_water.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\Input\DashedLine90.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\GameSettings\placeholder.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\scrollbuttonDown.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\LegacyRbxGui\Asphalt.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\VoiceChat\SpeakerNew\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\ExtraContent\textures\ui\LuaApp\dropdown\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\configs\DateTimeLocaleConfigs\en-gb.json C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\Debugger\Breakpoints\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\VoiceChat\SpeakerNew\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.31\api-ms-win-core-heap-l1-1-0.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.31\pt-BR\System.Windows.Input.Manipulations.resources.dll C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.61\Locales\kok.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C8CC6AA8-043F-45FF-BE2F-A244907A5FE7}\EDGEMITMP_45537.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\PurchasePrompt\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\VoiceChat\SpeakerDark\Error.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.61\Locales\lo.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C8CC6AA8-043F-45FF-BE2F-A244907A5FE7}\EDGEMITMP_45537.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\avatar\compositing\R15CompositTorsoBase.mesh C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\models\ViewSelector\Corner.mesh C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\Controls\PlayStationController\PS4\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\VoiceChat\Misc\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\ExtraContent\textures\ui\LuaChat\graphic\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.31\System.IO.UnmanagedMemoryStream.dll C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.61\Locales\mk.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C8CC6AA8-043F-45FF-BE2F-A244907A5FE7}\EDGEMITMP_45537.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\GameSettings\ScrollBarBottom_Wide.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\Controls\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\StudioToolbox\AssetConfig\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\TerrainTools\mt_flatten.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\VoiceChat\SpeakerLight\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\ExtraContent\textures\ui\Controls\DesignSystem\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\ExtraContent\textures\ui\LuaApp\icons\[email protected] C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.61\Trust Protection Lists\Mu\Social C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C8CC6AA8-043F-45FF-BE2F-A244907A5FE7}\EDGEMITMP_45537.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\DeveloperFramework\close.png C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\SourceHash{0950F07D-F1C4-47A5-AC88-C5FAA5DC564D} C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\e5a63d5.msi C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\e5a63db.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Debug\ESE.TXT C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
File opened for modification C:\Windows\Installer\MSI6B20.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI996C.tmp C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\e5a63da.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSIACCB.tmp C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
File created C:\Windows\Installer\e5a63d1.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\e5a63d6.msi C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\SourceHash{59ED1DC1-E3E4-4BC0-B43F-143CCC38FF17} C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\e5a63db.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSIDAB5.tmp C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\inprogressinstallinfo.ipi C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\system32\taskmgr.exe N/A
File opened for modification C:\Windows\Installer\MSI9580.tmp C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\SourceHash{9992D04E-553E-4BC2-B0EC-4A394DD19986} C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\e5a63df.msi C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
File created C:\Windows\Installer\e5a63cc.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI96D9.tmp C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\rescache\_merged\1601268389\715946058.pri C:\Windows\system32\taskmgr.exe N/A
File opened for modification C:\Windows\Installer\e5a63cc.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\ C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI8A25.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\e5a63d1.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSIB335.tmp C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\e5a63d6.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI9DD2.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSIA3C1.tmp C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\SourceHash{EFE53353-800E-4987-B965-1C968D0F23A4} C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI6821.tmp C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\e5a63d0.msi C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\rescache\_merged\4183903823\2290032291.pri C:\Windows\system32\taskmgr.exe N/A
File opened for modification C:\Windows\Installer\MSI9F59.tmp C:\Windows\system32\msiexec.exe N/A

Enumerates physical storage devices

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\taskmgr.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
Key created \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Software\Microsoft\Internet Explorer\Main C:\Windows\system32\browser_broker.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Software\Microsoft\Internet Explorer\Main C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies\CachePrefix = "Cookie:" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1e\52C64B7E C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (data) \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1e\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (data) \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies\CachePrefix = "Cookie:" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content\CachePrefix C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (data) \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1b C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (data) \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1e\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies\CachePrefix = "Cookie:" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content\CachePrefix C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History\CachePrefix = "Visited:" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content\CachePrefix C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1e C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (data) \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1e\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\OnDemandInterfaceCache C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MigrateProxy = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\1B C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\OnDemandInterfaceCache C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133631935724533222" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History\CachePrefix = "Visited:" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\OnDemandInterfaceCache C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\OnDemandInterfaceCache C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies\CachePrefix = "Cookie:" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History\CachePrefix = "Visited:" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BingPageData C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{5F6A18BB-6231-424B-8242-19E5BB94F8ED}\ = "Microsoft Edge Update CredentialDialog" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\trust\Certificates C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\{1a7abdc5-639b-4af0-87c6-dbc511750c6e}\Version = "6.0.31.33720" C:\Windows\Temp\{FCBBDA55-26D7-413B-A0EC-C63CFA6E1407}\.be\windowsdesktop-runtime-6.0.31-win-x64.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$blogger C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\VersionIndependentProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\ProxyStubClsid32\ = "{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ = "ICoCreateAsyncStatus" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebMachine\CLSID\ = "{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\Elevation\Enabled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods\ = "8" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ = "IBrowserHttpRequest2" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\roblox-player\shell\open C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ = "IProcessLauncher" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ = "IProcessLauncher" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\PROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\VERSIONINDEPENDENTPROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\NumMethods\ = "7" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\roblox C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\ = "Google Update Policy Status Class" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\VersionIndependentProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}\ = "Google Update Policy Status Class" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ProxyStubClsid32\ = "{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreMachineClass.1\CLSID\ = "{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\VersionIndependentProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\ = "PSFactoryBuffer" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\INTERFACE\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\NUMMETHODS C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods\ = "5" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\NumMethods\ = "27" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\Elevation\Enabled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\NumMethods\ = "6" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\ProgID\ = "MicrosoftEdgeUpdate.PolicyStatusMachine.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\MicrosoftEdgeUpdateBroker.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\ProxyStubClsid32\ = "{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachine C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\windowsdesktop-runtime-6.0.31-win-x64.exe.qpn9zgh.partial:Zone.Identifier C:\Windows\system32\browser_broker.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUFBBE.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUFBBE.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUFBBE.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUFBBE.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUFBBE.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUFBBE.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\MicrosoftEdgeUpdate.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeRestorePrivilege N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Token: SeBackupPrivilege N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\Temp\{9941FF98-7803-4E21-9500-BD99267CC38E}\.cr\windowsdesktop-runtime-6.0.31-win-x64.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2972 wrote to memory of 5060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 5060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 8 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 3608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 3608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2972 wrote to memory of 312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Uses Task Scheduler COM API

persistence

Uses Volume Shadow Copy WMI provider

ransomware

Uses Volume Shadow Copy service COM API

ransomware

Processes

C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe

"C:\Users\Admin\AppData\Local\Temp\RobloxPlayerInstaller (2).exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ff9cbef9758,0x7ff9cbef9768,0x7ff9cbef9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1532 --field-trial-handle=1740,i,9389944638535671713,2753792344851824758,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2020 --field-trial-handle=1740,i,9389944638535671713,2753792344851824758,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2052 --field-trial-handle=1740,i,9389944638535671713,2753792344851824758,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2920 --field-trial-handle=1740,i,9389944638535671713,2753792344851824758,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2928 --field-trial-handle=1740,i,9389944638535671713,2753792344851824758,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4364 --field-trial-handle=1740,i,9389944638535671713,2753792344851824758,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4524 --field-trial-handle=1740,i,9389944638535671713,2753792344851824758,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4620 --field-trial-handle=1740,i,9389944638535671713,2753792344851824758,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5004 --field-trial-handle=1740,i,9389944638535671713,2753792344851824758,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4580 --field-trial-handle=1740,i,9389944638535671713,2753792344851824758,131072 /prefetch:8

C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NEM1MjY0NUYtNEUwMS00RDg4LUJEQTAtRUQ5MjI2N0E2MUE3fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntGQzkyRjJEMi01OEU2LTQ2NjAtOTdFMC05REM4NjA3NzQ2Q0R9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE1MDYzLjAiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iIi8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IiIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjUyNzc1ODA0MTMiIGluc3RhbGxfdGltZV9tcz0iMjg4OSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{4C52645F-4E01-4D88-BDA0-ED92267A61A7}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NEM1MjY0NUYtNEUwMS00RDg4LUJEQTAtRUQ5MjI2N0E2MUE3fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntGQTc4NTY4RC1FREY0LTQ3NjctODcxNS0yNEI2MEI3MDNFNUF9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE1MDYzLjAiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTA2LjAuNTI0OS4xMTkiIG5leHR2ZXJzaW9uPSIxMDYuMC41MjQ5LjExOSIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjMiIHN5c3RlbV91cHRpbWVfdGlja3M9IjUyODY1MDAyMjkiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xd0,0xd4,0xd8,0xac,0x8,0x7ff9cbef9758,0x7ff9cbef9768,0x7ff9cbef9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1664 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1800 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2116 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2884 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2900 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4436 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NEM1MjY0NUYtNEUwMS00RDg4LUJEQTAtRUQ5MjI2N0E2MUE3fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntCMjBGN0Q5Mi02OTIwLTQ4OEYtOTBEOC01QkY2NzUwRTQyMkF9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE1MDYzLjAiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTI2LjAuMjU5Mi42MSIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9Ii0xIiBpbnN0YWxsZGF0ZT0iLTEiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNTMzODc0MDIwNyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjUzMzkwMDA2ODUiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1NjExNzMxMjk4IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy83MTM2OWRmNC05ZTlmLTRhMWItOWFmOC05YThiNWFhNDU0OGQ_UDE9MTcxOTMyNDgwNSZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1jVVdTbzNDSTd3RmpkYXVnU09tRGt0M1dJSGVtRXYwdGNzY01EdUI4ZlRLUVJta3ZiT0E2S3YxMVBXa3hHbjVsRlg3VjFKJTJmZ3JJSWVYZVBTQ3hweGdBJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iMTg0LjMxLjE1Ljk2IiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTcyOTA3NDgwIiB0b3RhbD0iMTcyOTA3NDgwIiBkb3dubG9hZF90aW1lX21zPSIxOTU1OSIvPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ3MjIwOTg4IiBleHRyYWNvZGUxPSIyNjg0MzU0NjMiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU2MTIwOTA3NjEiIHNvdXJjZV91cmxfaW5kZXg9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSIzODkiIGRvd25sb2FkX3RpbWVfbXM9IjI3Mjk4IiB0b3RhbD0iMTcyOTA3NDgwIiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4612 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4724 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:8

C:\Windows\SysWOW64\wermgr.exe

"C:\Windows\system32\wermgr.exe" "-outproc" "0" "4584" "900" "884" "876" "0" "0" "0" "0" "0" "0" "0" "0"

C:\Windows\SysWOW64\wermgr.exe

"C:\Windows\system32\wermgr.exe" "-outproc" "0" "3780" "1128" "1032" "1124" "0" "0" "0" "0" "0" "0" "0" "0"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4764 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /unregserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe" /unregister

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe" /unregister

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe" /unregister

C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe" -app -isInstallerLaunch

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5376 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5472 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5480 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4576 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5616 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5140 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5608 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5200 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5196 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5444 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5476 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2900 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:8

C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe

"C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe"

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

C:\Windows\system32\browser_broker.exe

C:\Windows\system32\browser_broker.exe -Embedding

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\windowsdesktop-runtime-6.0.31-win-x64.exe

"C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\windowsdesktop-runtime-6.0.31-win-x64.exe"

C:\Windows\Temp\{9941FF98-7803-4E21-9500-BD99267CC38E}\.cr\windowsdesktop-runtime-6.0.31-win-x64.exe

"C:\Windows\Temp\{9941FF98-7803-4E21-9500-BD99267CC38E}\.cr\windowsdesktop-runtime-6.0.31-win-x64.exe" -burn.clean.room="C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\windowsdesktop-runtime-6.0.31-win-x64.exe" -burn.filehandle.attached=584 -burn.filehandle.self=552

C:\Windows\Temp\{FCBBDA55-26D7-413B-A0EC-C63CFA6E1407}\.be\windowsdesktop-runtime-6.0.31-win-x64.exe

"C:\Windows\Temp\{FCBBDA55-26D7-413B-A0EC-C63CFA6E1407}\.be\windowsdesktop-runtime-6.0.31-win-x64.exe" -q -burn.elevated BurnPipe.{032F0956-68BF-48B0-9C67-F80D9275F8C7} {33A507D4-536F-4D94-90D1-83BD4F8B6AF7} 2584

C:\Windows\system32\msiexec.exe

C:\Windows\system32\msiexec.exe /V

C:\Windows\syswow64\MsiExec.exe

C:\Windows\syswow64\MsiExec.exe -Embedding CB327310AE9C95329039A021FB101608

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /4

C:\Windows\syswow64\MsiExec.exe

C:\Windows\syswow64\MsiExec.exe -Embedding B43F3D448F7B72C8F991E01414A0B16E

C:\Windows\syswow64\MsiExec.exe

C:\Windows\syswow64\MsiExec.exe -Embedding 4C46C6408274E52948ED0333ED8122BB

C:\Windows\syswow64\MsiExec.exe

C:\Windows\syswow64\MsiExec.exe -Embedding 17F4F56EBDD6951E93E95B16C29AC76C

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2488 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:2

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe

"C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=4928 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=168 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2972 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2988 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=5920 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6128 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6140 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:8

C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe

"C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe"

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

"C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe" /silent /install

C:\Program Files (x86)\Microsoft\Temp\EUFBBE.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EUFBBE.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NDgyMzRGMUUtMDVGRC00RjQ1LUFDNEQtM0M4MkMzRkZGOUVFfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntDODIzMzA4Ni0wQTk5LTQ0QzEtQkFEMi1BQTU0NTI1NUQwODl9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE1MDYzLjAiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iIi8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IiIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwMjgyNDE4Mjg5IiBpbnN0YWxsX3RpbWVfbXM9IjEyNzYiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{48234F1E-05FD-4F45-AC4D-3C82C3FFF9EE}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NDgyMzRGMUUtMDVGRC00RjQ1LUFDNEQtM0M4MkMzRkZGOUVFfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntEMjMwNDIzNC01ODFCLTRFMDAtODcwRC02M0UwQzQ2NTdBQkZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE1MDYzLjAiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iIi8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjEwNi4wLjUyNDkuMTE5IiBuZXh0dmVyc2lvbj0iMTA2LjAuNTI0OS4xMTkiIGxhbmc9ImVuIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIzIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDI4Nzg3ODExNiIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C8CC6AA8-043F-45FF-BE2F-A244907A5FE7}\MicrosoftEdge_X64_126.0.2592.61.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C8CC6AA8-043F-45FF-BE2F-A244907A5FE7}\MicrosoftEdge_X64_126.0.2592.61.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C8CC6AA8-043F-45FF-BE2F-A244907A5FE7}\EDGEMITMP_45537.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C8CC6AA8-043F-45FF-BE2F-A244907A5FE7}\EDGEMITMP_45537.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C8CC6AA8-043F-45FF-BE2F-A244907A5FE7}\MicrosoftEdge_X64_126.0.2592.61.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C8CC6AA8-043F-45FF-BE2F-A244907A5FE7}\EDGEMITMP_45537.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C8CC6AA8-043F-45FF-BE2F-A244907A5FE7}\EDGEMITMP_45537.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=126.0.6478.62 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C8CC6AA8-043F-45FF-BE2F-A244907A5FE7}\EDGEMITMP_45537.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=126.0.2592.61 --initial-client-data=0x224,0x228,0x22c,0x200,0x230,0x7ff727ceaa40,0x7ff727ceaa4c,0x7ff727ceaa58

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NDgyMzRGMUUtMDVGRC00RjQ1LUFDNEQtM0M4MkMzRkZGOUVFfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InsxODE2QjRDMi0xODBBLTQ5MjEtOENERC0xOEUxNDVFQjZBN0N9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE1MDYzLjAiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTI2LjAuMjU5Mi42MSIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9Ii0xIiBpbnN0YWxsZGF0ZT0iLTEiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTAzMzA0ODgzNzYiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDMzMDYxNzk4OSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwNzMzMDY4ODE1IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy83MTM2OWRmNC05ZTlmLTRhMWItOWFmOC05YThiNWFhNDU0OGQ_UDE9MTcxOTMyNTMwNCZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1GZkNNeGxLaXFhZVRRU3djNlZ3NDVlWm5qazBIc1FQJTJiRDlvNTFpZlVZUEhmT1gxSnlQMzZyTXN5TDJJeHhVaXhqdE51Q09LUnZPS2ZBb3dvdnZaMmdnJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTcyOTA3NDgwIiB0b3RhbD0iMTcyOTA3NDgwIiBkb3dubG9hZF90aW1lX21zPSIzMTg0OSIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwNzMzNTg5MTM2IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTA3NjMyOTE1NjgiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY3NTciIHN5c3RlbV91cHRpbWVfdGlja3M9IjExMzgzNjkwODI3IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iODk3IiBkb3dubG9hZF90aW1lX21zPSI0MDI3NyIgZG93bmxvYWRlZD0iMTcyOTA3NDgwIiB0b3RhbD0iMTcyOTA3NDgwIiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI2MjAzMyIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe

"C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe" --app -channel production

C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe

"C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe"

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe

"C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe" --app -channel production

C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe

"C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe"

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe

"C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe" --app -channel production

C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe

"C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe" -menu

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xd0,0xd4,0xd8,0xac,0xdc,0x7ff9cbef9758,0x7ff9cbef9768,0x7ff9cbef9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=5172 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=5880 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3096 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3648 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=6400 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=6008 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=4692 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:1

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x350

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6472 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe

"C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe"

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe

"C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe" --app -channel production

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{276DC2B7-3819-47BD-9251-CD655A31DF2A}\MicrosoftEdgeUpdateSetup_X86_1.3.187.41.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{276DC2B7-3819-47BD-9251-CD655A31DF2A}\MicrosoftEdgeUpdateSetup_X86_1.3.187.41.exe" /update /sessionid "{677EC223-C97B-416F-9BA7-13097509F9F2}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7Njc3RUMyMjMtQzk3Qi00MTZGLTlCQTctMTMwOTc1MDlGOUYyfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins1Rjk5Mjc0Mi1EOURBLTQ4QjgtOEYwRS03NzA4NUVGMjE4Mzd9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE1MDYzLjAiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xODcuNDEiIGxhbmc9IiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iMCI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSIxMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTM4NzE4NzU0MzUiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTM4NzI4NjU0NzUiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTQxMjA3MDU2MTAiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzRhZDljYjZlLTgyNDUtNGU0Ny1iMjk4LTFmZjRiMDQyNTZlMT9QMT0xNzE5MzI1NjU4JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PVI1ZmptTndXZlJqTGNwNkh6aktRWDVVWWVxRWcyZDNkWnN4aXljaE1HbUhiY0wzQkQ5bDRoWW5qVSUyYnBveFFRMkglMmZOTUZ2Q3BOODZIZU9OU0R6SyUyYllnJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTYzNDM3NiIgdG90YWw9IjE2MzQzNzYiIGRvd25sb2FkX3RpbWVfbXM9IjIxOTgwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0MTIwNzc1NzU0IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0MTI2MDY0NjI3IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PHBpbmcgcj0iLTEiIHJkPSItMSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjYuMC4yNTkyLjYxIiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9IjAiIGluc3RhbGxkYXRlPSI2Mzc3Ij48dXBkYXRlY2hlY2svPjxwaW5nIHI9Ii0xIiByZD0iLTEiIHBpbmdfZnJlc2huZXNzPSJ7QUREMkJCRUUtMTFGMC00OENFLTlBQTktMTJFNTZEQTkxMjVGfSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\Temp\EUE29B.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EUE29B.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{677EC223-C97B-416F-9BA7-13097509F9F2}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuNDEiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7Njc3RUMyMjMtQzk3Qi00MTZGLTlCQTctMTMwOTc1MDlGOUYyfSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7QzVEQzNDOUYtRkRDQS00NEUzLUFFNEItRTk2QkYyMzdDN0JGfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xNTA2My4wIiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNzEuMzkiIG5leHR2ZXJzaW9uPSIxLjMuMTg3LjQxIiBsYW5nPSIiIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMCIgaW5zdGFsbGRhdGU9IjYzNzciIGluc3RhbGxkYXRldGltZT0iMTcxODcyMDQ5NyI-PGV2ZW50IGV2ZW50dHlwZT0iMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTQxNzg0NzIwMjgiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=4576 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5184 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:8

C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe

"C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe" roblox-player:1+launchmode:play+gameinfo:jE8-uZ8t8L8xdcwzk66u9zANv-Eh73L4ExpFby5JW4cfmOrrpx7xywMCXWpyjs9CM-g7YsGgzoBs8cBdLx-M_XStc1JmpGe1LJ0WIxZW0MPMbKe8FkmjxGs0YHDwf0uccKi1Rq2bVkWKqy0w9l_yrbbHyIme7GoquCBpcqYgC2MD-cqgb-ooj69gtLaYgG6FtmUMvnaVocuQoRDFoF9wnVXW9zIPR53dYotuJYDu53k+launchtime:1718720952426+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1718720186524009%26placeId%3D10449761463%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D1adad256-8fc9-4098-9bef-eea2a37cd030%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1718720186524009+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe

"C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:jE8-uZ8t8L8xdcwzk66u9zANv-Eh73L4ExpFby5JW4cfmOrrpx7xywMCXWpyjs9CM-g7YsGgzoBs8cBdLx-M_XStc1JmpGe1LJ0WIxZW0MPMbKe8FkmjxGs0YHDwf0uccKi1Rq2bVkWKqy0w9l_yrbbHyIme7GoquCBpcqYgC2MD-cqgb-ooj69gtLaYgG6FtmUMvnaVocuQoRDFoF9wnVXW9zIPR53dYotuJYDu53k+launchtime:1718720959298+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1718720186524009%26placeId%3D10449761463%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D1adad256-8fc9-4098-9bef-eea2a37cd030%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1718720186524009+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp+channel:production

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=4556 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=6048 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=6520 --field-trial-handle=1864,i,788925854126977601,14690407666257794011,131072 /prefetch:1

C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe

"C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe" roblox-player:1+launchmode:play+gameinfo:4_3xSsx75qRjDo-uM-2gCvMj5u3VttJrUO2tzwFILAwglSCPcXzVpAvyES2Al3aY0ObKVlQ4QtIh1MzDSOjFNuJmcKKZtyfZURarlFH1Ael_bF2aYhuo5oHhy31ecVrXtZNzmmh4TUvzOroZk-gzJIXr4goKxbY9-B8yS1Zx0ZqhqYvKCMwRYLf2PtsceC3V2LLBbT8Ww-bTxj3TbgRYtUR0M_YV9HW9Kg0Qc8uq9oc+launchtime:1718721018459+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGameJob%26browserTrackerId%3D1718720186524009%26placeId%3D10449761463%26gameId%3D7d6f7871-d673-4038-84bf-7d04c11103c2%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D6f3455f4-3e7a-4574-bb29-76b8532adb3a%26joinAttemptOrigin%3DServerListJoin+browsertrackerid:1718720186524009+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe

"C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:4_3xSsx75qRjDo-uM-2gCvMj5u3VttJrUO2tzwFILAwglSCPcXzVpAvyES2Al3aY0ObKVlQ4QtIh1MzDSOjFNuJmcKKZtyfZURarlFH1Ael_bF2aYhuo5oHhy31ecVrXtZNzmmh4TUvzOroZk-gzJIXr4goKxbY9-B8yS1Zx0ZqhqYvKCMwRYLf2PtsceC3V2LLBbT8Ww-bTxj3TbgRYtUR0M_YV9HW9Kg0Qc8uq9oc+launchtime:1718721022004+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGameJob%26browserTrackerId%3D1718720186524009%26placeId%3D10449761463%26gameId%3D7d6f7871-d673-4038-84bf-7d04c11103c2%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D6f3455f4-3e7a-4574-bb29-76b8532adb3a%26joinAttemptOrigin%3DServerListJoin+browsertrackerid:1718720186524009+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp+channel:production

Network

Country Destination Domain Proto
US 199.232.210.172:80 tcp
US 8.8.8.8:53 client-telemetry.roblox.com udp
GB 128.116.119.3:443 client-telemetry.roblox.com tcp
US 8.8.8.8:53 ecsv2.roblox.com udp
GB 128.116.119.4:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 3.119.116.128.in-addr.arpa udp
US 8.8.8.8:53 4.119.116.128.in-addr.arpa udp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
GB 23.208.251.114:443 clientsettingscdn.roblox.com tcp
N/A 127.0.0.1:49755 tcp
N/A 127.0.0.1:49759 tcp
N/A 127.0.0.1:49762 tcp
N/A 127.0.0.1:49765 tcp
US 8.8.8.8:53 setup.rbxcdn.com udp
US 205.234.175.102:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 114.251.208.23.in-addr.arpa udp
US 205.234.175.102:443 setup.rbxcdn.com tcp
US 205.234.175.102:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 102.175.234.205.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 195.187.250.142.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.46:443 play.google.com udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 46.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.187.206:443 clients2.google.com tcp
US 8.8.8.8:53 206.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 41.173.79.40.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
NL 13.95.26.4:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 4.26.95.13.in-addr.arpa udp
US 8.8.8.8:53 msedge.f.tlu.dl.delivery.mp.microsoft.com udp
GB 87.248.205.0:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 0.205.248.87.in-addr.arpa udp
US 8.8.8.8:53 29.243.111.52.in-addr.arpa udp
US 8.8.8.8:53 msedge.f.tlu.dl.delivery.mp.microsoft.com udp
US 8.8.8.8:53 star.f.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com udp
US 8.8.8.8:53 cdp-f-tlu-net.trafficmanager.net udp
US 8.8.8.8:53 wildcard.f.tlu.dl.delivery.mp.microsoft.com.edgesuite.net udp
US 8.8.8.8:53 a1847.dscd.akamai.net udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 108.116.69.13.in-addr.arpa udp
GB 172.217.169.46:443 play.google.com udp
US 8.8.8.8:53 ogs.google.com udp
GB 142.250.187.238:443 ogs.google.com tcp
US 8.8.8.8:53 ssl.gstatic.com udp
GB 172.217.169.3:443 ssl.gstatic.com tcp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 consent.google.com udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.110.133:443 avatars.githubusercontent.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 8.8.8.8:53 camo.githubusercontent.com udp
US 8.8.8.8:53 private-user-images.githubusercontent.com udp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 133.110.199.185.in-addr.arpa udp
US 8.8.8.8:53 154.111.199.185.in-addr.arpa udp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 172.217.169.74:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 74.169.217.172.in-addr.arpa udp
GB 172.217.169.74:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 collector.github.com udp
US 185.199.111.154:443 github.githubassets.com tcp
US 140.82.114.22:443 collector.github.com tcp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 22.114.82.140.in-addr.arpa udp
US 8.8.8.8:53 objects.githubusercontent.com udp
US 8.8.8.8:53 aka.ms udp
US 8.8.8.8:53 27.178.89.13.in-addr.arpa udp
GB 2.17.6.114:443 aka.ms tcp
GB 2.17.6.114:443 aka.ms tcp
US 8.8.8.8:53 dotnet.microsoft.com udp
US 8.8.8.8:53 114.6.17.2.in-addr.arpa udp
US 13.107.246.64:443 dotnet.microsoft.com tcp
US 13.107.246.64:443 dotnet.microsoft.com tcp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 js.monitor.azure.com udp
US 8.8.8.8:53 target.microsoft.com udp
US 8.8.8.8:53 microsoftmscompoc.tt.omtrdc.net udp
NL 23.46.73.244:443 www.microsoft.com tcp
NL 23.46.73.244:443 www.microsoft.com tcp
US 13.107.246.64:443 js.monitor.azure.com tcp
US 13.107.246.64:443 js.monitor.azure.com tcp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 13.107.253.64:443 wcpstatic.microsoft.com tcp
US 13.107.253.64:443 wcpstatic.microsoft.com tcp
US 8.8.8.8:53 244.73.46.23.in-addr.arpa udp
US 8.8.8.8:53 64.253.107.13.in-addr.arpa udp
US 8.8.8.8:53 177.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 browser.events.data.microsoft.com udp
US 8.8.8.8:53 download.visualstudio.microsoft.com udp
US 20.189.173.2:443 browser.events.data.microsoft.com tcp
US 20.189.173.2:443 browser.events.data.microsoft.com tcp
FR 68.232.34.200:443 download.visualstudio.microsoft.com tcp
FR 68.232.34.200:443 download.visualstudio.microsoft.com tcp
US 8.8.8.8:53 200.34.232.68.in-addr.arpa udp
US 8.8.8.8:53 2.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 108.177.122.94:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 94.122.177.108.in-addr.arpa udp
US 8.8.8.8:53 westus2-0.in.applicationinsights.azure.com udp
US 20.9.155.148:443 westus2-0.in.applicationinsights.azure.com tcp
US 20.9.155.148:443 westus2-0.in.applicationinsights.azure.com tcp
US 8.8.8.8:53 148.155.9.20.in-addr.arpa udp
US 8.8.8.8:53 161.19.199.152.in-addr.arpa udp
US 8.8.8.8:53 google.com udp
GB 142.250.178.14:443 google.com tcp
US 8.8.8.8:53 beacons2.gvt2.com udp
US 216.239.34.117:443 beacons2.gvt2.com tcp
US 216.239.34.117:443 beacons2.gvt2.com udp
US 8.8.8.8:53 117.34.239.216.in-addr.arpa udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 215.169.36.23.in-addr.arpa udp
BE 88.221.83.203:443 www.bing.com tcp
BE 88.221.83.203:443 www.bing.com tcp
US 8.8.8.8:53 203.83.221.88.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com udp
US 108.177.122.94:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 2.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 encrypted-tbn2.gstatic.com udp
US 8.8.8.8:53 id.google.com udp
GB 142.250.180.14:443 encrypted-tbn2.gstatic.com tcp
GB 172.217.169.35:443 id.google.com tcp
US 8.8.8.8:53 14.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 35.169.217.172.in-addr.arpa udp
GB 172.217.169.74:443 content-autofill.googleapis.com udp
GB 172.217.169.46:443 play.google.com udp
US 8.8.8.8:53 www.roblox.com udp
GB 128.116.119.4:443 www.roblox.com tcp
GB 128.116.119.4:443 www.roblox.com tcp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 8.8.8.8:53 2.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
GB 128.116.119.4:443 roblox.com udp
ES 18.172.213.12:443 roblox-api.arkoselabs.com tcp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 12.213.172.18.in-addr.arpa udp
US 8.8.8.8:53 apis.roblox.com udp
GB 128.116.119.4:443 apis.roblox.com tcp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 apis.rbxcdn.com udp
BE 2.17.107.249:443 apis.rbxcdn.com tcp
US 8.8.8.8:53 locale.roblox.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
US 205.234.175.102:443 images.rbxcdn.com tcp
GB 128.116.119.4:443 locale.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 49.213.172.18.in-addr.arpa udp
US 8.8.8.8:53 249.107.17.2.in-addr.arpa udp
ES 18.172.213.12:443 roblox-api.arkoselabs.com udp
US 205.234.175.102:443 images.rbxcdn.com udp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 assetgame.roblox.com udp
US 8.8.8.8:53 ncs.roblox.com udp
US 8.8.8.8:53 google.com udp
GB 142.250.178.14:443 google.com udp
US 8.8.8.8:53 tr.rbxcdn.com udp
SE 184.31.15.43:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 realtime-signalr.roblox.com udp
US 8.8.8.8:53 43.15.31.184.in-addr.arpa udp
US 8.8.8.8:53 lms.roblox.com udp
US 8.8.8.8:53 thumbnails.roblox.com udp
US 8.8.8.8:53 accountsettings.roblox.com udp
US 8.8.8.8:53 economy.roblox.com udp
US 8.8.8.8:53 friends.roblox.com udp
US 8.8.8.8:53 privatemessages.roblox.com udp
US 8.8.8.8:53 trades.roblox.com udp
US 8.8.8.8:53 contacts.roblox.com udp
US 8.8.8.8:53 notifications.roblox.com udp
US 8.8.8.8:53 aws-us-west-2b-lms.rbx.com udp
US 8.8.8.8:53 aws-us-east-1a-lms.rbx.com udp
US 8.8.8.8:53 fra4-128-116-44-3.roblox.com udp
US 8.8.8.8:53 waw1-128-116-124-3.roblox.com udp
PL 128.116.124.3:443 waw1-128-116-124-3.roblox.com tcp
US 8.8.8.8:53 lax2-128-116-116-3.roblox.com udp
DE 128.116.44.3:443 fra4-128-116-44-3.roblox.com tcp
US 8.8.8.8:53 c0aws.rbxcdn.com udp
US 8.8.8.8:53 aws-ap-east-1a-lms.rbx.com udp
US 8.8.8.8:53 sin2-128-116-97-3.roblox.com udp
US 52.23.144.99:443 aws-us-east-1a-lms.rbx.com tcp
US 8.8.8.8:53 aws-ap-east-1b-lms.rbx.com udp
US 8.8.8.8:53 lax4-128-116-63-3.roblox.com udp
US 54.184.29.150:443 aws-us-west-2b-lms.rbx.com tcp
SG 128.116.97.3:443 sin2-128-116-97-3.roblox.com tcp
US 128.116.63.3:443 lax4-128-116-63-3.roblox.com tcp
ES 18.172.213.2:443 c0aws.rbxcdn.com tcp
US 128.116.116.3:443 lax2-128-116-116-3.roblox.com tcp
HK 16.162.37.81:443 aws-ap-east-1b-lms.rbx.com tcp
HK 18.166.23.199:443 aws-ap-east-1a-lms.rbx.com tcp
US 54.184.29.150:443 aws-us-west-2b-lms.rbx.com tcp
HK 16.162.37.81:443 aws-ap-east-1b-lms.rbx.com tcp
US 128.116.116.3:443 lax2-128-116-116-3.roblox.com tcp
US 128.116.63.3:443 lax4-128-116-63-3.roblox.com tcp
HK 18.166.23.199:443 aws-ap-east-1a-lms.rbx.com tcp
ES 18.172.213.2:443 c0aws.rbxcdn.com tcp
SG 128.116.97.3:443 sin2-128-116-97-3.roblox.com tcp
US 8.8.8.8:53 3.124.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.44.116.128.in-addr.arpa udp
US 8.8.8.8:53 99.144.23.52.in-addr.arpa udp
US 8.8.8.8:53 150.29.184.54.in-addr.arpa udp
US 8.8.8.8:53 2.213.172.18.in-addr.arpa udp
US 8.8.8.8:53 3.63.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.116.116.128.in-addr.arpa udp
US 8.8.8.8:53 81.37.162.16.in-addr.arpa udp
US 8.8.8.8:53 199.23.166.18.in-addr.arpa udp
US 8.8.8.8:53 3.97.116.128.in-addr.arpa udp
GB 172.217.169.74:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 presence.roblox.com udp
US 108.177.122.94:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.187.206:443 clients2.google.com tcp
US 108.177.122.94:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons.gvt2.com udp
GB 172.217.169.3:443 beacons.gvt2.com tcp
GB 172.217.169.3:443 beacons.gvt2.com udp
US 8.8.8.8:53 setup.rbxcdn.com udp
ES 18.172.213.101:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
ES 18.172.213.21:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 101.213.172.18.in-addr.arpa udp
US 8.8.8.8:53 21.213.172.18.in-addr.arpa udp
US 8.8.8.8:53 94.242.123.52.in-addr.arpa udp
US 8.8.8.8:53 92.16.208.104.in-addr.arpa udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 13.67.191.143:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 143.191.67.13.in-addr.arpa udp
US 8.8.8.8:53 msedge.f.tlu.dl.delivery.mp.microsoft.com udp
US 199.232.210.172:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 104.193.132.51.in-addr.arpa udp
US 8.8.8.8:53 setup.rbxcdn.com udp
ES 18.172.213.116:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
GB 23.208.251.114:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 116.213.172.18.in-addr.arpa udp
ES 18.172.213.116:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
ES 18.172.213.28:443 clientsettingscdn.roblox.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 28.213.172.18.in-addr.arpa udp
ES 18.172.213.116:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.46:443 play.google.com udp
US 8.8.8.8:53 id.google.com udp
US 8.8.8.8:53 66.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.204.86:443 i.ytimg.com tcp
GB 216.58.204.86:443 i.ytimg.com tcp
GB 216.58.204.86:443 i.ytimg.com tcp
GB 216.58.204.86:443 i.ytimg.com tcp
GB 216.58.204.86:443 i.ytimg.com tcp
GB 216.58.204.86:443 i.ytimg.com tcp
US 8.8.8.8:53 86.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 img.youtube.com udp
GB 216.58.201.110:443 img.youtube.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.204.86:443 i.ytimg.com udp
US 8.8.8.8:53 110.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
GB 172.217.169.2:443 googleads.g.doubleclick.net tcp
GB 216.58.213.6:443 static.doubleclick.net tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.212.234:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 2.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 6.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 234.212.58.216.in-addr.arpa udp
GB 216.58.212.234:443 jnn-pa.googleapis.com udp
GB 172.217.169.2:443 googleads.g.doubleclick.net udp
GB 216.58.201.110:443 www.youtube.com udp
US 8.8.8.8:53 encrypted-vtbn0.gstatic.com udp
GB 142.250.180.14:443 encrypted-vtbn0.gstatic.com tcp
GB 142.250.180.14:443 encrypted-vtbn0.gstatic.com udp
US 8.8.8.8:53 rr2---sn-5hne6nzy.googlevideo.com udp
NL 172.217.132.167:443 rr2---sn-5hne6nzy.googlevideo.com tcp
NL 172.217.132.167:443 rr2---sn-5hne6nzy.googlevideo.com tcp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 167.132.217.172.in-addr.arpa udp
US 8.8.8.8:53 rr2---sn-5hne6n6e.googlevideo.com udp
NL 172.217.132.231:443 rr2---sn-5hne6n6e.googlevideo.com udp
US 8.8.8.8:53 231.132.217.172.in-addr.arpa udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.180.10:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
GB 172.217.169.2:443 googleads.g.doubleclick.net udp
GB 216.58.213.6:443 static.doubleclick.net udp
GB 172.217.169.46:443 www.youtube.com udp
GB 172.217.169.46:443 www.youtube.com tcp
US 8.8.8.8:53 lh3.googleusercontent.com udp
US 8.8.8.8:53 yt3.ggpht.com udp
GB 172.217.16.225:443 lh3.googleusercontent.com tcp
GB 142.250.180.1:443 yt3.ggpht.com tcp
GB 142.250.180.1:443 yt3.ggpht.com tcp
GB 142.250.180.1:443 yt3.ggpht.com tcp
US 8.8.8.8:53 1.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 225.16.217.172.in-addr.arpa udp
GB 142.250.180.1:443 yt3.ggpht.com udp
US 8.8.8.8:53 www.google.co.uk udp
GB 142.250.200.3:443 www.google.co.uk tcp
US 8.8.8.8:53 youtube.com udp
GB 142.250.200.46:443 youtube.com tcp
US 8.8.8.8:53 46.200.250.142.in-addr.arpa udp
GB 142.250.180.1:443 yt3.ggpht.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 108.177.122.94:443 beacons.gcp.gvt2.com udp
NL 142.250.27.84:443 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 216.58.204.86:443 i.ytimg.com udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 20.114.58.89:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 89.58.114.20.in-addr.arpa udp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 199.232.210.172:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 142.250.200.2:443 googleads.g.doubleclick.net udp
US 108.177.122.94:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 2.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 setup.rbxcdn.com udp
ES 18.172.213.64:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
ES 18.172.213.21:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 64.213.172.18.in-addr.arpa udp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 253.15.104.51.in-addr.arpa udp
US 8.8.8.8:53 105.246.116.51.in-addr.arpa udp
GB 142.250.179.238:443 www.youtube.com udp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 beacons2.gvt2.com udp
FI 64.233.163.94:443 beacons2.gvt2.com udp
US 8.8.8.8:53 94.163.233.64.in-addr.arpa udp
US 8.8.8.8:53 realtime-signalr.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
FR 128.116.122.3:443 apis.roblox.com tcp
FR 128.116.122.3:443 apis.roblox.com udp
US 108.177.122.94:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 3.122.116.128.in-addr.arpa udp
US 8.8.8.8:53 images.rbxcdn.com udp
ES 18.172.226.56:443 images.rbxcdn.com tcp
ES 18.172.226.56:443 images.rbxcdn.com tcp
US 8.8.8.8:53 56.226.172.18.in-addr.arpa udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
PL 128.116.124.3:443 waw1-128-116-124-3.roblox.com tcp
DE 128.116.44.3:443 fra4-128-116-44-3.roblox.com tcp
US 8.8.8.8:53 aws-us-east-1a-lms.rbx.com udp
ES 18.172.226.53:443 static.rbxcdn.com tcp
US 8.8.8.8:53 lax4-128-116-63-3.roblox.com udp
US 128.116.116.3:443 lax2-128-116-116-3.roblox.com tcp
US 8.8.8.8:53 aws-us-west-2b-lms.rbx.com udp
US 3.213.125.239:443 aws-us-east-1a-lms.rbx.com tcp
US 8.8.8.8:53 aws-ap-east-1b-lms.rbx.com udp
US 128.116.63.3:443 lax4-128-116-63-3.roblox.com tcp
US 8.8.8.8:53 aws-ap-east-1a-lms.rbx.com udp
US 54.189.254.207:443 aws-us-west-2b-lms.rbx.com tcp
SG 128.116.97.3:443 sin2-128-116-97-3.roblox.com tcp
US 8.8.8.8:53 css.rbxcdn.com udp
HK 16.163.183.208:443 aws-ap-east-1b-lms.rbx.com tcp
US 8.8.8.8:53 js.rbxcdn.com udp
HK 18.166.23.199:443 aws-ap-east-1a-lms.rbx.com tcp
US 8.8.8.8:53 c0aws.rbxcdn.com udp
ES 18.172.213.8:443 css.rbxcdn.com tcp
ES 18.172.226.42:443 js.rbxcdn.com tcp
ES 18.172.213.58:443 c0aws.rbxcdn.com tcp
US 8.8.8.8:53 53.226.172.18.in-addr.arpa udp
US 8.8.8.8:53 239.125.213.3.in-addr.arpa udp
US 8.8.8.8:53 8.213.172.18.in-addr.arpa udp
US 8.8.8.8:53 42.226.172.18.in-addr.arpa udp
US 8.8.8.8:53 58.213.172.18.in-addr.arpa udp
US 8.8.8.8:53 207.254.189.54.in-addr.arpa udp
US 8.8.8.8:53 208.183.163.16.in-addr.arpa udp
US 8.8.8.8:53 lms.roblox.com udp
FR 128.116.122.4:443 lms.roblox.com udp
FR 128.116.122.4:443 lms.roblox.com tcp
US 8.8.8.8:53 thumbnails.roblox.com udp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 cs.ns1p.net udp
US 128.116.116.3:443 lax2-128-116-116-3.roblox.com tcp
US 8.8.8.8:53 aws-us-east-1b-lms.rbx.com udp
DE 52.28.200.16:443 cs.ns1p.net tcp
US 52.206.186.193:443 aws-us-east-1b-lms.rbx.com tcp
US 8.8.8.8:53 c0cfly.rbxcdn.com udp
US 8.8.8.8:53 silver.roblox.com udp
US 8.8.8.8:53 ams2-128-116-21-3.roblox.com udp
US 8.8.8.8:53 mia4-128-116-45-3.roblox.com udp
US 8.8.8.8:53 nrt1-128-116-120-3.roblox.com udp
US 8.8.8.8:53 mia2-128-116-127-3.roblox.com udp
US 8.8.8.8:53 aws-eu-west-2a-lms.rbx.com udp
US 8.8.8.8:53 aws-eu-central-1c-lms.rbx.com udp
GB 35.179.56.112:443 aws-eu-west-2a-lms.rbx.com tcp
US 128.116.127.3:443 mia2-128-116-127-3.roblox.com tcp
JP 128.116.120.3:443 nrt1-128-116-120-3.roblox.com tcp
US 205.234.175.102:443 c0cfly.rbxcdn.com tcp
GB 128.116.119.3:443 silver.roblox.com tcp
DE 52.28.164.229:443 aws-eu-central-1c-lms.rbx.com tcp
NL 128.116.21.3:443 ams2-128-116-21-3.roblox.com tcp
US 128.116.45.3:443 mia4-128-116-45-3.roblox.com tcp
US 128.116.45.3:443 mia4-128-116-45-3.roblox.com tcp
JP 128.116.120.3:443 nrt1-128-116-120-3.roblox.com tcp
US 8.8.8.8:53 4.122.116.128.in-addr.arpa udp
US 8.8.8.8:53 112.56.179.35.in-addr.arpa udp
US 8.8.8.8:53 3.21.116.128.in-addr.arpa udp
US 8.8.8.8:53 accountsettings.roblox.com udp
US 8.8.8.8:53 economy.roblox.com udp
US 8.8.8.8:53 contacts.roblox.com udp
US 8.8.8.8:53 notifications.roblox.com udp
US 8.8.8.8:53 193.186.206.52.in-addr.arpa udp
US 8.8.8.8:53 229.164.28.52.in-addr.arpa udp
US 8.8.8.8:53 friends.roblox.com udp
US 8.8.8.8:53 s.ns1p.net udp
US 8.8.8.8:53 privatemessages.roblox.com udp
US 8.8.8.8:53 trades.roblox.com udp
DE 3.123.132.50:443 s.ns1p.net tcp
FR 128.116.122.4:443 lms.roblox.com udp
FR 128.116.122.3:443 trades.roblox.com tcp
FR 128.116.122.4:443 lms.roblox.com tcp
US 8.8.8.8:53 3.127.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.120.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.45.116.128.in-addr.arpa udp
US 8.8.8.8:53 50.132.123.3.in-addr.arpa udp
US 8.8.8.8:53 c0.rbxcdn.com udp
US 8.8.8.8:53 presence.roblox.com udp
US 8.8.8.8:53 games.roblox.com udp
FR 128.116.122.3:443 games.roblox.com tcp
FR 128.116.122.3:443 games.roblox.com tcp
US 8.8.8.8:53 b.ns1p.net udp
US 8.8.8.8:53 tr.rbxcdn.com udp
SE 184.31.15.65:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 voice.roblox.com udp
FR 128.116.122.3:443 voice.roblox.com tcp
US 8.8.8.8:53 65.15.31.184.in-addr.arpa udp
FR 128.116.122.3:443 voice.roblox.com udp
US 8.8.8.8:53 assetgame.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 setup.rbxcdn.com udp
ES 18.172.213.101:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
ES 18.172.213.37:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 37.213.172.18.in-addr.arpa udp
US 8.8.8.8:53 ncs.roblox.com udp
US 8.8.8.8:53 beacons3.gvt2.com udp
GB 216.58.213.3:443 beacons3.gvt2.com tcp
GB 216.58.213.3:443 beacons3.gvt2.com udp
US 8.8.8.8:53 3.213.58.216.in-addr.arpa udp
US 108.177.122.94:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 js.stripe.com udp
US 151.101.0.176:443 js.stripe.com tcp
FR 128.116.122.4:443 lms.roblox.com udp
US 8.8.8.8:53 followings.roblox.com udp
FR 128.116.122.3:443 followings.roblox.com udp
US 8.8.8.8:53 176.0.101.151.in-addr.arpa udp
US 8.8.8.8:53 aws-us-east-2c-lms.rbx.com udp
US 8.8.8.8:53 lhr2-128-116-119-3.roblox.com udp
US 8.8.8.8:53 iad4-128-116-102-3.roblox.com udp
US 18.188.118.110:443 aws-us-east-2c-lms.rbx.com tcp
US 128.116.102.3:443 iad4-128-116-102-3.roblox.com tcp
US 18.188.118.110:443 aws-us-east-2c-lms.rbx.com tcp
US 54.189.254.207:443 aws-us-west-2b-lms.rbx.com tcp
US 8.8.8.8:53 pulsar.roblox.com udp
US 8.8.8.8:53 roblox-poc.global.ssl.fastly.net udp
US 8.8.8.8:53 aws-eu-west-2b-lms.rbx.com udp
GB 18.175.38.169:443 aws-eu-west-2b-lms.rbx.com tcp
GB 142.250.180.10:443 content-autofill.googleapis.com udp
PL 128.116.124.3:443 pulsar.roblox.com tcp
US 151.101.65.194:443 roblox-poc.global.ssl.fastly.net tcp
US 151.101.65.194:443 roblox-poc.global.ssl.fastly.net tcp
US 8.8.8.8:53 110.118.188.18.in-addr.arpa udp
US 8.8.8.8:53 3.102.116.128.in-addr.arpa udp
US 8.8.8.8:53 169.38.175.18.in-addr.arpa udp
US 8.8.8.8:53 m.stripe.network udp
ES 18.172.226.70:443 m.stripe.network tcp
DE 3.123.132.50:443 b.ns1p.net tcp
ES 18.172.226.70:443 m.stripe.network tcp
US 8.8.8.8:53 194.65.101.151.in-addr.arpa udp
US 8.8.8.8:53 70.226.172.18.in-addr.arpa udp
US 205.234.175.102:443 c0cfly.rbxcdn.com tcp
US 8.8.8.8:53 badges.roblox.com udp
FR 128.116.122.4:443 lms.roblox.com udp
US 8.8.8.8:53 226.21.18.104.in-addr.arpa udp
US 8.8.8.8:53 cdg1-128-116-122-3.roblox.com udp
US 8.8.8.8:53 m.stripe.com udp
US 34.210.211.196:443 m.stripe.com tcp
US 8.8.8.8:53 196.211.210.34.in-addr.arpa udp
US 8.8.8.8:53 setup.rbxcdn.com udp
ES 18.172.213.101:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
GB 23.208.251.114:443 clientsettingscdn.roblox.com tcp

Files

C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe

MD5 f899ed8284f9df71e4dd43b152dd60e9
SHA1 715796f8e8c83699dc2672f5acee91dce08715cf
SHA256 8d886a250762d21047a8a579251909225f5adab2e372a7f03e2c1c8c3d294152
SHA512 49b6ec6cc9b7256a19ec18ae5045fb01118b5ae1b2aa5b6e4d9b66daca8b7b3dcbfdde84c20a416378ece260fbb06addaed2c3d6af7eaff4958934fbb81dd796

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 d33bdd0bce36e3516e7e4153dc6ba856
SHA1 d8d92cd3eed1c632f62b44e7a8e11c023406c4bb
SHA256 d1c5714bb17ba30641885750f730eb0c1fae9bdff848e95fae522a92f31b3ce8
SHA512 cf3c1a51737b518b313fb25be6c1a90b72fddfd4f81c8804a614af3075e2026a72e4874dbfddd8ace09302d4cc2dbf0c5230c523ea3907e0397332ba2afaee82

\??\pipe\crashpad_2972_FKYPOQBATHGGIFGK

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\e602387055ae7b12c23fbeefeb417682

MD5 e602387055ae7b12c23fbeefeb417682
SHA1 4efa866cca9693eafb65a6babfebd64bf99037da
SHA256 8df68686863894e7f47069b854d07d6eb449269f527c09433495efb130f33dde
SHA512 87ee31aaf7929c3ef6ddad322727185efe0702f239d81eeda85ff0bc5c873316a660129aecc3bde5809de1449efd5de0f458db27610d126a69dddf35d38c27f3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e4619adbec37c863348feed28671b492
SHA1 8d5ac906b4077389dd0e220768b8fce6b8c0b64b
SHA256 8a19b75926c098bf674067d35eb09a9390c3c289ff27565879c0f970a1bc3182
SHA512 ccce06eff90c9fc2dd8f1846110fc76d42b4cd9408ce9e4aea761f7fb0f0b4acca285f5876dd9b363c4f62a06456c4bc6c833599f8272e985013b93396a87ac6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 00cdf73ddfccbae20250985dcab1675c
SHA1 6aa3932d7329ea80bef7b72a55d29ea953b97949
SHA256 bfb1739fde48f175c148d6bdbe894dfbe88ead3edad880b0080d6d308e96579b
SHA512 c16c2326887e72a3dd4cbefbae2a79f00c118ea893b81698fa4f251d8fdd5c641e9a5ace4447f869a7fe4b3db0d3ba146eb012e863f0b4dfd79d525027cecada

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 51104e4b7b432be80bbde5c505e511a4
SHA1 4c5704e1ab7afa2b203dc68c7e1faa571ad8eb04
SHA256 1b7b73fd5d6667b0e122d114c7d4370a52105a69ccd8acd0e89a1bffe19f148d
SHA512 b8cde50002e163aa8ffb5441acb8f08f2fbf987e5020308d8d5cb8fbc83bfe2f7f6ad14d408a9c2d4877b008b737e3ca97cd275dba48db55abe6acb604ca4f7a

C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MD5 610b1b60dc8729bad759c92f82ee2804
SHA1 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552
SHA256 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08
SHA512 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\MicrosoftEdgeUpdate.exe

MD5 4dc57ab56e37cd05e81f0d8aaafc5179
SHA1 494a90728d7680f979b0ad87f09b5b58f16d1cd5
SHA256 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718
SHA512 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdate.dll

MD5 965b3af7886e7bf6584488658c050ca2
SHA1 72daabdde7cd500c483d0eeecb1bd19708f8e4a5
SHA256 d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19
SHA512 1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_en.dll

MD5 4a1e3cf488e998ef4d22ac25ccc520a5
SHA1 dc568a6e3c9465474ef0d761581c733b3371b1cd
SHA256 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011
SHA512 ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 bde7940abd784d91f9236ffeea928533
SHA1 1d994b328619ac40307ec13707ed98f692e43e01
SHA256 e54c95fa9510bd1c09c70fbdd534fa96b9add223be9158e32c12173572b3ecf5
SHA512 61cdbdfe8a9df3aec8a4281912075cef72072c9d6f96ab74e201fe532af138883b50223fee268a8e0121afebcfce1c8036307cfb66afcf2582dc76eca27b4f30

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe

MD5 60dba9b06b56e58f5aea1a4149c743d2
SHA1 a7e456acf64dd99ca30259cf45b88cf2515a69b3
SHA256 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112
SHA512 e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_ca-Es-VALENCIA.dll

MD5 2929e8d496d95739f207b9f59b13f925
SHA1 7c1c574194d9e31ca91e2a21a5c671e5e95c734c
SHA256 2726c48a468f8f6debc2d9a6a0706b640b2852c885e603e6b2dec638756160df
SHA512 ea459305d3c3fa7a546194f649722b76072f31e75d59da149c57ff05f4af8f38a809066054df809303937bbca917e67441da2f0e1ea37b50007c25ae99429957

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_hi.dll

MD5 34cbaeb5ec7984362a3dabe5c14a08ec
SHA1 d88ec7ac1997b7355e81226444ec4740b69670d7
SHA256 024c5eae16e45abe2237c2a5d868563550ac596f1f7d777e25234c17d9461dd9
SHA512 008c8443a3e93c4643a9e8735a1c59c24ba2f7a789606a86da54c921c34cbc0cb11c88594544d8509a8e71b6a287c043b1ffe2d39b90af53b4cde3847d891ba8

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_is.dll

MD5 5664c7a059ceb096d4cdaae6e2b96b8f
SHA1 bf0095cd7470bf4d7c9566ba0fd3b75c8b9e57ec
SHA256 a3a2947064267d17474c168d3189b0d372e36e53bf0efb9c228d314fc802d98e
SHA512 015dcb17b297a0aaad41c7b0b2199187e435855fd3977d16402be774622cc4f6b55d04ba9159a89e26e350c5602928c76dd9386be3974437b41888a0cfdddfa8

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_id.dll

MD5 03d4c35b188204f62fc1c46320e80802
SHA1 07efb737c8b072f71b3892b807df8c895b20868c
SHA256 192585d7f4a8a0cd95e338863c14233cdd8150f9f6f7dd8a405da0670110ee95
SHA512 7e67ea953ea58ff43e049ce519ae077eec631325604896479526627d688f2fa3bfc855a55ac23a76b1c9ef8cd75274265b8238423b95a2437be7250db0db31b1

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_km.dll

MD5 2ea1200fdfb4fcc368cea7d0cdc32bc2
SHA1 4acb60908e6e974c9fa0f19be94cb295494ee989
SHA256 6fd21b94f62ee7474b3c3029590ddf06936105508f9bf3509620c42dc37486c3
SHA512 e63b80a5929200c85c7a30a3054bd51eee2f27e603501f105073868690906f4619a27a52e58c90ac2ab5d5c34a4739dfdd2a511574afeb7d0118de88c5544f42

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_ko.dll

MD5 cf91a1f111762d2bc01f8a002bd9544d
SHA1 db2603af55b08538a41c51fc0676bc0ed041d284
SHA256 baa9fae4fb8939e0b5fe0c7f393ab1ca40b52534f37bf2158a9a36331a221e75
SHA512 9db864dbd194885b46f7bed9875f1e531e48f7644ce4494b8dc482c7516a6f783cd35129d2565b272dc674491a08c844a6da88bf9fa7843fcf89c96b4e0af799

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_kn.dll

MD5 60dfe673999d07f1a52716c57ba425a8
SHA1 019ce650320f90914e83010f77347351ec9958ab
SHA256 ef749f70e71424d7f548d5c12283be70a6d6c59cffb1c8101b74f37ecacb64af
SHA512 46bfe77a49f14293988863a8e4dd0543202b954b670940d9ad5dc6d2b46e46104d8d6206be08a941f7e02b8ff3e2e2366b7b795d02352cff18971f8d0df5fcdc

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_ka.dll

MD5 3bc0d9dd2119a72a1dc705d794dc6507
SHA1 5c3947e9783b90805d4d3a305dd2d0f2b2e03461
SHA256 4449ee24c676e34fea4d151b3a752e8d0e7c82f419884e80da60d4d4c1b0f8cb
SHA512 8df01ad484bf2924892129c59317f3da4f79611be2ca29e208114e5ed2cb96a63f753511dc4fe97e281417366246f2fb576cc6ef2618a67803ae7ac01be7b067

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_ja.dll

MD5 b507a146eb5de3b02271106218223b93
SHA1 0f1faddb06d775bcabbe8c7d83840505e094b8d6
SHA256 5f4234e2b965656e3d6e127660f52e370dc133632d451ef04975f3b70194b2ed
SHA512 54864e9130b91b6fd68b1947968c446f45a582f22714716bfd70b6dc814841fffe939bc2f573a257ec8c62b4ff939643211fb29cabc0c45b78a6cc70eaa3752c

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_iw.dll

MD5 45e971cdc476b8ea951613dbd96e8943
SHA1 8d87b4edfce31dfa4eebdcc319268e81c1e01356
SHA256 fd5ba39c8b319c6ba2febf896c6947a0a7bae6aa0b4957bd124d55589f41849d
SHA512 f1c9fccf742fa450be249dbbf7e551a426c050ae4af3d2e909f9750068a2bdc801f618eb77a6a82d13421d27949c9f2a9681a44bcb410ccdeec66b24a70f6a9a

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_kk.dll

MD5 bcb1c5f3ef6c633e35603eade528c0f2
SHA1 84fac96d72341dc8238a0aa2b98eb7631b1eaf4e
SHA256 fdd6bffdb9eca4542975f3afe3ac68feac190b8963f0a7244b4b8fa6382381d1
SHA512 ecd79ddd9f3e6db1d0471132c453c324ab55bdead21de77392f418281bc8a2dd43e9009912896ffa3d55d4d3ef17b0aa847a084369b619eb04a2d2313641d520

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_it.dll

MD5 497ca0a8950ae5c8c31c46eb91819f58
SHA1 01e7e61c04de64d2df73322c22208a87d6331fc8
SHA256 abe2360a585b6671ec3a69d14077b43ae8f9e92b6077b80a147dfe36792bb1b7
SHA512 070398af980f193ff90b4afaecb3822534ef3171eca7228bce395af11ca38364bc47cab7df1e71187ef291f90978bdc37a8611d2992b1800cd1de6aa7fda09d9

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_hu.dll

MD5 f4976c580ba37fc9079693ebf5234fea
SHA1 7326d2aa8f6109084728323d44a7fb975fc1ed3f
SHA256 b16755fdbcc796ef4eb937759fe2c3518c694f5d186970d55a5a5e5d906cb791
SHA512 e43636d8c947e981258e649712ad43f37c1aab01916539b93c082959fb5c6764c9c44979650092202839e812e6f252c6c3eaf66d3d195c1efd39c74c81ad1981

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_hr.dll

MD5 0b475965c311203bf3a592be2f5d5e00
SHA1 b5ff1957c0903a93737666dee0920b1043ddaf70
SHA256 65915ad11b9457d145795a1e8d151f898ec2dcb8b136967e6592884699867eb0
SHA512 bec513125f272c24477b9ddbaa5706d1e1bb958babac46829b28df99fa1dd82f3f1e3c7066dc2fe3e59118c536675a22fc2128de916ca4c478950b9992372007

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_gu.dll

MD5 f9646357cf6ce93d7ba9cfb3fa362928
SHA1 a072cc350ea8ea6d8a01af335691057132b04025
SHA256 838ccd8243caa1a5d9e72eb1179ac8ae59d2acb453ed86be01e0722a8e917150
SHA512 654c4a5200f20411c56c59dbb30a63bfe2da27781c081e2049b31f0371a31d679e3c9378c7eb9cf0fb9166a3f0fba33a58c3268193119b06f91bebe164a82528

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_gl.dll

MD5 84a1cea9a31be831155aa1e12518e446
SHA1 670f4edd4dc8df97af8925f56241375757afb3da
SHA256 e4eb716f1041160fd323b0f229b88851e153025d5d79f49b7d6ecb7eb2442c57
SHA512 5f1318119102fcee1c828565737ce914493ff86e2a18a94f5ff2b6b394d584ace75c37258d589cce1d5afd8e37d617168a7d7372cfd68dd6a2afcd4577a0bc51

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_gd.dll

MD5 c90f33303c5bd706776e90c12aefabee
SHA1 1965550fe34b68ea37a24c8708eef1a0d561fb11
SHA256 e3acc61d06942408369c85365ac0d731c5f3c9bc26e3f1e3bb24226d0879ad9c
SHA512 b0c1a9d7df57d68e5daf527703f0b6154a2ef72af1a3933bda2804408f6684b5b09b822522193243fd0756f80f13d3ab0647c90d2bed1a57b4a9fea933b0aa9a

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_ga.dll

MD5 3b8a5301c4cf21b439953c97bd3c441c
SHA1 8a7b48bb3d75279de5f5eb88b5a83437c9a2014a
SHA256 abc9822ee193c9a98a21202648a48ecd69b0cb19ff31c9bbf0c79dab5f9609b0
SHA512 068166cfdf879caf4e54fe43c5265a692fcaf6a9dcbf151335fd054bbec06260bc5ed489de6d46ca3fc0044bc61fa1468fea85373c6c66349620618ee869383a

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_fr-CA.dll

MD5 b534e068001e8729faf212ad3c0da16c
SHA1 999fa33c5ea856d305cc359c18ea8e994a83f7a9
SHA256 445051ef15c6c872bed6d904169793837e41029a8578eaf81d78a4641ef53511
SHA512 e937d2e0f43ade3f4a5e9cdeb6dd8c8ad8b5b50a7b6b779bda727a4fe1ced93abd06720395cc69a274ce3b0f7c6b65e1eba1ecf069db64edb80d007fbb4eedbb

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_fr.dll

MD5 64c47a66830992f0bdfd05036a290498
SHA1 88b1b8faa511ee9f4a0e944a0289db48a8680640
SHA256 a9b72fcb3bdb5e021b8d23b2de0caeca80ddc50420088b988a5b7503f2d7c961
SHA512 426546310c12aeb80d56e6b40973a5f4dffef72e14d1ac79e3f267e4df2a0022b89e08bba8ab2ffa24f90b0c035a009bed3066201e30fe961d84ed854e48f9c5

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_fil.dll

MD5 7c66526dc65de144f3444556c3dba7b8
SHA1 6721a1f45ac779e82eecc9a584bcf4bcee365940
SHA256 e622823096fc656f63d5a7bbdf3744745ef389c92ec1b804d3b874578e18c89d
SHA512 dbc803c593ae0b18fd989fdc5e9e6aee8f16b893ae8d17e9d88436e2cd8cae23d06e32e4c8a8bf67fc5311b6f2a184c4e6795fed6d15b3d766ef5affc8923e2f

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_fi.dll

MD5 d45f2d476ed78fa3e30f16e11c1c61ea
SHA1 8c8c5d5f77cd8764c4ca0c389daee89e658dfd5e
SHA256 acf42b90190110ccf30bcfb2626dd999a14e42a72a3983928cba98d44f0a72e2
SHA512 2a876e0313a03e75b837d43e9c5bb10fcec385fbb0638faa984ee4bb68b485b04d14c59cd4ed561aaa7f746975e459954e276e73fc3f5f4605ae7f333ce85f1b

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_fa.dll

MD5 cbe3454843ce2f36201460e316af1404
SHA1 0883394c28cb60be8276cb690496318fcabea424
SHA256 c66c4024847d353e9985eb9b2f060b2d84f12cc77fb6479df5ffc55dbda97e59
SHA512 f39e660f3bfab288871d3ec40135c16d31c6eb1a84136e065b54ff306f6f8016a788c713d4d8e46ad62e459f9073d2307a6ed650919b2dd00577bbfd04e5bd73

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_eu.dll

MD5 a7e1f4f482522a647311735699bec186
SHA1 3b4b4b6e6a5e0c1981c62b6b33a0ca78f82b7bbd
SHA256 e5615c838a71b533b26d308509954907bcc0eb4032cdbaa3db621eede5e6bfa4
SHA512 22131600bbac8d9c2dab358e244ec85315a1aaebfc0fb62aaa1493c418c8832c3a6fbf24a6f8cf4704fdc4bc10a66c88839a719116b4a3d85264b7ad93c54d57

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_et.dll

MD5 b78cba3088ecdc571412955742ea560b
SHA1 bc04cf9014cec5b9f240235b5ff0f29dbdb22926
SHA256 f0a4cfd96c85f2d98a3c9ecfadd41c0c139fdb20470c8004f4c112dd3d69e085
SHA512 04c8ab8e62017df63e411a49fb6218c341672f348cb9950b1f0d2b2a48016036f395b4568da70989f038e8e28efea65ddd284dfd490e93b6731d9e3e0e0813cf

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_es-419.dll

MD5 28fefc59008ef0325682a0611f8dba70
SHA1 f528803c731c11d8d92c5660cb4125c26bb75265
SHA256 55a69ce2d6fc4109d16172ba6d9edb59dbadbc8af6746cc71dc4045aa549022d
SHA512 2ec71244303beac7d5ce0905001fe5b0fb996ad1d1c35e63eecd4d9b87751f0633a281554b3f0aa02ee44b8ceaad85a671ef6c34589055797912324e48cc23ed

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_es.dll

MD5 9db7f66f9dc417ebba021bc45af5d34b
SHA1 6815318b05019f521d65f6046cf340ad88e40971
SHA256 e652159a75cbab76217ecbb4340020f277175838b316b32cf71e18d83da4a819
SHA512 943d8fc0d308c5ccd5ab068fc10e799b92465a22841ce700c636e7ae1c12995d99c0a93ab85c1ae27fefce869eabadbeafee0f2f5f010ad3b35fa4f748b54952

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_en-GB.dll

MD5 d749e093f263244d276b6ffcf4ef4b42
SHA1 69f024c769632cdbb019943552bac5281d4cbe05
SHA256 fd90699e7f29b6028a2e8e6f3ae82d26cdc6942bd39c4f07b221d87c5dbbfe1e
SHA512 48d51b006ce0cd903154fa03d17e76591db739c4bfb64243725d21d4aa17db57a852077be00b9a51815d09664d18f9e6ad61d9bc41b3d013ed24aaec8f477ad9

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_el.dll

MD5 ac275b6e825c3bd87d96b52eac36c0f6
SHA1 29e537d81f5d997285b62cd2efea088c3284d18f
SHA256 223d2db0bc2cc82bda04a0a2cd2b7f6cb589e2fa5c0471a2d5eb04d2ffcfcfa0
SHA512 bba581412c4297c4daf245550a2656cdc2923f77158b171e0eacf6e933c174eac84580864813cf6d75d73d1a58e0caf46170aee3cee9d84dc468379252b16679

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_de.dll

MD5 aab01f0d7bdc51b190f27ce58701c1da
SHA1 1a21aabab0875651efd974100a81cda52c462997
SHA256 061a7cdaff9867ddb0bd3de2c0760d6919d8d2ca7c7f889ec2d32265d7e7a75c
SHA512 5edbda45205b61ac48ea6e874411bb1031989001539650de6e424528f72ec8071bd709c037c956450bb0558ee37d026c26fdb966efceb990ed1219f135b09e6e

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_da.dll

MD5 d34380d302b16eab40d5b63cfb4ed0fe
SHA1 1d3047119e353a55dc215666f2b7b69f0ede775b
SHA256 fd98159338d1f3b03814af31440d37d15ab183c1a230e6261fbb90e402f85d5f
SHA512 45ce58f4343755e392037a9c6fc301ad9392e280a72b9d4b6d328866fe26877b2988c39e05c4e7f1d5b046c0864714b897d35285e222fd668f0d71b7b10e6538

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_cy.dll

MD5 34d991980016595b803d212dc356d765
SHA1 e3a35df6488c3463c2a7adf89029e1dd8308f816
SHA256 252b6f9bf5a9cb59ad1c072e289cc9695c0040b363d4bfbcc9618a12df77d18e
SHA512 8a6cbcf812af37e3ead789fbec6cba9c4e1829dbeea6200f0abbdae15efd1eda38c3a2576e819d95ed2df0aafd2370480daa24a3fe6aeb8081a936d5e1f8d8ed

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_cs.dll

MD5 16c84ad1222284f40968a851f541d6bb
SHA1 bc26d50e15ccaed6a5fbe801943117269b3b8e6b
SHA256 e0f0026ddcbeafc6c991da6ba7c52927d050f928dba4a7153552efcea893a35b
SHA512 d3018619469ed25d84713bd6b6515c9a27528810765ed41741ac92caf0a3f72345c465a5bda825041df69e1264aada322b62e10c7ed20b3d1bcde82c7e146b7e

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_ca.dll

MD5 39551d8d284c108a17dc5f74a7084bb5
SHA1 6e43fc5cec4b4b0d44f3b45253c5e0b032e8e884
SHA256 8dbd55ed532073874f4fe006ef456e31642317145bd18ddc30f681ce9e0c8e07
SHA512 6fa5013a9ce62deca9fa90a98849401b6e164bbad8bef00a8a8b228427520dd584e28cba19c71e2c658692390fe29be28f0398cb6c0f9324c56290bb245d06d2

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_bs.dll

MD5 e338dccaa43962697db9f67e0265a3fc
SHA1 4c6c327efc12d21c4299df7b97bf2c45840e0d83
SHA256 99b1b7e25fbc2c64489c0607cef0ae5ff720ab529e11093ed9860d953adeba04
SHA512 e0c15b166892433ef31ddf6b086680c55e1a515bed89d51edbdf526fcac71fb4e8cb2fadc739ac75ae5c2d9819fc985ca873b0e9e2a2925f82e0a456210898f9

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_bn-IN.dll

MD5 a94cf5e8b1708a43393263a33e739edd
SHA1 1068868bdc271a52aaae6f749028ed3170b09cce
SHA256 5b01fe11016610d5606f815281c970c86025732fc597b99c031a018626cd9f3c
SHA512 920f7fed1b720afdb569aec2961bd827a6fc54b4598c0704f65da781d142b1707e5106a459f0c289e0f476b054d93c0b733806af036b68f46377dde0541af2e7

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_bn.dll

MD5 7dc58c4e27eaf84ae9984cff2cc16235
SHA1 3f53499ddc487658932a8c2bcf562ba32afd3bda
SHA256 e32f77ed3067d7735d10f80e5a0aa0c50c993b59b82dc834f2583c314e28fa98
SHA512 bdec1300cf83ea06dfd351fe1252b850fecea08f9ef9cb1207fce40ce30742348db953107ade6cdb0612af2e774345faf03a8a6476f2f26735eb89153b4256dc

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_bg.dll

MD5 8375b1b756b2a74a12def575351e6bbd
SHA1 802ec096425dc1cab723d4cf2fd1a868315d3727
SHA256 a12df15afac4eb2695626d7a8a2888bdf54c8db671043b0677180f746d8ad105
SHA512 aec4bb94fde884db79a629abcff27fd8afb7f229d055514f51fa570fb47a85f8dfc9a54a8f69607d2bcaf82fae1ec7ffab0b246795a77a589be11fad51b24d19

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_az.dll

MD5 7937c407ebe21170daf0975779f1aa49
SHA1 4c2a40e76209abd2492dfaaf65ef24de72291346
SHA256 5ab96e4e6e065dbce3b643c6be2c668f5570984ead1a8b3578bbd2056fbad4e9
SHA512 8670746941660e6573732077f5ed1b630f94a825cf4ac9dbe5018772eaac1c48216334757a2aeaa561034b4d907162a370b8f0bae83b34a09457fafe165fb5d7

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_as.dll

MD5 a8d3210e34bf6f63a35590245c16bc1b
SHA1 f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693
SHA256 3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766
SHA512 6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_ar.dll

MD5 570efe7aa117a1f98c7a682f8112cb6d
SHA1 536e7c49e24e9aa068a021a8f258e3e4e69fa64f
SHA256 e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01
SHA512 5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_am.dll

MD5 f6c1324070b6c4e2a8f8921652bfbdfa
SHA1 988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf
SHA256 986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717
SHA512 63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\msedgeupdateres_af.dll

MD5 567aec2d42d02675eb515bbd852be7db
SHA1 66079ae8ac619ff34e3ddb5fb0823b1790ba7b37
SHA256 a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c
SHA512 3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\EdgeUpdate.dat

MD5 369bbc37cff290adb8963dc5e518b9b8
SHA1 de0ef569f7ef55032e4b18d3a03542cc2bbac191
SHA256 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3
SHA512 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\NOTICE.TXT

MD5 6dd5bf0743f2366a0bdd37e302783bcd
SHA1 e5ff6e044c40c02b1fc78304804fe1f993fed2e6
SHA256 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5
SHA512 f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\MicrosoftEdgeComRegisterShellARM64.exe

MD5 7a160c6016922713345454265807f08d
SHA1 e36ee184edd449252eb2dfd3016d5b0d2edad3c6
SHA256 35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9
SHA512 c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e

C:\Program Files (x86)\Microsoft\Temp\EU39F7.tmp\MicrosoftEdgeUpdateCore.exe

MD5 c044dcfa4d518df8fc9d4a161d49cece
SHA1 91bd4e933b22c010454fd6d3e3b042ab6e8b2149
SHA256 9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2
SHA512 f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 ad63b5f615bc127daedc2d6a2722dbb8
SHA1 db965a6a5105c09e95d143359f69d310e71411dd
SHA256 e1b8eeff0b08f119a817e1835d94909ed5aff86065b66c7f2800b7e704af9f0e
SHA512 2bc0187d6222d2c302ade081feac10a7672e5a965e9288f3c6c3320831a084495aedaf38ff297adda013604b4476371ecd7f835039082672e5c64bb6147b64b9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\reports\35c922a4-e517-4b1f-b156-ae0e6d851435.dmp

MD5 c5600253968065ef93ce4082be6676a9
SHA1 46c8b07998a1f8a70b50c38b0403ceb5a9795bc3
SHA256 7d375383764588bcd85d341d01ec9f0574224de48fdd4b9a618b0f92f8b1eaad
SHA512 13d1d68e87cf422265695bcbf539924579a71845f395f7f6dcba4d66e3608006c93b0963efc891be861117579ff9d5cf82f3821acb96b7faeb39bb3175d21496

memory/3780-372-0x00000000012F0000-0x0000000001325000-memory.dmp

memory/3780-373-0x0000000072760000-0x0000000072970000-memory.dmp

memory/4676-377-0x0000000072760000-0x0000000072970000-memory.dmp

memory/4584-376-0x0000000072760000-0x0000000072970000-memory.dmp

memory/4676-383-0x0000000072760000-0x0000000072970000-memory.dmp

memory/3780-432-0x0000000072760000-0x0000000072970000-memory.dmp

memory/3780-449-0x00000000012F0000-0x0000000001325000-memory.dmp

memory/4520-459-0x00007FF9D8660000-0x00007FF9D8670000-memory.dmp

memory/4520-465-0x00007FF9D8830000-0x00007FF9D883B000-memory.dmp

memory/4520-474-0x00007FF9D6920000-0x00007FF9D692A000-memory.dmp

memory/4520-483-0x00007FF9D4E30000-0x00007FF9D4E50000-memory.dmp

memory/4520-482-0x00007FF9D4E30000-0x00007FF9D4E50000-memory.dmp

memory/4520-481-0x00007FF9D4E30000-0x00007FF9D4E50000-memory.dmp

memory/4520-480-0x00007FF9D4E30000-0x00007FF9D4E50000-memory.dmp

memory/4520-500-0x00007FF9D6380000-0x00007FF9D6387000-memory.dmp

memory/4520-499-0x00007FF9D6380000-0x00007FF9D6387000-memory.dmp

memory/4520-498-0x00007FF9D6380000-0x00007FF9D6387000-memory.dmp

memory/4520-497-0x00007FF9D6380000-0x00007FF9D6387000-memory.dmp

memory/4520-496-0x00007FF9D6380000-0x00007FF9D6387000-memory.dmp

memory/4520-495-0x00007FF9D6360000-0x00007FF9D6370000-memory.dmp

memory/4520-494-0x00007FF9D6360000-0x00007FF9D6370000-memory.dmp

memory/4520-493-0x00007FF9D6360000-0x00007FF9D6370000-memory.dmp

memory/4520-492-0x00007FF9D8370000-0x00007FF9D837E000-memory.dmp

memory/4520-491-0x00007FF9D8370000-0x00007FF9D837E000-memory.dmp

memory/4520-490-0x00007FF9D8370000-0x00007FF9D837E000-memory.dmp

memory/4520-489-0x00007FF9D8340000-0x00007FF9D8350000-memory.dmp

memory/4520-508-0x00007FF9D5B10000-0x00007FF9D5B40000-memory.dmp

memory/4520-507-0x00007FF9D5B10000-0x00007FF9D5B40000-memory.dmp

memory/4520-506-0x00007FF9D5B10000-0x00007FF9D5B40000-memory.dmp

memory/4520-505-0x00007FF9D5B10000-0x00007FF9D5B40000-memory.dmp

memory/4520-504-0x00007FF9D5AE0000-0x00007FF9D5AF0000-memory.dmp

memory/4520-503-0x00007FF9D5AE0000-0x00007FF9D5AF0000-memory.dmp

memory/4520-502-0x00007FF9D59F0000-0x00007FF9D5A00000-memory.dmp

memory/4520-501-0x00007FF9D59F0000-0x00007FF9D5A00000-memory.dmp

memory/4520-488-0x00007FF9D8340000-0x00007FF9D8350000-memory.dmp

memory/4520-487-0x00007FF9D82D0000-0x00007FF9D82E0000-memory.dmp

memory/4520-486-0x00007FF9D82D0000-0x00007FF9D82E0000-memory.dmp

memory/4520-479-0x00007FF9D4E30000-0x00007FF9D4E50000-memory.dmp

memory/4520-478-0x00007FF9D4D00000-0x00007FF9D4D10000-memory.dmp

memory/4520-477-0x00007FF9D4D00000-0x00007FF9D4D10000-memory.dmp

memory/4520-476-0x00007FF9D4C20000-0x00007FF9D4C30000-memory.dmp

memory/4520-475-0x00007FF9D4C20000-0x00007FF9D4C30000-memory.dmp

memory/4520-473-0x00007FF9D6880000-0x00007FF9D6890000-memory.dmp

memory/4520-472-0x00007FF9D6880000-0x00007FF9D6890000-memory.dmp

memory/4520-471-0x00007FF9D6880000-0x00007FF9D6890000-memory.dmp

memory/4520-470-0x00007FF9D6880000-0x00007FF9D6890000-memory.dmp

memory/4520-469-0x00007FF9D6860000-0x00007FF9D6870000-memory.dmp

memory/4520-468-0x00007FF9D6860000-0x00007FF9D6870000-memory.dmp

memory/4520-467-0x00007FF9D67E0000-0x00007FF9D67F0000-memory.dmp

memory/4520-466-0x00007FF9D67E0000-0x00007FF9D67F0000-memory.dmp

memory/4520-462-0x00007FF9D87B0000-0x00007FF9D87D0000-memory.dmp

memory/4520-463-0x00007FF9D87B0000-0x00007FF9D87D0000-memory.dmp

memory/4520-461-0x00007FF9D87B0000-0x00007FF9D87D0000-memory.dmp

memory/4520-460-0x00007FF9D87B0000-0x00007FF9D87D0000-memory.dmp

memory/4520-458-0x00007FF9D8660000-0x00007FF9D8670000-memory.dmp

memory/4520-464-0x00007FF9D87B0000-0x00007FF9D87D0000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ef66c27f906bc9478b3f3438cf565b6d
SHA1 88b20c4a19f7090448382a31fff9cc0d1c2129e3
SHA256 c9bf32fefb73884c35b9aecf25550806d3266f0d7d11b984d6eb40afaf7f3129
SHA512 0e37efbef8fc90a99bea72f578f97425cb66a684eaf88249c562661d9099d03e5661afaafa9ee7dfaf04544e610fc938696d3e069b0cbb16228ae1d61e7e28a6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f691ec77348f1e1bff21c8f4a7ccee32
SHA1 cd551c337181faf38681388f487db13c31ea883b
SHA256 3bf6aeaff30c995292c97cbe3546701b9097005317586420a8b4d122e1fa48b1
SHA512 3bfb76d618d3d507e27acebf25288a9a88214b7f6ff147715cd40641efb94016a4b13222705c6bbc94af501fdb45ad7a896ccfa27e8185f62f226a6b44b42eff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8f0c0894e4ad8e2659425ef59d9818d9
SHA1 a71a09d2886c373ed12cd1b04033d1b24610284d
SHA256 0c666229331777a534172cb101850907ac9a2704d1de4edacc229e67276f6d40
SHA512 e3584583210617694b416dabfa3b567870342a46b89e5b7d735914bc0a749d76218b6b2daac62c21ce491851886356105288c742d6bfb470033b1fcad43d41d2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f5d8f6faa32d3a3f44182ef7b5a4f5d5
SHA1 504bc83754f70dd933b617fa56399152d0fe8bf0
SHA256 24091906fff10469061e7bfbb6bdf9b5c16cb90a677eb0865f3a9663f290769c
SHA512 df05b12fc7f19eb03398dd5d776b7014268479846c283e404e5d0e5bc923878c98be148e2a3f7382101cfa580051064abc6649276cc6b5d100d49ca888637441

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6bdb9b2b0545dd778cc69ce56603ccc7
SHA1 e373ff37525cf8626763ba43b993f08500d74c90
SHA256 1e967a08a44a2b6a972ea6b25b4cda0814fc846f5dc534915a62c73eeb667a5f
SHA512 47e60fe437ec4c6fa1ef6f8c1427403a94d555260063545701f695901d6265a10f374f8663531a0042f322faea540108b88147578f8ce1f70d6147456e121d84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a10ca613f15a3fd0dd6f38a0e4cf2f08
SHA1 50e9794f46f9e7dd60096930f5180e79d3f13c99
SHA256 6671268de01e2fdb547f0ef6dc15a078095748039c694732a677bc816a746e8c
SHA512 12f2b4648d5e7c234192f487b73f6bf5d471864e813405b6a9f09eaee6aa44c46eef7dea68d5a6eb12076bda9fc1a00814f2c3716c5645b2834bd28843f8bb74

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 67c862ccb5c679decf533c38f88a299b
SHA1 20e98a1ecd412b306fdaef41ae097507a8f7fcc2
SHA256 714de7a3cb609d1b6e5f9230b47e346d7f1556a6859782844412ed6121b721be
SHA512 022682e6647b582359609eef81994a7d08ccc8efc27b6f81c92c1b1d708a17f3d3625af6f065bfa81e7a6ccb0b0999e34b5ee0cd91a42727b2de983d7e81d3ee

C:\Users\Admin\Downloads\Unconfirmed 992302.crdownload

MD5 8450908897067c9527740d735897740b
SHA1 71c993302b3174fe4fd712eaf8886a4842778e42
SHA256 f5a04c5d6ddcb4cc3925656919c37a9ca18f20f3623c722dc45499cf1e4de8a8
SHA512 841d6d732db87ca350dd7f4eda273584810dc976f6a368a141de8ea8d87113e8f8ef92c747ee2fa3dc8f906456e2c2c17b122d3f86dea9042c40acb9170848f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ebe96deb4c8ee95859c218acbd3c704c
SHA1 83da0dc300f36f2f8118867796426e8bb714ff89
SHA256 abe057eab3e0ea29eb9664b43cf740989da4e7005f6e21ff169206a503b8a505
SHA512 4bb2ff1b4a18d5561dc04a2f0cc9f5a707f28592a7a71641e4a1230ff2dfb7b8cf6b50db0d0f2d1affa05e1c89c9077bb17c9037ea03522161a2bcf0e224120b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a0ece69dc7431f2aa51434d152f37d69
SHA1 b47193f9f59cbe4d045ea5d86c0051a586c722f9
SHA256 b5f7b56266860caaa4124ce80cf708f1dc0c398efe4bbb8fe68b5f315611077c
SHA512 8bb9bd3f7a1b67f07b3f54f526198136cce31acf786b468c0291482cdcdd69d721290e8bc90615fc52b12239ee5c24305597c931db29b1577334e147d8898d17

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 608d289fb54a0bab6961b5eaf7c3a083
SHA1 3f3586a6b497bb59db43eb2fb9463cd8a89efaf5
SHA256 6db257e22f6b93019a0a1a74cdc95807ba4c8f2011a18f97d18e10f58404133d
SHA512 ad75a0e7e4d3c559440a11faa3998f607a7a0028885e98a4182786701649a86534c90715281791842b74a3dac3040caf35a7f8dd4d45e541c0eb290c42c4ba03

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 d630dba45f1cbe9c621871e9b60627cf
SHA1 bc74d89216b6050bacc2dcff4684183488c88080
SHA256 a441ea0df7447c21cc379d3871ad782f89084b231b8075ef2033d52ecf163e45
SHA512 f9e1b76768d10ac45df8036e35c53b90483c075de961b423e33d08bdd5bcf0deee796f6c4282822df8ff52e02d1b1fef0eac2a3d415358403d9eb522a860e7f5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 9a5f5e01b4a0fcebd55f71c53e977671
SHA1 40152f317e0e049075d2f4d18ccffb68f34431da
SHA256 d40b1d441e300cf46408ba0c3701457b10c7b2e3c61df5b747e1016b3076cd92
SHA512 b19a8a2e381c9bc19d61f860ac031661aad691c5e9a82f630eb34f3f52c8912463aa4d2ed99865b154ec10ffd71e5c3bad263cfdf9ba40671fe6f69cb6a25ec7

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\68SE3L24\dotnet.microsoft[1].xml

MD5 c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA1 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256 b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA512 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\68SE3L24\dotnet.microsoft[1].xml

MD5 f6c2ca9a4a307ff18062e7d93a410a9a
SHA1 6608d1e9f9104f98384f06d48f71566f7dc0f3ec
SHA256 c2f7ed269229730298a02e482036b3279a2cb195f18ccc91e4eaf320202adcb0
SHA512 0bb5cd703bf4c6288d2fea7965cccb975733e53f01db9d0060184163bce864c104be4d91e9e2d0160df3dda776a0cf6cfb3765500f0e04347bfb14821a08a6a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 2c5d1c525bb1866b871984f7cdadbd12
SHA1 ba2bb63dbbd73b6455499dcf36e42cda0974e6c9
SHA256 eb2b79764f2cbcda7ea353fb13667c8fe53896d7507b82f9ae0a78ab99216435
SHA512 9102f3028400ea8b6ec194fd7ccb7c92942d8badf23a10206db57279fd3027c60c6e165453598cec2021d5ee6457702debd42503b90046312f64818e5a4ecaa9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 304b32115ecec04cfa4d3da00ee870d2
SHA1 e2bc4afa28df1e6027454f4391d09b540ea0f262
SHA256 e61effea41fbfa9065d375cb56e8e80e6053a0efda622266828cf27c80470041
SHA512 298a644fda58142ecd1f2d59248802a9ae59e415f74d718278e7321585fec550dd3b42fb331fe2af049d0ec83a8fa995764f5294f79a96c33ade9ccd13c039ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 c96f79fa7d7c02c58c03c766cbbabe3e
SHA1 d56814bc8bea62f9835866e640abc41f7bb155f3
SHA256 dfe071f94bfa51517219862a665425058da19c513445fd99cc9383b8de638d50
SHA512 0d9e3b3c73762ba6e859376e4e3241fd24dfac5a0693ec40e1624507e21e9e88e2b9e0dd0ca4d12a9d47380fdeba0d2495cf969b4f692dfb7d7b812f9df1d6f9

C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\BU0KRETY\edgecompatviewlist[1].xml

MD5 d4fc49dc14f63895d997fa4940f24378
SHA1 3efb1437a7c5e46034147cbbc8db017c69d02c31
SHA256 853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1
SHA512 cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a

C:\Windows\Temp\{FCBBDA55-26D7-413B-A0EC-C63CFA6E1407}\.ba\bg.png

MD5 9eb0320dfbf2bd541e6a55c01ddc9f20
SHA1 eb282a66d29594346531b1ff886d455e1dcd6d99
SHA256 9095bf7b6baa0107b40a4a6d727215be077133a190f4ca9bd89a176842141e79
SHA512 9ada3a1757a493fbb004bd767fab8f77430af69d71479f340b8b8ede904cc94cd733700db593a4a2d2e1184c0081fd0648318d867128e1cb461021314990931d

C:\Windows\Temp\{FCBBDA55-26D7-413B-A0EC-C63CFA6E1407}\.be\windowsdesktop-runtime-6.0.31-win-x64.exe

MD5 7dfa2d16780a7dc5976dc9503ef132b7
SHA1 d744c2bbd0f0f489a559d7376e4294589cedf8ad
SHA256 2551b141649dbd49ac35abf4ad54240abb88f97f488788aae33ec9cc06d5f065
SHA512 3f2fb1afb3899a234e05d819eda4395318a8cd3e043ca2a8dd895763e5076ab4798d3a202db8fa99c228baf72728b4618b74869f5f241fc5305a603339052112

C:\Windows\Installer\e5a63d0.msi

MD5 4d10d348f094ecd4a64e3338a2b151e4
SHA1 35c4ec16ed624008fc85b29f54180c3345538066
SHA256 48f9d9bb52b4960852bd67f1c514c88828fe7d9e1de336fc8146c2d1e7c1cfe1
SHA512 bec678826f8920bae33bc09355bcd611fb8b8c3e645724ffcd93f093754352d424f38ebac33568026daf7c94ecf4ced20a9f9644b3d25da1e55208df812d57a1

C:\Config.Msi\e5a63cf.rbs

MD5 ab63ab04a2e771da5de1b3bae4f96c08
SHA1 ca97cb1e424e238a1529b5a0cf3a639e48e0da31
SHA256 61207c0d3b43aac24c7348cd66502f2e4424d10493f042162ba420345a13ee26
SHA512 bce9f135e9cf8d7ad1b64e2961720ccc89b1c03343f7dfdb8ef179fff97d464582b356e6b4766197e32bf733a875fabb6d0e21af1fdfe02786ffe2769a521c4e

C:\Windows\Installer\MSI9580.tmp

MD5 60e8c139e673b9eb49dc83718278bc88
SHA1 00a3a9cd6d3a9f52628ea09c2e645fe56ee7cd56
SHA256 b181b6b4d69a53143a97a306919ba1adbc0b036a48b6d1d41ae7a01e8ef286cb
SHA512 ac7cb86dbf3b86f00da7b8a246a6c7ef65a6f1c8705ea07f9b90e494b6239fb9626b55ee872a9b7f16575a60c82e767af228b8f018d4d7b9f783efaccca2b103

C:\Windows\Installer\e5a63d1.msi

MD5 7df20d9d562dd9cac2d6cdc5fa7208f7
SHA1 49d3188918876c11a83631058dcd5e46890e499c
SHA256 52a756d1a43ddfb7eda39715a2cfa37bb474a1f24556b0d905fc73ca93122fdc
SHA512 78c9a31e58e6191785d1a73852b2e1d681778baa9052a81026b40bbb5d1fa8b9130e1fbbfab51560f17e69bc186ed68e63ac37588feccea7059ffa6f20c24600

C:\Config.Msi\e5a63d4.rbs

MD5 b356664b5b6acefc4ba3a0795bc87569
SHA1 9c784a6dff79b79433ea1aefe0de458e36f26eab
SHA256 03f82e124933a39075abe621df2f4840263edde7d3dfb07af549cf38befa5f24
SHA512 d5cde66e2a5bc5ca0b05ee2a98fab1f3bf0b8e5b10f4177d8e10016797659d93fa537a8223e3632d48befe45d1451e57030c01cd173d0e0839d4e5d43a89522a

C:\Program Files\dotnet\ThirdPartyNotices.txt

MD5 f77a4aecfaf4640d801eb6dcdfddc478
SHA1 7424710f255f6205ef559e4d7e281a3b701183bb
SHA256 d5db0ed54363e40717ae09e746dec99ad5b09223cc1273bb870703176dd226b7
SHA512 1b729dfa561899980ba8b15128ea39bc1e609fe07b30b283001fd9cf9da62885d78c18082d0085edd81f09203f878549b48f7f888a8486a2a526b134c849fd6b

C:\Program Files\dotnet\LICENSE.txt

MD5 31c5a77b3c57c8c2e82b9541b00bcd5a
SHA1 153d4bc14e3a2c1485006f1752e797ca8684d06d
SHA256 7f6839a61ce892b79c6549e2dc5a81fdbd240a0b260f8881216b45b7fda8b45d
SHA512 ad33e3c0c3b060ad44c5b1b712c991b2d7042f6a60dc691c014d977c922a7e3a783ba9bade1a34de853c271fde1fb75bc2c47869acd863a40be3a6c6d754c0a6

C:\Config.Msi\e5a63d9.rbs

MD5 d130b6cc3a4d094d5664407d895153cf
SHA1 1f38f8af76d2be94c6d78e9c43f5d6ce0ded69a8
SHA256 dcb89c0ce48356b8407e815b25b640366e75ff58e52189ccdfdc248b18e02c69
SHA512 0bcf99afec3f064f3baf22e48c3f72276a6f657dbe91de18bc75523c613c6b4983da609159a545b07b9899fe51ee55e89369bba7489548849174b221e987905b

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\0Z6JFXFE\suggestions[1].en-US

MD5 5a34cb996293fde2cb7a4ac89587393a
SHA1 3c96c993500690d1a77873cd62bc639b3a10653f
SHA256 c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad
SHA512 e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

C:\Windows\Installer\e5a63df.msi

MD5 7147f19faf4e1fd3aab745b2cb41224b
SHA1 b83f0686e7c1c0bb4f5e36648b20aabab4d61672
SHA256 ca3678ef53f5080590b9cb22ed66ad114d299c2a777b0bdc75ccec6972d873d0
SHA512 8e1a32febbb1d57da366d23bd3cc5b5db6397578541dcbd3000055980e28514b6d76e5a42906b3cab678ad71825702906d02c8422f0e410c6a2c9a297826d493

C:\Config.Msi\e5a63de.rbs

MD5 59d51d0462eaf1e75973080000a18a32
SHA1 864e166acbcd6ad1c89099119e282f7c0a6fcd4b
SHA256 c7af5f337097de55e466095104d28510167e1aa81378aec476b7de42f7771652
SHA512 a9adccc2820da9920a860a9ef4bee0463bee1c87938908d6e96657ba37192a9e9e01542aee61c498d72b14e45994f217a6b031fb5feb342dc490b7729a6dfb7a

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp\~DF0FE765B2FCB5A72A.TMP

MD5 9e9f390d20fef3b5624c03e0a7370dae
SHA1 a516c572cc11902c09385edc5040a787d4f24315
SHA256 387dbd116be6ad753b672313f41944469dc92db711b61b644957b182f0d6df4a
SHA512 140864b6b50c13409114007c9683e6c073faafb620b6903183d3f2f6459ea0d50072774af21c63030b93a43ef12ce89a5ec254358cb1f09283b9ede534fbf22e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 d59243b715c43ef4332eea4af5e094cd
SHA1 14f8919b6aec705cff1c962c257885e4211b41de
SHA256 ed8ae3990a11f9a8509c105e020afd7395580f76c701f0f4e53815f1b3381dfe
SHA512 e5f030d45227b83fcfdb2ca134898211f4e46c58f9727d2df48790727e7febb1e2e0fc6f1657f0c1bcdc4db418d4e19ae7af9fa9133348cef014c00209cc36e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8cfef449dc81a010b150dad4e3113f75
SHA1 a972adb238be287d9a31ada11721ea6b3f473754
SHA256 5a40de899215caab345a83b014aabb8ce31c93d45e88eb2d1eea32fac969476e
SHA512 559644edd3552222c83c98bcd4b1f21c5f8982109c7771279cf4dc2fd933f2e2b2d5ec0f7f2935c6977c53d0e2395ec2b4ea3c36540763e7ccc1d04fde93ebff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e1cc1e5baac13341ec0a4c02a8f48199
SHA1 8115eb5606b9e9aace49b7a5675f4a9630725c63
SHA256 b2e85d06cc1248a0e1271dd695e746948d0a2f29240cbe6eeea6e307b62ae1ba
SHA512 cddaa6f282e48f4b8d7135373f5b36192aacaa4a8f0c4e62ac201d469a76bfafac9f86693f2db3fb93c7c2f9cc1c83c48c26a22de3812294aafb33176f6d1286

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ed918649a8f35fd21271ffd65c12b439
SHA1 bb92e854151810d7b44ad73f86ce99b82115a06a
SHA256 4425420a3c595cc13b494634985885866700abb611e92944d37b2d68f5de6f94
SHA512 50c67824933603e9726a9cf5b3af1b90eadda8fbd6c2d46002306be22b6c6635e254cf77f67ed7fafff990cde19f7e9e478439d5ab9cc22402593746856604ea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 baf40461fa39f91d8cfd0efa5d8e92bc
SHA1 1c224c00f4f323fe240b59173d35f9527fcc382f
SHA256 48b00deb81b94d267e58ec0ff859238ba8e10001c3a731713fcaeb57f349653a
SHA512 d3a2c1dc4f870446e25bc8ad3cf15b0df7dd4ee270c36151f9ace33a47896b7ab4e5912afe8352107b36818607a4889ce7635390af57e34de6435b3124b02f39

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 aa03df94281eeed24543b5ac08486abf
SHA1 8760a098be5133df91a30e57a9ba08390e6b594a
SHA256 70a31649356e048e3b61ad18fb3d440c3e9e81620ea9a072963f6ffb0e6416e2
SHA512 16ea360317be920904d6c17313281061cb0dd226a237469e3ba88482faa57479ac5fbba6129e429330c3ad77018c625e9ddeb08997fe562e4fc87ead85b57d91

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4e45ef1cc925516a973876d4c8232d51
SHA1 0f7e06eed59321d7727a3562f2a0b0497bdbe3dc
SHA256 7712dd493ec592b0a47d3f1aae6ff4390f7bd9a1e0a86df3942129ac0f3c7e22
SHA512 434b7bd8841db2e3c37ed7c345aee0bfa8aac6be29b8e16d3c151a3059d24e7ab60b83814177b96a5623b66e38cf06b9bdb47ffecef78be28925dbe296f5d9aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000033

MD5 8ef55859ae329cfe96bf819cabb9b05d
SHA1 d506ddae246b967ee4287f3a55a1f75cc3f59830
SHA256 a38119ce927f5dd9c7c8be6492db32b3c92b0ff2197d55346184485de59e4e83
SHA512 9333cfd26097ba84d0b7d0387928d0437bfd45017547270e85be0c1d2a5b42c11de23f3890e22b45cdcd3548ced0cb3bf7810d74121531515a5c8d0c6a897a78

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000054

MD5 759ab24cf5846f06c5cdb324ee4887ea
SHA1 41969c5b737bc40bbb54817da755e3aa7d02f3c6
SHA256 7037e6c967c38477a5fcd583c74892e16b7a9066cd60287c7035bf0760d05471
SHA512 3470ae07eb7c54feee1e791e63a365cfb0da42f570a66e6c84faf5db6bf8395173c6cb60e8c5cf28eae409f26ea5433c3c5d6ea32eb07e5997c979c6e3ccf4be

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 dcfb7172a801de420970127946b96a70
SHA1 f803f84b12b68a002ddb0d2dfd6829619f985027
SHA256 abf3de8e1703614be82d5f4c7449611d0b98c7ae7653e184e89e900aac954ec3
SHA512 fb70ae55e4b17382d2668d9129002c705f0bafc734ad807d608ef5fdd19658d0f40c594e0113d34b1d345516eb33cb1d629e6bfb4c786ef8477f63957d8d55d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old~RFe5bfd77.TMP

MD5 5cda59ce1b12254daa74903dd64b7d7e
SHA1 cf61dd67d607c4cd4ad007bbdcfd2d02da769af6
SHA256 a313296fdd38c823c38e2eecc219428d7a541fb18264213888e2681d295d66b7
SHA512 c04cecd697ba9b24e3661ea3de5f1c7a23daadc2dcb49cf97bc1f00a819385c98879333be143ad2a15ac6f288b320d6835b5e46577680f32a89851c23edd74b7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d36c2daaa8e1d4996029d8c46fc93826
SHA1 dea2566ac7f5912a2a83c45c8237f6e6908114a5
SHA256 72307a3d1171968e7758b7a5810fd0002d219c3ad108c19380ba6fa2b104391f
SHA512 8fc9fdd2de7515a11840d36b980b6087ea89fe280e816800636e8dc3d8faf8fdd959608b04975f09753ea1b7894d3aae220a2e42c6ad474f86fbe1b4abaf498f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 0e4049b94ed844374b23ef2d47b79860
SHA1 3beea3875a66ff24f809d1891b2034bf3ab4ea26
SHA256 f22f94926316f38892a4d1163c1f975671b487b45d4e54484706127c6084ea93
SHA512 0e08ed178c7d5b1346c852878a92c1faf2eba755eb4ef6b0cecba854603ff76d1f9f7408874e6fbb5fe4152880a6a1ce7955e2ae3db3980b83069596f1be2b00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 313eb07ddce24b6ad47483c31a0a0c1a
SHA1 4dac4a961b3ade202799d4a360f7b62014b0f781
SHA256 5a77c0d259a9ceb1093206b7a3c52a98651f81069dc718703e0e67b1f13d9de3
SHA512 91dceceb774288ac5866685554408b171347272e2e50a023f8dca6468a48a08eb791e40e56ed9833c54e054b106437b3f06fb9cc98df34c37df37c68767ad74e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 922370ec623ad1a063957876254c4a3c
SHA1 8d45a33e3db7d47dc71829bfb00c14f282f3ce50
SHA256 68d8eb264b034fff2e1c1a85302bd44e26efc4ba172ac0b0ee7ddd6a6d8c3662
SHA512 735814aa23f96a8dffdbffd1ff1b44be00ab3f269158398bb7cc3cf541fee7ce73f2956fa6df6615a0927d1f6258f0f76a28e24e10cd933ebe3d6852e9701e78

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9a3d38df2c81630221f9faa54ed1f7ff
SHA1 772b07f99d8a7b2b82529a1a73a697c000528912
SHA256 4690fabd69c54f1b68b750f5b239fe9a1ea394e2b04a8bd3a10ad4280bba2dcb
SHA512 7f176ad0721aa61e475f4ad22473bf720f48e4a6395cb927c0345e970282805d0f7b9bb24fe8ad9adf10bf88c9791de21ca2454d0c13fa2bf5c6ef4a1b04915b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 df2ace6d783801c91e9a037b76af1589
SHA1 e30a94befb35a8cdf16c1b4fd58141a8ca54ba33
SHA256 fd7b8892e8a20d368825e5012ff0bf927402de5190c4469d4e4ed92259a3c94b
SHA512 31526cafa148b091683518a43e650351495dabbeade140c860ac8f78c68405d7ae3cecef388acaace3f5fa855c30d51eb278f109786f86f8ab92c2e8ac311892

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 571b97ecaa9d69538548225bb5c5cf01
SHA1 dab4d2788239cff427512481ca479fb055f364c4
SHA256 1595a5f2c7c449ddc07b261f891c994c44556075602d71b69f32b37c61cc55f2
SHA512 dbc00405aa9eddea8e220b7775defba0868862e56d6da02c2c57953207522f72949b3f2f910bfea49fb5273507b427ff7c964f5c566cb4e57e34e5c8e37fe503

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 26dbeaf93c127d98ad3c671d1dab4fea
SHA1 16a3e0e1e3e935a3c9762c4e8028f84c8e9f2f02
SHA256 b69163db059a5a24f4d728a387b58b44ba4d717ddee16aaf3df47bf4698d8276
SHA512 37ee9c301a918cb232a32ba1c76bd9f4cf86926147225852bb63eaf433fa83985167a3256d3298e647fb87a447305cc7504bc8777e13d28be7c84dc7ec5f6824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 07e96279751d68986011f2d45ee44e72
SHA1 46fa3353d5fde0f16d1aa6c5eea8022747f9eb9a
SHA256 c04c8092913b7476acd4255d735f55ed36f9653c831a8569f825281da04fd111
SHA512 765cb04837015c09a280f9ec62028a27daf6d9f70c6b88134ea29376c247aa9efeaac52a4bd17b00a013833d8aa32cd134f51b0be45ebcbb2e73d108949bdfe1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d67136348c6872a584da2af6c19e1569
SHA1 c90ffd2fa02e95e10b2dd36a990495e1101bab95
SHA256 e0c64559eec84289b47f3e05918acd14502c5897a1c5a9906977ded838afc4e6
SHA512 90e411d7da3632fa24fa1af1aa278006596e437b3e0edc4e7a85aef6e7ae5bfa233d870d827dac755d8baebf8bdb77665308c087fdd36c7ddc1a6b38b75f3ef1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 eeb2846b5ec29620612b612d21fee6e8
SHA1 26f8994e3a73b9126c89c749769f5c8e08e37c6c
SHA256 270d6c4a3e70e733f6592fd776bf10fc340f77ea7744cf32220ac9aba2ea9f0c
SHA512 5a22327dae0781fbabff50f0898759c8e2410a15dc12fcb6d08fddadc0781062a6308d5fa3357b0adb403a462a283d1ba585719bd680a83067c9187496b5334b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 ea0df76c33a493fdb57a538bd9426735
SHA1 13f9d141e3d6121c0f51be27cae1755b6f3403a0
SHA256 a8a541992b39f62fcd3ad08b1b3daf15f91147cab75c6e9d1989b66ccbd00bd9
SHA512 d2ca5de7a52d4aad59077bce458d79de18918b40349e3e2a6651fb22352d8a7ae732e6cfdfdd5186f4b725cb74c9660b07fd6fcd6e85f080074e0108f6d3ec44

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4ca703ae539df46a4c4973ceea2b784d
SHA1 63a29cb42ee0f322fcc2b1d718f1c733b4480408
SHA256 c48396c87d2867dde565169ebff77ff45531d7c88879c8011f6b66491d7d2e8f
SHA512 7f083169c118f81f6d4e55bf6003cbdcfb13dbe52dbcc009a092377749e8d1e23a105eff0baf69b71c1b6fa72fba661869ab2e971d0ec9f07f576da651083439

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\45bca0f7-0b52-471b-b130-e6465f0ae131.tmp

MD5 eca38abf1b1f1e0c6d27af10fac21177
SHA1 ba307c3e66a83715b6be9fea6804d2d74f8387a1
SHA256 edeb87a1114c6ee9dcf9e5962a75c4f85a013bffb4fd48e072e1277aa1bb718b
SHA512 0e1d2b36cb820cee239928a5a6b91d1f1cfd91c374b30ca39917a6c8dfc410b21a69ddf729da13e909b4f4cb583fa2dc949f7dd9893c739c787b891a7c0bfdee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 34d859c09d6d435a03a10d75c0dab3aa
SHA1 dca8b1cc2b3f1b9db947664d220a2f7458b2288d
SHA256 fe77ba3cc4f37beacdad7c39b4c96e0c238a7df59380a208535cff463968c3e3
SHA512 6d9da05da4642d38916ad2602f61ecf6c847d6f661bb99bb44a9de0416b167759d132666089e62a72444af5475349439d3b562544d73862900cc54dc3366ee8b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f7effd4d62749d937db014f2826f93a7
SHA1 7a96bf0756f04023bf82bc6c1998a8d1f794cb2f
SHA256 3131244171442be851dae1677a6ba35ea3e402818ffa97508776675269b52212
SHA512 651aab840dc6239055679bab617cc87769013b9c3d8c362d9309846b89eca0b89aba7dfd8052ebc389782de1fce3022904cacce548ffcd800b4da5e9c43354cd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2d4c131d0503cb8624fc2fd9fc20a3c7
SHA1 d0be6868cd4e4aec4277d616d9af2f3a741f70b2
SHA256 ed81ce99592c6ae28a8e2678ab5b8f2f2acbb76cc5440b7a9856e9c21ddf22cf
SHA512 81b15f834477e166f4fdf1150d89bce146ffe4749ea85dde3c87037b3598e0c9e43ca999497339b0862440a414f02c0d83582994a399fa10690ee3fc15a2b464

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8be6622f3dae61d4bdf491f51c92ad98
SHA1 f1b77a57768d30fc1b5bbcc07e893abb61019b2a
SHA256 4ed4cc44b5c03442cf44ec87a8195da19dcc516c226172683bb9eae234cf3291
SHA512 72ae7cc5f794025775e02f91c7db5ca7add9b973d5f3cad0e573204469a081f9d0584bb9be8c2ed04db01f2df3267dedff7267edba3eb643a9693666259712e9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 92988589bbcc37f25ea7c79a1d715a57
SHA1 cc5e4b5cb9c3249c4d2b6871b377ddb2c45bb367
SHA256 7c977215a3133ab09f96dba38f9615fe8a28e8590a456e25300d04aad230ee0d
SHA512 db0e364eb952dd2e42260714b6350889e5fbc603eb2092e0c8b0c3e3679841960ee7c73de7b7842c760eabf716b07b2373c333d1f5490869043803e364268f54

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 22986e4dc61549c5fda553e9d54639de
SHA1 405b5dea7b5216faf8ae3c99933a8f2375a5ecf5
SHA256 5c43136d4bf0254e8ce3cf9e8308d9ac94007e89d1676b2f60411d685f506ce5
SHA512 26eefb8aeb7e723d39f1e9422a5f314a1313a83e70b1a04bf6b99b78ea19d9032add057c36f6d8313248197c660d50291476953be548baf3156b9de11cb45c90

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 382ab681e1c167e237865e43e4f093f9
SHA1 d6da55a9ce3e4d45a027f5a2ebfd6d91d0b51715
SHA256 f57a20846c8e023f6c057a48fff68040d45d94ac546ec8a4d1ec5441418ee421
SHA512 2b67072d5a28e9c9a555e6623f5352955cf211c942852893fa28aa5af1b6bc6dc4cd64d607e1e2363d2fc3b05257bf0e573724735a6b4af6ee4bd4fc2b05c999

C:\Program Files\MsEdgeCrashpad\settings.dat

MD5 449d899801104ab3ab80569ab1c6f45c
SHA1 42040568962cf2cf0f7214481c09dd2826caf817
SHA256 6519ab20dd5cce59b9b6c736ee74c8f3dab4022a3fb77a7559e5546293a6640f
SHA512 210547db8974e36334e005796b93c10d3f70f37987d6022ea0bdebce6cd69c752e888b56e3b65f44973249f615f281380aa611f30ebc6fae308ca61c99b07dd1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c5a869900d0bcebb705962417e387ece
SHA1 7a071f24da594fbef1b0e0917654fd982be3168a
SHA256 59efa327a630b913ab416c57c8ed19447908a8d6fd137e434f3864e43b4bcd0c
SHA512 b5ab89b188c4ada49bbaad240b436a0b0650fbc464d01c5a4667420020e4367a2ecbf0e7767fe3b4a7aa3085e54530af936e07e0e324d71962fed33d9b33f991

C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.61\Installer\setup.exe

MD5 f9e45fe262a291c37f52e1baf1cbb75c
SHA1 2c3a47de71610e3ad80e34fa7d0af9690d56d8ea
SHA256 76974a5e0e00af7c5d759a30b04ec614e819a4fcbe418fb1312b0426b87d0b26
SHA512 a7ea36dc3c2322f5bdc97ed4c2cf4d1a6d8261f80ad774155e557127b0b3491aa6fa9bab14bc2f65d483bb9a3680ff0c8f8920b0920b3058e0aa5f992b22f94c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3cbf5ecd9939379f9c20049c94e9c061
SHA1 1e8b8165873ffacbf6dd051b18d8a4e7b2617838
SHA256 4cbd5ca3871a4ab843d10b880e2cfe62d92ed140835b67fd67a8f4dcb90d233d
SHA512 98257359bbcffb40bcdcb541d589f4e95ae17e46745eed4b110b17d5c798a73d39964deac7c6df4d5f2665227c96bb4073071a1b2e2c5ca9181af3c297ee5ec5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 20bb945a25fad3c865eedb14aa190159
SHA1 927997e99a2af4fc4b3a7061dfc8856262acd3f2
SHA256 8efacbc91f5e94268bd28bc5d31df6926fe0d4864dd3e17a4c1f1df3d92345b9
SHA512 20925a6d5a4ffaeedbcc76b4955df37e28eb34220fddfd98c0cf20c47b5fc1e96b12a65ad633a7758152954970d3398d0f9aea54a96ea94301ff93754bb15bf7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 10135ff7d4ac54644d2f921fe0a203f5
SHA1 d1dcff1604c87374fcdcd610d87dec58b6b47cb6
SHA256 98a73f29b91ec3c7e26e132bc81d0defecb7feb38a3e3a3d785c0d3ea8c0f8f0
SHA512 b4c1525338c8c52ca25cd2015f188937a84a338587ab186baae86f63dd4f0d9353a8dc94de509fc37ac89a12025c6de56002be335572aaf8e310afb5a8a189d8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 57adb5f789f891f5b0cf5901a585d27b
SHA1 2334e8e004af49278102ffec8c7a85d420c06667
SHA256 c6bb4794fd408266e5378e2366a37129f0ec18dd4bb12d8d53314cc3bd2c3be7
SHA512 ccd6220cc9369b608c31363f079989c465dcf9bac1019be01b14bf935bdb95a84c107e64d2cb4ccb4a39e9ebfdce4a9b44a728e8527f9224b7627e4798b6b439

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 36a09410d6b5c7f9066848c8fef81469
SHA1 5be8ecc33d8fd3030bb3fc48f0ab2d11ad8dbde5
SHA256 3783cb97c2cca540690c33db946b0c7b20de29cbe77167b5c2f8b4951384dc6c
SHA512 f6f001d6ce39f8318ed10ff02925f3e14dfb9aaa3e1f48e378ff970d18202e7de65cb8d544c3828392aa808f0ce3c676bb9378efa05a2b8ca1b0201a70c496e1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e786b0246eb336c285f37cd4ed1c65ca
SHA1 af36e933fec4a9c7f3465d8bbe6425adf50bdf15
SHA256 3aaab897671f9db7390033bf4c02cb47666de253b084bd56c641889b9e090bea
SHA512 804b3ac569efb7f7dd84fd51a699049038af5303d409c45317f7975112bd216b0256836a4eedff00b030547daa6efcda06d71c2e70a043937db9ed8adb1f6fe0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 001b5f33904d1c0641bfa942bc533a91
SHA1 3131466242a04c444bd1f49ee29d708f08b63b4b
SHA256 21b3c655a925871ff3f80dcade7e462a09a43eabcef863a0e510199d3e1166f2
SHA512 8b818595e15f0f1ae773263423fd2d4728177c66382c460a0042c6c1d1c4463c59b836b9d343b5b12b1673b1db2f483849fbb079a459a2b20ea440509f30ba51

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fa679bf122031c36a0ef12c81927d71e
SHA1 569ad2247d372a73c0b553ff7c5c4ad07019e95c
SHA256 2511364a06a41a3fc602d9476d7877f844334cc481cf8ef4bfb0a064ca103302
SHA512 3ce8c0681df4a3c34583d43b5d465ce0f6e4a341a96a526e3cda514dd4c52b42f35efaa0b3dd33706fb1b28a08877ea98eb51d45ada91f3cb7fae30dd2601a92

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 1c327e2e7b1c70e0ebcb010d35d306ab
SHA1 380a190acb4873fe1e6c9f85a66dc066cfcdf6c8
SHA256 ed2bdb0eb70d01508fd1e6c9d87edccb9022f238a0bb57208e8f00fd415edaef
SHA512 36fb4ed422a9930e8cac1bf54fef242d8374b6fdbb6f5531fb15552f4cbca518ea6101033f6c26dcffc483bb77f11fead77418e25f62c474199928ffeb82b5c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3f3d5942046acec4a21dff3fadaa4bb1
SHA1 b513fbeec15378fd32d3950f8a0cb27a79fd3afd
SHA256 5814dcfb55cca1574412aa6b26920ac06a8dac5931d047af7a87c799f41a00f8
SHA512 aeba14a24b6097965e6718f0d45fe02f9061a6b929724c310971bc86938734035b6a36ce324e3101aa4d1d1a91b4f3fd5ba5ddfb84a308b068e8e45d50aed357

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 4cc991cab6dcfa2de1b7d619d33eaa25
SHA1 8d27c3ffaab118a335d534879c687fcf3e1dcbe4
SHA256 513da6c2783e010bc904b54d10d88081dfaff597538710865570948a064ed06a
SHA512 e0829fe15a23176db5940382c263e224d9b3b611b66d674cd645ca9323055d69d8eefdeac00edfa276a70ea6ca73a15865d402ffb7be28fc1be1f09175343633

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 233a105de8db9fbcb20d97be1037436a
SHA1 a3a01b18ba268cf21e90b459ceb9011fb8b8e7f7
SHA256 6cdd2b1b24268343b14c66e1ac71e8e543ae3e31344e2f3bfc81c9a865fa6cd9
SHA512 8a77b2cf1e719a4fd97068483c31e7f5cbb8e454a99f26d8895fc4128c8842d43c59aef9367e2e3b3320c680416f6a1240728a2782a2c660815143d4736e12aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

MD5 87c2b09a983584b04a63f3ff44064d64
SHA1 8796d5ef1ad1196309ef582cecef3ab95db27043
SHA256 d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0
SHA512 df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

MD5 921df38cecd4019512bbc90523bd5df5
SHA1 5bf380ffb3a385b734b70486afcfc493462eceec
SHA256 83289571497cbf2f2859d8308982493a9c92baa23bebfb41ceed584e3a6f8f3f
SHA512 35fa5f8559570af719f8a56854d6184daa7ef218d38c257e1ad71209272d37355e9ad93aaa9fbe7e3b0a9b8b46dfc9085879b01ce7bb86dd9308d4a6f35f09e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

MD5 6b0fb47d5de062b7d60d8c5f4e744879
SHA1 3fec5ddec74367e07b1681d5e1a0b348a31e6e61
SHA256 1dcbea2fc9dc82f3df55361f9f096ea268025393ae362b213da82f877cc0d3d4
SHA512 431720440646fddf2f69f497a91ff9e10f3c5a863d6ffc68ddccce2a24b58883c0fd41032f19a1ccdb003a1abc4f648f635bd7196b4e7da6df0dd94d6817ef37

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

MD5 87540869348605aa7280ec8fb594eb86
SHA1 2839f5628859d103a6af6a267556ab559d32d986
SHA256 bff850348d52a522cf9a6b4e7e27f64cdd8f78c6040cff48d5a6ab6b1ee66c46
SHA512 324b8ac2a53e0e46de65c72086507b1ede4459ebbf0e35997dfc8fabb041e0cc571c7ab1a58c7520efd103b93222c932e3021b622ee7a77d315f5085e636ee83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 94275bde03760c160b707ba8806ef545
SHA1 aad8d87b0796de7baca00ab000b2b12a26427859
SHA256 c58cb79fa4a9ade48ed821dd9f98957b0adfda7c2d267e3d07951c2d371aa968
SHA512 2aabd49bc9f0ed3a5c690773f48a92dbbbd60264090a0db2fe0f166f8c20c767a74d1e1d7cc6a46c34cfbd1587ddb565e791d494cd0d2ca375ab8cc11cd8f930

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe639a80.TMP

MD5 c043fa853f139fc7d45ba48db777868f
SHA1 25a56bc6713b057be27ff36eae1bd34208de38b5
SHA256 4edca4a5d21ebc03793fc78cac4674c60d63b49a4297d9c95a0879bf8651a7dc
SHA512 2822896e2becba36ab0d781b68f2c8ae7589cc89211013b141095a0ec0abdf3fb18479818128fdbcca927b4e2fb9ca7efe7a4cb3fbefe0a575fc1700aa9c9ee1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ee76d018f0d2c875b747cb04b0f72d88
SHA1 bafd1225e2df65a06d0f5c540b885f64328b300a
SHA256 c1c5d4cb3aa53273ff5546f46129ae0a7b8a7de00fef472525720af54ffe5085
SHA512 de2181e2442c372ec056f3b30c31aaee6c6cfd5cac777965214488f87c738faed8ffe803796c72bbf119c042416cc13d9d559b31f60274ed41e627ae36b4a8a1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d4a5dee37aa177db15c5425f173f7b63
SHA1 8eced5af0edcc978779f8888b81ea72e6b5af8df
SHA256 f8bf0aaa113fce5cc4da0a0cfb7ddd63d254732112e897071c3ab436af8f14f3
SHA512 29965c17ff4174b18d7a4c22c4a7072862c718b73a2e72590e1a4b59a18ca2c08baecba0608ac4d4a79d1d1a51d09ac4dbc358ad781b2ddb0855c644a48c1f5e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 11ffbcb383a7168d1047b558c6721c57
SHA1 349225d7969173c7d0489885cc61bad50556f353
SHA256 bf46868de84d6251358f9b7a50570bbbd60f5b94b946cd68020a87b8dd1e2423
SHA512 64ffac3f0249692e985b8af94151de67b926dcaa067878614ab3a9eb9ff37996f76d38bb537b0d34c6257b03f91447329af25d4586a6dd58e0f90f2855abe539

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 adb3dbf65272f786405b95a9b1206b4f
SHA1 0698d93347a9d6786b04dad76236fef1dd18f791
SHA256 12d124cd928721e155cfcca78d57769f79fd44aea19586a45e341959829d623e
SHA512 df31e9d75b57aaeb48d948c01289803729cde8696ee1bc0a457f214ae8b8ec3e677dfbe2f9d4247a46835ef82ac693724b0e2dcfa7fcc46cfd7e55e9c6e721c5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 5d1e50cecf09a2742c39220518cb8f4d
SHA1 3149c931433db7fffb0b397c9d0a90f2f296b313
SHA256 bf7714b60710763af2df995d52fa2b0bb25d6d3a534472cf73bacd80ea5c228e
SHA512 879ccea466f817de9c7a8716ecc8871e891cc1962310d4d7dab13e0142f9166e4a466dd03d5c110b8744101f5c9d152ee85b699a2fef6eed004650eade46f5c4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir3588_1842029154\Icons Monochrome\16.png

MD5 a4fd4f5953721f7f3a5b4bfd58922efe
SHA1 f3abed41d764efbd26bacf84c42bd8098a14c5cb
SHA256 c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3
SHA512 7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 1b602b34b2a559e0e90e228b3a450305
SHA1 85256d87673f6b433f3d8e3e4fb622a66c311752
SHA256 19e89eba35a15cc5d2c2959fe034f8f0d778f0fe075eb185ca92e2e69d4ff208
SHA512 f30e529187b22c1755e130648ea4115fa0864abd84747548e0a648261c11a3c8757a276439514e03ba2904da18205b99fc689bec79c15fa96db13a0cef620ebd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\f6798a82-c810-44ec-b142-d049d57ea067\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f8

MD5 e4713b907513321f56ede5e56eb5b2eb
SHA1 762316d74042a2d2bbb056fe2e58de025fbe5619
SHA256 5742afa7b6e576a449f766c5a9ab5d1a158d5f906dcb49e9178af344d16dfc96
SHA512 67cf5897841983c39b020507066e44dee26b67ae6922ef89f6db53c17f6c36d65be15e859497ff35fb21a1ce98203aa269cb7b23e08c411267250fe61d09fe0e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fc

MD5 dbd9dd191e9564d7d74aea80a980c271
SHA1 9f6a0448d1e8b7c5f3ae3c4d7cb2deaafe506b60
SHA256 930da1c4342c2b2b291575e9f17636bdca069a0402c2eb01c0209be785be4069
SHA512 2c4927383d659c68f480191829947d7899fb442c100507c65b9751a06a94a5218fe2c370a4dcefa51e377283445d915cfdbd29f41ada7309b122666d9c1bbff4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f4

MD5 3dda883b89b1f31dd1e8e0be2d4250e9
SHA1 ff69000e8307afcb2b4db7d6117b47975f9de06a
SHA256 e60268695e6c66a62ad318850e45954bb22d21f2ae62fe9f0c5490dcb1e69f9b
SHA512 25176c5acc9cf658129508ccc1b7fc8e93777cc59a404caf06a0e0eeb7c10b5276923aa51d56a99ebfd45d9f05b16f598794fb31ea0aa39565770b3c3b8c8c43

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b6fe1f1c79bdf532dadf10736b484275
SHA1 8d860f7bc18c246bfcf6c8783eb911c71d8dc60e
SHA256 e8f3bcc33ed2c244f8453e04e890f3f0936771b9c8fdfc212cd3c5be88a138bb
SHA512 eecec7020fe53644d9f0c6684e8391bdf122a290836243de39a4f37c73e5def145290e08831511a97de9b54f3f3322423536f7b94f5f38939c2b0dc5abfcf9d6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a04753099d25555c6963b3b326e66e42
SHA1 3b862fc3985060de7953019045d7517126e53f72
SHA256 309316f49eebf0d499910a8c28588fbde5ea0eb12168e7a900ffed91c44bc241
SHA512 19e3a581542ce9a29dacc20a684467531bf60f76c5b37d361e186a9832a9b04b597698b57b13abfb91877b4c8f930e398ec6ce88412db371ea6c264c1ff9c810

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 b55b4eabfbdbdeead762649872ab3e12
SHA1 6795e83dc885c7017dbfba620c4aa13705e75e82
SHA256 b21a9583a8ae6621c862c2fc83c22246756ca919a43bbb975f55348fbcfebfab
SHA512 f035adf37228300c88e85d7b257099d2413919ffae0c9d23978de584d20490ff5fc8d1584a9ef848b1270c7f32fed54024395e133a5b6b02320ca1aa689b1758

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4f793dc8ff1f475ba0c70c57e60fe92b
SHA1 4a2bd1d3e117ca8d1f19e23174ca63e9c2165648
SHA256 2b363bfbedfaf802c6b3f9f70e334c1630b00c007fd054d869b12d465648e2b5
SHA512 e1937142ed29bb464411e02afb58b1400192961dc4d84b70de7a36a528aee5d6fb8c160c727540b806a4d39d35c950687ba37a2058e8f359f2801e42a07b58e9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe641bc6.TMP

MD5 ac8c2f51fa75274d56d41550423aa4a7
SHA1 c868b0a40978ff6f6b39dac45248290ac5a760ef
SHA256 29754d3a768a5d60bc586cf548e7ac00f664bf6f1ef32b943f001bb7f04b27ca
SHA512 06056731ed12a7f09b8bb8edd2baca316b0e8e0ab7be21c41e0100f0d7bfc7a0b49f40eaa04d3ce4acf917d53bc72eeb283b1ebfb40e6b2b43ddb3ef6a3645b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 edd568c828343a6943e8d1339c9cc8f9
SHA1 5c641cb5e338518dd6539fac00f5c761953bc9a2
SHA256 6b3ab40ff0f2075bcf0d1188b90bf7dbef6b4e1d4d2e685e78241b5adc2d7f54
SHA512 4f7f93e0960e3b407b519aca433efd89a1bc60b17d5be0f0ed66398f69a9fe6f58c80dd58d69b8c2a470ae933414856750d5f9f24fc8b9eadc9e4db57c5e4a81

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c47511ad4e8b52ed9c90653f3899e8f7
SHA1 a25a9fa54956c0aa3578222cffb76fc0647a7ce5
SHA256 8fc33f6871aff4a18a62324e53cf172c18bb021f2591c22e13429af686ae85ef
SHA512 69e6cd5cb3328ad7d6457b132e04ec875d242364d9a11b04787be65bc44fe58ada3b9ff2340df8d8c57f4998b3555d0d7cb9fccde7705376a573796d38295ce1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\f6798a82-c810-44ec-b142-d049d57ea067\index-dir\the-real-index~RFe642ffa.TMP

MD5 3d4ea9b2a3678bd497782c4f83a001e9
SHA1 50ed285bb0b19b5d7de1bb27e6734ec00ba7976c
SHA256 7fbe9c76768d7e3b5fca2fb859bee0f7040488e422410c145c9ae7fc9fc6fa1a
SHA512 ae017b14c538ff2b6bd3ee89e1e6391ba4e24f109db989261fb2b17f91af5ee7c87ddd985b4083a3858e2bb8c50a8a8bcb27805e0686c4dcefe06882e702c45e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\f6798a82-c810-44ec-b142-d049d57ea067\index-dir\the-real-index

MD5 6aa91eb97ba93423d97f09732ec3e013
SHA1 035cadea9592efb68dbee7a46c2d4975d68118d3
SHA256 13f2f298fc25a6c9db76133ad7ef13c253222cbe70f501c6523777fd32c5d8f3
SHA512 f733fbbddb5df2dde8caa2450cb8ce29c21879ebd8f2a05de03e3c8c61782d09490ff63111e44a3ed532e4f27734841cc6fd077c257cb0c6959dd95d32dc8af4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 29f3ad0711792140f9d74be2e0744b5a
SHA1 ea9b17928b3b2558f7bf2093ace91858bf6f4a9f
SHA256 056ae35733925c6021604e70924e838e374f10f975f815fdf0530ed2dc7f0f0d
SHA512 171d5e6004d27d40d309e80280cf4c2afe7958e71180174082c2af75c1e5f664cd192ab5edec333401c167ae0042864c2d38054adf1d9b6184dc7f0533862d48

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\1733cf4d-0538-4d29-b641-aae4fab658fd\index-dir\the-real-index

MD5 6c787f50eee9a0a1f944afffa5676f54
SHA1 88270c4188da15839cf7a5a8a6333f6f3a47898f
SHA256 adeef4d9bd591bb0ca75d60dcb5e489583856f84c19165b371328abdd4aeeade
SHA512 90f995b44acd15279edea184f8d910931b42fa77a9aa994e096061a1f40e4d9da66fb5d97e51f043d336b504b7c6a052dcd798188bfdae7f90c53b77172b0ef3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\1733cf4d-0538-4d29-b641-aae4fab658fd\index-dir\the-real-index~RFe645535.TMP

MD5 e7027f890dbcf397f34d54f1e8220652
SHA1 976a76723f3df4f431503a1be06512eb5b8e1021
SHA256 e68e332846dae473906ba3c2a75bbbb35ee2b0c3cd411e54f450f9d5298bcb09
SHA512 499c311d5cd832b9f129aeabdce35a1bb503cfe3a89c08cf1d5d376a9289ef27ea9900ed256f85f5882b92e48bec1226bc8a2e8dbb8c4fa957b9947d32bfa2db

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 c8f1c7be4f1ec6a71d878d18895049e5
SHA1 14cb433511c8cd05a564573f26867e304871bcf0
SHA256 c3b7e06531246a5efad725529cfc2d63b3dd38050ff06f1e5a67de2114116e82
SHA512 b9ccaa54369ea3ad372adccadc36e61ee7701ae8bc8903ac8bcda1ba18b665f71b0ff0e7ce8e0c72e075146be33e88eb0dedcc669cb2e589c4e8038cb713a106

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 11b0f58af1ed3a30bda5ab23ceadb8c5
SHA1 da177f50d39bad7a4ddaefaea9fcb9a388926da0
SHA256 9d4aac4fa9168f27e8144afeb0711626ebd7696cfa4c50bc24ad0ec8caeb235a
SHA512 61099cd2d8708d70c435d6a6c522bc005e44052643d6a1f1ffeba6aedbe8ba8952b022d46d2977cf7a05693ead866b90b92bed703739bd328e4e7346d8f95da7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 41ce9712771157bb421cf47b5a4fc450
SHA1 000a77323d17856d5b5e67846d32e250c440d6e8
SHA256 88eb17e9468c0dfb3e3d49f0f03d34e27e03b695b9162bdba8ec386cc09088a8
SHA512 51abf65d133d55bdb142e09171024c35928ea8ac03ceee5596bbca574aa52803b056b35a951cc0a1e6e62d0018fc2d35358025085c110c419aacef113a9f8ad8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 17fd889b07d0579f1490d245abc900b5
SHA1 1e4fb705aecfd5ef1c49116346586bb43aad933b
SHA256 e29b73bd1fbed949fc842508da20f548a53f984e1411ed039735a2a0abaf56ee
SHA512 1860263d5e0019997eec5435ee0172452d6ff8c7db7ac07aa972f0cb6bb6d7109816d71a20b6df3beec2c4bcba02b99e7efb5bff06ad4600c6759a9e517f4aad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bd1d1f66cb9202caf423e320ad0b1977
SHA1 32ad3f433d19a411a6601dab20cc1217703f29fc
SHA256 9e806a9031a2d7a74871e9a2499fe1327752e7dc9717c310288f7c1c79390a51
SHA512 a60d6d707d5fd075d458659497b82848f2c9bec7d0b112c743239ae63ae7f1eccf44062f9e1f4f93c029b023ba7c66a8e01e16a101f92342b36c00a3cfff7535

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 545d8634ce307febdd5695e507526c5e
SHA1 a53a590c522d77df1f14755f636a09209fca816e
SHA256 2f2b748ad7945df983a3e1f6608fa11d4589f59c56b1d3c3e05590399b2e0ae6
SHA512 fe39dd3b960af320eb3bfa8d0317a94a4a2437a6f42af09f6cba5a3001f3186d10cc9dee1528626ef408c79f8e5c182f2b98acf40b4522d3b4641b9c01e31177

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8f168359f80e9bf08011b49e24c692e7
SHA1 75c27c9502e5571a88b14edd432cbb0999bca0eb
SHA256 3b34bd8f23d8c563868cb91ae3a67ad7ae07a909fdf1c08f8a1c3b84a68db562
SHA512 657498d4f733f17e4027a2a82c958efa1d960e192d570d9677fefcbd0e324a513c7271f53983dc75991fb13f68cce3259d1604e49b4202e2d6737adab3806d95

C:\Users\Admin\AppData\Local\Bloxstrap\Settings.json

MD5 8c163da85c0ef3babf7d0cdde874769b
SHA1 797b04679be2a8d4150115170a4b35ca58001b4b
SHA256 d4751e0899e6e73e934a5297e69cb57dd31752415fbbeaa14a2010ce608c4cb1
SHA512 88155cc76ea4d2dd60e0d4141405cc5b405d208b9fcf037530b3750d7b482c9c09d8e71d8add68af3500f6bde5689e7d2489c7e8d88cf3440677dc390ee06037

C:\Users\Admin\AppData\Local\Bloxstrap\State.json

MD5 8b27cee9c476962defc25c21dbd71023
SHA1 b1ef19d192cdedb0d1c78b20c02dbd7bc22294cf
SHA256 2d8e3e4dff459bdb5f8055567cd9a1f796001ebefd828af00daf48327ce09738
SHA512 521351b23014fe4e2121182b672bda0e8eff08d449f7a7a6735792eceba4c877ba414e9f70ec03c5f95998ac75045043dac6620b0cfb85eb277394e65cee651d

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.187.41\MicrosoftEdgeUpdateSetup_X86_1.3.187.41.exe

MD5 a9ad77a4111f44c157a1a37bb29fd2b9
SHA1 f1348bcbc950532ac2b48b18acd91533f3ac0be2
SHA256 200a59abdeb32cc4d2cec4079be205f18b5f45bae42acb7940151f9780569889
SHA512 68f58a15ef5ba5d49d8476bee4a488e9a721f703a645ddd29148915d555ca2eb451635c3b762e5a0f786d69bb5cba9bffac3eeee196f1ec7ad669e2d729fe898

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 44c43195d873013747662665cd2c763c
SHA1 189784b1659239d26656f2cc1b9bac47a278d79a
SHA256 cbabe76d63132b2ffd1d1c86d1d09ea414d953f91f22c5ad4fffe7f94b419cdc
SHA512 eb104c16f808893e60fbdb5e0fae2e0ee2e742892dcade7c611b7361d86286dfb00919050746f63c5a400637a6e4fdd1e560a62d004faee4e1e9e4e312c95dd8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ed210147a53f6f6a9e7b15328ff511dd
SHA1 ef59c918c87ce9623d4b3ffa24142937259b52fd
SHA256 1597b42e8609d21aefe69588c4c78f8c49ece1065370fbbc60f2ae6b95edd0bb
SHA512 d1a0a99772a15004d0b78a99a865a5e04efff341d7cc2a27cd8d2e8810e34c5b1977fe0e76e14b4c54289ccc9abcef466d652c7a3911c1bffef555aef8b936f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 dda2ad01009d73f41e8a511833c385af
SHA1 9b48a9c6cfa88a71627ead2b8d3e57c2014f5912
SHA256 22057455346bce1c01be4ac1a921e422705a21728c1b910f956782461d59feaf
SHA512 596055eca5d53360eaf1d1b6fa2d0802b9074a3ccc465eed21283c41b9940891d857089c8fdebde0de3087ee4e413dcf6c73f3cae79dcb3cab4edae9e1c37b34

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ca415f9799690da5ba3609b4b0810d1c
SHA1 4b4476194fa8bfd29bc060ba4d1cbab36b76c430
SHA256 e930cb8a90a36ca240f49cf3c93a91ff4cfeffda3dca59c0bb8a18ca01a2836e
SHA512 275ce06d369018573596da6dc076967e920a59bcc5163f45b6cb55de6876368b6c42f54eb3487d7e15b406b74832061923e5b1de47284ec6ee6ab6a9edee051d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0bcf190ac1ba000246ac44b60a30142f
SHA1 72c18cd57d2877273497fc0a21b59a86c12b916e
SHA256 c7721ca1d6b8641b6d851d532815e23684935272f2920b0e6be93aed31546230
SHA512 40f43bb9daa8ebe2787e68e0a79430020e076535faf237b6e25b862f60a61d06ad581ecb52413ee25cc6c6a86a64965441576f99c83b559f4019d45f244e61fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000055

MD5 71c6e4dcb559033bffb685bfcac9213a
SHA1 25f961c9654c8b6ebdb65fc84b3e218fba9fe9fe
SHA256 77dcc1c86b052027db7eeeec2d6bad3d899360ca512a5c8ff38db272e9cee5c9
SHA512 f7065427eab4f90046446685101518f036d4472bafa41da4d0c80f30e3accb19d90f29c0483ff7b95a8282d1ef68b60457818e4c1457d307208b56d536e9ac68

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 b88e1e27c1c145cbef9acdc19db940c2
SHA1 6f8142184886bb5e9869444e11e622aa94eb2e63
SHA256 2eddb8cfe5b07068ffd80c723b4e82f61daca661f891dd412de6eefad285a5af
SHA512 9334662ed3426ea73700376dd577374ec912acf35fb439f2948aca69e1f370406b1d539d3daf08590afd199564f4d42df1f2798fe160cc4c9fc84e82e5490501

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00010e

MD5 588ee33c26fe83cb97ca65e3c66b2e87
SHA1 842429b803132c3e7827af42fe4dc7a66e736b37
SHA256 bbc4044fe46acd7ab69d8a4e3db46e7e3ca713b05fa8ecb096ebe9e133bba760
SHA512 6f7500b12fc7a9f57c00711af2bc8a7c62973f9a8e37012b88a0726d06063add02077420bc280e7163302d5f3a005ac8796aee97042c40954144d84c26adbd04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 d47bce6393fe2b963a4f70d75f39a667
SHA1 02be76429c7dbebc06cfb02b3093a8be29b5f512
SHA256 0243727b3bb098cf7969be9709540940f27330e95aba1cd617e19d97a23f3726
SHA512 80db06cc21cad05dd97acfbb36edbaed050a8bc4562e313d526d4729af0a76ab843510ca566d6a69b2d922c876f78acbd97ddeb3cc196a8b2fdd32fe32de5332

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1ee657dbc084fbbc499aca41c5f29ab4
SHA1 6b01065e03bbdb1680c9f65de58ec017db296ed1
SHA256 bd0dd7fdd5d481661bde7e1891533ae948e3bd45534c4f63c754f49c2fd175c0
SHA512 50e9557bb63705c9748daf7256da4a88e44803cf56f3b0da581a52768473721ee31f6765c63129c0e6a0bb7e753437f04d52244c7dddeb1b07511c6b2ecd3ded

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 32c307211f94e41fa179983bca0a1560
SHA1 4a4e919788f4a36e26b7ea92f6467797cee6e1c9
SHA256 37851139a4c7e8527828770d2d87465be2e68c8ebcdc847745c046cd19e16be7
SHA512 ed330900314180c05c90a956066740913e6bed824664f42df9ce93afae058b9f895cc7b24c7b31b4cdbd68cfeea4a2c3121eab4f69ca7b5124ac6c930c8d159a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 fc1ca6aa14d5aa9e2f30de2805e23290
SHA1 17222becfbf10f81746ebdaab19f09fc797284cb
SHA256 54faeb9935cb756c5f5500135daeb1e48bd50f5580fcf99a48e998804a8dcac0
SHA512 ac4815e11568d5570c04463e4927dd52c1706e65f9f86bcc5578e44f29de7b5e4da3287a507d957f0686445b395560675ac22f11149ef3f89e364cf4e0f30ed4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 de4551478cd0a0fcdb1468d9fe5b6d8d
SHA1 e6b6995c6cbe9c0847b31208a70377937c3ece25
SHA256 3fbe4bffeea047d02553da1fa79b32709efb9c33b244c3618244fb991f7852d6
SHA512 a17121828f93b1cabeb858664f99d0f1663d4a304bd1f0e7aca3aba2793015911848ef71bd50312ef20cd6977e99b40427deabb756318b4f88ca97c05ef57b98

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 01d6d4a012b813b14b3cb2def9aea3e4
SHA1 7cad324e4fd70dd674f1b393d23f6a059a3255d3
SHA256 52a1be968cc6bf64bd53cc76cfd3fceb3a4ec6d02bb95ca6c37ed3f476dadf74
SHA512 ac620c168ff9c7b2b7d2c5a7e67de2671f99a955789e877fec16fa4954e0e6c46374d02dc3f7aa1dbe540ff602f8d202e1bf1a780f83b22ed8b01808f6dcf8f5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a8f1542b9d5f109fd67f328cfd68070b
SHA1 ee8862dc9762c2d5d96f5f23c2e5339a9bac1500
SHA256 0999a3e0bb1be18d7f288eb5118f8f008a31cd48dcb4f5f7cd06b6db49ad8876
SHA512 3b7642842670bafef6a12723ce8e877c493bfcaf1ce120dc2d692763d6fd43a061d47e8c3a50b080087a9437917b8e8b9c350b2a33328ca6a954d5fa1020a60c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000072

MD5 803f8039e39be49e6868f72e111204b8
SHA1 eee00470cd5d8ef295d1d0868b5365c279155eab
SHA256 7a35d13767a17da230a6a60334a08dfa31255de7acc764f70d220d9b9f1fa24c
SHA512 c735f804e9ad4b177e5605b7105b324659c13f9b5e53db91a998df9d677a9402c45de69aa99a84bc27c668c94db9a3fef5c718fab34c23aff2a20b6a7fd21634

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 c59a2d1def23e375b19183bd8f13be77
SHA1 c56d30420e4a953533ff6a4f85ec8c9fac0393a7
SHA256 6fce864882ae79c055d8363a25f8a04b1d6cede5f7a28c40704a35a3829a24db
SHA512 570a7e305c540b23900a4760610d187a8ca4b4e6b4b4b19d6bef2caad7af7d346a41187dbcea4874a300462105fbaa41a62ffa36954fe20d4d3274085fdb0848

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c14e70e8625bd9751b7ab5eded985572
SHA1 1ba7c1c9e41e7dff64383a026d552dcd7c629437
SHA256 0543ca2ccf3b4b13ae6bd25ebd761c7cdecd8beff67ed5cb5b06fb87bbd4de83
SHA512 97372ee9c33492a97a0abde18876a5d3fa04378aa817be9a83ed696f8a73f148dd5d0104b2454c8522c9e6e3c50f8ddfb96da4bd5b9fb748cd093bb70dda7f5c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3e38d9f3757944bdcc76e36656b5a5b6
SHA1 bf6d75eb020d85330aedf25f470147840c174813
SHA256 177e3b3607488eb7dde9a9a03331006d983be840e53cb4965af98d6bad2428a4
SHA512 fc92c440bd04480b5245d4615add76e60d2d747c73f7c0c09cc7642bf7e2b60913f489daf63dad04e57875aeaa6aef1f6b825a18c8a6a9257430eed400b2c604

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 82ae4f9a8a9335eff702b9a036261822
SHA1 d179035d82abe0d59f09569e45fe9b082238aa2b
SHA256 aac3c7283b845a824634452966bf330b9955d4ee26053657f0da9b2fbb115841
SHA512 f3a90996800dfa77a0cd32f41c31bd76855e4729dc8d2c555be6eecd7d2cf867efe0172499b3dae1f9355ec780331db6e5d4aafd84be3f5605c6a1be852031e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 804395124417a741ba0afa3c1385a446
SHA1 fc5e95589397ee4d9dd87b386df5512f54a7da4a
SHA256 85d879bd6fbd3dc0c64a0ac5b281ab0aa33ef981bb33290067056c28db915e18
SHA512 bda5d78592bc5038f51854a6cc5f6ef6be102dd53a8c4205f597f44083f4ef5b55d15c600674afc82613f4b15967fc4ed7806591f0d6053a84a1b39a84078101

C:\Users\Admin\AppData\Local\Bloxstrap\Modifications\ClientSettings\ClientAppSettings.json

MD5 d1f1fb7b349d896e14a43ffbcbdce12e
SHA1 54402577de8f66bcb845773e317a9d52ed920672
SHA256 f3be8be733e1b5aa3dd75870b4d0cfc11a56e3b76c3d40d765c8c76abed625a6
SHA512 b0569664adde6b97b891f90d890e3b9afd4e8789aee04aae6f475442f0e0609c5329ea8c961f8acc79570a49fae80b6b6be6248d2c862dc65829d3e933d8ae97

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9c1ad9390c3d460269b99e8e35a25675
SHA1 02e05875319063af0ff55b1f3c7ab31adc180cab
SHA256 50299d88914e885c64c435cb0e88a0bae040d676cc86c225d226f9b1683aa447
SHA512 37bf971259a499fae881fc86bd83dcf6c0bb260c048a90fc9da32874b31ee6aae617e8dcdd52464060fc61b651bbc87e1b979e716ce9bb59e844b1d99dbfcb08

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 4b018a0d27c672281d422dff7c76e4a4
SHA1 d87873a893d63183ee3e8c0f6e6ad1e4a9829db7
SHA256 03b33f282e21bcd91b3fcdda22f5cd6e774cfe962cd5cd04ccee958d3fa9bb64
SHA512 32bef403df75b751e25a394eaab95cc852199b720c24cd080485f41c6fa05b538ba93dbe42103278bcce1b7bfa00b2e541a02d56e0d97efa866b45c647faed61

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fcf6a0f30298525a85f588b5e443feb4
SHA1 48ae4d61728010b9d996147d950b8dade5f8cd61
SHA256 9f30130f9f2054453269ebfe511e15d22433497f9b5899a74bc2f53be4d19892
SHA512 13b3294d81dd6a059bf203baaad8ba381418f81935b10d50c94b534d9c9a67ddbd4e868387bc028aa0de783d176080a4b785ff787d8e89813e70805bcc639844